📢 If you have any considerations, suggestions, or questions, feel free to contact me! I am available to help.
This template monitors security advisories and CVE database published by Zabbix.
It captures the latest security advisories and CVE information to generate the same view in Zabbix, ensuring continuous monitoring and integration.
- 1 Macro
- 1 Item
- 1 Discovery
- 1 Item prototype
- 1 Trigger prototype
The item is of type "External Scripts", triggering the script getCve.py and passing the macro as parameters:
getCve.py[{$ZBXVERSION}]Exemples:
- If your version is LTS, enter:
6.0 lts - If it is not LTS, enter:
5.4
This script fetches and parses the latest Zabbix security advisories and CVEs from the official website, filtering and formatting the data for integration with Zabbix.
It expects the Zabbix version as an input parameter, provided via the macro {$ZBXVERSION}.
The output is formatted in JSON, with macros ready for use in Zabbix.
Ensure that the required libraries are installed. You can install BeautifulSoup using:
pip3 install bs4The discovery is of the dependent type, with the master item being the script's result. It contains an override to create triggers according to the received severity.
- Critical: Severity set to Disaster.
- High: Severity set to High.
- Medium: Severity set to Average.
- Low: Severity set to Warning.
-
Critical (Disaster): Vulnerabilities that could be easily exploited by a remote unauthenticated actor and lead to Zabbix compromise without requiring user interaction or allow remote unauthorized users to gain Super Admin privileges. Please install required updates or apply workarounds as soon as possible.
-
High (High): Vulnerabilities that can easily compromise the confidentiality, integrity, or availability of Zabbix components. These vulnerabilities allow local or authenticated users to gain additional privileges, allow remote unauthorized users to view information in Zabbix, or allow authenticated remote users to execute arbitrary code. Install required updates based on your maintenance window.
-
Medium (Average): Vulnerabilities that may be more difficult to exploit but could still lead to some compromise of the confidentiality, integrity, or availability of Zabbix under certain circumstances. Such vulnerabilities could have a Critical or High severity but are less easily exploited and/or affect unlikely configurations. Evaluate possible risks and install updates if it is required.
-
Low (Warning): Other vulnerabilities that may have a security impact. Such vulnerabilities require unlikely circumstances to be exploited, or their successful exploitation would give minimal consequences. Evaluate possible risks and install updates if it is required.
The "Item prototype" carries the severity value.
The "Trigger prototype" checks if the value is different from the status "Green".
- Trigger Name: The trigger name includes the CVE number, CVSS score, synopsis, and Zabbix severity.
- URL Link: Each trigger will have a link to the Zabbix Security Advisories page: Zabbix Security Advisories.
- Description: The trigger description will include the detailed description of the CVE.