We are pleased to announce that as of today of Zabbix 5.4.0alpha1 is available.
Zabbix is known for its enterprise-class open source distributed monitoring solution. They also release the software under the GPL. This means that it is free of charge for both commercial and non-commercial use. A complete text of the license is available at http://www.gnu.org/copyleft/gpl.txt.
This document contains the release notes for Zabbix 5.4.0alpha1. Download it from download.
Last year, we resurrected the Digital Puppet Camps in the virtual world. We are thrilled to see how many of you participated as speakers and attendees. Like many of you, I miss the serendipity and spontaneity of the hallway track at an in-person event. I’m heartened to see the connections made in our Puppet Community Slack channel as you collaborated on the different solutions you had developed to solve common problems.
It was also great to see how many new folks joined us who had never before attended a Puppet Camp. Including those who would not have been able to travel to an event under normal circumstances. Making the Camps digital broadened and enriched our community in unexpected ways.
Red Hat reports a flow in sudo. They found a heap-based buffer overflow in the way sudo parses command line arguments. This flaw is exploitable by any local user. Counts for normal users and system users, sudo-ers and non-sudo-ers, without authentication. Meaning: the attacker does not need to know the user’s password. Successful exploitation of this flaw could lead to privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Typically, Zabbix is sending notifications to whatever medium you’ve chosen if a problem is detected. We all know the Email messages, the various webhook integrations with Slack/MS Teams/ Jira, etc, perhaps even some text message integrations and such. Now, if we’re migrating to Signal, we suddenly have access to the Signal API and can utilize it to receive Zabbix notifications. Nice!
There is only one drawback. You need a separate phone number to register against Signal. Don’t use your own phone number – unless you want to lose the ability to use Signal ;(
There are various ways to get a phone number for this purpose:
Use the phone number of your current SMS gateway
Use the company phone number (a lot of cloud PBX are providing the option to receive the verification email)
At the time of writing, the most recent version is 0.7.3, and that’s what we’re installing here. If in the future a new version is released, of course you should install that!
If everything went as expected, we should be able to register ourself to Signal.
Since we want to execute these commands by Zabbix, we must make sure the registration is done with the correct user on the Zabbix server, otherwise you will get the following error message:
(ERROR App – User +19293771253 is not registered.)
In order to prevent this error, lets do the authentication against Signal as Zabbix user:
Important: The USERNAME (your phone number) must include the country calling code, i.e. the number must start with a “+” sign and you must replace everything between the < > in the following examples with your own values
You will see the message id as output. Simply ignore it, since it’s not relevant at this point.
It works! Great.
So now we’ve got this part covered, time to get the AlertScript set up, before heading to the frontend.
Zabbix AlertScript setup
Ok, so now we’ve got the registration done, we need to make sure Zabbix can utilise it. In order to do so, we use a very old method. Although it would’ve made more sense to use the webhook option, that means I had to built the communication with Signal from scratch.
So AlertScripts it is. In your terminal/SSH session with the Zabbix server open a new file with this command: vi /usr/lib/zabbix/alertscripts/signal.sh and insert the following contents:
don’t forget to configure some Message templates as well (second tab in the Mediatype configuration). You can just use the defaults if you click on ‘add’
Zabbix media configuration
Next step. Navigate to Administration -> Users (or just open your own user profile) and create a new media:
Sendto: <your number>
When active / severity as per needs
Important: The USERNAME (your phone number) must include the country calling code, i.e. the number must start with a “+” sign
We’re almost there, just some configuration on the actions
Zabbix action configuration
This step is only needed if you are sending notifications right now via a specific mediatype. If you configured the ‘send only to’ option to ‘- All -‘ there is nothing to change, and it will work straight away!
Otherwise, navigate to Configuration -> Actions and find the action you want to change, and in the Operations, Recovery operations and Update operations change the ‘send only to’ option to ‘Signal’
Save your action and it’s time to test – Generate some problem to confirm the implementation actually works.
That’s it. By now you should have a working implementation where Zabbix is sending notifications to Signal. The setup was extremely straight forward and easy to configure. Nevertheless, if you need help getting this going, we (Opensource ICT Solutions) offer consultancy services as well, and are more than happy to help you out!
Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft. It runs exclusively on Windows Server operating systems. Explore the new official template for Microsoft Exchange Server 2016.