The IPSentry HTTP/s Enhanced Web Monitor provides both Monitoring and Alerting
capabilities rolled into one add-in.
The monitoring features of the add-in provide you with both clear text HTTP and encrypted SSL HTTPS monitoring of web sites with enhanced monitoring functionality such as User Login to secured pages, SSL, proxy and proxy bypass settings, redirection, and form posting.
The alert features of the add-in provide you with the same enhanced functionality as monitoring add-in for use as an alert option to post data to a web site for things such as web based paging, result logging, and other functionality providing flexible alerting options through web based systems.
After selecting to Configure Add-in from the main IPSentry Entry Editor, you will be presented with the HTTP/s Enhanced Web Monitor configuration options.
Enter the complete URL for the content you wish to test.
The add-in provides the option of three standard HTTP request methods which can be used based on your script requirements. POST, GET, HEAD
For form variable posting, you should refer to the "METHOD" attribute of the <FORM> tag in the page you will be simulating to determine whether or not you will be using the GET or POST methods.
<FORM action="/myscript.asp" method="post">
<input name="myfield" value="">
<input type="submit" value="Send" name="Submit">
This form would require the "POST" method and you would want to add myfield and an associated value to the send Names/Values listing.
If you are monitoring information contained only in the server returned headers of the response, you should specify "HEAD" method thereby causing the add-in not to request the entire document.
You may optionally specify a designated "User Agent" if your server is requiring specific information in the UserAgent value passed from client browsers. In most cases, configuration of this option is not necessary.
Simply select or enter a valid User Agent request header in the area provided and click OK. If you are not familiar with User Agent structure, please do not modify.
HTTP v 1.1
Select this option to use the HTTP/1.1 protocol specification.
Select this option in order to allow the test system to accept cookies from the server which may be utilized during server redirects.
Follow Server Redirects
Select this option to allow the monitor to follow any server specified redirects in order to obtain the results required.
Enter the text that you expect to be returned in the document source from the web server. The text may be contained in the header information as well as in the document content.
Example: "</HTML>" would require that the add-in receive </HTML> within the time specified in the Timeout field in order to be considered a successful monitoring action. This is a good option for evaluation of full page HTML retrieval times.
Enter the timeout value (in seconds) that can elapse before the entry is considered to fail.
Connect, Request, and Response must be received within this time frame.
Evaluate SSL Certificate Only
Select this option to bypass normal web checking and only obtain the the SSL Certificate for evaluation.
Return Full Response
This option returns the full content data received during the test in the %IPS_RECV_Fxxxx% keyword. (e.g. %IPS_RECV_F1024% would return the first 1Kb of response data for evaluation. Use of this option is not recommended in most cases. If the data being requested in the URL is large (several megabytes), you will experience excessive delays and data storage requirements to handle and store the result data.
The HTTP/s Enhanced Web Monitor allows several methods of comparing the response data for evaluation.
This option specifies that the expected data must Match or be found within the received content. Select this option to return CRITICAL if the expected data is not received.
This option specifies that the expected data must NOT Match or be found within the received content. Select this option to return CRITICAL if the expected data IS received.
Last Modified Date
This method evaluates the server response header "Last-Modified" to see if the date/time information associated with the file has changed since the last check. If the date/time stamp of the content file has changed, alerts will be triggered.
Dynamic content generated by server side scripts will normally send a different "Last-Modified" header during each request even though the content being sent is identical. This option creates a CRC value on the content received. If a byte of data in the content is different than that received during the last response, alerts will be triggered since the calculated CRC will be different.The Send Names/Values tab contains the list for form fields that will be posted to the URL specified in the HTTP/s Request configuration. These entries represent the form names and values that would be posted by a user submitting a form to your web server.
Click this button to add a new form field / post value to the request.
Click this button to modify the selected form field / post value.
Click this button to remove the selected field value.When you select to add or modify a name/value pair, you will be presented with the Name and Value editor. Enter the form variable name in the Variable Name field and the associated value of the field in the Value field above.
The Security tab allows you to specify secure options such as basic realm or NTLM logon credentials that may be required to perform the operation on the URL. Please be aware that if you are posting logon information to a form on a web page, this is NOT the place to enter that information. The username and password fields located on this tab are for HTTP authentication.
