Source: https://git.zabbix.com/projects/ZBX/repos/zabbix/browse/templates/app/acronis?at=release/7.0
Acronis Cyber Protect Cloud by HTTP
Overview
This template is designed for the effortless deployment of Acronis Cyber Protect Cloud monitoring by Zabbix via HTTP and doesn't require any external scripts.
Requirements
Zabbix version: 7.0 and higher.
Tested versions
This template has been tested on:
- Acronis Cloud Platform version 23.07
Configuration
Zabbix should be configured according to the instructions in the Templates out of the box section.
Setup
This is a master template that needs to be assigned to a host, and it will automatically create MSP host prototype, which will monitor Acronis Cyber Protect Cloud metrics.
Before using this template it is required to create a new MSP-level API client for Zabbix to use. To do that, sign into your Acronis Cyber Protect Cloud WEB interface, navigate to Settings
-> API clients
and create new API client.
You will be shown credentials for this API client. These credentials need to be entered in the following user macros of this template:
-
{$ACRONIS.CPC.AUTH.CLIENT.ID}
- enterClient ID
here; -
{$ACRONIS.CPC.AUTH.SECRET}
- enterSecret
here; -
{$ACRONIS.CPC.DATACENTER.URL}
- enterData center URL
This is all the configuration needed for this integration.
Macros used
Name | Description | Default |
---|---|---|
{$ACRONIS.CPC.DATACENTER.URL} | Acronis Cyber Protect Cloud datacenter URL, e.g., https://eu2-cloud.acronis.com. |
|
{$ACRONIS.CPC.AUTH.INTERVAL} | API token regeneration interval, in minutes. By default, Acronis Cyber Protect Cloud tokens expire after 2 hours. |
110m |
{$ACRONIS.CPC.HTTP.PROXY} | Sets the HTTP proxy for the authorization item. Host prototypes will also use this value for HTTP proxy. If this parameter is empty, then no proxy is used. |
|
{$ACRONIS.CPC.AUTH.CLIENT.ID} | Client ID for API user access. |
|
{$ACRONIS.CPC.AUTH.SECRET} | Secret for API user access. |
|
{$ACRONIS.CPC.PATH.ACCOUNT.MANAGEMENT} | Sub-path for the Account Management API. |
/api/2 |
Items
Name | Description | Type | Key and additional info |
---|---|---|---|
Get access token | Authorizes API user and receives access token. |
HTTP agent | acronis.cpc.account_manager.get_token Preprocessing
|
LLD rule Acronis CPC: MSP Discovery
Name | Description | Type | Key and additional info |
---|---|---|---|
Acronis CPC: MSP Discovery | Discovers MSP and creates host prototype based on that. |
Dependent item | acronis.cpc.lld.msp_discovery |
Acronis Cyber Protect Cloud MSP by HTTP
Overview
This template is designed for the effortless deployment of Acronis Cyber Protect Cloud MSP monitoring by Zabbix via HTTP and doesn't require any external scripts.
Requirements
Zabbix version: 7.0 and higher.
Tested versions
This template has been tested on:
- Acronis Cloud Platform version 23.07
Configuration
Zabbix should be configured according to the instructions in the Templates out of the box section.
Setup
This template is not meant to be used independently. A host with the Acronis Cyber Protect Cloud by HTTP
template will request API token and automatically create a host prototype with this template assigned to it.
If needed, you can specify an HTTP proxy for the template to use by changing the value of {$ACRONIS.CPC.HTTP.PROXY}
user macro.
Device discovery trigger prototypes that check services which have failed to run, have trigger time offset user macros:
-
{$ACRONIS.CPC.OFFSET.SCHEDULED.ANTIMALWARE}
-
{$ACRONIS.CPC.OFFSET.SCHEDULED.BACKUP}
-
{$ACRONIS.CPC.OFFSET.SCHEDULED.VULNERABILITY}
-
{$ACRONIS.CPC.OFFSET.SCHEDULED.PATCH}
Using these macros, their respective triggers can be offset in both directions. For example, if you wish to make
sure that the trigger fires only when the current time is at least 3 minutes over the next scheduled antimalware
scan, then set the value of {$ACRONIS.CPC.OFFSET.SCHEDULED.ANTIMALWARE}
user macro to -180
.
This is the default behaviour.
Macros used
Name | Description | Default |
---|---|---|
{$ACRONIS.CPC.DATACENTER.URL} | Acronis Cyber Protect Cloud datacenter URL, e.g., https://eu2-cloud.acronis.com. |
|
{$ACRONIS.CPC.HTTP.PROXY} | Sets the HTTP proxy for the authorization item. Host prototypes will also use this value for HTTP proxy. If this parameter is empty, then no proxy is used. |
|
{$ACRONIS.CPC.CYBERFIT.WARN} | CyberFit score threshold for "warning" severity trigger. |
669 |
{$ACRONIS.CPC.CYBERFIT.HIGH} | CyberFit score threshold for "high" severity trigger. |
579 |
{$ACRONIS.CPC.OFFSET.SCHEDULED.ANTIMALWARE} | Offset time in seconds for scheduled antimalware scan trigger check. |
-180 |
{$ACRONIS.CPC.OFFSET.SCHEDULED.BACKUP} | Offset time in seconds for scheduled backup run trigger check. |
-180 |
{$ACRONIS.CPC.OFFSET.SCHEDULED.VULNERABILITY} | Offset time in seconds for scheduled vulnerability assessment run trigger check. |
-180 |
{$ACRONIS.CPC.OFFSET.SCHEDULED.PATCH} | Offset time in seconds for scheduled patch management run trigger check. |
-180 |
{$ACRONIS.CPC.DEVICE.RESOURCE.TYPE} | Comma separated list of resource types for devices retrieval. |
resource.machine |
{$ACRONIS.CPC.ALERT.DISCOVERY.CATEGORY.MATCHES} | Sets the alert category regex filter to use in alert discovery for including. |
.* |
{$ACRONIS.CPC.ALERT.DISCOVERY.CATEGORY.NOT_MATCHES} | Sets the alert category regex filter to use in alert discovery for excluding. |
CHANGE_IF_NEEDED |
{$ACRONIS.CPC.ALERT.DISCOVERY.SEVERITY.MATCHES} | Sets the alert severity regex filter to use in alert discovery for including. |
.* |
{$ACRONIS.CPC.ALERT.DISCOVERY.SEVERITY.NOT_MATCHES} | Sets the alert severity regex filter to use in alert discovery for excluding. |
CHANGE_IF_NEEDED |
{$ACRONIS.CPC.ALERT.DISCOVERY.RESOURCE.MATCHES} | Sets the alert resource name regex filter to use in alert discovery for including. |
.* |
{$ACRONIS.CPC.ALERT.DISCOVERY.RESOURCE.NOT_MATCHES} | Sets the alert resource name regex filter to use in alert discovery for excluding. |
CHANGE_IF_NEEDED |
{$ACRONIS.CPC.CUSTOMER.DISCOVERY.KIND.MATCHES} | Sets the customer name regex filter to use in customer discovery for including. |
customer |
{$ACRONIS.CPC.CUSTOMER.DISCOVERY.NAME.MATCHES} | Sets the customer name regex filter to use in customer discovery for including. |
.* |
{$ACRONIS.CPC.CUSTOMER.DISCOVERY.NAME.NOT_MATCHES} | Sets the customer name regex filter to use in customer discovery for excluding. |
CHANGE_IF_NEEDED |
{$ACRONIS.CPC.DEVICE.DISCOVERY.TENANT.MATCHES} | Sets the tenant name regex filter to use in device discovery for including. |
.* |
{$ACRONIS.CPC.DEVICE.DISCOVERY.TENANT.NOT_MATCHES} | Sets the tenant name regex filter to use in device discovery for excluding. |
CHANGE_IF_NEEDED |
{$ACRONIS.CPC.ACCESS_TOKEN} | API access token. |
|
{$ACRONIS.CPC.PATH.ACCOUNT.MANAGEMENT} | Sub-path for the Account Management API. |
/api/2 |
{$ACRONIS.CPC.PATH.RESOURCE.MANAGEMENT} | Sub-path for the Resource Management API. |
/api/resource_management/v4 |
{$ACRONIS.CPC.PATH.ALERTS} | Sub-path for the Alerts API. |
/api/alert_manager/v1 |
{$ACRONIS.CPC.PATH.AGENTS} | Sub-path for the Agents API. |
/api/agent_manager/v2 |
{$ACRONIS.CPC.MSP.TENANT.UUID} | UUID for MSP. |
Items
Name | Description | Type | Key and additional info |
---|---|---|---|
Register integration | Registers integration on Acronis services. |
Script | acronis.cpc.register.integration |
Get alerts | Fetches all alerts. |
HTTP agent | acronis.cpc.alerts.get Preprocessing
|
Get customers | Fetches all customers. |
HTTP agent | acronis.cpc.customers.get Preprocessing
|
Get devices | Fetches all devices. |
HTTP agent | acronis.cpc.devices.get Preprocessing
|
Alerts with "ok" severity | Gets count of alerts with "ok" severity. |
Dependent item | acronis.cpc.alerts.severity.ok Preprocessing
|
Alerts with "warning" severity | Gets count of alerts with "warning" severity. |
Dependent item | acronis.cpc.alerts.severity.warn Preprocessing
|
Alerts with "error" severity | Gets count of alerts with "error" severity. |
Dependent item | acronis.cpc.alerts.severity.err Preprocessing
|
Alerts with "critical" severity | Gets count of alerts with "critical" severity. |
Dependent item | acronis.cpc.alerts.severity.crit Preprocessing
|
Alerts with "information" severity | Gets count of alerts with "information" severity. |
Dependent item | acronis.cpc.alerts.severity.info Preprocessing
|
LLD rule Acronis CPC: Alerts discovery
Name | Description | Type | Key and additional info |
---|---|---|---|
Acronis CPC: Alerts discovery | Discovers alerts. |
Dependent item | acronis.cpc.alerts.discovery Preprocessing
|
Item prototypes for Acronis CPC: Alerts discovery
Name | Description | Type | Key and additional info |
---|---|---|---|
