Ad Widget

Collapse

How to apply same trigger rules to all items of a host?

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • pzn
    Junior Member
    • Feb 2023
    • 8
    #1

    How to apply same trigger rules to all items of a host?

    Hello,

    I'm a Zabbix newbie and I need advice about how to configure hosts/templates/items/triggers to handle this case.

    Letsencrypt issues tls certificates to some hosts and ports.

    I have an script that tests the certificates for correctness and validity; if all is OK, it will send a host/key/value of the validity to zabbix trapper.

    Many hosts have the certificates installed in different ports, example: 443, 993, 25, 587. I can have different trapper keys with port names, example keytlsvalid443, keytlsvalid993, ...

    I'd like to use 3 triggers for every item:
    - "warn" if valid <14 days
    - "average" if valid <5 days
    - "warn" if nodata() for the last 12hours

    How can I create the templates in a way that I can "apply" them to every item in a specific host? I noticed that templates can be assigned to hosts, not to items. Any way to create a template with some "variable" to match that?

    It seems that my "working design" is not matching Zabbix...

    Any ideas? Any specific manual to read about that? Using 6.0.13

    Thanks in advance,
    Tags: None
    • pzn
      Junior Member
      • Feb 2023
      • 8
      #2
      I can do it this way:

      Create a template "Letsencrypt 443" with:
      • item "port 443 certificate validity" as zabbix trapper key=tlsvalidity443
      • trigger "warn, <14 weeks to expire"
      • trigger "average, <5 days to expire"
      • trigger "warn nodata for 12 hours"
      Create a template "Letsencrypt 25" with:
      • item "port 25 certificate validity" as zabbix trapper key=tlsvalidity25
      • same 3 triggers as above
      ​...

      Then I create "myhost" and apply both templates to it. This will work.

      Any better approach to solve this? Any way to create a "parametrized" template that I can specify port number when applying to host?

        Comment

        • LenR
          Senior Member
          • Sep 2009
          • 1005
          #3
          The only "parameterized" template method is LLD, if you could generate a LLD JSON object of listening ports on your host, it should work. Maybe "netstat -anp | grep your_process_name | script to make json"

          Edit: Add a filter for "LISTEN" probably

            Comment

            • guille.rodriguez
              Senior Member
              • Jun 2022
              • 114
              #4
              You can use this template...

              SSL monitoring and integration with Zabbix
              https://www.zabbix.com/la/integrations/ssl


              just override macros in hosts that are not the "default" port

              I use in my work for monitor all the certificates of our internal websites (signed by our internal PKI), we set trigger when cert expiration < 90 days, because we sign certificates for 2 years.

              Create a hosts for this website but set Zabbix Agent to 127.0.0.1 (to force server or proxy to execute). You can create many "website hosts" as you want.

              1 hosts for 1 website for example, something like this

              Click image for larger version Name: TnnxtQG.png Views: 1 Size: 27.9 KB ID: 459862

              Btw the server or client that executes this check, need Zabbix Agent 2 installed
              Last edited by guille.rodriguez; 21-02-2023, 21:14.

                Comment

                Previous template Next
                Working...