2013-05-27 13:51:34 +02:00
|
|
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
|
<zabbix_export>
|
|
|
|
|
<version>2.0</version>
|
2014-08-11 14:22:34 +02:00
|
|
|
<date>2014-08-04T13:37:32Z</date>
|
2013-05-27 13:51:34 +02:00
|
|
|
<groups>
|
2014-08-11 14:22:34 +02:00
|
|
|
<group>
|
|
|
|
|
<name>OS Linux</name>
|
|
|
|
|
</group>
|
2013-05-27 13:51:34 +02:00
|
|
|
<group>
|
|
|
|
|
<name>Templates</name>
|
|
|
|
|
</group>
|
|
|
|
|
</groups>
|
|
|
|
|
<templates>
|
|
|
|
|
<template>
|
2014-08-11 14:22:34 +02:00
|
|
|
<template>Template Security</template>
|
|
|
|
|
<name>Template Security</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
<groups>
|
2014-08-11 14:22:34 +02:00
|
|
|
<group>
|
|
|
|
|
<name>OS Linux</name>
|
|
|
|
|
</group>
|
2013-05-27 13:51:34 +02:00
|
|
|
<group>
|
|
|
|
|
<name>Templates</name>
|
|
|
|
|
</group>
|
|
|
|
|
</groups>
|
|
|
|
|
<applications>
|
|
|
|
|
<application>
|
2014-08-11 14:22:34 +02:00
|
|
|
<name>Security</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
</application>
|
|
|
|
|
</applications>
|
|
|
|
|
<items>
|
|
|
|
|
<item>
|
2014-08-11 14:22:34 +02:00
|
|
|
<name>Checksum of iptables policy</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
<type>0</type>
|
|
|
|
|
<snmp_community/>
|
|
|
|
|
<multiplier>0</multiplier>
|
|
|
|
|
<snmp_oid/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<key>firewall-md5</key>
|
|
|
|
|
<delay>3600</delay>
|
|
|
|
|
<history>30</history>
|
2013-05-27 13:51:34 +02:00
|
|
|
<trends>365</trends>
|
|
|
|
|
<status>0</status>
|
|
|
|
|
<value_type>3</value_type>
|
|
|
|
|
<allowed_hosts/>
|
|
|
|
|
<units/>
|
|
|
|
|
<delta>0</delta>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_contextname/>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_securityname/>
|
|
|
|
|
<snmpv3_securitylevel>0</snmpv3_securitylevel>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_authprotocol>0</snmpv3_authprotocol>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_authpassphrase/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_privprotocol>0</snmpv3_privprotocol>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_privpassphrase/>
|
|
|
|
|
<formula>1</formula>
|
|
|
|
|
<delay_flex/>
|
|
|
|
|
<params/>
|
|
|
|
|
<ipmi_sensor/>
|
|
|
|
|
<data_type>0</data_type>
|
|
|
|
|
<authtype>0</authtype>
|
|
|
|
|
<username/>
|
|
|
|
|
<password/>
|
|
|
|
|
<publickey/>
|
|
|
|
|
<privatekey/>
|
|
|
|
|
<port/>
|
|
|
|
|
<description/>
|
|
|
|
|
<inventory_link>0</inventory_link>
|
|
|
|
|
<applications>
|
|
|
|
|
<application>
|
2014-08-11 14:22:34 +02:00
|
|
|
<name>Security</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
</application>
|
|
|
|
|
</applications>
|
2014-08-11 14:22:34 +02:00
|
|
|
<valuemap/>
|
2013-05-27 13:51:34 +02:00
|
|
|
</item>
|
|
|
|
|
<item>
|
2014-08-11 14:22:34 +02:00
|
|
|
<name>Fail2ban is enabled in autostart</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
<type>0</type>
|
|
|
|
|
<snmp_community/>
|
|
|
|
|
<multiplier>0</multiplier>
|
|
|
|
|
<snmp_oid/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<key>chkconfig[fail2ban]</key>
|
|
|
|
|
<delay>3600</delay>
|
|
|
|
|
<history>30</history>
|
2013-05-27 13:51:34 +02:00
|
|
|
<trends>365</trends>
|
|
|
|
|
<status>0</status>
|
|
|
|
|
<value_type>3</value_type>
|
|
|
|
|
<allowed_hosts/>
|
|
|
|
|
<units/>
|
|
|
|
|
<delta>0</delta>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_contextname/>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_securityname/>
|
|
|
|
|
