Contact Us

Monitoring Website Uptime with Prometheus, Blackbox Exporter, and Grafana on AWS EC2

Monitoring Website Uptime with Prometheus, Blackbox Exporter, and Grafana on AWS EC2

Executive Summary

In today’s digital-first world, ensuring that your website and APIs are available and performing well is critical. A few minutes of downtime can result in lost customers, revenue, and trust. This blog explains how to set up Prometheus, Blackbox Exporter, and Grafana on an AWS EC2 instance to continuously monitor website uptime, SSL certificate validity, and response times with visual dashboards and alerts.

Problem

Businesses often face challenges in knowing when their websites or applications go down. Traditional monitoring tools can be expensive or complex to set up, leaving gaps in visibility. Without proper monitoring:

  • Downtime may go unnoticed until reported by users.

  • SSL certificates can expire unexpectedly.

  • Page load delays or DNS failures remain undetected.

The need for a reliable, open-source, and cost-effective solution to track website availability and performance metrics is clear.

Solution

By combining Prometheus for time-series data collection, Blackbox Exporter for probing website endpoints, and Grafana for visualization, you can build a robust monitoring solution that:

  • Continuously checks website uptime and response codes.

  • Monitors SSL expiry to prevent unexpected downtime.

  • Tracks latency, DNS resolution, and HTTP response times.

  • Provides real-time dashboards and alerting capabilities.

This solution is deployed on a Linux-based Ec2 instance and uses entirely open-source tools.

Prerequisites

Before starting, ensure you have the following:

  • An AWS EC2 instance (Ubuntu or Amazon Linux 2) with at least 2 GB RAM.

  • A domain or set of URLs you want to monitor.

  • Access to the EC2 instance via SSH.

  • Basic knowledge of Linux commands.

  • Ports 9090 (Prometheus), 9115 (Blackbox Exporter), and 3000 (Grafana) allowed in the EC2 Security Group.

Challenges

While implementing, you may encounter:

  • Firewall and Security Group restrictions preventing access to Grafana or Prometheus.

  • Incorrect scrape configurations in Prometheus resulting in no metrics collected.

  • CORS or SSL certificate errors when probing HTTPS websites.

  • Grafana authentication and datasource setup issues if not properly configured.

Scenario

Consider a financial services company that needs to ensure its customer-facing portal and API endpoints are always online. Using Prometheus and Blackbox Exporter, they want to:

  • Monitor their website URLs.

  • Receive early warnings if the SSL certificate is nearing expiry.

  • Visualize uptime history and response times in Grafana dashboards.

Step-by-Step Solution

1. Install Prometheus

Comments:

sudo useradd –no-create-home –shell /bin/false prometheus
sudo mkdir /etc/prometheus /var/lib/prometheus
sudo apt update && sudo apt install wget tar -y

cd /tmp
wget https://github.com/prometheus/prometheus/releases/download/v2.53.0/prometheus-2.53.0.linux-amd64.tar.gz
tar -xvf prometheus-2.53.0.linux-amd64.tar.gz
cd prometheus-2.53.0.linux-amd64/

sudo cp prometheus promtool /usr/local/bin/
sudo cp -r consoles console_libraries /etc/prometheus/
sudo cp prometheus.yml /etc/prometheus/prometheus.yml
sudo chown -R prometheus:prometheus /etc/prometheus /var/lib/prometheus

Create Prometheus service:

[Unit]
Description=Prometheus
Wants=network-online.target
After=network-online.target

[Service]
User=prometheus
ExecStart=/usr/local/bin/prometheus \
–config.file=/etc/prometheus/prometheus.yml \
–storage.tsdb.path=/var/lib/prometheus \
–web.listen-address=:9090 \
–web.enable-lifecycle

[Install]
WantedBy=multi-user.target

Enable and start:

sudo systemctl daemon-reexec
sudo systemctl enable prometheus
sudo systemctl start prometheus

2. Install Blackbox Exporter

cd /tmp
wget https://github.com/prometheus/blackbox_exporter/releases/download/v0.25.0/blackbox_exporter-0.25.0.linux-amd64.tar.gz
tar -xvf blackbox_exporter-0.25.0.linux-amd64.tar.gz
cd blackbox_exporter-0.25.0.linux-amd64/

sudo cp blackbox_exporter /usr/local/bin/
sudo mkdir /etc/blackbox_exporter
sudo cp blackbox.yml /etc/blackbox_exporter/

