-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathssltls.yml
43 lines (36 loc) · 1.56 KB
/
ssltls.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
# exporter: https://github.com/ribbybibby/ssl_exporter
groups:
- name: RibbybibbySslExporter
rules:
- alert: SslCertificateProbeFailed
expr: 'ssl_probe_success == 0'
for: 0m
labels:
severity: critical
annotations:
summary: SSL certificate probe failed (instance {{ $labels.instance }})
description: "Failed to fetch SSL information {{ $labels.instance }}\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
- alert: SslCertificateOscpStatusUnknown
expr: 'ssl_ocsp_response_status == 2'
for: 0m
labels:
severity: warning
annotations:
summary: SSL certificate OSCP status unknown (instance {{ $labels.instance }})
description: "Failed to get the OSCP status {{ $labels.instance }}\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
- alert: SslCertificateRevoked
expr: 'ssl_ocsp_response_status == 1'
for: 0m
labels:
severity: critical
annotations:
summary: SSL certificate revoked (instance {{ $labels.instance }})
description: "SSL certificate revoked {{ $labels.instance }}\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
- alert: SslCertificateExpiry(<7Days)
expr: 'ssl_verified_cert_not_after{chain_no="0"} - time() < 86400 * 7'
for: 0m
labels:
severity: warning
annotations:
summary: SSL certificate expiry (< 7 days) (instance {{ $labels.instance }})
description: "{{ $labels.instance }} Certificate is expiring in 7 days\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"