<snmpv3_securitylevel>0</snmpv3_securitylevel>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_authprotocol>0</snmpv3_authprotocol>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_authpassphrase/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_privprotocol>0</snmpv3_privprotocol>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_privpassphrase/>
|
|
|
|
|
<formula>1</formula>
|
|
|
|
|
<delay_flex/>
|
|
|
|
|
<params/>
|
|
|
|
|
<ipmi_sensor/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<data_type>3</data_type>
|
2013-05-27 13:51:34 +02:00
|
|
|
<authtype>0</authtype>
|
|
|
|
|
<username/>
|
|
|
|
|
<password/>
|
|
|
|
|
<publickey/>
|
|
|
|
|
<privatekey/>
|
|
|
|
|
<port/>
|
|
|
|
|
<description/>
|
|
|
|
|
<inventory_link>0</inventory_link>
|
|
|
|
|
<applications>
|
|
|
|
|
<application>
|
2014-08-11 14:22:34 +02:00
|
|
|
<name>Security</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
</application>
|
|
|
|
|
</applications>
|
2014-08-11 14:22:34 +02:00
|
|
|
<valuemap/>
|
2013-05-27 13:51:34 +02:00
|
|
|
</item>
|
|
|
|
|
<item>
|
2014-08-11 14:22:34 +02:00
|
|
|
<name>Fail2Ban service is running</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
<type>0</type>
|
|
|
|
|
<snmp_community/>
|
|
|
|
|
<multiplier>0</multiplier>
|
|
|
|
|
<snmp_oid/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<key>proc.num[fail2ban-server]</key>
|
|
|
|
|
<delay>60</delay>
|
|
|
|
|
<history>30</history>
|
2013-05-27 13:51:34 +02:00
|
|
|
<trends>365</trends>
|
|
|
|
|
<status>0</status>
|
|
|
|
|
<value_type>3</value_type>
|
|
|
|
|
<allowed_hosts/>
|
|
|
|
|
<units/>
|
|
|
|
|
<delta>0</delta>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_contextname/>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_securityname/>
|
|
|
|
|
<snmpv3_securitylevel>0</snmpv3_securitylevel>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_authprotocol>0</snmpv3_authprotocol>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_authpassphrase/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_privprotocol>0</snmpv3_privprotocol>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_privpassphrase/>
|
|
|
|
|
<formula>1</formula>
|
|
|
|
|
<delay_flex/>
|
|
|
|
|
<params/>
|
|
|
|
|
<ipmi_sensor/>
|
|
|
|
|
<data_type>0</data_type>
|
|
|
|
|
<authtype>0</authtype>
|
|
|
|
|
<username/>
|
|
|
|
|
<password/>
|
|
|
|
|
<publickey/>
|
|
|
|
|
<privatekey/>
|
|
|
|
|
<port/>
|
|
|
|
|
<description/>
|
|
|
|
|
<inventory_link>0</inventory_link>
|
|
|
|
|
<applications>
|
|
|
|
|
<application>
|
2014-08-11 14:22:34 +02:00
|
|
|
<name>Security</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
</application>
|
|
|
|
|
</applications>
|
2014-08-11 14:22:34 +02:00
|
|
|
<valuemap/>
|
2013-05-27 13:51:34 +02:00
|
|
|
</item>
|
|
|
|
|
<item>
|
2014-08-11 14:22:34 +02:00
|
|
|
<name>Firewall enabled</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
<type>0</type>
|
|
|
|
|
<snmp_community/>
|
|
|
|
|
<multiplier>0</multiplier>
|
|
|
|
|
<snmp_oid/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<key>firewall-enabled</key>
|
|
|
|
|
<delay>90</delay>
|
|
|
|
|
<history>30</history>
|
2013-05-27 13:51:34 +02:00
|
|
|
<trends>365</trends>
|
|
|
|
|
<status>0</status>
|
|
|
|
|
<value_type>3</value_type>
|
|
|
|
|
<allowed_hosts/>
|
|
|
|
|
<units/>
|
|
|
|
|
<delta>0</delta>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_contextname/>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_securityname/>
|
|
|
|
|
<snmpv3_securitylevel>0</snmpv3_securitylevel>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_authprotocol>0</snmpv3_authprotocol>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_authpassphrase/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_privprotocol>0</snmpv3_privprotocol>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_privpassphrase/>
