False detections with Http detectors

Problem: When defining an Http detector to find a service in /path on a well-known port like 80 or 8080, OpenNMS tends to find a lot of wrong services.
OpenNMS is not the offender here. Often web servers like to redirect to their index page without giving negative response codes.

Right now it is only possible to add IP excludes into the detector definitions. But this is not a preferred solution.

Solution approaches: Comparing the response text in detectors could work, but this is in the current state not possible. Also, I think I can remember that somebody told me, this would not be possible for some reasons.

It could also be possible to match against MetaData. Every server would need MetaData information about the service it is running. So it would be more or less a service assignment instead of classical detection.
Maybe it would be handy to be able to add a filter parameter here for each service:

Do you have other ideas?

OpenNMS version: 27.0.0

Use the web detector instead:

      <detector name="Things" class="org.opennms.netmgt.provision.detector.web.WebDetector">
         <parameter key="useSSLFilter" value="true"/>
         <parameter key="port" value="443"/>
         <parameter key="schema" value="https"/>
         <parameter key="timeout" value="5000"/>
         <parameter key="responseText" value="~^.*WoooRegEx.*$"/>
         <parameter key="path" value="/login.jsp"/>

It has all the capabilities you need to accomplish this, in my experience.

1 Like