ABOUT SIEGE
Siege is an http load testing and benchmarking utility. It was designed to let web developers measure their code under duress, to see how it will stand up to load on the internet. Siege supports basic authentication, cookies, HTTP and HTTPS protocols. It lets its user hit a web server with a configurable number of simulated web browsers. Those browsers place the server “under siege.”
PLATFORM SUPPORT
Siege was written on GNU/Linux and has been successfully ported to AIX, BSD, HP-UX and Solaris. It should compile on most System V UNIX variants and on most newer BSD systems. Because Siege relies on POSIX.1b features not supported by Microsoft, it will not run on Windows. Of course you can use Siege to test a Windows HTTP server.
NEWS & RELEASE INFORMATION
SIEGE-3.0.0 This is the first major siege release in over a decade. Significant portions were rewritten in order to add support for additional protocols. This release adds limited support for FTP. You can get and put files to a server. FTP is invoked automatically based on the URL scheme, i.e., ftp://
SIEGE-2.74 This is minor bug fix that corrects verbose output formatting. Debug messages were creeping into verbose mode. Oh, noes! What should we do? If you’re a 2.73 user who doesn’t care for debug annoyances you should probably upgrade to version 2.74.
SIEGE-2.73 This is primarily a bug fix release but it does add several nice features which make it script friendly. With -g/–get siege will exit 0 as long as it receives one HTTP-200 response. If not, it will exit 1. This release also adds a -q/–quiet option to suppress stdout.
SIEGE-2.72 This release corrects a thirteen year old bug. If you don’t provide a ‘-f file’ argument, siege will now look for urls.txt inside the $sysconfdir you set at configure time.
SIEGE-2.71 This release allows you to override the Host header with the -H/–header option, i.e. –header=”Host: www.haha.com”
SIEGE-2.70 Jul 17, 2010 00:47 EDT This version provides a mechanism to allow siege to log in as a variety of different users. It fixes a bug in which cookies weren’t sent if the domain had a leading dot. It also adds colorized output and color-coded error messages
SIEGE-BETA - Developers should submit patches that are diff’d against the latest beta.
“This is an excellent application that does something expensive suites don’t. ie. It does what the users expects it to do, and does it simply.”
– Sgt. Scrub
Where's Pom?
Hi, for my test, I tried to use siege with dvwa app (open source app with security problem), in this application there is a login page with POST method.
I wrote in siegerc file, the parameter
login-url = http://192.168.56.101/index.php?user=admin&pass=pass
with command:
siege -d1 -c50 -i -f /home/stefano/url.txt
receive always http 302 or 400
I think to have some problems with authentications. Can you help me?
Sorry for my English…
Stefano
The FAQ will instruct you how to build a POST. It should look like this:
http://server/dvwa/index.php POST user=admin&pass=password
Hi
When I’m trying to setup 400 concurrent users I’m getting “[fatal] unable to allocate memory for 400 simulated browser: Cannot allocate memory”
The host has 8GB or RAM and and I tried with 16GB as well. Do you know how can I actually increase the concurrency number? Thanks.
Daniel
Try
#ulimit -s unlimited
probably you don’t have enough stack space
I have extended siege 2.72 so it supports more http methods.
I also added a cmd line option to override the default Content-Type and did some other minor changes.
The patch can be found on github as gist 2919579:
https://gist.github.com/2919579
It would be great if the patch could be incorporated into some future official release.
For people interested in Jan’s changes, they’ve been implemented starting with version 2.73b3. If you’re adverse to beta software, look for them in version 2.74.
2.73b3 adds a new implementation of -g/–get which builds on Jan’s work. In .siegerc you can set the HTTP method for siege gets. The two options are HEAD and GET. If you select HEAD (default), then siege simply pulls down the headers. If you select GET, then you get the full page.
I’ve wanted to implement -g/–get like that for quite some time so I appreciate the fact that Jan laid the ground work.
Independent of jan, I also did some quick and dirty hack a couple of weeks ago to enable DELETE method.
I think jan’s solution is much better than mine –which created a copy of the http_get (https://gist.github.com/2934366). Hope to see jan’s enhancement in the next official release soon.
At this point I plan to incorporate Jan’s solution. I should have a new beta soon. If that tests out, we’ll add it to the next release. I’ve got a couple bug fixes that need to be incorporated as well. If you un-comment proxy-login but don’t give it a value, it dumps core. (That probably happens for other directives as well.)
Thanks for a very useful looking tool as well as tips on how to use it.
I’d love to have an option to specify the target IP address (or perhaps DNS name) separately from the URL I’m requesting, that way I can test a non-live server prior to renumbering it to its ‘live’ IP address.
