diff --git a/zabbix_scripts/check_samba_dc_sudo b/zabbix_scripts/check_samba_dc_sudo index 9a629e7..0862735 100644 --- a/zabbix_scripts/check_samba_dc_sudo +++ b/zabbix_scripts/check_samba_dc_sudo @@ -28,6 +28,10 @@ GetOptions( 'audit-auth-log=s' => \$audit_auth_log ); +if ($since !~ m/^\d+$/){ + die "Invalid value for since\n"; +} + my $json = { accounts => { users => 0, diff --git a/zabbix_templates/Template_App_Samba_DC.xml b/zabbix_templates/Template_App_Samba_DC.xml index 5fb5e3b..b218287 100644 --- a/zabbix_templates/Template_App_Samba_DC.xml +++ b/zabbix_templates/Template_App_Samba_DC.xml @@ -1,7 +1,7 @@ 5.0 - 2021-01-09T16:18:21Z + 2021-01-11T08:26:21Z Templates @@ -47,7 +47,7 @@ - {last()}=0 + {sum(#2)}=0 DNS is not responding WARNING @@ -188,7 +188,7 @@ - {delta(30m)}<>0 + {delta(120m)}<>0 Number of active users changed INFO YES @@ -202,7 +202,8 @@ 0 60d 1825d - !auth + FLOAT + !auth/min Samba @@ -213,10 +214,22 @@ JSONPATH $.activity.authentications.computers.failure + + MULTIPLIER + 0.2 + samba_dc.info[300] + + + {min(30m)}>0 + Failed computer authentications + INFO + YES + + Samba: Number of successful computers authentications @@ -225,7 +238,8 @@ 0 60d 1825d - !auth + FLOAT + !auth/min Samba @@ -236,6 +250,10 @@ JSONPATH $.activity.authentications.computers.success + + MULTIPLIER + 0.2 + samba_dc.info[300] @@ -248,7 +266,8 @@ 0 60d 1825d - !auth + FLOAT + !auth/min Samba @@ -259,6 +278,10 @@ JSONPATH $.activity.authentications.users.failure + + MULTIPLIER + 0.2 + samba_dc.info[300] @@ -271,7 +294,8 @@ 0 60d 1825d - !auth + FLOAT + !auth/min Samba @@ -282,6 +306,10 @@ JSONPATH $.activity.authentications.users.success + + MULTIPLIER + 0.2 + samba_dc.info[300] @@ -294,7 +322,8 @@ 0 60d 1825d - !auth + FLOAT + !auth/min Samba @@ -305,6 +334,10 @@ JSONPATH $.activity.authorizations.computers + + MULTIPLIER + 0.2 + samba_dc.info[300] @@ -317,7 +350,8 @@ 0 60d 1825d - !auth + FLOAT + !auth/min Samba @@ -328,6 +362,10 @@ JSONPATH $.activity.authorizations.users + + MULTIPLIER + 0.2 + samba_dc.info[300] @@ -380,7 +418,7 @@ - {delta(30m)}<>0 + {delta(120m)}<>0 Number of GPO changed INFO YES @@ -411,7 +449,7 @@ - {delta(30m)}<>0 + {delta(120m)}<>0 Number of groups changed INFO YES @@ -442,7 +480,7 @@ - {delta(30m)}<>0 + {delta(120m)}<>0 Number of inactive users changed INFO YES @@ -533,7 +571,7 @@ - {delta(30m)}<>0 + {delta(120m)}<>0 Number of OU changed INFO YES @@ -607,8 +645,133 @@ + + + Samba: Aggregated Authentications & Authorizations + STACKED + + + 1 + EF9A9A + + Template_App_Samba_DC_Aggregate + grpsum["{$SAMBA_AGGREGATE_GROUP}","samba_dc.info[activity.authorizations.computers]",last] + + + + 2 + CE93D8 + + Template_App_Samba_DC_Aggregate + grpsum["{$SAMBA_AGGREGATE_GROUP}","samba_dc.info[activity.authentications.computers.success]",last] + + + + 3 + 9FA8DA + + Template_App_Samba_DC_Aggregate + grpsum["{$SAMBA_AGGREGATE_GROUP}","samba_dc.info[activity.authentications.computers.failure]",last] + + + + 4 + 81D4FA + + Template_App_Samba_DC_Aggregate + grpsum["{$SAMBA_AGGREGATE_GROUP}","samba_dc.info[activity.authorizations.users]",last] + + + + 5 + B2DFDB + + Template_App_Samba_DC_Aggregate + grpsum["{$SAMBA_AGGREGATE_GROUP}","samba_dc.info[activity.authentications.users.success]",last] + + + + 6 + FFF59D + + Template_App_Samba_DC_Aggregate + grpsum["{$SAMBA_AGGREGATE_GROUP}","samba_dc.info[activity.authentications.users.failure]",last] + + + + Samba: Authentications & Authorizations NO