Jason Fant

Members
  • Content Count

    5
  • Joined

  • Last visited

Community Reputation

1 Neutral

About Jason Fant

  • Rank
    Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Good Morning, We have a customer that was hoping we'd be monitoring the Root and Intermediate SSL Certs on some linux servers and Cisco CUCM Servers. However, the default SSL Cert LogicModule only moitors the domain/server level cert and not the entire SSL Chain. I found a debug command from another forum post and I can see that the script can properly see the entire SSL Chain on the device. I just need to now script that out so that each cert found is an 'instance' and then there's a datapoint monitoring the expiration date. Has anyone done this before and has a datasource/Loigcmodule that they can share? I'm not familiar with the jar script used in the example below or how to edit that to do more than what the current SSLCerts- datsource using. But I know that it can at least show me the information/data I need, I just need to manipulate/parse it. $ !java -cp ../lib/certexpire.jar CertificateExpire "C:\Program Files (x86)\LogicMonitor\Agent" 172.20.10.74 172.20.10.74 443 true Enable debug SSL cert Get the support protocol, protocols=TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3,SSLv2Hello, Get the enabled protocol, protocols=TLSv1.2,TLSv1.1,TLSv1, Try to send request to server. Request send ... TrustManager: checkServerTrusted got 4 certs. Auth type: ECDHE_RSA TrustManager: getAcceptedIssuers called. Request flushed ... Get certification from host - 172.20.10.74:443 Certification: 1 CN : CN=voip-cxwe-ext-vip, OU=OMITTED - IT, O=OMITTED, STREET=OMITTED, L=New York, ST=NY, OID.2.5.4.17=10024-5100, C=US Type : X.509 Issue at : Mon Aug 20 20:00:00 EDT 2018 Expire at: Thu Aug 20 19:59:59 EDT 2020 Certification: 2 CN : CN=InCommon RSA Server CA, OU=InCommon, O=Internet2, L=Ann Arbor, ST=MI, C=US Type : X.509 Issue at : Sun Oct 05 20:00:00 EDT 2014 Expire at: Sat Oct 05 19:59:59 EDT 2024 Certification: 3 CN : CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US Type : X.509 Issue at : Mon Mar 11 20:00:00 EDT 2019 Expire at: Sun Dec 31 18:59:59 EST 2028 Certification: 4 CN : CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB Type : X.509 Issue at : Wed Dec 31 19:00:00 EST 2003 Expire at: Sun Dec 31 18:59:59 EST 2028 Got issue date - Wed Dec 31 08:19:49 EST 1969, expiration date - Tue Jun 02 08:19:49 EDT 2020 79
  2. I make use of the Ping Multi Datasource. I adjusted mine to automatically add in all IP Addresses listed in system.ips for the device. That way I know, if I lose PING to one of those IP's but HOST STATUS for the device is fine, then I know there's an issue with just that IP or network segment. I don't know if that will actually work if there's an issue with the WebLogic Application. Meaning, the weblogic app might stop serving up the website but the IP address might still be pingable. Hope that helps!
  3. Add me as well please, we have a few customers who have Firepower devices we monitor!
  4. I concur! This would be an AWESOME feature to have! We could use this feature to display descriptions of the instances on the "Device Component Inventory" datasource.