My particular use case is in fact for a master/slave pair, where I want to compare the master and slave performance: Both are in fact up and running, but the DNS will be set to point to the master server.
I’m not sure there’s enough interest in this feature to merit the time necessary to implement it. Most people will simply make /etc/hosts file entries. But I’m willing to entertain additional thoughts on the matter….
The server is now under siege…[error] descriptor table full sock.c:108: Too many open files
[error] descriptor table full sock.c:108: Too many open files
[error] descriptor table full sock.c:108: Too many open files
libgcc_s.so.1 must be installed for pthread_cancel to work
Aborted
how can i fix this ?
The error message is telling you exactly what’s wrong. You opened too many files. You have two choices: tune the system running siege or reduce the number of concurrent users.
I also get “libgcc_s.so.1 must be installed for pthread_cancel to work” (on Ubuntu 12.04 64-bit). And just with the default siege settings, so 15 concurrent sessions.
But … it only happens when I use the “-l ” option. Not when I use a plain siege command line.
So, are you sure it is cause by too may open files / connections?
thanks for a very useful tool for load testing and benchmarking.
but i want to know how to use –header option.
on my client i have no permission to edit /etc/hosts .
so i want to use the –header option ,but it looks doesn’t working.
sorry for my english.
here is my use:
siege -c 400 -t 1m -b -i –log=”stress.test” -f 1line –header=”192.168.127.31: http://www.jiajuntuiguang.xxx.com”
thank 4 reply.
i misunderstand the -H option, i know what does it really mean.
thanks
If you’re using a recent version of siege, you can set the host with -H. How does that work? Here’s an example where I do a –get request using the IP address and a Host: header:
LT $ siege -g -H “Host: http://www.joedog.org” http://69.55.236.229/siege-home/
HEAD /siege-home/ HTTP/1.0
Accept: */*
Accept-Encoding:
User-Agent: JoeDog/1.00 [en] (X11; I; Siege 2.73b4)
Host: http://www.joedog.org
Connection: close
HTTP/1.1 200 OK
Date: Tue, 14 Aug 2012 12:43:45 GMT
Server: CERN/1.0A
X-Powered-By: PHP/5.2.5
Expires: Tue, 07 Aug 2012 12:09:16 GMT
Last-Modified: Tue, 14 Aug 2012 12:43:45 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: PHPSESSID=3eis8da064o56kh913ie0cp9k7; path=/
X-Pingback: http://www.joedog.org/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
2.73b3 provided an option to sent PUT request with a Content-Type header. How would you specify a url in urls.txt that should issue a PUT sending “Content-Type”: “application/json” and this example data: {“foo”:”bar”, “score”:10} – is this even possible from the urls file yet?
That’s not available through the urls.txt file yet and I’m not sure how we can do that short of adding a mime types option. Any suggestions?
Hi,
I am running into a buffer overflow detected ***: siege terminated error when running siege with over 600 concurrent users. The machine type does not seem to matter. ive run this on a 8gig ec2 instance and 615mb memory instances. it appears that there is just some hard limit on concurrent users?
hi, I failed into a segfault triggered by :
siege google.ch –silence
Can you look into it ?
I suggest you read the man page. There’s no -silence
Hi,
Is there a setting to change the precision of the elapsed time? Currently it reports out to 1/100th of a second. Can this be customized to go to 1/1000th or even finer?
Thanks, this is a great tool!
Alternatively, if there’s a simple modification to the source, I’m happy to edit and recompile.
I just installed Siege and it all seems to work fine but when i try to post some arguments it only posts the first one. This is clear when you tail the logs of the webserver.
I installed Siege on Mac osx mountain lion using homebrew.
The command i am trying to run is the following:
siege http://url/index.php POST authname=username&authpass=password -d1 -r10 -c25
What is going wrong in my approach?
I want to add that you use a -u argument on the website but that doesn’t work, this is also not mentioned in the man pages.
Michael, you’re problem is less a siege issue than a command line problem. It’s treating components of your URL as arguments. To solve this, wrap the URL in quotes like this:
“http://url/index.php POST name=user&pass=pass”
Hi, I am testing Siege in a home virtual environment in preparation for an upcoming project.
I have installed it on an Ubuntu 12.10 VM guest through the official Ubuntu repos but for some reason it does not want to connect to my test web server (on the same 10.10.10.xx LAN) – I can ping the web server, I can connect to it via web browser and telnet on port 80 – all should be fine.
HOWEVER, when running “siege -g 10.10.10.50″, Siege is attempting to connect to the localhost (127.0.0.1) on port 80 and passing 10.10.10.50 in the Host header. I saw this via Wireshark.
What am I doing wrong? I tried various combinations of the command but still failed to get Siege to connect. Thanks in advance!
