[tor-bugs] #33972 [Internal Services/Tor Sysadmin Team]: Add Nagios check for CollecTor

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Apr 27 19:29:31 UTC 2020 

#33972: Add Nagios check for CollecTor
-------------------------------------------------+-------------------------
 Reporter:  karsten                              |          Owner:  phw
     Type:  task                                 |         Status:
                                                 |  assigned
 Priority:  Medium                               |      Milestone:
Component:  Internal Services/Tor Sysadmin Team  |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------
Changes (by anarcat):

 * status:  reopened => assigned
 * owner:  anarcat => phw


Comment:

 Replying to [comment:9 karsten]:
 > Thanks for deploying the check! Can you change
 [https://gitweb.torproject.org/admin/tor-nagios.git/tree/config/nagios-
 master.cfg?id=9d70ee6ded7d0048a25242684b41541e010c424e#n1451 this line] to
 `contacts: +metrics`, so that alerts don't go out just to me but to the
 metrics-alerts@ mailing list?

 Of course, consider it done.

 > I'll move away a file on colchicifolium now to trigger the alert and
 back afterwards. Just to see if it's working.

 Definitely got that ring here. :)

 > I'll also look into the parameters and using argparse next week.

 Good.

 > Unfortunately, the check wouldn't work for corsicum right now anyway,
 because that CollecTor instance does not archive all descriptor types. It
 would just keep shouting about timestamps being missing.

 That's fine: the point is to make sure we check on a specific host instead
 of delegating this to DNS or whatever. Keep in mind this means you need to
 bypass DNS while still making HTTPS verification work! It's tricky
 stuff... But since you're already using `urlopen()`, it's possible you can
 implement such a hack.

 > Maybe we'll need to add another option to only complain about outdated
 timestamp, not about missing timestamps. Added to my list.

 No idea about that. ;)

 >  Yup, this worked. One thing I noticed is that the alert says
 "global/collector" whereas the Onionoo checks say things like
 "omeiense/network service - onionoo varnish". Is it possible to rename the
 CollecTor check to something like "colchicifolium/collector"?

 That would be confusing, at this stage: because we do not actually control
 which host we're probing, I prefer to keep the check "global" because
 that's effectively what it is. When we *can* specify the host, I'll update
 the label, if you don't mind.

 Not sure which status to set here. I'll just reassign it to you, feel free
 to resolve. :)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33972#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list