HTTP Data collection: Path depth

Hi!

I’m trying to follow the tutorial

to implement monitoring of SAP SCC. Two issues:

HTTP basic authentication: it’s not clear from the tutorial how to get a plain simple HTTP basic auth. Took me hour to figure out (use the source, Luke!) that you just need to pass ‘basic’ like this:
```
"authorization": {
"basic": 1,
"username": "%(constants.username)",
"password": "%(constants.password)"
},
```
I would add it to the original post, but the comments are locked. Please add it, so people save a lot of time.

Path depth. SAP will respond with a JSON of this type:

{
  "subaccounts": c
    {
      "description": "SAP BAS",
      "displayName": "SAP BAS",
      "tunnel": {
        "state": "Connected",
        "connectedSinceTimeStamp": 1720773876375,
        "connections": 0,
        "applicationConnections": c],
        "serviceChannels": a],
        "subaccountCertificate": {
          "notAfterTimeStamp": 1749540416000,
          "notBeforeTimeStamp": 1718000816000,
          "subjectDN": "CN=B0CADA20E31311EBBF8AD3BE0A31F20A,L=35319f63-2ec5-4a96-a3e2-6b8c1c14367f,OU=edca892d-9bfb-4aae-aafd-f4c5aa10bd4e,OU=SAP Cloud Platform Clients,O=SAP SE,C=DE",
          "issuer": "CN=SAP Cloud Platform Client CA,OU=SAP Cloud Platform Clients,O=SAP SE,L=EU10,C=DE"
        },
        "user": "user@notyourbusiness.com"
      },
      "regionHost": "cf.eu10.hana.ondemand.com",
      "subaccount": "35319f63-2ec5-4a96-a3e2-6b8c1c14367f",
      "locationID": ""
    },
    {
      "description": "",
      "displayName": "CALM",
      "tunnel": {
        "state": "Connected",
        "connectedSinceTimeStamp": 1720775091197,
        "connections": 0,
        "applicationConnections": c],
        "serviceChannels": a],
        "subaccountCertificate": {
          "notAfterTimeStamp": 1733323959000,
          "notBeforeTimeStamp": 1701697959000,
          "subjectDN": "CN=B0CADA20E31311EBBF8AD3BE0A31F20A,L=882afc82-327b-4368-8588-dd6086ac0370,OU=edca892d-9bfb-4aae-aafd-f4c5aa10bd4e,OU=SAP Cloud Platform Clients,O=SAP SE,C=DE",
          "issuer": "CN=SAP Cloud Platform Client CA,OU=SAP Cloud Platform Clients,O=SAP SE,L=EU10,C=DE"
        },
        "user": "auser@notyourbusiness.com"
      },
      "regionHost": "cf.eu10.hana.ondemand.com",
      "subaccount": "882afc82-327b-4368-8588-dd6086ac0370",
      "locationID": ""
    }
  ],
  "version": 1
}

I tried to get the values with this code:

        "parse":  
          {
            "name": "Entries",
            "type": "body",
            "path": "$.subaccounts",
            "entries": e
              {
                "id": "displayName"
              },
              {
                "id": "regionHost"
              },
              {
                "id": "tunnel.state"
              },
              {
                "id": "tunnel.subaccountCertificate.notAfterTimeStamp"
              },

              {
                "id": "subaccount"
              }
             ]
          }

It will get the tunnel.state, but not tunnel.subaccountCertificate.notAfterTimeStamp. As I understood the code (use the source, Luke! Again), it allows only one step of siblings, which is also not mentioned anywhere. Is it possible to modify the code so it recurses down the path?

Except for these: Great tool! Looking forward to use it more.

Thanks guys!

Page 1 / 1

Hi @derEdu,

I will consider adding your tip about basic authentication.

About the recursion into JSON structure, it should be working since last November release. Can you show the complete output you get with --debug option?

