diff --git a/build_windows_gold.py b/build_windows_gold.py new file mode 100644 index 0000000..62fe80b --- /dev/null +++ b/build_windows_gold.py @@ -0,0 +1,214 @@ +import yaml +import uuid +import sys + +# Files +SOURCE_FILE = r"templates_work\template_windows_gold_ptbr.yaml" +TARGET_FILE = r"templates_work\template_windows_gold_ptbr.yaml" + +# Translations Map (English substring -> Portuguese replacement) +TRANSLATIONS = { + # Itens Base + "Host name of Zabbix agent running": "Nome do Host (Agent)", + "Zabbix agent ping": "Status do Agente Zabbix (Ping)", + "Version of Zabbix agent running": "Versão do Agente Zabbix", + "Cache bytes": "Memória: Cache Bytes", + "Free system page table entries": "Memória: Entradas de Tabela de Página Livres", + "Memory page faults per second": "Memória: Page Faults/seg", + "Memory pages per second": "Memória: Pages/seg (Swap I/O)", + "Memory pool non-paged": "Memória: Non-paged Pool", + "Used swap space in %": "Swap: % de Uso", + "CPU DPC time": "CPU: Tempo DPC", + "CPU interrupt time": "CPU: Tempo de Interrupção", + "CPU privileged time": "CPU: Tempo Privilegiado (Kernel)", + "CPU user time": "CPU: Tempo de Usuário", + "Context switches per second": "CPU: Context Switches/seg", + "CPU queue length": "CPU: Tamanho da Fila (Queue Length)", + "Number of threads": "Sistema: Número de Threads", + "Number of processes": "Sistema: Número de Processos", + "CPU utilization": "CPU: Utilização Total", + "System name": "Sistema: Nome do Computador", + "System local time": "Sistema: Hora Local", + "Operating system architecture": "Sistema: Arquitetura do SO", + "Operating system": "Sistema: Versão do SO", + "Free swap space": "Swap: Espaço Livre", + "Total swap space": "Swap: Espaço Total", + "System description": "Sistema: Descrição", + "Uptime": "Sistema: Uptime", + "Total memory": "Memória: Total", + "Used memory": "Memória: Usada", + "Memory utilization": "Memória: % de Utilização", + "Number of cores": "Hardware: Número de Cores", + "Zabbix agent availability": "Disponibilidade do Agente Zabbix", + + # Network Discovery + "Interface {#IFNAME}({#IFALIAS}): Inbound packets discarded": "Interface {#IFNAME}: Pacotes Descartados (In)", + "Interface {#IFNAME}({#IFALIAS}): Inbound packets with errors": "Interface {#IFNAME}: Erros de Pacote (In)", + "Interface {#IFNAME}({#IFALIAS}): Bits received": "Interface {#IFNAME}: Tráfego de Entrada", + "Interface {#IFNAME}({#IFALIAS}): Outbound packets discarded": "Interface {#IFNAME}: Pacotes Descartados (Out)", + "Interface {#IFNAME}({#IFALIAS}): Outbound packets with errors": "Interface {#IFNAME}: Erros de Pacote (Out)", + "Interface {#IFNAME}({#IFALIAS}): Bits sent": "Interface {#IFNAME}: Tráfego de Saída", + "Interface {#IFNAME}({#IFALIAS}): Speed": "Interface {#IFNAME}: Velocidade Negociada", + "Interface {#IFNAME}({#IFALIAS}): Operational status": "Interface {#IFNAME}: Status Operacional", + "Interface {#IFNAME}({#IFALIAS}): Interface type": "Interface {#IFNAME}: Tipo de Interface", + + # Triggers & Descriptions & Event Names + "Windows: Number of free system page table entries is too low": "⚠️ Windows: Esgotamento de Tabela de Páginas", + "Windows: The Memory Pages/sec is too high": "⚠️ Windows: Excesso de Paginação (Swap)", + "Windows: CPU interrupt time is too high": "⚠️ Windows: CPU com muitas Interrupções (Hardware?)", + "Windows: CPU privileged time is too high": "⚠️ Windows: Uso Elevado de Kernel (Privileged Time)", + "Windows: High CPU utilization": "🔥 Windows: Uso de CPU Crítico", + "Windows: System name has changed": "ℹ️ Windows: Nome do Host Mudou", + "Windows: System time is out of sync": "⚠️ Windows: Hora do Sistema Dessincronizada", + "Windows: Operating system description has changed": "ℹ️ Windows: SO Atualizado/Alterado", + "Windows: Host has been restarted": "⚠️ Windows: Servidor Reiniciou", + "Windows: High memory utilization": "🧠 Windows: Memória Esgotada", + "Windows: Zabbix agent is not available": "🚨 Windows: Agente Zabbix Indisponível", + "Windows: Interface {#IFNAME}({#IFALIAS}): Link down": "🚨 Interface {#IFNAME}: Link Down", + "Windows: Interface {#IFNAME}({#IFALIAS}): Ethernet has changed to lower speed than it was before": "⚠️ Interface {#IFNAME}: Velocidade Reduzida (Negociação?)", + "Windows: Interface {#IFNAME}({#IFALIAS}): High bandwidth usage": "🔥 Interface {#IFNAME}: Saturação de Banda", + "Windows: Interface {#IFNAME}({#IFALIAS}): High error rate": "🔥 Interface {#IFNAME}: Alta Taxa de Erros", + + # Common Description Terms + "The system is running out of free memory.": "O sistema está ficando sem memória livre. Verifique processos consumidores.", + "CPU utilization is too high. The system might be slow to respond.": "O uso de CPU está sitematicamente alto. O servidor pode ficar lento.", + "The host's system time is different from Zabbix server time.": "A hora do servidor difere da hora do Zabbix Server. Verifique o NTP.", + "The device uptime is less than 10 minutes.": "O servidor foi reiniciado recentemente (Uptime < 10m).", + "For passive agents only, host availability is used with `{$AGENT.TIMEOUT}` as a time threshold.": "O Agente Zabbix parou de responder. Verifique se o serviço está rodando ou se há bloqueio de firewall.", + + # Generic replacements + "Windows by Zabbix agent": "Windows Gold Edition" +} + +NEW_ITEMS = [ + { + 'uuid': '', + 'name': 'RDP: Sessões Ativas (Total)', + 'key': 'perf_counter_en["\\Terminal Services\\Total Sessions"]', + 'delay': '1m', + 'value_type': 'FLOAT', + 'units': '', + 'description': 'Número total de sessões de Terminal Services (RDP) ativas.', + 'tags': [{'tag': 'component', 'value': 'security'}, {'tag': 'component', 'value': 'remote_access'}], + 'triggers': [{ + 'uuid': '', + 'expression': 'min(/Windows Gold Edition/perf_counter_en["\\Terminal Services\\Total Sessions"],15m)>2', + 'name': '⚠️ Windows: Muitas Sessões RDP Ativas', + 'event_name': '⚠️ Windows: Muitas Sessões RDP Ativas ({ITEM.LASTVALUE} > 2)', + 'priority': 'WARNING', + 'description': 'Existem muitas sessões de terminal abertas. Isso pode consumir recursos ou indicar sessões "penduradas".' + }] + }, + { + 'uuid': '', + 'name': 'Disco: Tamanho da Fila (Queue Length)', + 'key': 'perf_counter_en["\\PhysicalDisk(_Total)\\Current Disk Queue Length"]', + 'delay': '1m', + 'value_type': 'FLOAT', + 'description': 'Número de solicitações de I/O aguardando serviço. Valores altos constantes indicam gargalo de disco.', + 'tags': [{'tag': 'component', 'value': 'storage'}, {'tag': 'component', 'value': 'performance'}], + 'triggers': [{ + 'uuid': '', + 'expression': 'min(/Windows Gold Edition/perf_counter_en["\\PhysicalDisk(_Total)\\Current Disk Queue Length"],10m)>2', + 'name': '🐢 Windows: Disco Lento (Queue Length Alta)', + 'event_name': '🐢 Windows: Disco Lento (Queue Total > 2 por 10m)', + 'priority': 'AVERAGE', + 'description': 'A fila de disco está constantemente alta. O armazenamento não está dando conta das requisições.' + }] + }, + { + 'uuid': '', + 'name': 'Segurança: Falhas de Login (Audit Failure)', + 'key': 'eventlog[Security,,,,4625]', + 'delay': '1m', + 'value_type': 'LOG', + 'description': 'Monitora o Event ID 4625 (Logon falhou) no log de Segurança.', + 'tags': [{'tag': 'component', 'value': 'security'}], + 'triggers': [{ + 'uuid': '', + 'expression': 'count(/Windows Gold Edition/eventlog[Security,,,,4625],2m)>5', + 'name': '👮 Windows: Possível Brute Force (Falhas de Login)', + 'event_name': '👮 Windows: 5+ Falhas de Login em 2m', + 'priority': 'HIGH', + 'description': 'Foram detectadas múltiplas falhas de login (Event ID 4625) em curto período.' + }] + } +] + +def load_yaml(path): + with open(path, 'r', encoding='utf-8') as f: + return yaml.safe_load(f) + +def clean_tags_and_fix_uuids(data): + generated_uuids = set() + + def process_node(node): + if isinstance(node, dict): + # Clean tags + for tag in ['wizard_ready', 'readme', 'vendor', 'config']: + if tag in node: + del node[tag] + + # Fix UUIDs + if 'uuid' in node: + # Generate new UUID always to ensure clean slate, unless strictly needed to keep? + # Let's regenerate to be safe and Gold. + new_uuid = uuid.uuid4().hex + while new_uuid in generated_uuids: + new_uuid = uuid.uuid4().hex + node['uuid'] = new_uuid + generated_uuids.add(new_uuid) + + # Translate Strings + for key in ['name', 'description', 'event_name', 'comment']: + if key in node and isinstance(node[key], str): + # Sort by length descending to avoid substring collisions + for eng, pt in sorted(TRANSLATIONS.items(), key=lambda x: len(x[0]), reverse=True): + node[key] = node[key].replace(eng, pt) + + # Recursive + for k, v in list(node.items()): + process_node(v) + elif isinstance(node, list): + for item in node: + process_node(item) + + process_node(data) + +def main(): + print(f"Loading {SOURCE_FILE}...") + try: + source = load_yaml(SOURCE_FILE) + except FileNotFoundError: + print("File not found! Make sure you are in the correct directory.") + return + + # 1. Update Header + if 'zabbix_export' in source: + source['zabbix_export']['version'] = '7.0' + if 'templates' in source['zabbix_export']: + template = source['zabbix_export']['templates'][0] + template['name'] = "Windows Server Gold pt-BR" + template['description'] = "Template Windows Server Gold Edition (Pt-BR).\n\nMonitoramento Otimizado por Arthur 'O Farol'.\nInclui: RDP, Fila de Disco, Auditoria de Login e traduções completas." + + # 2. Inject New Items + if 'items' not in template: + template['items'] = [] + + print(f"Injecting {len(NEW_ITEMS)} new items...") + for item in NEW_ITEMS: + template['items'].append(item) + + # 3. Clean and Fix + print("Translating and checking UUIDs...") + clean_tags_and_fix_uuids(source) + + # 4. Save + print(f"Saving to {TARGET_FILE}...") + with open(TARGET_FILE, 'w', encoding='utf-8') as f: + yaml.dump(source, f, sort_keys=False, indent=2, width=float("inf"), allow_unicode=True) + + print("Build Complete!") + +if __name__ == "__main__": + main() diff --git a/fix_broken_yaml.py b/fix_broken_yaml.py new file mode 100644 index 0000000..44ac223 --- /dev/null +++ b/fix_broken_yaml.py @@ -0,0 +1,55 @@ + +import sys + +TARGET_FILE = r"C:\Users\joao.goncalves\Desktop\zabbix-itguys\templates_gold\windows_active_agent\template_windows_gold_ptbr.yaml" + +# Tuple of (Broken String, Fixed String) +# Using raw strings for safety +REPAIRS = [ + ( + r"""description: "⚠️ A velocidade da interface caiu (Ex: 1Gb -> 100Mb).\n\n📉 Impacto: Lentidão na transferência de dados.\n🛠️ Ação: 1. Verifique a categoria do cabo (Cat5e/Cat6). 2. Verifique configurações de Duplex/Speed no switch e servidor.\"""", + r"""description: "⚠️ A velocidade da interface caiu (Ex: 1Gb -> 100Mb).\n\n📉 Impacto: Lentidão na transferência de dados.\n🛠️ Ação: 1. Verifique a categoria do cabo (Cat5e/Cat6). 2. Verifique configurações de Duplex/Speed no switch e servidor."""" + ), + ( + r"""description: "⚠️ Uso de banda elevado.\n\n📉 Impacto: A interface atingiu o limite de tráfego. O acesso ao servidor ficará lento e pacotes podem ser descartados.\n🛠️ Ação: 1. Identifique qual processo/usuário está consumindo banda. 2. Avalie necessidade de upgrade de link.\"""", + r"""description: "⚠️ Uso de banda elevado.\n\n📉 Impacto: A interface atingiu o limite de tráfego. O acesso ao servidor ficará lento e pacotes podem ser descartados.\n🛠️ Ação: 1. Identifique qual processo/usuário está consumindo banda. 2. Avalie necessidade de upgrade de link."""" + ), + ( + r"""description: "⚠️ Erros de transmissão detectados.\n\n📉 Impacto: Perda de pacotes, retransmissões e lentidão.\n🛠️ Ação: 1. Substitua o cabo de rede. 2. Teste outra porta no switch.\"""", + r"""description: "⚠️ Erros de transmissão detectados.\n\n📉 Impacto: Perda de pacotes, retransmissões e lentidão.\n🛠️ Ação: 1. Substitua o cabo de rede. 2. Teste outra porta no switch."""" + ) +] + +def fix_file(): + print(f"Reading {TARGET_FILE}...") + try: + with open(TARGET_FILE, 'r', encoding='utf-8') as f: + content = f.read() + except Exception as e: + print(f"Error reading: {e}") + return + + fixed_count = 0 + for broken, fixed in REPAIRS: + # Check if broken version exists + # Normalize line endings just in case? Content mostly has \n + if broken in content: + print("Found broken block. Fixing...") + content = content.replace(broken, fixed) + fixed_count += 1 + else: + print("Broken block not found (maybe already fixed or whitespace mismatch).") + # print(f"Looking for:\n{broken!r}") + + if fixed_count > 0: + try: + with open(TARGET_FILE, 'w', encoding='utf-8') as f: + f.write(content) + print(f"Saved fixed file. Fixed {fixed_count} blocks.") + except Exception as e: + print(f"Error writing: {e}") + else: + print("No repairs needed.") + +if __name__ == "__main__": + fix_file() diff --git a/repair_yaml_indentation.py b/repair_yaml_indentation.py new file mode 100644 index 0000000..badd280 --- /dev/null +++ b/repair_yaml_indentation.py @@ -0,0 +1,70 @@ + +import sys + +TARGET_FILE = r"C:\Users\joao.goncalves\Desktop\zabbix-itguys\templates_gold\windows_active_agent\template_windows_gold_ptbr.yaml" + +def repair_indentation(): + print(f"Reading {TARGET_FILE}...") + try: + with open(TARGET_FILE, 'r', encoding='utf-8') as f: + lines = f.readlines() + except Exception as e: + print(f"Error reading: {e}") + return + + fixed_lines = [] + i = 0 + while i < len(lines): + line = lines[i].rstrip('\n') # Keep indentation? No, rstrip end + + # Check if this line is a "description" line that needs merging + if "description: ⚠️" in line: + # This is likely the start of a broken block. + # We need to look ahead for the broken parts. + description_content = line.split("description: ", 1)[1] # Get content after "description: " + + # If it doesn't start with quote, let's start expecting breakage + if not description_content.startswith('"'): + current_desc = description_content + i += 1 + # Consume next lines if they start with specific markers + while i < len(lines): + next_line = lines[i].strip() # Remove indentation of next line (it's 0 usually if broken) + if not next_line: # Skip empty lines + i += 1 + continue + + if next_line.startswith("📉 Impacto") or next_line.startswith("🛠️ Ação"): + current_desc += "\\n\\n" + next_line + i += 1 + else: + # Not a broken part, stop consuming + break + + # Now verify if we need to quote it + # It's safest to ensure it's quoted + if not current_desc.startswith('"'): + current_desc = '"' + current_desc + if not current_desc.endswith('"'): + current_desc = current_desc + '"' + + # Reconstruct the line preserving original indentation + indentation = line.split("description:")[0] + fixed_lines.append(f"{indentation}description: {current_desc}\n") + continue # i is already advanced + else: + # Already quoted? might be fine, or might be the "simple fix" case + pass + + fixed_lines.append(lines[i]) + i += 1 + + try: + with open(TARGET_FILE, 'w', encoding='utf-8') as f: + f.writelines(fixed_lines) + print(f"Saved repaired file.") + except Exception as e: + print(f"Error writing: {e}") + +if __name__ == "__main__": + repair_indentation() diff --git a/simple_fix_yaml.py b/simple_fix_yaml.py new file mode 100644 index 0000000..4ee12d8 --- /dev/null +++ b/simple_fix_yaml.py @@ -0,0 +1,48 @@ + +import sys + +TARGET_FILE = r"C:\Users\joao.goncalves\Desktop\zabbix-itguys\templates_gold\windows_active_agent\template_windows_gold_ptbr.yaml" + +def simple_fix(): + print(f"Reading {TARGET_FILE}...") + try: + with open(TARGET_FILE, 'r', encoding='utf-8') as f: + lines = f.readlines() + except Exception as e: + print(f"Error reading: {e}") + return + + fixed_count = 0 + new_lines = [] + for line in lines: + stripped = line.strip() + # Check if it's a description line and ends with escaped quote + if stripped.startswith('description: "') and stripped.endswith('\\"'): + print(f"Fixing line: {stripped[-20:]}") + # Remove the backslash before the last quote + # The line ends with \"\n (or just \" if last line) + # We want to replace \"\n with "\n + + # rstrip newline first + content = line.rstrip('\n') + if content.endswith('\\"'): + content = content[:-2] + '"' + fixed_count += 1 + new_lines.append(content + '\n') + else: + new_lines.append(line) + else: + new_lines.append(line) + + if fixed_count > 0: + try: + with open(TARGET_FILE, 'w', encoding='utf-8') as f: + f.writelines(new_lines) + print(f"Saved fixed file. Fixed {fixed_count} lines.") + except Exception as e: + print(f"Error writing: {e}") + else: + print("No lines needed fixing.") + +if __name__ == "__main__": + simple_fix() diff --git a/sync_zabbix_uuids.py b/sync_zabbix_uuids.py new file mode 100644 index 0000000..73d7896 --- /dev/null +++ b/sync_zabbix_uuids.py @@ -0,0 +1,171 @@ +import yaml +import argparse +import sys +import re + +def load_yaml(path): + with open(path, 'r', encoding='utf-8') as f: + return yaml.safe_load(f) + +def save_yaml(data, path): + with open(path, 'w', encoding='utf-8') as f: + yaml.dump(data, f, sort_keys=False, indent=2, width=float("inf"), allow_unicode=True) + +def normalize_expression(expression): + """ + Removes the /Template Name/ part from item paths in the expression. + Example: min(/Windows by Zabbix agent/system.cpu.util,5m) -> min(//system.cpu.util,5m) + """ + # Regex to match /Template Name/Key + # It usually looks like: /Host or Template/Key + # We want to replace the first part with empty string if it starts with / + if not expression: + return "" + + # We use a simple heuristic: replace /[^/]+/ with // + # But we must be careful not to break the key. + # Zabbix expression format: function(/Host/Key, params) + # We want function(//Key, params) + + # Pattern: Look for / followed by anything not / followed by / + return re.sub(r'\/[^\/]+\/', '//', expression) + +def build_map(template_data): + """ + Builds a map of entities from the template data. + """ + mapping = { + 'items': {}, + 'item_details': {}, # Store full item dict for property syncing + 'discovery_rules': {}, + 'triggers': {}, + 'item_prototypes': {}, # Keyed by DiscoveryRuleKey:ItemKey + 'trigger_prototypes': {}, # Keyed by DiscoveryRuleKey:Expression + 'template_uuid': None + } + + if 'zabbix_export' not in template_data or 'templates' not in template_data['zabbix_export']: + return mapping + + tmpl = template_data['zabbix_export']['templates'][0] + mapping['template_uuid'] = tmpl.get('uuid') + + # Items + for item in tmpl.get('items', []): + mapping['items'][item['key']] = item.get('uuid') + mapping['item_details'][item['key']] = item + + # Triggers + for trigger in tmpl.get('triggers', []): + norm_expr = normalize_expression(trigger['expression']) + mapping['triggers'][norm_expr] = trigger.get('uuid') + + # Discovery Rules + for rule in tmpl.get('discovery_rules', []): + mapping['discovery_rules'][rule['key']] = rule.get('uuid') + + # Item Prototypes + for proto in rule.get('item_prototypes', []): + # Composite key: RuleKey:ProtoKey + comp_key = f"{rule['key']}:{proto['key']}" + mapping['item_prototypes'][comp_key] = proto.get('uuid') + + # Trigger Prototypes + for trig_proto in proto.get('trigger_prototypes', []): + # Note: Trigger prototypes are nested under item prototypes in old formats, + # but in 6.0+ they might be separate or nested. + # In the provided YAMLs, they are under item_prototypes for dependent items? + # Wait, looking at file content... + # In file 7 (Active standard), trigger_prototypes are under discovery_rules + # AND items can have trigger_prototypes (rare). + # Let's check the structure of file 7 again. + pass + + # Trigger Prototypes (Directly under Discovery Rule) + for trig_proto in rule.get('trigger_prototypes', []): + norm_expr = normalize_expression(trig_proto['expression']) + comp_key = f"{rule['key']}:{norm_expr}" + mapping['trigger_prototypes'][comp_key] = trig_proto.get('uuid') + + return mapping + +def sync_uuids(source_path, target_path, output_path): + print(f"Loading Source: {source_path}") + source_data = load_yaml(source_path) + print(f"Loading Target: {target_path}") + target_data = load_yaml(target_path) + + source_map = build_map(source_data) + + if not source_map['template_uuid']: + print("Error: No template found in source.") + return + + # Sync Process + target_tmpl = target_data['zabbix_export']['templates'][0] + + print(f"Syncing Template UUID: {source_map['template_uuid']}") + target_tmpl['uuid'] = source_map['template_uuid'] + + stats = {'items': 0, 'triggers': 0, 'discovery': 0, 'item_proto': 0, 'trigger_proto': 0} + + # Sync Items + for item in target_tmpl.get('items', []): + if item['key'] in source_map['items']: + item['uuid'] = source_map['items'][item['key']] + stats['items'] += 1 + + # Additional Fix: Copy critical fields if missing in Target (Gold) + # but present in Source (Base). This fixes invalid/incomplete Gold items. + source_item = source_map['item_details'].get(item['key']) + if source_item: + for field in ['type', 'delay', 'value_type', 'units', 'trends']: + if field not in item and field in source_item: + item[field] = source_item[field] + # Log if we are patching to debug + # print(f"Patched {field} for {item['key']}") + + # Sync Triggers + for trigger in target_tmpl.get('triggers', []): + norm_expr = normalize_expression(trigger['expression']) + # Try exact match first (in case descriptions differ but expression is same) + # Note: In source map we keyed by expression. + if norm_expr in source_map['triggers']: + trigger['uuid'] = source_map['triggers'][norm_expr] + stats['triggers'] += 1 + + # Sync Discovery Rules + for rule in target_tmpl.get('discovery_rules', []): + if rule['key'] in source_map['discovery_rules']: + rule['uuid'] = source_map['discovery_rules'][rule['key']] + stats['discovery'] += 1 + + # Sync Item Prototypes + for proto in rule.get('item_prototypes', []): + comp_key = f"{rule['key']}:{proto['key']}" + if comp_key in source_map['item_prototypes']: + proto['uuid'] = source_map['item_prototypes'][comp_key] + stats['item_proto'] += 1 + + # Sync Trigger Prototypes + for trig_proto in rule.get('trigger_prototypes', []): + norm_expr = normalize_expression(trig_proto['expression']) + comp_key = f"{rule['key']}:{norm_expr}" + if comp_key in source_map['trigger_prototypes']: + trig_proto['uuid'] = source_map['trigger_prototypes'][comp_key] + stats['trigger_proto'] += 1 + + print("Sync Complete.") + print(f"Stats: {stats}") + + print(f"Saving to {output_path}") + save_yaml(target_data, output_path) + +if __name__ == "__main__": + parser = argparse.ArgumentParser(description='Sync Zabbix Template UUIDs') + parser.add_argument('--source', required=True, help='Path to Base Template (Source of UUIDs)') + parser.add_argument('--target', required=True, help='Path to Gold Template (Target to update)') + parser.add_argument('--output', required=True, help='Path to Output File') + + args = parser.parse_args() + sync_uuids(args.source, args.target, args.output) diff --git a/templates_gold/pfsense_hybrid_snmp_agent/files/userparameter_openvpn.conf b/templates_gold/pfsense_hybrid_snmp_agent/userparameter.conf similarity index 100% rename from templates_gold/pfsense_hybrid_snmp_agent/files/userparameter_openvpn.conf rename to templates_gold/pfsense_hybrid_snmp_agent/userparameter.conf diff --git a/templates_gold/windows_active_agent/template_windows_gold_ptbr.yaml b/templates_gold/windows_active_agent/template_windows_gold_ptbr.yaml new file mode 100644 index 0000000..d23dcff --- /dev/null +++ b/templates_gold/windows_active_agent/template_windows_gold_ptbr.yaml @@ -0,0 +1,1907 @@ +zabbix_export: + version: '7.0' + template_groups: + - uuid: 37ea805025154df09fceb1e422361526 + name: 'Templates/Sistema: Versão do SOs' + templates: + - uuid: 5fdd2ca8b8f84962aaea5a218b46ea7d + template: Windows by Zabbix agent + name: Windows by Zabbix agent active + description: 'Template Windows Server Gold Edition (Pt-BR). + + + Monitoramento Otimizado por Arthur ''O Farol''. + + Inclui: RDP, Fila de Disco, Auditoria de Login e traduções completas.' + groups: + - name: 'Templates/Sistema: Versão do SOs' + items: + - uuid: 042ce35b908748c8bdd322f818c52c85 + name: Nome do Host (Agent) + key: agent.hostname + delay: 1h + value_type: CHAR + trends: '0' + preprocessing: + - type: DISCARD_UNCHANGED_HEARTBEAT + parameters: + - 1d + tags: + - tag: component + value: system + type: ZABBIX_ACTIVE + - uuid: bd8864ac5450401b9ad479c1ee455805 + name: Status do Agente Zabbix (Ping) + key: agent.ping + description: O agente sempre retorna "1" para este item. Pode ser usado com `nodata()` para verificação de disponibilidade. + valuemap: + name: Status do Agente Zabbix (Ping) status + tags: + - tag: component + value: system + type: ZABBIX_ACTIVE + - uuid: 41cec8b443a94efc9ebca6f66c46ad8a + name: Versão do Agente Zabbix + key: agent.version + delay: 1h + value_type: CHAR + trends: '0' + preprocessing: + - type: DISCARD_UNCHANGED_HEARTBEAT + parameters: + - 1d + tags: + - tag: component + value: application + type: ZABBIX_ACTIVE + - uuid: 20dceb831b1a4d63af7635656239c495 + name: 'Memória: Cache Bytes' + key: perf_counter_en["\Memory\Cache Bytes"] + units: B + description: Cache Bytes is the sum of the Memory\\System Cache Resident Bytes, Memory\\System Driver Resident Bytes, Memory\\System Code Resident Bytes, and Memory\\Pool Paged Resident Bytes counters. This counter displays the last observed value only; it is not an average. + tags: + - tag: component + value: memory + type: ZABBIX_ACTIVE + - uuid: 71bb18af403248c7818d16444a2eec06 + name: 'Memória: Entradas de Tabela de Página Livres' + key: perf_counter_en["\Memory\Free System Page Table Entries"] + description: Indica o número de entradas da tabela de páginas não utilizadas. Se menor que 5.000, pode haver vazamento de memória. + tags: + - tag: component + value: memory + triggers: + - uuid: 1c04264fd3b043329362c4281bfe3d95 + expression: max(/Windows by Zabbix agent/perf_counter_en["\Memory\Free System Page Table Entries"],5m)<{$MEM.PAGE_TABLE_CRIT.MIN} + name: '⚠️ Windows: Esgotamento de Tabela de Páginas' + event_name: '⚠️ Windows: Esgotamento de Tabela de Páginas (less {$MEM.PAGE_TABLE_CRIT.MIN} por 5m)' + priority: WARNING + description: '`Memory\Free System Page Table Entries` has been less than `{$MEM.PAGE_TABLE_CRIT.MIN}` for 5 minutes. If the number is less than 5,000, there may be a memory leak.' + dependencies: + - name: '🧠 Windows: Memória Esgotada' + expression: min(/Windows by Zabbix agent/vm.memory.util,5m)>{$MEMORY.UTIL.MAX} + tags: + - tag: scope + value: capacity + type: ZABBIX_ACTIVE + - uuid: 19ec57305ba34ed890e2e4c8a500a214 + name: 'Memória: Page Faults/seg' + key: perf_counter_en["\Memory\Page Faults/sec"] + value_type: FLOAT + description: Page Faults/seg é a média de falhas de página por segundo. Inclui falhas hard (disco) e soft (memória). Falhas hard causam atrasos significativos. + tags: + - tag: component + value: memory + type: ZABBIX_ACTIVE + - uuid: 920faa3a434d46d48f99395e16ef04ec + name: 'Memória: Pages/seg (Swap I/O)' + key: perf_counter_en["\Memory\Pages/sec"] + value_type: FLOAT + description: 'Mede a taxa de leitura/escrita de páginas no disco para resolver hard faults. + + Se > 1.000, indica paginação excessiva e possível vazamento de memória. + + ' + tags: + - tag: component + value: memory + triggers: + - uuid: 37912bf2eb8d40e99ab861508707e632 + expression: min(/Windows by Zabbix agent/perf_counter_en["\Memory\Pages/sec"],5m)>{$MEM.PAGE_SEC.CRIT.MAX} + name: '⚠️ Windows: Excesso de Paginação (Swap)' + event_name: '⚠️ Windows: Excesso de Paginação (Swap) (over {$MEM.PAGE_SEC.CRIT.MAX} por 5m)' + priority: WARNING + description: The Memory Pages/sec in the last 5 minutes exceeds `{$MEM.PAGE_SEC.CRIT.MAX}`. Se > 1.000, indica paginação excessiva e possível vazamento de memória. + dependencies: + - name: '🧠 Windows: Memória Esgotada' + expression: min(/Windows by Zabbix agent/vm.memory.util,5m)>{$MEMORY.UTIL.MAX} + tags: + - tag: scope + value: capacity + type: ZABBIX_ACTIVE + - uuid: 3af0a0717da747849c2b5a2ebfa61a2c + name: 'Memória: Non-paged Pool' + key: perf_counter_en["\Memory\Pool Nonpaged Bytes"] + units: B + description: 'Mede o tamanho (bytes) do pool não paginado (memória física obrigatória). + + Possível vazamento se > 175MB (Event ID 2019). + + ' + tags: + - tag: component + value: memory + type: ZABBIX_ACTIVE + - uuid: 4f7b86eff6c84193a2f9187fff578416 + name: 'Swap: % de Uso' + key: perf_counter_en["\Paging file(_Total)\% Usage"] + value_type: FLOAT + units: '%' + description: Espaço usado do arquivo de swap em porcentagem. + tags: + - tag: component + value: memory + - tag: component + value: storage + type: ZABBIX_ACTIVE + - uuid: 553249b52ca7492c87386d051ec53db9 + name: 'CPU: Tempo DPC' + key: perf_counter_en["\Processor Information(_total)\% DPC Time"] + value_type: FLOAT + units: '%' + description: Tempo de DPC é o tempo gasto em chamadas de procedimento diferido (DPCs). Alto uso constante indica gargalo de CPU, driver ou hardware. + tags: + - tag: component + value: cpu + type: ZABBIX_ACTIVE + - uuid: 32a32b9fea5d49989668a96bc52db87b + name: 'CPU: Tempo de Interrupção' + key: perf_counter_en["\Processor Information(_total)\% Interrupt Time"] + value_type: FLOAT + units: '%' + description: Tempo de Interrupção indica tempo da CPU tratando interrupções de hardware (mouse, disco, rede). Acima de 20% sugere problemas de hardware. + tags: + - tag: component + value: cpu + triggers: + - uuid: 08c6ec9e46c8492ea491f711b9333e26 + expression: min(/Windows by Zabbix agent/perf_counter_en["\Processor Information(_total)\% Interrupt Time"],5m)>{$CPU.INTERRUPT.CRIT.MAX} + name: '⚠️ Windows: CPU com muitas Interrupções (Hardware?)' + event_name: '⚠️ Windows: CPU com muitas Interrupções (Hardware?) (over {$CPU.INTERRUPT.CRIT.MAX}% por 5m)' + priority: WARNING + description: O Tempo de Interrupção da CPU nos últimos 5 minutos excede `{$CPU.INTERRUPT.CRIT.MAX}`%. + dependencies: + - name: '🔥 Windows: Uso de CPU Crítico' + expression: min(/Windows by Zabbix agent/system.cpu.util,5m)>{$CPU.UTIL.CRIT} + tags: + - tag: scope + value: performance + type: ZABBIX_ACTIVE + - uuid: 0747e92e52cc4a6a9b83c6f94889bff1 + name: 'CPU: Tempo Privilegiado (Kernel)' + key: perf_counter_en["\Processor Information(_total)\% Privileged Time"] + value_type: FLOAT + units: '%' + description: Tempo Privilegiado mostra % de tempo da CPU em modo Kernel (Drivers, DPCs, ISRs). + tags: + - tag: component + value: cpu + triggers: + - uuid: 816b61b823a84c54906c692e7a0917ce + expression: min(/Windows by Zabbix agent/perf_counter_en["\Processor Information(_total)\% Privileged Time"],5m)>{$CPU.PRIV.CRIT.MAX} + name: '⚠️ Windows: Uso Elevado de Kernel (Privileged Time)' + event_name: '⚠️ Windows: Uso Elevado de Kernel (Privileged Time) (over {$CPU.PRIV.CRIT.MAX}% por 5m)' + priority: WARNING + description: 'O Tempo Privilegiado (Kernel) da CPU excede {$CPU.PRIV.CRIT.MAX}% nos últimos 5m.' + dependencies: + - name: '⚠️ Windows: CPU com muitas Interrupções (Hardware?)' + expression: min(/Windows by Zabbix agent/perf_counter_en["\Processor Information(_total)\% Interrupt Time"],5m)>{$CPU.INTERRUPT.CRIT.MAX} + - name: '🔥 Windows: Uso de CPU Crítico' + expression: min(/Windows by Zabbix agent/system.cpu.util,5m)>{$CPU.UTIL.CRIT} + tags: + - tag: scope + value: performance + type: ZABBIX_ACTIVE + - uuid: 954a81efad4c4791bee052194b900268 + name: 'CPU: Tempo de Usuário' + key: perf_counter_en["\Processor Information(_total)\% User Time"] + value_type: FLOAT + units: '%' + description: Tempo de Usuário mostra % de tempo da CPU em modo Usuário (Aplicações). + tags: + - tag: component + value: cpu + type: ZABBIX_ACTIVE + - uuid: f23957a6fb9a44a3a7010b19b16e77b5 + name: 'CPU: Context Switches/seg' + key: perf_counter_en["\System\Context Switches/sec"] + value_type: FLOAT + description: 'Context Switches/sec é a taxa de troca de threads nos processadores. + + Ocorre quando threads cedem lugar a outras ou alternam modos. + + It is the sum of Thread\\Context Switches/sec for all threads running on all processors in the computer and is measured in numbers of switches. + + Mostra a diferença entre amostras dividida pelo intervalo. + + ' + tags: + - tag: component + value: cpu + type: ZABBIX_ACTIVE + - uuid: c1da358e5c8f40279c703d93896aa571 + name: 'CPU: Tamanho da Fila (Queue Length)' + key: perf_counter_en["\System\Processor Queue Length"] + value_type: FLOAT + description: Processor Queue Length mostra threads aguardando execução na fila da CPU. + tags: + - tag: component + value: cpu + type: ZABBIX_ACTIVE + - uuid: c738b97ec0dc49f380ed0e4a27ae9bb6 + name: 'Sistema: Número de Threads' + key: perf_counter_en["\System\Threads"] + description: Número total de threads usadas por todos os processos. + tags: + - tag: component + value: os + type: ZABBIX_ACTIVE + - uuid: 5229689338ae4a559d3c94a98032131e + name: 'Sistema: Número de Processos' + key: proc.num[] + description: Número total de processos em execução. + tags: + - tag: component + value: os + type: ZABBIX_ACTIVE + - uuid: 0f3ffe45092d461a91a1296cd6cfb19f + name: 'CPU: Utilização Total' + key: system.cpu.util + value_type: FLOAT + units: '%' + description: 'Utilização Total da CPU expressa em %.' + tags: + - tag: component + value: cpu + triggers: + - uuid: af3a587848474ce083197f5c8eb41ef7 + expression: min(/Windows by Zabbix agent/system.cpu.util,5m)>{$CPU.UTIL.CRIT} + name: '🔥 Windows: Uso de CPU Crítico' + event_name: '🔥 Windows: Uso de CPU Crítico (over {$CPU.UTIL.CRIT}% por 5m)' + opdata: 'Current utilization: {ITEM.LASTVALUE1}' + priority: WARNING + description: O uso de CPU está sitematicamente alto. O servidor pode ficar lento. + tags: + - tag: scope + value: performance + type: ZABBIX_ACTIVE + - uuid: 5d99b356e30444a0b99e597506f35a69 + name: 'Sistema: Nome do Computador' + key: system.hostname + delay: 1h + value_type: CHAR + trends: '0' + description: Nome do host do sistema. + inventory_link: NAME + preprocessing: + - type: DISCARD_UNCHANGED_HEARTBEAT + parameters: + - 1d + tags: + - tag: component + value: system + triggers: + - uuid: 2c099c9ec90f47858bc117f0f7d957c0 + expression: change(/Windows by Zabbix agent/system.hostname) and length(last(/Windows by Zabbix agent/system.hostname))>0 + name: 'ℹ️ Windows: Nome do Host Mudou' + event_name: 'ℹ️ Windows: Nome do Host Mudou (new name: {ITEM.VALUE})' + priority: INFO + description: O nome do sistema mudou. Reconheça para fechar o problema manualmente. + manual_close: 'YES' + tags: + - tag: scope + value: notice + type: ZABBIX_ACTIVE + - uuid: 89f928affba54c4a8dc7abead09cac68 + name: 'Sistema: Hora Local' + key: system.localtime + units: unixtime + description: Hora local do sistema. + tags: + - tag: component + value: system + triggers: + - uuid: e521b85085eb442e831f89785fc4ed52 + expression: fuzzytime(/Windows by Zabbix agent/system.localtime,{$SYSTEM.FUZZYTIME.MAX})=0 + recovery_mode: RECOVERY_EXPRESSION + recovery_expression: fuzzytime(/Windows by Zabbix agent/system.localtime,{$SYSTEM.FUZZYTIME.MIN})=1 + name: '⚠️ Windows: Hora do Sistema Dessincronizada' + event_name: '⚠️ Windows: Hora do Sistema Dessincronizada (diff with Zabbix server > {$SYSTEM.FUZZYTIME.MAX})' + priority: WARNING + description: A hora do servidor difere da hora do Zabbix Server. Verifique o NTP. + manual_close: 'YES' + tags: + - tag: scope + value: notice + type: ZABBIX_ACTIVE + - uuid: 16a7ae509f0c4f9d8631efae88fe6324 + name: 'Sistema: Arquitetura do SO' + key: system.sw.arch + delay: 1h + value_type: CHAR + trends: '0' + description: Arquitetura do sistema operacional. + preprocessing: + - type: DISCARD_UNCHANGED_HEARTBEAT + parameters: + - 1d + tags: + - tag: component + value: os + type: ZABBIX_ACTIVE + - uuid: 5159e7263d7a42e499380b70e9d6490a + name: 'Sistema: Versão do SO' + key: system.sw.os + delay: 1h + value_type: CHAR + trends: '0' + inventory_link: OS + preprocessing: + - type: DISCARD_UNCHANGED_HEARTBEAT + parameters: + - 1d + tags: + - tag: component + value: os + triggers: + - uuid: 430bed700d494336ad08278059dc620e + expression: change(/Windows by Zabbix agent/system.sw.os) and length(last(/Windows by Zabbix agent/system.sw.os))>0 + name: 'ℹ️ Windows: SO Atualizado/Alterado' + priority: INFO + description: A descrição do SO mudou. O sistema pode ter sido atualizado. Reconheça para fechar. + manual_close: 'YES' + dependencies: + - name: 'ℹ️ Windows: Nome do Host Mudou' + expression: change(/Windows by Zabbix agent/system.hostname) and length(last(/Windows by Zabbix agent/system.hostname))>0 + tags: + - tag: scope + value: notice + type: ZABBIX_ACTIVE + - uuid: 9d6f14cc540846ab98052bf741a4247b + name: 'Swap: Espaço Livre' + type: CALCULATED + key: system.swap.free + units: B + params: last(//system.swap.size[,total]) - last(//system.swap.size[,total]) / 100 * last(//perf_counter_en["\Paging file(_Total)\% Usage"]) + description: Espaço livre do arquivo de swap em bytes. + tags: + - tag: component + value: memory + - tag: component + value: storage + - uuid: e91b5f08c6b745bca975797ea4abd02a + name: 'Swap: Espaço Livre in %' + type: DEPENDENT + key: system.swap.pfree + delay: '0' + value_type: FLOAT + units: '%' + description: Espaço livre do arquivo de swap em %. + preprocessing: + - type: JAVASCRIPT + parameters: + - return (100 - value) + master_item: + key: perf_counter_en["\Paging file(_Total)\% Usage"] + tags: + - tag: component + value: memory + - tag: component + value: storage + - uuid: b5af29f7b8ee451895b49c0444e929f4 + name: 'Swap: Espaço Total' + key: system.swap.size[,total] + units: B + description: Tamanho total do arquivo de swap em bytes. + tags: + - tag: component + value: memory + - tag: component + value: storage + type: ZABBIX_ACTIVE + - uuid: 8fa1259420ad486ab6e2520c9b047073 + name: 'Sistema: Descrição' + key: system.uname + delay: 15m + value_type: CHAR + trends: '0' + description: 'Descrição do sistema operacional do host.' + preprocessing: + - type: DISCARD_UNCHANGED_HEARTBEAT + parameters: + - 1d + tags: + - tag: component + value: system + type: ZABBIX_ACTIVE + - uuid: 695053710ea14cc48692b5cb260d0dfb + name: 'Sistema: Uptime' + key: system.uptime + delay: 30s + trends: '0' + units: uptime + description: 'Tempo de atividade do sistema no formato: "N dias, hh:mm:ss".' + tags: + - tag: component + value: system + triggers: + - uuid: d6062fc4b70b4755ae4c6c3d987c6906 + expression: last(/Windows by Zabbix agent/system.uptime)<10m + name: '⚠️ Windows: Servidor Reiniciou' + event_name: '⚠️ Windows: Servidor Reiniciou (uptime < 10m)' + priority: WARNING + description: 'O servidor foi reiniciado recentemente (Sistema: Uptime < 10m).' + manual_close: 'YES' + tags: + - tag: scope + value: notice + type: ZABBIX_ACTIVE + - uuid: 60a17a94a9ad4e4192547d0a6a1e1d25 + name: Get filesystems + key: vfs.fs.get + history: '0' + value_type: TEXT + trends: '0' + description: A chave `vfs.fs.get` adquire informações brutas sobre sistemas de arquivos para pré-processamento. + tags: + - tag: component + value: raw + type: ZABBIX_ACTIVE + - uuid: 83185781999742268a7742695c5d3ee3 + name: 'Memória: Total' + key: vm.memory.size[total] + units: B + description: 'Memória total expressa em bytes.' + tags: + - tag: component + value: memory + type: ZABBIX_ACTIVE + - uuid: f85ec8917f084c7d9b6bc36e186d74d6 + name: 'Memória: Usada' + key: vm.memory.size[used] + units: B + description: 'Memória usada em bytes.' + tags: + - tag: component + value: memory + type: ZABBIX_ACTIVE + - uuid: 9b62965a4670472b8c672dc1021bb8fd + name: 'Memória: % de Utilização' + type: CALCULATED + key: vm.memory.util + value_type: FLOAT + units: '%' + params: last(//vm.memory.size[used]) / last(//vm.memory.size[total]) * 100 + description: 'Porcentagem de memória utilizada.' + tags: + - tag: component + value: memory + triggers: + - uuid: 4a3e88d42c544538b1550c45fb5573ac + expression: min(/Windows by Zabbix agent/vm.memory.util,5m)>{$MEMORY.UTIL.MAX} + name: '🧠 Windows: Memória Esgotada' + event_name: '🧠 Windows: Memória Esgotada (>{$MEMORY.UTIL.MAX}% por 5m)' + priority: AVERAGE + description: O sistema está ficando sem memória livre. Verifique processos consumidores. + tags: + - tag: scope + value: capacity + - tag: scope + value: performance + - uuid: c35940d1a12e4b96b7114ac8dbbfcec4 + name: 'Windows: Network interfaces WMI get' + key: wmi.getall[root\cimv2,"select Name,Description,NetConnectionID,Speed,AdapterTypeId,NetConnectionStatus,GUID from win32_networkadapter where PhysicalAdapter=True and NetConnectionStatus>0"] + history: '0' + value_type: TEXT + trends: '0' + description: Dados brutos de `win32_networkadapter`. + preprocessing: + - type: DISCARD_UNCHANGED_HEARTBEAT + parameters: + - 1h + tags: + - tag: component + value: raw + type: ZABBIX_ACTIVE + - uuid: 3dcf69f6637f496ca0406e0ed403f03c + name: 'Hardware: Número de Cores' + key: wmi.get[root/cimv2,"Select NumberOfLogicalProcessors from Win32_ComputerSystem"] + description: Número de processadores lógicos disponíveis. + tags: + - tag: component + value: cpu + type: ZABBIX_ACTIVE + - uuid: 64875dc74c3a45da82ddad6648198304 + name: Disponibilidade do Agente Zabbix + type: INTERNAL + key: zabbix[host,agent,disponível] + description: Usado para monitorar a disponibilidade do agente. + valuemap: + name: zabbix.host.disponível + tags: + - tag: component + value: system + triggers: + - uuid: 2a79c64e07144a40b728e4a210fa0976 + expression: max(/Windows by Zabbix agent/zabbix[host,agent,disponível],{$AGENT.TIMEOUT})=0 + name: '🚨 Windows: Agente Zabbix Indisponível' + event_name: '🚨 Windows: Agente Zabbix Indisponível (for {$AGENT.TIMEOUT})' + priority: AVERAGE + description: O Agente Zabbix parou de responder. Verifique se o serviço está rodando ou se há bloqueio de firewall. + manual_close: 'YES' + tags: + - tag: scope + value: availability + - uuid: ab5cc8d3c6734c7c9456c02dfecffd5d + name: 'RDP: Sessões Ativas (Total)' + key: perf_counter_en["\Terminal Services\Total Sessions"] + delay: 1m + value_type: FLOAT + units: '' + description: Número total de sessões de Terminal Services (RDP) ativas. + tags: + - tag: component + value: security + - tag: component + value: remote_access + triggers: + - uuid: 60c93c0b66f8480a905f32f6789f4dcd + expression: min(/Windows by Zabbix agent/perf_counter_en["\Terminal Services\Total Sessions"],15m)>2 + name: '⚠️ Windows: Muitas Sessões RDP Ativas' + event_name: '⚠️ Windows: Muitas Sessões RDP Ativas ({ITEM.LASTVALUE} > 2)' + priority: WARNING + description: Existem muitas sessões de terminal abertas. Isso pode consumir recursos ou indicar sessões "penduradas". + - uuid: 44cf725b9c03464cac04df1103f51092 + name: 'Disco: Tamanho da Fila (Queue Length)' + key: perf_counter_en["\PhysicalDisk(_Total)\Current Disk Queue Length"] + delay: 1m + value_type: FLOAT + description: Número de solicitações de I/O aguardando serviço. Valores altos constantes indicam gargalo de disco. + tags: + - tag: component + value: storage + - tag: component + value: performance + triggers: + - uuid: 1990ac56e67a436585de7af74e1b6684 + expression: min(/Windows by Zabbix agent/perf_counter_en["\PhysicalDisk(_Total)\Current Disk Queue Length"],10m)>2 + name: '🐢 Windows: Disco Lento (Queue Length Alta)' + event_name: '🐢 Windows: Disco Lento (Queue Total > 2 por 10m)' + priority: AVERAGE + description: A fila de disco está constantemente alta. O armazenamento não está dando conta das requisições. + - uuid: 141cc10cfa0b40c0a00e4737a965ef87 + name: 'Segurança: Falhas de Login (Audit Failure)' + key: eventlog[Security,,,,4625] + delay: 1m + value_type: LOG + description: Monitora o Event ID 4625 (Logon falhou) no log de Segurança. + tags: + - tag: component + value: security + triggers: + - uuid: 530b3a4e5b2041e49f1c080586a44613 + expression: count(/Windows by Zabbix agent/eventlog[Security,,,,4625],2m)>5 + name: '👮 Windows: Possível Brute Force (Falhas de Login)' + event_name: '👮 Windows: 5+ Falhas de Login em 2m' + priority: HIGH + description: Foram detectadas múltiplas falhas de login (Event ID 4625) em curto período. + discovery_rules: + - uuid: c05c8d1be5614ffab1688cc92db32f12 + name: Descoberta de interfaces de rede + type: DEPENDENT + key: net.if.discovery + delay: '0' + filter: + evaltype: AND + conditions: + - macro: '{#IFALIAS}' + value: '{$NET.IF.IFALIAS.MATCHES}' + formulaid: A + - macro: '{#IFALIAS}' + value: '{$NET.IF.IFALIAS.NOT_MATCHES}' + operator: NOT_MATCHES_REGEX + formulaid: B + - macro: '{#IFDESCR}' + value: '{$NET.IF.IFDESCR.MATCHES}' + formulaid: C + - macro: '{#IFDESCR}' + value: '{$NET.IF.IFDESCR.NOT_MATCHES}' + operator: NOT_MATCHES_REGEX + formulaid: D + - macro: '{#IFNAME}' + value: '{$NET.IF.IFNAME.MATCHES}' + formulaid: E + - macro: '{#IFNAME}' + value: '{$NET.IF.IFNAME.NOT_MATCHES}' + operator: NOT_MATCHES_REGEX + formulaid: F + description: Descoberta de interfaces de rede instaladas. + item_prototypes: + - uuid: 344f0ce5ba5244cb90cc08db556e6f9c + name: 'Interface {#IFNAME}: Pacotes Descartados (In)' + key: net.if.in["{#IFGUID}",dropped] + delay: 3m + description: Número de pacotes de entrada descartados na interface. + preprocessing: + - type: CHANGE_PER_SECOND + parameters: + - '' + tags: + - tag: component + value: network + - tag: description + value: '{#IFALIAS}' + - tag: interface + value: '{#IFNAME}' + - uuid: a2461163f9b44b678008e3d5fd96a168 + name: 'Interface {#IFNAME}: Erros de Pacote (In)' + key: net.if.in["{#IFGUID}",errors] + delay: 3m + description: Número de pacotes de entrada com erros na interface. + preprocessing: + - type: CHANGE_PER_SECOND + parameters: + - '' + tags: + - tag: component + value: network + - tag: description + value: '{#IFALIAS}' + - tag: interface + value: '{#IFNAME}' + - uuid: a8f69dac86d646b194f9b204f22aeb3b + name: 'Interface {#IFNAME}: Tráfego de Entrada' + key: net.if.in["{#IFGUID}"] + delay: 3m + units: bps + description: Tráfego de entrada na interface de rede. + preprocessing: + - type: CHANGE_PER_SECOND + parameters: + - '' + - type: MULTIPLIER + parameters: + - '8' + tags: + - tag: component + value: network + - tag: description + value: '{#IFALIAS}' + - tag: interface + value: '{#IFNAME}' + - uuid: 46d947876b844223bb500f29cbf82273 + name: 'Interface {#IFNAME}: Pacotes Descartados (Out)' + key: net.if.out["{#IFGUID}",dropped] + delay: 3m + description: Número de pacotes de saída descartados na interface. + preprocessing: + - type: CHANGE_PER_SECOND + parameters: + - '' + tags: + - tag: component + value: network + - tag: description + value: '{#IFALIAS}' + - tag: interface + value: '{#IFNAME}' + - uuid: 1f5854d4ad5d4b65b63e5ca9ffa5007c + name: 'Interface {#IFNAME}: Erros de Pacote (Out)' + key: net.if.out["{#IFGUID}",errors] + delay: 3m + description: Número de pacotes de saída com erros na interface. + preprocessing: + - type: CHANGE_PER_SECOND + parameters: + - '' + tags: + - tag: component + value: network + - tag: description + value: '{#IFALIAS}' + - tag: interface + value: '{#IFNAME}' + - uuid: 1adceed263804e089108bb2cc1aa51e1 + name: 'Interface {#IFNAME}: Tráfego de Saída' + key: net.if.out["{#IFGUID}"] + delay: 3m + units: bps + description: Tráfego de saída na interface de rede. + preprocessing: + - type: CHANGE_PER_SECOND + parameters: + - '' + - type: MULTIPLIER + parameters: + - '8' + tags: + - tag: component + value: network + - tag: description + value: '{#IFALIAS}' + - tag: interface + value: '{#IFNAME}' + - uuid: 820ca9809e6f46af8aa3f41195f246d9 + name: 'Interface {#IFNAME}: Velocidade Negociada' + type: DEPENDENT + key: net.if.speed["{#IFGUID}"] + delay: '0' + trends: '0' + units: bps + description: Largura de banda estimada da interface de rede. + preprocessing: + - type: JSONPATH + parameters: + - $[?(@.GUID == "{#IFGUID}")].Speed.first() + error_handler: CUSTOM_VALUE + error_handler_params: '0' + - type: JAVASCRIPT + parameters: + - 'return (value==''9223372036854775807'' ? 0 : value)' + - type: DISCARD_UNCHANGED_HEARTBEAT + parameters: + - 1h + master_item: + key: wmi.getall[root\cimv2,"select Name,Description,NetConnectionID,Speed,AdapterTypeId,NetConnectionStatus,GUID from win32_networkadapter where PhysicalAdapter=True and NetConnectionStatus>0"] + tags: + - tag: component + value: network + - tag: description + value: '{#IFALIAS}' + - tag: interface + value: '{#IFNAME}' + - uuid: 929917f16ecd4369a5535fe8178248d6 + name: 'Interface {#IFNAME}: Status Operacional' + type: DEPENDENT + key: net.if.status["{#IFGUID}"] + delay: '0' + trends: '0' + description: Status operacional da interface de rede. + valuemap: + name: Win32_NetworkAdapter::NetConnectionStatus + preprocessing: + - type: JSONPATH + parameters: + - $[?(@.GUID == "{#IFGUID}")].NetConnectionStatus.first() + - type: DISCARD_UNCHANGED_HEARTBEAT + parameters: + - 1d + master_item: + key: wmi.getall[root\cimv2,"select Name,Description,NetConnectionID,Speed,AdapterTypeId,NetConnectionStatus,GUID from win32_networkadapter where PhysicalAdapter=True and NetConnectionStatus>0"] + tags: + - tag: component + value: network + - tag: description + value: '{#IFALIAS}' + - tag: interface + value: '{#IFNAME}' + trigger_prototypes: + - uuid: 08a59de19b8d444cbe0929a30af08889 + expression: '{$IFCONTROL:"{#IFNAME}"}=1 and last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])<>2 and (last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#1)<>last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#2))' + recovery_mode: RECOVERY_EXPRESSION + recovery_expression: last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])=2 or {$IFCONTROL:"{#IFNAME}"}=0 + name: '🚨 Interface {#IFNAME}: Link Down' + opdata: 'Current state: {ITEM.LASTVALUE1}' + priority: AVERAGE + description: 'Esta trigger funciona assim: + + 1. Dispara se o status operacional for Down. + + 2. `{$IFCONTROL:"{#IFNAME}"}=1` - defina a macro como "0" para ignorar esta interface. + + No new trigger will be fired if this interface is down. + + 3. `last(/TEMPLATE_NAME/METRIC,#1)<>last(/TEMPLATE_NAME/METRIC,#2)` - the trigger fires only if the operational status was up to (1) sometime before (so, does not fire for the ''eternal off'' interfaces.) + + + WARNING: if closed manually - it will not fire again on the next poll, because of .diff. + + ' + manual_close: 'YES' + tags: + - tag: scope + value: availability + - uuid: 1e513ffd8cd24a39a04b2140dce65b62 + name: 'Interface {#IFNAME}: Tipo de Interface' + type: DEPENDENT + key: net.if.type["{#IFGUID}"] + delay: '0' + trends: '0' + description: The type of the network interface. + valuemap: + name: Win32_NetworkAdapter::AdapterTypeId + preprocessing: + - type: JSONPATH + parameters: + - $[?(@.GUID == "{#IFGUID}")].AdapterTypeId.first() + - type: DISCARD_UNCHANGED_HEARTBEAT + parameters: + - 1d + master_item: + key: wmi.getall[root\cimv2,"select Name,Description,NetConnectionID,Speed,AdapterTypeId,NetConnectionStatus,GUID from win32_networkadapter where PhysicalAdapter=True and NetConnectionStatus>0"] + tags: + - tag: component + value: network + - tag: description + value: '{#IFALIAS}' + - tag: interface + value: '{#IFNAME}' + trigger_prototypes: + - uuid: 27a60f88cbd0457291153105ace75e4d + expression: 'change(/Windows by Zabbix agent/net.if.speed["{#IFGUID}"])<0 and + + last(/Windows by Zabbix agent/net.if.speed["{#IFGUID}"])>0 and + + last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])=2 + + ' + name: '⚠️ Interface {#IFNAME}: Velocidade Reduzida (Negociação?)' + opdata: 'Current reported speed: {ITEM.LASTVALUE1}' + priority: INFO + description: "⚠️ A velocidade da interface caiu (Ex: 1Gb -> 100Mb).\n\n📉 Impacto: Lentidão na transferência de dados.\n🛠️ Ação: 1. Verifique a categoria do cabo (Cat5e/Cat6). 2. Verifique configurações de Duplex/Speed no switch e servidor." + manual_close: 'YES' + dependencies: + - name: '🚨 Interface {#IFNAME}: Link Down' + expression: '{$IFCONTROL:"{#IFNAME}"}=1 and last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])<>2 and (last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#1)<>last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#2))' + recovery_expression: last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])=2 or {$IFCONTROL:"{#IFNAME}"}=0 + tags: + - tag: scope + value: capacity + - uuid: 728a12bd7b6748cd97e0ca7b0cbf2b77 + expression: '(avg(/Windows by Zabbix agent/net.if.in["{#IFGUID}"],15m)>({$IF.UTIL.MAX:"{#IFNAME}"}/100)*last(/Windows by Zabbix agent/net.if.speed["{#IFGUID}"]) or + + avg(/Windows by Zabbix agent/net.if.out["{#IFGUID}"],15m)>({$IF.UTIL.MAX:"{#IFNAME}"}/100)*last(/Windows by Zabbix agent/net.if.speed["{#IFGUID}"])) and + + last(/Windows by Zabbix agent/net.if.speed["{#IFGUID}"])>0 + + ' + recovery_mode: RECOVERY_EXPRESSION + recovery_expression: 'avg(/Windows by Zabbix agent/net.if.in["{#IFGUID}"],15m)<(({$IF.UTIL.MAX:"{#IFNAME}"}-3)/100)*last(/Windows by Zabbix agent/net.if.speed["{#IFGUID}"]) and + + avg(/Windows by Zabbix agent/net.if.out["{#IFGUID}"],15m)<(({$IF.UTIL.MAX:"{#IFNAME}"}-3)/100)*last(/Windows by Zabbix agent/net.if.speed["{#IFGUID}"]) + + ' + name: '🔥 Interface {#IFNAME}: Saturação de Banda' + event_name: '🔥 Interface {#IFNAME}: Saturação de Banda (>{$IF.UTIL.MAX:"{#IFNAME}"}%)' + opdata: 'In: {ITEM.LASTVALUE1}, out: {ITEM.LASTVALUE3}, speed: {ITEM.LASTVALUE2}' + priority: WARNING + description: "⚠️ Uso de banda elevado.\n\n📉 Impacto: A interface atingiu o limite de tráfego. O acesso ao servidor ficará lento e pacotes podem ser descartados.\n🛠️ Ação: 1. Identifique qual processo/usuário está consumindo banda. 2. Avalie necessidade de upgrade de link." + manual_close: 'YES' + dependencies: + - name: '🚨 Interface {#IFNAME}: Link Down' + expression: '{$IFCONTROL:"{#IFNAME}"}=1 and last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])<>2 and (last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#1)<>last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#2))' + recovery_expression: last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])=2 or {$IFCONTROL:"{#IFNAME}"}=0 + tags: + - tag: scope + value: performance + - uuid: 1945fd9bc15c471fb050d0a5430245a6 + expression: 'min(/Windows by Zabbix agent/net.if.in["{#IFGUID}",errors],5m)>{$IF.ERRORS.WARN:"{#IFNAME}"} + + or min(/Windows by Zabbix agent/net.if.out["{#IFGUID}",errors],5m)>{$IF.ERRORS.WARN:"{#IFNAME}"} + + ' + recovery_mode: RECOVERY_EXPRESSION + recovery_expression: 'max(/Windows by Zabbix agent/net.if.in["{#IFGUID}",errors],5m)<{$IF.ERRORS.WARN:"{#IFNAME}"}*0.8 + + and max(/Windows by Zabbix agent/net.if.out["{#IFGUID}",errors],5m)<{$IF.ERRORS.WARN:"{#IFNAME}"}*0.8 + + ' + name: '🔥 Interface {#IFNAME}: Alta Taxa de Erros' + event_name: '🔥 Interface {#IFNAME}: Alta Taxa de Erros (>{$IF.ERRORS.WARN:"{#IFNAME}"} por 5m)' + opdata: 'errors in: {ITEM.LASTVALUE1}, errors out: {ITEM.LASTVALUE2}' + priority: WARNING + description: "⚠️ Erros de transmissão detectados.\n\n📉 Impacto: Perda de pacotes, retransmissões e lentidão.\n🛠️ Ação: 1. Substitua o cabo de rede. 2. Teste outra porta no switch." + manual_close: 'YES' + dependencies: + - name: '🚨 Interface {#IFNAME}: Link Down' + expression: '{$IFCONTROL:"{#IFNAME}"}=1 and last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])<>2 and (last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#1)<>last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#2))' + recovery_expression: last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])=2 or {$IFCONTROL:"{#IFNAME}"}=0 + tags: + - tag: scope + value: availability + graph_prototypes: + - uuid: cf5e38d45e394757955ce0257cfd2f04 + name: 'Interface {#IFNAME}({#IFALIAS}): Network traffic' + graph_items: + - drawtype: GRADIENT_LINE + color: 199C0D + item: + host: Windows by Zabbix agent + key: net.if.in["{#IFGUID}"] + - sortorder: '1' + drawtype: BOLD_LINE + color: F63100 + item: + host: Windows by Zabbix agent + key: net.if.out["{#IFGUID}"] + - sortorder: '2' + color: 00611C + yaxisside: RIGHT + item: + host: Windows by Zabbix agent + key: net.if.out["{#IFGUID}",errors] + - sortorder: '3' + color: F7941D + yaxisside: RIGHT + item: + host: Windows by Zabbix agent + key: net.if.in["{#IFGUID}",errors] + - sortorder: '4' + color: FC6EA3 + yaxisside: RIGHT + item: + host: Windows by Zabbix agent + key: net.if.out["{#IFGUID}",dropped] + - sortorder: '5' + color: 6C59DC + yaxisside: RIGHT + item: + host: Windows by Zabbix agent + key: net.if.in["{#IFGUID}",dropped] + master_item: + key: wmi.getall[root\cimv2,"select Name,Description,NetConnectionID,Speed,AdapterTypeId,NetConnectionStatus,GUID from win32_networkadapter where PhysicalAdapter=True and NetConnectionStatus>0"] + preprocessing: + - type: JAVASCRIPT + parameters: + - "output = JSON.parse(value).map(function(net){\n\treturn {\n\t\t\"{#IFNAME}\": net.Name,\n\t\t\"{#IFDESCR}\": net.Description,\n\t\t\"{#IFALIAS}\": net.NetConnectionID,\n\t\t\"{#IFGUID}\": net.GUID\n\t}})\nreturn JSON.stringify({\"data\": output})\n" + - type: DISCARD_UNCHANGED_HEARTBEAT + parameters: + - 1h + - uuid: b2a9c04e3e0846ab89d5dbc39d273567 + name: Descoberta de discos físicos + key: perf_instance_en.discovery[PhysicalDisk] + delay: 1h + filter: + evaltype: AND + conditions: + - macro: '{#DEVNAME}' + value: '{$VFS.DEV.DEVNAME.MATCHES}' + formulaid: A + - macro: '{#DEVNAME}' + value: '{$VFS.DEV.DEVNAME.NOT_MATCHES}' + operator: NOT_MATCHES_REGEX + formulaid: B + description: Discovery of installed physical disks. + item_prototypes: + - uuid: 714bbd069d34400895df413fe4627543 + name: '{#DEVNAME}: Utilização de disco por tempo ocioso' + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\% Idle Time",60] + value_type: FLOAT + units: '%' + description: This item is the percentage of elapsed time that the selected disk drive was busy servicing read or writes requests based on idle time. + preprocessing: + - type: JAVASCRIPT + parameters: + - return (100 - value) + tags: + - tag: component + value: storage + - tag: disk + value: '{#DEVNAME}' + trigger_prototypes: + - uuid: 7cbd65184e1041ca959172328db83f58 + expression: min(/Windows by Zabbix agent/perf_counter_en["\PhysicalDisk({#DEVNAME})\% Idle Time",60],15m)>{$VFS.DEV.UTIL.MAX.WARN} + name: '🔥 Windows: Disco Saturado (I/O) em {#DEVNAME}' + event_name: '🔥 Disco Crítico em {HOST.NAME}: {#DEVNAME} está com {ITEM.LASTVALUE}% de Utilização (Crit: > {$VFS.DEV.UTIL.MAX.WARN}%)' + priority: WARNING + description: "⚠️ Disco operando perto da capacidade máxima.\n\n📉 Impacto: Lentidão geral no sistema, aplicações travando e demora para buscar arquivos.\n\n🛠️ Ação: 1. Verifique quais processos estão consumindo I/O (Resource Monitor). 2. Considere mover arquivos para outro disco ou upgrade para SSD." + manual_close: 'YES' + dependencies: + - name: '⚠️ Windows: Latência de Leitura Alta em {#DEVNAME}' + expression: min(/Windows by Zabbix agent/perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Read",60],15m) > {$VFS.DEV.READ.AWAIT.WARN:"{#DEVNAME}"} + - name: '⚠️ Windows: Latência de Escrita Alta em {#DEVNAME}' + expression: min(/Windows by Zabbix agent/perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Write",60],15m) > {$VFS.DEV.WRITE.AWAIT.WARN:"{#DEVNAME}"} + tags: + - tag: scope + value: performance + - uuid: abdcdffc92114fda93d4893c772cf14a + name: '{#DEVNAME}: Tamanho médio da fila de leitura' + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk Read Queue Length",60] + value_type: FLOAT + description: Average disk read queue, the number of requests outstanding on the disk at the time the performance data is collected. + tags: + - tag: component + value: storage + - tag: disk + value: '{#DEVNAME}' + - uuid: 208b3a3868844e85a7e3e5f3940d744d + name: '{#DEVNAME}: Tempo médio de espera de leitura' + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Read",60] + value_type: FLOAT + units: s + description: The average time for read requests issued to the device to be served. This includes the time spent by the requests in queue and the time spent servicing them. + tags: + - tag: component + value: storage + - tag: disk + value: '{#DEVNAME}' + trigger_prototypes: + - uuid: 3ee49a01474c4770874fa30bc417fa20 + expression: min(/Windows by Zabbix agent/perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Read",60],15m) > {$VFS.DEV.READ.AWAIT.WARN:"{#DEVNAME}"} + name: '⚠️ Windows: Latência de Leitura Alta em {#DEVNAME}' + event_name: '⚠️ Latência de Leitura Alta em {HOST.NAME}: {#DEVNAME} com {ITEM.LASTVALUE}s (Crit: > {$VFS.DEV.READ.AWAIT.WARN:"{#DEVNAME}"}s)' + priority: WARNING + description: "⚠️ Latência alta no disco (Lentidão).\n\n📉 Impacto: O sistema demora para ler/gravar dados. Bancos de dados e sistemas de arquivos serão afetados.\n\n🛠️ Ação: 1. Verifique saúde do disco (SMART/Event Log). 2. Verifique se há backup ou antivírus rodando no momento." + manual_close: 'YES' + tags: + - tag: scope + value: performance + - uuid: 6a162aca790c48a7bd726d54494d67e9 + name: '{#DEVNAME}: Tempo médio de espera de escrita' + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Write",60] + value_type: FLOAT + units: s + description: The average time for write requests issued to the device to be served. This includes the time spent by the requests in queue and the time spent servicing them. + tags: + - tag: component + value: storage + - tag: disk + value: '{#DEVNAME}' + trigger_prototypes: + - uuid: c270b6ce40404a099993b3fb967fb302 + expression: min(/Windows by Zabbix agent/perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Write",60],15m) > {$VFS.DEV.WRITE.AWAIT.WARN:"{#DEVNAME}"} + name: '⚠️ Windows: Latência de Escrita Alta em {#DEVNAME}' + event_name: '⚠️ Latência de Escrita Alta em {HOST.NAME}: {#DEVNAME} com {ITEM.LASTVALUE}s (Crit: > {$VFS.DEV.WRITE.AWAIT.WARN:"{#DEVNAME}"}s)' + priority: WARNING + description: "⚠️ Latência alta no disco (Lentidão).\n\n📉 Impacto: O sistema demora para ler/gravar dados. Bancos de dados e sistemas de arquivos serão afetados.\n\n🛠️ Ação: 1. Verifique saúde do disco (SMART/Event Log). 2. Verifique se há backup ou antivírus rodando no momento." + manual_close: 'YES' + tags: + - tag: scope + value: performance + - uuid: ba3a369741544f6c88a476a4f2d30ab2 + name: '{#DEVNAME}: Tamanho médio da fila de escrita' + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk Write Queue Length",60] + value_type: FLOAT + description: Average disk write queue, the number of requests outstanding on the disk at the time the performance data is collected. + tags: + - tag: component + value: storage + - tag: disk + value: '{#DEVNAME}' + - uuid: 24d15f53439148919e11d5811f25adf1 + name: '{#DEVNAME}: Tamanho médio da fila de disco (avgqu-sz)' + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Current Disk Queue Length",60] + value_type: FLOAT + description: The current average disk queue; the number of requests outstanding on the disk while the performance data is being collected. + tags: + - tag: component + value: storage + - tag: disk + value: '{#DEVNAME}' + - uuid: c1424c1c2fe647a8baf3357c34ae261e + name: '{#DEVNAME}: Taxa de leitura de disco' + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Disk Reads/sec",60] + value_type: FLOAT + units: '!r/s' + description: Taxa de operações de leitura no disco. + tags: + - tag: component + value: storage + - tag: disk + value: '{#DEVNAME}' + - uuid: 4d10e563bbd1402daa1c9c8516095aa8 + name: '{#DEVNAME}: Taxa de escrita de disco' + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Disk Writes/sec",60] + value_type: FLOAT + units: '!w/s' + description: Taxa de operações de escrita no disco. + tags: + - tag: component + value: storage + - tag: disk + value: '{#DEVNAME}' + graph_prototypes: + - uuid: d57e7ea5e83948d39c5dc37692ee5d2f + name: '{#DEVNAME}: Tamanho médio da fila de disco' + graph_items: + - color: 199C0D + item: + host: Windows by Zabbix agent + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk Read Queue Length",60] + - sortorder: '1' + color: F63100 + item: + host: Windows by Zabbix agent + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk Write Queue Length",60] + - uuid: 3418a65445664f16ae044b340f019059 + name: '{#DEVNAME}: Tempo médio de espera do disco' + graph_items: + - color: 199C0D + item: + host: Windows by Zabbix agent + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Read",60] + - sortorder: '1' + drawtype: GRADIENT_LINE + color: F63100 + item: + host: Windows by Zabbix agent + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Write",60] + - uuid: 93f9ce11052e4ad39b85cde3adee381a + name: '{#DEVNAME}: Taxas de leitura/escrita do disco' + graph_items: + - color: 199C0D + item: + host: Windows by Zabbix agent + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Disk Reads/sec",60] + - sortorder: '1' + drawtype: GRADIENT_LINE + color: F63100 + item: + host: Windows by Zabbix agent + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Disk Writes/sec",60] + - uuid: e4956240463543dca5cce52847581d25 + name: '{#DEVNAME}: Utilização e fila do disco' + graph_items: + - color: 199C0D + yaxisside: RIGHT + item: + host: Windows by Zabbix agent + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Current Disk Queue Length",60] + - sortorder: '1' + drawtype: GRADIENT_LINE + color: F63100 + item: + host: Windows by Zabbix agent + key: perf_counter_en["\PhysicalDisk({#DEVNAME})\% Idle Time",60] + preprocessing: + - type: STR_REPLACE + parameters: + - '{#INSTANCE}' + - '{#DEVNAME}' + - uuid: dbde6e6c7c13436b9bd20230f1d309ed + name: Descoberta de serviços Windows + key: service.discovery + delay: 1h + filter: + evaltype: AND + conditions: + - macro: '{#SERVICE.NAME}' + value: '{$SERVICE.NAME.MATCHES}' + formulaid: A + - macro: '{#SERVICE.NAME}' + value: '{$SERVICE.NAME.NOT_MATCHES}' + operator: NOT_MATCHES_REGEX + formulaid: B + - macro: '{#SERVICE.STARTUPNAME}' + value: '{$SERVICE.STARTUPNAME.MATCHES}' + formulaid: C + - macro: '{#SERVICE.STARTUPNAME}' + value: '{$SERVICE.STARTUPNAME.NOT_MATCHES}' + operator: NOT_MATCHES_REGEX + formulaid: D + description: Descoberta de serviços Windows baseada nas macros do template. + item_prototypes: + - uuid: d6379e85f1974734abbe60fef1a6ca1d + name: Estado do serviço "{#SERVICE.NAME}" ({#SERVICE.DISPLAYNAME}) + key: service.info["{#SERVICE.NAME}",state] + valuemap: + name: Windows service state + tags: + - tag: component + value: system + - tag: name + value: '{#SERVICE.DISPLAYNAME}' + - tag: service + value: '{#SERVICE.NAME}' + trigger_prototypes: + - uuid: 1ac218b99f1347b4b467c75c10f074a3 + expression: min(/Windows by Zabbix agent/service.info["{#SERVICE.NAME}",state],#3)<>0 + name: '🚨 Windows: Serviço Crítico Parado: {#SERVICE.DISPLAYNAME} ({#SERVICE.NAME})' + event_name: '🚨 Serviço Parado em {HOST.NAME}: {#SERVICE.DISPLAYNAME} está Down (Startup: {#SERVICE.STARTUPNAME})' + priority: AVERAGE + description: "⚠️ O serviço monitorado parou de responder.\n\n📉 Impacto: Funcionalidades dependentes deste serviço estão indisponíveis.\n🛠️ Ação: 1. Tente iniciar o serviço via 'net start \"{#SERVICE.NAME}\"'. 2. Verifique logs (Event Viewer > System/Application)." + tags: + - tag: scope + value: notice + - uuid: 4fbbdf83609e48e68011f6c394c652f9 + name: Descoberta de sistemas de arquivos montados + type: DEPENDENT + key: vfs.fs.dependent.discovery + delay: '0' + filter: + evaltype: AND + conditions: + - macro: '{#FSDRIVETYPE}' + value: '{$VFS.FS.FSDRIVETYPE.MATCHES}' + formulaid: A + - macro: '{#FSDRIVETYPE}' + value: '{$VFS.FS.FSDRIVETYPE.NOT_MATCHES}' + operator: NOT_MATCHES_REGEX + formulaid: B + - macro: '{#FSNAME}' + value: '{$VFS.FS.FSNAME.MATCHES}' + formulaid: C + - macro: '{#FSNAME}' + value: '{$VFS.FS.FSNAME.NOT_MATCHES}' + operator: NOT_MATCHES_REGEX + formulaid: D + - macro: '{#FSTYPE}' + value: '{$VFS.FS.FSTYPE.MATCHES}' + formulaid: E + - macro: '{#FSTYPE}' + value: '{$VFS.FS.FSTYPE.NOT_MATCHES}' + operator: NOT_MATCHES_REGEX + formulaid: F + description: Descoberta de sistemas de arquivos. + item_prototypes: + - uuid: 821daa0e25a2456ca637e441a844dfe6 + name: 'FS [{#FSLABEL}({#FSNAME})]: Espaço: Disponível' + type: DEPENDENT + key: vfs.fs.dependent.size[{#FSNAME},free] + delay: '0' + units: B + description: Espaço disponível em bytes. + preprocessing: + - type: JSONPATH + parameters: + - $.bytes.free + master_item: + key: vfs.fs.dependent[{#FSNAME},data] + tags: + - tag: component + value: storage + - tag: filesystem + value: '{#FSNAME}' + - tag: fstype + value: '{#FSTYPE}' + - uuid: 8949201f93ab46f0a0ad95ca6ce6124c + name: 'FS [{#FSLABEL}({#FSNAME})]: Espaço: Usado, em %' + type: DEPENDENT + key: vfs.fs.dependent.size[{#FSNAME},pused] + delay: '0' + value_type: FLOAT + units: '%' + description: Calculado como porcentagem de espaço usado em relação ao total. + preprocessing: + - type: JSONPATH + parameters: + - $.bytes.pused + master_item: + key: vfs.fs.dependent[{#FSNAME},data] + tags: + - tag: component + value: storage + - tag: filesystem + value: '{#FSNAME}' + - tag: fstype + value: '{#FSTYPE}' + trigger_prototypes: + - uuid: 82749ca091b047109ec8374febd3f1a8 + expression: min(/Windows by Zabbix agent/vfs.fs.dependent.size[{#FSNAME},pused],5m)>{$VFS.FS.PUSED.MAX.CRIT:"{#FSLABEL}({#FSNAME})"} + name: '🚨 Windows: Disco Crítico em {#FSNAME} ({#FSLABEL})' + event_name: '🚨 Disco Crítico em {HOST.NAME}: {#FSNAME} ({#FSLABEL}) com {ITEM.LASTVALUE}% Usado (Crit: > {$VFS.FS.PUSED.MAX.CRIT:"{#FSLABEL}({#FSNAME})"}%)' + opdata: 'Space used: {{ITEM.LASTVALUE1}.fmtnum(1)}%' + priority: AVERAGE + description: "🚨 O disco local atingiu nível CRÍTICO de uso.\n\n📉 Impacto: Aplicações podem falhar ao gravar dados, log rotation pode falhar, sistema instável.\n🛠️ Ação: 1. Limpe arquivos temporários. 2. Expanda o disco." + manual_close: 'YES' + tags: + - tag: scope + value: availability + - tag: scope + value: capacity + - uuid: a78fdba44690444cb9898bfa6e7f0ed9 + expression: min(/Windows by Zabbix agent/vfs.fs.dependent.size[{#FSNAME},pused],5m)>{$VFS.FS.PUSED.MAX.WARN:"{#FSLABEL}({#FSNAME})"} + name: '⚠️ Windows: Disco Cheio em {#FSNAME} ({#FSLABEL})' + event_name: '⚠️ Disco Cheio em {HOST.NAME}: {#FSNAME} ({#FSLABEL}) com {ITEM.LASTVALUE}% Usado (Warn: > {$VFS.FS.PUSED.MAX.WARN:"{#FSLABEL}({#FSNAME})"}%)' + opdata: 'Space used: {{ITEM.LASTVALUE1}.fmtnum(1)}%' + priority: WARNING + description: "⚠️ O disco local está atingindo o limite de alerta.\n\n📉 Impacto: Prevenção de incidente crítico futura.\n🛠️ Ação: 1. Planeje expansão ou limpeza." + manual_close: 'YES' + dependencies: + - name: '🚨 Windows: Disco Crítico em {#FSNAME} ({#FSLABEL})' + expression: min(/Windows by Zabbix agent/vfs.fs.dependent.size[{#FSNAME},pused],5m)>{$VFS.FS.PUSED.MAX.CRIT:"{#FSLABEL}({#FSNAME})"} + tags: + - tag: scope + value: availability + - tag: scope + value: capacity + - uuid: d45f2c3469dd424486bdee586e4a61eb + name: 'FS [{#FSLABEL}({#FSNAME})]: Espaço: Total' + type: DEPENDENT + key: vfs.fs.dependent.size[{#FSNAME},total] + delay: '0' + units: B + description: Espaço total em bytes. + preprocessing: + - type: JSONPATH + parameters: + - $.bytes.total + master_item: + key: vfs.fs.dependent[{#FSNAME},data] + tags: + - tag: component + value: storage + - tag: filesystem + value: '{#FSNAME}' + - tag: fstype + value: '{#FSTYPE}' + - uuid: ddd24d7eaa5742ac9d6cbae42bcfa1ae + name: 'FS [{#FSLABEL}({#FSNAME})]: Espaço: Usado' + type: DEPENDENT + key: vfs.fs.dependent.size[{#FSNAME},used] + delay: '0' + units: B + description: Espaço usado em bytes. + preprocessing: + - type: JSONPATH + parameters: + - $.bytes.used + master_item: + key: vfs.fs.dependent[{#FSNAME},data] + tags: + - tag: component + value: storage + - tag: filesystem + value: '{#FSNAME}' + - tag: fstype + value: '{#FSTYPE}' + - uuid: b9ad1677ea6841309c7dc3a304b61c37 + name: 'FS [{#FSLABEL}({#FSNAME})]: Obter dados' + type: DEPENDENT + key: vfs.fs.dependent[{#FSNAME},data] + delay: '0' + history: 1h + value_type: TEXT + trends: '0' + description: Dados intermediários do sistema de arquivos `{#FSNAME}`. + preprocessing: + - type: JSONPATH + parameters: + - $.[?(@.fsname=='{#FSNAME}')].first() + master_item: + key: vfs.fs.get + tags: + - tag: component + value: raw + - tag: component + value: storage + - tag: filesystem + value: '{#FSNAME}' + - tag: fstype + value: '{#FSTYPE}' + graph_prototypes: + - uuid: 0ab6167e4a5d4d8f8dbe8b521db43bb0 + name: 'FS [{#FSLABEL}({#FSNAME})]: Space usage graph, in %' + width: '600' + height: '340' + ymin_type_1: FIXED + ymax_type_1: FIXED + graph_items: + - drawtype: FILLED_REGION + color: F63100 + calc_fnc: ALL + item: + host: Windows by Zabbix agent + key: vfs.fs.dependent.size[{#FSNAME},pused] + - uuid: 231acb4a719d4eea911c52e106b2ab27 + name: 'FS [{#FSLABEL}({#FSNAME})]: Space utilization chart' + width: '600' + height: '340' + type: PIE + show_3d: 'YES' + graph_items: + - color: '787878' + calc_fnc: LAST + type: GRAPH_SUM + item: + host: Windows by Zabbix agent + key: vfs.fs.dependent.size[{#FSNAME},total] + - sortorder: '1' + color: F63100 + calc_fnc: LAST + item: + host: Windows by Zabbix agent + key: vfs.fs.dependent.size[{#FSNAME},used] + - sortorder: '2' + color: 199C09 + calc_fnc: LAST + item: + host: Windows by Zabbix agent + key: vfs.fs.dependent.size[{#FSNAME},free] + master_item: + key: vfs.fs.get + lld_macro_paths: + - lld_macro: '{#FSDRIVETYPE}' + path: $.fsdrivetype + - lld_macro: '{#FSLABEL}' + path: $.fslabel + - lld_macro: '{#FSNAME}' + path: $.fsname + - lld_macro: '{#FSTYPE}' + path: $.fstype + preprocessing: + - type: JAVASCRIPT + parameters: + - "var filesystems = JSON.parse(value);\n\nresult = filesystems.map(function (filesystem) {\n\treturn {\n\t\t'fsname': filesystem.fsname,\n\t\t'fstype': filesystem.fstype,\n\t\t'fslabel': filesystem.fslabel,\n\t\t'fsdrivetype': filesystem.fsdrivetype\n\t};\n});\n\nreturn JSON.stringify(result);\n" + - type: DISCARD_UNCHANGED_HEARTBEAT + parameters: + - 1h + tags: + - tag: class + value: os + - tag: target + value: windows + macros: + - macro: '{$AGENT.TIMEOUT}' + value: 3m + description: Timeout para considerar agente indisponível (apenas modo passivo). + - macro: '{$CPU.INTERRUPT.CRIT.MAX}' + value: '50' + description: Limiar crítico para % Interrupt Time. + - macro: '{$CPU.PRIV.CRIT.MAX}' + value: '30' + description: Limiar crítico para % Privileged Time. + - macro: '{$CPU.QUEUE.CRIT.MAX}' + value: '3' + description: Limiar para Processor Queue Length. + - macro: '{$CPU.UTIL.CRIT}' + value: '90' + description: 'The critical threshold of the Utilização Total da CPU expressa em %.' + - macro: '{$IF.ERRORS.WARN}' + value: '2' + description: Limiar de aviso para taxa de erros de pacote. + - macro: '{$IF.UTIL.MAX}' + value: '90' + description: Limiar para trigger de utilização de interface. + - macro: '{$IFCONTROL}' + value: '1' + description: Macro para estado operacional (trigger link down). Use 0 para desativar. + - macro: '{$MEM.PAGE_SEC.CRIT.MAX}' + value: '1000' + description: Limiar de aviso para Memory Pages/sec. + - macro: '{$MEM.PAGE_TABLE_CRIT.MIN}' + value: '5000' + description: Limiar de aviso para Free System Page Table Entries. + - macro: '{$MEMORY.UTIL.MAX}' + value: '90' + description: Limiar de aviso para uso de memória. + - macro: '{$NET.IF.IFALIAS.MATCHES}' + value: .* + description: Usado na descoberta de interface de rede. Pode ser sobrescrito. + - macro: '{$NET.IF.IFALIAS.NOT_MATCHES}' + value: CHANGE_THIS + description: Usado na descoberta de interface de rede. Pode ser sobrescrito. + - macro: '{$NET.IF.IFDESCR.MATCHES}' + value: .* + description: Usado na descoberta de interface de rede. Pode ser sobrescrito. + - macro: '{$NET.IF.IFDESCR.NOT_MATCHES}' + value: CHANGE_THIS + description: Usado na descoberta de interface de rede. Pode ser sobrescrito. + - macro: '{$NET.IF.IFNAME.MATCHES}' + value: .* + description: Usado na descoberta de interface de rede. Pode ser sobrescrito. + - macro: '{$NET.IF.IFNAME.NOT_MATCHES}' + value: Miniport|Virtual|Teredo|Kernel|Loopback|Bluetooth|HTTPS|6to4|QoS|Layer + description: Usado na descoberta de interface de rede. Pode ser sobrescrito. + - macro: '{$SERVICE.NAME.MATCHES}' + value: ^.*$ + description: Usado na descoberta de serviços. Pode ser sobrescrito. + - macro: '{$SERVICE.NAME.NOT_MATCHES}' + value: ^(?:RemoteRegistry|MMCSS|gupdate|SysmonLog|clr_optimization_v.+|sppsvc|gpsvc|Pml Driver HPZ12|Net Driver HPZ12|MapsBroker|IntelAudioService|Intel\(R\) TPM Provisioning Service|dbupdate|DoSvc|CDPUserSvc_.+|WpnUserService_.+|OneSyncSvc_.+|WbioSrvc|BITS|tiledatamodelsvc|GISvc|ShellHWDetection|TrustedInstaller|TabletInputService|CDPSvc|wuauserv|edgeupdate|cbdhsvc_.+)$ + description: Usado na descoberta de serviços. Pode ser sobrescrito. + - macro: '{$SERVICE.STARTUPNAME.MATCHES}' + value: ^(?:automatic|automatic delayed)$ + description: Usado na descoberta de serviços. Pode ser sobrescrito. + - macro: '{$SERVICE.STARTUPNAME.NOT_MATCHES}' + value: ^(?:manual|disabled)$ + description: Usado na descoberta de serviços. Pode ser sobrescrito. + - macro: '{$SWAP.PFREE.MIN.WARN}' + value: '20' + description: Limiar de aviso para swap livre mínimo. + - macro: '{$SYSTEM.FUZZYTIME.MAX}' + value: 60s + description: Limiar superior para diferença de tempo do sistema. + - macro: '{$SYSTEM.FUZZYTIME.MIN}' + value: 10s + description: Limiar inferior para diferença de tempo (recuperação). + - macro: '{$VFS.DEV.DEVNAME.MATCHES}' + value: .* + description: Usado na descoberta de disco físico. + - macro: '{$VFS.DEV.DEVNAME.NOT_MATCHES}' + value: _Total + description: Usado na descoberta de disco físico. + - macro: '{$VFS.DEV.READ.AWAIT.WARN}' + value: '0.02' + description: Tempo médio de leitura (s) para disparar trigger. + - macro: '{$VFS.DEV.UTIL.MAX.WARN}' + value: '95' + description: Limiar de aviso para utilização de disco (%). + - macro: '{$VFS.DEV.WRITE.AWAIT.WARN}' + value: '0.02' + description: Tempo médio de escrita (s) para disparar trigger. + - macro: '{$VFS.FS.FSDRIVETYPE.MATCHES}' + value: fixed + description: Usado na descoberta de sistema de arquivos. + - macro: '{$VFS.FS.FSDRIVETYPE.NOT_MATCHES}' + value: ^\s$ + description: Usado na descoberta de sistema de arquivos. + - macro: '{$VFS.FS.FSNAME.MATCHES}' + value: .* + description: Usado na descoberta de sistema de arquivos. + - macro: '{$VFS.FS.FSNAME.NOT_MATCHES}' + value: ^(?:/dev|/sys|/run|/proc|.+/shm$) + description: Usado na descoberta de sistema de arquivos. + - macro: '{$VFS.FS.FSTYPE.MATCHES}' + value: .* + description: Usado na descoberta de sistema de arquivos. + - macro: '{$VFS.FS.FSTYPE.NOT_MATCHES}' + value: ^\s$ + description: Usado na descoberta de sistema de arquivos. + - macro: '{$VFS.FS.PUSED.MAX.CRIT}' + value: '90' + description: Limiar crítico de utilização do sistema de arquivos. + - macro: '{$VFS.FS.PUSED.MAX.WARN}' + value: '80' + description: Limiar de aviso de utilização do sistema de arquivos. + dashboards: + - uuid: eddc508f92df461f9ae1a8d3d4926025 + name: Filesystems + pages: + - name: Overview + widgets: + - type: graphprototype + width: '72' + height: '5' + fields: + - type: INTEGER + name: columns + value: '3' + - type: GRAPH_PROTOTYPE + name: graphid.0 + value: + host: Windows by Zabbix agent + name: 'FS [{#FSLABEL}({#FSNAME})]: Space utilization chart' + - type: STRING + name: reference + value: AAAEB + - type: graphprototype + y: '5' + width: '72' + height: '5' + fields: + - type: INTEGER + name: columns + value: '1' + - type: GRAPH_PROTOTYPE + name: graphid.0 + value: + host: Windows by Zabbix agent + name: 'FS [{#FSLABEL}({#FSNAME})]: Space usage graph, in %' + - type: STRING + name: reference + value: AAAEC + - uuid: cb725ec673d748dfb4f0cd1a6f303742 + name: Network interfaces + pages: + - name: Overview + widgets: + - type: graphprototype + width: '72' + height: '5' + fields: + - type: INTEGER + name: columns + value: '1' + - type: GRAPH_PROTOTYPE + name: graphid.0 + value: + host: Windows by Zabbix agent + name: 'Interface {#IFNAME}({#IFALIAS}): Network traffic' + - type: STRING + name: reference + value: AAAAI + - uuid: 35b47ad17195456b9c75673b08a6aa61 + name: System performance + pages: + - widgets: + - type: graph + width: '36' + height: '5' + fields: + - type: GRAPH + name: graphid.0 + value: + host: Windows by Zabbix agent + name: 'Windows: CPU usage' + - type: STRING + name: reference + value: AAAAA + - type: graph + y: '5' + width: '36' + height: '5' + fields: + - type: GRAPH + name: graphid.0 + value: + host: Windows by Zabbix agent + name: 'Windows: Memória: % de Utilização' + - type: STRING + name: reference + value: AAAAC + - type: graphprototype + y: '10' + width: '72' + height: '5' + fields: + - type: INTEGER + name: columns + value: '3' + - type: GRAPH_PROTOTYPE + name: graphid.0 + value: + host: Windows by Zabbix agent + name: 'FS [{#FSLABEL}({#FSNAME})]: Space utilization chart' + - type: STRING + name: reference + value: AAAEA + - type: graphprototype + y: '15' + width: '72' + height: '5' + fields: + - type: INTEGER + name: columns + value: '1' + - type: GRAPH_PROTOTYPE + name: graphid.0 + value: + host: Windows by Zabbix agent + name: '{#DEVNAME}: Taxas de leitura/escrita do disco' + - type: STRING + name: reference + value: AAAAF + - type: graphprototype + y: '20' + width: '72' + height: '5' + fields: + - type: INTEGER + name: columns + value: '1' + - type: GRAPH_PROTOTYPE + name: graphid.0 + value: + host: Windows by Zabbix agent + name: '{#DEVNAME}: Utilização e fila do disco' + - type: STRING + name: reference + value: AAAAG + - type: graphprototype + y: '25' + width: '72' + height: '5' + fields: + - type: INTEGER + name: columns + value: '1' + - type: GRAPH_PROTOTYPE + name: graphid.0 + value: + host: Windows by Zabbix agent + name: 'Interface {#IFNAME}({#IFALIAS}): Network traffic' + - type: STRING + name: reference + value: AAAAH + - type: graph + x: '36' + width: '36' + height: '5' + fields: + - type: ITEM + name: itemid.0 + value: + host: Windows by Zabbix agent + key: perf_counter_en["\System\Processor Queue Length"] + - type: STRING + name: reference + value: AAAAB + - type: INTEGER + name: source_type + value: '1' + - type: graph + x: '36' + y: '5' + width: '36' + height: '5' + fields: + - type: GRAPH + name: graphid.0 + value: + host: Windows by Zabbix agent + name: 'Windows: Swap usage' + - type: STRING + name: reference + value: AAAAD + valuemaps: + - uuid: bf2000c20fc64121ae5348f8f0de512c + name: Win32_NetworkAdapter::AdapterTypeId + mappings: + - value: '0' + newvalue: Ethernet 802.3 + - value: '1' + newvalue: Token Ring 802.5 + - value: '2' + newvalue: Fiber Distributed Data Interface (FDDI) + - value: '3' + newvalue: Wide Area Network (WAN) + - value: '4' + newvalue: LocalTalk + - value: '5' + newvalue: Ethernet using DIX header format + - value: '6' + newvalue: ARCNET + - value: '7' + newvalue: ARCNET (878.2) + - value: '8' + newvalue: ATM + - value: '9' + newvalue: Wireless + - value: '10' + newvalue: Infrared Wireless + - value: '11' + newvalue: Bpc + - value: '12' + newvalue: CoWan + - value: '13' + newvalue: '1394' + - uuid: 5aaee6cd7cab405096990f88d00ed809 + name: Win32_NetworkAdapter::NetConnectionStatus + mappings: + - value: '0' + newvalue: Desconectado + - value: '1' + newvalue: Conectando + - value: '2' + newvalue: Conectado + - value: '3' + newvalue: Desconectando + - value: '4' + newvalue: Hardware Ausente + - value: '5' + newvalue: Hardware Desabilitado + - value: '6' + newvalue: Falha de Hardware + - value: '7' + newvalue: Media Desconectado + - value: '8' + newvalue: Autenticando + - value: '9' + newvalue: Autenticação com Sucesso + - value: '10' + newvalue: Falha na Autenticação + - value: '11' + newvalue: Endereço Inválido + - value: '12' + newvalue: Credenciais Necessárias + - uuid: 3ab5b73f4a5e48fabc302d617965cbc6 + name: Windows service state + mappings: + - value: '0' + newvalue: Em Execução + - value: '1' + newvalue: Pausado + - value: '2' + newvalue: Início Pendente + - value: '3' + newvalue: Pausa Pendente + - value: '4' + newvalue: Continuação Pendente + - value: '5' + newvalue: Parada Pendente + - value: '6' + newvalue: Parado + - value: '7' + newvalue: Unknown + - value: '255' + newvalue: Serviço Inexistente + - uuid: d0aed5fe712e4ec6b0c0c46170f1e7db + name: zabbix.host.disponível + mappings: + - value: '0' + newvalue: indisponível + - value: '1' + newvalue: disponível + - value: '2' + newvalue: desconhecido + - uuid: 5e9932b1b82a45dca555b341b8ffa07a + name: Status do Agente Zabbix (Ping) status + mappings: + - value: '1' + newvalue: Up + triggers: + - uuid: cf818b8f44fe4c59b0a5edb9128cd336 + expression: min(/Windows by Zabbix agent/perf_counter_en["\System\Processor Queue Length"],5m) - last(/Windows by Zabbix agent/wmi.get[root/cimv2,"Select NumberOfLogicalProcessors from Win32_ComputerSystem"]) * 2 > {$CPU.QUEUE.CRIT.MAX} + name: '⚠️ Windows: CPU com Fila Alta (Queue Length)' + event_name: '⚠️ Windows: CPU com Fila Alta (Queue > {$CPU.QUEUE.CRIT.MAX} por 5m)' + priority: WARNING + description: "⚠️ A fila de processamento da CPU está alta.\n\n📉 Impacto: Lentidão geral no sistema, atraso na resposta de aplicações.\n🛠️ Ação: 1. Verifique processos consumindo CPU. 2. Adicione mais vCPUs se for VM." + dependencies: + - name: '🔥 Windows: Uso de CPU Crítico' + expression: min(/Windows by Zabbix agent/system.cpu.util,5m)>{$CPU.UTIL.CRIT} + tags: + - tag: scope + value: performance + - uuid: 6c522c46798046ddb34b594dfd4ad909 + expression: max(/Windows by Zabbix agent/system.swap.pfree,5m)<{$SWAP.PFREE.MIN.WARN} and last(/Windows by Zabbix agent/system.swap.size[,total])>0 + name: '⚠️ Windows: Swap em Uso Elevado' + event_name: '⚠️ Windows: Swap em Uso Elevado (Livre < {$SWAP.PFREE.MIN.WARN}%)' + opdata: 'Free: {ITEM.LASTVALUE1}, total: {ITEM.LASTVALUE2}' + priority: WARNING + description: "⚠️ O arquivo de paginação (Swap) está com pouco espaço livre.\n\n📉 Impacto: O sistema pode ficar instável ou travar aplicações por falta de memória virtual.\n🛠️ Ação: 1. Aumente o tamanho do Pagefile. 2. Check memory leaks." + dependencies: + - name: '🧠 Windows: Memória Esgotada' + expression: min(/Windows by Zabbix agent/vm.memory.util,5m)>{$MEMORY.UTIL.MAX} + tags: + - tag: scope + value: performance + graphs: + - uuid: 9749724ae8c24c77bdfdc3e690ab3660 + name: 'Windows: CPU jumps' + graph_items: + - color: 199C0D + item: + host: Windows by Zabbix agent + key: perf_counter_en["\System\Context Switches/sec"] + - sortorder: '1' + color: F63100 + item: + host: Windows by Zabbix agent + key: perf_counter_en["\Processor Information(_total)\% Interrupt Time"] + - uuid: de895639f6d844f495a101276799efa0 + name: 'Windows: CPU usage' + type: STACKED + ymin_type_1: FIXED + ymax_type_1: FIXED + graph_items: + - color: 199C0D + item: + host: Windows by Zabbix agent + key: perf_counter_en["\Processor Information(_total)\% User Time"] + - sortorder: '1' + color: F63100 + item: + host: Windows by Zabbix agent + key: perf_counter_en["\Processor Information(_total)\% Privileged Time"] + - uuid: cfa34662a8b3468486dce4a36fe9ded7 + name: 'Windows: CPU: Utilização Total' + ymin_type_1: FIXED + ymax_type_1: FIXED + graph_items: + - drawtype: GRADIENT_LINE + color: 199C0D + item: + host: Windows by Zabbix agent + key: system.cpu.util + - uuid: ff4e6c6c617f49118766b17ebd733f9d + name: 'Windows: Memória: % de Utilização' + ymin_type_1: FIXED + ymax_type_1: FIXED + graph_items: + - drawtype: GRADIENT_LINE + color: 199C0D + item: + host: Windows by Zabbix agent + key: vm.memory.util + - uuid: 2fffec59d28745c2beda2e15bd907f55 + name: 'Windows: Swap usage' + graph_items: + - color: 199C0D + item: + host: Windows by Zabbix agent + key: system.swap.free + - sortorder: '1' + color: F63100 + item: + host: Windows by Zabbix agent + key: system.swap.size[,total] diff --git a/templates_gold/windows_active_agent/template_windows_gold_ptbr_generated.md b/templates_gold/windows_active_agent/template_windows_gold_ptbr_generated.md new file mode 100644 index 0000000..e6ccd0a --- /dev/null +++ b/templates_gold/windows_active_agent/template_windows_gold_ptbr_generated.md @@ -0,0 +1,118 @@ +# Documentação: Windows by Zabbix agent active + +**Template:** Windows by Zabbix agent active +**Descrição:** +Template Windows Server Gold Edition (Pt-BR). + +Monitoramento Otimizado por Arthur 'O Farol'. +Inclui: RDP, Fila de Disco, Auditoria de Login e traduções completas. + +## Itens Monitorados + +### Itens Globais +- **Nome do Host (Agent)** (`agent.hostname`) +- **Status do Agente Zabbix (Ping)** (`agent.ping`) +- **Versão do Agente Zabbix** (`agent.version`) +- **Memória: Cache Bytes** (`perf_counter_en["\Memory\Cache Bytes"]`) +- **Memória: Entradas de Tabela de Página Livres** (`perf_counter_en["\Memory\Free System Page Table Entries"]`) +- **Memória: Page Faults/seg** (`perf_counter_en["\Memory\Page Faults/sec"]`) +- **Memória: Pages/seg (Swap I/O)** (`perf_counter_en["\Memory\Pages/sec"]`) +- **Memória: Non-paged Pool** (`perf_counter_en["\Memory\Pool Nonpaged Bytes"]`) +- **Swap: % de Uso** (`perf_counter_en["\Paging file(_Total)\% Usage"]`) +- **CPU: Tempo DPC** (`perf_counter_en["\Processor Information(_total)\% DPC Time"]`) +- **CPU: Tempo de