Uptime Kuma (Status Monitoring)
Uptime Kuma monitors HTTP endpoints, TCP ports, DNS, and ping targets — alerting instantly via Slack, Mattermost, webhook, or email when anything goes down.
Aithroyz deploys Uptime Kuma on a dedicated VM. Add monitors for every tool in your sandbox to catch failures immediately during exercises or red team operations. The first visit requires creating an admin account.
Access
URL:
https://uptime.<env-name>.ops.aithroyz.comFirst-time setup: Create an admin username and password on your first visit. There is no default credential — you own the account immediately.
Adding a monitor
Add an HTTP monitor for each tool in your environment to track real-time availability:
1.Click + Add New Monitor in the left sidebar.
2.Set Monitor Type to HTTP(s).
3.Enter the URL for your tool's health endpoint, e.g. https://kibana.<env-name>.ops.aithroyz.com/api/status
4.Set the Heartbeat Interval to 60 seconds (or lower for critical tools).
5.Optionally set an Expected Status Code (200) and enable certificate expiry alerts.
6.Click Save. The monitor will appear in the dashboard within one interval.
✓
Grafana, Kibana, TheHive, and OpenCTI all expose
/api/status or /api/health endpoints. Wazuh dashboard responds on / with a 200 or 302 — both indicate the service is alive.Setting up notifications
Get alerted immediately when a monitor goes down:
1.Go to Settings → Notifications → Setup Notification.
2.Choose your provider: Slack, Mattermost, generic Webhook, or email (SMTP).
3.Fill in the required fields (webhook URL, channel, etc.) and click Test. You should receive a test alert.
4.Open each monitor, scroll to Notifications, and enable the notification profile you just created.
Creating a status page
Share a read-only status page with your team or exercise participants:
1.Go to Status Page in the left nav → New Status Page.
2.Give it a title (e.g. "SOC Exercise — Environment Health") and a URL slug.
3.Add monitors from your list to the page, grouped by category if needed.
4.Click Save and share the public URL with your team. No login is required to view it.
API — programmatic monitor creation
Uptime Kuma exposes a REST API (enable it under Settings → API Keys). Use it to create monitors automatically after provisioning:
# Create an HTTP monitor via API
curl -s -X POST -H "Authorization: Bearer <api-key>" -H "Content-Type: application/json" -d '{
"type": "http",
"name": "Grafana",
"url": "https://grafana.<env-name>.ops.aithroyz.com/api/health",
"interval": 60,
"tags": [{"name": "grafana"}]
}' https://uptime.<env-name>.ops.aithroyz.com/api/v1/monitorsTips
Certificate expiry monitoring
When adding an HTTPS monitor, enable the TLS/SSL certificate expiry check. Uptime Kuma will alert you a configurable number of days before the certificate expires.
Monitor tags for grouping
Add tags (e.g. siem, soar, threat-intel) to each monitor. Tags let you filter the dashboard quickly and group monitors on status pages by category.
TCP monitors for non-HTTP services
Use monitor type TCP Port to check that a service is listening — useful for checking Elasticsearch on 9200 or Wazuh agents on 1514/1515 without full HTTP probing.