Alert [{#TYPE}]:[{#ALERT_ID}]: Alert severity | Severity for the alert. |
Dependent item | acronis.cpc.alert.severity[{#ALERT_ID}] Preprocessing
|
Trigger prototypes for Acronis CPC: Alerts discovery
Name | Description | Expression | Severity | Dependencies and additional info |
---|---|---|---|---|
Acronis: Alert [{#TYPE}]:[{#ALERT_ID}]: Alert has "critical" severity | Alert has "critical" severity. |
last(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.alert.severity[{#ALERT_ID}])=3 |
High | Manual close: Yes |
Acronis: Alert [{#TYPE}]:[{#ALERT_ID}]: Alert has "error" severity | Alert has "error" severity. |
last(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.alert.severity[{#ALERT_ID}])=2 |
Average | Manual close: Yes Depends on:
|
Acronis: Alert [{#TYPE}]:[{#ALERT_ID}]: Alert has "warning" severity | Alert has "warning" severity. |
last(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.alert.severity[{#ALERT_ID}])=1 |
Warning | Manual close: Yes Depends on:
|
LLD rule Acronis CPC: Customer discovery
Name | Description | Type | Key and additional info |
---|---|---|---|
Acronis CPC: Customer discovery | Discovers customers. |
Dependent item | acronis.cpc.customer.discovery Preprocessing
|
Item prototypes for Acronis CPC: Customer discovery
Name | Description | Type | Key and additional info |
---|---|---|---|
Customer [{#NAME}]: Enabled status | Enabled status for customer (true or false). |
Dependent item | acronis.cpc.customer.status[{#NAME}] Preprocessing
|
LLD rule Acronis CPC: Device discovery
Name | Description | Type | Key and additional info |
---|---|---|---|
Acronis CPC: Device discovery | Discovers devices. |
Dependent item | acronis.cpc.device.discovery Preprocessing
|
Item prototypes for Acronis CPC: Device discovery
Name | Description | Type | Key and additional info |
---|---|---|---|
Device [{#NAME}]:[{#ID}]: Raw data resources status | Gets statuses for device resources. |
HTTP agent | acronis.cpc.device.res.status.raw[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: CyberFit score | Acronis "CyberFit" score for the device. Value of "-1" is assigned if "CyberFit" could not be found for device. |
Dependent item | acronis.cpc.device.cyberfit[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Agent version | Agent version for the device. |
Dependent item | acronis.cpc.device.agent.version[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Agent enabled | Agent status (enabled or disabled) for the device. |
Dependent item | acronis.cpc.device.agent.enabled[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Agent online | Agent reachability for the device. |
Dependent item | acronis.cpc.device.agent.online[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Protection status | Protection status for device. |
Dependent item | acronis.cpc.device.protection.status[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Protection plan name | Protection plan name for device. |
Dependent item | acronis.cpc.device.protection.name[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Previous successful antimalware protection scan | Previous successful antimalware protection scan for device. |
Dependent item | acronis.cpc.device.protection.scan.prev.ok[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Previous antimalware protection scan | Previous antimalware protection scan for device. |
Dependent item | acronis.cpc.device.protection.scan.prev[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Next antimalware protection scan | Next scheduled antimalware protection scan for device. |
Dependent item | acronis.cpc.device.protection.scan.next[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Previous successful machine backup run | Previous successful machine backup run for device. |
Dependent item | acronis.cpc.device.backup.prev.ok[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Previous machine backup run | Previous machine backup run for device. |
Dependent item | acronis.cpc.device.backup.prev[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Next machine backup run | Next scheduled machine backup run for device. |
Dependent item | acronis.cpc.device.backup.next[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Previous successful vulnerability assessment | Previous successful vulnerability assessment for device. |
Dependent item | acronis.cpc.device.vuln.prev.ok[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Previous vulnerability assessment | Previous vulnerability assessment for device. |
Dependent item | acronis.cpc.device.vuln.prev[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Next vulnerability assessment | Next scheduled vulnerability assessment for device. |
Dependent item | acronis.cpc.device.vuln.next[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Previous successful patch management run | Previous successful patch management run for device. |
