Forum Discussion

Dominique's avatar
Dominique
Icon for Advisor rankAdvisor
5 years ago

Add the Friendly Name of a certificate on an Alert Report

Hello,

I have the discovery:

Quote

##--------------- Discovery ------------------##
$pshost = Get-Host              # Get the PowerShell Host.
$pswindow = $pshost.UI.RawUI    # Get the PowerShell Host's UI.

$newsize = $pswindow.BufferSize # Get the UI's current Buffer Size.
$newsize.width = 800            # Set the new buffer's width to 800 columns.
$pswindow.buffersize = $newsize # Set the new Buffer Size as active.

$newsize = $pswindow.windowsize # Get the UI's current Window Size.
$newsize.width = 800            # Set the new Window Width to 800 columns.
$pswindow.windowsize = $newsize # Set the new Window Size as active.

$readOnly     = [System.Security.Cryptography.X509Certificates.OpenFlags]"ReadOnly"
$localMachine = [System.Security.Cryptography.X509Certificates.StoreLocation]"LocalMachine"
$store        = new-object System.Security.Cryptography.X509Certificates.X509Store( "\\##SYSTEM.SYSNAME##\my", $localMachine )

$store.Open( $readOnly )

$store.Certificates `
| Select-Object { `
  $_.Thumbprint + "##" `
+ $_.Subject + $(If ($_.Subject -ne "") {"(..." + $_.Thumbprint.SubString($_.Thumbprint.length - 5, 5) + ")"} Else {"Unknown subject (" + $_.Thumbprint + ")"}) `
+ "######" `
+ "cert.issuer=" + $_.Issuer `
+ "&cert.friendlyname=" + $_.FriendlyName `
+ "&cert.serialnumber=" + $_.SerialNumber `
+ "&cert.thumbprint=" + $_.Thumbprint `
} `
| Format-Table -HideTableHeaders
 

and the Collector Attributes

Quote

##-------------- Counters --------------------##
$pshost = Get-Host              # Get the PowerShell Host.
$pswindow = $pshost.UI.RawUI    # Get the PowerShell Host's UI.

$newsize = $pswindow.BufferSize # Get the UI's current Buffer Size.
$newsize.width = 800            # Set the new buffer's width to 800 columns.
$pswindow.buffersize = $newsize # Set the new Buffer Size as active.

$newsize = $pswindow.windowsize # Get the UI's current Window Size.
$newsize.width = 800            # Set the new Window Width to 800 columns.
$pswindow.windowsize = $newsize # Set the new Window Size as active.

$readOnly     = [System.Security.Cryptography.X509Certificates.OpenFlags]"ReadOnly"
$localMachine = [System.Security.Cryptography.X509Certificates.StoreLocation]"LocalMachine"
$store        = new-object System.Security.Cryptography.X509Certificates.X509Store( "\\##SYSTEM.SYSNAME##\my", $localMachine )
$properties = @(
#    @{n='WildValue';e={"##WildValue##"}},
#    @{n='CommonName';e={$_.Subject}},
#    @{n='Description';e={"##Description##"}},
#    @{n='Properties';e={"##Properties##"}},
    @{n='DaysUntilExpire';e={([datetime]::Today - $_.NotAfter ).Days}}
)

$store.Open( $readOnly )

$store.Certificates `
| Where-Object {($_.Thumbprint -like "##WildValue##")} `
| Select-Object $properties `
| Format-Table -HideTableHeaders

 

Looking to add the "FriendlyName" of the certificate on the report...

Any idea?

Thanks,

Dom

  • I have something like this in Exchange.  I did not include the friendlyname in the alert message, but it is there as an ILP and could be used easily.  I just found fairly often it was not defined.  We have an update pending on this module since we found some certs are refreshed very often (e.g., daily) and need to add code to exclude those from discovery (or at least, from alerting).

    KPNWGW

  • Hello,

    The friendly name is in the field properties in the alert.... How to make it appearing in the report...

    Thanks,

    Dom

  • 2 minutes ago, Dominique said:

    Hello,

    The friendly name is in the field properties in the alert.... How to make it appearing in the report...

    Thanks,

    Dom

    By report, I assume you mean "alert message"?  If so, the property name should work as a token.  For me, it was just generally empty so would need to structure the message to account for that as best as possible since there are no conditional output controls like for template systems.

  • 1 minute ago, Dominique said:

    Hello,

    No a specific report through Alert Report ...

    https://xxxx.logicmonitor.com/santaba/uiv3/report/download.jsp?1600885411693

    Thanks,

    Dom

    You should be able to add the property to a custom column, but in my case it ends up with no data.  In my case, I use the friendly name as the instance name if possible, otherwise the thumbprint, so my friendly names show in the report.  I can't show auto.windowscerts.dnsnames, though.  Report adds it as a column, but no values show. Seems like ILPs are not valid for reports, which feels like a bug to me, though I am sure I will be told it is a feature request :).

  • Hello,

    I have two 

    and the column was added ...

    But still nothing...

    Any idea?

    Thanks,

    Dom

     

  • 3 hours ago, Dominique said:

    Hello,

    I have two 

    and the column was added ...

    But still nothing...

    Any idea?

    Thanks,

    Dom

     

    Right -- I tried the same and it looks like reports don't handle ILPs.  They certainly should -- probably will need to escalate to LM to get it fixed, and they may say it is a feature request :).

  • Thanks :)/emoticons/smile@2x.png 2x" title=":)" width="20" />