mirror of
https://github.com/munin-monitoring/contrib.git
synced 2018-11-08 00:59:34 +01:00
76 lines
1.8 KiB
Plaintext
76 lines
1.8 KiB
Plaintext
|
#!/bin/bash
|
||
|
# -*- sh -*-
|
||
|
|
||
|
: << =cut
|
||
|
|
||
|
=head1 NAME
|
||
|
|
||
|
multi_ssl - Plugin to monitor CERTificate expiration on multiple services and ports
|
||
|
|
||
|
=head1 CONFIGURATION
|
||
|
|
||
|
[multi_ssl_*]
|
||
|
env.services www.service.tld blah.example.net_PORT
|
||
|
|
||
|
To set warning and critical levels do like this:
|
||
|
|
||
|
[multi_ssl]
|
||
|
env.services ...
|
||
|
env.warning 30:
|
||
|
|
||
|
=head1 AUTHOR
|
||
|
|
||
|
Pactrick Domack (ssl_)
|
||
|
Olivier Mehani (multi_ssl)
|
||
|
|
||
|
Copyright (C) 2013 Patrick Domack <patrickdk@patrickdk.com>
|
||
|
Copyright (C) 2017 Olivier Mehani <shtrom+munin@ssji.net>
|
||
|
|
||
|
=head1 LICENSE
|
||
|
|
||
|
=cut
|
||
|
|
||
|
. "${MUNIN_LIBDIR}/plugins/plugin.sh"
|
||
|
|
||
|
if [ "${MUNIN_DEBUG}" = 1 ]; then
|
||
|
set -x
|
||
|
fi
|
||
|
|
||
|
case $1 in
|
||
|
config)
|
||
|
|
||
|
echo "graph_title SSL Certificates Expiration"
|
||
|
echo 'graph_args --base 1000'
|
||
|
echo 'graph_vlabel days left'
|
||
|
echo 'graph_category security'
|
||
|
echo "graph_info This graph shows the days left for the certificate"
|
||
|
for service in $services; do
|
||
|
fieldname=$(clean_fieldname "$service")
|
||
|
echo "${fieldname}.label ${service/_/:}"
|
||
|
print_thresholds ${fieldname}
|
||
|
done
|
||
|
|
||
|
exit 0
|
||
|
;;
|
||
|
esac
|
||
|
|
||
|
function get_expire()
|
||
|
{
|
||
|
SITE="${1/_*/}"
|
||
|
PORT="${1##*_}"
|
||
|
VAR="$(clean_fieldname "$1")"
|
||
|
if [ "$PORT" = "$SITE" ]; then
|
||
|
PORT=443
|
||
|
fi
|
||
|
|
||
|
CERT=$(echo "" | openssl s_client -CApath /etc/ssl/certs -servername "${SITE}" -connect "${SITE}:${PORT}" 2>/dev/null);
|
||
|
|
||
|
if [[ "${CERT}" = *"-----BEGIN CERTIFICATE-----"* ]]; then
|
||
|
echo "${CERT}" | openssl x509 -noout -enddate | awk -F= 'BEGIN { split("Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec", month, " "); for (i=1; i<=12; i++) mdigit[month[i]] = i; } /notAfter/ { split($0,a,"="); split(a[2],b," "); split(b[3],time,":"); datetime=b[4] " " mdigit[b[1]] " " b[2] " " time[1] " " time[2] " " time[3]; days=(mktime(datetime)-systime())/86400; print "VAR.value " days; }' | sed "s/VAR/${VAR}/g"
|
||
|
fi
|
||
|
}
|
||
|
|
||
|
for service in $services; do
|
||
|
get_expire "$service"
|
||
|
done
|