Hi @omercier!

regarding the recursion: unfortunately, it doesn’t. I have the recent Centreon release (24.04) and also tested it with the recent centreon-plugins from Github. I’ll send you a complete output in PM, but for the public: here are the http tables (the run is from a different SCC, but the original one looks the same):

======> variables
    http.tables.subaccountReqEntries.i2].displayName = SAP Analytics Cloud
    http.tables.subaccountReqEntries.i2].tunnel.state = Connected
    http.tables.subaccountReqEntries.i2].subaccount = 8a176e16-55a0-4683-9435-daf61a197589
    http.tables.subaccountReqEntries.i2].tunnel.subaccountCertificate.notAfterTimeStamp =
    http.tables.subaccountReqEntries.i2].regionHost = cf.eu10.hana.ondemand.com
    http.tables.subaccountReqEntries.i3].subaccount = i6frso7ll9
    http.tables.subaccountReqEntries.i3].tunnel.subaccountCertificate.notAfterTimeStamp =
    http.tables.subaccountReqEntries.i3].regionHost = hana.ondemand.com
    http.tables.subaccountReqEntries.i3].displayName = STE ADS
    http.tables.subaccountReqEntries.i3].tunnel.state = Connected
    http.tables.subaccountReqEntries.i1].tunnel.subaccountCertificate.notAfterTimeStamp =
    http.tables.subaccountReqEntries.i1].subaccount = 79797d7f-f74c-4791-99ad-74a7af8edb3c
    http.tables.subaccountReqEntries.i1].regionHost = cf.eu10.hana.ondemand.com
    http.tables.subaccountReqEntries.i1].displayName = Cloud Identity Management
    http.tables.subaccountReqEntries.i1].tunnel.state = Connected
    http.tables.subaccountReqEntries.i0].tunnel.state = Connected
    http.tables.subaccountReqEntries.i0].displayName = Datasphere
    http.tables.subaccountReqEntries.i0].regionHost = cf.eu10.hana.ondemand.com
    http.tables.subaccountReqEntries.i0].tunnel.subaccountCertificate.notAfterTimeStamp =
    http.tables.subaccountReqEntries.i0].subaccount = 35ee546b-dc1c-45e3-b1f3-4ba855cb6953

as you see, ‘notAfterTimStamp” variables are empty. I think the relevant code is here in collection.pm, sub parse_structure:

if ($ref eq 'HASH') {

if (!defined($value->{ $_->{id} })) {
# Check and assume in case of hash reference first part is the hash ref and second the hash key
if($_->{id} =~ /^(.+?)\.(.*)$/){
if (!defined($value->{$1}->{$2})) {
$entry->{ $_->{id} } = '';
next;
}else{
$entry->{ $_->{id} } = $value->{$1}->{$2};
}
}else {
$entry->{ $_->{id} } = '';
next;
}

The first group of your regex is non-greedy so it will grab only the portion before the first ‘.’, resulting in “tunnel’ in my case. Thus, $value{$1}->{$2} is not defined.

@omercier

Update: I was right with my assumption and I suggest the following patch:

1) added a recursive sub

sub traverse_hash {
    my ($self, $search, $data) = @_;
    if ($search !~ /\./) {
        #last run or found nothing
        if (defined ($data->{$search})){
                   return $data->{$search};
           }else{
                   return "";
        }
    }
    my $key="";
    my @parts=s];
    my $ref="";
    @parts=split(/\./, $search);
    $key=shift(@parts);
    $ref=ref($data->{$key});
    if ($ref eq "HASH") {
        #need to go deeper
        return $self->traverse_hash(join(".", @parts), $data->{$key});
    }else{
        #whoa, strange things happen here
        return "";
    }

}

2 ) changed the code mentioned in my previous post

            if ($ref eq 'HASH') {
                if (!defined($value->{ $_->{id} })) {
                    if($_->{id} =~ /\./){
                        $entry->{ $_->{id} }=$self->traverse_hash($_->{id}, $value);
                    }else {
                        $entry->{ $_->{id} } = '';
                        next;
                   }

It works so far, but I’m a perl aprentice, not a perl magician like yourself. Don’t judge me too much and please take it into review.

Update: After a few more tests, I filed a bug on Github. Can be found here: https://github.com/centreon/centreon-plugins/issues/5118

Thanks @derEdu!

We’ll examine it carefully, although due to the summer break it will probably wait a little…

It works so far, but I’m a perl aprentice, not a perl magician like yourself. Don’t judge me too much and please take it into review.

Believe me I’m just an old beginner

No harsh judgement!

Reply

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded