Zabbix
Integration version: 12.0
Configure Zabbix integration in Google Security Operations SOAR
For detailed instructions on how to configure an integration in Google Security Operations SOAR, see Configure integrations.
Integration parameters
Use the following parameters to configure the integration:
| Parameter Display Name | Type | Default Value | Is Mandatory | Description |
|---|---|---|---|---|
| Api Root | String | https://{IP}/Zabbix | Yes | The API root of the Zabbix instance. |
| Username | String | N/A | Yes | The username of the Zabbix account. |
| Password | Password | N/A | Yes | The password of the according user. |
| Verify SSL | Checkbox | Unchecked | Yes | If enabled, the integration verifies that the SSL certificate for the connection to the Zabbix server is valid. |
Actions
Execute Script
Description
Execute a script on hosts by the IP.
Parameters
| Parameter Display Value | Type | Default Value | Is Mandatory | Description |
|---|---|---|---|---|
| Script Name | String | N/A | Yes | The name of the script to execute. |
Run On
This action runs on the IP Address entity.
Action Results
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
[
{
"EntityResult": {
"response": "success",
"value": "sudo: no tty present and no askpass program specified\\n"
},
"Entity": "1.1.1.1"
}
]
Entity Enrichment
| Enrichment Field Name | Logic - When to apply |
|---|---|
| response | Returns if it exists in JSON result |
| value | Returns if it exists in JSON result |
Insights
N/A
Ping
Description
Test Connectivity.
Parameters
N/A
Run On
This action runs on all entities.
Action Results
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A
Entity Enrichment
N/A
Insights
N/A
Connectors
Zabbix Connector
Description
Zabbix connector fetches events from Zabbix.
Configure Zabbix Connector in Google Security Operations SOAR
For detailed instructions on how to configure a connector in Google Security Operations SOAR, see Configuring the connector.
Connector parameters
Use the following parameters to configure the connector:
| Parameter Display Value | Type | Default Value | Is Mandatory | Description |
|---|---|---|---|---|
| Product Field Name | String | Product Field Name | Yes | The field name used to determine the device product. |
| Event Field Name | String | Event Field Name | Yes | The field name used to determine the event name (sub-type). |
| PythonProcessTimeout | String | 300 | Yes | The timeout limit (in seconds) for the python process running current script. |
| Api Root | String | N/A | Yes | N/A |
| Username | String | N/A | Yes | N/A |
| Password | Password | N/A | Yes | N/A |
| Proxy Server Address | String | N/A | No | The address of the proxy server to use. |
| Proxy Username | String | N/A | No | The proxy username to authenticate with. |
| Proxy Password | String | N/A | No | The proxy password to authenticate with. |
| Verify SSL | Checkbox | Unchecked | No | If enabled, the integration verifies that the SSL certificate for the connection to the Zabbix server is valid. |
Connector rules
Proxy support
The connector supports proxy.
Whitelist/Blacklist
The connector supports Whitelist/Blacklist rules.