FR: More user friendliness and testability

[vt-alt]

For a new user it's hard to understand if certspotter is working correctly. It would be useful if it logs:

• How much domains it started to monitor (from watchlist). maybe some other stat periodically too such as how much logs it sees.
• Test notification/emailing functionality. This could be on signal (like SIGUSR2) or command line option to always email on service start (so we can detect it's restarted and ensure everything is still OK).

Additionally:

• Maybe suggest special domain (or mode?) to see if monitoring and notification work at all?

Also it's hard to understand purpose of -no_save option, why we may need it?

Purpose of submitct is unexplained, where it submit certs and what for?

Thanks,

[AGWA]

Thanks for the feedback!

I've opened two issues to track new features:

• 79

• 78

In the meantime, I recommend testing notifications by issuing a certificate for one of your domains.

Regarding -no_save, this is for people who want notifications of new certificates but don't want a copy of every matching certificate to be saved. If you have any suggestions for improving the documentation, let me know.

submitct is currently experimental and thus intentionally undocumented.

[vt-alt]

Thanks for the reply and creating new issues!

Regarding -no_save, this is for people who want notifications of new certificates but don't want a copy of every matching certificate to be saved.

But why someone would not want to save them, does it take much space?

[AGWA]

Each saved cert is < 8kb, so you should only need -no_save if you're monitoring an entire TLD and thus expecting to find millions of certificates.

[vt-alt]

Thanks! Btw it would also be useful if somewhere is stated what average traffic monitoring would generate.