mirror of
https://github.com/hermanekt/Zabbix-ssl-certificate-check-with-grade.git
synced 2025-12-16 00:03:28 +00:00
477 lines
19 KiB
XML
477 lines
19 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<zabbix_export>
|
|
<version>2.0</version>
|
|
<date>2019-07-10T15:17:24Z</date>
|
|
<groups>
|
|
<group>
|
|
<name>HermanekTomas</name>
|
|
</group>
|
|
</groups>
|
|
<templates>
|
|
<template>
|
|
<template>SSL Certificates</template>
|
|
<name>SSL Certificates</name>
|
|
<groups>
|
|
<group>
|
|
<name>HermanekTomas</name>
|
|
</group>
|
|
</groups>
|
|
<applications>
|
|
<application>
|
|
<name>SSL Certificate</name>
|
|
</application>
|
|
<application>
|
|
<name>SSL Grade</name>
|
|
</application>
|
|
<application>
|
|
<name>SSL Service</name>
|
|
</application>
|
|
</applications>
|
|
<items>
|
|
<item>
|
|
<name>HTTPS Service is running</name>
|
|
<type>3</type>
|
|
<snmp_community/>
|
|
<multiplier>0</multiplier>
|
|
<snmp_oid/>
|
|
<key>net.tcp.service[https]</key>
|
|
<delay>60</delay>
|
|
<history>7</history>
|
|
<trends>90</trends>
|
|
<status>0</status>
|
|
<value_type>3</value_type>
|
|
<allowed_hosts/>
|
|
<units/>
|
|
<delta>0</delta>
|
|
<snmpv3_contextname/>
|
|
<snmpv3_securityname/>
|
|
<snmpv3_securitylevel>0</snmpv3_securitylevel>
|
|
<snmpv3_authprotocol>0</snmpv3_authprotocol>
|
|
<snmpv3_authpassphrase/>
|
|
<snmpv3_privprotocol>0</snmpv3_privprotocol>
|
|
<snmpv3_privpassphrase/>
|
|
<formula>1</formula>
|
|
<delay_flex/>
|
|
<params/>
|
|
<ipmi_sensor/>
|
|
<data_type>0</data_type>
|
|
<authtype>0</authtype>
|
|
<username/>
|
|
<password/>
|
|
<publickey/>
|
|
<privatekey/>
|
|
<port/>
|
|
<description/>
|
|
<inventory_link>0</inventory_link>
|
|
<applications>
|
|
<application>
|
|
<name>SSL Service</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>Service state</name>
|
|
</valuemap>
|
|
</item>
|
|
<item>
|
|
<name>SSL Certificate Grade</name>
|
|
<type>2</type>
|
|
<snmp_community/>
|
|
<multiplier>0</multiplier>
|
|
<snmp_oid/>
|
|
<key>ssllabs.certificate.grade</key>
|
|
<delay>0</delay>
|
|
<history>90</history>
|
|
<trends>0</trends>
|
|
<status>0</status>
|
|
<value_type>4</value_type>
|
|
<allowed_hosts/>
|
|
<units/>
|
|
<delta>0</delta>
|
|
<snmpv3_contextname/>
|
|
<snmpv3_securityname/>
|
|
<snmpv3_securitylevel>0</snmpv3_securitylevel>
|
|
<snmpv3_authprotocol>0</snmpv3_authprotocol>
|
|
<snmpv3_authpassphrase/>
|
|
<snmpv3_privprotocol>0</snmpv3_privprotocol>
|
|
<snmpv3_privpassphrase/>
|
|
<formula>1</formula>
|
|
<delay_flex/>
|
|
<params/>
|
|
<ipmi_sensor/>
|
|
<data_type>0</data_type>
|
|
<authtype>0</authtype>
|
|
<username/>
|
|
<password/>
|
|
<publickey/>
|
|
<privatekey/>
|
|
<port/>
|
|
<description/>
|
|
<inventory_link>0</inventory_link>
|
|
<applications>
|
|
