Windows Certificate Store Event Monitor Reference Guide
Windows Certificate Store Event Monitor
Keeps track of your certificates in the Windows Certificate Store to alert you if they have expired or will soon.
Overview
The Windows Certificate Store Event Monitor watches your certificates and sends alerts about any detected issues. It can alert about new, expired, or invalid certificates, allowing you to take early corrective action.
Use Cases
- Receiving alerts when certificates are about to expire
- Alerting about other certificate items like validity and new certificates
Monitoring Options
This event monitor provides the following options:
Monitor [all certificates/local machine only/current user only]
This option lets you choose which certificates to monitor with the following settings.
Alert with [Info/Warning/Error/Critical] if the device cannot be contacted
Use this option to receive an alert of your choice if the device you're monitoring couldn't be contacted by the event monitor.
Alert with [Info/Warning/Error/Critical] if the certificate has expired
This option lets you choose an alert level to receive if the certificate you're monitoring has expired.
Alert with [Info/Warning/Error/Critical] if the certificate is not valid
Use this option to receive your choice of alert if the certificate is found to be invalid.
Alert with [Info/Warning/Error/Critical] if the certificate is new from the previous check
This option will alert you to any new certificate that wasn't found during the previous checks.
Alert if the certificate will expire in less than a specified number of days
This option will alert you if your certificate is near expiring. Input a number of days until expiry that will trigger each alert level.
Alert if the certificate will expire in more than a specified number of days
Use this option to receive an alert if a certificate that's meant to expire soon does not expire.
Include a table of certificates [before all/after all] event text
Check this box to receive a list of all certificates in each event monitor output.
Include all the certificates
This option will include all detected certificates in the event text.
Include valid certificates
This option lets you selectively include valid certificates.
Include expired certificates
Checking this box will show all expired certificates in the event text generated each time the event monitor runs.
Include certificates expiring in the next 30 days
This checkbox will include a list of all certificates expiring within the month in the event text.
Include certificates with verification errors
With this box checked, any and all certificates with verification errors will be listed in the event text.
Ignore Certificates in the root store
This option will exclude any certificates found in the root store.
Only check the following certificates
Enter a list of certificates to selectively monitor with each new entry on a new line. With this option enabled, the event monitor will only check certificates listed here.
Certificates to ignore
Enter a list of certificates to ignore, with each new entry on a new line. When the event monitor runs, it will skip over the specified certificates.
Authentication and Security
The account used to monitor this device must be a part of the Remote Management Users group.
Protocols
Data Points
This event monitor generates the following data points:
| Data Point | Description |
|---|---|
| Certificates | The number of certificates detected. |
Sample Output
