Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
monitors:sslname.sh [2015/11/10 03:54] – Update for xymon jccleaver | monitors:sslname.sh [2019/08/28 08:24] (current) – [Description] antivirusnoeron | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== SSL certificate name match monitor ====== | ====== SSL certificate name match monitor ====== | ||
- | ^ Author | [[ jcleaver@soe.sony.com | + | ^ Author | [[ cleaver-xymon@terabithia.org | Japheth Cleaver |
^ Compatibility | Xymon 4.2.3 | | ^ Compatibility | Xymon 4.2.3 | | ||
^ Requirements | perl, unix | | ^ Requirements | perl, unix | | ||
^ Download | None | | ^ Download | None | | ||
- | ^ Last Update | 2010-08-02 | | + | ^ Last Update | 2015-11-09 | |
- | ===== Description ===== | + | Antivirus-Norton Internet Security is a security software product from Symantec. Packed with features to protect your PC from all kinds of online threats and the main programs in this award-winning software are antivirus, anti-spyware, |
- | + | [[http://antivirus-norton.com|norton.com/setup]] | |
- | Originating thread here: http://www.xymon.com/archive/ | + | Author:John Smith0, a creative person who puts his skills in Technical writing by making everything easier for readers |
- | + | [[https://d-mcafee.com/|mcafee.com/activate]] | [[https:// | |
- | A small script that checks " | + | |
===== Installation ===== | ===== Installation ===== | ||
Line 33: | Line 32: | ||
CMD / | CMD / | ||
LOGFILE / | LOGFILE / | ||
+ | INTERVAL 5m | ||
</ | </ | ||
Line 41: | Line 41: | ||
<code bash sslname.sh> | <code bash sslname.sh> | ||
#!/bin/sh | #!/bin/sh | ||
- | + | ||
- | # sslname.sh | + | # sslname.sh |
# | # | ||
# Retrieve a list of all " | # Retrieve a list of all " | ||
Line 53: | Line 53: | ||
# of another SSL service. | # of another SSL service. | ||
# | # | ||
- | # Japheth Cleaver <jcleaver@soe.sony.com> | + | # Japheth Cleaver <cleaver@terabithia.org> |
- | # No warranty. YMMV. Use at your own risk. This is not supported by my employer. | + | # No warranty. YMMV. Use at your own risk. |
# | # | ||
+ | # First pass: 2010-08-02 | ||
+ | # http:// | ||
+ | # | ||
+ | # v2 2012-04-27 -- update from hobbit -> xymon and optionally use " | ||
+ | # instead of our own status | ||
+ | |||
+ | [ -z " | ||
- | # Set some defaults - I'm running this from hobbitlaunch, YMMV | + | # Set some defaults - I'm running this from xymonlaunch, YMMV |
[ -z " | [ -z " | ||
- | [ -z "$BBDISP" ] && | + | [ -z "$XYMSRV" ] && |
[ -z " | [ -z " | ||
- | [ -z "$BB" ] && | + | [ -z "$XYMON" ] && |
+ | # Modify the sslcert test result, or create our own? | ||
+ | # MODIFY=1 | ||
+ | |||
# Get a list of all valid sslcert tests | # Get a list of all valid sslcert tests | ||
- | | + | |
[ -z " | [ -z " | ||
- | + | ||
+ | |||
# Loop over them and compare the common name with any URL we can find | # Loop over them and compare the common name with any URL we can find | ||
for THISHOST in $SSLHOSTS ; do | for THISHOST in $SSLHOSTS ; do | ||
+ | |||
# Return the details of this host's sslcert data, unescaping on the way | # Return the details of this host's sslcert data, unescaping on the way | ||
- | SSLDATA=" | + | SSLDATA=" |
+ | THISCOMMA=" | ||
+ | |||
# Find the common name... | # Find the common name... | ||
- | | + | # TODO: We should loop over all common names and try to figure out what the relevant URLs are below |
+ | # | ||
+ | | ||
if [ -z " | if [ -z " | ||
echo " | echo " | ||
Line 83: | Line 95: | ||
fi | fi | ||
# echo " -- Common name for $THISHOST is ' | # echo " -- Common name for $THISHOST is ' | ||
- | + | ||
+ | |||
# Isolate what hostname we were trying to access and store as URL, | # Isolate what hostname we were trying to access and store as URL, | ||
# if found. The HUMANURL is the full string, including any port number | # if found. The HUMANURL is the full string, including any port number | ||
- | URL=" | + | |
if [ $URL -eq 1 ] ; then | if [ $URL -eq 1 ] ; then | ||
# Great, a simple https address to look at | # Great, a simple https address to look at | ||
Line 96: | Line 108: | ||
HUMANURL=$THISHOST | HUMANURL=$THISHOST | ||
fi | fi | ||
+ | |||
+ | ISMATCH=" | ||
+ | # Check if we're just modifying the existing status | ||
+ | if [ -n " | ||
+ | [ $ISMATCH -ne 1 ] && $XYMON $XYMSRV " | ||
+ | continue | ||
+ | fi | ||
# Build our Xymon report | # Build our Xymon report | ||
- | if [ " | + | if [ $ISMATCH |
STATUS=" | STATUS=" | ||
COLOR=" | COLOR=" | ||
BODY="& | BODY="& | ||
- | |||
else | else | ||
STATUS=" | STATUS=" | ||
COLOR=" | COLOR=" | ||
BODY="& | BODY="& | ||
- | + | ||
- | <A HREF=\" | + | <A HREF=\" |
fi | fi | ||
- | + | ||
- | | + | # Send results to Xymon |
- | | + | $XYMON $XYMSRV |
- | ## echo "$BODY" | $BB $BBDISP --both | + | ${BODY}" |
- | $BB $BBDISP " | + | |
- | $BODY" | + | |
done | done | ||
- | + | ||
+ | |||
# fin | # fin | ||
exit 0 | exit 0 | ||
Line 130: | Line 145: | ||
===== Known Bugs and Issues ===== | ===== Known Bugs and Issues ===== | ||
- | This is targeted mainly at %%https:// | + | sslcert tests that are a result of multiple SSL_enabled services tested by xymonnet should be tested individually against the URLs (or server name) in question and the worst state flagged. |
+ | |||
+ | Wildcards are handled via regex, however this will lead to a false negative if your wildcard | ||
+ | |||
+ | This was targeted mainly at %%https:// | ||
===== To Do ===== | ===== To Do ===== | ||
Line 139: | Line 158: | ||
===== Changelog ===== | ===== Changelog ===== | ||
+ | |||
+ | * **2015-11-10** | ||
+ | * Minor bug fixes and clean-up | ||
+ | |||
+ | * **2012-04-27** | ||
+ | * update from hobbit -> xymon | ||
+ | * optionally use " | ||
* **2010-08-02** | * **2010-08-02** | ||
* Initial public release | * Initial public release | ||