J’ai installer depuis un moment Zabbix dans mon entreprise. Il est assez « simple », et puissant.
La sonde disponible sur le zabbix Share ne fonctionné pas sur mon infra, du coup je l’ai modifier à ma sauce. C’est une de mes premières customisations de sondes, je suis conscient que le code peut être amélioré.
Télécharger les fichiers -> Windows Updates
Contents
hide
Coté serveur
Ajouter le template Windows Updates.xml à votre serveur
Vérifier le path de l’élément « Last check » de votre modèle.
Coté Client
Copier settings.ini et zbx-winupdate.exe dans le dossier de votre agent zabbix (C:\Program Files\Zabbix Agent)
Modifier le fichier settings.ini et modifier les informations de SENDER, CONFIG, et SERVER selon votre cas.
Vérifier que dans le fichier zabbix_agentd.conf la valeur EnableRemoteCommands=1 est présente.
Si aucunes données remonte, vérifier que le nom d’hote sur zabbix est identique à celui indiqué dans le fichier log généré automatiquement par zbx-winupdate.exe.
Code Source :
Windows Updates.xml
<?xml version="1.0" encoding="UTF-8"?>
<zabbix_export>
<version>4.4</version>
<date>2020-03-05T08:38:22Z</date>
<groups>
<group>
<name>Templates</name>
</group>
</groups>
<templates>
<template>
<template>Windows Updates</template>
<name>Windows Updates</name>
<description>Check if updates are available for Windows servers ( Important or Optional )</description>
<groups>
<group>
<name>Templates</name>
</group>
</groups>
<applications>
<application>
<name>Windows Updates</name>
</application>
</applications>
<items>
<item>
<name>Check "startup" state of service "Windows Update"</name>
<type>ZABBIX_ACTIVE</type>
<key>service.info[wuauserv,startup]</key>
<delay>30</delay>
<history>1d</history>
<description>Check service "startup" value of "Windows Update"
Value can for startup can be:
0 - automatic,
1 - automatic delayed,
2 - manual,
3 - disabled,
4 - unknown
https://www.zabbix.com/documentation/3.0/manual/config/items/itemtypes/zabbix_agent/win_keys</description>
<applications>
<application>
<name>Windows Updates</name>
</application>
</applications>
<triggers>
<trigger>
<expression>{last()}>2</expression>
<name>Startup state of "Windows Update" on server " {HOST.NAME}" is disabled, zbx-winupdate.exe cannot check for updates.</name>
<priority>WARNING</priority>
<description>Startup state of "Windows Update" on server " {HOST.NAME}" is disabled, zbx_winupdate.exe cannot check for updates.
Value should be lower or 2
Specifically for startup:
0 - automatic,
1 - automatic delayed,
2 - manual,
3 - disabled,
4 - unknown
https://www.zabbix.com/documentation/3.0/manual/config/items/itemtypes/zabbix_agent/win_keys</description>
</trigger>
</triggers>
</item>
<item>
<name>Last check</name>
<key>system.run["C:\Program Files\Zabbix Agent\zbx-winupdate.exe",nowait]</key>
<delay>10800</delay>
<history>1d</history>
<trends>0</trends>
<value_type>LOG</value_type>
<description>Last check for updates</description>
<applications>
<application>
<name>Windows Updates</name>
</application>
</applications>
</item>
<item>
<name>critical</name>
<type>TRAP</type>
<key>zbx.win.updates.critical</key>
<delay>0</delay>
<history>7d</history>
<value_type>FLOAT</value_type>
<description>Available critical updates</description>
<applications>
<application>
<name>Windows Updates</name>
</application>
</applications>
<triggers>
<trigger>
<expression>{last()}>=1</expression>
<name>There are updates available (critical) : ({ITEM.LASTVALUE} available).</name>
<priority>AVERAGE</priority>
</trigger>
