joao.goncalves
/
templates-zabbix-itguys
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
templates-zabbix-itguys/templates_gold/windows_active_agent/template_windows_gold_ptbr....

1962 lines
76 KiB
YAML
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

zabbix_export:
version: '7.0'
template_groups:
- uuid: 37ea805025154df09fceb1e422361526
name: 'Templates/Sistema: Versão do SOs'
templates:
- uuid: 5fdd2ca8b8f84962aaea5a218b46ea7d
template: Windows by Zabbix agent
name: Windows by Zabbix agent active
description: 'Template Windows Server Gold Edition (Pt-BR).
Monitoramento Otimizado por Arthur ''O Farol''.
Inclui: RDP, Fila de Disco, Auditoria de Login e traduções completas.'
groups:
- name: 'Templates/Sistema: Versão do SOs'
items:
- uuid: 042ce35b908748c8bdd322f818c52c85
name: Nome do Host (Agent)
key: agent.hostname
delay: 1h
value_type: CHAR
trends: '0'
preprocessing:
- type: DISCARD_UNCHANGED_HEARTBEAT
parameters:
- 1d
tags:
- tag: component
value: system
type: ZABBIX_ACTIVE
- uuid: bd8864ac5450401b9ad479c1ee455805
name: Status do Agente Zabbix (Ping)
key: agent.ping
description: O agente sempre retorna "1" para este item. Pode ser usado com `nodata()` para verificação de disponibilidade.
valuemap:
name: Status do Agente Zabbix (Ping) status
tags:
- tag: component
value: system
type: ZABBIX_ACTIVE
- uuid: 41cec8b443a94efc9ebca6f66c46ad8a
name: Versão do Agente Zabbix
key: agent.version
delay: 1h
value_type: CHAR
trends: '0'
preprocessing:
- type: DISCARD_UNCHANGED_HEARTBEAT
parameters:
- 1d
tags:
- tag: component
value: application
type: ZABBIX_ACTIVE
- uuid: 20dceb831b1a4d63af7635656239c495
name: 'Memória: Cache Bytes'
key: perf_counter_en["\Memory\Cache Bytes"]
units: B
description: Cache Bytes is the sum of the Memory\\System Cache Resident Bytes, Memory\\System Driver Resident Bytes, Memory\\System Code Resident Bytes, and Memory\\Pool Paged Resident Bytes counters. This counter displays the last observed value only; it is not an average.
tags:
- tag: component
value: memory
type: ZABBIX_ACTIVE
- uuid: 71bb18af403248c7818d16444a2eec06
name: 'Memória: Entradas de Tabela de Página Livres'
key: perf_counter_en["\Memory\Free System Page Table Entries"]
description: Indica o número de entradas da tabela de páginas não utilizadas. Se menor que 5.000, pode haver vazamento de memória.
tags:
- tag: component
value: memory
triggers:
- uuid: 1c04264fd3b043329362c4281bfe3d95
expression: max(/Windows by Zabbix agent/perf_counter_en["\Memory\Free System Page Table Entries"],5m)<{$MEM.PAGE_TABLE_CRIT.MIN}
name: '⚠️ Windows: Esgotamento de Tabela de Páginas'
event_name: '⚠️ Windows: Esgotamento de Tabela de Páginas (less {$MEM.PAGE_TABLE_CRIT.MIN} por 5m)'
priority: WARNING
description: '`Memory\Free System Page Table Entries` has been less than `{$MEM.PAGE_TABLE_CRIT.MIN}` for 5 minutes. If the number is less than 5,000, there may be a memory leak.'
dependencies:
- name: '🧠 Windows: Memória Esgotada'
expression: min(/Windows by Zabbix agent/vm.memory.util,5m)>{$MEMORY.UTIL.MAX}
tags:
- tag: scope
value: capacity
type: ZABBIX_ACTIVE
- uuid: 19ec57305ba34ed890e2e4c8a500a214
name: 'Memória: Page Faults/seg'
key: perf_counter_en["\Memory\Page Faults/sec"]
value_type: FLOAT
description: Page Faults/seg é a média de falhas de página por segundo. Inclui falhas hard (disco) e soft (memória). Falhas hard causam atrasos significativos.
tags:
- tag: component
value: memory
type: ZABBIX_ACTIVE
- uuid: 920faa3a434d46d48f99395e16ef04ec
name: 'Memória: Pages/seg (Swap I/O)'
key: perf_counter_en["\Memory\Pages/sec"]
value_type: FLOAT
description: 'Mede a taxa de leitura/escrita de páginas no disco para resolver hard faults.
