Show Valid Certificates On Device
Query
// Use Case: Identifying and monitoring active SSL/TLS certificates to ensure website security and trustworthiness.
Certificate
| where ValidToDateTime > now()
| project ValidToDateTime, SubjectName, CommonNameExplanation
This query is designed to help monitor the security of a website by identifying active SSL/TLS certificates. Here's a simple breakdown of what it does:
-
Certificate: This is the data source or table that contains information about SSL/TLS certificates.
-
where ValidToDateTime > now(): This filters the certificates to only include those that are still valid, meaning their expiration date (ValidToDateTime) is in the future compared to the current date and time (now()).
-
project ValidToDateTime, SubjectName, CommonName: This selects and displays only specific pieces of information from the filtered certificates:
- ValidToDateTime: The expiration date of the certificate.
- SubjectName: The name of the entity to which the certificate was issued.
- CommonName: The common name associated with the certificate, often the domain name of the website.
In summary, this query helps you keep track of which SSL/TLS certificates are currently valid and provides key details about them to ensure your website remains secure and trustworthy.
Details

Ugur Koc
Released: December 13, 2024
Tables
Keywords
Operators