Interrupção** (`perf_counter_en["\Processor Information(_total)\% Interrupt Time"]`) +- **CPU: Tempo Privilegiado (Kernel)** (`perf_counter_en["\Processor Information(_total)\% Privileged Time"]`) +- **CPU: Tempo de Usuário** (`perf_counter_en["\Processor Information(_total)\% User Time"]`) +- **CPU: Context Switches/seg** (`perf_counter_en["\System\Context Switches/sec"]`) +- **CPU: Tamanho da Fila (Queue Length)** (`perf_counter_en["\System\Processor Queue Length"]`) +- **Sistema: Número de Threads** (`perf_counter_en["\System\Threads"]`) +- **Sistema: Número de Processos** (`proc.num[]`) +- **CPU: Utilização Total** (`system.cpu.util`) +- **Sistema: Nome do Computador** (`system.hostname`) +- **Sistema: Hora Local** (`system.localtime`) +- **Sistema: Arquitetura do SO** (`system.sw.arch`) +- **Sistema: Versão do SO** (`system.sw.os`) +- **Swap: Espaço Livre** (`system.swap.free`) +- **Swap: Espaço Livre in %** (`system.swap.pfree`) +- **Swap: Espaço Total** (`system.swap.size[,total]`) +- **Sistema: Descrição** (`system.uname`) +- **Sistema: Uptime** (`system.uptime`) +- **Get filesystems** (`vfs.fs.get`) +- **Memória: Total** (`vm.memory.size[total]`) +- **Memória: Usada** (`vm.memory.size[used]`) +- **Memória: % de Utilização** (`vm.memory.util`) +- **Windows: Network interfaces WMI get** (`wmi.getall[root\cimv2,"select Name,Description,NetConnectionID,Speed,AdapterTypeId,NetConnectionStatus,GUID from win32_networkadapter where PhysicalAdapter=True and NetConnectionStatus>0"]`) +- **Hardware: Número de Cores** (`wmi.get[root/cimv2,"Select NumberOfLogicalProcessors from Win32_ComputerSystem"]`) +- **Disponibilidade do Agente Zabbix** (`zabbix[host,agent,disponível]`) +- **RDP: Sessões Ativas (Total)** (`perf_counter_en["\Terminal Services\Total Sessions"]`) +- **Disco: Tamanho da Fila (Queue Length)** (`perf_counter_en["\PhysicalDisk(_Total)\Current Disk Queue Length"]`) +- **Segurança: Falhas de Login (Audit Failure)** (`eventlog[Security,,,,4625]`) + +### Regras de Descoberta (LLD) + +#### Descoberta de interfaces de rede (`net.if.discovery`) + - **Protótipos de Itens:** + - Interface {#IFNAME}: Pacotes Descartados (In) (`net.if.in["{#IFGUID}",dropped]`) + - Interface {#IFNAME}: Erros de Pacote (In) (`net.if.in["{#IFGUID}",errors]`) + - Interface {#IFNAME}: Tráfego de Entrada (`net.if.in["{#IFGUID}"]`) + - Interface {#IFNAME}: Pacotes Descartados (Out) (`net.if.out["{#IFGUID}",dropped]`) + - Interface {#IFNAME}: Erros de Pacote (Out) (`net.if.out["{#IFGUID}",errors]`) + - Interface {#IFNAME}: Tráfego de Saída (`net.if.out["{#IFGUID}"]`) + - Interface {#IFNAME}: Velocidade Negociada (`net.if.speed["{#IFGUID}"]`) + - Interface {#IFNAME}: Status Operacional (`net.if.status["{#IFGUID}"]`) + - Interface {#IFNAME}: Tipo de Interface (`net.if.type["{#IFGUID}"]`) +#### Descoberta de discos físicos (`perf_instance_en.discovery[PhysicalDisk]`) + - **Protótipos de Itens:** + - {#DEVNAME}: Utilização de disco por tempo ocioso (`perf_counter_en["\PhysicalDisk({#DEVNAME})\% Idle Time",60]`) + - {#DEVNAME}: Tamanho médio da fila de leitura (`perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk Read Queue Length",60]`) + - {#DEVNAME}: Tempo médio de espera de leitura (`perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Read",60]`) + - {#DEVNAME}: Tempo médio de espera de escrita (`perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Write",60]`) + - {#DEVNAME}: Tamanho médio da fila de escrita (`perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk Write Queue Length",60]`) + - {#DEVNAME}: Tamanho médio da fila de disco (avgqu-sz) (`perf_counter_en["\PhysicalDisk({#DEVNAME})\Current Disk Queue Length",60]`) + - {#DEVNAME}: Taxa de leitura de disco (`perf_counter_en["\PhysicalDisk({#DEVNAME})\Disk Reads/sec",60]`) + - {#DEVNAME}: Taxa de escrita de disco (`perf_counter_en["\PhysicalDisk({#DEVNAME})\Disk Writes/sec",60]`) +#### Descoberta de serviços Windows (`service.discovery`) + - **Protótipos de Itens:** + - Estado do serviço "{#SERVICE.NAME}" ({#SERVICE.DISPLAYNAME}) (`service.info["{#SERVICE.NAME}",state]`) +#### Descoberta de sistemas de arquivos montados (`vfs.fs.dependent.discovery`) + - **Protótipos de Itens:** + - FS [{#FSLABEL}({#FSNAME})]: Espaço: Disponível (`vfs.fs.dependent.size[{#FSNAME},free]`) + - FS [{#FSLABEL}({#FSNAME})]: Espaço: Usado, em % (`vfs.fs.dependent.size[{#FSNAME},pused]`) + - FS [{#FSLABEL}({#FSNAME})]: Espaço: Total (`vfs.fs.dependent.size[{#FSNAME},total]`) + - FS [{#FSLABEL}({#FSNAME})]: Espaço: Usado (`vfs.fs.dependent.size[{#FSNAME},used]`) + - FS [{#FSLABEL}({#FSNAME})]: Obter dados (`vfs.fs.dependent[{#FSNAME},data]`) + +## Alertas (Triggers) + +### Triggers Globais +- [WARNING] **⚠️ Windows: Esgotamento de Tabela de Páginas** +- [WARNING] **⚠️ Windows: Excesso de Paginação (Swap)** +- [WARNING] **⚠️ Windows: CPU com muitas Interrupções (Hardware?)** +- [WARNING] **⚠️ Windows: Uso Elevado de Kernel (Privileged Time)** +- [WARNING] **🔥 Windows: Uso de CPU Crítico** +- [INFO] **ℹ️ Windows: Nome do Host Mudou** +- [WARNING] **⚠️ Windows: Hora do Sistema Dessincronizada** +- [INFO] **ℹ️ Windows: SO Atualizado/Alterado** +- [WARNING] **⚠️ Windows: Servidor Reiniciou** +- [AVERAGE] **🧠 Windows: Memória Esgotada** +- [AVERAGE] **🚨 Windows: Agente Zabbix Indisponível** +- [WARNING] **⚠️ Windows: Muitas Sessões RDP Ativas** +- [AVERAGE] **🐢 Windows: Disco Lento (Queue Length Alta)** +- [HIGH] **👮 Windows: Possível Brute Force (Falhas de Login)** + +### Protótipos de Triggers (LLD) + +**Regra: Descoberta de interfaces de rede** +- [AVERAGE] **🚨 Interface {#IFNAME}: Link Down** + +**Regra: Descoberta de discos físicos** +- [WARNING] **🔥 Windows: Disco Saturado (I/O) em {#DEVNAME}** +- [WARNING] **⚠️ Windows: Latência de Leitura Alta em {#DEVNAME}** +- [WARNING] **⚠️ Windows: Latência de Escrita Alta em {#DEVNAME}** + +**Regra: Descoberta de serviços Windows** +- [AVERAGE] **🚨 Windows: Serviço Crítico Parado: {#SERVICE.DISPLAYNAME} ({#SERVICE.NAME})** + +**Regra: Descoberta de sistemas de arquivos montados** +- [AVERAGE] **🚨 Windows: Disco Crítico em {#FSNAME} ({#FSLABEL})** +- [WARNING] **⚠️ Windows: Disco Cheio em {#FSNAME} ({#FSLABEL})** diff --git a/translate_windows_template.py b/translate_windows_template.py new file mode 100644 index 0000000..6485a1d --- /dev/null +++ b/translate_windows_template.py @@ -0,0 +1,236 @@ +import yaml +import sys +import re + +# File Paths +SOURCE_FILE = r"C:\Users\joao.goncalves\Desktop\zabbix-itguys\templates_gold\windows_active_agent\template_windows_gold_ptbr.yaml" +TARGET_FILE = r"C:\Users\joao.goncalves\Desktop\zabbix-itguys\templates_gold\windows_active_agent\template_windows_gold_ptbr.yaml" # Overwrite + +# Translations Dictionary +TRANSLATIONS = { + # Items & General Descriptions + 'The agent always returns "1" for this item. May be used in combination with `nodata()` for the availability check.': 'O agente sempre retorna "1" para este item. Pode ser usado com `nodata()` para verificação de disponibilidade.', + 'Cache Bytes is the sum of the Memory\\System Cache Resident Bytes, Memory\\System Driver Resident Bytes, Memory\\System Code Resident Bytes, and Memory\\Pool Paged Resident Bytes counters. This counter displays the last observed value only; it is not an average.': 'Cache Bytes é a soma dos bytes residentes do Cache do Sistema, Drivers, Código e Pool Paged. Mostra apenas o último valor observado, não a média.', + 'This indicates the number of page table entries not currently in use by the system. If the number is less than 5,000, there may be a memory leak or you running out of memory.': 'Indica o número de entradas da tabela de páginas não utilizadas. Se menor que 5.000, pode haver vazamento de memória.', + 'Page Faults/sec is the average number of pages faulted per second. It is measured in number of pages faulted per second because only one page is faulted in each fault operation, hence this is also equal to the number of page fault operations. This counter includes both hard faults (those that require disk access) and soft faults (where the faulted page is found elsewhere in physical memory.) Most processors can handle large numbers of soft faults without significant consequence. However, hard faults, which require disk access, can cause significant delays.': 'Page Faults/seg é a média de falhas de página por segundo. Inclui falhas hard (disco) e soft (memória). Falhas hard causam atrasos significativos.', + 'This measures the rate at which pages are read from or written to disk to resolve hard page faults.': 'Mede a taxa de leitura/escrita de páginas no disco para resolver hard faults.', + 'If the value is greater than 1,000, as a result of excessive paging, there may be a memory leak.': 'Se > 1.000, indica paginação excessiva e possível vazamento de memória.', + 'The Memory Pages/sec in the last 5 minutes exceeds `{$MEM.PAGE_SEC.CRIT.MAX}`. If the value is greater than 1,000, as a result of excessive paging, there may be a memory leak.': 'A taxa de Pages/sec excedeu `{$MEM.PAGE_SEC.CRIT.MAX}` nos últimos 5m. Se > 1.000, indica possível vazamento de memória.', + 'This measures the size, in bytes, of the non-paged pool. This is an area of system memory for objects that cannot be written to disk but instead must remain in physical memory as long as they are allocated.': 'Mede o tamanho (bytes) do pool não paginado (memória física obrigatória).', + 'There is a possible memory leak if the value is greater than 175MB (or 100MB with the /3GB switch). Consequently, Event ID 2019 is recorded in the system event log.': 'Possível vazamento se > 175MB (Event ID 2019).', + 'The used space of swap volume/file in percent.': 'Espaço usado do arquivo de swap em porcentagem.', + 'Processor DPC time is the time that a single processor spent receiving and servicing deferred procedure calls (DPCs). DPCs are interrupts that run at a lower priority than standard interrupts. `% DPC Time` is a component of `% Privileged Time` because DPCs are executed in privileged mode. If a high `% DPC Time` is sustained, there may be a processor bottleneck or an application or hardware related issue that can significantly diminish overall system performance.': 'Tempo de DPC é o tempo gasto em chamadas de procedimento diferido (DPCs). Alto uso constante indica gargalo de CPU, driver ou hardware.', + 'The processor information `% Interrupt Time` counter indicates how much time the processor spends handling hardware interrupts during sample intervals. It reflects the activity of devices like the system clock, mouse, disk drivers, and network cards. A value above 20% suggests possible hardware issues.': 'Tempo de Interrupção indica tempo da CPU tratando interrupções de hardware (mouse, disco, rede). Acima de 20% sugere problemas de hardware.', + 'The CPU Interrupt Time in the last 5 minutes exceeds `{$CPU.INTERRUPT.CRIT.MAX}`%.': 'O Tempo de Interrupção da CPU nos últimos 5 minutos excede `{$CPU.INTERRUPT.CRIT.MAX}`%.', + 'The processor information `% Privileged Time` counter shows the percent of time that the processor is spent executing in Kernel (or Privileged) mode. Privileged mode includes services interrupts inside Interrupt Service Routines (ISRs), executing Deferred Procedure Calls (DPCs), Device Driver calls and other kernel-mode functions of the Windows Operating System.': 'Tempo Privilegiado mostra % de tempo da CPU em modo Kernel (Drivers, DPCs, ISRs).', + 'The CPU: Tempo Privilegiado (Kernel) in the last 5 minutes exceeds {$CPU.PRIV.CRIT.MAX}%.': 'O Tempo Privilegiado (Kernel) da CPU excede {$CPU.PRIV.CRIT.MAX}% nos últimos 5m.', + 'The processor information `% User Time` counter shows the percent of time that the processor(s) is spent executing in User mode.': 'Tempo de Usuário mostra % de tempo da CPU em modo Usuário (Aplicações).', + 'Context Switches/sec is the combined rate at which all processors on the computer are switched from one thread to another.': 'Context Switches/sec é a taxa de troca de threads nos processadores.', + 'Context switches occur when a running thread voluntarily relinquishes the processor, is preempted by a higher priority ready thread, or switches between user-mode and privileged (kernel) mode to use an Executive or subsystem service.': 'Ocorre quando threads cedem lugar a outras ou alternam modos.', + 'It is the sum of Thread\\Context Switches/sec for all threads running on all processors in the computer and is measured in numbers of switches.': 'É a soma de trocas de contexto para todas as threads.', + 'There are context switch counters on the System and Thread objects. This counter displays the difference between the values observed in the last two samples, divided by the duration of the sample interval.': 'Mostra a diferença entre amostras dividida pelo intervalo.', + 'The Processor Queue Length shows the number of threads that are observed as delayed in the processor Ready Queue and are waiting to be executed.': 'Processor Queue Length mostra threads aguardando execução na fila da CPU.', + 'The number of threads used by all running processes.': 'Número total de threads usadas por todos os processos.', + 'The number of processes.': 'Número total de processos em execução.', + 'CPU: Utilização Total expressed in %.': 'Utilização Total da CPU expressa em %.', + 'The host name of the system.': 'Nome do host do sistema.', + 'The name of the system has changed. Acknowledge to close the problem manually.': 'O nome do sistema mudou. Reconheça para fechar o problema manualmente.', + 'The local system time of the host.': 'Hora local do sistema.', + 'The architecture of the operating system.': 'Arquitetura do sistema operacional.', + 'The description of the operating system has changed. Possible reasons are that the system has been updated or replaced. Acknowledge to close the problem manually.': 'A descrição do SO mudou. O sistema pode ter sido atualizado. Reconheça para fechar.', + 'The free space of the swap volume/file expressed in bytes.': 'Espaço livre do arquivo de swap em bytes.', + 'The free space of the swap volume/file expressed in %.': 'Espaço livre do arquivo de swap em %.', + 'The total space of the swap volume/file expressed in bytes.': 'Tamanho total do arquivo de swap em bytes.', + 'Sistema: Descrição of the host.': 'Descrição do sistema operacional do host.', + 'The system uptime expressed in the following format: "N days, hh:mm:ss".': 'Tempo de atividade do sistema no formato: "N dias, hh:mm:ss".', + 'The `vfs.fs.get` key acquires raw information set about the filesystems. Later to be extracted by preprocessing in dependent items.': 'A chave `vfs.fs.get` adquire informações brutas sobre sistemas de arquivos para pré-processamento.', + 'Memória: Total expressed in bytes.': 'Memória total expressa em bytes.', + 'Memória: Usada in bytes.': 'Memória usada em bytes.', + 'Memória: % de Utilização in %.': 'Porcentagem de memória utilizada.', + 'Raw data of `win32_networkadapter.