Ad Widget

Collapse

Zabbix Agent brings me some random services which are not running

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Toorms
    Junior Member
    • Dec 2022
    • 9
    #1

    Zabbix Agent brings me some random services which are not running

    Hello Community,

    since I installed the Zabbix Agent (also the same problems with Zabbix Agent 2) the agent gives me some messages about services which are supposedly not running. But when I'm looking for the service in the Windows 11 virtual machine, I got nothing about it. So the service does not even exists.

    Is there anything to do in the configruation file to throw theses messages away?

    Code:
    PS C:\Windows\system32> Get-Service | Where-Object {$_.displayName.StartsWith("webthreatdefusersvc_4bfb96a")} | Select name                                  
PS C:\Windows\system32>
    Click image for larger version Name: image.png Views: 156 Size: 47.7 KB ID: 492523
    Tags: None
    • cyber
      Senior Member
      Zabbix Certified SpecialistZabbix Certified Professional
      • Dec 2006
      • 4807
      #2
      That "_128b6b" part refers to a service started up by a user session. It changes ... You need to edit the template macro ({$SERVICE.NAME.NOT_MATCHES}) to ignore those services with regex patterns... i.e "cbdhsvc_.*" Then discovery will not pick them up and you will not have useless triggers.
        👍 1

        Comment

        • Toorms
          Junior Member
          • Dec 2022
          • 9
          #3
          Originally posted by cyber
          That "_128b6b" part refers to a service started up by a user session. It changes ... You need to edit the template macro ({$SERVICE.NAME.NOT_MATCHES}) to ignore those services with regex patterns... i.e "cbdhsvc_.*" Then discovery will not pick them up and you will not have useless triggers.
          Is this correct?

          Code:
          ^(?:RemoteRegistry|MMCSS|gupdate|SysmonLog|clr_optimization_v.+|sppsvc|gpsvc|Pml Driver HPZ12|Net Driver HPZ12|MapsBroker|IntelAudioService|Intel\(R\) TPM Provisioning Service|dbupdate|DoSvc|CDPUserSvc_.+|WpnUserService_.+|OneSyncSvc_.+|WbioSrvc|BITS|tiledatamodelsvc|GISvc|ShellHWDetection|TrustedInstaller|TabletInputService|CDPSvc|wuauserv|.+_.+)$
          Or what is the correct regex for that? Did you have an example for me?

          The other thing is, how can I clear the current useless trigger warnings? Renew the whole host?

            Comment

            Previous template Next
            Working...