</triggers>
</item>
<item>
<name>feature packs</name>
<type>TRAP</type>
<key>zbx.win.updates.feature</key>
<delay>0</delay>
<history>7d</history>
<value_type>FLOAT</value_type>
<description>Available feature packs</description>
<applications>
<application>
<name>Windows Updates</name>
</application>
</applications>
<triggers>
<trigger>
<expression>{last()}>=1</expression>
<name>There are updates available (feature) : ({ITEM.LASTVALUE} available).</name>
<priority>WARNING</priority>
</trigger>
</triggers>
</item>
<item>
<name>rollups</name>
<type>TRAP</type>
<key>zbx.win.updates.rollups</key>
<delay>0</delay>
<history>7d</history>
<value_type>FLOAT</value_type>
<description>Available rollups</description>
<applications>
<application>
<name>Windows Updates</name>
</application>
</applications>
</item>
<item>
<name>security</name>
<type>TRAP</type>
<key>zbx.win.updates.security</key>
<delay>0</delay>
<history>7d</history>
<value_type>FLOAT</value_type>
<description>Available security updates</description>
<applications>
<application>
<name>Windows Updates</name>
</application>
</applications>
<triggers>
<trigger>
<expression>{last()}>=1</expression>
<name>There are updates available (security) : ({ITEM.LASTVALUE} available).</name>
<priority>AVERAGE</priority>
</trigger>
</triggers>
</item>
<item>
<name>service packs</name>
<type>TRAP</type>
<key>zbx.win.updates.servicepacks</key>
<delay>0</delay>
<history>7d</history>
<value_type>FLOAT</value_type>
<description>Available service packs</description>
<applications>
<application>
<name>Windows Updates</name>
</application>
</applications>
<triggers>
<trigger>
<expression>{last()}>=1</expression>
<name>There are updates available (servicepack) : ({ITEM.LASTVALUE} available).</name>
<priority>WARNING</priority>
</trigger>
</triggers>
</item>
<item>
<name>total</name>
<type>TRAP</type>
<key>zbx.win.updates.total</key>
<delay>0</delay>
<history>7d</history>
<value_type>FLOAT</value_type>
<description>Total available updates</description>
<applications>
<application>
<name>Windows Updates</name>
</application>
</applications>
</item>
<item>
<name>uncategorized</name>
<type>TRAP</type>
<key>zbx.win.updates.uncategorized</key>
<delay>0</delay>
<history>7d</history>
<value_type>FLOAT</value_type>
<description>Uncategorized available updates</description>
<applications>
<application>
<name>Windows Updates</name>
</application>
</applications>
<triggers>
<trigger>
<expression>{last()}>=1</expression>
<name>There are updates available (uncategorized) : ({ITEM.LASTVALUE} available).</name>
<priority>WARNING</priority>
</trigger>
</triggers>
</item>
<item>
<name>updates</name>
<type>TRAP</type>
<key>zbx.win.updates.updates</key>
<delay>0</delay>
<history>7d</history>
<value_type>FLOAT</value_type>
<description>Available (Optional) updates</description>
<applications>
<application>
<name>Windows Updates</name>
</application>
</applications>
<triggers>
<trigger>
<expression>{last()}>=1</expression>
<name>There are updates available (optional) : ({ITEM.LASTVALUE} available).</name>
<priority>WARNING</priority>
</trigger>
</triggers>
</item>
</items>
</template>
</templates>
</zabbix_export>
settings.ini
[ZABBIX]
SENDER = C:\Program Files\Zabbix Agent\zabbix_sender.exe
CONFIG = C:\Program Files\Zabbix Agent\zabbix_agentd.conf
SERVER = URL_DE_VOTRE_SERVER_ZABBIX
[WINUPDATE]
HIDEHIDDENUPDATES = True
zbx-winupdate.au3
#cs ----------------------------------------------------------------------------
AutoIt Version: 3.3.12.0
