数据采集 采集源配置 TLS 证书数据采集
TLS 证书数据采集
简介
采集 X509 证书相关信息上报到 DataFlux 中
前置条件
- 已安装 DataKit(DataKit 安装文档)
配置
进入 DataKit 安装目录下的 conf.d/tls 目录,复制 x509_cert.conf.sample 并命名为 x509_cert.conf。示例如下:
# Reads metrics from a SSL certificate
[[inputs.x509_cert]]
## List certificate sources
sources = ["/etc/ssl/certs/ssl-cert-snakeoil.pem", "https://example.org:443"]
## Timeout for SSL connection
# timeout = "5s"
## Pass a different name into the TLS request (Server Name Indication)
## example: server_name = "myhost.example.org"
# server_name = "myhost.example.org"
## Optional TLS Config
# tls_ca = "/etc/telegraf/ca.pem"
# tls_cert = "/etc/telegraf/cert.pem"
# tls_key = "/etc/telegraf/key.pem"
配置好后,重启 DataKit 即可生效
采集指标
x509_cert
| 指标 | 描述 | 类型 | 单位 | Tag |
|---|---|---|---|---|
| verification_code | int | - | source,organization,organizational_unit,country,province,locality,verification,serial_number,signature_algorithm,public_key_algorithm,issuer_common_name,issuer_serial_number,san | |
| verification_error | string | - | source,organization,organizational_unit,country,province,locality,verification,serial_number,signature_algorithm,public_key_algorithm,issuer_common_name,issuer_serial_number,san | |
| expiry | int | seconds | source,organization,organizational_unit,country,province,locality,verification,serial_number,signature_algorithm,public_key_algorithm,issuer_common_name,issuer_serial_number,san | |
| age | int | seconds | source,organization,organizational_unit,country,province,locality,verification,serial_number,signature_algorithm,public_key_algorithm,issuer_common_name,issuer_serial_number,san | |
| startdate | int | seconds | source,organization,organizational_unit,country,province,locality,verification,serial_number,signature_algorithm,public_key_algorithm,issuer_common_name,issuer_serial_number,san | |
| enddate | int | seconds | source,organization,organizational_unit,country,province,locality,verification,serial_number,signature_algorithm,public_key_algorithm,issuer_common_name,issuer_serial_number,san |