Predefined check types reference¶
Infracheck comes by default with some standard checks, there is a list of them:
http¶
Performs a HTTP call using curl.
Example:
{
"type": "http",
"input": {
"url": "http://iwa-ait.org",
"expect_keyword": "iwa",
"not_expect_keyword": "Server error"
}
}
Parameters:
- url
- expect_keyword
- not_expect_keyword
docker-bahub¶
Monitors RiotKit’s File Repository “Bahub” API client for errors.
Parameters:
- container
docker-health¶
Checks if containers are healthy.
Parameters:
- docker_env_name (it’s a prefix, to check only containers that names begins with this - idea of docker-compose)
port-open¶
Checks if the port is open.
Parameters:
- po_host
- po_port (in seconds)
- po_timeout (in seconds)
replication-running¶
Checks if the MySQL replication is in good state. Works with Docker only.
Parameters:
- container
- mysql_root_password
free-ram¶
Monitors RAM memory usage to notify that a maximum percent of memory was used.
Parameters:
- max_ram_percentage (in percents eg. 80)
domain-expiration¶
Check if the domain is close to expiration date or if it is already expired.
Notice: Multiple usage of this check can cause a “request limit exceeded” error to happen
Suggestion: If you check multiple domains, then separate domains checking from regular health checks and set CHECK_INTERVAL (docker) to once a day, and WAIT_TIME=300 for non-docker installations - in crontab set a check with –force once a day
Parameters:
- domain (domain name)
- alert_days_before (number of days before expiration date to start alerting)
ovh-expiration¶
Checks if a VPS is not expired. Grab credentials at https://api.ovh.com/createToken/index.cgi
Required privileges on OVH API: “GET /vps*”
Parameters:
- endpoint (ex. ovh-eu)
- app_key
- app_secret
- app_consumer_key
- service_name (ex. somevps.ovh.net)
- days_to_alert (ex. 30 for 30 days)
ssh-fingerprint¶
Verifies if remote host fingerprint matches. Helps detecting man-in-the-middle and server takeover attacks.
Parameters:
- expected_fingerprint (example: zsp.net.pl ssh-rsa SOMESOMESOMESOMESOMEKEYHERE)
- method (default: rsa)
- host (example: zsp.net.pl)
- port (example: 22)
ssh-files-checksum¶
Calls remote process using SSH and expects: the listed files and checksums will be matching
Parameters:
- user (default: root)
- host
- port (default: 22)
- private_key
- password
- ssh_bin (default: ssh)
- sshpass_bin (default: sshpass)
- ssh_opts (example: -o StrictHostKeyChecking=no)
- known_hosts_file (default: ~/.ssh/known_hosts)
- command (default: uname -a)
- timeout: (default: 15, unit: seconds)
- method (default: sha256sum)
- expects (json dict, example: {“/usr/bin/bahub”: “d6e85b50756a08e24c1d46f07b68e288c9e7e565fd662a15baca214f576c34be”})
ssh-command¶
Calls remote process using SSH and expects: exit code, keywords in the output
Parameters:
- user (default: root)
- host
- port (default: 22)
- private_key
- password
- ssh_bin (default: ssh)
- sshpass_bin (default: sshpass)
- ssh_opts (example: -o StrictHostKeyChecking=no)
- known_hosts_file (default: ~/.ssh/known_hosts)
- command (default: uname -a)
- timeout: (default: 15, unit: seconds)
- expected_keywords (Keywords expected to be in stdout/stderr. Separated by “;”)
- unexpected_keywords (Keywords not expected to be present in stdout/stderr. Separated by “;”)
- expected_exit_code (default: 0)
reminder¶
Reminds about the recurring date. Example: To extend validity of your hosting account
Parameters:
- ref_date (example: 2019-05-01 for a 1th of May 2019)
- each (values: week; month; year, default: year)
- alert_days_before (default: 5, the health check will be red when there will be 5 days before)
load-average-auto¶
Checks if the load average is not more than 100%
Parameters:
- maximum_above (unit: processor cores, default: 0.5 - half of a core)
- timing (default: 15. The load average time: 1, 5, 15)
load-average¶
Checks if the load average is not below specified number
Parameters:
- max_load (unit: processor cores, example: 5.0, default: 1)
- timing (default: 15. The load average time: 1, 5, 15)
swap-usage-max-percent¶
Defines maximum percentage of allowed swap usage
Parameters:
- max_allowed_percentage (default: 0.0)
postgres¶
Uses pg_isready tool to verify if PostgreSQL is up and ready to connect.
Parameters:
- pg_host (hostname or socket path, defaults to “localhost” which will use local unix socket, use IP address eg. 127.0.0.1 to connect via tcp)
- pg_port (port, defaults to 5432)
- pg_db_name (database name to connect to, defaults to “postgres”)
- pg_user (username, defaults to “postgres”)
- pg_conn_timeout (defaults to 15 which means 15 seconds)
postgres-primary-streaming-status¶
Verifies if local PostgreSQL instance is currently serving WALs to a specified replica. The SQL command that is validated: select * from pg_stat_replication;
Parameters:
- pg_host (hostname or socket path, defaults to “localhost” which will use local unix socket, use IP address eg. 127.0.0.1 to connect via tcp)
- pg_port (port, defaults to 5432)
- pg_db_name (database name to connect to, defaults to “postgres”)
- pg_user (username, defaults to “postgres”)
- pg_password
- pg_conn_timeout (defaults to 15 which means 15 seconds)
- expected_status (defaults to “streaming”)
- expected_replication_user: Expected user that will be used for replication connection (defaults to “replication”)
postgres-replica-status¶
Checks if local PostgreSQL server acts as a replication server, by validating the list of active wal receivers. The SQL command that is validated: select * from pg_stat_wal_receiver;
Parameters:
- pg_host (hostname or socket path, defaults to “localhost” which will use local unix socket, use IP address eg. 127.0.0.1 to connect via tcp)
- pg_port (port, defaults to 5432)
- pg_db_name (database name to connect to, defaults to “postgres”)
- pg_user (username, defaults to “postgres”)
- pg_password
- pg_conn_timeout (defaults to 15 which means 15 seconds)
- expected_status (defaults to “streaming”)
- expected_replication_user: Expected user that will be used for replication connection (defaults to “replication”)