cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SSL Certificate Monitor extension add certificates to MZ

Mizső
DynaMight Guru
DynaMight Guru

Hi Folks,

Issue: If you use SSL Certificate Monitor plugin and your hosts or hostgroups are organized in MZ and you filter to your MZ on your hosts overview pages you can not see the certifiactes belong to the host or host's processes.

How to add certifiactes to the MZs? Organize your certificates configurations by host groups or MZ. Configuartion_label will be important in my case.

Mizs_0-1724253835144.png

Add your certifacte to the proper MZ with entity selector:

type(python:certificate_monitor_certificate),monitoring_config(YYYY) - Now I am using this. Configuration_label = monitoring_config (property of the certificate see below)

OR you can use other certificate properties:

type(python:certificate_monitor_certificate),port(5556)
type(python:certificate_monitor_certificate),subject_alt_name_1(weblogic)

 

You can check your certificate properites with the monitored etities API call with entity ID:

GET SaaS https://{your-environment-id}.live.dynatrace.com/api/v2/entities/{entityId}
Environment ActiveGateCluster ActiveGate https://{your-activegate-domain}:9999/e/{your-environment-id}/api/v2/entities/{entityId}

 

Example response:

{
"entityId": "CUSTOM_DEVICE-5C8A7360EA322B7E",
"type": "python:certificate_monitor_certificate",
"displayName": "weblogic certificate on 5556",
"firstSeenTms": 1700783563328,
"lastSeenTms": 1723801132413,
"properties": {
"subject_alt_name_9": "",
"subject_alt_name_8": "",
"subject_alt_name_7": "",
"subject_alt_name_6": "",
"validity_not_before": "2022-11-17",
"subject_alt_name_5": "",
"host_port": "10.240.162.16:5556",
"subject_alt_name_4": "",
"monitoring_config": "YYYY",
"subject_alt_name_3": "",
"subject_alt_name_2": "",
"certificate_stage": "STAGE_0",
"subject_alt_name_1": "weblogic",
"source": "OneAgent",
"subject_common_name": "weblogic",
"host_att": "HOST-80742DFBF49E5399",
"issuer_org_name": "XXXXXXXXX",
"common_name": "weblogic",
"cert_lifecycle": "0: Greater than 30",
"issuer_common_name": "XXXXXXXXX",
"serial_number": "0xd024d027dd262333c96ced3808de619",
"port": "5556",
"subject_alt_name_10": "",
"subject_alt_name_11": "",
"subject_org_name": "XXXXXXXXX",
"validity_not_after": "2024-11-17"
},
"tags": [],
"managementZones": [],
"icon": {
"primaryIconType": "dynatrace",
"customIconPath": "certificate"
},
"fromRelationships": {
"runsOn": [
{
"id": "HOST-80742DFBF49E5399",
"type": "HOST"
}
],
"isChildOf": [
{
"id": "CUSTOM_DEVICE-6AD8A21A0BEE2345",
"type": "python:certificate_monitor"
}
],
"calls": [
{
"id": "PROCESS_GROUP_INSTANCE-7AFD523F463BE74E",
"type": "PROCESS_GROUP_INSTANCE"
}
]
}
}

I hope it helps.

Best regards,

Mizső

Dynatrace Community RockStar 2024, Certified Dynatrace Professional
2 REPLIES 2

Daniël
Guide

I encountered the same issue indeed. I'm using the MZ config: type("python:certificate_monitor_certificate"),fromRelationships.runsOn(type(HOST), Tag("AppA", "AppB"))

I use this one as I prefer the configuration to be generic and control all entities via autotagging. This way I know all configs on all different places in Dynatrace (MZ's, Dashboards, etc etc) will point to tagging and if something is wrong I can modify tagging which directly has it effects on all views.

Kind r egards,

Daan 

Hi @Daniël 

It is also a nice solution. Thanks for sharing it.

Best regards,

Mizső

Dynatrace Community RockStar 2024, Certified Dynatrace Professional

Featured Posts