Author: Luc Rutten
Version: 1.01
Script Function:
Check If update are available
Source:
https://community.spiceworks.com/topic/599791-windows-update-script
https://msdn.microsoft.com/nl-nl/library/windows/desktop/aa387102(v=vs.85).aspx
https://gallery.technet.microsoft.com/scriptcenter/b9ba9b9d-cfc7-4bc9-980b-d914e81b3a84
https://stackoverflow.com/questions/26064647/how-to-discover-if-windows-update-is-optional-recommended-or-important
#ce ----------------------------------------------------------------------------
#include <date.au3>
#include <EventLog.au3>
; Retrieve Zabbix settings
Dim $ZBX_SENDER = IniRead (@scriptdir &"\settings.ini", "ZABBIX", "SENDER", "default" )
LogWriter ('SETTINGS','PATH To Zabbix Sender: '& $ZBX_SENDER)
Dim $ZBX_CONFIG = IniRead (@scriptdir &"\settings.ini", "ZABBIX", "CONFIG", "default")
LogWriter ('SETTINGS','PATH To Zabbix Config: '& $ZBX_CONFIG)
Dim $ZBX_COMPUTERNAME = @ComputerName
LogWriter ('SETTINGS','Hostname: '& $ZBX_COMPUTERNAME)
Dim $ZBX_SRV = IniRead (@scriptdir &"\settings.ini", "ZABBIX", "SERVER", "default")
LogWriter ('SETTINGS','Server: '& $ZBX_SRV)
; Retrieve Windows update settings
Dim $WIN_UPDATE_HID = IniRead (@scriptdir &"\settings.ini", "WINUPDATE", "HIDEHIDDENUPDATES", "False")
LogWriter ('SETTINGS','Hide hidden updates: '& $WIN_UPDATE_HID)
; Send signal to zabbix
LASTCHECK()
; Search for updates
FINDUPDATES()
; EndScript
Exit
Func LASTCHECK()
; Send Timestamp to zabbix that windows update has been cheched
Local $TIMESTAMP = @YEAR & @MON & @YDAY & @HOUR & @MIN & @SEC
ConsoleWrite ($TIMESTAMP)
LogWriter ('LASTCHECK','Value "'& $TIMESTAMP &'" send to item "Last Check"')
EndFunc
Func FINDUPDATES()
Local $UPDATES = 0
Local $CATEGORY = 0
Local $CAT_UPDATES = 0 ; Updates
Local $CAT_CRITICAL = 0 ; Security Updates
Local $CAT_SECURITY = 0 ; Security Updates
Local $CAT_SERVICEPACK = 0 ; Service Packs
Local $CAT_ROLLUPS = 0 ; Update Rollups
Local $CAT_FEATURE = 0 ; Feature Packs
Local $CAT_UNCATEGORIZED = 0 ; Uncategorized Packs
Local $updateSession = ObjCreate("Microsoft.Update.Session")
Local $updateSearcher = $updateSession.CreateupdateSearcher()
LogWriter ("Updates","Searching for updates...")
If $WIN_UPDATE_HID = "True" Then
$searchResult = $updateSearcher.Search("IsInstalled=0 and Type='Software' and IsHidden=0")
LogWriter ("Updates","List of applicable items without hidden updates on the machine:")
Else
$searchResult = $updateSearcher.Search("IsInstalled=0 and Type='Software'")
LogWriter ("Updates","List of applicable items with hidden updates on the machine:")
EndIf
; Check for updates
For $i = 0 To $searchResult.Updates.Count - 1
$UPDATE = $searchResult.Updates.Item($i)
; Check category
$CATEGORY = $searchResult.Updates.Item($i).Categories
For $j = 0 To $CATEGORY - 1
$CATEGORY = $CATEGORY.Item($j).Name
Select
Case $CATEGORY = "Updates"
$CAT_UPDATES = $CAT_UPDATES + 1
Case $CATEGORY = "Critical Updates"
$CAT_CRITICAL = $CAT_CRITICAL + 1
Case $CATEGORY = "Security Updates"
$CAT_SECURITY = $CAT_SECURITY + 1
Case $CATEGORY = "Service Packs"
$CAT_SERVICEPACK = $CAT_SERVICEPACK + 1
Case $CATEGORY = "Update Rollups"
$CAT_ROLLUPS = $CAT_ROLLUPS + 1
Case $CATEGORY ="Feature Packs"
$CAT_FEATURE = $CAT_FEATURE + 1
Case Else
$CAT_UNCATEGORIZED = $CAT_UNCATEGORIZED + 1
EndSelect
Next
$UPDATES = $UPDATES + 1
LogWriter ("Updates", "Category: " & $CATEGORY & @TAB & $UPDATE.title)
Next
LogWriter ('FindUpdates','Total category - Updates (optional) available: Value "'& $CAT_UPDATES &'" send to item "win.updates.updates"')
