Webserver
The Webserver is the central management hub of the Mugnsoft platform. It provides the Web UI, REST API, component orchestration, and data visualization.
Overview
| Property | Value |
|---|---|
| Service name | MugnsoftWebserver |
| Default API port | 8050 |
| Default Web UI port | 9090 |
| Configuration file | webserver.json |
| Version | v4.0.0 |
The Webserver runs two HTTP servers simultaneously:
- API server (port 8050) – REST API with Swagger documentation for programmatic access
- Web server (port 9090) – the Web UI for browser-based management
Service Management
The Webserver runs as a native system service on both Windows and Linux.
CLI Commands
# Install as a system service
webserver install
# Start / Stop / Restart the service
webserver start
webserver stop
webserver restart
# Run in foreground (for Docker or debugging)
webserver run
# Remove the service and clean up directories
webserver uninstall
# Display help
webserver help
Configuration File
The webserver.json file must be located in the same directory as the executable:
{
"HTTPS": "true",
"PortAPI": "8050",
"PortWEB": "9090",
"RunUser": "mugnsoft"
}
| Field | Description | Default |
|---|---|---|
HTTPS |
Enable HTTPS for both servers | "true" |
PortAPI |
Port for the REST API server | "8050" |
PortWEB |
Port for the Web UI server | "9090" |
RunUser |
System user to run the service as | (empty) |
Directory Structure
After installation, the Webserver creates the following directory tree:
<install_dir>/
├── webserver(.exe) # Executable
├── webserver.json # Service configuration
├── license_MNS.dat # License file
├── config/
│ ├── sec/ # RSA key pair for JWT signing
│ │ ├── mugnsoft_webserver.key
│ │ └── mugnsoft_webserver.key.pub
│ └── ssl/ # TLS certificates
│ ├── certificates/
│ └── private/
├── dbs/ # embedded key-value databases
│ ├── webserver.db # Main KV store (users, settings, monitors)
│ └── backup/ # Automated backups
├── log/ # Rotated log files
├── data/ # Static data files
├── discovery/ # Discovery agent data
│ ├── level1/
│ ├── level2/
│ └── alerts/
├── export/ # Data exports
├── report/ # Generated reports
└── web/ # Embedded frontend assets
Startup Flow
- Read
webserver.jsonfrom the executable directory - Configure HTTPS mode and ports
- Create/initialize required directories and databases (
initstart) - Validate the license file
- Start background cron tasks:
gocronTask()– scheduled reports, downtimes, monitor operationsgocronTaskBGTask()– token refresh (every 14 min), KV store backup (every 1h)resyncServersToken()– synchronize component JWT tokens
- Launch API server on port 8050
- Launch Web UI server on port 9090
If the license is invalid, the service stops with a fatal error.
Key Features
Component Management
The Webserver manages all remote components through self-registration:
- Monitor Probes – register via
POST /selfRegister, exchange certificates - Integrators – register similarly, receive monitor data forwarding configuration
- Sentinel Agents – register and report system/process metrics
Once registered, the Webserver can:
- Push configuration updates to any component
- Pull monitoring data and status from Monitor probes
- Trigger on-demand monitor execution
- Manage component lifecycle (backup, restore, reinitialize KV stores)
- Reload TLS certificates without restart
Monitor Types Managed
The Webserver can create and manage all monitor types supported by the platform:
| Type | Description | Key Metrics |
|---|---|---|
| EUM/Web UI | Selenium browser automation scenarios | Transaction times, screenshots, HAR files |
| HTTP/HTTPS URL | Simple URL endpoint checks | Response time, status code, SSL certificate expiry |
| REST API | API endpoint monitoring with custom methods/headers | Response time, body validation, pattern matching |
| TCP Port | TCP connectivity checks | Connection time |
| ICMP Ping | Network reachability | Latency, jitter, packet loss |
| DNS Lookup | DNS resolution monitoring | Lookup time, response validation |
| SNMP | SNMP OID polling | OID values, expression evaluation |
| Database Query | MySQL/MSSQL query execution | Query time, result validation |
| System Metrics | Probe self-monitoring | CPU, memory, disk usage |
User Management
Users are stored in the Webserver’s embedded key-value store with bcrypt-hashed passwords:
| Field | Description |
|---|---|
username |
Unique login identifier |
fullName |
Display name |
group |
admin, user, or viewer |
accountType |
local or ldap |
email |
Email address for notifications |
tags |
Comma-separated tags for access scoping |
apps |
Application-level access control |
enabled |
Account enabled/disabled |
Load Testing
The Webserver can orchestrate load tests via registered Load Tester components:
- Create and manage load test scenarios
- Execute load tests on-demand or via schedule
- View real-time load test performance and protocol graphs
- Stop running load tests
Application Mapping
Group monitors, URLs, APIs, and other checks into logical Applications:
- Define applications with custom names and tags
- Aggregate status across all monitors in an application
- Visualize application dependencies with interactive topology graphs
- Share application views via public URLs (
/appsview/:user)
Reports and Downtimes
- Reports – scheduled performance reports sent via email or available in the Web UI
- Downtimes – planned maintenance windows that suppress alerting
- Both support tag-based scoping and cron-based scheduling
Host and Device Management
- Hosts – manage monitored hosts with instrumentation file distribution via SSH/SFTP
- Devices – manage SNMP devices with OID testing and monitoring
Settings and Integrations
Configurable through the Web UI Settings page:
- SMTP – email server for reports and alerts
- Slack – Slack workspace integration
- GitLab – import monitor scripts from GitLab repositories
- LDAP – directory service for user authentication
- Logging – log level, rotation, and retention
REST API
The Webserver exposes a comprehensive REST API documented with Swagger. Access the Swagger UI at:
https://<webserver>:8050/docs/index.html
The Webserver exposes 100+ API endpoints. Below are the main categories.
Authentication Example
# 1. Get a JWT token
TOKEN=$(curl -s -k -X POST https://localhost:8050/api/auth \
-H "Content-Type: application/json" \
-d '{"username":"admin","password":"your_password"}' \
| jq -r '.token')
# 2. Use the token for API calls
curl -k -X GET https://localhost:8050/api/users \
-H "Authorization: Bearer $TOKEN"
# 3. Refresh the token before it expires
curl -k -X GET https://localhost:8050/refresh_token \
-H "Authorization: Bearer $TOKEN"
Database (embedded key-value store)
The Webserver uses a single embedded key-value store file (webserver.db) with multiple buckets:
| Bucket | Content |
|---|---|
user |
User accounts (JSON with bcrypt-hashed passwords) |
setting |
Platform settings (encrypted) |
jwt |
JWT tokens for components |
report |
Report definitions |
downtime |
Downtime definitions |
server |
Registered component configurations |
Backup
Automated backups run on a configurable schedule (default: every hour). Manual backups can be triggered via the API:
curl -k -X POST https://localhost:8050/backupDatabase \
-H "Authorization: Bearer $TOKEN"
Logging
Logs use structured format via logrus with rotation handled by lumberjack:
| Setting | Description | Default |
|---|---|---|
| Log level | debug, info, warn, error |
info |
| Max file size | Maximum size per log file | 10 MB |
| Max backups | Number of rotated files to keep | 5 |
| Max age | Days to retain old log files | 28 |
| Compression | Compress rotated logs | true |
Log files are located in the log/ subdirectory of the installation.
See also
- Webserver Configuration — complete settings reference
- Webserver-Front (DMZ Replica) — read-only replica for exposing dashboards to untrusted networks
- Webserver HTTP API — full API documentation
- Platform Overview — how the Webserver fits into the architecture
- Install on Windows | Install on Linux — installation guides
- Administration — user management, backups, and settings