Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Vincent_Bacher
Advisor
Advisor

Identity Broker certificate monitoring (since R81.20 JHF T 26)

Hi mates,

release notes of take 26 shows:

PRJ-45912,
IDA-4843

Identity Awareness

UPDATE: Implemented monitoring functionality and alerts for tracking the expiration date of Identity Broker certificates.

 

does anybody know how to use this functionality?

Cheers
Vince

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
0 Kudos
3 Replies
PhoneBoy
Admin
Admin

I suspect this is part of a larger project to allow for mass renewal of the various platform/VPN certificates, something that we plan to provide in the near future.
Which means the full functionality may not be exposed just yet.
Let me see what I can find out.

Netanel_Cohen
Employee
Employee

Hi Vince,

The ability to monitor and alert once we approach the expiration date of the Identity Broker certificate has been added to R81.20  jumbo take 26, we are working on adding it to R81 and R81.10 jumbos as well.
This functionality is enabled by default, we have added a new alert logs + warning/error status to the relevant Subscriber object.

The behavior is as follows:

Certificate expiration date < 90 days:

  • GW/Cluster changes to warning with an appropriate message (as can be seen in the screenshot below).
  • Alert log triggered in SmartConsole once a day (as can be seen in the screenshot below)

Certificate expiration date < 30 days :

  • GW/Cluster status changes to error with an appropriate message.
  • Alert log will be still triggered in SmartConsole once a day

Netanel_Cohen_0-1695721639358.jpeg

 



Vincent_Bacher
Advisor
Advisor

Thanks for your explanation. So we'll see the alert messages on SmartLog and in our case via LogExporter in our elastic stack as well.
An option to monitor this via api, prometheus, snmp is not present or planned?
thanks
Vince

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events