Certificate transparency logs are an amazing way to get a good overview of your certificate landscape, detect fraud (bad guys also use TLS) and find shadow IT and unknown cloud services. The problem is that there are not many good places to search these logs. The best I have found is from Symantec, although it is slow and errors out often but it works for what I need.
The best way to get the data from this service I found is with this simple bash script I put together that runs a curl command and downloads a .csv.
Running is is as simple as:
./ctlog.sh yourorgsname
https://gist.github.com/jgamblin/8b34ba91825a8c2859720033bfe81da8
The output should look like this:
(If it is blank the service likely timed out and you will need to rerun it.)
Unless you are really on top of your game you are likely to find a valid certificate you didn’t know about.