OAuth — alert on callback-endpoint error climb
Your OAuth callback (`/auth/callback`) starts returning 4xx — users can't log in, but a common health check on `/` is still 200.
Recipe
bash
#!/usr/bin/env bash
# /etc/cron.d/oauth-callback
# */1 * * * * root /opt/oauth-callback.sh
LOG=${LOG:-/var/log/nginx/access.log}
PATH_REGEX=${PATH_REGEX:-/auth/callback}
WINDOW=60
ERR_PCT=${ERR_PCT:-10} # alert when 4xx > 10 %
SINCE=$(date -d "-${WINDOW} seconds" '+%d/%b/%Y:%H:%M:%S')
read TOTAL ERR < <(awk -v since="$SINCE" -v re="$PATH_REGEX" '
$4 >= "["since && $7 ~ re {
t++
if ($9 ~ /^4/) e++
}
END { print t+0, e+0 }
' "$LOG")
[ "$TOTAL" -lt 5 ] && exit 0 # too few requests to judge
PCT=$((ERR * 100 / TOTAL))
if [ "$PCT" -gt "$ERR_PCT" ]; then
curl -fsS "$HEARTBEAT_URL" --data "oauth_4xx=${PCT}%,total=$TOTAL"
exit 2
fi
echo "OK (${PCT}% 4xx)"Same thing in Enterno.io
In Enterno HTTP monitor probe `/auth/callback?test=1` directly — user-facing pain caught within 60 s instead of from support tickets.
Related recipes
A service talks to a third-party API via JWT, token lives 24h and someone occasionally renews it manually. If they forget — the pipeline breaks at 3am.
Ensure your site returns 2xx every minute, alert to Slack/Telegram on failure.
Minimal script that checks an SSL certificate and alerts 14 days before expiry.