ct_mon monitors Certificate Trasparency logs by specified regexp in CN or SAN, sends mail notifications/stores certificate details in MongoDB.
$ git clone https://github.com/kyprizel/ct_mon.git ct_mon
$ cd ct_mon
$ vi conf/config.json
$ docker build -t ct_mon .
$ docker run ct_mon
I recommend to setup MongoDB to store the monitoring states and/or certificate matches.
**default:**required param
example:"(?i)(yandex\.|yandex-team)"
Regexp to search certificates
default:[]
example:["eldar@kyprizel.net"]
List of emails to notify about new certificates
**default:**required param
**example:**localhost
MongoDB connection parameters, will be used to store matched certificate entries and monitor state
**default:**false
**example:**true
If true - store found certificates in DB
**default:**30
**example:**600
Number of seconds after which monitor state will be stored to DB
**default:**empty
**example:**user@domain.com
SMTP From value
**default:**empty
**example:**localhost
SMTP host
**default:**empty
**example:**pki@yourdomain.com
SMTP user
**default:**empty
SMTP password
**default:**25 **example:**25
SMTP port
default:"Certificate Transparency monitor notification"
example:"CT monitor notification"
Mail subject
**default:**false
**example:**true
If true - persons listed in notify_persons will be notified on every matched certificate
default:[]
example:[YandexExternalCA", "GlobalSign Organization Validation CA - G2", "Yandex CA"]
Whitelist of CAs, certificates signed by this CAs will pass the test
**default:**0
**example:**102780000
CT index to start fetching from, bigger value overrides DB state
**default:**0
**example:**30
Number of seconds to launch a rescan, if not set - daemon will exit on reaching the end of log.