[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-79899":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":8,"htmlUrl":8,"language":9,"languages":8,"totalLinesOfCode":8,"stars":10,"forks":11,"watchers":12,"openIssues":13,"contributorsCount":13,"subscribersCount":13,"size":13,"stars1d":13,"stars7d":13,"stars30d":14,"stars90d":13,"forks30d":13,"starsTrendScore":13,"compositeScore":15,"rankGlobal":8,"rankLanguage":8,"license":8,"archived":16,"fork":16,"defaultBranch":17,"hasWiki":16,"hasPages":16,"topics":18,"createdAt":8,"pushedAt":8,"updatedAt":19,"readmeContent":20,"aiSummary":21,"trendingCount":13,"starSnapshotCount":13,"syncStatus":14,"lastSyncTime":22,"discoverSource":23},79899,"zabbix-observability","italozucareli\u002Fzabbix-observability","italozucareli",null,"Python",94,47,8,0,2,5.04,false,"main",[],"2026-06-12 02:03:55","# 👁️ Zabbix Enterprise Observability & Automation Toolkit\n\nA comprehensive, SRE-grade repository of over 380 advanced scripts, Master Items, Low-Level Discovery (LLD) rules, and Event-Driven Automation webhooks designed to elevate Zabbix from a simple monitoring tool into a complete IT Operations Management (ITOM) platform.\n\nThis toolkit bridges the gap between bare-metal infrastructure, Cloud, Application Performance Monitoring (APM), Security (SecOps), FinOps, and ITSM.\n\n---\n\n## 🏗️ Architecture & Philosophy\n\nTo ensure scalability in mission-critical environments, these scripts adopt the following principles:\n* **Zero-Overhead Polling:** Scripts make a single, bulk call to an equipment or API, returning a complete JSON payload. Zabbix processes this internally via LLD and Dependent Items.\n* **Dynamic Discovery:** Reduces manual configuration. VPNs, BGP peers, Kubernetes pods, Docker Swarm services, and API limits are discovered dynamically.\n* **Event-Driven Automation:** Monitoring is only half the battle. This toolkit includes Action Webhooks to automatically open ServiceNow incidents, draw Grafana annotations, or trigger Ansible AWX playbooks.\n* **Domain-Driven Telemetry:** Segregated by technology domain (APM, SIEM, SecOps, Networking) for clean RBAC and repository management.\n\n---\n\n## 📂 Repository Structure & Complete Script Index\n\n### ☁️ `cloud-infrastructure\u002F`\n* `zbx_aws_billing_lld.py` - AWS monthly billing discovery via Boto3.\n* `zbx_aws_ec2_status.sh` - AWS EC2 instance state discovery.\n* `zbx_aws_rds_cpu.sh` - AWS RDS CPU utilization monitor.\n* `zbx_aws_route53_health.sh` - AWS Route53 health check status.\n* `zbx_aws_s3_size.sh` - AWS S3 bucket size tracker.\n* `zbx_azure_blob_size.sh` - Azure Storage Account capacity monitor.\n* `zbx_azure_vm_status.sh` - Azure VM power state discovery.\n* `zbx_cloudflare_pool_health.sh` - Cloudflare Load Balancer pools health.\n* `zbx_do_droplet_status.sh` - DigitalOcean Droplet status discovery.\n* `zbx_gcp_cloudsql_cpu.sh` - GCP Cloud SQL CPU utilization.\n* `zbx_gcp_compute_status.sh` - GCP Compute instance status discovery.\n\n### 🐳 `containers-and-orchestration\u002F`\n**Docker & Swarm:**\n* `docker_container_lld.py` - Docker container discovery and stats via socket.\n* `docker_container_state.sh` - Counts exited or crashed Docker containers.\n* `zbx_docker_cpu_usage.sh` - Gets CPU usage % for a specific container.\n* `zbx_docker_health_status.sh` - Docker internal healthcheck status.\n* `zbx_docker_mem_usage.sh` - Gets memory usage for a specific container.\n* `zbx_docker_restart_count.sh` - Tracks specific container restart counts.\n* `zbx_swarm_cluster_health.py` - Master Item tracking Docker Swarm Control Plane.\n* `zbx_swarm_dangling_images.sh` - Identifies untagged\u002Forphaned images.\n* `zbx_swarm_dangling_volumes.sh` - Identifies unattached local volumes.\n* `zbx_swarm_global_tasks_health.sh` - Counts failing `global` mode services.\n* `zbx_swarm_manager_leader.sh` - Identifies if the node is the active Raft Leader.\n* `zbx_swarm_networks_lld.py` - LLD for Swarm overlay networks.\n* `zbx_swarm_node_drift_lld.py` - LLD tracking Docker Engine versions to detect drift.\n* `zbx_swarm_node_labels_lld.py` - Discovers assigned Node Labels.\n* `zbx_swarm_nodes_lld.py` - LLD for Swarm nodes (Ready\u002FActive).\n* `zbx_swarm_pending_tasks.sh` - Counts tasks stuck in 'Pending'.\n* `zbx_swarm_published_ports_lld.py` - LLD mapping Swarm Services to external ports.\n* `zbx_swarm_quorum_health.sh` - Verifies Raft Manager Quorum health.\n* `zbx_swarm_rejected_tasks.sh` - Counts 'Rejected' tasks.\n* `zbx_swarm_secrets_configs_audit.sh` - Returns counts of Swarm Secrets and Configs.\n* `zbx_swarm_service_tasks_failed.sh` - Counts historical task failures.\n* `zbx_swarm_services_lld.py` - Master Item LLD that discovers Stacks and Services.\n* `zbx_swarm_worker_local_tasks_lld.py` - Maps local containers to parent Swarm Service.\n\n**Kubernetes:**\n* `k8s_node_ready.py` - Checks Kubernetes nodes ready status.\n* `k8s_pod_status_lld.sh` - LLD for Kubernetes pods and restart counts.\n* `zbx_k8s_admission_webhooks.py` - LLD for validating\u002Fmutating webhook configurations.\n* `zbx_k8s_api_latency.py` - Synthetic micro-transaction to measure K8s API latency.\n* `zbx_k8s_apiservice_health.py` - Health check for aggregated API services.\n* `zbx_k8s_apiserver_metrics.py` - Aggregates 5xx HTTP errors directly from kube-apiserver.\n* `zbx_k8s_coredns_changes.py` - Tracks CoreDNS ConfigMap hash changes.\n* `zbx_k8s_crd_versions.py` - Audits CRDs for deprecated API versions.\n* `zbx_k8s_cronjob_status.py` - LLD for CronJobs, tracking active executions.\n* `zbx_k8s_csr_pending.py` - Counts Certificate Signing Requests pending approval.\n* `zbx_k8s_daemonset_misscheduled.py` - Detects DaemonSets on nodes with mismatched Taints.\n* `zbx_k8s_daemonset_ready.sh` - Kubernetes DaemonSet readiness monitor.\n* `zbx_k8s_deployment_replicas.sh` - Kubernetes Deployment replica availability.\n* `zbx_k8s_deployment_sync.py` - Identifies stuck Deployments.\n* `zbx_k8s_endpoints_capacity.py` - Monitors Services approaching the 1000 endpoints limit.\n* `zbx_k8s_evicted_pods.py` - Counts pods stuck in the Evicted state.\n* `zbx_k8s_helm_secrets.py` - Decodes Helm Secrets to monitor deployment statuses.\n* `zbx_k8s_hpa_events.py` - Aggregates horizontal scaling events.\n* `zbx_k8s_hpa_status.py` - LLD for Horizontal Pod Autoscalers (current vs desired).\n* `zbx_k8s_ingress_classes.py` - Discovers and monitors active Ingress Classes.\n* `zbx_k8s_ingress_status.sh` - Validates K8s Ingress provisioned IPs.\n* `zbx_k8s_ingress_tls_expiry.py` - Calculates SSL expiration days directly from Secrets.\n* `zbx_k8s_job_failures.py` - Discovers Batch Jobs and alerts on failures.\n* `zbx_k8s_kubelet_versions.py` - Audits node Kubelet versions to detect failed upgrades.\n* `zbx_k8s_limit_ranges.py` - Checks if Namespaces enforce LimitRanges.\n* `zbx_k8s_namespace_governance.py` - Audits Namespaces for mandatory compliance labels.\n* `zbx_k8s_node_conditions.py` - Monitors silent Node conditions (MemoryPressure).\n* `zbx_k8s_node_cpu_alloc.sh` - Kubernetes node CPU allocation percentage.\n* `zbx_k8s_node_taints.py` - Tracks NoSchedule\u002FNoExecute Taints applied to nodes.\n* `zbx_k8s_oomkilled_pods.py` - Scans all pods to detect OOMKilled containers.\n* `zbx_k8s_pdb_status.py` - Monitors Pod Disruption Budgets (PDBs).\n* `zbx_k8s_pod_restarts.sh` - Total restarts across all containers in a pod.\n* `zbx_k8s_priority_classes.py` - Discovers custom Priority Classes.\n* `zbx_k8s_pv_status.py` - LLD for Persistent Volumes (PVs).\n* `zbx_k8s_pvc_usage.sh` - K8s Persistent Volume Claim disk usage.\n* `zbx_k8s_replicaset_orphans.py` - Counts orphaned ReplicaSets.\n* `zbx_k8s_resource_quotas.py` - Monitors ResourceQuota utilization.\n* `zbx_k8s_service_nodeports.py` - Discovers reserved physical NodePorts.\n* `zbx_k8s_statefulset_revisions.py` - Detects StatefulSet updates stuck mid-rollout.\n* `zbx_k8s_storage_classes.py` - Discovers available StorageClasses.\n* `zbx_k8s_warning_events.py` - Aggregates cluster-wide Warning events.\n\n### 🗄️ `databases-and-storage\u002F`\n* `check_table_locks.sh` - Identifies MySQL waiting table locks.\n* `db_connection_pool.sh` - Counts active connections in PostgreSQL.\n* `elasticsearch_cluster_lld.sh` - LLD for ElasticSearch indices health\u002Fsize.\n* `kafka_consumer_lag_lld.sh` - Kafka consumer group lag LLD.\n* `lvm_volumes_lld.sh` - LLD for LVM logical volume utilization.\n* `mysql_long_queries.sh` - Counts MySQL queries running over 60s.\n* `pg_database_discovery_lld.sh` - LLD for PostgreSQL databases and sizes.\n* `pg_replication_lag.sh` - PostgreSQL replication lag in seconds.\n* `rabbitmq_queues_lld.sh` - LLD for RabbitMQ queues and unacknowledged messages.\n* `raid_array_status.sh` - Software RAID (mdadm) array status monitor.\n* `redis_keyspace_lld.sh` - LLD for Redis databases and key counts.\n* `smart_disk_discovery_lld.sh` - LLD for physical disks via `lsblk`.\n* `smart_disk_temp.sh` - S.M.A.R.T. physical disk temperature monitor.\n* `zbx_mongo_connections.sh` - Current MongoDB active connections.\n* `zbx_mongo_replica_lag.sh` - MongoDB secondary replica lag monitor.\n* `zbx_mysql_buffer_pool.sh` - MySQL InnoDB buffer pool hit ratio.\n* `zbx_mysql_connections.sh` - MySQL active connections percentage.\n* `zbx_mysql_slow_queries.sh` - MySQL absolute slow queries counter.\n* `zbx_pg_active_locks.sh` - PostgreSQL transactions stuck on deadlocks.\n* `zbx_pg_cache_hit_ratio.sh` - PostgreSQL memory cache hit ratio %.\n* `zbx_pg_wal_size.sh` - PostgreSQL WAL directory size in bytes.\n* `zbx_redis_evicted_keys.sh` - Redis evicted keys counter (OOM tracking).\n* `zbx_redis_memory_fragmentation.sh` - Redis memory fragmentation ratio.\n* `zbx_timescaledb_chunks.sh` - TimescaleDB chunks audit.\n* `zbx_vmware_datastore.py` - VMware vSphere Datastore capacity via pyVim.\n* `zfs_pool_health_lld.sh` - LLD for ZFS pool health and capacity.\n\n### ⚡ `power-and-environment\u002F`\n* `zbx_apc_ats_redundancy.sh` - Alerts if an ATS loses backup power source redundancy.\n* `zbx_apc_ats_source_status.sh` - Checks synchronization and active power source on APC ATS.\n* `zbx_apc_humidity_temp.sh` - Consolidated JSON payload for rack temp\u002Fhumidity.\n* `zbx_apc_nmc_api_master.py` - Reads native REST API data from modern APC NMC v3.\n* `zbx_apcupsd_events_parser.sh` - Parses `\u002Fvar\u002Flog\u002Fapcupsd.events` for critical events.\n* `zbx_apcupsd_master.py` - Master Item converting `apcaccess` output into JSON.\n* `zbx_delta_ups_battery_health.sh` - Specific Delta UPS MIB monitor.\n* `zbx_eaton_xups_health.sh` - Uses proprietary Eaton XUPS-MIB for hardware states.\n* `zbx_nut_active_alarms.sh` - Extracts the real-time alarm string broadcasted by NUT.\n* `zbx_nut_ups_discovery.py` - LLD script to dynamically discover UPS units managed by NUT.\n* `zbx_nut_ups_stats.py` - Master Item to extract metrics from a NUT-managed UPS.\n* `zbx_sms_ups_avr_state.sh` - Monitors Automatic Voltage Regulator (AVR) Boost\u002FBuck states.\n* `zbx_snmp_generator_status.sh` - Tracks if dry contacts identify the backup generator.\n* `zbx_snmp_pdu_bank_status_lld.sh` - LLD for internal PDU banks\u002Fbreakers.\n* `zbx_snmp_pdu_outlets_lld.sh` - LLD for discovering Smart PDU outlets.\n* `zbx_snmp_pdu_power_draw.sh` - Consolidates total amperage drawn across a PDU.\n* `zbx_snmp_rfc1628_health.sh` - Universal SNMP UPS monitor (RFC 1628).\n* `zbx_snmp_ups_alarms_lld.sh` - SNMP LLD to discover and track active hardware alarms.\n* `zbx_snmp_ups_audible_alarm.sh` - Monitors if the UPS physical audible alarm is sounding.\n* `zbx_snmp_ups_bad_battery_count.sh` - Counts defective battery cartridges.\n* `zbx_snmp_ups_battery_current.sh` - Tracks battery bus Amperage.\n* `zbx_snmp_ups_battery_temp.sh` - Monitors internal battery temperature (Celsius).\n* `zbx_snmp_ups_battery_voltage.sh` - Reads DC bus voltage.\n* `zbx_snmp_ups_bypass_voltage.sh` - Health check on the raw bypass line voltage.\n* `zbx_snmp_ups_efficiency.sh` - Calculates internal power efficiency percentage.\n* `zbx_snmp_ups_env_probes_lld.sh` - Discovers external environmental probes.\n* `zbx_snmp_ups_fan_status_lld.sh` - LLD to monitor individual cooling fan statuses.\n* `zbx_snmp_ups_load_capacity.sh` - Extracts current inverter load percentage.\n* `zbx_snmp_ups_output_current.sh` - Tracks exact Amperage being pulled by servers.\n* `zbx_snmp_ups_phases_lld.sh` - LLD for 3-Phase UPS systems.\n* `zbx_snmp_ups_power_quality.sh` - Consolidates I\u002FO Voltage and Frequency.\n* `zbx_snmp_ups_real_power.sh` - Reads True Power (Watts) consumed.\n* `zbx_snmp_ups_selftest.sh` - Checks status of automated battery self-tests.\n* `zbx_snmp_ups_test_date.sh` - Parses timestamp of the last deep hardware diagnostic.\n* `zbx_ups_battery_lifecycle.sh` - Tracks battery age in months for predictive replacement.\n* `zbx_ups_energy_meter.sh` - Extracts total accumulated kWh meter.\n* `zbx_vertiv_ups_alarms.sh` - Vertiv\u002FLiebert specific MIB monitor.\n\n### 🌐 `network-and-routing\u002F`\n* `check_bgp_peers.sh` - BGP peer established state via SNMP.\n* `check_ospf_neighbors.sh` - OSPF neighbor full state via SNMP.\n* `cisco_board_pro_status.py` - Cisco endpoint standby status via xAPI.\n* `cisco_meraki_devices_lld.py` - LLD for Cisco Meraki devices via API.\n* `interface_errors_rate.sh` - Linux interface RX errors parser.\n* `mikrotik_bgp_peer_lld.sh` - LLD for MikroTik BGP peers via REST API.\n* `mtr_zabbix_bridge.py` - Advanced path observability via MTR.\n* `network_interfaces_lld.sh` - Native Linux network interfaces discovery.\n* `nexus_advanced_telemetry.py` - Cisco Nexus BGP\u002FInterface LLD via NX-API.\n* `nexus_env_health.py` - Cisco Nexus CPU\u002FMemory health via NX-API.\n* `stp_topology_change.sh` - Spanning Tree topology change counter.\n* `zbx_cisco_aci_health.py` - Cisco ACI Fabric faults LLD.\n* `zbx_fortigate_sdwan.sh` - FortiGate SD-WAN SLA metrics (Latency\u002FJitter\u002FLoss).\n\n### 💻 `operating-systems\u002F`\n* `check_cpu_iowait.sh` - Linux CPU iowait bottleneck percentage.\n* `check_disk_inodes.sh` - Linux disk inode utilization percentage.\n* `check_ntp_sync.sh` - NTP time synchronization status.\n* `check_oom_killer.sh` - OOM Killer intervention counter.\n* `check_pending_reboot.ps1` - Windows pending reboot registry check.\n* `check_zombie_procs.sh` - Linux zombie processes count.\n* `iis_app_pools_lld.ps1` - Windows IIS Application Pools discovery.\n* `systemd_services_lld.sh` - Linux enabled systemd services discovery.\n* `win_event_critical.ps1` - Windows critical event log counter.\n* `zbx_linux_context_switches.sh` - Linux CPU context switches rate.\n* `zbx_linux_deleted_open_files.sh` - Tracks deleted files holding disk space.\n* `zbx_linux_disk_io.sh` - Advanced Linux disk I\u002FO metrics LLD.\n* `zbx_linux_entropy_avail.sh` - Available kernel cryptographic entropy.\n* `zbx_linux_inode_usage_max.sh` - Highest inode usage among mount points.\n* `zbx_linux_network_drops.sh` - Linux kernel network RX packet drops.\n* `zbx_linux_oom_score.sh` - Highest OOM score among running processes.\n* `zbx_linux_open_files.sh` - Total open file descriptors.\n* `zbx_linux_process_threads.sh` - Total OS threads count.\n* `zbx_linux_swap_io.sh` - Swap memory I\u002FO paging metrics.\n* `zbx_linux_uptime_seconds.sh` - Exact system uptime in seconds.