52 lines
1.8 KiB
Markdown
52 lines
1.8 KiB
Markdown
# ctail
|
|
|
|
Tail a Static CT log, printing a one-liner per new certificate or precertificate as it arrives.
|
|
|
|
## Usage
|
|
|
|
```bash
|
|
ctool tail [flags] <log-url>
|
|
```
|
|
|
|
Example:
|
|
|
|
```bash
|
|
ctool tail https://halloumi2026h2.mon.ct.ipng.ch
|
|
```
|
|
|
|
By default `ctool tail` starts at the current tree tip and prints new entries as they appear. Use `--from-leaf 0` to replay from the beginning.
|
|
|
|
## Output format
|
|
|
|
One line per entry:
|
|
|
|
```
|
|
leaf-index type validity-range issuer (up to 40 chars) subject name
|
|
```
|
|
|
|
Example:
|
|
|
|
```
|
|
1440154358 cert 2026-03-31..2026-06-29 Let's Encrypt R13 bereavementcounselling.uk
|
|
1440154359 pre 2026-03-31..2026-06-29 ZeroSSL ECC Domain Secured Ce... alpenglowforeverfilms.com
|
|
```
|
|
|
|
- **type**: `cert` for a final certificate, `pre` for a precertificate
|
|
- **issuer**: CommonName, prefixed with the organisation name when the CN alone is terse (e.g. `R13` → `Let's Encrypt R13`)
|
|
- **subject name**: first DNS SAN, falling back to the certificate's CommonName
|
|
|
|
## Flags
|
|
|
|
| Flag | Default | Description |
|
|
|---|---|---|
|
|
| `--interval` | `15s` | How often to poll the checkpoint (minimum 1s) |
|
|
| `--from-leaf` | `-1` | Start from this leaf index; `-1` means current tree tip |
|
|
| `--rate-limit` | `2s` | Minimum time between HTTP requests (minimum 100ms) |
|
|
| `--user-agent` | `ctail/VERSION (https://git.ipng.ch/certificate-transparency/)` | User-Agent header sent with every request |
|
|
|
|
## Notes
|
|
|
|
- The interval timer starts when the checkpoint is fetched, so tile-fetch time counts against the interval and the next poll stays on schedule.
|
|
- A tile is only fetched once the checkpoint confirms it is complete (256 entries). This avoids unnecessary 404s at the tree tip.
|
|
- Status and error messages go to stderr; the entry one-liners go to stdout.
|