forked from hermanekt/zabbix-fail2ban-discovery-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathTemplate-Fail2ban60.xml
124 lines (124 loc) · 5.39 KB
/
Template-Fail2ban60.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
<?xml version="1.0" encoding="UTF-8"?>
<zabbix_export>
<version>6.0</version>
<date>2022-12-10T08:58:50Z</date>
<groups>
<group>
<uuid>7df96b18c230490a9a0a9e2307226338</uuid>
<name>Templates</name>
</group>
</groups>
<templates>
<template>
<uuid>48d19098672f4e7aa7dab1942260d87d</uuid>
<template>Template Fail2ban</template>
<name>Template Fail2ban</name>
<groups>
<group>
<name>Templates</name>
</group>
</groups>
<items>
<item>
<uuid>de416c540fd0435db1822e38c036f0d7</uuid>
<name>Fail2Ban service is running</name>
<key>proc.num[fail2ban-server]</key>
<delay>60</delay>
<description>ping - tests if the server is alive</description>
<valuemap>
<name>Service state</name>
</valuemap>
<tags>
<tag>
<tag>Application</tag>
<value>Fail2ban</value>
</tag>
</tags>
<triggers>
<trigger>
<uuid>ffa07343b51d4bf58c2b8c324c6a7a62</uuid>
<expression>last(/Template Fail2ban/proc.num[fail2ban-server])=0</expression>
<name>Fail2ban server is Down</name>
<priority>AVERAGE</priority>
</trigger>
</triggers>
</item>
</items>
<discovery_rules>
<discovery_rule>
<uuid>ccbd8ba7a96d47b8953af017e3b0f803</uuid>
<name>Fail2ban discovery</name>
<key>fail2ban.discovery</key>
<delay>30</delay>
<description>Discovery of jails from fail2ban daemon.</description>
<item_prototypes>
<item_prototype>
<uuid>8cc0b05211fc4278b2feb46727a4ca97</uuid>
<name>Fail2ban $1 banned IPs</name>
<key>fail2ban.status[{#JAIL}]</key>
<delay>60</delay>
<units>count</units>
<tags>
<tag>
<tag>Application</tag>
<value>Fail2ban</value>
</tag>
</tags>
<trigger_prototypes>
<trigger_prototype>
<uuid>cac6d8fb6d064697acf210b8cc113f6e</uuid>
<expression>last(/Template Fail2ban/fail2ban.status[{#JAIL}])>{$F2B_THRESHOLD:"{#JAIL}"}</expression>
<name>Fail2ban Flooding</name>
<priority>AVERAGE</priority>
<dependencies>
<dependency>
<name>Fail2ban server is Down</name>
<expression>last(/Template Fail2ban/proc.num[fail2ban-server])=0</expression>
</dependency>
</dependencies>
</trigger_prototype>
</trigger_prototypes>
</item_prototype>
</item_prototypes>
<graph_prototypes>
<graph_prototype>
<uuid>b151e34af81548b1b92cf0a6b36cdee7</uuid>
<name>Count of banned IPs on jail {#JAIL}</name>
<graph_items>
<graph_item>
<color>00C800</color>
<item>
<host>Template Fail2ban</host>
<key>fail2ban.status[{#JAIL}]</key>
</item>
</graph_item>
</graph_items>
</graph_prototype>
</graph_prototypes>
</discovery_rule>
</discovery_rules>
<macros>
<macro>
<macro>{$F2B_THRESHOLD}</macro>
<value>50</value>
</macro>
</macros>
<valuemaps>
<valuemap>
<uuid>249132609d114d21bf84a38a3c559bfd</uuid>
<name>Service state</name>
<mappings>
<mapping>
<value>0</value>
<newvalue>Down</newvalue>
</mapping>
<mapping>
<value>1</value>
<newvalue>Up</newvalue>
</mapping>
</mappings>
</valuemap>
</valuemaps>
</template>
</templates>
</zabbix_export>