Zabbix
Integration version: 12.0
Configure Zabbix integration in Google Security Operations
For detailed instructions on how to configure an integration in Google SecOps, see Configure integrations .
Integration parameters
Use the following parameters to configure the integration:
| Parameter Display Name | Type | Default Value | Is Mandatory | Description |
|---|---|---|---|---|
|
Api Root
|
String | https://{IP}/Zabbix | Yes | The API root of the Zabbix instance. |
|
Username
|
String | N/A | Yes | The username of the Zabbix account. |
|
Password
|
Password | N/A | Yes | The password of the according user. |
|
Verify SSL
|
Checkbox | Unchecked | Yes | If enabled, the integration verifies that the SSL certificate for the connection to the Zabbix server is valid. |
Actions
Execute Script
Description
Execute a script on hosts by the IP.
Parameters
| Parameter Display Value | Type | Default Value | Is Mandatory | Description |
|---|---|---|---|---|
|
Script Name
|
String | N/A | Yes | The name of the script to execute. |
Run On
This action runs on the IP Address entity.
Action Results
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
|
is_success
|
True/False | is_success:False |
JSON Result
[
{
"EntityResult"
:
{
"response"
:
"success"
,
"value"
:
"sudo: no tty present and no askpass program specified\\n"
},
"Entity"
:
"1.1.1.1"
}
]
Entity Enrichment
| Enrichment Field Name | Logic - When to apply |
|---|---|
| response | Returns if it exists in JSON result |
| value | Returns if it exists in JSON result |
Insights
N/A
Ping
Description
Test Connectivity.
Parameters
N/A
Run On
This action runs on all entities.
Action Results
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
|
is_success
|
True/False | is_success:False |
JSON Result
N/A
Entity Enrichment
N/A
Insights
N/A
Connectors
Zabbix Connector
Description
Zabbix connector fetches events from Zabbix.
Configure Zabbix Connector in Google SecOps
For detailed instructions on how to configure a connector in Google SecOps, see Configuring the connector .
Connector parameters
Use the following parameters to configure the connector:
| Parameter Display Value | Type | Default Value | Is Mandatory | Description |
|---|---|---|---|---|
|
Product Field Name
|
String | Product Field Name | Yes | The field name used to determine the device product. |
|
Event Field Name
|
String | Event Field Name | Yes | The field name used to determine the event name (sub-type). |
|
PythonProcessTimeout
|
String | 300 | Yes | The timeout limit (in seconds) for the python process running current script. |
|
Api Root
|
String | N/A | Yes | N/A |
|
Username
|
String | N/A | Yes | N/A |
|
Password
|
Password | N/A | Yes | N/A |
|
Proxy Server Address
|
String | N/A | No | The address of the proxy server to use. |
|
Proxy Username
|
String | N/A | No | The proxy username to authenticate with. |
|
Proxy Password
|
String | N/A | No | The proxy password to authenticate with. |
|
Verify SSL
|
Checkbox | Unchecked | No | If enabled, the integration verifies that the SSL certificate for the connection to the Zabbix server is valid. |
Connector rules
Proxy support
The connector supports proxy.
Whitelist/Blacklist
The connector supports Whitelist/Blacklist rules.
Need more help? Get answers from Community members and Google SecOps professionals.