Se > 1.000, indica paginação excessiva e possível vazamento de memória.
'
tags:
- tag: component
value: memory
triggers:
- uuid: 37912bf2eb8d40e99ab861508707e632
expression: min(/Windows by Zabbix agent/perf_counter_en["\Memory\Pages/sec"],5m)>{$MEM.PAGE_SEC.CRIT.MAX}
name: '⚠️ Windows: Excesso de Paginação (Swap)'
event_name: '⚠️ Windows: Excesso de Paginação (Swap) (over {$MEM.PAGE_SEC.CRIT.MAX} por 5m)'
priority: WARNING
description: The Memory Pages/sec in the last 5 minutes exceeds `{$MEM.PAGE_SEC.CRIT.MAX}`. Se > 1.000, indica paginação excessiva e possível vazamento de memória.
dependencies:
- name: '🧠 Windows: Memória Esgotada'
expression: min(/Windows by Zabbix agent/vm.memory.util,5m)>{$MEMORY.UTIL.MAX}
tags:
- tag: scope
value: capacity
type: ZABBIX_ACTIVE
- uuid: 3af0a0717da747849c2b5a2ebfa61a2c
name: 'Memória: Non-paged Pool'
key: perf_counter_en["\Memory\Pool Nonpaged Bytes"]
units: B
description: 'Mede o tamanho (bytes) do pool não paginado (memória física obrigatória).
Possível vazamento se > 175MB (Event ID 2019).
'
tags:
- tag: component
value: memory
type: ZABBIX_ACTIVE
- uuid: 4f7b86eff6c84193a2f9187fff578416
name: 'Swap: % de Uso'
key: perf_counter_en["\Paging file(_Total)\% Usage"]
value_type: FLOAT
units: '%'
description: Espaço usado do arquivo de swap em porcentagem.
tags:
- tag: component
value: memory
- tag: component
value: storage
type: ZABBIX_ACTIVE
- uuid: 553249b52ca7492c87386d051ec53db9
name: 'CPU: Tempo DPC'
key: perf_counter_en["\Processor Information(_total)\% DPC Time"]
value_type: FLOAT
units: '%'
description: Tempo de DPC é o tempo gasto em chamadas de procedimento diferido (DPCs). Alto uso constante indica gargalo de CPU, driver ou hardware.
tags:
- tag: component
value: cpu
type: ZABBIX_ACTIVE
- uuid: 32a32b9fea5d49989668a96bc52db87b
name: 'CPU: Tempo de Interrupção'
key: perf_counter_en["\Processor Information(_total)\% Interrupt Time"]
value_type: FLOAT
units: '%'
description: Tempo de Interrupção indica tempo da CPU tratando interrupções de hardware (mouse, disco, rede). Acima de 20% sugere problemas de hardware.
tags:
- tag: component
value: cpu
triggers:
- uuid: 08c6ec9e46c8492ea491f711b9333e26
expression: min(/Windows by Zabbix agent/perf_counter_en["\Processor Information(_total)\% Interrupt Time"],5m)>{$CPU.INTERRUPT.CRIT.MAX}
name: '⚠️ Windows: CPU com muitas Interrupções (Hardware?)'
event_name: '⚠️ Windows: CPU com muitas Interrupções (Hardware?) (over {$CPU.INTERRUPT.CRIT.MAX}% por 5m)'
priority: WARNING
description: O Tempo de Interrupção da CPU nos últimos 5 minutos excede `{$CPU.INTERRUPT.CRIT.MAX}`%.
dependencies:
- name: '🔥 Windows: Uso de CPU Crítico'
expression: min(/Windows by Zabbix agent/system.cpu.util,5m)>{$CPU.UTIL.CRIT}
tags:
- tag: scope
value: performance
type: ZABBIX_ACTIVE
- uuid: 0747e92e52cc4a6a9b83c6f94889bff1
name: 'CPU: Tempo Privilegiado (Kernel)'
key: perf_counter_en["\Processor Information(_total)\% Privileged Time"]
value_type: FLOAT
units: '%'
description: Tempo Privilegiado mostra % de tempo da CPU em modo Kernel (Drivers, DPCs, ISRs).
