Forum Discussion

Kelemvor's avatar
Kelemvor
Icon for Expert rankExpert
2 months ago

Can anyone help modify this Datasource to be able to use any port?

Hi,

We have F5 devices and LM can monitor some of the stuff inside them.  However, we found a problem because the Module that monitors the SSL certs only monitors them if the site using it is on port 443.  If it is using any other port, LM ignores it and doesn't monitor it.

We have a lot of internal sites that us ports other than 443 and had a cert expire last week.  It broke some stuff because we never got notified that an expiration was coming up.

The module in question is called: F5_BigIP_SSL_VIP_Cert.  (not sure how to post a link to it.

The Discovery script has a line that says: if(port == "443").  This causes it to not see any of our sites that use ports other than 443.

If I change it to say: port != "999" it will find all our sites that use something other than 443 which is great.

However, the Collection script is also hard-coded to 443 as:

This 'port' variable is used in a bunch of places in the rest of the script so it's not as easy to modify.  I'd have to get a list of every site and which ports they use and code something up which would be impossible to maintain as things change.

I'm wondering if there'd be a way for the Discovery script to grab the name AND port from the things it finds and then pass that info to the Collection script so each cert would include the port it's on and everything would just work.  Unfortunately, that's over my head, and I don't know if that'd be really easy, or really hard to do, so I figured I'd ask here.

If any of that doesn't make sense, let me know and I'll try to clarify it.

Thanks!!

  • If you only need to check one port per device, you could swap out the hardcoding with a reference to a property, and then set that property accordingly. You could even get a bit fancy and have it default to 443 if the property you're asking for does not exist.

    // This is directly from a Jabber DS I wrote years ago. If my.port does not exist, it defaults to 443.
    port = hostProps.get("my.port") ?: "443"
    
    
    // the other one is messier, I would do this:
    my_port = hostProps.get("my.port") ?: "443"
    if(port == my_port) {

     

    • Kelemvor's avatar
      Kelemvor
      Icon for Expert rankExpert

      All these checks are on one device.  Just different instances within the vip ssl certs module.