I would have a special host and a host group, which would collect and keep business related information. Otherwise you mix technical and financial data, I doubt it is a good idea anyway.

That prevents me from allowing our operations staff to view the status of that special host or host group as a side effect. They could not tell me when that host is down.

I'm sure I'm not the only one that needs to collect some sensitive data and provide it to a limited audience without losing the ability to view the status of the source server.

No, you just create two hosts in Zabbix per one physical host. It is a workaround-style solution but it should work.

problem with that, we automatically update every host every day. When we have 2 hosts with the same name or IP they'll both be updated with the same configuration and I'll lose that host. In an environment this big we can't manually define anything or it quickly gets out of control.

I don't see any point arguing about if it's worth the effort or not. It very much is worth it to me. Contemplate the fact that limiting the security controls to controlling access to only hosts and host-groups is extremely confining and blows lots of the incredible flexibility of ZABBIX for large environments.

If the value of the trigger is generated from sensitive data and he wants only a few people to see the data but everyone to see the trigger setting up a seperate host will not fix what he wants.

Redneck. Short answer, no it's not possible.

Long answer, yes you can do it with some custom DB queries and some custom web work. This would be something perfect for a SOAP API.

it may be a pain for the developers to do but I'm sure they can do it. There's a lot to be said for extending the no-limits architecture to the security. It's the only thing that really holds Z back from being a really world class app in my opinion. It's still top shelf software and extremely well done but this is an opportunity for them to improve it in a way that while only really "important" to big shops but it'd still be useful as heck to the smaller shops out there. At 2 of the companies I've installed Z at they use it as the basis of a corporate intranet. It's not just a monitoring app. They're a little loose with their data security internally now (very small shops) but as they mature and hire more employees they'll want to keep more and more data restricted to certain people while not losing monitoring or alerting capabilities.

Basically... if metric-X tracked over time provides a barometer of site status, then you want to be able to alert on it right? But, you need to be able to hide certain presentations of the data itself from eyes that don't need to see it (such as financial data, I know people that monitor furnace temps, fuel flows and other really unconventional stuff with Zabbix too, so don't forget about those folks... they have security needs too).

Sounds very similar to how I understand sites like EBay and others measure overall site health. If the revinue coming in now is less than what it was last week on this day and this time of year and a few other points, there is a problem. You don't want people having access to that revinue information, but you do want them to have access to the status of the health trigger. :-)

exactly correct.