Back to blogReliability

5 things to monitor beyond HTTP 200 responses

Status codes only tell half the story. Here are the five additional signals that separate a healthy endpoint from one that's about to fail under load.

RP

Ravi Patel

Senior SRE

Mar 5, 2025·6 min read

Beyond Status Codes

A 200 OK doesn't mean your API is healthy. We've seen plenty of endpoints return 200 while serving stale data, timing out for 80% of users, or silently dropping errors in logs.

Here are 5 things you should be monitoring:

1. Response Time

A slow API is often a broken API in disguise. Monitor:

  • p50 latency: Your typical response time
  • p95 latency: The experience of your slower 5% of users
  • p99 latency: Rare but catastrophic slowdowns

2. SSL Certificate Expiry

SSL certs expire without warning. We recommend monitoring:

  • Days until expiry
  • Certificate chain validity
  • Proper HTTPS negotiation

3. DNS Resolution Time

DNS is often the forgotten bottleneck:

  • DNS lookup time
  • DNSSEC validation status
  • Multiple DNS provider redundancy

4. Response Body Content

Don't just check status codes—validate the response:

  • Does the JSON have expected fields?
  • Is the data fresh (timestamp fields)?
  • Are error rates within normal ranges?

5. TCP Connection Time

Before HTTP even happens, TCP matters:

  • Connection establishment time
  • TLS handshake time
  • Time to first byte

Hawks monitors all of these out of the box. Set up your first monitor at hawks.example.com and see what you've been missing.

Back to all posts