Create Blackbox service:

[Unit]
Description=Blackbox Exporter
After=network.target

[Service]
ExecStart=/usr/local/bin/blackbox_exporter \
–config.file=/etc/blackbox_exporter/blackbox.yml
Restart=always

[Install]
WantedBy=multi-user.target

Enable and start:

sudo systemctl daemon-reexec
sudo systemctl enable blackbox_exporter
sudo systemctl start blackbox_exporter

3. Configure Prometheus to Use Blackbox Exporter

Edit /etc/prometheus/prometheus.yml:

scrape_configs:
– job_name: ‘blackbox’
metrics_path: /probe
params:
module: [http_2xx]
static_configs:
– targets:
– https://example.com
– https://google.com
relabel_configs:
– source_labels: [__address__]
target_label: __param_target
– source_labels: [__param_target]
target_label: instance
– target_label: __address__
replacement: localhost:9115

Restart Prometheus:

sudo systemctl restart prometheus

4. Install Grafana

sudo apt-get install -y apt-transport-https software-properties-common
wget -q -O – https://packages.grafana.com/gpg.key | sudo apt-key add –
sudo add-apt-repository “deb https://packages.grafana.com/oss/deb stable main”
sudo apt-get update
sudo apt-get install grafana -y
sudo systemctl enable grafana-server
sudo systemctl start grafana-server

Access Grafana:

http://<EC2_PUBLIC_IP>:3000

(Default login: admin / admin)

5. Add Prometheus Datasource in Grafana

  • Go to Configuration → Data sources → Add data source

  • Select Prometheus

  • URL: http://localhost:9090

  • Save & Test

6. Import a Ready-made Blackbox Dashboard

  • Go to Dashboards → Import

  • Enter Dashboard ID: 7587

  • Select your Prometheus datasource

  • Click Import

You’ll now see uptime metrics including:

  • Status (UP/DOWN)

  • HTTP status code

  • SSL expiry

  • Response time and latency

Conclusion

With this setup, you now have a complete uptime monitoring solution using Prometheus, Blackbox Exporter, and Grafana on AWS EC2. This ensures you’re always aware of your website’s availability, SSL health, and performance without relying on expensive commercial tools.

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Post

Monitoring Website Uptime with Prometheus, Blackbox Exporter, and Grafana on AWS EC2

Read Blog

From Kitchen to Cloud: How Sanika’s Restaurant Modernized with AWS Elastic Beanstalk

Executive:

In today’s digital-first world, even the most beloved restaurants need a robust online presence. Sanika’s Restaurant, known for its warm ambiance and curated culinary experiences, recognized the need to scale its digital operations to meet growing customer expectations. With the help of Cogniv Technologies and AWS, they embarked on a journeyto modernize their infrastructure, streamline deployments, and enhance reliability.

The Challenge: Building a Digital Foundation

Sanika’s team faced several hurdles at the start of their digital journey:

  • Uncertainty around hosting platforms
  • Scalability limitations and potential downtime
  • Lack of automated deployment and monitoring tools
  • Security vulnerabilities due to manual configurations

These challenges threatened to delay their online launch and compromise user experience during peak hours.

The Solution: AWS Elastic Beanstalk + CI/CD Automation

To overcome these obstacles, Cogniv Technologies implemented a fully automated, cloud native solution using AWS Elastic Beanstalk and a CI/CD pipeline

How the Partner Resolved the Customer Challenge

Designed a Fully Automated 3-Tier Architecture 

Utilized AWS CloudFormation to provision infrastructure as code. Included a secure VPC, application layer (Elastic Beanstalk), and database layer (Amazon RDS).

Implemented Secure Networking:

Deployed resources within a custom VPC for isolated and secure network access.Placed the RDS database in private subnets to protect sensitive data.

Deployed Scalable Application Hosting:

Used AWS Elastic Beanstalk to host the Dockerized application. Enabled automatic scaling, load balancing, and health monitoring.

Integrated GitHub for Source Control:

Enabled seamless version control and collaboration. Ensured traceability and transparency in code change

Established CI/CD Pipeline:

Configured AWS CodePipeline and CodeBuild for automated builds and deployments. Enabled continuous integration and delivery with minimal manual intervention.

Streamlined Deployment Workflow:

Automated the entire release process from code commit to production deployment. Reduced downtime and manual errors, ensuring consistent and reliable updates.

