n/zabbix-pkg-audit
n/zabbix-pkg-audit
1
0
Fork 0
Code Issues Pull requests Activity Actions
Zabbix Template for FreeBSD pkg audit
1 commit 1 branch 0 tags 41 KiB
Find a file
Exact
n 8968466713
All checks were successful
check / check (push) Successful in 9s
Details
Initial Commit 
Co-authored-by: Gemini <gemini@users.noreply.google.com>
2025-12-12 20:39:09 +01:00
.forgejo/workflows Initial Commit 2025-12-12 20:39:09 +01:00
icon.svg Initial Commit 2025-12-12 20:39:09 +01:00
LICENSE Initial Commit 2025-12-12 20:39:09 +01:00
pkg-audit.conf Initial Commit 2025-12-12 20:39:09 +01:00
pkg-audit.sh Initial Commit 2025-12-12 20:39:09 +01:00
pkg-audit.yaml Initial Commit 2025-12-12 20:39:09 +01:00
README.md Initial Commit 2025-12-12 20:39:09 +01:00

README.md

Zabbix Template for FreeBSD pkg audit

This repository contains the components needed to monitor FreeBSD package vulnerabilities using Zabbix.

Features

  • Automatic Discovery: Discovers vulnerable packages using Zabbix's Low-Level Discovery (LLD).
  • Alerting: Creates a trigger for each vulnerable package found.
  • Details: Stores the output of pkg audit <package> in the item for inspection.
  • Self-Healing: Alerts are automatically resolved when a package is no longer reported as vulnerable by pkg audit.

Files

  1. pkg-audit.sh: The agent-side script that performs discovery and fetches vulnerability data.
  2. pkg-audit.conf: The Zabbix agent UserParameter configuration file.
  3. pkg-audit.yaml: The Zabbix template to be imported into the frontend.

Installation

Follow these steps on your FreeBSD host that is running the Zabbix agent.

1. Install the Agent Script

Copy the script to the Zabbix agent's script directory. A common location is /usr/local/etc/zabbix7/scripts/.

mkdir -p /usr/local/etc/zabbix7/scripts/
cp pkg-audit.sh /usr/local/etc/zabbix7/scripts/
chmod +x /usr/local/etc/zabbix7/scripts/pkg-audit.sh

2. Install the UserParameter Configuration

Copy the .conf file to the agent's include directory. This is typically /usr/local/etc/zabbix7/zabbix_agentd.conf.d/.

mkdir -p /usr/local/etc/zabbix7/zabbix_agentd.conf.d/
cp pkg-audit.conf /usr/local/etc/zabbix7/zabbix_agentd.conf.d/

Make sure your main zabbix_agentd.conf has an Include directive pointing to this directory:

Include=/usr/local/etc/zabbix7/zabbix_agentd.conf.d/*.conf

3. Restart the Zabbix Agent

Apply the changes by restarting the agent service.

service zabbix_agentd restart

4. Import the Zabbix Template

  1. Navigate to Data collection -> Templates in the Zabbix web interface.
  2. Click the Import button in the top-right corner.
  3. Select the pkg-audit.yaml file and follow the on-screen instructions to import it.

5. Link Template to Host

  1. Navigate to Data collection -> Hosts.
  2. Find your FreeBSD host and click on its name to edit it.
  3. Go to the Templates tab.
  4. In the "Link new templates" field, search for FreeBSD pkg audit and add it.
  5. Click Update.

Zabbix will run the discovery rule on the next scheduled interval (default is 4 hours) and begin creating items and triggers for any discovered vulnerabilities.