21 Aug 2024 04:34 PM - last edited on 23 Aug 2024 09:28 AM by MaciejNeumann
Hi Folks,
Issue: If you use SSL Certificate Monitor plugin and your hosts or hostgroups are organized in MZ and you filter to your MZ on your hosts overview pages you can not see the certifiactes belong to the host or host's processes.
How to add certifiactes to the MZs? Organize your certificates configurations by host groups or MZ. Configuartion_label will be important in my case.
Add your certifacte to the proper MZ with entity selector:
type(python:certificate_monitor_certificate),monitoring_config(YYYY) - Now I am using this. Configuration_label = monitoring_config (property of the certificate see below)
OR you can use other certificate properties:
type(python:certificate_monitor_certificate),port(5556)
type(python:certificate_monitor_certificate),subject_alt_name_1(weblogic)
You can check your certificate properites with the monitored etities API call with entity ID:
GET | SaaS | https://{your-environment-id}.live.dynatrace.com/api/v2/entities/{entityId} |
Environment ActiveGateCluster ActiveGate | https://{your-activegate-domain}:9999/e/{your-environment-id}/api/v2/entities/{entityId} |
Example response:
{
"entityId": "CUSTOM_DEVICE-5C8A7360EA322B7E",
"type": "python:certificate_monitor_certificate",
"displayName": "weblogic certificate on 5556",
"firstSeenTms": 1700783563328,
"lastSeenTms": 1723801132413,
"properties": {
"subject_alt_name_9": "",
"subject_alt_name_8": "",
"subject_alt_name_7": "",
"subject_alt_name_6": "",
"validity_not_before": "2022-11-17",
"subject_alt_name_5": "",
"host_port": "10.240.162.16:5556",
"subject_alt_name_4": "",
"monitoring_config": "YYYY",
"subject_alt_name_3": "",
"subject_alt_name_2": "",
"certificate_stage": "STAGE_0",
"subject_alt_name_1": "weblogic",
"source": "OneAgent",
"subject_common_name": "weblogic",
"host_att": "HOST-80742DFBF49E5399",
"issuer_org_name": "XXXXXXXXX",
"common_name": "weblogic",
"cert_lifecycle": "0: Greater than 30",
"issuer_common_name": "XXXXXXXXX",
"serial_number": "0xd024d027dd262333c96ced3808de619",
"port": "5556",
"subject_alt_name_10": "",
"subject_alt_name_11": "",
"subject_org_name": "XXXXXXXXX",
"validity_not_after": "2024-11-17"
},
"tags": [],
"managementZones": [],
"icon": {
"primaryIconType": "dynatrace",
"customIconPath": "certificate"
},
"fromRelationships": {
"runsOn": [
{
"id": "HOST-80742DFBF49E5399",
"type": "HOST"
}
],
"isChildOf": [
{
"id": "CUSTOM_DEVICE-6AD8A21A0BEE2345",
"type": "python:certificate_monitor"
}
],
"calls": [
{
"id": "PROCESS_GROUP_INSTANCE-7AFD523F463BE74E",
"type": "PROCESS_GROUP_INSTANCE"
}
]
}
}
I hope it helps.
Best regards,
Mizső
Solved! Go to Solution.
22 Aug 2024 06:37 AM
I encountered the same issue indeed. I'm using the MZ config: type("python:certificate_monitor_certificate"),fromRelationships.runsOn(type(HOST), Tag("AppA", "AppB"))
I use this one as I prefer the configuration to be generic and control all entities via autotagging. This way I know all configs on all different places in Dynatrace (MZ's, Dashboards, etc etc) will point to tagging and if something is wrong I can modify tagging which directly has it effects on all views.
Kind r egards,
Daan
22 Aug 2024 06:40 AM - edited 22 Aug 2024 07:53 AM
Hi @Daniël
It is also a nice solution. Thanks for sharing it.
Best regards,
Mizső