A Zabbix template which uses UserParameters to check the status of every local IP address on a Linux machine.
It features a Low Level Discovery rule for the IP address of the server which generates a set of items and triggers that check the following DNSBL services:
- cbl.abuseat.org
- ips.backscatterer.org
- b.barracudacentral.org
- dnsbl.sorbs.net
- bl.spamcop.net
- zen.spamhaus
- Create a value mapping (Administration → General → Value mapping) with the following information:
- Name: Blacklist listing status
- Mappings:
- 0 : Not listed
- 1: Listed
- Install the
.xml
template using the GUI (Configuration → Templates → Import). - Add the templates to the hosts you want monitored.
- Create the directory
/etc/zabbix/bin
. - Copy both
rbl_listips.sh
andrbl_check.sh
files to your/etc/zabbix/bin
directory. - Copy the file
userparameter_blacklist.conf
to your Zabbix agent configuration directory (normally/etc/zabbix/zabbix_agentd.d/
). - Restart your zabbix-agent service.
Some DNSBL services might require registration or payment to use their services.
Take that into consideration if you plan on using this service on a high number of servers.
This template is loosely based on Martin Mørch's "Automatically check DNS Blackhole Lists (DNSBL)".
I created a new templates because Martin's uses external scripts to check the hostname of a remote system on the different DNSBL services and I needed to check every IP on a mail server with multiple network interfaces.
Héctor Luaces Novo <hector |at| luaces-novo |dot| es>