API Endpoint monitoring using Sematext

Qxf2 had a request to help identify a tool for monitoring API endpoints in one of our client engagements recently. The client wanted a tool with a UI, intuitive configuration and easy maintenance to monitor their changing API endpoints. Additionally, we needed to be able to verify a response body as part of monitoring the endpoint. Our usual tool belt of Prometheus with Grafana was going to be too heavy for this task. So we had to look out for lightweight monitoring tools that suited this specific context.

We found Sematext – a platform that offers powerful synthetic monitoring tool to monitor a HTTP endpoint every n interval and display the results on a dashboard. We decided to use this tool to monitor Cars API app – an internal app we built to test our API Automation framework before suggesting it to the client.
In this post, we are outlining the features of Sematext that impressed us, as well as the checks we simulated with our Cars API app to validate if the tool will be a right fit.

What impressed us?

In addition to Sematext we were exploring a few other tools too, our experience with setting up and working with those tools made us appreciate these few facets of Sematext. In short, Sematext presented a nice dashboard, worked with different auth types, exposed hooks to third party services like Twilio that made alerting easy and provided an intuitive UI to configure the endpoint monitors.

To give you a taste of Sematext, we have included some screenshots for some of these features.

1. Creating a HTTP monitor

Running an API request – HTTP method operation against an endpoint in an interval constitutes a HTTP monitor. Creating a HTTP monitor on Sematext was very straightforward, we were able to configure one to run a GET request against https://cars-app.qxf2.com/cars/find endpoint for every 1 minute interval in minutes.

HTTP monitor setup

2. Configuring the API request

Passing input data to the API request can be done through:
– Header
– Query
– Request Body
– Cookies
While these techniques for passing API inputs are common, all the other tools we explored did not support at least one of the above approaches.
We configured Query parameters for the HTTP monitor against the https://cars-app.qxf2.com/cars/find Cars API app endpoint.

3. Auth types supported

We configured our HTTP monitor to use the Basic auth type. Sematext supports the following auth types:
– Basic
– Bearer/Access-Token

Auth types supported

4. Response validation

The response validation offered by Sematext outmatched other tools we explored. It allows creating multiple conditions to validate an API response, the API request was considered failed when any of the condition failed.
We created 2 conditions to validate the API request made in our HTTP monitor:
1. Check if the response code is 200
2. Verify the response body contains a text

HTTP response validation

5. Monitoring API app on local network

One of the requirements we had from the client was to help identify a solution to monitor their API app running on their local network. Sematext uses a Docker container running on a server in the local network to make the API calls and validate the response, it then pushes the data to the cloud to make the information available on the dashboard.
We tested this aspect with our HTTP monitor too, we ran the Cars API Flask app locally, pulled the Sematext Docker container and validated that the monitor data was available on the dashboard in the cloud instantly.
HTTP monitor private network

Note: We had to modify the HTTP monitor endpoint URL to http://host.docker.internal:5000/cars/find to monitor the app running on localhost through the Docker container since the container do not have access to localhost. This information was not available on the Private Locations guide.

Features that did not meet our expectation

Note: This section is very subjective. While many of the Sematext features are remarkable, these were points we discussed when assessing the tool.

It is very hard to find a tool that meets all expectations. Sematext with all its impressive features still lacked in these aspect:

1. Email notification

The Email notification triggered when the status of the API endpoint changed – online/offline was sometimes ~10 mins late. But we were able to work around this by setting up notification hooks. Sematext supports creating hooks to receive notification on these apps(you need a Sematext account to view this page). Our experience setting hooks to receive notifications on Telegram and SMS using Twilio was pleasant.

2. Pricing

The client we were trying to help only had a handful of endpoints, Sematext charges a nominal $2/month for a Pay-As-You-Go HTTP monitor but this plan does not allow monitoring the app on private network. Our requirement was somewhere between what was offered in the Pay-As-You-Go and the Standard plan, but Sematext does offer curating a custom plan, we advised the client to get in touch with Sematext for a flexible plan to suit their need.

We had a positive experience using Sematext overall which lead us to suggesting it to the client.
Note: Qxf2 Services was not paid to endorse Sematext. This post is based on our experience using the tool.

Hire testers from Qxf2

Qxf2 is the home for technical testers. Our QA engineers have a wide range of technical abilities that build upon the solid foundation of testing well. As you can see from this post, our engineer knew of several solutions beforehand and was quickly able to reject them as unsuitable to the client. Instead, they understood the client’s specific context and went about looking for a solution that fit the client needs. If you want smart testers who take the time to tailor the testing solution to your needs, contact Qxf2.

Leave a Reply

Your email address will not be published. Required fields are marked *