centreon-plugins/apps/protocols/x509/mode/certificate.pm

135 lines
4.3 KiB
Perl

#
# Copyright 2021 Centreon (http://www.centreon.com/)
#
# Centreon is a full-fledged industry-strength solution that meets
# the needs in IT infrastructure and application monitoring for
# service performance.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
package apps::protocols::x509::mode::certificate;
use base qw(centreon::plugins::templates::counter);
use strict;
use warnings;
use centreon::plugins::templates::catalog_functions qw(catalog_status_threshold_ng);
sub custom_status_output {
my ($self, %options) = @_;
my $msg = sprintf(
"Certificate for '%s' expires in '%d' days [%s] - Issuer: '%s'",
$self->{result_values}->{subject}, $self->{result_values}->{expiration}, $self->{result_values}->{date},
$self->{result_values}->{issuer}
);
if (defined($self->{result_values}->{alt_subjects}) && $self->{result_values}->{alt_subjects} ne '') {
$self->{output}->output_add(long_msg => sprintf("Alternative subject names: %s.", $self->{result_values}->{alt_subjects}));
}
return $msg;
}
sub custom_status_calc {
my ($self, %options) = @_;
$self->{result_values}->{subject} = $options{new_datas}->{$self->{instance} . '_subject'};
$self->{result_values}->{issuer} = $options{new_datas}->{$self->{instance} . '_issuer'};
$self->{result_values}->{expiration} = ($options{new_datas}->{$self->{instance} . '_expiration'} - time()) / 86400;
$self->{result_values}->{date} = $options{new_datas}->{$self->{instance} . '_date'};
$self->{result_values}->{alt_subjects} = $options{new_datas}->{$self->{instance} . '_alt_subjects'};
return 0;
}
sub set_counters {
my ($self, %options) = @_;
$self->{maps_counters_type} = [
{ name => 'global', type => 0 }
];
$self->{maps_counters}->{global} = [
{
label => 'status', type => 2,
warning_default => '%{expiration} < 60',
critical_default => '%{expiration} < 30',
set => {
key_values => [
{ name => 'subject' }, { name => 'issuer' },
{ name => 'expiration' }, { name => 'date' },
{ name => 'alt_subjects' }
],
closure_custom_calc => $self->can('custom_status_calc'),
closure_custom_output => $self->can('custom_status_output'),
closure_custom_perfdata => sub { return 0; },
closure_custom_threshold_check => \&catalog_status_threshold_ng
}
}
];
}
sub new {
my ($class, %options) = @_;
my $self = $class->SUPER::new(package => __PACKAGE__, %options);
bless $self, $class;
$options{options}->add_options(arguments => {
});
return $self;
}
sub manage_selection {
my ($self, %options) = @_;
my $cert = $options{custom}->get_certificate_informations();
$self->{global} = {
subject => defined($cert->{subject}) ? $cert->{subject} : '-',
issuer => defined($cert->{issuer}) ? $cert->{issuer} : '-',
expiration => $cert->{expiration},
date => $cert->{expiration_date},
alt_subjects => $cert->{alt_subjects}
};
}
1;
__END__
=head1 MODE
Check X509's certificate validity (for SMTPS, POPS, IMAPS, HTTPS)
=over 8
=item B<--warning-status>
Set warning threshold for status. (Default: '%{expiration} < 60').
Can use special variables like: %{expiration}, %{subject}, %{issuer}, %{alt_subjects}.
=item B<--critical-status>
Set critical threshold for status. (Default: '%{expiration} < 30').
Can use special variables like: %{expiration}, %{subject}, %{issuer}, %{alt_subjects}.
Examples :
Raise a critical alarm if certificate expires in less than 30
days or does not cover alternative name 'my.app.com'
--critical-status='%{expiration} < 30 || %{alt_subjects} !~ /my.app.com/'
=back
=cut