zabbix monitoring ssl certificate expiration date

Others 2019-07-26 01:19:40 views: null

Obtain a certificate expiration script:

/ etc / ZABBIX / scripts / Check-CERT-The expire. SH : 

# ! / bin / the bash 
Host = $ . 1 
Port = $ 2 
END_DATE = `/ usr / bin / Host -host OpenSSL the s_client -servername $ $ $ Host -port -showcerts Port </ dev / null  2 > / dev / null |
   Sed -n ' / the CERTIFICATE the BEGIN /, / the END the CERT / P ' | 
  / usr / bin / X509 OpenSSL -text 2 > / dev / null |
   Sed -n ' S / * Not the After: * P // ' ` 
# OpenSSL SSL certificate verification and validation. 
# -servername $ host due to the presence of a plurality of host certificate using SNI characteristic inspection 
# </ dev / null directional input standard, to prevent the interactive program Hang. / Dev / from the null read, 0 is read out directly. 
# Sed used with the -n and p, to display only the matching portion. // , // range to match. 
OpenSSL X509 # - text decode certificate information, including the validity of the certificate. 

IF [-n " $ END_DATE " ]
 the then 
    end_date_seconds = ` DATE  ' +% S ' - DATE  " $ END_DATE " ` 
    now_seconds = ` DATE  ' + S% ' `
     echo  "($end_date_seconds-$now_seconds)/24/3600" | bc
fi

Automatic discovery domain script:

# / Usr / bin / the env Python! 
# Coding: UTF. 8- 

Import OS
 Import SYS
 Import JSON 

# This function is mainly to construct a dictionary specific format for ZABBIX 
DEF ssl_cert_discovery (): 
    web_list = [] 
    web_dict = { " Data " : None} 
    with Open ( " / etc / ZABBIX / scripts / ssl_cert_list " , " R & lt " ) AS F:
         for the sslcert in F: 
            dict = {} 
            dict [ " {} #DOMAINNAME"]=sslcert.strip().split()[0]
            dict["{#PORT}"]=sslcert.strip().split()[1]
            web_list.append(dict)
    web_dict["data"]=web_list
    jsonStr = json.dumps(web_dict,indent=4)
    return jsonStr
if __name__ == "__main__":
    print ssl_cert_discovery()

List of domain names:

/etc/zabbix/scripts/ssl_cert_list:
www.baidu.com 443
www.qq.com 443

zabbix configuration:

/etc/zabbix/zabbix_agentd.conf.d/userparameter_sslcert.conf:
UserParameter=sslcert_discovery,/usr/bin/python  /etc/zabbix/scripts/sshcert_discovery.py
UserParameter=sslcert.info[*],/bin/bash /etc/zabbix/scripts/check-cert-expire.sh $1 $2

Add template zabbix in:

https://files.cnblogs.com/files/imcati/Template_ssl_cert_info.xml

Guess you like

Origin www.cnblogs.com/imcati/p/11246158.html
Recommended
Arc Browser for Windows 1.0 officially GA
A programmer born in the 1990s developed a video porting software and made over 7 million in less than a year. The ending was very punishing!
Ranking
1. Select Sort
Create a thread thread
3 press to play ball that reach 6
Programmation CUDA (4) : gestion de la mémoire
SpringBoot database connection pool Druid error
E Diudiu App redesign summary
4EVERLAND Hosting now supports SNS+IPFS
About HTTPS
[vue3+vite+ts+element-plu+sass] uses bug records in sass
Interpretation of HUAWEI CLOUD GaussDB (for Influx): Best Practice Data Modeling
Daily
More
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)

Code World

© 2018 codetd.com