Red Hat reports a flow in sudo. They found a heap-based buffer overflow in the way sudo parses command line arguments. This flaw is exploitable by any local user. Counts for normal users and system users, sudo-ers and non-sudo-ers, without authentication. Meaning: the attacker does not need to know the user’s password. Successful exploitation of this flaw could lead to privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Typically, Zabbix is sending notifications to whatever medium you’ve chosen if a problem is detected. We all know the Email messages, the various webhook integrations with Slack/MS Teams/ Jira, etc, perhaps even some text message integrations and such. Now, if we’re migrating to Signal, we suddenly have access to the Signal API and can utilize it to receive Zabbix notifications. Nice!
There is only one drawback. You need a separate phone number to register against Signal. Don’t use your own phone number – unless you want to lose the ability to use Signal ;(
There are various ways to get a phone number for this purpose:
Use the phone number of your current SMS gateway
Use the company phone number (a lot of cloud PBX are providing the option to receive the verification email)
At the time of writing, the most recent version is 0.7.3, and that’s what we’re installing here. If in the future a new version is released, of course you should install that!
If everything went as expected, we should be able to register ourself to Signal.
Since we want to execute these commands by Zabbix, we must make sure the registration is done with the correct user on the Zabbix server, otherwise you will get the following error message:
(ERROR App – User +19293771253 is not registered.)
In order to prevent this error, lets do the authentication against Signal as Zabbix user:
Important: The USERNAME (your phone number) must include the country calling code, i.e. the number must start with a “+” sign and you must replace everything between the < > in the following examples with your own values
You will see the message id as output. Simply ignore it, since it’s not relevant at this point.
It works! Great.
So now we’ve got this part covered, time to get the AlertScript set up, before heading to the frontend.
Zabbix AlertScript setup
Ok, so now we’ve got the registration done, we need to make sure Zabbix can utilise it. In order to do so, we use a very old method. Although it would’ve made more sense to use the webhook option, that means I had to built the communication with Signal from scratch.
So AlertScripts it is. In your terminal/SSH session with the Zabbix server open a new file with this command: vi /usr/lib/zabbix/alertscripts/signal.sh and insert the following contents:
don’t forget to configure some Message templates as well (second tab in the Mediatype configuration). You can just use the defaults if you click on ‘add’
Zabbix media configuration
Next step. Navigate to Administration -> Users (or just open your own user profile) and create a new media:
Sendto: <your number>
When active / severity as per needs
Important: The USERNAME (your phone number) must include the country calling code, i.e. the number must start with a “+” sign
We’re almost there, just some configuration on the actions
Zabbix action configuration
This step is only needed if you are sending notifications right now via a specific mediatype. If you configured the ‘send only to’ option to ‘- All -‘ there is nothing to change, and it will work straight away!
Otherwise, navigate to Configuration -> Actions and find the action you want to change, and in the Operations, Recovery operations and Update operations change the ‘send only to’ option to ‘Signal’
Save your action and it’s time to test – Generate some problem to confirm the implementation actually works.
That’s it. By now you should have a working implementation where Zabbix is sending notifications to Signal. The setup was extremely straight forward and easy to configure. Nevertheless, if you need help getting this going, we (Opensource ICT Solutions) offer consultancy services as well, and are more than happy to help you out!
Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft. It runs exclusively on Windows Server operating systems. Explore the new official template for Microsoft Exchange Server 2016.
She has her hands full. She’s overseeing an ambitious open source-based company on the cusp of going public with $40 million in fresh capital. These come from funds led by Blackrock in the bank, and busy adding purpose built business solutions for compliance, security, and self-service at the company.
The former VMware executive is among the rare breed of CIOs (for two years at observability platform New Relic) to have stepped into the CEO role. Along with 25 years of experience scaling companies globally in a range of leadership roles, she retains hands-on technical chops, having started out as a software engineer at Accenture (“back when COBOL was cool”; The Stack: “COBOL‘s still cool”; Wassenaar: “I’m very employable…”).
Puppet CEO Yvonne Wassenaar: “People tend to commingle public cloud with cloud native…”
She has been at the helm of Portland, Oregon-headquartered Puppet since January 2019. There she has sharpened focus on specialised tools for larger commercial organisations, and overseen the addition of a wide range of new offerings at the open source-based software configuration management (CM) and deployment provider. Traditionally used to “pull the strings” on multiple application servers simultaneously – as Puppet eyes a chunk of the growing compliance and security markets.
The CEO is gearing up to take the company public later this year. She believes it is ready for after strong numbers last year. She tells The Stack: “In 2020, Puppet’s revenue was north of $100 million. It was growing as we added new customers. We also expanded within our existing enterprise customers and increased the average size of our deals. Our renewal rates are close to 90% and our expansion rates are close to 120%. Gross margins are +80% and we have a strong profit/loss position for a company of our size”.
Zabbix is a powerful open-source monitoring solution, but that’s not the only thing that makes it stand out. Zabbix company develops the software and provides a range of technical services to make the monitoring easy and scalable. Let Zabbix experts assist you @ Open-Future.
Have Zabbix installed from scratch or let us help you migrate from a legacy tool.
Let Zabbix experts assist you and guide you through the Zabbix professional services to find the best solution for your company’s monitoring needs. If you have any questions or want a quote, simply reach out to our Sales Team.
Find out about our Zabbix trainings offerings here.