Hi guys,

I tried to use the function "userparamter' in zabbix_agented.conf to gather performance infromation of Snort which is an intrusion detection system. These statics includes cpu, ram usages and the dropped packet from the sniffed interface.

I found this script "UserParameter=tss.snort.perfmon[*],tail -n1 '/var/log/snort/$1/snort.stats' | awk -F ',' '{print $ $2}'". The author claims he gathered static information about the dropped packts in eth0 interface. I've read the user manaual and there was no luck to understand the 'userparamater". I would really appricate it if anyone helps me to understand the way of using this script to gather the required information. I know for a fact that there is a perfomance processor that gives all the information zabbix needs such as Snort Realtime Performance :
Pkts Recv: 1858011
Pkts Drop: 0
% Dropped: 0.000%
Blocked: 0
Mbits/Sec: 139.663 (wire)
Mbits/Sec: 0.000 (mpls)
Mbits/Sec: 0.391 (ip fragmented)
Mbits/Sec: 0.377 (ip reassembled)
Mbits/Sec: 3.162 (tcp rebuilt)
Mbits/Sec: 142.434 (app layer)
CPU Usage: 89.562% (user) 3.581% (sys) 6.857% (idle)
Alerts/Sec : 53.927



please help me