Dependent item | acronis.cpc.device.patch.prev.ok[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Previous patch management run | Previous patch management run for device. |
Dependent item | acronis.cpc.device.patch.prev[{#NAME}] Preprocessing
|
Device [{#NAME}]:[{#ID}]: Next patch management run | Next scheduled patch management run for device. |
Dependent item | acronis.cpc.device.patch.next[{#NAME}] Preprocessing
|
Trigger prototypes for Acronis CPC: Device discovery
Name | Description | Expression | Severity | Dependencies and additional info |
---|---|---|---|---|
Acronis: Device [{#NAME}]:[{#ID}]: CyberFit score critical | CyberFit score for this device is critical for at least 3 minutes. |
min(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.cyberfit[{#NAME}],3m) < {$ACRONIS.CPC.CYBERFIT.HIGH} and max(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.cyberfit[{#NAME}],3m) <> -1 |
High | Manual close: Yes |
Acronis: Device [{#NAME}]:[{#ID}]: CyberFit score low | CyberFit score for this device is low for at least 3 minutes. |
min(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.cyberfit[{#NAME}],3m) < {$ACRONIS.CPC.CYBERFIT.WARN} and max(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.cyberfit[{#NAME}],3m) <> -1 |
Warning | Manual close: Yes Depends on:
|
Acronis: Device [{#NAME}]:[{#ID}]: Agent disabled | Agent for this device is disabled for at least 3 minutes. |
max(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.agent.enabled[{#NAME}],3m) < 1 |
Info | Manual close: Yes |
Acronis: Device [{#NAME}]:[{#ID}]: Protection status "error" | Device has "error" protection status. |
last(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.protection.status[{#NAME}])="error" |
Average | Manual close: Yes |
Acronis: Device [{#NAME}]:[{#ID}]: Protection status "warning" | Device has "warning" protection status. |
last(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.protection.status[{#NAME}])="warning" |
Warning | Manual close: Yes Depends on:
|
Acronis: Device [{#NAME}]:[{#ID}]: Previous protection scan not successful | Device has "error" protection status. |
last(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.protection.scan.prev.ok[{#NAME}])<>last(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.protection.scan.prev[{#NAME}]) |
Average | Manual close: Yes |
Acronis: Device [{#NAME}]:[{#ID}]: Scheduled antimalware scan failed to run | Scheduled antimalware scan failed to run. |
last(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.protection.scan.next[{#NAME}]) < (now() + {$ACRONIS.CPC.OFFSET.SCHEDULED.ANTIMALWARE}) |
Warning | Manual close: Yes |
Acronis: Device [{#NAME}]:[{#ID}]: Previous machine backup run not successful | Previous machine backup did not run successfully. |
max(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.backup.prev.ok[{#NAME}],1m)<>max(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.backup.prev[{#NAME}],1m) |
Average | Manual close: Yes |
Acronis: Device [{#NAME}]:[{#ID}]: Scheduled machine backup failed to run | Scheduled machine backup failed to run. |
last(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.backup.next[{#NAME}]) < (now() + {$ACRONIS.CPC.OFFSET.SCHEDULED.BACKUP}) |
Warning | Manual close: Yes |
Acronis: Device [{#NAME}]:[{#ID}]: Previous vulnerability assessment not successful | Previous vulnerability assessment did not run successfully. |
max(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.vuln.prev.ok[{#NAME}],1m)<>max(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.vuln.prev[{#NAME}],1m) |
Average | Manual close: Yes |
Acronis: Device [{#NAME}]:[{#ID}]: Scheduled vulnerability assessment failed to run | Scheduled vulnerability assessment failed to run. |
last(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.vuln.next[{#NAME}]) < (now() + {$ACRONIS.CPC.OFFSET.SCHEDULED.VULNERABILITY}) |
Warning | Manual close: Yes |
Acronis: Device [{#NAME}]:[{#ID}]: Previous patch management run not successful | Previous patch management run did not run successfully. |
max(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.patch.prev.ok[{#NAME}],1m)<>max(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.patch.prev[{#NAME}],1m) |
Average | Manual close: Yes |
Acronis: Device [{#NAME}]:[{#ID}]: Scheduled patch management failed to run | Scheduled patch management failed to run. |
last(/Acronis Cyber Protect Cloud MSP by HTTP/acronis.cpc.device.patch.next[{#NAME}]) < (now() + {$ACRONIS.CPC.OFFSET.SCHEDULED.PATCH}) |
Warning | Manual close: Yes |
Feedback
Please report any issues with the template at https://support.zabbix.com
You can also provide feedback, discuss the template, or ask for help at ZABBIX forums