[smokeping-users] Use of Smokeping for LDAPS checks.
throck+smokeping at gmail.com
Tue May 29 07:21:18 CEST 2012
On 5/25/12 3:20 PM, Tim Peiffer wrote:
> We have been instrumenting a number of our services with smokeping for
> some time. I have been interested in getting a little better visibility
> into our X500 directory since we have some dependencies that need to be
> there in order to make our wireless and vpn services work correctly. Is
> it possible to do LDAPS monitoring using the exisiting LDAP probe?
I believe that is dependent on echoping, which does not appear to
support ldaps - are you not able to query your host over the non-ssl port?
> How do you specifying where the SSL/TLS certificate is stored?
OpenSSL-ish things usually want them in /etc/pki/tls/certs; some
OpenLDAP-ish tools prefer /etc/openldap/cacerts/ - depends on the code.
Doesn't matter in this case.
> Do you need to specify all of the attributes or or is uid good enough?
The request filter should reflect what you want to measure/model; the
fetching of 1 or many entries. I suggest running echoping on the
commandline to get a sense of which filter best captures what you're
looking for. Note that echoping will perform an initial dummy request
using objectclass='*' against the base you specify, so if you're
pointing it at a directory base with many entries, you might be issuing
more queries than you originally thought. If you're just looking to
measure some generic response times, choose a base without much in it.
You may also want to poke around at cn=monitor, if it is supported on
More information about the smokeping-users