Ad Widget

Collapse

Monitor windows antivirus is up to date

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • kantill
    Junior Member
    • Apr 2009
    • 16
    #1

    Monitor windows antivirus is up to date

    I am trying to have zabbix monitor if an a windows antivirus is uptodate or not. I found the following string for the zabbix agent conf file UserParameter=antivirus.uptodate,wmic /NAMESPACE:\\root\SecurityCenter PATH AntiVirusProduct GET productuptoDate | findstr /V "productUptoDate"

    I have tested the cmd in windows and it works so I now I need an item and a trigger so I can get alerts.

    So any help would be great

    Thanks.
    Tags: None
    • bobrivers
      Senior Member
      • Feb 2007
      • 115
      #2
      Monitor antivirus

      We do this kind of monitoring, but using Symantec.

      If you already have the command line and it is working, now you only need to create an item.

      Go to the configuration screen and create an item to the monitored host.

      Into the "key" field, put antivirus.uptodate and define the rest of the fields as usual.

      In my case, my script returns "0" when it is up to date, and "1" when it is not. So, I also created a "throw map".

      Bob

        Comment

        • kantill
          Junior Member
          • Apr 2009
          • 16
          #3
          Monitor antivirus

          Thanks for the reply, forgive me for I am new to zabbix and was hoping you can send me your items and triggers on this?

            Comment

            • dweatherly
              Junior Member
              • Apr 2010
              • 3
              #4
              Windows 7 update

              For those trying this on Windows 7, you need to change the wmic string to use SecurityCenter2 instead of SecurityCenter.

              For example to find what AV software is running:
              C:\>wmic /NAMESPACE:\\root\SecurityCenter2 PATH AntiVirusProduct GET /value | find "displayName"

              Create an entry in your zabbix_agent.conf as
              UserParameter=antivirus.Name,wmic /NAMESPACE:\\root\SecurityCenter2 PATH AntiVirusProduct GET /value | find "displayName"

              and create an item in Zabbix with key name antivirus.Name, Type of info as character. This would then be informational like the zabbix version, but triggers could be defined if you want.

                Comment

                Previous template Next
                Working...