Closed Hardikl closed 2 weeks ago
Updated the changes in .127 system for review.
Added 2 alerts,
one warning alert for certificates expiring within 1 month
and second critical alert for certificates expired
.
security_certificate.yml creates 2 metrics, one security_certificate_labels
with extra 2 labels and one metric security_certificate_expiry_time
which never used in dashboard.
harvest % curl -s http://localhost:13001/metrics | grep -Ev "#|metadata_" | grep security
security_certificate_labels{certificateExpiryStatus="expired",certificateIssuerType="self_signed",cluster="umeng-aff300-01-02",datacenter="rest",name="umeng-aff300-01-02_172BB302639CAC9B",scope="cluster",serial_number="172BB302639CAC9B",svm="umeng-aff300-01-02",type="server",uuid="806b6fe6-6ef8-11ed-a5cd-00a098d39e12"} 1.0
security_certificate_expiry_time{cluster="umeng-aff300-01-02",datacenter="rest",uuid="806b6fe6-6ef8-11ed-a5cd-00a098d39e12"} 1701160909
harvest % curl -s http://localhost:13001/metrics | grep -Ev "#|metadata_" | grep security | wc -l
2
So, to re-use this existing template, only one change is required in dashboard where passing certificateExpiryStatus!=\"\",certificateIssuerType!=\"\"
in security_certificate_labels
where earlier it was used all extra filters would be removed from the template.