add metric: cert_expire_timestamp

2022-04-20 15:35:39 +08:00 · 2022-04-20 15:35:39 +08:00 · a2626576df
parent 93c88c32cc
commit a2626576df
2 changed files with 21 additions and 0 deletions
--- a/inputs/http_response/http_response.go
+++ b/inputs/http_response/http_response.go
@ -309,6 +309,11 @@ func (ins *Instance) httpGather(target string) (map[string]string, map[string]in
 		fields["result_code"] = Success
 	}

+	// check tls cert
+	if strings.HasPrefix(target, "https://") && resp.TLS != nil {
+		fields["cert_expire_timestamp"] = getEarliestCertExpiry(resp.TLS).Unix()
+	}
+
 	defer resp.Body.Close()

 	// metric: response_code
--- a/inputs/http_response/tls.go
+++ b/inputs/http_response/tls.go
@ -0,0 +1,16 @@
+package http_response
+
+import (
+	"crypto/tls"
+	"time"
+)
+
+func getEarliestCertExpiry(state *tls.ConnectionState) time.Time {
+	earliest := time.Time{}
+	for _, cert := range state.PeerCertificates {
+		if (earliest.IsZero() || cert.NotAfter.Before(earliest)) && !cert.NotAfter.IsZero() {
+			earliest = cert.NotAfter
+		}
+	}
+	return earliest
+}