Pyng: TLS check
Description
TLS check provides flexible facilities for arbitrary TCP
connections with TLS encryption.
TLS requires OpenBSD nc command to be
present in $PATH.
Options
TLS supports following options, which may be used upon creation
of a new check object:
- host
-
Target server (required)
- port
-
Target port (required)
- scan
-
Set to True to verify that the target port is open,
without sending any data
- data
-
Data to send to the target server
- ipv
-
IP version to use when resolving addresses (IPv6 or IPv4)
- socks5
-
SOCKS5 proxy to use for the connection provided as host:[port]
- match_name
-
Name to match in the TLS peer certificate, rather than the name
used to connect to
- match_hash
-
Hash to match against the TLS peer certificate hash
- ciphers
-
Allowed TLS ciphers
- protocols
-
Allowed TLS protocols
- no_cert_verify
-
Set to True to disable certificate verification
- no_name_verify
-
Set to True to disable certificate name checking
In addition, TLS supports following generic check settings:
- desc
-
Check description
- silent
-
Information about check runs is not output by certain runners
- interval
-
Number of seconds between check runs
- result
-
Require that check output matches result in order to
consider check successful. During the matching, check output is
evaluated as a list of lines of output without
newlines. result may be provided in multiple
ways:
-
None: always succeeds
-
string: succeeds if any line in the check's output
is equal to, or contains, result
-
list or a tuple: succeeds if all
elements of result are present in the check's
output (i.e. set of result items is a subset of
check output items)
-
set: succeeds if all lines in the check's
output are present in result (i.e. check output
is a subset of the set of result items)
-
Compiled regular expression object: succeeds if any
line in the check's output matches result
- alert
-
Callable (or a list of callables) to run in order to alert of
check status changes
- notify
-
Callable (or a list of callables) to run in order to notify of
changes in check's output
- run_condition
-
Callable to run to decide if check run should be skipped
- run_threshold
-
Threshold for mean run time in order to consider check to be
degraded
- result_filter
-
Callable to run to filter check command output lines prior to
matching check results
- on_result
- on_first
- on_up
- on_down
- on_degrade
- on_restore
- on_change
-
Callable to run with the result of the check on the specified
events
Example
# use TLS check to send HTTP request, verify the result
TLS(
'get.uptime.is', 443,
data='GET /api?sla=100 HTTP/1.0\r\nHost: get.uptime.is\r\n\r\n',
result='"SLA": 100.0',
ipv=6,
)
Return to Pyng