[tor-bugs] #33972 [Internal Services/Tor Sysadmin Team]: Add Nagios check for CollecTor
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Apr 27 16:11:23 UTC 2020
#33972: Add Nagios check for CollecTor
-------------------------------------------------+-------------------------
Reporter: karsten | Owner: anarcat
Type: task | Status: closed
Priority: Medium | Milestone:
Component: Internal Services/Tor Sysadmin Team | Version:
Severity: Normal | Resolution: fixed
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by anarcat):
* status: accepted => closed
* resolution: => fixed
Comment:
the check is now online:
https://nagios.torproject.org/cgi-
bin/icinga/extinfo.cgi?type=2&host=global&service=collector
and it's green.
however, it's not possible to change the target host without patching the
check. i didn't realize that, but it would be preferable to make that
configurable on the commandline.
it *is* possible to pass a host on the commandline, from what i can tell,
but passing the machine hostname fails with a TLS error:
{{{
# /usr/lib/nagios/plugins/tor-check-collector -s
colchicifolium.torproject.org
UNKNOWN: Error fetching
https://colchicifolium.torproject.org/index/index.json: [SSL:
CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local
issuer certificate (_ssl.c:1056)
}}}
the "typical" way this works in nagios is, for example:
{{{
/usr/lib/nagios/plugins/check_http --ssl -H '$ARG1$' -I '$HOSTADDRESS$'
}}}
those parameters are:
{{{
-H, --hostname=ADDRESS
Host name argument for servers using host headers (virtual host)
Append a port to include it in the header (eg: example.com:5000)
-I, --IP-address=ADDRESS
IP address or name (use numeric address if possible to bypass DNS
lookup).
}}}
ie. you would do, in this case:
{{{
/usr/lib/nagios/plugins/tor-check-collector --ssl -H
collector.torproject.org -I colchicifolium.torproject.org
}}}
I'm not sure that's necessary, but I figured I would mention this since
you mentioned collector vs collector2...
A bit late in the review process, but it would be nice to have a `--help`
on the check, and regular (e.g. argparse) usage... ;)
but for now, i guess this is done.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33972#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list