Menu
▾
▴
Re: [Zabbix-users] How to automatically create host macro by discovery rule for use with discovered items/triggers.
|
From: Guus S. <gsn...@gm...> - 2021-09-10 09:08:11
|
Op vr 10 sep. 2021 08:20 schreef Shane Corbin <sc...@ew...>: > Thanks for the response Shawn. That’s kind of disappointing. I first > considered separate templates for each piece of software I am concerned > about, but unfortunately I am concerned about all of them no matter how big > or small. [···] > > > > As for RHEL not incrementing version numbers when patching vulns is… > well.. disappointing and quite irresponsible of them. That’s exactly what > minor version numbers are for. Not surprising though, we intentionally > avoid RHEL for many other reasons, this is just yet another reason to > continue on that path. > Just a suggestion, but why not flip the logic around and report the available updates for $system? One thing we *know* in advance is that we're running vulnerable software, but when a new vulnerability is found, we still rely on the distributor for an update to fix the vulnerability. So why would we chase changing version numbers? If you really want to know, you could query the package db and store the relevant version numbers in a central DB (for all running systems!), and then monitor that DB for relevant versions. You should probably include pkg release numbers, but that shouldn't be that hard. Zabbix is about performance and availability, just use the right tools for the right purpose. Just my € 0.02 mvg, Guus Snijders |
