In other monitoring systems I have always configured a 'should' scenario and monitoring tells me how reality deviates from it.
What worries me a little bit in Zabbix is the fact that you just discover everything regularly. This may be interesting to get started quickly but not always a good thing afterwards.
Notably in networking this raises some questions. Example: I do not simply want a port that someone sets to a different state (enabled/disabled/whatever) to be just "learned". It could have been a hacker, or me having a bad day.
It deserves to be an alert, and not automatically accepted as the "new normal".
Normally I would have a source of truth somewhere giving the desired configuration. And unless I update that source, any deviation from it will remain an alert.
How are such scenarios supposed to be handled by ZBX?
What worries me a little bit in Zabbix is the fact that you just discover everything regularly. This may be interesting to get started quickly but not always a good thing afterwards.
Notably in networking this raises some questions. Example: I do not simply want a port that someone sets to a different state (enabled/disabled/whatever) to be just "learned". It could have been a hacker, or me having a bad day.
It deserves to be an alert, and not automatically accepted as the "new normal".
Normally I would have a source of truth somewhere giving the desired configuration. And unless I update that source, any deviation from it will remain an alert.
How are such scenarios supposed to be handled by ZBX?