M/Monit provides a simple JSON interface you can use to get data off M/Monit.

Most of the charts and tables in M/Monit are built using a JSON API and you can easily access the same API from your own program. The JSON API is only accessible via the HTTP POST method.

Use for instance Firebug to find the URLs and the JSON data you need. To get started, here are some useful URLs you can use to access M/Monit's data:

• Dashboard

• Host status

• Topography

• Reports

• Events

• Admin

Authentication

To access the JSON API your client must first login to M/Monit. The form based authentication process supported by M/Monit is the same as the one specified in the Java Servlet Specification and used by Apache Tomcat.

1. Upon access to a protected area the mmonit server determines if the client has been previously authenticated, if this is the case, the requested page is sent back to the client.
2. If the client has not been authenticated the mmonit server stores the original request URL and forwards to the login page. The client posts the login form back to the mmonit server and the server attempts to authenticate the user credentials embedded in the form. If authentication fails the server returns an error page. If authentication succeed, the server first check to see if the authenticated user belongs to a security role that is authorized to access the requested page. If the user is authorized the server redirect the request to the original stored request URL. If the user is not authorized to access the requested page the mmonit server will send a 403 Forbidden response back to the client.

Form Based Authentication utilize HTTP session and clients must support cookies and send the session cookie, zsessionid, with every request. If the session timeout or is invalidated the user is logged out and subsequent requests requires the user to re-authenticate.

Example

Using Jakarta Commons HttpClient here is a Java snippet that will login to M/Monit and print M/Monit JSON status data to stdout. Note that the HttpClient library is doing the cookie housekeeping, by tracking and automatically resubmitting the zsessionid cookie for you.

HttpClient client = new HttpClient();

// Access the M/Monit dashboard to get the zsessionid cookie and login form
GetMethod get = new GetMethod("http://localhost:8080/index.csp");
client.executeMethod(get);
get.releaseConnection();

// Authenticate, programmatically post the login form back to M/Monit
PostMethod auth = new PostMethod("http://localhost:8080/z_security_check");
NameValuePair[] credentials = {
  new NameValuePair("z_username", "admin"),
  new NameValuePair("z_password", "swordfish")
};
auth.setRequestBody(credentials);
client.executeMethod(auth);
auth.releaseConnection();

//We are logged in and can start request JSON data 
PostMethod status = new PostMethod("http://localhost:8080/json/status/list");
client.executeMethod(status);
System.out.println(status.getResponseBodyAsString());
status.releaseConnection();

// Logout from M/Monit and release the login session
GetMethod logout = new GetMethod("http://localhost:8080/login/logout.csp");
logout.setFollowRedirects(false);
client.executeMethod(logout);
logout.releaseConnection();