1. Details for each individual FQDN are stored in json files.
2. each json file contains the following information

{
    "hostname": "example.com",
    "ip_address": "",
    "port": "443",
    "warning_days": "25",
    "critical_days": "10",
    "contact": "somebody to contact here",
    "ticket": "abc-1234"
  }

1. hostname: name of host to monitor
2. ip_address: if you need to check a specific ip address
3. port: tcp port to check
4. warning_days: number of days till expiration that a warning will alert will trigger
5. critical_days: number of days till expiration that a critical will alert will trigger
6. contact: contact information for this specific certificate
7. ticket: ticket number used to track the creation of the monitoring

*N.B.*

1. all fields are mandatory.
2. the template doesn't currently handle missing fields cleanly.

1. install jq to parse the json files , and Zabbix Agent 2
2. configure zabbix agent to allow 'system.run[]'
3. place json files in /certs/public/
4. add discover-certs.sh script to /zabbix/bin/ directory
   1. should probably be done via external scripts directory

discover-certs.sh

#!/bin/sh
DIR="${1}"
if [ ! -d "${DIR}" ];then
        echo "${DIR} does not exist"
        exit 1
fi
jq -s '.' "${DIR}"/*.json

an item “get hosts to monitor” that will gather the json files ( tag: Application: Certificate Monitoring Discovery)

For discovery:

1. Create a discovery rule as a dependent item of “get hosts to monitor”
2. preprocessing to create LLD macros

{#CERT_EXPIRY_CRITICAL_DAYS} : $.critical_days

{#CERT_EXPIRY_WARNING_DAYS} : $.warning_days
{#CONTACT_INFO} : $.contact
{#CRITICAL_DAYS} : $.critical_days
{#HOSTNAME} : $.hostname
{#IP_ADDRESS} : $.ip_address
{#PORT} : $.port

Item prototypes Item prototype 1

Name:  cert monitor for {#HOSTNAME}:{#PORT} {#IP_ADDRESS}

Trigger prototypes