LogWriter ('FindUpdates','Total category - Critical Updates available: Value "'& $CAT_CRITICAL &'" send to item "win.updates.critical"')
LogWriter ('FindUpdates','Total category - Security Updates available: Value "'& $CAT_SECURITY &'" send to item "win.updates.security"')
LogWriter ('FindUpdates','Total category - Service Packs available: Value "'& $CAT_SERVICEPACK &'" send to item "win.updates.servicepack"')
LogWriter ('FindUpdates','Total category - Update Rollups available: Value "'& $CAT_ROLLUPS &'" send to item "win.updates.rollups"')
LogWriter ('FindUpdates','Total category - Feature Packs available: Value "'& $CAT_FEATURE &'" send to item "win.updates.feature"')
LogWriter ('FindUpdates','Total category - Uncategorized updates available: Value "'& $CAT_UNCATEGORIZED &'" send to item "win.updates.uncategorized"')
LogWriter ('FindUpdates','Total category - total updates available: Value "'& $UPDATES &'" send to item "win.updates.totalupdates"')
ZABBIXSENDER($ZBX_SENDER, $ZBX_CONFIG, "zbx.win.updates.updates", $CAT_UPDATES, $ZBX_SRV, $ZBX_COMPUTERNAME)
ZABBIXSENDER($ZBX_SENDER, $ZBX_CONFIG, "zbx.win.updates.critical", $CAT_CRITICAL, $ZBX_SRV, $ZBX_COMPUTERNAME)
ZABBIXSENDER($ZBX_SENDER, $ZBX_CONFIG, "zbx.win.updates.security", $CAT_SECURITY, $ZBX_SRV, $ZBX_COMPUTERNAME)
ZABBIXSENDER($ZBX_SENDER, $ZBX_CONFIG, "zbx.win.updates.servicepacks", $CAT_SERVICEPACK, $ZBX_SRV, $ZBX_COMPUTERNAME)
ZABBIXSENDER($ZBX_SENDER, $ZBX_CONFIG, "zbx.win.updates.rollups", $CAT_ROLLUPS, $ZBX_SRV, $ZBX_COMPUTERNAME)
ZABBIXSENDER($ZBX_SENDER, $ZBX_CONFIG, "zbx.win.updates.feature", $CAT_FEATURE, $ZBX_SRV, $ZBX_COMPUTERNAME)
ZABBIXSENDER($ZBX_SENDER, $ZBX_CONFIG, "zbx.win.updates.uncategorized", $CAT_UNCATEGORIZED, $ZBX_SRV, $ZBX_COMPUTERNAME)
ZABBIXSENDER($ZBX_SENDER, $ZBX_CONFIG, "zbx.win.updates.total", $UPDATES, $ZBX_SRV, $ZBX_COMPUTERNAME)
EndFunc
Func LOGVALUE ($KEY, $VALUE)
Local $PATH = @ScriptDir &'\values\'
Local $LOGFILE = $PATH & $KEY & '.log'
; Check if path exist
If Not FileExists ($PATH) Then
DirCreate ($PATH)
LogWriter ('LOGVALUE', 'Directory: '& $PATH &' does not exist and wil be created.')
EndIf
; Check if file exist
If FileExists ($LOGFILE) Then
; Remove Old log file
FileDelete ($LOGFILE)
LogWriter ('LOGVALUE', 'Delete (last value) old file'& $LOGFILE)
; Write Value to log
FileWrite($LOGFILE, $VALUE)
LogWriter ('LOGVALUE', 'Value: '& $VALUE &' is writen to: '& $LOGFILE)
Else
; Write Value to log
FileWrite($LOGFILE, $VALUE)
LogWriter ('LOGVALUE', 'Value: '& $VALUE &' is writen to: '& $LOGFILE)
EndIf
EndFunc
Func LogWriter ($CATEGORY,$DESCRIPTION)
; Variable(s)
Local $TIMESTAMP = @YEAR & @MON & @YDAY &"-"& @HOUR & @MIN & @SEC
Local $LOGLINE = $TIMESTAMP & @TAB & @ComputerName & @TAB & @UserName & @TAB& $CATEGORY & @TAB & $DESCRIPTION &@CRLF
; Write to log file
LOCAL $LOGFILE = StringTrimRight (@ScriptName,4)
FileWrite(@ScriptDir &'\'& $LOGFILE & '.log', $LOGLINE)
EndFunc
Func ZABBIXSENDER($SENDER, $CONFIG, $KEY, $VALUE, $ZBX_SRV, $ZBX_COMPUTERNAME)
;Local $SENDER = 'C:\Zabbix\bin\win64\zabbix_sender.exe'
;Local $CONFIG = 'C:\Zabbix\conf\zabbix_agentd.win.conf'
LogWriter ('ZABBIXSENDER','PATH to Zabbix sender: ' & $SENDER)
LogWriter ('ZABBIXSENDER','PATH to Zabbix config: ' & $CONFIG)
Runwait('"'& $SENDER &'" -z "' & $ZBX_SRV &'" -s "'& $ZBX_COMPUTERNAME &'" -k "'& $KEY &'" -o "' & $VALUE, '', @SW_HIDE, 2)
LogWriter ('ZABBIXSENDER','Send: Value "'& $VALUE &'" to key: "' & $KEY & '"')
EndFunc
Source : https://share.zabbix.com/operating-systems/windows/zabbix-windows-update-v1-0