Enhanced Operational Efficiency:

Eliminated manual overhead, allowing the team to focus on innovation. Improved deployment speed and system reliability.

DevOps in Action: Practices That Powered the Transformation

Version Control: GitHub integration enabled seamless collaboration and change tracking.

CI/CD Pipelines: Automated deployment workflows ensured rapid, reliable software delivery.

Infrastructure as Code (IaC): AWS CloudFormation enabled consistent, version-controlled environment provisioning.

Technical Results:

– 85% faster deployments  from days to minutes
– Zero downtime during deployments
– 90% reduction in human error through automation
– 100% infrastructure consistency with IaC
– Improved scalability during peak traffic
– Shift from maintenance to innovation for the dev team

Lessons Learned:

– Plan network architecture early to ensure security and scalability.

– Automate everything — from infrastructure to deployments.

– Use managed services to reduce complexity and operational overhead.

– Integrate monitoring and security from the start.

About the Partner: Cogniv Technologies

Cogniv Technologies is an AWS Advanced Tier Partner specializing in:

– Cloud-native architecture

– DevOps and CI/CD automation

– FinOps and cloud cost optimization

Their customer-first approach and deep AWS expertise made them the ideal partner for Sanika’s digital transformation.

Conclusion:

Sanika’s Restaurant successfully transitioned from a manually managed setup to a modern, scalable cloud platform. With AWS and Cogniv Technologies, they now deliver a seamless digital experience that matches the excellence of their in-person dining  setting the stage
for future growth and innovation.

Read Blog

Manual Snapshot in AWS OpenSearch

Executive:  

Amazon OpenSearch Service provides robust mechanisms for snapshot backups, which are essential for disaster recovery, migrations, and compliance. While automated snapshots are handled internally by AWS, there are use cases where manual snapshots become necessary to meet custom requirements, especially during cross-cloud migrations or external recovery strategies. 

The Challenge: 

One of our clients faced a limitation with OpenSearch’s default automated snapshot feature. 

Scenario:

The client was preparing to migrate from AWS to Azure, and while OpenSearch automated snapshots were available, they did not meet the granularity or portability required for such a transition. 

Problem: 

Automated snapshots are stored in an AWS-managed repository. Direct access or export of these snapshots outside AWS is not supported. The client needed full control over the snapshots, including the ability to store and manage them in a customer-owned S3 bucket.

The Solution:

To overcome this limitation, Cogniv implemented a manual snapshot strategy using OpenSearch’s snapshot APIs, with the snapshots stored in a custom-managed Amazon S3 bucket. 

  • Full ownership and visibility of backup data 
  • Greater flexibility for cross-cloud migration 
  • The ability to script, schedule, and manage snapshots as needed 

Prerequisites:

  • An S3 bucket must be created in the same AWS region where the OpenSearch domain is provisioned.

  • An EC2 instance should be running in the same VPC as the OpenSearch domain.

  • The EC2 instance must have an IAM role attached with permissions to access S3 and OpenSearch.

  • Access to the Dev Tools section in the OpenSearch Dashboard is required to register and trigger snapshots.

Implementation of manual snapshot:  

Step 1 : Creating a required IAM Role  

Create an IAM role with below two policies   

        Policy Name: PutToOpenSearchAndPassRolePolicy & S3FullAccessToSpecificBucketPolicy

Policy 1 – PutToOpenSearchAndPassRolePolicy                        

Description:
 This policy allows a principal to upload data to an Amazon OpenSearch Service domain using HTTP PUT and to pass a designated IAM role. This is typically used in scenarios where a service needs to write logs or data to OpenSearch and assumes a role for execution. 

 This policy is for interacting with an Amazon OpenSearch domain and passing an IAM role:
{ 

    “Version”: “2012-10-17”, 

    “Statement”: [ 

        { 

            “Effect”: “Allow”, 

            “Action”: “iam:PassRole”, 

            “Resource”: “arn:aws:iam::<account-id>:role/<role-name>” 

        }, 

        { 

            “Effect”: “Allow”, 

            “Action”: “es:ESHttpPut”, 

            “Resource”: [ 

                “arn:aws:es:<region>:<account-id>:domain/<domain-name>/*” 

            ] 

        } 

    ] 

} 

Policy-2 : S3FullAccessToSpecificBucketPolicy 

Description:
Grants permission to list, read, upload, and delete objects in a specific Amazon S3 bucket. This is commonly used for services or applications that manage file storage within a single bucket. 

