Ad Widget

Collapse

SSL monitoring with Zabbix

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    SSL monitoring with Zabbix

    Dear Zabbix forum,
    I would like to share you my solution to monitoring SSL certificate on each website.

    That has been configured based on external check.

    First of all, simple script has been prepared and placed in /externalcheck directory

    Code:
      
     [email protected]:/# cat /etc/zabbix/externalscripts/ssl_valid.sh  
    #!/bin/bash
    #Prepared by Marcin 'szremo' Szremski'
    SSL_DATE=$(echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -dates | grep notAfter | awk -F = '{ print $2 }' | awk 'BEGIN {OFS = "-"} {print $1,$2,$4}')
    EXPTIME=$(date -d$SSL_DATE +%s)
    TODAY=$(date +"%b-%d-%Y")
    CURRENT=$(date -d$TODAY +%s)
    NUM=$(($EXPTIME - $CURRENT))
    RESULT=$(($NUM/86400))
    echo $RESULT

    Next, template has been prepared which execute that script once per day(value of Update interval): Click image for larger version  Name:	Screenshot 2019-06-11 at 11.24.02.png Views:	1 Size:	63.8 KB ID:	380486


    Pls. note that if your host in Zabbix is different that FQDN of your web site you should replace{HOST.NAME} by FQDN. Last think is to setup a triggers, in my case as on picture below:

    Click image for larger version  Name:	Screenshot 2019-06-11 at 11.26.25.png Views:	1 Size:	53.6 KB ID:	380487

    And result for host called Zabbix.com

    Click image for larger version  Name:	Screenshot 2019-06-11 at 11.27.32.png Views:	1 Size:	11.6 KB ID:	380489
    Click image for larger version  Name:	Screenshot 2019-06-11 at 11.27.44.png Views:	2 Size:	11.8 KB ID:	380490
    Attached Files
    Last edited by szremo; 11-06-2019, 11:46.

    #2
    Many thanks! This working perfect for me!

    Comment


      #3
      Great!!!!

      Thank you szremo

      Comment


        #4
        Thanks!
        for FreeBSD:

        #!/bin/sh
        #Prepared by Marcin 'szremo' Szremski'
        # set locale of date in cert
        LC_ALL=en_GB.UTF-8
        export LC_ALL
        SSL_DATE=$(echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -dates | grep notAfter | awk -F = '{ print $2 }' | awk 'BEGIN {OFS = "-"} {print $1,$2,$4}')
        EXPTIME=$(date -j -f "%b-%d-%Y" $SSL_DATE +%s)
        CURRENT=$(date -j +%s)
        NUM=$(($EXPTIME - $CURRENT))
        RESULT=$(($NUM/86400))
        echo $RESULT

        Comment


          #5
          good stuff! working like a dream for me.
          THANKS!

          Comment


            #6
            Dziękuję

            Comment


              #7
              Guys, Any chance you could attache the template please ?

              Comment


                #8
                This is good, but it would be cool to do this in preprocessing on the JS.

                Comment


                  #9
                  Originally posted by Alex G View Post
                  This is good, but it would be cool to do this in preprocessing on the JS.
                  I think not as its "preprocessing". Maybe some ugly way with trapper item and after use preporcessing. But I dont think it will be possible with duktape ( javascript engine in zabbix ) what I've googled a bit. I found something for nodejs engine - this doesnt help I guess

                  https://github.com/dyaa/ssl-checker

                  Comment


                    #10

                    Looking for LLD Discovery for windows processes (example: chrome.exe)











                    Sarkari Result Pnr Status 192.168.1.1

                    Comment

                    Announcement

                    Collapse
                    No announcement yet.
                    Working...
                    X