Hi, sorry for the long delay.
Please find attached some sample documents:
- Monitor that is showing an as expired in TLS Cert page and in Monitors page:
{
"took" : 1407,
"timed_out" : false,
"_shards" : {
"total" : 2,
"successful" : 2,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 10000,
"relation" : "gte"
},
"max_score" : null,
"hits" : [
{
"_index" : "heartbeat-7.15.0-2021.12.23-000004",
"_type" : "_doc",
"_id" : "h878cX4BAtKwMU-HPHxm",
"_score" : null,
"fields" : {
"tls.version" : [
"1.2"
],
"tls.server.x509.subject.distinguished_name" : [
"CN=*.fotoware.com"
],
"tls.server.x509.serial_number" : [
"265377785648398644839330295164343369846751"
],
"tls.server.x509.issuer.common_name" : [
"R3"
],
"tls.server.x509.public_key_algorithm" : [
"RSA"
],
"tls.version_protocol" : [
"tls"
],
"monitor.timespan" : [
{
"lt" : "2022-01-19T10:58:40.499Z",
"gte" : "2022-01-19T10:57:40.499Z"
}
],
"tls.cipher" : [
"ECDHE-RSA-AES-128-GCM-SHA256"
],
"tls.server.hash.sha1" : [
"2ddd12867c8b5ba586333303adf56112efb1bc00"
],
"monitor.id" : [
"19"
],
"tls.certificate_not_valid_before" : [
"2021-12-06T12:55:11.000Z"
],
"tls.certificate_not_valid_after" : [
"2021-12-08T15:59:50.000Z"
],
"tls.rtt.handshake.us" : [
213858
],
"@timestamp" : [
"2022-01-19T10:57:39.983Z"
],
"tls.server.x509.not_after" : [
"2021-12-08T15:59:50.000Z"
],
"tls.server.x509.subject.common_name" : [
"*.fotoware.com"
],
"tls.server.x509.not_before" : [
"2021-12-06T12:55:11.000Z"
],
"tls.server.x509.issuer.distinguished_name" : [
"CN=R3,O=Let's Encrypt,C=US"
],
"tls.established" : [
true
],
"tls.server.x509.public_key_exponent" : [
65537
],
"url.full" : [
"https://bamboo.fotoware.com/rest/api/latest/status"
],
"tls.server.hash.sha256" : [
"a7c422cace90b1028d1e1e73864d1fb2441f1002f51f7b2ad22cfd5109f2f18a"
]
},
"sort" : [
1642589859983
]
}
]
}
}
- Monitor that is showing expired cert only in TLS Cert page:
{
"took" : 239,
"timed_out" : false,
"_shards" : {
"total" : 2,
"successful" : 2,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 10000,
"relation" : "gte"
},
"max_score" : null,
"hits" : [
{
"_index" : "heartbeat-7.15.0-2021.12.23-000004",
"_type" : "_doc",
"_id" : "7yT-cX4BAopBheBaY4ep",
"_score" : null,
"fields" : {
"tls.version" : [
"1.2"
],
"tls.server.x509.subject.distinguished_name" : [
"CN=*.fotoware.com"
],
"tls.server.x509.serial_number" : [
"265377785648398644839330295164343369846751"
],
"tls.server.x509.issuer.common_name" : [
"R3"
],
"tls.server.x509.public_key_algorithm" : [
"RSA"
],
"tls.version_protocol" : [
"tls"
],
"monitor.timespan" : [
{
"lt" : "2022-01-19T11:00:59.217Z",
"gte" : "2022-01-19T10:59:59.217Z"
}
],
"tls.cipher" : [
"ECDHE-RSA-AES-256-GCM-SHA384"
],
"tls.server.hash.sha1" : [
"2ddd12867c8b5ba586333303adf56112efb1bc00"
],
"monitor.id" : [
"14"
],
"tls.certificate_not_valid_before" : [
"2021-12-06T12:55:11.000Z"
],
"tls.certificate_not_valid_after" : [
"2022-03-06T12:55:10.000Z"
],
"tls.rtt.handshake.us" : [
1350813
],
"@timestamp" : [
"2022-01-19T10:59:56.726Z"
],
"tls.server.x509.not_after" : [
"2022-03-06T12:55:10.000Z"
],
"tls.server.x509.subject.common_name" : [
"*.fotoware.com"
],
"tls.server.x509.not_before" : [
"2021-12-06T12:55:11.000Z"
],
"tls.server.x509.issuer.distinguished_name" : [
"CN=R3,O=Let's Encrypt,C=US"
],
"tls.established" : [
true
],
"tls.server.x509.public_key_exponent" : [
65537
],
"url.full" : [
"https://trk.fotoware.com/ping"
],
"tls.server.hash.sha256" : [
"a7c422cace90b1028d1e1e73864d1fb2441f1002f51f7b2ad22cfd5109f2f18a"
]
},
"sort" : [
1642589996726
]
}
]
}
}
- Monitor that is fine:
{
"took" : 247,
"timed_out" : false,
"_shards" : {
"total" : 2,
"successful" : 2,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 10000,
"relation" : "gte"
},
"max_score" : null,
"hits" : [
{
"_index" : "heartbeat-7.15.0-2021.12.23-000004",
"_type" : "_doc",
"_id" : "syUBcn4BAopBheBaFrgC",
"_score" : null,
"fields" : {
"tls.version" : [
"1.2"
],
"tls.server.x509.subject.distinguished_name" : [
"CN=fotoware.com"
],
"tls.server.x509.serial_number" : [
"298984076984006459550215663264375414305827"
],
"tls.server.x509.issuer.common_name" : [
"R3"
],
"tls.server.x509.public_key_algorithm" : [
"RSA"
],
"tls.version_protocol" : [
"tls"
],
"monitor.timespan" : [
{
"lt" : "2022-01-19T11:03:58.963Z",
"gte" : "2022-01-19T11:02:58.963Z"
}
],
"tls.cipher" : [
"ECDHE-RSA-AES-256-GCM-SHA384"
],
"tls.server.hash.sha1" : [
"36ef4040a8b0be56eb7952c90ec94a66af419474"
],
"monitor.id" : [
"41"
],
"tls.certificate_not_valid_before" : [
"2021-12-06T12:54:05.000Z"
],
"tls.certificate_not_valid_after" : [
"2022-03-06T12:54:04.000Z"
],
"tls.rtt.handshake.us" : [
1430244
],
"@timestamp" : [
"2022-01-19T11:02:56.769Z"
],
"tls.server.x509.not_after" : [
"2022-03-06T12:54:04.000Z"
],
"tls.server.x509.subject.common_name" : [
"fotoware.com"
],
"tls.server.x509.not_before" : [
"2021-12-06T12:54:05.000Z"
],
"tls.server.x509.issuer.distinguished_name" : [
"CN=R3,O=Let's Encrypt,C=US"
],
"tls.established" : [
true
],
"tls.server.x509.public_key_exponent" : [
65537
],
"url.full" : [
"https://fotoware.com/"
],
"tls.server.hash.sha256" : [
"d522aaa56744ed01d8e5a45a539182f854954ed3d91c32ad18570d5b46930ec7"
]
},
"sort" : [
1642590176769
]
}
]
}
}
I've excluded only 2 fields from tls.* fields.
We don't have possibility to set up a new test heartbeat config atm.
Hope this helps.
Kind regards,
Dane