SSH Check with Content String Matching

NodePing is happy to announce the new SSH check. In its simplest use, the new SSH monitoring provides a real SSH connection for monitoring those critical SSH services, but our check can do much more than that.

Not only can we monitor the availability of your SSH services on any port, but we can also optionally have the check log in and verify the presence, or absence, of a particular string in the login response. Pairing the SSH check with a login script makes it much more powerful and flexible. With it, you can monitor much more than SSH.

In the example below, we’re going to set a login script that checks server load, available memory, and disk usage. We’ll use its simple ‘PASS‘ or ‘FAIL‘ output to trigger email and SMS alerts from NodePing when the 1 minute load average goes over 4.0, when available memory drops below 50MB, or when the disk becomes more than 90% full.

The script is a simple BASH script that relies on commonly installed programs like ‘top’, ‘free’, and ‘df’ to determine the ‘PASS’/’FAIL’ status for each of the things we’re monitoring. It’s not the prettiest thing, but it seems to work well on an Ubuntu server.

#!/bin/bash
# Load average limit
# A quad-core server may be maxing out CPUs at 4.0
LOADLIMIT=4;
# Free memory floor in MB.
FREEMEMLIMIT=50;
# Disk usage in percentage, but without the percent sign. 
DISKUTILIZATION=90;
# Path to the disk partition you want to monitor.
DISKPATH='/dev/sda7';

LOAD=`top -n1 | grep 'load average' | awk -F" " '{print $12}'`;
LOAD=${LOAD:0:4}
LOAD=`echo "$LOAD > $LOADLIMIT" | bc`
if [ $LOAD -eq 1 ]; then
echo "LOAD:FAIL";
else
echo "LOAD:PASS";
fi

MEMUSAGE=`free -m | grep '^Mem' | awk -F" " '{print $4}'`;
MEMUSAGE=`echo "$MEMUSAGE < $FREEMEMLIMIT" | bc`;
if [ $MEMUSAGE -eq 1 ]; then
echo "MEM:FAIL";
else
echo "MEM:PASS";
fi
DISKSPACE=`df | grep "$DISKPATH" | awk -F" " '{print $5}'`;
LEN=`expr "$DISKSPACE" : '.*'`;
LEN=`echo "$LEN-1" | bc`;
DISKSPACE=${DISKSPACE:0:$LEN}
DISKSPACE=`echo "$DISKSPACE > $DISKUTILIZATION " | bc`;
if [ $DISKSPACE -eq 1 ]; then
echo "DISK:FAIL";
else
echo "DISK:PASS";
fi
# logout right away
# This SSH user is restricted for security purposes
exit;

We saved this script as ‘mylogin.bash‘ in our user’s home folder and then edited the /etc/passwd file, replacing the shell ‘/bin/bash‘ with ‘/home/testuser/mylogin.bash‘.  Don’t forget to make the script file executable with something like

chmod 0755 /home/testuser/mylogin.bash 

Now when our test user logs in, we see something like:

Last login: Thu Apr 12 22:41:33 2012 from 127.0.0.1
LOAD:PASS
MEM:PASS
DISK:PASS
Connection to 127.0.0.1 closed.

It’s the response text above that will be checked against our user defined content string. In our SSH check configuration, we’ll set the ‘Content string‘ dropdown to ‘Does not contain‘ and type ‘FAIL‘ in the text field.  Now when NodePing’s probe servers login via SSH and find the word ‘FAIL‘ in the response, I’ll get a notification!

But the notification just says that the SSH check failed. We won’t know what failed.  It could be the load, memory, or disk.  Instead of logging in to see, I’ll be lazy and create three separate SSH checks, all with the same host and login information, but have one check for the string ‘LOAD:FAIL‘, another check for ‘MEM:FAIL‘, and the other ‘DISK:FAIL‘.  I’ll label the one that checks the load average a nice informative name like “Load Average on test server” and the other checks something similar. Now my SMS notification say something like “SSH Check failed for: Load Average on test server“, letting me know exactly what’s failing.

NodePing provides 1000 checks run at up to 1 minute intervals for only $10/month so you’re running out of reasons not to monitor everything. If you don’t have a NodePing account yet, sign up for our free 15-day trial and kick the tires.  We think you’ll like it.

The above example is fairly simple.  You can write your own login scripts in Node.js, Python, etc to check statuses for databases, VPN connections, virus definition updates,… dang near anything!  You can find information on how to configure your SSH checks in our documentation.

How will you use the new SSH check with content string matching?  Let us know in the comments below.

Follow

Get every new post delivered to your Inbox.

Join 31 other followers