Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
3869
Views
7
Helpful
2
Replies

SNMP monitoring (Poll or Traps) for certificate expiry warnings, date or valid period on ISE v2

Go to solution
danostergren
Level 1
Level 1

‎06-14-2021 08:49 AM - edited ‎06-14-2021 08:50 AM

Hi,

We are trying to figure out if there is a way to monitor certificate valid period / expiry date via SNMP on ISE v2.

 

From earlier posts this kind of monitoring seems to usually be done via SMTP or syslog. However, this solution is not preferable with the monitoring system that is implemented today.

 

Therefore, we are looking for a way this could be handled with SNMP, either access-able MIB for poll or if any trap option could be used for warnings, retrieval of valid period or expiry date.

 

Does anyone know if SNMP is an option/does allow for this kind of monitoring?

 

BR Dan

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee

‎06-15-2021 08:17 PM

See the following post for info on which MIBs are supported for polling.

Monitoring ISE health using SNMP Polling 

None of these MIBs would have access into the ISE application database where the certificates are stored, so polling for certificate info is not currently possible.

View solution in original post

2 Replies 2

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee

‎06-15-2021 08:17 PM

See the following post for info on which MIBs are supported for polling.

Monitoring ISE health using SNMP Polling 

None of these MIBs would have access into the ISE application database where the certificates are stored, so polling for certificate info is not currently possible.

Go to solution
Arne Bier
VIP
VIP
In response to Greg Gibbs

‎06-16-2021 04:27 AM

The best hope you have here is to enable email alerting. To be honest, as primitive as it may sound, it's quite effective, as long as someone actually reads those emails and acts on them. Then again, the same point applies to monitoring and acting on the barrage of SNMP and SYSLOG events.

 

Top