I am trying to monitor the status of my WAN gateway using Uptime Kuma and the OPNsense API. Despite my best efforts and google skills, I cannot get it to work and would appreciate any help. The monitor is showing red/down continually and there are no errors in the Uptime Kuma messages area. I am pretty sure it is an error in the way I am configuring Uptime Kuma. Here's what I have done:
1) Setup a new user, with access to the Gateways and generated the key/secret
2) Used CURL -k -u "<key>":"<secret>" https://myIP/api/routes/gateway/status from the Uptime Kuma console and I get the expected response
3) Configured Uptime Kuma as follows:
- Monitor type = HTTP(s)-Json Query and the URL is the same as in step #2
- Json Query expression and associated fields are set to $.status == ok
- Method is GET, body encoding is JSON and body/header fields are blank
- Authentication is set to basic auth and I put the key/secret into the username/password fields
I've tried various combinations of putting the authorization into the header/body, encoding the key/secret into base64, checking/unchecking the "ignore TLS/SSL errors". I'm probably just not using the right combination of things.
I just did that and it works fine the way you described it - although the $.status probably is only the request status, not the status of a specific gateway in the response (you would have to select that).
Of course, you have to have an API key and secret, those must not be quoted in the Uptime Kuma input fields. You can use them verbatim as in the curl parameters. The key must be associated to a user that has the appropriate permissions, but if it did not, you would be getting an error with curl as well.
Since you do not get any qualified error at all: Can your Uptime Kuma instance access the HTTPS port of your OpnSense or is it blocked by a firewall rule? You can check by using a plain HTTPS request.
Thank you Meyergru! You led me to the right solution. In researching how to parse the status of the specific gateway, I realized that I was using the wrong JSON expression notation. Uptime Kuma uses JSONata and not JSONpath. I also learned that if you clear off the last error message and the same error exists, you won't get a new error message. In case anyone else finds this thread:
* You can query for a specific gateway status using: items[name="XXX"].status_translated == Online where XXX should be replaced with the gateway name you want to monitor
* The correct syntax for checking the success of the gateway request: status == ok (not $.status == ok)
* Select basic auth from the Authentication method dropdown, put the key in for the username and the secret for the password
If you just need basic up/down monitoring in your home lab, I highly recommend Uptime Puma.
@Meyergru, I'd be interested in learning what else you are monitoring within OPNsense using Uptime Kuma.
I use Uptime Kuma only for all of my services being basically "up / present", which are quite a lot, so I also put them into groups. The services do not even have individual alerts, those are only enabled at the group level. Actually, I use a HomeAssistant alert to sent a voice notice to my Amazon Echo Dot.
This is a health check only.
On top of this, for real monitoring purposes, I use the well-established telegraf/influxdb/grafana combo. For most Linux boxes, there is a dashboard (https://grafana.com/grafana/dashboards/17851-systemv/) and also for OpnSense (https://grafana.com/grafana/dashboards/16197-opnsense-metrics/) and many more, like for Proxmox (https://grafana.com/grafana/dashboards/?search=Proxmox).
Notifications using HomeAssistant to Amazon Echo is genius! Thank you for sharing. I'm going to add that.
I'm really impressed with Uptime Kuma's abilities and UX for up/down monitoring in my homelab. I am using Uptime Kuma to monitor opnsense gateway and opnsense services (api/core/service/search Query:$exists(rows[running=0]) Expected Value:false). I looked at Zabbix for the "fun" of it, but I really don't "need" to monitor with that level of granularity.
I am using Graylog/Grafana for log monitoring, but I am nearly done switching over to Alloy/Loki/Grafana.