Is it possible to do such an action in zabbix to monitor the local network and inform me when a new host (new IP or MAC address) appears on the network?
-
-
Quick and dirty Idea (unfinished):
(Prerequisits: allow zabbix user to exeuce nmap via sudo)
parse output based of diff result (wich hosts left, which are new, etc)Code:#!/bin/bash mv /tmp/nw_now /tmp/nw_last sudo nmap -oG - -T5 -sP -PO 10.17.195.0/24 | awk '/^Host:/' > /tmp/nw_now diff /tmp/nw_now /tmp/nw_last ...
nmap tries to reach all the IPs inside the network via ICMP.
The -P0 command is important as nmap tries to connect to other well known ports like 80 and 443 if the host does NOT anwer via ICMP, whick, over a routet/Firewalled network may cause some high amount of connection in a short amount of time!
Comment