Hi all,
For each website we host, we have a SSL Certificate Sensor. Currently it scans every 12 hours, where the two most important pieces of information are:
- Compare and show down status if common name (CN)/alternative names (SAN) and address/SNI do not match
- Days to expiration
,
For push notifications we have two schedules:
- day (allows all sensor notifications)
- night (allows only specific notifications)
,
What I want to do with this sensor is split it in two as it be. My wish would be to:
- Compare the CN/SAN with SNI every 3 minutes and repeat every 5 minutes. This status must be allowed to wake me at night with Night schedule)
- Days to expiration can scan every 12 hours (or just once a day) and repeat every 5 minutes. This status (!)cannot(!) be allowed to wake me at night.
,
So far I haven't found any way to effectuate this. The only alternative I can think of is to configure two seperate sensors per website.
Any help would be most appreciated.
Sincerely,
Jelle
Article Comments
Hi Florian,
thanks for your reply! I've been playing with the settings of State triggers and Threshold triggers, the Common Name Check with the setting "not equal to 0" is a nice one, so thanks for that.
The only 'but' is that the Threshold value only applies once, whereas the State trigger can repeat every X minutes. If this is possible as well, that'd make me very happy :)
Regards.
Feb, 2021 - Permalink
Thank you for you feedback.
You are right regarding the Threshold trigger, it only triggers a template once without any possibility to execute it again. I'm afraid that I do not have a solution for it.
Regards.
Feb, 2021 - Permalink
That's a shame. Thanks for your time and information Florian. Have a nice day!
Regards, Jelle.
Feb, 2021 - Permalink
Hello Jelle,
I checked your previous messages and found a solution which unfortunately has limitations as well.
You can indeed trigger a template based on the sensors state (Warning or Error). However, to do so you need to use Warning limits in the channel Days to Expiration and Error for Common Name Check for example. Both limits must be used separately and only for the channels mentioned above.
I hope this can help you.
Regards.
Feb, 2021 - Permalink
Hello Jelle,
Thank you for your message.
Regarding what you would like to achieve, I invite you to disable the notification State trigger (based on the state) and use Threshold triggers instead. Then, you will be able to configure a trigger for each channel you desire.
Here is an example for the channel Days to Expiration:
When Days to Expiration (#) channel is below Threshold_value for at least 60 seconds, perform Notification 1
Then, for the Common Name Check channel:
When Common Name Check channel is not equal to 0 for at least 60 seconds, perform Notification 2
0 means that the CN matches the device address. Please, find the different values returned by the channel Common Name Check in the lookup file prtg.standardlookups.sslcertificatesensor.cncheck.
Regards.
Feb, 2021 - Permalink