icingaweb2-module-x509 icon indicating copy to clipboard operation
icingaweb2-module-x509 copied to clipboard

Published 20 hours ago verified publisher icon Icinga

Partial scan

Open gibsonc opened this issue 4 years ago • 3 comments

After using this tool I would like to suggest a possible future enhancement.

In my case I have some large /22 subnets to scan initially. It takes forever to complete.

It would be nice to have a flag in the scan jobs to do a --full or --update that will allow for quicker updates to already discovered objects.

An alternative would also be do have an on demand scan for just a single object that can be checked after remediation of a certificate that has, or is about to expire.

gibsonc avatar Nov 25 '20 07:11 gibsonc

We could add a flag that only scans already known addresses if their last update is older than n seconds|minutes|hours|days :thinking: Good idea! :+1:

nilmerg avatar Nov 30 '20 08:11 nilmerg

An alternative would also be do have an on demand scan for just a single object that can be checked after remediation of a certificate that has, or is about to expire.

@yhabteab Please also implement this feature.

lippserd avatar Sep 16 '22 06:09 lippserd

I think the following makes sense:

  • There is a rescan command that rescans only known IPs, optionally only if the last scan is older than a certain time.
  • It should be possible to perform successive scans. In the sense that already known IPs are excluded, but they are optionally rescanned if the last scan is older than a certain time.
  • And of course we should continue to provide the current behavior of the full scan.

lippserd avatar Sep 16 '22 06:09 lippserd