\n* `zbx_tcp_socket_states.sh` - TCP socket states counter (ESTABLISHED, TIME_WAIT).\n\n### 🛡️ `security-and-vpn\u002F`\n* `active_ssh_sessions.sh` - Active SSH user sessions count.\n* `check_open_ports.sh` - Validates if a specific local port is listening.\n* `failed_ssh_logins.sh` - Brute-force SSH failed logins counter.\n* `file_checksum_monitor.sh` - SHA256 critical file checksum monitor.\n* `openvpn_sessions_lld.py` - LLD for connected OpenVPN users.\n* `strongswan_ipsec_lld.sh` - LLD for StrongSwan IPsec tunnels.\n* `vpn_ipsec_tunnel.sh` - IPsec VPN tunnel up\u002Fdown status via ICMP.\n* `zbx_paloalto_gp_users.py` - Palo Alto GlobalProtect active users count.\n\n### 🕸️ `web-api-dns\u002F`\n* `advanced_api_monitor.py` - Deep HTTP transaction lifecycle timing analyzer.\n* `api_json_value.py` - Extracts specific JSON values from REST APIs.\n* `check_domain_expiry.sh` - Domain registration expiration days.\n* `check_ssl_expiry.sh` - SSL certificate expiration days.\n* `dns_resolution_time.sh` - DNS resolution time in milliseconds.\n* `haproxy_backend_lld.sh` - LLD for HAProxy backend servers status.\n* `http_status_code.sh` - HTTP status code monitor.\n* `mail_queue_size.sh` - Postfix mail queue size counter.\n* `nginx_upstream_lld.sh` - LLD for Nginx upstream backend status.\n* `ssl_sni_discovery_lld.sh` - LLD for SSL certificates via Nginx SNI configs.\n* `web_string_match.sh` - Verifies if a specific string exists on a web page.\n* `zbx_m365_service_health.py` - Microsoft 365 services health status via Graph API.\n* `zbx_ssl_ocsp_chain.py` - SSL OCSP revocation and chain validation.\n\n### 🏛️ `zabbix-meta-monitoring\u002F`\n* `zbx_alerter_processes.sh` - Active Zabbix alerter processes count.\n* `zbx_db_config_bloat.sh` - Audit for unsupported items and disabled hosts.\n* `zbx_db_connections_active.sh` - Active DB connections from Zabbix Server.\n* `zbx_db_size_growth.sh` - Zabbix database total size in bytes.\n* `zbx_ha_cluster_status.sh` - Zabbix High Availability cluster nodes status.\n* `zbx_housekeeper_deleted.sh` - Records deleted by the last Housekeeper run.\n* `zbx_lld_queue_delay.sh` - LLD items waiting in the preprocessing queue.\n* `zbx_nvps_rate.sh` - New Values Per Second (NVPS) real-time rate.\n* `zbx_pg_dead_tuples.sh` - PostgreSQL dead tuples and bloat percentage.\n* `zbx_poller_busy_max.sh` - Highest poller utilization percentage.\n* `zbx_preprocessing_queue.sh` - Values queued for preprocessing.\n* `zbx_proxy_sync_delay.sh` - Zabbix Proxy sync delay in seconds via DB.\n* `zbx_queue_profiler.py` - Granular Zabbix queue delay extraction via API.\n* `zbx_server_log_parser.py` - Critical errors aggregator for Zabbix server log.\n* `zbx_trapper_sockets.sh` - Audit of TCP sockets stuck in Zabbix Trapper.\n* `zbx_unsupported_items_count.sh` - Total count of unsupported Zabbix items.\n* `zbx_value_cache_hits.sh` - Zabbix Value Cache hit counter.\n\n### 🤝 `integrations-and-itsm\u002F`\n* `zbx_awx_remediation.py` - Triggers Ansible Tower\u002FAWX Job Templates.\n* `zbx_glpi_ticket.py` - Automatically opens and categorizes tickets in GLPI.\n* `zbx_jira_ticket.py` - Opens Jira Service Management issues.\n* `zbx_msteams_adaptive.py` - Pushes alerts to Microsoft Teams using Adaptive Cards.\n* `zbx_netbox_sync.py` - Auto-registers NetBox devices as Zabbix hosts.\n* `zbx_opsgenie_heartbeat.py` - Pushes a continuous heartbeat to Opsgenie.\n* `zbx_pagerduty_alert.py` - Routes critical events to PagerDuty via API v2.\n* `zbx_rundeck_webhook.py` - Fires Rundeck runbooks automatically.\n* `zbx_servicenow_add_worknote.py` - Injects real-time diagnostic logs into SNOW Incidents.\n* `zbx_servicenow_change_request.py` - Opens a Pre-approved Standard Change Request.\n* `zbx_servicenow_check_approval.py` - Pauses auto-remediation until a manager approves the SNOW Change.\n* `zbx_servicenow_check_maintenance.py` - Queries SNOW CMDB to suppress alerts during Change windows.\n* `zbx_servicenow_cmdb_sync.py` - Registers discovered Zabbix hosts into SNOW CMDB tables.\n* `zbx_servicenow_create_outage.py` - Creates Outage records for SLA calculations.\n* `zbx_servicenow_create_problem.py` - Opens a Problem ticket for root-cause analysis.\n* `zbx_servicenow_enrich_tags.py` - Dynamically maps SNOW Business Services into Zabbix tags.\n* `zbx_servicenow_escalate_incident.py` - Escalates SNOW incidents if a trigger remains active.\n* `zbx_servicenow_event.py` - Sends native ITOM Events allowing SNOW to handle correlation.\n* `zbx_servicenow_get_oncall.py` - Queries SNOW On-Call Scheduling API to route notifications.\n* `zbx_servicenow_incident.py` - Creates legacy ServiceNow Incidents (INC).\n* `zbx_servicenow_kb_link.py` - Searches SNOW KB and injects the article link into the incident.\n* `zbx_servicenow_major_incident.py` - Interacts with MIM module to promote War Room Major Incidents.\n* `zbx_servicenow_order_ritm.py` - Automatically orders Service Catalog Items (RITM) via API.\n* `zbx_servicenow_pause_sla.py` - Puts an incident to 'On Hold' to pause SLA clocks.\n* `zbx_servicenow_resolve.py` - Automatically updates and resolves SNOW Incidents upon recovery.