What the Health Check Functionality Tests
Bastion service is up
Request will time out if service is downTeams Protector connectivity to DB
Basic functioning of Ethical Wall
Basic functioning of DLP
Agat Internal Services API is functioning
This is tested implicitly by testing EW + DLPAgat Client Modifications aren’t known to be broken (when sent to CDN or static script host)
Bastion connectivity to internet
HTTP Response Codes
Code | Failure Type | |
---|---|---|
200 | All OK | |
511 | DB connectivity | |
512 | Internet Connectivity | |
513 | Client Modifications/ Script Injection | |
514 | Ethical Wall API | |
515 | DLP API | |
516 | Health status set to negative using API | |
500 | Miscellaneous |
Sample Request
Code Block | ||
---|---|---|
| ||
GET https://Agat-Bastion-Server/teams_protection/healthcheck/proxytest HTTP/1.1
Host: Agat-Bastion-Server
User-Agent: MyLB |
Sample Results
All OK
Code Block | ||
---|---|---|
| ||
HTTP/1.1 200 SphereShield
Content-Length: 147
Cache-Control: max-age=30, Public
Content-Type: text/html
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-Content-Type-Options,Location,Cache-Control,Pragma,ContextId,Content-Length
Access-Control-Allow-Origin: https://teams.microsoft.com
Access-Control-Allow-Credentials: true
Server: Bastion
{
"Server-Name": "AG-Bastion-1",
"Version": "1.2.11.0",
"rest_api": {
"DLP": "ok",
"EW": "ok"
},
"scripts_injection": "ok",
"sql": "ok",
"teams_server": "OK"
} |
Agat Internal Services API Not functioning
Code Block |
---|
HTTP/1.1 515 SphereShield
Content-Length: 208
Cache-Control: max-age=30, Public
Content-Type: text/html
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-Content-Type-Options,Location,Cache-Control,Pragma,ContextId,Content-Length
Access-Control-Allow-Origin: https://teams.microsoft.com
Access-Control-Allow-Credentials: true
Server: Bastion
{
"Server-Name": "AG-Bastion-1",
"Version": "1.2.11.0",
"rest_api": {
"DLP": "Failed to connect to DLP API",
"EW": "failed to connect to Ethical Wall API"
},
"scripts_injection": "ok",
"sql": "ok",
"teams_server": "OK"
}
|
Health Check Options
URL | Type |
---|---|
teams_protection/healthcheck | Regular. Will give cached response if exists and is within 1 min of previous request |
teams_protection/healthcheck/Force | Will always perform full health check (DLP, API, etc, ignoring cached |
response. | |
teams_protection/healthcheck/Simple | Returns 200 without checking DLP, API, Etc. Returns full response if cached. |
teams_protection/healthcheck/NoProxyCheck | If no cache available, skips checking proxy functionality when performing full check |
teams_protection/healthcheck/ |
Return200 | Same as the regular check but will always return a 200 HTTP response status code even when there is an error. Errors will continue to be visible in json response. (Not implemented yet) |
teams_protection/healthcheck/SetUnhealthy/<First 10 chars of DB Key> | All future health checks after this one will return a 516 response until Bastion is restarted. Intended for use if external monitoring detects issues. |