Forum Discussion

Netmart's avatar
Netmart
Icon for Nimbostratus rankNimbostratus
Nov 06, 2024

F5 Health Monitor Receive String as JSON

Hello,

We have to set up Health Monitor where the received string in response header is in json format.

And therefore, I am wondering, how to configure the proper string that F5 will understand:

 

Received String:

 

{"status":"started","services":[{"name":"nae-kmip","status":"started"}]}

 

It seems to except RegEx like the following:

HTTP/1.1 200 OK|name:name-kmip,status:started

 

However, I am not sure if this would match.

 

I would appreciate any advise.

 

Thanks,

 

health monitor
    • Netmart's avatar
      Netmart
      Icon for Nimbostratus rankNimbostratus
      Nov 11, 2024

      Thank you Kay.

      First we have to fix the send string.

      We tested the send string with OpenSSL and we received 200 ok

      echo -e "GET /api/v1/system/services/status?service_names=nae-kmip HTTP/1.1\r\nHost: 10...***.\r\nConnection: Close\r\n\r\n";sleep 1) | openssl s_client -connect 10...***.:443

      --
      HTTP/1.1 200 OK
      Date: Mon, 11 Nov 2024 18:24:32 GMT
      Content-Type: application/json; charset=UTF-8

      :

      {"status":"started","services":[{"name":"nae-kmip","status":"started"}]}

       

      However, adding this string into F5 Health Monitor Send Field:

      GET /api/v1/system/services/status?service_names=nae-kmip HTTP/1.1\r\nConnection: Close\r\n\r\

       

      We receive 400 [Bad Request].

      So what is the difference running from the box/Linux CMD with OpenSSL and running from F5 Application?

      Is there setting in F5 we are missing?

      Please advise.

      Thanks.

      • Kay_'s avatar
        Kay_
        Icon for Altostratus rankAltostratus
        Nov 20, 2024

        HTTP/1.1 always needs the Host header

        try:

        GET /api/v1/system/services/status?service_names=nae-kmip HTTP/1.1\r\nHost: xyz.example.com\r\nConnection: Close\r\n

         

        or try HTTP/1.0

  • Nikoolayy1's avatar
    Nikoolayy1
    Icon for MVP rankMVP
    Nov 22, 2024

    400 errors could be related to the host header as mentioned but also incorrect TLS SNI or no TLS SNI (something you need to sync with your server engineers). Nowadays F5 HTTPS monitors support SNI, just see SSL settings used by an HTTPS monitor are now configured using a Server SSL profile and SNI support for HTTPS monitors as before F5 health monitors were based on openssl while tmm for production traffic has its own TLS settings for server side client traffic.