View Full Version : Exchange certificate warning before expiration
Hi all,
I would like to set an email notification 15 days before exchange certificate expiration,
Any ideas to do this Pleaze ! (within or without asking the Exchange server)
Thanks in advance,
Yassine
Here is a script we use. Extract to the Zabbix External Script directory (found in your conf file) and create a new item of type external check.
Item
Key: ssl_cert_check.sh[443]
(change to your ssl port)
Type: Numeric (unsigned)
Decimal
Units: d
Update: 86400 (really only need to check it once a day)
Trigger:
Description: SSL Cert for {HOSTNAME} expiring soon: ({ITEM.LASTVALUE} days)
Expression: {Template_Web_Standalone:ssl_cert_check.sh[443].last(0)}<31
You can then create a few other triggers based on the amount of days left and change the severity as it gets closer.
Thanks for replay,
I set it up and create the item and trigger,
Now to test the trigger I proceed as follows :
- I changed the trigger value to 300 days :
{Hote:ssl_cert_check.sh[443].last(0)}<300
- and, I put the update period to 30 seconds (just to do things quickly)
But I recived no mails and have nothing in monitoring's Last data,
is my procedure wrong ?
can you help me please ?
Thanks,
Yassine
Check your external scripts directory in zabbix_server.conf
### Option: ExternalScripts
# Location of external scripts
#
# Mandatory: no
# Default:
# ExternalScripts=/etc/zabbix/externalscripts
ExternalScripts=/home/zabbix/exbin
Also make sure the account zabbix is running under can execute that script.
I adapted the paths to my zabbix install (in /etc/zabbix/)
I updated the paths in ssl_certificate_check.sh (/etc/zabbix/ instead of /home/zabbix ...)
It seams that the script is for a linux openssl certificate...
In my case, it's a Win 2K3 exchange server :(,
Am I wrong ?
Thank you,
yassine
It works for our Windows boxes just fine. Try running:
./ssl-cert-check -s <your host> -p 443 -n
Thank you danrog,
It seams working for me too ;)
It returns this :
zabbix-srerver:/etc/zabbix/exbin# ./ssl-cert-check -s <my_windows_host> -p 443 -n
<my_windows_host>:443 Valid Mar 22 2211 162
It can be problem of active checks, I'll cheks it and give a feedback,
Yassine
I just dont understand what is going wrong with this server,
All seams correct in client side :
The Agentd.conf file is like this :
LogFile=c:\........
Server=MyZanbbixServer
Hostname=ExchangeserverName
ListenPort=10050
ServerPort=10051
By default active check are enabled and nothing suspect apears in the log file !
Can you please give me a summary of your config ?
Yassine
Hi all,
It's finally working now,
It was a so stupid issu,
When I create the item first time, it turn to "not supported" by it self, and it stays so all the time,
thanks to Danrog,
Yassine