Still trying and still getting localhost trying to connect to localhost.
siege -g “http://10.55.55.50″
[error] socket: unable to connect sock.c:222: Connection refused
Wireshark shows a connection attempt to 127.0.0.1:80…I am very confused.
Thanks and sorry for the double comments!
Just created an alias in the hosts file for webserver = 10.55.55.50 and when running siege -g “http://webserver” it is still connecting to 127.0.0.1. Pinging webserver works find and the address is resolved from the hosts file.
However, if I run the same Siege command using http://google.com or other public domains it gathers the headers without any issue. What am I doing wrong?
Siege resolves an address with gethostbyname which means it relies on the OS’s resolver. I would use name resolution tools like dig, host or nslookup to get to the root of the problem….
Hi Jeff, thanks for the quick response. Just to confirm:
1. It is NOT possible to use an IP address in the URL?
2. Siege will not use the hosts file for mapping?
I have made more attempts at getting it to work but it just throws up a “Connection Refused” even with edits in the hosts file allowing me to use a hostname instead of IP. I really need to get it working with IP addresses in order to target a specific web server. Thanks again, much appreciated.
From some quick research: “The domain name queries carried out by gethostbyname() and gethostbyaddr() use a combination of any or all of the name server named(8), a broken out line from /etc/hosts, and the Network Information Service (NIS or YP), depending upon the contents of the order line in /etc/host.conf. The default action is to query named(8), followed by /etc/hosts.”
I don’t quite understand “broken out line from /etc/hosts” – does it require a special format mapping? Thanks again!
This is off topic but you can configure your resolver to use files then dns in nsswitch.conf
first thank you for this jewel.
i’m using opensuse 12.2 64bits with 8 giga ram, and i run into Segmentation Fault error when i raised ulimit to 10000, why this is happening?
It’s not clear why it’s segfaulting but that’s a lot of clients. If you could run it in a debugger and post the back trace, I’d appreciate it.
Hi Jeff!
Thanks for such great tool.
I wrote the patch which adds support of 307 redirect handling (report a message to the given location).
https://gist.github.com/sherman/5063949
report=rePOST
siege (2.72 and 2.75) does not respect the -l (–log=) flag on the commandline. It always appends the result to $prefix/var/siege.log
Hi Jeff,
Love Siege and have been using it for years. Thanks for all the hard work you’ve put into it, it’s
I noticed something a little funky and I’m not sure if there is a way around it…
When setting the Accept header via the -H flag, this header is merged with the default value of */*, when testing a Content Negotiation aware API I’m developing. I can likely set a default on my side, but would like to simulate a client that is requesting only `application/json` content. That way the json serializing routines are used during the building of the response (and are reflected in the times it takes my service to respond).
If there’s a way to override headers completely or if there is something I missed in the man page, let me know.
Thanks again!
We can probably classify that as a bug. I’ll try to fix it in a timely fashion.
Siege 2.78 is now available and it should allow you to override the default Accept header with the command line option:
$ siege -H “Accept: application/json” -g http://www.joedog.org
HEAD / HTTP/1.1
Host: http://www.joedog.org
Accept-Encoding:
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1
Accept: application/json
Connection: close
HTTP/1.1 200 OK
Date: Mon, 11 Mar 2013 14:15:31 GMT
Server: CERN/1.0A
X-Powered-By: PHP/5.2.5
Expires: Mon, 04 Mar 2013 13:50:38 GMT
Last-Modified: Mon, 11 Mar 2013 14:15:31 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: _wp_session=4eb6accb681e218c68fca3d4903be266%7C%7C1363011639%7C%7C1363011279; expires=Mon, 11-Mar-2013 14:20:39 GMT; path=/
X-Pingback: http://www.joedog.org/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
You can download it here: http://www.joedog.org/pub/siege/
[...] 1: siege – An HTTP/HTTPS stress load tester Download [...]
Hey, I often use Siege for some basic testing. One nice change would be that -v would show individual elapsed times with microseconds. When benchmarking static files it’s not uncommon to have 0.01 or 0.00 as values. As satisfying as it is to see something with zero seconds having microsecond resolution would help with rendering charts.
Hey, i need to send some http headers with the GET/POST method. I know it is ok to send a header like below:
siege -c 10 -r 1 –header=”X-CPU: arm/x86″ http://***.com/***.json
but how to deal with if i want to send headers, seem it failed with below command;
siege -c 10 -r 1 –header=”X-CPU: arm/x86;X-SIGN:12345678″ http://***.com/***.json
Can you give me some advice? And is there a sample command to siege the POST method?
[...] of OpenLiteSpeed particularly in comparison to Nginx web server, I decided to run some quick Siege benchmarks. I am not using stock Nginx web server, but a source compiled version of Nginx v1.4.1 bundled with [...]