\n* `zbx_servicenow_sctask.py` - Opens non-urgent Service Catalog Tasks (SCTASK).\n* `zbx_servicenow_secops_vuln.py` - Opens Vulnerable Items (VIT) for CVEs\u002Fsecurity flaws.\n* `zbx_servicenow_sys_attachment.py` - Uploads diagnostic logs directly via the Attachment API.\n* `zbx_servicenow_warranty_lld.py` - Discovers hardware assets and imports warranty dates into Zabbix.\n* `zbx_statuspage_updater.py` - Updates Atlassian Statuspage components to \"Degraded\".\n\n### 🚀 `apm-and-performance\u002F` (AppDynamics)\n* `zbx_appdynamics_active_violations.py` - Polls AppDynamics for active Health Rule violations.\n* `zbx_appdynamics_alert_handler.py` - Translates AppDynamics webhooks into Zabbix Trapper alerts.\n* `zbx_appdynamics_app_export.py` - Generates MD5 hash of app config to track Config Drift.\n* `zbx_appdynamics_bt_lld.py` - LLD for Business Transactions (BTs).\n* `zbx_appdynamics_db_agent_lld.py` - Discovers DB Visibility Agents.\n* `zbx_appdynamics_exceptions_monitor.py` - Tracks absolute counts of code Exceptions.\n* `zbx_appdynamics_health_rules_lld.py` - Discovers and tracks AppDynamics Health Rules.\n* `zbx_appdynamics_information_points_lld.py` - LLD for custom Information Points.\n* `zbx_appdynamics_jmx_metrics.py` - Extracts JMX Heap\u002FGC data directly from AppDynamics.\n* `zbx_appdynamics_license_usage.py` - Monitors AppDynamics license unit consumption.\n* `zbx_appdynamics_machine_agent_lld.py` - Discovers Machine Agents across the controller.\n* `zbx_appdynamics_metrics_master.py` - Polls core \"Golden Signals\" (Response Time, CPM, Errors).\n* `zbx_appdynamics_nodes_lld.py` - Discovers Application Tiers and Nodes.\n* `zbx_appdynamics_policy_violations.py` - Aggregates policy violations.\n* `zbx_appdynamics_push_event.py` - Pushes Zabbix infrastructure triggers into AppDynamics as Custom Events.\n* `zbx_appdynamics_service_endpoints_lld.py` - Mapped granular API routes\u002Fendpoints.\n* `zbx_appdynamics_synthetics_lld.py` - LLD for EUM Synthetic Jobs.\n* `zbx_appdynamics_tier_health.py` - Isolates Golden Signals for a specific Tier\u002FMicroservice.\n\n### 🧠 `dynatrace-integration\u002F`\n* `zbx_dynatrace_active_problems.py` - Polls Davis AI for open infrastructure\u002Fapplication problems.\n* `zbx_dynatrace_activegate_lld.py` - Discovers and monitors routing ActiveGates.\n* `zbx_dynatrace_app_apdex.py` - Returns the Apdex user experience score for Web\u002FMobile apps.\n* `zbx_dynatrace_appsec_vulnerabilities.py` - Counts active Critical\u002FHigh runtime vulnerabilities.\n* `zbx_dynatrace_custom_metric_ingest.py` - Injects custom Zabbix metrics directly into Dynatrace.\n* `zbx_dynatrace_db_service_health.py` - Tracks SQL response times from monitored DB Services.\n* `zbx_dynatrace_ddu_consumption.py` - FinOps: Tracks Davis Data Units (DDU) consumption.\n* `zbx_dynatrace_host_cpu_steal.py` - Extracts Cloud VM CPU Steal Time percentage.\n* `zbx_dynatrace_log_errors_monitor.py` - Executes DQL to count log exceptions in Log Management v2.\n* `zbx_dynatrace_network_retransmissions.py` - Extracts OS-level TCP retransmission rates.\n* `zbx_dynatrace_oneagent_health_lld.py` - Audits Host OneAgents to ensure monitoring is active.\n* `zbx_dynatrace_process_group_health.py` - Verifies active instances within a Process Group.\n* `zbx_dynatrace_process_group_lld.py` - Discovers clustered Process Groups.\n* `zbx_dynatrace_push_deployment.py` - Injects CI\u002FCD Custom Deployment events into the timeline.\n* `zbx_dynatrace_push_event.py` - Pushes critical Zabbix alerts into Dynatrace for root-cause correlation.\n* `zbx_dynatrace_rum_live_sessions.py` - Returns the exact number of active human RUM sessions.\n* `zbx_dynatrace_service_golden_signals.py` - Queries the API v2 for a service's Golden Signals.\n* `zbx_dynatrace_slo_status.py` - Monitors SLI compliance percentage and remaining Error Budgets.\n* `zbx_dynatrace_synthetic_health.py` - Collects success rate and duration of Synthetic tests.\n* `zbx_dynatrace_synthetic_monitors_lld.py` - Discovers Synthetic Browser and HTTP monitors.\n\n### 🪵 `log-analytics-and-siem\u002F` (Splunk)\n* `zbx_splunk_apps_lld.py` - Audits all installed Splunk Apps and Add-ons.\n* `zbx_splunk_daemon_cpu.py` - Tracks native resource utilization of `splunkd`.\n* `zbx_splunk_datamodel_acceleration.py` - Ensures Data Models are accelerating properly.\n* `zbx_splunk_datamodels_lld.py` - LLD for Splunk Data Models.\n* `zbx_splunk_deployment_clients_lld.py` - Discovers Universal Forwarders attached to Deployment Server.\n* `zbx_splunk_deployment_server_total.py` - Tracks total active phoning-home forwarders.\n* `zbx_splunk_hec_alert.py` - Webhook: Pushes native Zabbix Alerts into Splunk via HEC.\n* `zbx_splunk_hec_metric.py` - Webhook: Pushes performance metrics into Splunk Metric Indexes.\n* `zbx_splunk_hec_token_status.py` - Audits HEC tokens to ensure they are enabled.\n* `zbx_splunk_hec_tokens_lld.py` - Discovers configured HTTP Event Collectors.\n* `zbx_splunk_index_event_count.py` - Tracks absolute number of events ingested per index.\n* `zbx_splunk_index_size.py` - Monitors Splunk index disk size growth.