Create an alerting system for Domain renewals, SSL renewals and website down

[tshrinivasan]

Many of us have multiple domains and websites.

When they are unattended most of the times, we lose the website, domain, ssl etc due to non renewing on time.

Create a system to check these and alert.

[tshrinivasan]

We can use prometheus, alert-manager and grafana for this.

https://github.com/caarlos0/domain_exporter

https://github.com/zifter/helm-charts/blob/main/charts/domain-exporter/dashboards/domain-expiration-overview.json

These can be used to check domain expiry.

Built a dashboard like this with grafana.

[tshrinivasan]

But this is not perfect. We have to keep the scrap interval low as 5 min to get the data correctly.

doing whois query every 5 min is bad. I kept every 6 hr. Due to this, missing data for many domains.

read here - https://utcc.utoronto.ca/~cks/space/blog/sysadmin/PrometheusScrapeIntervalMistake

Moreover, this dont check for ssl expiry and site down.

Have to write a custom python exporter to store the metrics in text file once in 8 hours via cron. write a custom exporter to read the data and expose to prometheus so that it can do scrap every 5 min.

Will work on this.

[tshrinivasan]

Once the system is ready, we can ask public submit their domain name, telegram handle to send alerts. Sending email will be costly. have to explore the possibilities of sending email and whatsapp messages automatically for free.

[tshrinivasan]

The below links will help. https://hackernoon.com/python-build-a-domain-lookup-tool

https://github.com/codebox/https-certificate-expiry-checker

https://stackoverflow.com/questions/1949318/checking-if-a-website-is-up-via-python

https://pypi.org/project/python-whois/

https://trstringer.com/quick-and-easy-prometheus-exporter/

https://medium.com/@dast04/writing-custom-prometheus-exporters-in-python-kubernetes-73626b66d78c

https://stackoverflow.com/questions/69021704/how-to-write-a-prometheus-exporter-that-collects-values-in-a-file

[eternaltyro]

Why do we need a low scrape interval for checking domain renewals? We can basically find it once and set a timestamp in the DB and countdown to it locally?

[sureshkumargondi]

Why do we need a low scrape interval for checking domain renewals? We can basically find it once and set a timestamp in the DB and countdown to it locally?

I would love to add different kind of informing too.. Via postcards or SMS etc too.

[tshrinivasan]

Why do we need a low scrape interval for checking domain renewals? We can basically find it once and set a timestamp in the DB and countdown to it locally?

@eternaltyro thanks for the idea. still I think querying whois atleast daily once will help to keep the system updated.

[tshrinivasan]

Wrote a python script to check below

• domain expiry date
• ssl expiry date
• site availability

writing the result metrics in a text file like below, once in 6 hours using cron. thanks @eternaltyro for the idea.

domain_expiry_days{domain="kaniyam.com"} 890 cert_expiry_days{domain="kaniyam.com"} 42 domain_http_code{domain="kaniyam.com"} 200

Then, used prometheus node exporter's textfile collector https://stackoverflow.com/questions/68248410/how-to-set-collector-textfile-directory-in-node-exporter

to explore the metrics along with node exporter metrics.

Then, connected prometheus with grafana to build dashboards.

the results are stunning.

Found few of my known domains are nearing expiry. few sites got ssl issues. informed them to fix all.

Next - setup alert manager to send email, telegram notification for each domain individually.

Have to check on how to setup this.

[tshrinivasan]

Code is here - https://github.com/KaniyamFoundation/url-monitor