<application>
|
|
<name>SSL Grade</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap/>
|
|
</item>
|
|
<item>
|
|
<name>SSL Certificate Grade background script</name>
|
|
<type>10</type>
|
|
<snmp_community/>
|
|
<multiplier>0</multiplier>
|
|
<snmp_oid/>
|
|
<key>ssllabs_checker_at.sh[{HOST.HOST}]</key>
|
|
<delay>43200</delay>
|
|
<history>0</history>
|
|
<trends>0</trends>
|
|
<status>0</status>
|
|
<value_type>4</value_type>
|
|
<allowed_hosts/>
|
|
<units/>
|
|
<delta>0</delta>
|
|
<snmpv3_contextname/>
|
|
<snmpv3_securityname/>
|
|
<snmpv3_securitylevel>0</snmpv3_securitylevel>
|
|
<snmpv3_authprotocol>0</snmpv3_authprotocol>
|
|
<snmpv3_authpassphrase/>
|
|
<snmpv3_privprotocol>0</snmpv3_privprotocol>
|
|
<snmpv3_privpassphrase/>
|
|
<formula>1</formula>
|
|
<delay_flex/>
|
|
<params/>
|
|
<ipmi_sensor/>
|
|
<data_type>0</data_type>
|
|
<authtype>0</authtype>
|
|
<username/>
|
|
<password/>
|
|
<publickey/>
|
|
<privatekey/>
|
|
<port/>
|
|
<description>This is how often is Certificate Graded</description>
|
|
<inventory_link>0</inventory_link>
|
|
<applications>
|
|
<application>
|
|
<name>SSL Grade</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap/>
|
|
</item>
|
|
<item>
|
|
<name>SSL certificate issuer</name>
|
|
<type>10</type>
|
|
<snmp_community/>
|
|
<multiplier>0</multiplier>
|
|
<snmp_oid/>
|
|
<key>zext_ssl_issuer.sh[{HOST.HOST},{$SSL_PORT},{HOST.HOST}]</key>
|
|
<delay>86400</delay>
|
|
<history>90</history>
|
|
<trends>0</trends>
|
|
<status>0</status>
|
|
<value_type>4</value_type>
|
|
<allowed_hosts/>
|
|
<units/>
|
|
<delta>0</delta>
|
|
<snmpv3_contextname/>
|
|
<snmpv3_securityname/>
|
|
<snmpv3_securitylevel>0</snmpv3_securitylevel>
|
|
<snmpv3_authprotocol>0</snmpv3_authprotocol>
|
|
<snmpv3_authpassphrase/>
|
|
<snmpv3_privprotocol>0</snmpv3_privprotocol>
|
|
<snmpv3_privpassphrase/>
|
|
<formula>1</formula>
|
|
<delay_flex/>
|
|
<params/>
|
|
<ipmi_sensor/>
|
|
<data_type>0</data_type>
|
|
<authtype>0</authtype>
|
|
<username/>
|
|
<password/>
|
|
<publickey/>
|
|
<privatekey/>
|
|
<port/>
|
|
<description/>
|
|
<inventory_link>0</inventory_link>
|
|
<applications>
|
|
<application>
|
|
<name>SSL Certificate</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap/>
|
|
</item>
|
|
<item>
|
|
<name>SSL certificate validity</name>
|
|
<type>10</type>
|
|
<snmp_community/>
|
|
<multiplier>0</multiplier>
|
|
<snmp_oid/>
|
|
<key>zext_ssl_expiry.sh[{HOST.HOST},{$SSL_PORT},{HOST.HOST}]</key>
|
|
<delay>3600</delay>
|
|
<history>7</history>
|
|
<trends>90</trends>
|
|
<status>0</status>
|
|
<value_type>0</value_type>
|
|
<allowed_hosts/>
|
|
<units>days</units>
|
|
<delta>0</delta>
|
|
<snmpv3_contextname/>
|
|
<snmpv3_securityname/>
|
|
<snmpv3_securitylevel>0</snmpv3_securitylevel>