tags:
- tag: component
value: cpu
triggers:
- uuid: 816b61b823a84c54906c692e7a0917ce
expression: min(/Windows by Zabbix agent/perf_counter_en["\Processor Information(_total)\% Privileged Time"],5m)>{$CPU.PRIV.CRIT.MAX}
name: '⚠️ Windows: Uso Elevado de Kernel (Privileged Time)'
event_name: '⚠️ Windows: Uso Elevado de Kernel (Privileged Time) (over {$CPU.PRIV.CRIT.MAX}% por 5m)'
priority: WARNING
description: 'O Tempo Privilegiado (Kernel) da CPU excede {$CPU.PRIV.CRIT.MAX}% nos últimos 5m.'
dependencies:
- name: '⚠️ Windows: CPU com muitas Interrupções (Hardware?)'
expression: min(/Windows by Zabbix agent/perf_counter_en["\Processor Information(_total)\% Interrupt Time"],5m)>{$CPU.INTERRUPT.CRIT.MAX}
- name: '🔥 Windows: Uso de CPU Crítico'
expression: min(/Windows by Zabbix agent/system.cpu.util,5m)>{$CPU.UTIL.CRIT}
tags:
- tag: scope
value: performance
type: ZABBIX_ACTIVE
- uuid: 954a81efad4c4791bee052194b900268
name: 'CPU: Tempo de Usuário'
key: perf_counter_en["\Processor Information(_total)\% User Time"]
value_type: FLOAT
units: '%'
description: Tempo de Usuário mostra % de tempo da CPU em modo Usuário (Aplicações).
tags:
- tag: component
value: cpu
type: ZABBIX_ACTIVE
- uuid: f23957a6fb9a44a3a7010b19b16e77b5
name: 'CPU: Context Switches/seg'
key: perf_counter_en["\System\Context Switches/sec"]
value_type: FLOAT
description: 'Context Switches/sec é a taxa de troca de threads nos processadores.
Ocorre quando threads cedem lugar a outras ou alternam modos.
It is the sum of Thread\\Context Switches/sec for all threads running on all processors in the computer and is measured in numbers of switches.
Mostra a diferença entre amostras dividida pelo intervalo.
'
tags:
- tag: component
value: cpu
type: ZABBIX_ACTIVE
- uuid: c1da358e5c8f40279c703d93896aa571
name: 'CPU: Tamanho da Fila (Queue Length)'
key: perf_counter_en["\System\Processor Queue Length"]
value_type: FLOAT
description: Processor Queue Length mostra threads aguardando execução na fila da CPU.
tags:
- tag: component
value: cpu
type: ZABBIX_ACTIVE
- uuid: c738b97ec0dc49f380ed0e4a27ae9bb6
name: 'Sistema: Número de Threads'
key: perf_counter_en["\System\Threads"]
description: Número total de threads usadas por todos os processos.
tags:
- tag: component
value: os
type: ZABBIX_ACTIVE
- uuid: 5229689338ae4a559d3c94a98032131e
name: 'Sistema: Número de Processos'
key: proc.num[]
description: Número total de processos em execução.
tags:
- tag: component
value: os
type: ZABBIX_ACTIVE
- uuid: 0f3ffe45092d461a91a1296cd6cfb19f
name: 'CPU: Utilização Total'
key: system.cpu.util
value_type: FLOAT
units: '%'
description: 'Utilização Total da CPU expressa em %.'
tags:
- tag: component
value: cpu
triggers:
- uuid: af3a587848474ce083197f5c8eb41ef7
expression: min(/Windows by Zabbix agent/system.cpu.util,5m)>{$CPU.UTIL.CRIT}
name: '🔥 Windows: Uso de CPU Crítico'
event_name: '🔥 Windows: Uso de CPU Crítico (over {$CPU.UTIL.CRIT}% por 5m)'
opdata: 'Current utilization: {ITEM.LASTVALUE1}'
priority: WARNING
description: O uso de CPU está sitematicamente alto. O servidor pode ficar lento.
tags:
- tag: scope
value: performance
type: ZABBIX_ACTIVE
- uuid: 2bd53767f40742f5926615b3c586111a
name: 'Windows: Nome do Host'
key: system.hostname
delay: 1h
trends: '0'
value_type: CHAR
description: 'System host name.'
