Monitoring websites with Telegraf

Good morning,

We are looking at monitoring a website using Telegraf’s input.http plugin. The section for authentication looks as follows:

Optional HTTP Basic Auth Credentials

username = “”
password = “”

The trouble that I have is that my website uses NTLM authentication, so the username is of the format DOMAIN\username. I have verified that the account information is valid and that it can connect to the site using Postman or Curl from the command line. However, when I start Telegraf, it keeps getting a 401 (unauthorized) response. Unfortunately, IIS logs do not show me what username it thinks it sees.

Has anyone had success monitoring a website login using domain account information with Telegraf? Would you mind sharing your experience? Thank you!


How about a packet capture on either the telegraf machine or the web server,
looking at the traffic going to port 80?

That will show you the authentication credentials being presented by telegraf.

As an off-hand suggestion for what might help, have you tried escaping the
backslash as in:

username = "DOMAIN\\username" ?

No idea if this might be the problem, but it’s the sort of thing I often try
when special characters are appearing to be ignored.


Thanks for the tip. We did try the backslash in the username field, just like you suggested, but it made no difference :frowning: