Schedules are the core building block of Seabhac. Each schedule defines what to check, how often, and from where.
Creating a Schedule
Go to Schedules → New Schedule. Fill in:
- Name A descriptive name (e.g. “MX record — example.com”)
- Description Optional notes about what this check monitors
- Type The kind of check to run (see below)
- Frequency How often to run (every 5 min, hourly, daily, etc.)
- Timeout Maximum seconds a single check may take (1–300, default 30)
- Retries How many times to retry on failure before marking it failed (0–10)
- Region Run in a specific region or all available regions
- Tags Comma-separated labels for organising schedules
- Notify on Failure Send an alert notification on each failed job
- Baseline Track historical baseline metrics for anomaly comparison
Check Types
DNSBL :: Blocklist Check
Checks whether an IP or hostname is listed on DNS blocklists. Use this to monitor whether your mail server IPs have been blacklisted.
| Field | Description |
|---|---|
| Hostname / IP | The address to check |
| DNSBL Servers | One or more lists to query: Spamhaus ZEN, Barracuda, SURBL, UCEProtect |
Result fields: listed status, response code per server, error messages.
DNS :: Record Lookup
Resolves DNS records for a domain and checks what is returned.
| Field | Description |
|---|---|
| Domain | The domain to query |
| Record types | A, MX, TXT, NS — check one or more |
| DNS servers | Optional custom resolver IPs (comma-separated) |
Result fields: record name, type, value, TTL for each returned record.
EHLO :: SMTP Banner Check
Connects to a mail server and performs an SMTP EHLO handshake. Useful for verifying your mail server is reachable and responding correctly.
| Field | Description |
|---|---|
| Host | Mail server hostname |
| Port | Default: 25 |
Result fields: connected status, EHLO response, extensions offered.
HTTP :: Endpoint Monitor
Sends an HTTP request and checks the response. Covers uptime, response time, and content verification.
| Field | Description |
|---|---|
| URL | Full URL to request |
| Method | GET, POST, PUT, DELETE, HEAD, OPTIONS |
| Expected status | Optional — alert if response code differs |
| Expected body | Optional — alert if response body does not contain this string |
| Follow redirects | Whether to follow HTTP redirects |
| Headers | JSON object of request headers |
| Body | Request body for POST/PUT |
Result fields: status code, response time (ms), headers, body.
Email Auth :: SPF / DMARC / DKIM
Checks a domain’s email authentication records. Useful for verifying your mail configuration is correct and hasn’t been tampered with.
| Field | Description |
|---|---|
| Domain | Domain to check |
| DKIM selectors | Optional comma-separated selectors to verify DKIM keys |
Result fields: SPF record + validity, DMARC record + validity, DKIM records + validity.
TCP :: Port Connectivity
Tests whether a TCP port is open and accepting connections.
| Field | Description |
|---|---|
| Host | Target hostname or IP |
| Port | Port number (1–65535) |
Result fields: connected status, response time.
UDP :: Port Reachability
Tests UDP port reachability.
| Field | Description |
|---|---|
| Host | Target hostname or IP |
| Port | Port number (1–65535) |
Result fields: reachable status, response time.
Page Load :: Browser Performance
Uses a real browser to load a page and captures Core Web Vitals and performance metrics.
| Field | Description |
|---|---|
| URL | Page to load |
| Click action | XPath selector to click before measuring (optional) |
| Wait selector | CSS selector to wait for before measuring (optional) |
| Expected text | Assert this text is present on the page (optional) |
| Viewport | Width × Height in pixels (default 1920×1080) |
| Screenshot | Capture a screenshot of the loaded page |
Result fields: TTFB, DOM content loaded, full page load time, FCP, LCP, CLS.
SSL :: Certificate Monitor
Checks an SSL certificate’s validity and days until expiry. Set an alert rule on ssl_days_remaining < 14 to get notified before certificates expire.
| Field | Description |
|---|---|
| Domain | Domain to check |
Result fields: expiry date, days remaining, validity, issuer, cipher, protocol version.
SSH :: Banner Check
Connects to an SSH server and reads the banner. Useful for detecting unexpected version changes.
| Field | Description |
|---|---|
| Host | SSH server hostname |
| Port | Default: 22 |
| Expected banner | Optional string the banner must contain (e.g. OpenSSH) |
Result fields: connected status, banner text, banner match result.
Domain Expiry :: WHOIS Check
Looks up the domain registration expiry date via WHOIS. Get early warnings before a domain lapses and causes outages or hijacking risk.
| Field | Description |
|---|---|
| Domain | The domain to query |
| Warning days | Alert when fewer than this many days remain until expiry (default 30) |
Result fields: expiry date, days until expiry, expired flag, registrar.
TLS Cipher Audit
Probes a host for accepted TLS protocol versions and cipher suites. Flags deprecated versions (TLS 1.0, TLS 1.1) and weak ciphers (RC4, 3DES, export ciphers). Useful for hardening mail servers and web services before external security scanners find issues first.
| Field | Description |
|---|---|
| Host | Hostname or IP to audit |
| Port | TLS port to connect to (default: 443; use 25/587 for SMTP, 993 for IMAPS) |
Result fields: accepted TLS versions, rejected TLS versions, list of accepted cipher suites with strength rating, weak cipher names, has_weak_ciphers, has_weak_versions.
Alert rule examples:
has_weak_versions == trueorhas_weak_ciphers == true.
Port Scan :: nmap
Scans a host for open TCP ports using nmap. Useful for detecting unexpected exposed services or confirming that firewall rules are applied correctly. Alert when ports outside your expected set are found open.
| Field | Description |
|---|---|
| Host | Target hostname or IP address to scan |
| Ports | Port specification (e.g. 22,80,443, 1-1024). Defaults to 1-1024 |
| Scan Type | TCP Connect — no elevated permissions required. SYN — faster, stealthier, requires CAP_NET_RAW on the runner |
Result fields: list of open ports with protocol and service name, total ports scanned, unexpected open ports (if expected set is configured).
Only scan hosts you own or have explicit permission to test. Port scanning third-party infrastructure without authorisation may violate their terms of service or applicable law.
Broken Links :: Link Crawler
Crawls a page and verifies every outbound link returns a valid response. Surfaces 404s and dead anchors before your visitors do.
| Field | Description |
|---|---|
| URL | Page to crawl |
| Max links | Maximum number of links to check (default 200) |
| Ignore patterns | URL substrings to skip (one per line) |
Result fields: total links found, broken link count, list of broken URLs with status codes or errors.
Schedule Actions
From the schedule detail page you can:
- Run Now Trigger an immediate one-off execution
- Pause / Resume Temporarily stop the schedule without deleting it
- Edit Change any configuration
- Delete Remove the schedule and all its history