I understand what you're trying to accomplish.

It could be done just with careful triggers, but as you add processes to "the group", it turns into a bit of a combinatorial explosion of cases to consider. I also can't think of any way to make it easily configurable per host, if you do it by AND'ing and OR'ing a long list of triggers.

My next thought was to suggest Aggregate checks ( https://www.zabbix.com/documentation...ypes/aggregate ) , but those aren't what you want here either. If you needed to know how many of your systems don't have apache running, you could use an Aggregate, but that's a different type of question.

The next thing that came to mind is a Calculated item ( https://www.zabbix.com/documentation...pes/calculated ). This is probably closest to what you want. It's still not perfect, since you now have to decide what calculation and combination of item keys is going to give you the metric you're looking for. It's also not easily configurable per host to include or exclude certain items. If you can get the calculated item working, though, making your triggers work with it will be easier than the combinatorial method I alluded to earlier.

One final thought: This is a completely different approach, but at least for the application stack you're talking about, what you could do instead is use trigger dependencies. For example, if your web-based application requires that mysqld is running, then make the trigger for mysqld be a *dependency* for the triggers for apache and php. That way, if apache, php, and mysqld are all off line at the same time, you only get alerted about mysqld. Basically, only alert about the "lowest level" item that is nonfunctional.

If you arrive at a solution that works for your site, please update this thread. It's an interesting problem, and the approach you take may be helpful to others.