[Zabbix-users] How to automatically create host macro by discovery rule for use with discovered items/triggers.

[Shane C. <sc...@ew...>]

Hi Guys,
                I currently have a template that I created that discovers installed software on Windows systems and creates items to monitor it's existence and version.  I have a trigger that alerts me when a version number changes, essentially notifying me of updates, and it works quite well.  What I want to add to this, is the ability to monitor for vulnerable versions of each piece of discovered software.  For example, when the discovery rule finds a piece of installed software, it should create another trigger that alerts me if a program's version number is below a certain number.  To make this vulnerable version number adjustable I need it also to create a macro on the host for each piece of software discovered called something like {$PROGRAMNAME_LAST_KNOWN_VULN_VERSION}.  I would have it default to something like 999999999 so that my trigger would be in the OK state by default, but then if I get a vulnerability notice on a piece of software, I can change this macro to the version number of the known vulnerable software version, and then my trigger would alert me if any of our machines are using a version that is equal to or less than the vulnerable version.

                Is it possible to create macros by discovery like this?  Can't find much documentation on it if it is possible.

Shane Corbin
Electrical Engineer/IT Administrator
Direct: (217) 893-5526
Office: (217) 892-4322
Call via Teams<callto:sc...@ew...>
Chat via Teams<https://teams.microsoft.com/l/chat/0/0?users=sc...@ew...>