Check Webserver that is hosted somewhere else

Is it basically possible to check a Webserver (with a https service) that is hosted by a 3rd party?
It’s our website, but located outside.
Because I want to check https://our-company.com but the webserver itself is not maintained by us.

Or is it strictly always necessary to install the checkmk agent on a host for a https check?
In Conditions > Explicit hosts, I would not know what to type in here as a hostname …

No, it is not strictly necessary to have the checkmk agent installed. In the host properties in section monitoring agents select “no api integrations/ no checkmk agent” for that host. Then you can configure as many active checks like HTTP as you want without the agent being queried.

alright, thanks. And is my configuration improvable, because the check tries to ping the external address

check_https_4

Well, if PING is prevented by the provider via a firewall, then it becomes difficult. About the services “HTTP, TCP, etc.” you can make their settings, what you like to monitor. Such as whether the page is present, etc…

that’s my intention. I want to use “Check http service”, but the firewall blocks the ping aka ICMP.
I don’t know why a ping is here necessary… but can this be adjusted somehow, w/o changing the fw rule?

If you have not other service configured for this host then the system automatically creates a ping service. Define one other active check and the ping service is gone. Only if you have not also configured somewhere a ping service as active check :wink:

1 Like

thanks Andreas. So I tried to create a new DNS service check on that host. But unfortunately, and I don’t know why, even that is successful. I’ll show my configured DNS check properties.
This new DNS check is your suggested active check I should create (to my understanding :slight_smile: )

By the way, I tried to create another DNS check, but same result, it ends with same error “CRITICAL - Plugin timed out while executing system call”. The implementation looks simple, but I must admit, whatever I try, I can’t create a positive DNS check.

This configured active check tries to query the host “silicon-austria-labs.com” if it can resolve the name “silicon-austria-labs.com”. Is this a DNS server? If not, you need to configure also the option “DNS Server”.
Then it should work.

so true. I had to explicitely set our internal DNS server. Thanks!

so back to my question. If I want to create a https service check, on a webserver where no checkmk agent can be installed, and no ping can be done to that server (firewall rule) …

  1. first I must create a new host, with “No API integrations, No checkmk agent”
  2. then I must create an explicit active check (like DNS) tied to that host
  3. and then I can create finally this https service check

Correct?

thanks

It should be enough to remove point 2 as the active DNS check is the same for the system as the active HTTP check.

Hallo,
1)
ping as explained
2)
check one ore more pages for expected content
3)
use robotmk to check response-times for up and downloads or other important actions like buying something or login into a proteced area.
Ralf

Meanwhile I managed to have an https service check, and a DNS check on the webserver - both are OK. Thanks to all for their help!

But the created hosts itself, the one which I created with “No API integrations, No checkmk agent” is permanently marked as DOWN, and is flapping. That’s interesting.

See the picture

Here is the All hosts picture

check_https_6

How can I detect the root cause for this?

That is because the IP of the host does not respond to ICMP. You can configure a rule in “Host check command” that tells checkmk to assume the host to be always up.

1 Like

nice. Did that, now the status is OK. Thanks for that!
It’s just about how to configure checkmk :slight_smile:

I know you could resolve your issue with the last answer r.sander send you, but i want to make an addition:

Instead of setting the “Host check command” to always assume the host is up, think about setting it to the result of one of your service checks, e.g. your check-http-service.

In our setup, we do a http check and sometimes also a login-logout check via webinject to the if the hosted web-application is working like expected and not only the webserver is up and running and serving the correct http code. It depends on your environment which “host check command” you want to use or if you assume the host always to be up.

But nevertheless, as r.sander mentioned, the correct rule for this case is the “Host check command” rule.

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.