\n* `zbx_splunk_indexes_lld.py` - LLD for active data indexes.\n* `zbx_splunk_indexer_cluster_status.py` - Verifies Indexer Cluster Replication\u002FSearch factors.\n* `zbx_splunk_kvstore_health.py` - Checks the status of the internal MongoDB (KV Store).\n* `zbx_splunk_license_capacity.py` - Returns total purchased ingestion capacity in GB.\n* `zbx_splunk_license_usage.py` - Tracks daily Splunk license consumption percentage.\n* `zbx_splunk_license_warnings.py` - Counts active soft-limit license warnings.\n* `zbx_splunk_orphan_searches.py` - Discovers scheduled searches left behind by disabled users.\n* `zbx_splunk_peer_status.py` - Checks connection status of distributed search peers.\n* `zbx_splunk_roles_total.py` - Audits the total number of RBAC roles.\n* `zbx_splunk_search_concurrency.py` - Monitors active historical searches to prevent exhaustion.\n* `zbx_splunk_search_job_status.py` - Checks the dispatch state of a remote search job.\n* `zbx_splunk_search_peers_lld.py` - LLD for Search Head distributed peers.\n* `zbx_splunk_shc_status.py` - Evaluates health and Captaincy of a Search Head Cluster.\n* `zbx_splunk_system_messages.py` - Extracts critical GUI bulletin warnings.\n* `zbx_splunk_tcp_inputs.py` - Counts active raw TCP listening ports.\n* `zbx_splunk_trigger_saved_search.py` - Triggers a Saved Search programmatically from Zabbix.\n* `zbx_splunk_user_status.py` - Detects if a Splunk user account is locked out.\n* `zbx_splunk_users_lld.py` - Discovers all local authentication users.\n\n### 🐶 `datadog-integration\u002F`\n* `zbx_datadog_active_downtimes.py` - Tracks global count of active maintenance downtimes.\n* `zbx_datadog_active_incidents.py` - Monitors active incidents in Datadog Incident Management.\n* `zbx_datadog_active_monitors.py` - Returns absolute counts of monitors in 'Alert' or 'Warn'.\n* `zbx_datadog_apm_services_lld.py` - Discovers APM Service dependencies.\n* `zbx_datadog_create_incident.py` - Automates the creation of a Datadog Incident.\n* `zbx_datadog_custom_metric_query.py` - Universal Query: Executes any native Datadog query.\n* `zbx_datadog_dashboards_lld.py` - LLD for existing Datadog dashboards.\n* `zbx_datadog_host_mute_status.py` - Checks if a Datadog agent host is muted to mirror downtimes.\n* `zbx_datadog_hosts_lld.py` - Discovers all hosts monitored by the Datadog Agent.\n* `zbx_datadog_log_index_retention.py` - Audits Log Management indexes retention policies.\n* `zbx_datadog_log_indexes_lld.py` - LLD for discovering customized Log Indexes.\n* `zbx_datadog_mute_monitor.py` - Temporarily mutes a Datadog monitor before a Zabbix reboot.\n* `zbx_datadog_push_event.py` - Pushes native Zabbix alerts into the Datadog Event stream.\n* `zbx_datadog_push_metric.py` - Forwards physical\u002Fcustom metrics into Datadog.\n* `zbx_datadog_rum_apps_lld.py` - LLD for RUM web and mobile applications.\n* `zbx_datadog_service_level_objectives_lld.py` - LLD for configured Service Level Objectives (SLOs).\n* `zbx_datadog_slo_status.py` - Polls SLI compliance percentage and Error Budget.\n* `zbx_datadog_synthetic_health.py` - Checks execution status of a Datadog Synthetic test.\n* `zbx_datadog_synthetics_lld.py` - LLD for Synthetic API and Browser tests.\n* `zbx_datadog_usage_summary.py` - FinOps: Monitors daily billed usage metrics preventing overruns.\n\n### 📈 `grafana-integration\u002F`\n* `zbx_grafana_admin_count.py` - Audits the Grafana user base for Server Admin privileges.\n* `zbx_grafana_admin_stats.py` - Collects absolute global metrics (Dashboards, Users, Alerts).\n* `zbx_grafana_alert_rules_lld.py` - LLD for Grafana Unified Alerting (GUA) rules.\n* `zbx_grafana_alert_status.py` - Polls the state (Normal, Pending, Firing) of a Grafana Alert.\n* `zbx_grafana_alert_templates_lld.py` - Audits configured HTML\u002FText notification templates.\n* `zbx_grafana_annotation_clear.py` - Clears a Grafana annotation when the Zabbix trigger resolves.\n* `zbx_grafana_annotation_push.py` - Injects Zabbix alerts as vertical red-line annotations.\n* `zbx_grafana_auth_saml_status.py` - Verifies SAML\u002FSSO authentication status.\n* `zbx_grafana_contact_points_lld.py` - Discovers configured Alertmanager Contact Points.\n* `zbx_grafana_correlations_health.py` - Checks active status of trace-to-log correlations.\n* `zbx_grafana_correlations_lld.py` - Discovers configured Trace-to-Log correlations.\n* `zbx_grafana_create_silence.py` - Tells Grafana to silence specific host alerts during maintenance.\n* `zbx_grafana_dashboard_backup.py` - Extracts the pure JSON model of a dashboard for internal Zabbix backup.\n* `zbx_grafana_dashboard_permissions.py` - Security: Alerts if a dashboard grants \"Edit\" to \"Viewers\".\n* `zbx_grafana_dashboard_tags_lld.py` - Discovers dashboard tagging usage for taxonomy.\n* `zbx_grafana_dashboard_versions.py` - Audits revision history to track database bloat.\n* `zbx_grafana_dashboards_lld.py` - LLD for all provisioned and UI-created dashboards.\n* `zbx_grafana_datasource_health.py` - Checks if a mapped Datasource is reachable.\n* `zbx_grafana_datasource_permissions.py` - Enterprise: Audits custom permissions tied to data sources.