|
|
|
|
|
<formula>1</formula>
|
|
|
|
|
<delay_flex/>
|
|
|
|
|
<params/>
|
|
|
|
|
<ipmi_sensor/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<data_type>3</data_type>
|
2013-05-27 13:51:34 +02:00
|
|
|
<authtype>0</authtype>
|
|
|
|
|
<username/>
|
|
|
|
|
<password/>
|
|
|
|
|
<publickey/>
|
|
|
|
|
<privatekey/>
|
|
|
|
|
<port/>
|
|
|
|
|
<description/>
|
|
|
|
|
<inventory_link>0</inventory_link>
|
|
|
|
|
<applications>
|
|
|
|
|
<application>
|
2014-08-11 14:22:34 +02:00
|
|
|
<name>Security</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
</application>
|
|
|
|
|
</applications>
|
|
|
|
|
<valuemap>
|
|
|
|
|
<name>Service state</name>
|
|
|
|
|
</valuemap>
|
|
|
|
|
</item>
|
|
|
|
|
<item>
|
2014-08-11 14:22:34 +02:00
|
|
|
<name>iptables is enabled in autostart</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
<type>0</type>
|
|
|
|
|
<snmp_community/>
|
|
|
|
|
<multiplier>0</multiplier>
|
|
|
|
|
<snmp_oid/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<key>chkconfig[iptables]</key>
|
|
|
|
|
<delay>3600</delay>
|
|
|
|
|
<history>30</history>
|
2013-05-27 13:51:34 +02:00
|
|
|
<trends>365</trends>
|
|
|
|
|
<status>0</status>
|
|
|
|
|
<value_type>3</value_type>
|
|
|
|
|
<allowed_hosts/>
|
|
|
|
|
<units/>
|
|
|
|
|
<delta>0</delta>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_contextname/>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_securityname/>
|
|
|
|
|
<snmpv3_securitylevel>0</snmpv3_securitylevel>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_authprotocol>0</snmpv3_authprotocol>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_authpassphrase/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_privprotocol>0</snmpv3_privprotocol>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_privpassphrase/>
|
|
|
|
|
<formula>1</formula>
|
|
|
|
|
<delay_flex/>
|
|
|
|
|
<params/>
|
|
|
|
|
<ipmi_sensor/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<data_type>3</data_type>
|
2013-05-27 13:51:34 +02:00
|
|
|
<authtype>0</authtype>
|
|
|
|
|
<username/>
|
|
|
|
|
<password/>
|
|
|
|
|
<publickey/>
|
|
|
|
|
<privatekey/>
|
|
|
|
|
<port/>
|
|
|
|
|
<description/>
|
|
|
|
|
<inventory_link>0</inventory_link>
|
|
|
|
|
<applications>
|
|
|
|
|
<application>
|
2014-08-11 14:22:34 +02:00
|
|
|
<name>Security</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
</application>
|
|
|
|
|
</applications>
|
2014-08-11 14:22:34 +02:00
|
|
|
<valuemap/>
|
2013-05-27 13:51:34 +02:00
|
|
|
</item>
|
|
|
|
|
<item>
|
2014-08-11 14:22:34 +02:00
|
|
|
<name>SELinux enabled</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
<type>0</type>
|
|
|
|
|
<snmp_community/>
|
|
|
|
|
<multiplier>0</multiplier>
|
|
|
|
|
<snmp_oid/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<key>selinux-enabled</key>
|
|
|
|
|
<delay>90</delay>
|
|
|
|
|
<history>30</history>
|
2013-05-27 13:51:34 +02:00
|
|
|
<trends>365</trends>
|
|
|
|
|
<status>0</status>
|
|
|
|
|
<value_type>3</value_type>
|
|
|
|
|
<allowed_hosts/>
|
|
|
|
|
<units/>
|
|
|
|
|
<delta>0</delta>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_contextname/>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_securityname/>
|
|
|
|
|
<snmpv3_securitylevel>0</snmpv3_securitylevel>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_authprotocol>0</snmpv3_authprotocol>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_authpassphrase/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<snmpv3_privprotocol>0</snmpv3_privprotocol>
