Giter Club home page Giter Club logo

cert-checks's Introduction

sensu

Build Status Gem Version MIT Licensed Join the chat at https://slack.sensu.io/

โš ๏ธ ANNOUNCEMENT - Sensu 1.x has reached End-Of-Life (December 31st, 2019)

The Sensu 1.x project reached end-of-life on December 31st, 2019. The existing package repositories became unreachable on January 6th, 2020. Please see our blog post for more details: https://blog.sensu.io/announcing-the-sensu-archives

Sensu 1.x has been superseded by Sensu Go.

As always, we want to hear from the Community and please reach out on Slack or Discourse if you have any questions or concerns.

Sensu

A simple, malleable, and scalable framework for composing the monitoring system you need.

Sensu is offered in two flavors:

  • Sensu Core - this open source project
  • Sensu Enterprise - a full-featured commercial implementation, built on Sensu Core

Installation

Sensu supports a number of Unix-like platforms, as well as Windows. Please see the list of supported platforms for installation instructions.

Documentation

Please refer to the online documentation for details on configuring and operating Sensu.

Getting Help

If you have questions not covered by the documentation, the Sensu community is here to help. Please check out our chat on Slack, or the sensu-users discussion list.

Commercial support is also available. See the support section of our website for more detail.

Contributing

Please observe these guidelines on contributing.

License

Sensu Core is released under the MIT license.

cert-checks's People

Contributors

c-kruse avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

isabella232 elfranne luis-sousa-pinto

cert-checks's Issues

Initial Implementation

Bootstrap a Golang replacement for the community developed sensu-plugins/sensu-plugins-ssl project, with support for reading certificate data from an endpoint (e.g. HTTP) or directly from a file.

Initial goals for this integration are to validate x.509 certificates only, and not SSL/TLS protocol server implementations (e.g. which protocols and ciphers does a server support) which is out of scope at this time. For reference as to how broad that scope can become, please see: https://github.com/drwetter/testssl.sh (download and run ./testssl.sh --quiet sensu.io).

References

Configuration

  • --host host to check (e.g. sensu.io)
  • --port port to check (e.g. 443)
  • --pem-file path to local .pem file (e.g. /opt/app/cert/certificate.pem)

Configuration Validation

  • Check --host and --port are configured -OR- --pem-file is configured

Metrics

All metrics should be output in Prometheus format.

  • cert_days_left gauge-style metric measuring the number of days until certificate expiry as a float. Expired certificates should produce a negative number.
  • cert_seconds_left gauge-style metric measuring the number of seconds until certificate expiry, as a int. Expired certificates should produce a negative number.
  • cert_issued_days counter-style metric measuring the total number of days the certificate is issued for, as a float.
  • cert_issued_seconds counter-style metric measuring the total number of seconds the certificate is issued for, as a int.

Metric Tags

  • None

Health Checks

  • n/a (pending support for built-in output_metric_thresholds support in the Sensu Go agent.

Catalog Templates

  • TBD

TODO

TBD:

  • TBD what protocols are supported? Should this work with any TCP endpoint, or HTTP only? Note that Datadog TLS integration only supports TCP, whereas the Telegraf integration supports TCP, UDP, HTTP, and PEM files.
  • Should this plugin support checking of local certificate files (since the agent is already running on the host)? Yes
  • Are other certificates other than x509 supported? No

Out of scope:

  • Create an issue to add support for checking SANs (Subject Alternate Names)
  • Create an issue to report TLS protocol version information as a metric, for use w/ output_metric_thresholds
  • Create an issue to add support for reading PKCS#12 certificate files (including password)
  • Create an issue to add support for mTLS

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.