You can see from wget that your original request is redirected to a second URL, which is redirected to a third. Therefore, you have to decide what you want to test: do you want to test that the original URL returns a redirect? Or do you want to test that the target URL itself is working? Those would be different configurations in blackbox_exporter.
> level=info msg="Address does not match first address, not sending TLS ServerName" first=IP address=<hostname> That comes from here: https://github.com/prometheus/blackbox_exporter/blob/v0.24.0/prober/http.go#L167-L172 Since the original request caused a redirect, the ServerName isn't set on the redirected target. > wget: server returned error: HTTP/1.1 403 Forbidden This means you're not authenticating to the target host - which is the same as you got from prometheus. You can add extra flags to wget or curl to set your bearer token, to check it works. Once that's working, you said you are setting "bearer token at job level". How are you doing this? Please show both the prometheus scrape job config and the blackbox exporter config (with the token itself blanked out)? You shouldn't be setting the bearer token header in the prometheus scrape job, because that would be authenticating prometheus to blackbox_exporter. Instead you should configure blackbox_exporter to authenticate to the target host. This was asked and answered recently: https://groups.google.com/g/prometheus-users/c/1Es9Ok9tK-s/m/tuBnU3OPBAAJ (you'll need to change the blackbox_exporter config slightly to set a bearer token header instead of basic auth) On Friday, 23 June 2023 at 09:14:55 UTC sri L wrote: > Hi all, > > We are trying to use blackbox exporter to monitor one of the URL using > http_2xx module and bearer token at job level for authorization, we are > receiving following error message and probe failed > > level=info msg="Address does not match first address, not sending TLS > ServerName" first=IP address=<hostname> > level=info msg="Invalid HTTP response status code, wanted 2xx" > status_code=403 > level=error msg="Probe failed" duration_seconds=0.231352246 > > Connectivity from prometheus pod > /prometheus $ wget -S <URL> > Connecting to <URL> (xx.x.xx.x:80) > HTTP/1.1 302 Moved Temporarily > Date: Fri, 23 Jun 2023 09:07:18 GMT > Content-Type: text/html > Content-Length: 138 > Connection: close > Location: < <http://jenkins-dev.onedev.neustar.biz/cjoc/teams-check/> > URL> > Connecting to <URL> (xx.x.xx.x:80) > HTTP/1.1 308 Permanent Redirect > Date: Fri, 23 Jun 2023 09:07:18 GMT > Content-Type: text/html > Content-Length: 164 > Connection: close > Location: < <https://jenkins-dev.onedev.neustar.biz/cjoc/teams-check> > URL> > Connecting to <URL> (xx.x.xx.x:443) > wget: note: TLS certificate validation not implemented > HTTP/1.1 403 Forbidden > wget: server returned error: HTTP/1.1 403 Forbidden > -- You received this message because you are subscribed to the Google Groups "Prometheus Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/9b7d3fa8-01a4-4f23-9e96-3a06967dcf59n%40googlegroups.com.