|
2013-05-27 13:51:34 +02:00
|
|
|
<snmpv3_privpassphrase/>
|
|
|
|
|
<formula>1</formula>
|
|
|
|
|
<delay_flex/>
|
|
|
|
|
<params/>
|
|
|
|
|
<ipmi_sensor/>
|
2014-08-11 14:22:34 +02:00
|
|
|
<data_type>3</data_type>
|
2013-05-27 13:51:34 +02:00
|
|
|
<authtype>0</authtype>
|
|
|
|
|
<username/>
|
|
|
|
|
<password/>
|
|
|
|
|
<publickey/>
|
|
|
|
|
<privatekey/>
|
|
|
|
|
<port/>
|
|
|
|
|
<description/>
|
|
|
|
|
<inventory_link>0</inventory_link>
|
|
|
|
|
<applications>
|
|
|
|
|
<application>
|
2014-08-11 14:22:34 +02:00
|
|
|
<name>Security</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
</application>
|
|
|
|
|
</applications>
|
|
|
|
|
<valuemap>
|
|
|
|
|
<name>Service state</name>
|
|
|
|
|
</valuemap>
|
|
|
|
|
</item>
|
|
|
|
|
</items>
|
|
|
|
|
<discovery_rules/>
|
|
|
|
|
<macros/>
|
|
|
|
|
<templates/>
|
|
|
|
|
<screens/>
|
|
|
|
|
</template>
|
|
|
|
|
</templates>
|
|
|
|
|
<triggers>
|
|
|
|
|
<trigger>
|
2014-08-11 14:22:34 +02:00
|
|
|
<expression>{Template Security:chkconfig[fail2ban].last(0)}=0</expression>
|
|
|
|
|
<name>Fail2ban is not enabled in autostart</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
<url/>
|
|
|
|
|
<status>0</status>
|
2014-08-11 14:22:34 +02:00
|
|
|
<priority>2</priority>
|
2013-05-27 13:51:34 +02:00
|
|
|
<description/>
|
|
|
|
|
<type>0</type>
|
|
|
|
|
<dependencies/>
|
|
|
|
|
</trigger>
|
|
|
|
|
<trigger>
|
2014-08-11 14:22:34 +02:00
|
|
|
<expression>{Template Security:proc.num[fail2ban-server].sum(#3)}=0</expression>
|
|
|
|
|
<name>Fail2Ban service is down</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
<url/>
|
|
|
|
|
<status>0</status>
|
2014-08-11 14:22:34 +02:00
|
|
|
<priority>3</priority>
|
2013-05-27 13:51:34 +02:00
|
|
|
<description/>
|
|
|
|
|
<type>0</type>
|
|
|
|
|
<dependencies/>
|
|
|
|
|
</trigger>
|
|
|
|
|
<trigger>
|
2014-08-11 14:22:34 +02:00
|
|
|
<expression>{Template Security:firewall-enabled.last(0)}=0</expression>
|
|
|
|
|
<name>Firewall is disabled</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
<url/>
|
|
|
|
|
<status>0</status>
|
2014-08-11 14:22:34 +02:00
|
|
|
<priority>3</priority>
|
2013-05-27 13:51:34 +02:00
|
|
|
<description/>
|
|
|
|
|
<type>0</type>
|
|
|
|
|
<dependencies/>
|
|
|
|
|
</trigger>
|
|
|
|
|
<trigger>
|
2014-08-11 14:22:34 +02:00
|
|
|
<expression>{Template Security:firewall-md5.diff(0)}#0</expression>
|
|
|
|
|
<name>iptables has been changed</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
<url/>
|
|
|
|
|
<status>0</status>
|
2014-08-11 14:22:34 +02:00
|
|
|
<priority>1</priority>
|
2013-05-27 13:51:34 +02:00
|
|
|
<description/>
|
|
|
|
|
<type>0</type>
|
|
|
|
|
<dependencies/>
|
|
|
|
|
</trigger>
|
|
|
|
|
<trigger>
|
2014-08-11 14:22:34 +02:00
|
|
|
<expression>{Template Security:chkconfig[iptables].last(0)}=0</expression>
|
|
|
|
|
<name>iptables is not enabled in autostart</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
<url/>
|
|
|
|
|
<status>0</status>
|
2014-08-11 14:22:34 +02:00
|
|
|
<priority>2</priority>
|
2013-05-27 13:51:34 +02:00
|
|
|
<description/>
|
|
|
|
|
<type>0</type>
|
|
|
|
|
<dependencies/>
|
|
|
|
|
</trigger>
|
|
|
|
|
<trigger>
|
2014-08-11 14:22:34 +02:00
|
|
|
<expression>{Template Security:selinux-enabled.last(0)}=0</expression>
|
|
|
|
|
<name>SELinux is disabled</name>
|
2013-05-27 13:51:34 +02:00
|
|
|
<url/>
|
|
|
|
|
<status>0</status>
|
2014-08-11 14:22:34 +02:00
|
|
|
<priority>3</priority>
|
2013-05-27 13:51:34 +02:00
|
|
|
<description/>
|
|
|
|
|
<type>0</type>
|
|
|
|
|
<dependencies/>
|
|
|
|
|
</trigger>
|
|
|
|
|
</triggers>
|
|
|
|
|
</zabbix_export>
|