|
|
<snmpv3_authprotocol>0</snmpv3_authprotocol>
|
|
<snmpv3_authpassphrase/>
|
|
<snmpv3_privprotocol>0</snmpv3_privprotocol>
|
|
<snmpv3_privpassphrase/>
|
|
<formula>1</formula>
|
|
<delay_flex/>
|
|
<params/>
|
|
<ipmi_sensor/>
|
|
<data_type>0</data_type>
|
|
<authtype>0</authtype>
|
|
<username/>
|
|
<password/>
|
|
<publickey/>
|
|
<privatekey/>
|
|
<port/>
|
|
<description/>
|
|
<inventory_link>0</inventory_link>
|
|
<applications>
|
|
<application>
|
|
<name>SSL Certificate</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap/>
|
|
</item>
|
|
</items>
|
|
<discovery_rules/>
|
|
<macros>
|
|
<macro>
|
|
<macro>{$SSL_EXPIRY_AVG}</macro>
|
|
<value>15</value>
|
|
</macro>
|
|
<macro>
|
|
<macro>{$SSL_EXPIRY_HIGH}</macro>
|
|
<value>7</value>
|
|
</macro>
|
|
<macro>
|
|
<macro>{$SSL_EXPIRY_INFO}</macro>
|
|
<value>60</value>
|
|
</macro>
|
|
<macro>
|
|
<macro>{$SSL_EXPIRY_NOTCLASSIFIED}</macro>
|
|
<value>90</value>
|
|
</macro>
|
|
<macro>
|
|
<macro>{$SSL_EXPIRY_WARN}</macro>
|
|
<value>30</value>
|
|
</macro>
|
|
<macro>
|
|
<macro>{$SSL_PORT}</macro>
|
|
<value>443</value>
|
|
</macro>
|
|
</macros>
|
|
<templates/>
|
|
<screens/>
|
|
</template>
|
|
</templates>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{SSL Certificates:ssllabs.certificate.grade.str(A)}=1</expression>
|
|
<name>Certificate {HOST.HOST} grade is A</name>
|
|
<url/>
|
|
<status>1</status>
|
|
<priority>1</priority>
|
|
<description/>
|
|
<type>0</type>
|
|
<dependencies/>
|
|
</trigger>
|
|
<trigger>
|
|
<expression>{SSL Certificates:ssllabs.certificate.grade.str(A+)}=1</expression>
|
|
<name>Certificate {HOST.HOST} grade is A+</name>
|
|
<url/>
|
|
<status>1</status>
|
|
<priority>1</priority>
|
|
<description/>
|
|
<type>0</type>
|
|
<dependencies/>
|
|
</trigger>
|
|
<trigger>
|
|
<expression>{SSL Certificates:ssllabs.certificate.grade.str(B)}=1</expression>
|
|
<name>Certificate {HOST.HOST} grade is B</name>
|
|
<url/>
|
|
<status>0</status>
|
|
<priority>2</priority>
|
|
<description/>
|
|
<type>0</type>
|
|
<dependencies/>
|
|
</trigger>
|
|
<trigger>
|
|
<expression>{SSL Certificates:ssllabs.certificate.grade.str(C)}=1</expression>
|
|
<name>Certificate {HOST.HOST} grade is C</name>
|
|
<url/>
|
|
<status>0</status>
|
|
<priority>2</priority>
|
|
<description/>
|
|
<type>0</type>
|
|
<dependencies/>
|
|
</trigger>
|
|
<trigger>
|
|
<expression>{SSL Certificates:ssllabs.certificate.grade.str(D)}=1</expression>
|
|
<name>Certificate {HOST.HOST} grade is D</name>
|
|
<url/>
|
|
<status>0</status>
|
|
<priority>3</priority>
|
|
<description/>
|
|
<type>0</type>
|
|
<dependencies/>
|
|
</trigger>
|
|
<trigger>
|
|
<expression>{SSL Certificates:ssllabs.certificate.grade.str(F)}=1</expression>
|
|
<name>Certificate {HOST.HOST} grade is F</name>
