File integrity monitoring in zabbix urgent! #418
Unanswered
vishalab17-debug
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello Team,
If any file/configuration has changed in remote server we have to receive the alert in zabbix.
How to configure file integrity monitoring in zabbix to my remote server. Where the zabbix agent is installed.
I tried using both the script and the UserParameter, but it's not working.
UserParameter: vfs.file.integrity,bash /etc/zabbix/scripts/file_monitor.sh
UserParameter: check.etc.change,/usr/local/bin/monitor_file_changes.sh
Trigger expression = last(/ansible/file.integrity)=0
Trigger expression = last(/ansible/file.change)=1
Trigger expression = last(/ansible/vfs.file.cksum[/etc/passwd,sha256],#1)<>last(/ansible/vfs.file.cksum[/etc/passwd,sha256],#2)
Note: If any file is changed, for example, in the /etc/ directory, we should receive a trigger alert displaying the name of the file that was changed.
Please find below the screenshot of the steps I followed. I have attached it, but I am unable to create the trigger, and even when I create it, it does not work.
Beta Was this translation helpful? Give feedback.
All reactions