Press "Enter" to skip to content

Zabbix监控SSL证书有效期

主机环境:
[root@test ~]# lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch
Distributor ID: CentOS
Description: CentOS Linux release 7.4.1708 (Core)
Release: 7.4.1708
Codename: Core
[root@test ~]# uname -a
Linux test 3.10.0-693.2.2.el7.x86_64 #1 SMP Tue Sep 12 22:26:13 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

使用说明:
脚本下载地址:
Linux kernel 3.x x86_64: https://dl.cactifans.com/zabbix/zabbix_sslooker.kernel_3.10.0.x86_64.tar.gz
Linux kernel 2.x x86_64:https://dl.cactifans.com/zabbix/zabbix_sslooker.kernel_2.6.32.x86_64.tar.gz
Windows AMD64:https://dl.cactifans.com/zabbix/zabbix_sslooker.windows-amd64.zip

注意事项:
1.获取证书有效期为小时
2.自签发证书暂不支持检测

具体步骤:
Zabbix Agent配置:下载对应的脚本到安装了zabbix_agentd并可以访问到检测证书网站的机器.

[root@test ~]# cd /home/
[root@test home]# wget https://dl.cactifans.com/zabbix/zabbix_sslooker.kernel_3.10.0.x86_64.tar.gz
--2018-05-16 15:12:30-- https://dl.cactifans.com/zabbix/zabbix_sslooker.kernel_3.10.0.x86_64.tar.gz
Resolving dl.cactifans.com (dl.cactifans.com)... 222.186.135.67
Connecting to dl.cactifans.com (dl.cactifans.com)|222.186.135.67|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1139078 (1.1M) [application/octet-stream]
Saving to: ‘zabbix_sslooker.kernel_3.10.0.x86_64.tar.gz’

100%[=============================================================================================================================================================================>] 1,139,078 815KB/s in 1.4s

2018-05-16 15:12:32 (815 KB/s) - ‘zabbix_sslooker.kernel_3.10.0.x86_64.tar.gz’ saved [1139078/1139078]
[root@test home]# tar -zxvf zabbix_sslooker.kernel_3.10.0.x86_64.tar.gz
解压得到sslooker这个文件.
脚本使用方法:
[root@test home]# ./sslooker www.tracymc.cn 443 //第一个参数为域名,第二个为https端口号
7179
修改zabbix_agentd配置:
修改zabbix_agentd的配置文件zabbix_agentd.conf,增加如下内容:
UserParameter=sslcheck[*],/home/sslooker $1 $2
sslcheck为zabbix的键值,/home/sslooker为上面解压得到的文件.
添加之后,重启zabbix_agentd服务.
zabbix_get测试能否获取键值:
[root@test home]#zabbix_get -s 1.2.3.4 -k sslcheck[www.tracymc.cn,443]
7179
能获取到值,说明安装成功.

配置zabbix server:
新建监控项,如下图.也可以直接新建模板,方便以后直接添加.

监控项配置完,在配置相关触发器.
最后检测有无数据即可.

Read more posts about 监控

Be First to Comment

发表回复

您的电子邮箱地址不会被公开。 必填项已用*标注