Closed GuillaumeHullin closed 2 years ago
Hi, to me the logic is ok, but instead of monitoring every single certificate I would do an overall check: item: cert_status (0=OK,1=WARNING,2=AVERAGE,3=CRITICAL)
Triggers: Info: "One or More Certificates have been renewed in the past 24h" Warning: "One or More Certificates are expiring less than 10 days" Average: "One or More Certificates are expiring less than 48 hours" High: "One or More Certificates are expired"
In this way the number of monitored items will stay low.
From admin perspective I would like to be notified if certificate(s) on pfsense need attention, no matter which one: in any case the fix would require a manual intervention (renewing the cert via web GUI).
@rbicelli I agree, it makes more sense. I'll work on that and propose a pull request when it works.
@rbicelli ok I'm sorry in advance for my stupid question and it's kinda unrelated to this issue... but could you point me to some good ressources where I could learn how to properly do a pull request to your repo... the code for the issue is ready and it's working :) I did on my fork but now I want to pull my changes from my fork to your repo... but I don't want to pull all the changes I did (because some are very specific to my Zabbix server organization)
Hello, I think if you are submitting a PR from your fork you will also submit the modifications you did for your specific organization.
I think the right path for doing things right should:
Please note that altough I use git on daily basis I'm a basic user, so I may missing some points.
Hello, I think if you are submitting a PR from your fork you will also submit the modifications you did for your specific organization.
I think the right path for doing things right should:
- Fork my repo
- Create new branch for your org (e.g. my_org)
- Create new branch from master (e.g. feature_cert_monitor)
- Work and commit in the feature branch
- Submit the PR from your feature branch to my repo
- Merge the feature branch with my_org branch
Please note that altough I use git on daily basis I'm a basic user, so I may missing some points.
Thanks for the advices :) I just made a pull request now with all modifications that might interest your repo.
Hi, I would like to add the monitoring of the certificates stored in Certificate Manager. Specifically I would like to have the following trigger in Zabbix: Info: "Certificate XXX has been renewed in the past 24h" Warning: "Certificate XXX is expiring less than 10 days" Average: "Certificate XXX is expiring less than 48 hours" High: "Certificate XXX is expired"
So far I made this code to pull all the data needed (via pfSense Diagnostics > Command Prompt):
I'm thinking to use refid as index in Zabbix discovery. The items validFrom and validTo would be the only data to be pulled as items...
I will attempt to make the code for pfsense_zbx.php soon... anything I'm missing in the logic before I start?