[HN Gopher] Bash HTTP Monitoring Dashboard
___________________________________________________________________
Bash HTTP Monitoring Dashboard
Author : todsacerdoti
Score : 119 points
Date : 2020-12-27 13:04 UTC (9 hours ago)
(HTM) web link (raymii.org)
(TXT) w3m dump (raymii.org)
| krat0sprakhar wrote:
| This is really excellent! I just deployed it to monitor our
| services running in the cloud. Took me all of 5 mins! Thanks a
| lot for sharing!
| cle wrote:
| > only dependencies are curl and bash
|
| This isn't really true, from an strace it also execs cat, wc,
| date, echo, mkdir, mktemp, and rmdir.
| [deleted]
| jandeboevrie wrote:
| Those you might expect on a modern Linux system when bash is
| there (coreutils will be there 99% of the time as well). Not
| all distros ship curl by default
| cle wrote:
| Bash runs on a lot more than Linux.
|
| I ran a Docker container and copied a statically-linked curl
| and bash onto a scratch image and ran it, it does not work:
| $ docker run -it --rm $(docker build -q .)
| /srvmon.sh: line 162: date: command not found $
| cat Dockerfile FROM scratch COPY bash
| /usr/bin/bash COPY curl /usr/bin/curl COPY
| srvmon.sh /srvmon.sh CMD ["/usr/bin/bash",
| "/srvmon.sh"]
|
| I'm not pointing this out to be pedantic. I'm pointing it out
| because there is a common misconception that all these things
| like "date" and "cat" and "mkdir" are part of Bash, but
| they're not, they're part of coreutils and there are
| dramatically different versions of coreutils on different
| installations of Linux, macOS, BSD, etc., and some
| environments (like barebones Docker containers) don't have
| coreutils at all.
| noja wrote:
| This is any monitoring system's check_http
| timkeller wrote:
| Really useful! Is there a way to set multiple HTTP codes as safe?
| jandeboevrie wrote:
| No not in this version. When would that occur?
| bonestamp2 wrote:
| I'm guessing they want to monitor API endpoints where you can
| monitor if the service is reachable but it still may not
| return 200 (ex. if it's not authenticated).
| gpapilion wrote:
| All old is new. There was a monitoring system written in shell in
| the 90s called big brother. Its didn't scale very well.
|
| https://en.m.wikipedia.org/wiki/Big_Brother_(software)
| arminiusreturns wrote:
| Big brother was a life saver for me a few times on small
| projects as a temporary measure. Xymon is the modern fork and
| is still maintained.
|
| Another one that I really liked and even have this crazy idea
| of reviving as a side project mayhaps is Argus (tcp4me)... it
| was written in perl and was my main intro to the beautiful hell
| that is perl. These days though between sensu, prometheus,
| zabbix, and nagios, we really have plenty of good monitoring
| options.
| cemthrowa wrote:
| This reminds me of a throwaway monitoring project[0][1] we made
| for CCDC[2] (a 2-3 day IT security competition with extremely
| limited access to internet resources), long ago. It wasn't
| especially structured / beautiful -- just a bunch of copy paste
| with some HTML slapped around it. But it worked well enough. We
| caught an intrusion / defacement and had restored the site from
| backup before the red team called us to gloat, which was amusing.
|
| (Aside: most of the teams in this competition were from
| IT/sysadmin programs. Our team was entirely computer science
| students, with no formal sysadmin training. We managed to win the
| national CCDC in 2011 and 2012.[3])
|
| [0]: https://github.com/cemeyer/ghettonagios
|
| [1]:
| https://github.com/cemeyer/ghettonagios/blob/master/SCREENSH...
|
| [2]: https://www.nationalccdc.org/
|
| [3]: https://www.nationalccdc.org/index.php/competition/about-
| ccd...
| reacharavindh wrote:
| Nostalgia. I was part of the team that came second in 2012. Our
| fun trick was accidentally marking C: as read only on the
| active directory server. The red team thought we did something
| great that they could not get their payloads in ;-)
| cemthrowa wrote:
| Yeah, lot of nostalgia. We did a lot of random shenanigans
| that might be less viable in the real world. Firewalling
| _all_ outbound TCP connections, moving IIS-served webpages to
| Apache on a Linux server, moving everything off the Solaris
| box and just turning it off. The fact that we even had a
| backup to restore after we noticed the defacement I mentioned
| earlier was a fluke.
| UI_at_80x24 wrote:
| This is awesome! I've been thinking of doing something like this
| myself lately. I've mostly done CLI output when testing sites,
| but a GUI like this is enough to keep the management happy.
|
| Related; here's an alias that I frequently use:
| alias hstat="curl -o /dev/null --silent --head --write-out
| '%{http_code}\n'" $1
|
| Example:
|
| $ hstat www.google.com
|
| 200
| yegle wrote:
| Here's the command I use: curl -s -w 'Testing
| Website Response Time for :%{url_effective}\n\nLookup
| Time:\t\t%{time_namelookup}\nConnect
| Time:\t\t%{time_connect}\nAppCon
| Time:\t\t%{time_appconnect}\nRedirect
| Time:\t\t%{time_redirect}\nPre-transfer
| Time:\t%{time_pretransfer}\nStart-transfer
| Time:\t%{time_starttransfer}\n\nTotal Time:\t\t%{time_total}\n'
| -o /dev/null https://google.com
|
| Here's the explanation of each timestamp:
| https://blog.cloudflare.com/a-question-of-timing/
| 1vuio0pswjnm7 wrote:
| no curl, only bash hstat(){ exec
| 3<>/dev/tcp/$1/80; echo -e "GET /
| HTTP/1.1\r\nhost: http://$1\r\nconnection: close\r\n\r\n" >&3;
| sed -n '1s/^HTTP\/1\.[01] //;s/ .*//;p' <&3;}
|
| no bash, only busybox hstat(){ echo -e "GET /
| HTTP/1.1\r\nhost: http://$1\r\nconnection: close\r\n\r\n" \
| |busybox nc $1 80|busybox sed "1s/^HTTP\/1\.[10] //;s/
| .*//;q";}
___________________________________________________________________
(page generated 2020-12-27 23:01 UTC)