PortCheck vs NetSvc (user-agent)

Started by Marco Incalcaterra, August 01, 2017, 10:19:50 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Marco Incalcaterra

August 01, 2017, 10:19:50 AM
Hello!

Is it possible to add user-agent (best would be the possibility to customize it) to the request sent by portcheck or, maybe better, use netsvc subagent to send request when using network services?

Sending the request without user-agent will cause the reject  from firewall adopting OWASP rules (specifically in OWASP 2.2.9 the rule crs_21_protocol_anomalies: 960009 Request Missing a User Agent Header).

I currently prefer the possibility to have a network service because I can add services to "fake" nodes and get the info regarding network service status tied to the node (e.g. when sending "generic" email), If I add the request as a DCI I need to add it to a "real" node and I don't see this possibility of customization (info such as node name is tied to the node where the DCI is added).

Regards,
Marco

Tursiops

#1
August 02, 2017, 05:19:03 AM
Hi Marco,

Not sure about the other parts in your post, but you can add a DCI to a fake node, as long as you select a real node as source inside the DCI?

Cheers

Marco Incalcaterra

#2
August 02, 2017, 08:49:18 AM
Quote from: Tursiops on August 02, 2017, 05:19:03 AM
Hi Marco,

Not sure about the other parts in your post, but you can add a DCI to a fake node, as long as you select a real node as source inside the DCI?

Cheers

You mean to set "Source node" (general tab of DCI) as the node that should perform the poll?

Regards,
Marco

Tursiops

#3
August 03, 2017, 01:32:06 AM
Yes.
I've done that for some DCIs, e.g. created DCIs on a disk enclosures that itself could not be monitored directly, then set the source node to the server the enclosure is connected to. That way I can easily see which disks are in which enclosure (the instance discovery filter script I'm using checks for the enclosure id for this purpose).

Cheers

Marco Incalcaterra

#4
August 03, 2017, 08:32:35 AM
Quote from: Tursiops on August 03, 2017, 01:32:06 AM
Yes.
I've done that for some DCIs, e.g. created DCIs on a disk enclosures that itself could not be monitored directly, then set the source node to the server the enclosure is connected to. That way I can easily see which disks are in which enclosure (the instance discovery filter script I'm using checks for the enclosure id for this purpose).

Cheers

Hello Tursiops,

Although with this solution I cannot use the response time calculation (as per my understanding is not available in the NetSvc subagent), your suggestion solved my problem for the reachability of the https endpoint and that's great for the moment  :)

Thanks a lot.

Regards,
Marco
Print
Go Up Pages1
User actions