-
Type:
Change Request
-
Resolution: Unresolved
-
Priority:
Trivial
-
Affects Version/s: None
-
Component/s: Agent (G), Agent2 (G)
-
None
-
Environment:Zabbix 5.4.X
-
S26-W08/09, S26-W12/13
-
5
It would be extremely more powerful if the Zabbix Agent AllowKey and DenyKey parameters to use regular expressions rather than the '*' character.
It would enable more precise and flexible matching instead of lots of different entries for the same command but with different options.
Example 1 - Before:
- AllowKey=system.run[/bin/hostname]
- AllowKey=system.run[/bin/hostname -f]
- AllowKey=system.run[/bin/hostname -s]
- AllowKey=system.run[/bin/hostname -d]
- AllowKey=system.run[/usr/bin/hostname]
- AllowKey=system.run[/usr/bin/hostname -f]
- AllowKey=system.run[/usr/bin/hostname -s]
- AllowKey=system.run[/usr/bin/hostname -d]
Example 1 - After:
- AllowKey="^system.run[(\/usr)*\/bin\/hostname -[fsd]]$"
Example 2 - Before:
- AllowKey=system.run[sc start ABC1]
- AllowKey=system.run[sc start ABC2]
- AllowKey=system.run[sc start ABC3]
- AllowKey=system.run[sc start ABC4]
- AllowKey=system.run[sc restart ABC1]
- AllowKey=system.run[sc restart ABC2]
- AllowKey=system.run[sc restart ABC3]
- AllowKey=system.run[sc restart ABC4]
Example 2 - After:
- AllowKey="^system.run[sc (re)*start ABC[1-4]]$"
As you can see the configuration is reduced and the matching is more specific.
