Forum Discussion
12 minutes ago, mnagel said:Since this does not seem to be getting much attention and it is a critical check to have, I am working from examples that use javax.net.ssl.* to cook up my own check that will allow manual instance FQDN/IP/port specifications (needed for SNI since it is not possible to discover all the certificates on an IP in general) and will workaround the continued lack of "Bottom N" graphing by assigning a "lifetime used" score to the certificate based on expiration, so <= 0 will be 100% used and > 0 will be smaller. This will allow identification of the smallest lifetime certificates within the LM graphing framework. It used to be possible to view the certificates expiring soon by setting a graph maximum value, but that no longer works, sadly.
Once I get this working, will update....
Thanks,
Mark
If you're using NET-SNMPd you can use IP-MIB::ipAdEntAddr and IP-MIB::ipConnState to obtain IPs and Port numbers that are in LISTEN state. The rest is pretty straight forward.
Related Content
- 3 years ago
- 3 months ago
- 2 months ago