Prometheus metrics for checking certificate expiration

Use the following config.yaml

port: 6060
  - type: file
    file: /tmp/cert-test.pem
    name: test cert
    interval: 10m

  - type: address
    address: #host:port
    name: google cert
    interval: 10m

Based on the configuration, the data collector will check certificate file or certificate from a TLS address, and create the prometheus metric. A sample scrape output is shown as below. The metric is the type of guage, repsenting the days left to exipration.

# HELP certificate_checker_expiry days left to the cert expiry
# TYPE certificate_checker_expiry gauge
certificate_checker_expiry{address="",issuer="O=sws",name="test cert",path="/tmp/cert-test.pem",subject="O=sws",type="file"} -0.9331897887322916
certificate_checker_expiry{address="",issuer="CN=GTS CA 1C3,O=Google Trust Services LLC,C=US",name="google cert",path="",subject="CN=*",type="address"} 64.76944786807475
certificate_checker_expiry{address="",issuer="CN=GTS Root R1,O=Google Trust Services LLC,C=US",name="google cert",path="",subject="CN=GTS CA 1C3,O=Google Trust Services LLC,C=US",type="address"} 1866.4241122192825
certificate_checker_expiry{address="",issuer="CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE",name="google cert",path="",subject="CN=GTS Root R1,O=Google Trust Services LLC,C=US",type="address"} 1986.424112218873

The subject, issuer of the cert are shown as the labels of the prometheus metric.


View Github