{ 

    “Version”: “2012-10-17”, 

    “Statement”: [ 

        { 

            “Effect”: “Allow”, 

            “Action”: [ 

                “s3:ListBucket” 

            ], 

            “Resource”: [ 

                “arn:aws:s3:::<bucket-name>” 

            ] 

        }, 

        { 

            “Effect”: “Allow”, 

            “Action”: [ 

                “s3:GetObject”, 

                “s3:PutObject”, 

                “s3:DeleteObject” 

            ], 

            “Resource”: [ 

                “arn:aws:s3:::<bucket-name>/*” 

            ] 

        } 

    ] 

} 

            

 Step 2 : Update the trust policy of the created IAM role 

{ 

    “Version”: “2012-10-17”, 

    “Statement”: [ 

        { 

            “Sid”: “”, 

            “Effect”: “Allow”, 

            “Principal”: { 

                “Service”: [ 

                    “es.amazonaws.com”, 

                    “ec2.amazonaws.com” 

                ] 

            }, 

            “Action”: “sts:AssumeRole” 

        } 

    ] 

} 

Step 3 : Mapping IAM Role ARN in OpenSearch Dashboard 

    To allow OpenSearch to use the IAM role for snapshot operations, map the created IAM Role ARN to the relevant security roles within the OpenSearch Dashboard. 

Navigation Path: Menu → Management → Security → Roles 

Instructions: 

Map to manage_snapshots Role:

  1. In the Roles view, search for the role named manage_snapshots[predefined role]

     2. Select the role and locate the section titled Mapped users

3. Click Edit and add the ARN of the IAM role created for snapshot access. 

Map to all_access Role: 

  • Similarly, search for the role named all_access. 
  • Select the role and locate both the Mapped users and Backend roles sections. 
  • Click Edit for each section and add the same IAM Role ARN. 
  • Save the changes.

This mapping ensures that the IAM role has the necessary permissions to interact with OpenSearch and manage snapshot operations via the REST API or CLI.

Step 4 : Create a s3 bucket on which the manual snapshot should be stored and keep the bucket as public 

Step 5 : Register OpenSearch Snapshot Repository via Python 

This guide describes how to install the required dependencies and execute a Python script to register a snapshot repository in the OpenSearch Dashboard via its REST API.

Installation Commands :  

Run the following commands on your EC2 or server to set up the environment: 

sudo yum install -y python3 

sudo yum install -y python3-pip  

pip3 install boto3 

pip3 install requests 

pip3 install requests_aws4auth 

Script :  

This script uses the boto3, requests, and requests_aws4auth libraries to register an S3 snapshot repository in Amazon OpenSearch Service. 

import boto3 

import requests 

from requests_aws4auth import AWS4Auth 

 host = ‘https://<your-opensearch-domain-endpoint>/ 

region = ‘<aws-region>’                               

service = ‘es’ 

credentials = boto3.Session().get_credentials() 

awsauth = AWS4Auth( 

    credentials.access_key, 

    credentials.secret_key, 

    region, 

    service, 

    session_token=credentials.token 

) 

 path = ‘/_snapshot/<repository-name>’  

url = host + path 

 payload = { 

    “type”: “s3”, 

    “settings”: { 

        “bucket”: “<your-s3-bucket-name>”,                  

        “region”: “<aws-region>”,                           

        “role_arn”: “arn:aws:iam::<account-id>: role/<role-name>”   

    } 

} 

headers = {“Content-Type”: “application/json”} 

r = requests.put(url, auth=awsauth, json=payload, headers=headers) 

 print(r.status_code) 

print(r.text)

Run this script to register OpenSearch snapshot Repository 

Step 6 : Execute a Manual Snapshot Backup 

To initiate a manual snapshot backup of your OpenSearch indices, use the following REST API command from the OpenSearch Dashboard (Dev Tools )

Command Syntax:  

PUT /_snapshot/<your-snapshot-repo-name>/<snapshot-name> 

To check the status, use the following command and run it in the dev tools 
 
Command Syntax:

GET /_snapshot/_status 

After running these command manual snapshot will be created and stored in the created s3 bucket 

Read Blog

Transforming EdTech with AWS: How Vidysea Scaled with Microservices on Amazon EKS

In the fast-evolving world of EdTech, agility, scalability, and reliability are non-negotiable. Vidysea, a platform dedicated to guiding professionals through their higher education journey, recognized this early. As their user base expanded and application complexity grew, they needed a robust infrastructure to match their ambitions. Here’s how they transformed their architecture with the help of AWS and Cogniv Technologies.

