It would be extremely more powerful if the Zabbix Agent AllowKey and DenyKey parameters to use regular expressions rather than the '*' character.

It would enable more precise and flexible matching instead of lots of different entries for the same command but with different options.

Example 1 - Before:

• AllowKey=system.run[/bin/hostname]
• AllowKey=system.run[/bin/hostname -f]
• AllowKey=system.run[/bin/hostname -s]
• AllowKey=system.run[/bin/hostname -d]
• AllowKey=system.run[/usr/bin/hostname]
• AllowKey=system.run[/usr/bin/hostname -f]
• AllowKey=system.run[/usr/bin/hostname -s]
• AllowKey=system.run[/usr/bin/hostname -d]
   

Example 1 - After:

• AllowKey="^system.run[(\/usr)*\/bin\/hostname -[fsd]]$"

Example 2 - Before:

• AllowKey=system.run[sc start ABC1]
• AllowKey=system.run[sc start ABC2]
• AllowKey=system.run[sc start ABC3]
• AllowKey=system.run[sc start ABC4]
• AllowKey=system.run[sc restart ABC1]
• AllowKey=system.run[sc restart ABC2]
• AllowKey=system.run[sc restart ABC3]
• AllowKey=system.run[sc restart ABC4]

Example 2 - After:

• AllowKey="^system.run[sc (re)*start ABC[1-4]]$"

As you can see the configuration is reduced and the matching is more specific.