User Name / Password
If the content you are attempting to access is in a secured area on your server, you may be required to send login information ( User Name / Password ) to the server using HTTP Authentication. If you normally receive a login dialogue box when attempting to access the URL entered above, you will need to complete the User Name & Password fields appropriately.
Please note that this login information is not the same as when you submit a web page containing username & password information.
If you must submit a login via a web page (form based), you will need to enter the appropriate field names and values in the "Pass Values" list. The entries in this list must match the names and values exactly as they are referenced on the form you will be emulating.
See Form Posting for more information.
If you are required to make use of a proxy server to access the web site you should complete the following proxy specific fields for this entry. Enter the proxy server DNS or IP Address information in this field.
Enter the port on which the proxy server expects to receive HTTP or HTTPS requests.
Proxy Bypass List
Enter the IP Address space (or addresses separated with ",") that may be accessed without making use of the proxy.
Access all IP Address on the local network: <local>
To bypass the proxy for ALL addresses: *
To bypass the proxy for all IP's in the 10.1.1.x class C space: 10.1.1.*
Proxy User Name
Enter the username required to access the proxy server.
Enter the password required to access the proxy server.
The SSL Certificate tab allows you to specify the attributes of an SSL Certificate for certificate errors as well as certificate expiration warnings and changes.
Evaluate SSL Certificate
Select this option to enable the evaluation of the certificate.
Retrieve Current Certificate Data
Click this button to retrieve the current certificate properties. The properties contained in this response will be used for comparison of the selected filters.
Effective Date Changes
Select this option to trigger alerts if the certificate Effective Date attribute changes.
Select this option to trigger alerts if the certificate Issuer attribute changes.
Serial Number Changes
Select this option to trigger alerts if the certificate Serial Number attribute changes.
Select this option to trigger alerts if the certificate Subject attribute changes.
Select this option to trigger alerts if the certificate Usage attribute changes.
Select this option to trigger alerts if the certificate Version attribute changes.
Certificate Will Expire in [n] or less days.
Select this option to trigger alerts if the certificate expiration date is within the next [n] days.
Expire Date Changes
Select this option to trigger alerts if certificate Expire Date attribute changes.
SSL Verification Error
Select this option to trigger alerts if any error is detected during certificate validation. This option is sensitive to strict SSL protocol standards so something as simple as a server redirect would trigger an alert.
Select this option to have the local cache of the certificate information updated after a change is detected. If this option is not selected, then the alerts for detected changes will continue until the configuration is accessed and you select Retrieve Current Certificate manually.
Raw Result Data
Rendered Result Data
The Result Data tab allows you to view the response data received from the request as configured when you hit the TEST button. The "RAW" tab contains the data received from the server. The "Rendered" tab contains a browser which shows the HTML as rendered. The rendered tab stores the data locally with relative references pointing to the temporary file, so you will most likely see references to items such as images and scripts that are referenced by a relative reference within the HTML.
Client side scripting is NOT executed during monitoring. Any scripting contained in the web page will NOT be executed and therefore you should not depend on scripted redirects, scripted document data, or any other functionality of client side scripting for monitoring purposes.
This includes scripted redirection, title information, etc.
Framed pages are not loaded during monitoring. If you are monitoring a page and want to monitor data in a specific frame, you will need to set the URL to the source of that frame and monitor that page. If you set the URL to your frames page, only the main frame HTML will be available for evaluation.
__VIEWSTATE is not supported. If you are posting data to a .net based website and the back-end requires the __VIEWSTATE variable within the data, you will most likely not receive the results as expected. The __VIEWSTATE value contains information that is specific to user interface, session, and other relative specification of an interactive user. Use of the __viewstate value (and other dynamically generated form values) through a page pre-fetch is planned for the next generation of IPSentry.
META tags and scripts are not processed. For example, if you have a META REFRESH tag in a document, this is not considered a server redirect. Rather, it is a browser redirect. IPSentry monitors the raw data returned and does not process the HTML, Script Code, Meta Tags, etc... The only redirects that are processed are those returned by the server.