Forum Discussion
midhun_108442
Nimbostratus
NimbostratusSending logs about Certification Expiry
Hi,
I am having F5 Box with lot of Client Certificate Configured , Is there any way to get the logs about Certification Expiry in Spectrum Device , I can see that Certification logs are senting to F5 box by running a script weekly , Same logs i need to sent in Spectrum Device.
Wil F5 can send Syslog logs to Spectrum device?
Can anyone help on my queries.
Regards,
Midhun P.K
hooleylistCirrostratus
Hi Midhun,
You can check SOL7574 for details on the cert checking LTM performs. That SOL has details on configuring a custom SNMP trap. You could also configure syslog-ng to send syslog messages to your monitoring station.
sol7574: Monitoring SSL certificate expiration on the BIG-IP system
http://support.f5.com/kb/en-us/solutions/public/7000/500/sol7574.html?sr=19110082
sol5527: Configuring the BIG-IP system to log to a remote syslog server (9.x - 10.x)
http://support.f5.com/kb/en-us/solutions/public/5000/500/sol5527.html
sol7342: Overview of the syslog-ng.conf file
http://support.f5.com/kb/en-us/solutions/public/7000/300/sol7342.html
Aaron- midhun_108442Hi Aaron,
Thanks for the Update . Is it Possible to send Same certification information weekly to any email address , Im thinking instead of senting to Syslog server , sent the Certification Expiry information to My mail.
Kindly advice
Regards,
Midhun P.K - midhun_108442Hi Aaron,
Thanks for the Update . Is it Possible to send Same certification information weekly to any email address , Im thinking instead of senting to Syslog server , sent the Certification Expiry information to My mail.
Kindly advice
Regards,
Midhun P.K - midhun_108442Hi Aaron,
Thanks for the Update . Is it Possible to send Same certification information weekly to any email address , Im thinking instead of senting to Syslog server , sent the Certification Expiry information to My mail.
Kindly advice
Regards,
Midhun P.K 
nitassEmployee
you may set syslog-ng to send email notification. according to sol7574, checkcert is called weekly already.
Syslog NG Email Configuration by lrhazi
http://devcentral.f5.com/wiki/AdvDesignConfig.SyslogNGEmailConfiguration.ashx
hope this helps.- midhun_108442Hi,
Is it possible to send same Syslog message as a SNMP trap to remote server , The Idea is Certification expiry is a syslog message , but we are using SPectrum in our environment and its listening SNMP Trap , So we are not receving Certification expiry logs in Spectrum ,
Is there anyway to send syslog message as snmp trap to Spectrum server, Kindly advice.
Regards,
Midhun P.K - nitassCustom SNMP Traps by Deb
http://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/256/Custom-SNMP-Traps.aspx
e.g.[root@ve1023:Active] config b snmpd trapsess list snmpd { trapsess i192_168_206_154_1 { auth password none auth protocol NONE community "public" engine id none host "192.168.206.154" port 162 privacy password none privacy protocol NONE security level noAuthNoPriv security name none version 2c } } [root@ve1023:Active] config cat /config/user_alert.conf alert CERT_EXPIRE "Certificate (.*?) in file (.*?) will expire on (.*?)" { snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.300" } [root@ve1023:Active] config logger -p local0.notice "01380002:4: Certificate 'askf5' in file askf5.crt will expire on Sat Jul 14 18:15:24 2007 GMT" on trap receiver (192.168.206.154) C:\>nc -l -u -p 162 0ü┼☻☺☺♦♠publicºü╖☻♦←bDG☻☺ ☻☺ 0ü¿0+♠☺☻☺☺♥ C♥ û░0→♠ +♠☺♠♥☺☺♦☺ ♠♀+♠☺♦☺Ü/☻♦ é,0`♠♂+♠☺♦☺Ü/☻♦☺☺♦QCertificate 'askf5' in file askf5.crt w ill expire on Sat Jul 14 18:15:24 2007 GMT0↨♠ +♠☺♠♥☺☺♦♥ ♠ +♠☺♦☺Ü/☻♦