|
|
<url/>
|
|
<status>0</status>
|
|
<priority>4</priority>
|
|
<description/>
|
|
<type>0</type>
|
|
<dependencies/>
|
|
</trigger>
|
|
<trigger>
|
|
<expression>{SSL Certificates:zext_ssl_issuer.sh[{HOST.HOST},{$SSL_PORT},{HOST.HOST}].change()}>0</expression>
|
|
<name>Change in SSL Certificate Issuer</name>
|
|
<url>https://{$SSL_HOST}:{$SSL_PORT}</url>
|
|
<status>0</status>
|
|
<priority>1</priority>
|
|
<description/>
|
|
<type>0</type>
|
|
<dependencies/>
|
|
</trigger>
|
|
<trigger>
|
|
<expression>{SSL Certificates:net.tcp.service[https].max(5m)}<1</expression>
|
|
<name>HTTPS Service is Down</name>
|
|
<url/>
|
|
<status>0</status>
|
|
<priority>2</priority>
|
|
<description/>
|
|
<type>0</type>
|
|
<dependencies/>
|
|
</trigger>
|
|
<trigger>
|
|
<expression>{SSL Certificates:zext_ssl_expiry.sh[{HOST.HOST},{$SSL_PORT},{HOST.HOST}].last(0)}<0</expression>
|
|
<name>SSL certificate on {HOST.HOST} expired</name>
|
|
<url/>
|
|
<status>0</status>
|
|
<priority>5</priority>
|
|
<description/>
|
|
<type>0</type>
|
|
<dependencies/>
|
|
</trigger>
|
|
<trigger>
|
|
<expression>{SSL Certificates:zext_ssl_expiry.sh[{HOST.HOST},{$SSL_PORT},{HOST.HOST}].last(5)}<{$SSL_EXPIRY_AVG}</expression>
|
|
<name>SSL certificate on {HOST.HOST} expires in less than {$SSL_EXPIRY_AVG} days ({ITEM.VALUE} days remaining)</name>
|
|
<url/>
|
|
<status>0</status>
|
|
<priority>3</priority>
|
|
<description/>
|
|
<type>0</type>
|
|
<dependencies>
|
|
<dependency>
|
|
<name>SSL certificate on {HOST.HOST} expires in less than {$SSL_EXPIRY_HIGH} days ({ITEM.VALUE} days remaining)</name>
|
|
<expression>{SSL Certificates:zext_ssl_expiry.sh[{HOST.HOST},{$SSL_PORT},{HOST.HOST}].last(5)}<{$SSL_EXPIRY_HIGH}</expression>
|
|
</dependency>
|
|
</dependencies>
|
|
</trigger>
|
|
<trigger>
|
|
<expression>{SSL Certificates:zext_ssl_expiry.sh[{HOST.HOST},{$SSL_PORT},{HOST.HOST}].last(5)}<{$SSL_EXPIRY_HIGH}</expression>
|
|
<name>SSL certificate on {HOST.HOST} expires in less than {$SSL_EXPIRY_HIGH} days ({ITEM.VALUE} days remaining)</name>
|
|
<url/>
|
|
<status>0</status>
|
|
<priority>4</priority>
|
|
<description/>
|
|
<type>0</type>
|
|
<dependencies>
|
|
<dependency>
|
|
<name>SSL certificate on {HOST.HOST} expired</name>
|
|
<expression>{SSL Certificates:zext_ssl_expiry.sh[{HOST.HOST},{$SSL_PORT},{HOST.HOST}].last(0)}<0</expression>
|
|
</dependency>
|
|
</dependencies>
|
|
</trigger>
|
|
<trigger>
|
|
<expression>{SSL Certificates:zext_ssl_expiry.sh[{HOST.HOST},{$SSL_PORT},{HOST.HOST}].last(5)}<{$SSL_EXPIRY_INFO}</expression>
|
|
<name>SSL certificate on {HOST.HOST} expires in less than {$SSL_EXPIRY_INFO} days ({ITEM.VALUE} days remaining)</name>
|
|
<url/>
|
|
<status>0</status>
|
|
<priority>1</priority>
|
|
<description/>
|
|