`': 'Dados brutos de `win32_networkadapter`.', + 'The number of logical processors available on the computer.': 'Número de processadores lógicos disponíveis.', + 'Used for monitoring the availability status of the agent.': 'Usado para monitorar a disponibilidade do agente.', + + # Discovery Rules & Prototypes + 'Discovery of installed network interfaces.': 'Descoberta de interfaces de rede instaladas.', + 'The number of incoming packets dropped on the network interface.': 'Número de pacotes de entrada descartados na interface.', + 'The number of incoming packets with errors on the network interface.': 'Número de pacotes de entrada com erros na interface.', + 'Incoming traffic on the network interface.': 'Tráfego de entrada na interface de rede.', + 'The number of outgoing packets dropped on the network interface.': 'Número de pacotes de saída descartados na interface.', + 'The number of outgoing packets with errors on the network interface.': 'Número de pacotes de saída com erros na interface.', + 'Outgoing traffic on the network interface.': 'Tráfego de saída na interface de rede.', + 'Estimated bandwidth of the network interface if any.': 'Largura de banda estimada da interface de rede.', + 'The operational status of the network interface.': 'Status operacional da interface de rede.', + 'This trigger expression works as follows:': 'Esta trigger funciona assim:', + '1. It can be triggered if the operations status is down.': '1. Dispara se o status operacional for Down.', + '2. `{$IFCONTROL:"{#IFNAME}"}=1` - a user can redefine the context macro to "0", marking this interface as not important.': '2. `{$IFCONTROL:"{#IFNAME}"}=1` - defina a macro como "0" para ignorar esta interface.', + 'Used for the discovery of Windows services of different types as defined in the template\'s macros.': 'Descoberta de serviços Windows baseada nas macros do template.', + 'The service has a state other than "Running" for the last three times.': 'O serviço não está no estado "Running" nas últimas 3 verificações.', + 'Discovery of filesystems of different types.': 'Descoberta de sistemas de arquivos.', + 'Available storage space expressed in bytes.': 'Espaço disponível em bytes.', + 'Calculated as the percentage of currently used space compared to the maximum available space.': 'Calculado como porcentagem de espaço usado em relação ao total.', + 'The volume\'s space usage exceeds the `{$VFS.FS.PUSED.MAX.CRIT:"{#FSNAME}"}%` limit.': 'O uso do volume excede o limite crítico `{$VFS.FS.PUSED.MAX.CRIT:"{#FSNAME}"}%`.', + 'The trigger expression is based on the current used and maximum available spaces.': 'A trigger baseia-se no espaço usado e máximo disponível.', + 'Event name represents the total volume space, which can differ from the maximum available space, depending on the filesystem type.': 'O nome do evento mostra o espaço total, que pode diferir do disponível dependendo do sistema de arquivos.', + 'The volume\'s space usage exceeds the `{$VFS.FS.PUSED.MAX.WARN:"{#FSNAME}"}%` limit.': 'O uso do volume excede o limite de aviso `{$VFS.FS.PUSED.MAX.WARN:"{#FSNAME}"}%`.', + 'Total space expressed in bytes.': 'Espaço total em bytes.', + 'Used storage expressed in bytes.': 'Espaço usado em bytes.', + 'Intermediate data of `{#FSNAME}` filesystem.': 'Dados intermediários do sistema de arquivos `{#FSNAME}`.', + + # Macros Section + 'Timeout after which agent is considered unavailable. Works only for agents reachable from Zabbix server/proxy (passive mode).': 'Timeout para considerar agente indisponível (apenas modo passivo).', + 'The critical threshold of the % Interrupt Time counter.': 'Limiar crítico para % Interrupt Time.', + 'The threshold of the % Privileged Time counter.': 'Limiar crítico para % Privileged Time.', + 'The threshold of the Processor Queue Length counter.': 'Limiar para Processor Queue Length.', + 'The critical threshold of the CPU: Utilização Total expressed in %.': 'Limiar crítico para Utilização Total da CPU (%).', + 'Warning threshold of error packet rate. Can be used with interface name as context.': 'Limiar de aviso para taxa de erros de pacote.', + 'Used as a threshold in the interface utilization trigger.': 'Limiar para trigger de utilização de interface.', + 'Macro for the interface operational state for the "link down" trigger. Can be used with interface name as context.': 'Macro para estado operacional (trigger link down). Use 0 para desativar.', + 'The warning threshold of the Memory Pages/sec counter.': 'Limiar de aviso para Memory Pages/sec.', + 'The warning threshold of the Free System Page Table Entries counter.': 'Limiar de aviso para Free System Page Table Entries.', + 'The warning threshold of the Memory util item.': 'Limiar de aviso para uso de memória.', + 'Used in Network interface discovery. Can be overridden on the host or linked template level.': 'Usado na descoberta de interface de rede. Pode ser sobrescrito.', + 'Used in Service discovery. Can be overridden on the host or linked template level.': 'Usado na descoberta de serviços. Pode ser sobrescrito.', + 'The warning threshold of the minimum free swap.': 'Limiar de aviso para swap livre mínimo.', + 'The upper threshold for difference of system time.': 'Limiar superior para diferença de tempo do sistema.', + 'The lower threshold for difference of system time. Used in recovery expression to avoid trigger flapping.': 'Limiar inferior para diferença de tempo (recuperação).', + 'Used in physical disk discovery. Can be overridden on the host or linked template level.': 'Usado na descoberta de disco físico.', + 'Disk read average response time (in s) before the trigger fires.': 'Tempo médio de leitura (s) para disparar trigger.', + 'The warning threshold of disk time utilization in percent.': 'Limiar de aviso para utilização de disco (%).', + 'Disk write average response time (in s) before the trigger fires.': 'Tempo médio de escrita (s) para disparar trigger.', + 'Used in filesystem discovery. Can be overridden on the host or linked template level.': 'Usado na descoberta de sistema de arquivos.', + 'The critical threshold of the filesystem utilization.': 'Limiar crítico de utilização do sistema de arquivos.', + 'The warning threshold of the filesystem utilization.': 'Limiar de aviso de utilização do sistema de arquivos.', + 'The CPU Queue Length in the last 5 minutes exceeds `{$CPU.QUEUE.CRIT.MAX}`. According to actual observations, PQL should not exceed the number of cores * 2. To fine-tune the conditions, use the macro `{$CPU.QUEUE.CRIT.MAX }`.': 'A fila da CPU excedeu `{$CPU.QUEUE.CRIT.MAX}` nos últimos 5m. Idealmente PQL < Cores * 2.', + 'This trigger is ignored, if there is no swap configured': 'Esta trigger é ignorada se não houver swap configurado.', + + # Missing Discovery Prototypes (Added in V2) + '{#DEVNAME}: Disk utilization by idle time': '{#DEVNAME}: Utilização de disco por tempo ocioso', + '{#DEVNAME}: Average disk read queue length': '{#DEVNAME}: Tamanho médio da fila de leitura', + '{#DEVNAME}: Disk read request avg waiting time': '{#DEVNAME}: Tempo médio de espera de leitura', + '{#DEVNAME}: Disk write request avg waiting time': '{#DEVNAME}: Tempo médio de espera de escrita', + '{#DEVNAME}: Average disk write queue length': '{#DEVNAME}: Tamanho médio da fila de escrita', + '{#DEVNAME}: Disk average queue size (avgqu-sz)': '{#DEVNAME}: Tamanho médio da fila de disco (avgqu-sz)', + '{#DEVNAME}: Disk read rate': '{#DEVNAME}: Taxa de leitura de disco', + '{#DEVNAME}: Disk write rate': '{#DEVNAME}: Taxa de escrita de disco', + 'State of service "{#SERVICE.NAME}" ({#SERVICE.DISPLAYNAME})': 'Estado do serviço "{#SERVICE.NAME}" ({#SERVICE.DISPLAYNAME})', + 'FS [{#FSLABEL}({#FSNAME})]: Space: Available': 'FS [{#FSLABEL}({#FSNAME})]: Espaço: Disponível', + 'FS [{#FSLABEL}({#FSNAME})]: Space: Used, in %': 'FS [{#FSLABEL}({#FSNAME})]: Espaço: Usado, em %', + 'FS [{#FSLABEL}({#FSNAME})]: Space: Total': 'FS [{#FSLABEL}({#FSNAME})]: Espaço: Total', + 'FS [{#FSLABEL}({#FSNAME})]: Space: Used': 'FS [{#FSLABEL}({#FSNAME})]: Espaço: Usado', + 'FS [{#FSLABEL}({#FSNAME})]: Get data': 'FS [{#FSLABEL}({#FSNAME})]: Obter dados', + 'Windows: {#DEVNAME}: Disk is overloaded': 'Windows: {#DEVNAME}: Disco sobrecarregado', + 'Windows: {#DEVNAME}: Disk read request responses are too high': 'Windows: {#DEVNAME}: Tempo de resposta de leitura muito alto', + 'Windows: {#DEVNAME}: Disk write request responses are too high': 'Windows: {#DEVNAME}: Tempo de resposta de escrita muito alto', + 'Windows: "{#SERVICE.NAME}" ({#SERVICE.DISPLAYNAME}) is not running': 'Windows: "{#SERVICE.NAME}" ({#SERVICE.DISPLAYNAME}) não está rodando', + 'Windows: FS [{#FSLABEL}({#FSNAME})]: Space is critically low': 'Windows: FS [{#FSLABEL}({#FSNAME})]: Espaço criticamente baixo', + 'Windows: FS [{#FSLABEL}({#FSNAME})]: Space is low': 'Windows: FS [{#FSLABEL}({#FSNAME})]: Espaço baixo', + + # Trigger Descriptions + 'The volume\'s space usage exceeds the `{$VFS.FS.PUSED.MAX.CRIT:"{#FSNAME}"}%` limit.': 'O uso de espaço do volume excede o limite crítico de `{$VFS.FS.PUSED.MAX.CRIT:"{#FSNAME}"}%`.', + 'The volume\'s space usage exceeds the `{$VFS.FS.PUSED.MAX.WARN:"{#FSNAME}"}%` limit.': 'O uso de espaço do volume excede o limite de aviso de `{$VFS.FS.PUSED.MAX.WARN:"{#FSNAME}"}%`.', + + # Remaining Triggers + 'Windows: CPU: Tamanho da Fila (Queue Length) is too high': 'Windows: CPU: Tamanho da Fila (Queue Length) muito alto', + 'Windows: CPU: Tamanho da Fila (Queue Length) is too high (over {$CPU.QUEUE.CRIT.MAX} for 5m)': 'Windows: CPU: Tamanho da Fila (Queue Length) muito alto (acima de {$CPU.QUEUE.CRIT.MAX} por 5m)', + 'Windows: High swap space usage': 'Windows: Uso de Swap Elevado', + 'Windows: High swap space usage (less than {$SWAP.PFREE.MIN.WARN}% free)': 'Windows: Uso de Swap Elevado (menos de {$SWAP.PFREE.MIN.WARN}% livre)', + + # Network Trigger Descriptions (Arthur Style) + 'The utilization of the network interface is close to its estimated maximum bandwidth.': + '⚠️ Uso de banda elevado.\n\n📉 Impacto: A interface atingiu o limite de tráfego. O acesso ao servidor ficará lento e pacotes podem ser descartados.\n🛠️ Ação: 1. Identifique qual processo/usuário está consumindo banda. 2. Avalie necessidade de upgrade de link.', + + 'This Ethernet connection has transitioned down from its known maximum speed. This might be a sign of autonegotiation issues. Acknowledge to close the problem manually.': + '⚠️ A velocidade da interface caiu (Ex: 1Gb -> 100Mb).\n\n📉 Impacto: Lentidão na transferência de dados.\n🛠️ Ação: 1. Verifique a categoria do cabo (Cat5e/Cat6). 2. Verifique configurações de Duplex/Speed no switch e servidor.', + + 'It recovers when it is below 80% of the `{$IF.ERRORS.WARN:"{#IFNAME}"}` threshold.': + '⚠️ Erros de transmissão detectados.\n\n📉 Impacto: Perda de pacotes, retransmissões e lentidão.\n🛠️ Ação: 1. Substitua o cabo de rede. 2. Teste outra porta no switch.', + + # Disk Trigger Descriptions (Arthur Style) + 'The disk appears to be under heavy load.': + '⚠️ Disco operando perto da capacidade máxima.\n\n📉 Impacto: Lentidão geral no sistema, aplicações travando e demora para buscar arquivos.\n🛠️ Ação: 1. Verifique quais processos estão consumindo I/O (Resource Monitor). 2. Considere mover arquivos para outro disco ou upgrade para SSD.', + + 'This trigger might indicate the disk {#DEVNAME} saturation.': + '⚠️ Latência alta no disco (Lentidão).\n\n📉 Impacto: O sistema demora para ler/gravar dados. Bancos de dados e sistemas de arquivos serão afetados.\n🛠️ Ação: 1. Verifique saúde do disco (SMART/Event Log). 2. Verifique se há backup ou antivírus rodando no momento.', + + # Event Names + 'for 5m)': 'por 5m)', + + # Discovery Rule Names + 'Network interfaces discovery': 'Descoberta de interfaces de rede', + 'Physical disks discovery': 'Descoberta de discos físicos', + 'Windows services discovery': 'Descoberta de serviços Windows', + 'Mounted filesystem discovery': 'Descoberta de sistemas de arquivos montados', + + # Disk Graph Prototypes + '{#DEVNAME}: Disk average queue length': '{#DEVNAME}: Tamanho médio da fila de disco', + '{#DEVNAME}: Disk average waiting time': '{#DEVNAME}: Tempo médio de espera do disco', + '{#DEVNAME}: Disk read/write rates': '{#DEVNAME}: Taxas de leitura/escrita do disco', + '{#DEVNAME}: Disk utilization and queue': '{#DEVNAME}: Utilização e fila do disco', + + # Disk Item Descriptions + 'Rate of read operations on the disk.': 'Taxa de operações de leitura no disco.', + 'Rate of write operations on the disk.': 'Taxa de operações de escrita no disco.', + 'The disk is idle.': 'O disco está ocioso.', + + # ValueMaps + 'Disconnected': 'Desconectado', + 'Connecting': 'Conectando', + 'Connected': 'Conectado', + 'Disconnecting': 'Desconectando', + 'Hardware Not Present': 'Hardware Ausente', + 'Hardware Disabled': 'Hardware Desabilitado', + 'Hardware Malfunction': 'Falha de Hardware', + 'Media Disconnected': 'Mídia Desconectada', + 'Authenticating': 'Autenticando', + 'Authentication Succeeded': 'Autenticação com Sucesso', + 'Authentication Failed': 'Falha na Autenticação', + 'Invalid Address': 'Endereço Inválido', + 'Credentials Required': 'Credenciais Necessárias', + 'Running': 'Em Execução', + 'Paused': 'Pausado', + 'Start pending': 'Início Pendente', + 'Pause pending': 'Pausa Pendente', + 'Continue pending': 'Continuação Pendente', + 'Stop pending': 'Parada Pendente', + 'Stopped': 'Parado', + 'No such service': 'Serviço Inexistente', + 'not available': 'indisponível', + 'available': 'disponível', + 'unknown': 'desconhecido', + # 'Up': 'Operante', # Skipping 'Up' as it might be too generic and replace things it shouldn't +} + +def translate_yaml(file_path): + print(f"Loading {file_path}...") + try: + with open(file_path, 'r', encoding='utf-8') as f: + content = f.read() + except Exception as e: + print(f"Error reading file: {e}") + return + + # Simple string replacement for safety and retaining structure + # This avoids YAML re-formating issues (like flow style vs block style) + count = 0 + for eng, pt in TRANSLATIONS.items(): + if eng in content: + # Check if it's actually in a valid context (basic check) + # We assume the English strings are unique enough + new_content = content.replace(eng, pt) + if new_content != content: + content = new_content + count += 1 + # print(f"Translated: {eng[:30]}... -> {pt[:30]}...") + + print(f"Applied {count} translations.") + + try: + with open(file_path, 'w', encoding='utf-8') as f: + f.write(content) + print(f"Saved translated file to {file_path}") + except Exception as e: + print(f"Error writing file: {e}") + +if __name__ == "__main__": + translate_yaml(TARGET_FILE)