Help with rule for missing SSL Cert

[Andrew Lebbon]

Hi All,

Please could someone check that the expression Im using below will actually show a missing SSL Cert ? I can't find a documented way of checking for a missing cert only expiring etc:

  - alert: Alerts on missing Cert

    expr: absent(probe_ssl_earliest_cert_expiry{instance!="www.bulkblacklist.com"})

    for: 10m

    labels:

      severity: warning

      title: SSL Cert Could Not Be Found

    annotations:

      description: The SSL cert for {{$labels.instance}} could not be found.

Any help appreciated, the other two rules I have work:

Full Rule I have:

groups:

- name: hcs.ssl_expiry.alerts.rules

  rules:

  - alert: SSL Cert Expiring Soon

    expr: probe_ssl_earliest_cert_expiry{instance!="www.bulkblacklist.com"} - time() < 86400 * 30

    for: 10m

    labels:

      severity: warning

      title: SSL Cert Expiring Soon

    annotations:

      description: The SSL cert for {{$labels.instance}} will expire in the next 30 days.

  - alert: Alerts on missing Cert

    expr: absent(probe_ssl_earliest_cert_expiry{instance!="www.bulkblacklist.com"})

    for: 10m

    labels:

      severity: warning

      title: SSL Cert Could Not Be Found

    annotations:

      description: The SSL cert for {{$labels.instance}} could not be found.

  - alert: SSL Cert Expiring in the next 10 days.

    expr: probe_ssl_earliest_cert_expiry{instance!="www.bulkblacklist.com"} - time() < 86400 * 10

    for: 10m

    labels:

      severity: critical

      title: SSL Cert Expiring in the next 10 days.

    annotations:

      description: The SSL cert for {{$labels.instance}} will expire in the next 10 days.

Many Thanks

Andrew Lebbon