<type>0</type>
|
|
<dependencies>
|
|
<dependency>
|
|
<name>SSL certificate on {HOST.HOST} expires in less than {$SSL_EXPIRY_WARN} days ({ITEM.VALUE} days remaining)</name>
|
|
<expression>{SSL Certificates:zext_ssl_expiry.sh[{HOST.HOST},{$SSL_PORT},{HOST.HOST}].last(5)}<{$SSL_EXPIRY_WARN}</expression>
|
|
</dependency>
|
|
</dependencies>
|
|
</trigger>
|
|
<trigger>
|
|
<expression>{SSL Certificates:zext_ssl_expiry.sh[{HOST.HOST},{$SSL_PORT},{HOST.HOST}].last(5)}<{$SSL_EXPIRY_NOTCLASSIFIED}</expression>
|
|
<name>SSL certificate on {HOST.HOST} expires in less than {$SSL_EXPIRY_NOTCLASSIFIED} days ({ITEM.VALUE} days remaining)</name>
|
|
<url/>
|
|
<status>0</status>
|
|
<priority>0</priority>
|
|
<description/>
|
|
<type>0</type>
|
|
<dependencies>
|
|
<dependency>
|
|
<name>SSL certificate on {HOST.HOST} expires in less than {$SSL_EXPIRY_INFO} days ({ITEM.VALUE} days remaining)</name>
|
|
<expression>{SSL Certificates:zext_ssl_expiry.sh[{HOST.HOST},{$SSL_PORT},{HOST.HOST}].last(5)}<{$SSL_EXPIRY_INFO}</expression>
|
|
</dependency>
|
|
</dependencies>
|
|
</trigger>
|
|
<trigger>
|
|
<expression>{SSL Certificates:zext_ssl_expiry.sh[{HOST.HOST},{$SSL_PORT},{HOST.HOST}].last(5)}<{$SSL_EXPIRY_WARN}</expression>
|
|
<name>SSL certificate on {HOST.HOST} expires in less than {$SSL_EXPIRY_WARN} days ({ITEM.VALUE} days remaining)</name>
|
|
<url/>
|
|
<status>0</status>
|
|
<priority>2</priority>
|
|
<description/>
|
|
<type>0</type>
|
|
<dependencies>
|
|
<dependency>
|
|
<name>SSL certificate on {HOST.HOST} expires in less than {$SSL_EXPIRY_AVG} days ({ITEM.VALUE} days remaining)</name>
|
|
<expression>{SSL Certificates:zext_ssl_expiry.sh[{HOST.HOST},{$SSL_PORT},{HOST.HOST}].last(5)}<{$SSL_EXPIRY_AVG}</expression>
|
|
</dependency>
|
|
</dependencies>
|
|
</trigger>
|
|
</triggers>
|
|
<graphs>
|
|
<graph>
|
|
<name>SSL Certificate valid days</name>
|
|
<width>900</width>
|
|
<height>200</height>
|
|
<yaxismin>0.0000</yaxismin>
|
|
<yaxismax>100.0000</yaxismax>
|
|
<show_work_period>1</show_work_period>
|
|
<show_triggers>1</show_triggers>
|
|
<type>0</type>
|
|
<show_legend>1</show_legend>
|
|
<show_3d>0</show_3d>
|
|
<percent_left>0.0000</percent_left>
|
|
<percent_right>0.0000</percent_right>
|
|
<ymin_type_1>0</ymin_type_1>
|
|
<ymax_type_1>0</ymax_type_1>
|
|
<ymin_item_1>0</ymin_item_1>
|
|
<ymax_item_1>0</ymax_item_1>
|
|
<graph_items>
|
|
<graph_item>
|
|
<sortorder>0</sortorder>
|
|
<drawtype>0</drawtype>
|
|
<color>BB00BB</color>
|
|
<yaxisside>0</yaxisside>
|
|
<calc_fnc>2</calc_fnc>
|
|
<type>0</type>
|
|
<item>
|
|
<host>SSL Certificates</host>
|
|
<key>zext_ssl_expiry.sh[{HOST.HOST},{$SSL_PORT},{HOST.HOST}]</key>
|
|
</item>
|
|
</graph_item>
|
|
</graph_items>
|
|
</graph>
|
|
</graphs>
|
|
</zabbix_export>
|