x509check

package

v0.52.2 Latest Latest Go to latest Published: Apr 19, 2023 License: GPL-3.0 Imports: 15 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/netdata/go.d.plugin

Links

Open Source Insights

README ¶

x509 certificate collector

This module checks the time until a x509 certificate expiration and its revocation status.

Metrics

All metrics have "x509." prefix.

Labels per scope:

global: source.

Metric	Scope	Dimensions	Units
time_until_expiration	global	expiry	seconds
revocation_status	global	revoked	boolean

Configuration

Edit the go.d/x509check.conf configuration file using edit-config from the Netdata config directory, which is typically at /etc/netdata.

cd /etc/netdata # Replace this path with your Netdata config directory
sudo ./edit-config go.d/x509check.conf

Needs only source.

Use smtp scheme for smtp servers, file for files and https or tcp for others. Port is mandatory for all non-file schemes.

Here is an example for 3 sources:

update_every: 60

jobs:
  - name: my_site_cert
    source: https://my_site.org:443

  - name: my_file_cert
    source: file:///home/me/cert.pem

  - name: my_smtp_cert
    source: smtp://smtp.my_mail.org:587

For all available options and defaults please see module configuration file.

Revocation status

Revocation status check is disabled by default. To enable it set check_revocation_status to yes.

jobs:
  - name: my_site_cert
    source: https://my_site.org:443
    check_revocation_status: yes

Troubleshooting

To troubleshoot issues with the x509check collector, run the go.d.plugin with the debug option enabled. The output should give you clues as to why the collector isn't working.

Navigate to the plugins.d directory, usually at /usr/libexec/netdata/plugins.d/. If that's not the case on your system, open netdata.conf and look for the plugins setting under [directories].
```
cd /usr/libexec/netdata/plugins.d/
```
Switch to the netdata user.
```
sudo -u netdata -s
```
Run the go.d.plugin to debug the collector:
```
./go.d.plugin -d -m x509check
```

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	Source            string
	Timeout           web.Duration
	tlscfg.TLSConfig  `yaml:",inline"`
	DaysUntilWarn     int64 `yaml:"days_until_expiration_warning"`
	DaysUntilCritical int64 `yaml:"days_until_expiration_critical"`
	CheckRevocation   bool  `yaml:"check_revocation_status"`
}

type X509Check ¶

type X509Check struct {
	module.Base
	Config `yaml:",inline"`
	// contains filtered or unexported fields
}

func New ¶

func New() *X509Check

func (*X509Check) Charts ¶

func (x *X509Check) Charts() *module.Charts

func (*X509Check) Check ¶

func (x *X509Check) Check() bool

func (*X509Check) Cleanup ¶

func (x *X509Check) Cleanup()

func (*X509Check) Collect ¶

func (x *X509Check) Collect() map[string]int64

func (*X509Check) Init ¶

func (x *X509Check) Init() bool

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL