• 0

Add the Friendly Name of a certificate on an Alert Report


Question

Hello,

I have the discovery:

Quote

##--------------- Discovery ------------------##
$pshost = Get-Host              # Get the PowerShell Host.
$pswindow = $pshost.UI.RawUI    # Get the PowerShell Host's UI.

$newsize = $pswindow.BufferSize # Get the UI's current Buffer Size.
$newsize.width = 800            # Set the new buffer's width to 800 columns.
$pswindow.buffersize = $newsize # Set the new Buffer Size as active.

$newsize = $pswindow.windowsize # Get the UI's current Window Size.
$newsize.width = 800            # Set the new Window Width to 800 columns.
$pswindow.windowsize = $newsize # Set the new Window Size as active.

$readOnly     = [System.Security.Cryptography.X509Certificates.OpenFlags]"ReadOnly"
$localMachine = [System.Security.Cryptography.X509Certificates.StoreLocation]"LocalMachine"
$store        = new-object System.Security.Cryptography.X509Certificates.X509Store( "\\##SYSTEM.SYSNAME##\my", $localMachine )

$store.Open( $readOnly )

$store.Certificates `
| Select-Object { `
  $_.Thumbprint + "##" `
+ $_.Subject + $(If ($_.Subject -ne "") {"(..." + $_.Thumbprint.SubString($_.Thumbprint.length - 5, 5) + ")"} Else {"Unknown subject (" + $_.Thumbprint + ")"}) `
+ "######" `
+ "cert.issuer=" + $_.Issuer `
+ "&cert.friendlyname=" + $_.FriendlyName `
+ "&cert.serialnumber=" + $_.SerialNumber `
+ "&cert.thumbprint=" + $_.Thumbprint `
} `
| Format-Table -HideTableHeaders
 

and the Collector Attributes

Quote

##-------------- Counters --------------------##
$pshost = Get-Host              # Get the PowerShell Host.
$pswindow = $pshost.UI.RawUI    # Get the PowerShell Host's UI.

$newsize = $pswindow.BufferSize # Get the UI's current Buffer Size.
$newsize.width = 800            # Set the new buffer's width to 800 columns.
$pswindow.buffersize = $newsize # Set the new Buffer Size as active.

$newsize = $pswindow.windowsize # Get the UI's current Window Size.
$newsize.width = 800            # Set the new Window Width to 800 columns.
$pswindow.windowsize = $newsize # Set the new Window Size as active.

$readOnly     = [System.Security.Cryptography.X509Certificates.OpenFlags]"ReadOnly"
$localMachine = [System.Security.Cryptography.X509Certificates.StoreLocation]"LocalMachine"
$store        = new-object System.Security.Cryptography.X509Certificates.X509Store( "\\##SYSTEM.SYSNAME##\my", $localMachine )
$properties = @(
#    @{n='WildValue';e={"##WildValue##"}},
#    @{n='CommonName';e={$_.Subject}},
#    @{n='Description';e={"##Description##"}},
#    @{n='Properties';e={"##Properties##"}},
    @{n='DaysUntilExpire';e={([datetime]::Today - $_.NotAfter ).Days}}
)

$store.Open( $readOnly )

$store.Certificates `
| Where-Object {($_.Thumbprint -like "##WildValue##")} `
| Select-Object $properties `
| Format-Table -HideTableHeaders

 

Looking to add the "FriendlyName" of the certificate on the report...

Any idea?

Thanks,

Dom

Link to post
Share on other sites

8 answers to this question

Recommended Posts

  • 1

I have something like this in Exchange.  I did not include the friendlyname in the alert message, but it is there as an ILP and could be used easily.  I just found fairly often it was not defined.  We have an update pending on this module since we found some certs are refreshed very often (e.g., daily) and need to add code to exclude those from discovery (or at least, from alerting).

KPNWGW

Link to post
Share on other sites
  • 1
2 minutes ago, Dominique said:

Hello,

The friendly name is in the field properties in the alert.... How to make it appearing in the report...

Thanks,

Dom

By report, I assume you mean "alert message"?  If so, the property name should work as a token.  For me, it was just generally empty so would need to structure the message to account for that as best as possible since there are no conditional output controls like for template systems.

Link to post
Share on other sites
  • 1
1 minute ago, Dominique said:

Hello,

No a specific report through Alert Report ...

https://xxxx.logicmonitor.com/santaba/uiv3/report/download.jsp?1600885411693

Thanks,

Dom

You should be able to add the property to a custom column, but in my case it ends up with no data.  In my case, I use the friendly name as the instance name if possible, otherwise the thumbprint, so my friendly names show in the report.  I can't show auto.windowscerts.dnsnames, though.  Report adds it as a column, but no values show. Seems like ILPs are not valid for reports, which feels like a bug to me, though I am sure I will be told it is a feature request :).

Link to post
Share on other sites
  • 1
3 hours ago, Dominique said:

Hello,

I have two 

1798469083_2020-09-23_14-39-17LMReportCertificates.thumb.png.0cf3a04b80f79591352720a0c39aaa30.png

and the column was added ...

2044805104_2020-09-23_14-40-14LMReportCertificatescolumns.thumb.png.e87d867ca8ab4f544882113350221ab3.png

But still nothing...

Any idea?

Thanks,

Dom

 

Right -- I tried the same and it looks like reports don't handle ILPs.  They certainly should -- probably will need to escalate to LM to get it fixed, and they may say it is a feature request :).

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.