\n* `zbx_grafana_datasources_lld.py` - LLD for all configured data sources.\n* `zbx_grafana_db_size.py` - Monitors SQLite database size.\n* `zbx_grafana_folder_permissions.py` - Security: Detects permission leaks in restricted folders.\n* `zbx_grafana_folders_lld.py` - LLD for Grafana folder hierarchies.\n* `zbx_grafana_global_quotas.py` - Returns global server limitations (max users\u002Forgs).\n* `zbx_grafana_health.py` - `\u002Fapi\u002Fhealth` polling.\n* `zbx_grafana_legacy_apikeys_lld.py` - Security: Discovers deprecated legacy API Keys.\n* `zbx_grafana_library_panels_lld.py` - Discovers reusable Library Panels.\n* `zbx_grafana_mute_timings_lld.py` - Discovers configured Mute Timings in Alerting.\n* `zbx_grafana_org_quotas.py` - Audits target limitations specific to a tenant.\n* `zbx_grafana_org_users_count.py` - Tracks exact user count assigned to an organization.\n* `zbx_grafana_orgs_lld.py` - LLD for Multi-tenancy Organizations.\n* `zbx_grafana_playlists_lld.py` - Discovers NOC Playlists.\n* `zbx_grafana_plugin_updates.py` - Audits plugins for available updates.\n* `zbx_grafana_plugins_lld.py` - LLD for installed Grafana plugins.\n* `zbx_grafana_preferences.py` - Audits global organization preferences (Home Dashboard).\n* `zbx_grafana_public_dashboards_lld.py` - Security: Audits publicly exposed dashboards.\n* `zbx_grafana_report_status.py` - Checks execution status of scheduled PDF reports.\n* `zbx_grafana_reports_lld.py` - LLD for Scheduled Reports.\n* `zbx_grafana_sa_tokens_count.py` - Counts active Bearer Tokens on Service Accounts.\n* `zbx_grafana_server_settings_audit.py` - Ensures `allow_sign_up` is strictly disabled.\n* `zbx_grafana_service_accounts_lld.py` - Discovers Grafana Service Accounts.\n* `zbx_grafana_short_urls_lld.py` - Discovers shortened URLs generated by Grafana Share.\n* `zbx_grafana_silences_lld.py` - Audits active silences in Grafana Alertmanager.\n* `zbx_grafana_snapshots_lld.py` - Audits public and local dashboard snapshots.\n* `zbx_grafana_sso_sync_status.py` - Checks LDAP\u002FSAML sync status.\n* `zbx_grafana_team_lld.py` - Discovers configured Grafana Teams.\n* `zbx_grafana_team_members_count.py` - Calculates the user count of a specific Grafana Team.\n* `zbx_grafana_user_quotas.py` - Audits limitations applied to individual users.\n* `zbx_grafana_user_stars.py` - Checks if critical NOC dashboards are actively \"starred\".\n* `zbx_grafana_users_lld.py` - LLD for local users for authentication tracking.\n\n### 🐙 `devsecops-and-cicd\u002F` (GitHub)\n* `zbx_github_api_ratelimit.py` - Monitors the organization's core API rate limits.\n* `zbx_github_billing_minutes.py` - Tracks paid CI\u002FCD execution minutes to govern FinOps thresholds.\n* `zbx_github_billing_storage.py` - Tracks GitHub Packages and LFS storage capacity billing.\n* `zbx_github_dependabot_alerts.py` - SecOps: Counts active, unpatched vulnerabilities.\n* `zbx_github_repo_size.py` - Audits the physical size of tracked repositories.\n* `zbx_github_runner_status.py` - Ensures self-hosted CI\u002FCD runners remain online.\n* `zbx_github_runners_lld.py` - LLD for automatically discovering deployed self-hosted runners.\n* `zbx_github_stale_prs.py` - Agile metrics: Counts abandoned Pull Requests.\n* `zbx_github_traffic_clones.py` - SecOps anomaly detection: Alerts on unusual clone traffic spikes.\n* `zbx_github_workflow_failures.py` - Critical Pipeline Monitor: Alerts if production workflow fails.\n\n### 🗝️ `security-and-secrets\u002F` (HashiCorp Vault)\n* `zbx_vault_audit_log_health.py` - Ensures at least one audit device is functional.\n* `zbx_vault_auth_methods_lld.py` - Discovers configured authentication engines.\n* `zbx_vault_ha_leader.py` - Identifies the 'Active' master and 'Standby' replicas.\n* `zbx_vault_license_status.py` - Tracks Vault Enterprise license expiration.\n* `zbx_vault_metrics_memory.py` - Extracts Prometheus-formatted telemetry for memory consumption.\n* `zbx_vault_pki_cert_expiry_lld.py` - LLD for internal PKI Engine certificates to track expirations.\n* `zbx_vault_seal_status.py` - Alerts if a Vault node enters a 'Sealed' state.\n* `zbx_vault_secret_engines_lld.py` - Discovers mounted secrets engines dynamically.\n* `zbx_vault_step_down_action.py` - Webhook: Forces a problematic node to drop leadership.\n* `zbx_vault_token_accessors_count.py` - Monitors active token counts to detect sprawl\u002Fleaks.\n\n### ⚖️ `application-delivery-controllers\u002F` (F5 BIG-IP)\n* `zbx_f5_cert_expiry_lld.py` - LLD for SSL certificates, calculating remaining validity days.\n* `zbx_f5_config_sync.py` - Checks Active\u002FStandby synchronization status.\n* `zbx_f5_failover_status.py` - Audits High Availability unit state (ACTIVE or STANDBY).\n* `zbx_f5_pool_members_health.py` - Compares total pool members against active members.\n* `zbx_f5_pools_lld.py` - Discovers configured Server Pools and routing partitions.\n* `zbx_f5_virtual_servers_lld.py` - LLD for Virtual Servers (VIPs) and IP addresses.\n* `zbx_f5_vs_status.py` - Retrieves the precise Availability State of critical Virtual Servers.