135 lines
4.3 KiB
Perl
135 lines
4.3 KiB
Perl
#
|
|
# Copyright 2021 Centreon (http://www.centreon.com/)
|
|
#
|
|
# Centreon is a full-fledged industry-strength solution that meets
|
|
# the needs in IT infrastructure and application monitoring for
|
|
# service performance.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
#
|
|
|
|
package apps::protocols::x509::mode::certificate;
|
|
|
|
use base qw(centreon::plugins::templates::counter);
|
|
|
|
use strict;
|
|
use warnings;
|
|
use centreon::plugins::templates::catalog_functions qw(catalog_status_threshold_ng);
|
|
|
|
sub custom_status_output {
|
|
my ($self, %options) = @_;
|
|
|
|
my $msg = sprintf(
|
|
"Certificate for '%s' expires in '%d' days [%s] - Issuer: '%s'",
|
|
$self->{result_values}->{subject}, $self->{result_values}->{expiration}, $self->{result_values}->{date},
|
|
$self->{result_values}->{issuer}
|
|
);
|
|
if (defined($self->{result_values}->{alt_subjects}) && $self->{result_values}->{alt_subjects} ne '') {
|
|
$self->{output}->output_add(long_msg => sprintf("Alternative subject names: %s.", $self->{result_values}->{alt_subjects}));
|
|
}
|
|
return $msg;
|
|
}
|
|
|
|
sub custom_status_calc {
|
|
my ($self, %options) = @_;
|
|
|
|
$self->{result_values}->{subject} = $options{new_datas}->{$self->{instance} . '_subject'};
|
|
$self->{result_values}->{issuer} = $options{new_datas}->{$self->{instance} . '_issuer'};
|
|
$self->{result_values}->{expiration} = ($options{new_datas}->{$self->{instance} . '_expiration'} - time()) / 86400;
|
|
$self->{result_values}->{date} = $options{new_datas}->{$self->{instance} . '_date'};
|
|
$self->{result_values}->{alt_subjects} = $options{new_datas}->{$self->{instance} . '_alt_subjects'};
|
|
return 0;
|
|
}
|
|
|
|
sub set_counters {
|
|
my ($self, %options) = @_;
|
|
|
|
$self->{maps_counters_type} = [
|
|
{ name => 'global', type => 0 }
|
|
];
|
|
|
|
$self->{maps_counters}->{global} = [
|
|
{
|
|
label => 'status', type => 2,
|
|
warning_default => '%{expiration} < 60',
|
|
critical_default => '%{expiration} < 30',
|
|
set => {
|
|
key_values => [
|
|
{ name => 'subject' }, { name => 'issuer' },
|
|
{ name => 'expiration' }, { name => 'date' },
|
|
{ name => 'alt_subjects' }
|
|
],
|
|
closure_custom_calc => $self->can('custom_status_calc'),
|
|
closure_custom_output => $self->can('custom_status_output'),
|
|
closure_custom_perfdata => sub { return 0; },
|
|
closure_custom_threshold_check => \&catalog_status_threshold_ng
|
|
}
|
|
}
|
|
];
|
|
}
|
|
|
|
sub new {
|
|
my ($class, %options) = @_;
|
|
my $self = $class->SUPER::new(package => __PACKAGE__, %options);
|
|
bless $self, $class;
|
|
|
|
$options{options}->add_options(arguments => {
|
|
});
|
|
|
|
return $self;
|
|
}
|
|
|
|
sub manage_selection {
|
|
my ($self, %options) = @_;
|
|
|
|
my $cert = $options{custom}->get_certificate_informations();
|
|
|
|
$self->{global} = {
|
|
subject => defined($cert->{subject}) ? $cert->{subject} : '-',
|
|
issuer => defined($cert->{issuer}) ? $cert->{issuer} : '-',
|
|
expiration => $cert->{expiration},
|
|
date => $cert->{expiration_date},
|
|
alt_subjects => $cert->{alt_subjects}
|
|
};
|
|
}
|
|
|
|
1;
|
|
|
|
__END__
|
|
|
|
=head1 MODE
|
|
|
|
Check X509's certificate validity (for SMTPS, POPS, IMAPS, HTTPS)
|
|
|
|
=over 8
|
|
|
|
=item B<--warning-status>
|
|
|
|
Set warning threshold for status. (Default: '%{expiration} < 60').
|
|
Can use special variables like: %{expiration}, %{subject}, %{issuer}, %{alt_subjects}.
|
|
|
|
=item B<--critical-status>
|
|
|
|
Set critical threshold for status. (Default: '%{expiration} < 30').
|
|
Can use special variables like: %{expiration}, %{subject}, %{issuer}, %{alt_subjects}.
|
|
|
|
Examples :
|
|
|
|
Raise a critical alarm if certificate expires in less than 30
|
|
days or does not cover alternative name 'my.app.com'
|
|
--critical-status='%{expiration} < 30 || %{alt_subjects} !~ /my.app.com/'
|
|
|
|
=back
|
|
|
|
=cut
|