The Challenge: From Static Hosting to Scalable Infrastructure

Initially hosted on Vercel and later AWS Amplify, Vidysea faced growing pains:
– Performance bottlenecks during peak usage
– Limited autoscaling for backend services
– Manual infrastructure management leading to downtime
– Deployment inefficiencies slowing down feature delivery

These challenges highlighted the need for a more scalable, resilient, and automated solution.

The Solution: Migrating to Amazon EKS with Cogniv Technologies

To meet these demands, Vidysea partnered with Cogniv Technologies, an AWS Advanced Tier Partner, to re-architect their platform using Amazon Elastic Kubernetes Service (EKS).

Key Components of the Solution:

Microservices Architecture: Transitioned from monolithic to containerized microservices using Docker and EKS.
CI/CD Pipelines: Automated deployments with GitHub-integrated pipelines for faster, error-free releases.
Container Registry: Used Amazon ECR for secure and scalable image storage.
Database Management: Leveraged Amazon RDS for PostgreSQL to ensure high availability and simplified scaling.
Security & Monitoring: Integrated AWS WAF, CloudWatch, and ALB for robust security and observability

Solution and AWS Architecture Design:

Cogniv Technologies collaborated closely with Vidysea to devise a customized product strategy aligned with their DevOps goals. Harnessing AWS’s best practices, we architected a resilient infrastructure to support Vidysea’ microservices architecture and facilitate future enhancements.

 

Key DevOps Practices Implemented:

Version Control

  • Integrated GitHub for managing application code.
  • Enabled seamless collaboration and meticulous change tracking.
  • Ensured transparency and accountability throughout development.

Continuous Integration (CI) and Continuous Delivery (CD)

  • Established CI/CD pipelines for automated build, package, and deployment.
  • Enabled rapid and reliable delivery of microservices to Amazon EKS.
  • Reduced manual errors and accelerated release cycles.

Containerization

  • Adopted Docker for consistent deployment environments.
  • Used Amazon EKS for scalable container orchestration.
  • Stored Docker images in AWS Elastic Container Registry (ECR) for simplified deployment and environment consistency.

AWS Services in Action

                               Service                                          Role
                  Amazon EKS Orchestrates containerized workloads with high availability
                  Amazon RDS Manages PostgreSQL databases with automated backups
                  Amazon S3 Stores application assets and backups securely
                  Amazon EC2 Provides scalable compute resources
                  AWS WAF Protects against common web exploits
                  Amazon ECR Hosts Docker images for seamless deployment
                  CloudWatch Monitors application health and performance

Technical Results

The transformation delivered measurable improvements:
– 90% reduction in deployment time
– 2x increase in deployment frequency (up to 10/day)
– 75% less manual intervention, reducing human error
– 20 hours/week saved per engineer
– 60% faster time-to-market for new features

Lessons Learned

– Containerization is key: Moving to Docker and EKS enabled better scalability and fault isolation.
– Automation accelerates innovation: CI/CD pipelines drastically improved deployment speed and reliability.
– Cloud-native architecture pays off: The shift to microservices empowered Vidysea to respond faster to user needs and security threats.

Cost Comparison: Amplify vs. EKS

 

Setup Monthly Cost Annual Cost
AWS Amplify (Legacy) $74.71
AWS EKS (New) $383.74 $4,604.88

About the Partner: Cogniv Technologies

Cogniv Technologies brings deep AWS expertise, industry knowledge, and a customer-first approach. As an AWS Advanced Tier Partner they specialize in:
– Cloud-native architecture
– DevOps and automation
– FinOps and cost optimization

Conclusion

Vidysea’s journey from static hosting to a dynamic, microservices-driven platform on AWS EKS is a testament to the power of cloud transformation. With Cogniv Technologies as their guide, they’ve built a future-ready platform that scales with their mission: empowering learners worldwide.

Read Blog

Cogniv Technologies

Are you looking to enhance your business agility? If so, take advantage of innovation and achieve cost efficiencies to streamline productivity.

Enquire Now

Quick Links

Social Media

Facebook Twitter Youtube

Find Us at

Phone Number:

+91 9944940933

Email Address:

Consultant@cognivtech.com

© Copyright 2023 Cogniv – All Rights Reserved

Powered by SolutionChamps Technologies Pvt. Ltd.

Contact Us