Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mclarkson/check_crl_bulk

Checks the 'Next Update' time for a number of CRL files using OpenSSL.
https://github.com/mclarkson/check_crl_bulk

Last synced: 9 days ago
JSON representation

Checks the 'Next Update' time for a number of CRL files using OpenSSL.

Host: GitHub
URL: https://github.com/mclarkson/check_crl_bulk
Owner: mclarkson
Created: 2013-05-08T08:56:43.000Z (over 11 years ago)
Default Branch: master
Last Pushed: 2014-05-22T19:51:17.000Z (over 10 years ago)
Last Synced: 2024-10-18T07:30:31.845Z (28 days ago)
Language: Shell
Homepage:
Size: 164 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.asciidoc

Awesome Lists containing this project

README

++++
Nagios GUI Screenshot
++++

Check CRL Bulk
--------------

Checks the `Next Update' time for a number of CRL files using OpenSSL.

Requires OpenSSL.

*INSTALL*

Example:

----
wget https://raw.github.com/mclarkson/check_crl_bulk/master/check_crl_bulk
chmod +x check_crl_bulk
mv check_crl_bulk /usr/lib64/nagios/plugins/
----

*EXAMPLE OUTPUT*

----
OK: 12 OK, 0 expired, 0 expiring, 0 invalid.

CRITICAL: No CRL files found. | ok=0 expired=0 invalid=0 expiring=0

CRITICAL: 12 OK, 0 expired, 0 expiring, 1 invalid.

CRITICAL: 12 OK, 1 expired, 0 expiring, 0 invalid.

CRITICAL: Unexpected number of files ( 11 expected, found 12 ). 10 OK, 0 expired, 2 expiring, 0 invalid.

WARNING: CRLs expiring soon. 10 OK, 0 expired, 2 expiring, 0 invalid.
efc8aa3d.r0 - 2 days left
3d618bf6.r0 - 2 days left
b0c32e73.r0 - 3 days left
7a5a47e2.r0 - 3 days left
ac0321db.r0 - 3 days left
9c8758dc.r0 - 3 days left
cf58f176.r0 - 3 days left
fcb3cb08.r0 - 2 days left
34a34704.r0 - 9 hours left (!)
058843d1.r0 - 9 hours left (!)
a000aa92.r0 - 2 months left
6a4e0b0d.r0 - 2 months left | ok=10 expired=0 expiring=2 invalid=0
----

*MANUAL PAGE*

----
$ ./check_crl_bulk -h

check_crl_bulk - Check the 'Next Update' field of a number of CRL,
Certificate Revocation List, files in bulk.

Usage: check_crl_bulk [options]

-h : Display this help text.
-c DIR : Location of the directory containing CRL files.
(Default is: /etc/crl)
-i REGX : Include files matching the REGX regular expression.
Specify more than once to add more include expressions.
-x REGX : Exclude files matching the REGX regular expression.
Specify more than once to add more exclude expressions.
-f : Make REGX searches FILE GLOBS instead. In this case a
'.' will match a dot only and '*' will be needed.
-n NUM : Expected number of files.
-p : Add performance data for graphing.
-v : Be more verbose. Show file names and status.
-w NUM : Warn if a CRL is within NUM hours of expiring.

Examples:

Check all files in the default directory, '/etc/crl':

./check_crl_bulk

Check all files. Show a warning if a CRL will expire within 2 days.

./check_crl_bulk -w 48

Exclude all files names containing ".p7" and 5178 in their name:

./check_crl_bulk -x "\.p7" -x "5178"

Same as the previous search but using file globbing:

./check_crl_bulk -f -x "*.p7*" -x "*5178*"

Exclude all files ending in .old and check that there are 6 files:

./check_crl_bulk -f -x "*.old" -n 6

Check all files, show their status, and add performance stats.

./check_crl_bulk -v -p

----