Forum Discussion

midhun_108442's avatar
midhun_108442
Icon for Nimbostratus rankNimbostratus
Feb 02, 2012

Sending logs about Certification Expiry

Hi,     I am having F5 Box with lot of Client Certificate Configured , Is there any way to get the logs about Certification Expiry in Spectrum Device , I can see that Certification logs are sent...
management
monitoring
nitass's avatar
nitass
Icon for Employee rankEmployee
Feb 12, 2012
Custom SNMP Traps by Deb

http://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/256/Custom-SNMP-Traps.aspx

e.g. 

[root@ve1023:Active] config  b snmpd trapsess list
snmpd {
   trapsess i192_168_206_154_1 {
         auth password none
         auth protocol NONE
         community "public"
         engine id none
         host "192.168.206.154"
         port 162
         privacy password none
         privacy protocol NONE
         security level noAuthNoPriv
         security name none
         version 2c
      }
}
[root@ve1023:Active] config  cat /config/user_alert.conf
alert CERT_EXPIRE "Certificate (.*?) in file (.*?) will expire on (.*?)" {
        snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.300"
}
[root@ve1023:Active] config  logger -p local0.notice "01380002:4: Certificate 'askf5' in file askf5.crt will expire on Sat Jul 14 18:15:24 2007 GMT"

on trap receiver (192.168.206.154)

C:\>nc -l -u -p 162
0ü┼☻☺☺♦♠publicºü╖☻♦←bDG☻☺ ☻☺ 0ü¿0+♠☺☻☺☺♥ C♥ û░0→♠
+♠☺♠♥☺☺♦☺ ♠♀+♠☺♦☺Ü/☻♦ é,0`♠♂+♠☺♦☺Ü/☻♦☺☺♦QCertificate 'askf5' in file askf5.crt w
ill expire on Sat Jul 14 18:15:24 2007 GMT0↨♠
+♠☺♠♥☺☺♦♥ ♠     +♠☺♦☺Ü/☻♦