\n\n### 🛡️ `next-gen-firewalls\u002F` (Palo Alto Networks)\n* `zbx_paloalto_bgp_peers_lld.py` - Discovers dynamic BGP peer statuses across Virtual Routers.\n* `zbx_paloalto_ha_state.py` - Monitors Local and Peer High Availability status.\n* `zbx_paloalto_pending_commits.py` - Configuration Audit: Alerts on uncommitted rule changes.\n* `zbx_paloalto_session_utilization.py` - Calculates the percentage of the global session table utilized.\n* `zbx_paloalto_threat_count.py` - Pulls recent threat detection events for SOC visualization.\n* `zbx_paloalto_wildfire_status.py` - Ensures continuous connectivity to the WildFire cloud engine.\n\n---\n\n## 🚀 Quick Start & Deployment Guide\n\nBecause this repository bridges multiple operational domains, the deployment strategy changes depending on whether Zabbix is **collecting data (Polling)** or **executing an action (Webhooks)**.\n\n### 1. Prerequisites\nEnsure the environment executing the scripts (Zabbix Server, Proxy, or Agent) has the required dependencies:\n* `python3` and `pip` packages: `requests`, `boto3`, `pyVim`\n* `jq` (for JSON parsing in bash scripts)\n* `snmpget` \u002F `snmpwalk` (for legacy hardware monitoring)\n\n### 2. Local OS\u002FHardware Metrics: Zabbix Agent (UserParameters)\nUsed for scripts that must run directly on the target machine (e.g., Docker, Linux OS, local SQLite sizes).\n\n1. Copy the script to the monitored host (e.g., `\u002Fetc\u002Fzabbix\u002Fscripts\u002F`).\n2. Make the script executable: \n \n chmod +x \u002Fetc\u002Fzabbix\u002Fscripts\u002Fscript_name.sh\n \n3. Add the UserParameter to `zabbix_agentd.conf` (or `zabbix_agent2.conf`):\n \n UserParameter=custom.metric.name[*], \u002Fetc\u002Fzabbix\u002Fscripts\u002Fscript_name.sh $1 $2\n \n4. **Restart the Zabbix Agent service.** (Crucial: UserParameters only load on startup).\n5. In the Zabbix UI, create an item of type **Zabbix agent**.\n\n### 3. API Polling & Integrations: External Checks\nUsed for SaaS platforms, Clouds, and APIs where installing an agent is impossible (e.g., Datadog, Splunk, GitHub, F5, Palo Alto). **These scripts run from the Zabbix Server or Zabbix Proxy.**\n\n1. Copy the script to your `ExternalScripts` path (default: `\u002Fusr\u002Flib\u002Fzabbix\u002Fexternalscripts\u002F`).\n2. Ensure the file is owned by the `zabbix` user and executable:\n \n chown zabbix:zabbix \u002Fusr\u002Flib\u002Fzabbix\u002Fexternalscripts\u002Fscript_name.py\n chmod +x \u002Fusr\u002Flib\u002Fzabbix\u002Fexternalscripts\u002Fscript_name.py\n \n3. *(No service restart required).*\n4. In the Zabbix UI, create an item of type **External check**.\n5. In the **Key** field, reference the script and pass macros: `script_name.py[\"{$API_URL}\",\"{$API_TOKEN}\"]`.\n\n### 4. Bulk Data Processing: Master Items & LLD\nFor scripts that return large JSON payloads (e.g., AWS Billing, Kubernetes Pods, Grafana Dashboards).\n\n1. Create the **Master Item** (External Check) and set the **Type of information** to `Text`.\n2. Create a **Discovery Rule** (Type: `Dependent item`), pointing to the Master Item.\n3. Configure **LLD macros** mapping the JSON keys (e.g., `{#DASHBOARD_ID}` ➔ `$.uid`).\n4. Create **Item prototypes** (Type: `Dependent item` pointing to the Master Item).\n5. In the Item Prototype, add a **JSONPath Preprocessing** step to extract the specific metric.\n\n### 5. Event-Driven Automation: Webhooks & AlertScripts\nScripts inside categories like `integrations-and-itsm\u002F` act upon events (Pushing annotations to Grafana, opening ServiceNow tickets, muting Datadog).\n\n1. Copy the script to your `AlertScriptsPath` on the Zabbix Server (default: `\u002Fusr\u002Flib\u002Fzabbix\u002Falertscripts\u002F`).\n2. Make the script executable (`chmod +x`).\n3. In the Zabbix UI, go to **Administration > Media types** and create a new media type.\n4. Set Type to **Script**, enter the script name, and define the parameters that will be passed to it from the event (e.g., `{HOST.NAME}`, `{EVENT.SEVERITY}`, `{EVENT.ID}`).\n5. Go to **Configuration > Actions > Trigger actions** and create an action that triggers this Media Type when a problem occurs.\n\n### 🔐 Security & Operations Best Practices\n* **Secret Macros:** Never hardcode Bearer tokens, GitHub Personal Access Tokens (PATs), or API keys in the scripts. Pass them as arguments using Zabbix **Secret Text Macros** (`{$SECRET_TOKEN}`).\n* **Sudoers:** If a local bash script requires root (e.g., `lsblk`, `smartctl`), use `visudo` to grant specific permissions to the `zabbix` user: `zabbix ALL=(ALL) NOPASSWD: \u002Fusr\u002Fsbin\u002Fsmartctl`. **Never run the Zabbix Agent as root.**\n* **API Throttling:** When polling heavily rate-limited APIs (like GitHub or SaaS APMs), adjust update intervals to `5m` or `15m` to prevent 429 Too Many Requests errors. Use Master Items to fetch all data in a single API call.","该项目提供了一套全面的Zabbix企业级可观测性和自动化工具包,旨在将Zabbix从简单的监控工具升级为完整的IT运维管理平台。核心功能包括超过380个高级脚本、主项目、低级别发现规则及事件驱动自动化webhook,覆盖了从基础架构到云服务、应用性能监控、安全运营等多个领域。技术特点如零开销轮询、动态发现、基于事件的自动化响应以及按技术域划分的遥测数据,确保了在关键任务环境中的可扩展性。适合需要提升现有Zabbix系统功能的企业使用,尤其是在复杂多变的IT环境中寻求高效管理和自动化解决方案时。","2026-06-11 03:58:26","CREATED_QUERY"]