preprocessing:
- type: DISCARD_UNCHANGED_HEARTBEAT
parameters:
- 1d
tags:
- tag: component
value: system
triggers:
- uuid: 09551d020e984f478477610330999084
expression: change(/Windows by Zabbix agent/system.hostname) and length(last(/Windows by Zabbix agent/system.hostname))>0
name: ' Windows: Nome do Host Mudou'
event_name: ' Windows: Nome do Host Mudou (Novo: {ITEM.VALUE})'
priority: INFO
description: 'Windows host name has changed. Ack to close.'
manual_close: 'YES'
tags:
- tag: scope
value: notice
type: ZABBIX_ACTIVE
- uuid: 53c71360156d4758bd05358999812674
name: 'Windows: Arquitetura do Sistema'
key: system.uname
delay: 1h
trends: '0'
value_type: CHAR
description: 'System architecture (e.g. x86, x64).'
preprocessing:
- type: DISCARD_UNCHANGED_HEARTBEAT
parameters:
- 1d
tags:
- tag: component
value: system
type: ZABBIX_ACTIVE
- uuid: 89f928affba54c4a8dc7abead09cac68
name: 'Sistema: Hora Local'
key: system.localtime
units: unixtime
description: Hora local do sistema.
tags:
- tag: component
value: system
triggers:
- uuid: e521b85085eb442e831f89785fc4ed52
expression: fuzzytime(/Windows by Zabbix agent/system.localtime,{$SYSTEM.FUZZYTIME.MAX})=0
recovery_mode: RECOVERY_EXPRESSION
recovery_expression: fuzzytime(/Windows by Zabbix agent/system.localtime,{$SYSTEM.FUZZYTIME.MIN})=1
name: '⚠️ Windows: Hora do Sistema Dessincronizada'
event_name: '⚠️ Windows: Hora do Sistema Dessincronizada (diff with Zabbix server > {$SYSTEM.FUZZYTIME.MAX})'
priority: WARNING
description: A hora do servidor difere da hora do Zabbix Server. Verifique o NTP.
manual_close: 'YES'
tags:
- tag: scope
value: notice
type: ZABBIX_ACTIVE
- uuid: 16a7ae509f0c4f9d8631efae88fe6324
name: 'Sistema: Arquitetura do SO'
key: system.sw.arch
delay: 1h
value_type: CHAR
trends: '0'
description: Arquitetura do sistema operacional.
preprocessing:
- type: DISCARD_UNCHANGED_HEARTBEAT
parameters:
- 1d
tags:
- tag: component
value: os
type: ZABBIX_ACTIVE
- uuid: 5159e7263d7a42e499380b70e9d6490a
name: 'Sistema: Versão do SO'
key: system.sw.os
delay: 1h
value_type: CHAR
trends: '0'
inventory_link: OS
preprocessing:
- type: DISCARD_UNCHANGED_HEARTBEAT
parameters:
- 1d
tags:
- tag: component
value: os
triggers:
- uuid: 430bed700d494336ad08278059dc620e
expression: change(/Windows by Zabbix agent/system.sw.os) and length(last(/Windows by Zabbix agent/system.sw.os))>0
name: ' Windows: SO Atualizado/Alterado'
priority: INFO
description: A descrição do SO mudou. O sistema pode ter sido atualizado. Reconheça para fechar.
manual_close: 'YES'
dependencies:
- name: ' Windows: Nome do Host Mudou'
expression: change(/Windows by Zabbix agent/system.hostname) and length(last(/Windows by Zabbix agent/system.hostname))>0
tags:
- tag: scope
value: notice
type: ZABBIX_ACTIVE
- uuid: 9d6f14cc540846ab98052bf741a4247b
name: 'Swap: Espaço Livre'
type: CALCULATED
key: system.swap.free
units: B
params: last(//system.swap.size[,total]) - last(//system.swap.size[,total]) / 100 * last(//perf_counter_en["\Paging file(_Total)\% Usage"])
description: Espaço livre do arquivo de swap em bytes.
tags:
- tag: component
value: memory
- tag: component
value: storage
- uuid: e91b5f08c6b745bca975797ea4abd02a
name: 'Swap: Espaço Livre in %'
type: DEPENDENT
key: system.swap.pfree
delay: '0'
value_type: FLOAT
units: '%'
description: Espaço livre do arquivo de swap em %.
preprocessing:
- type: JAVASCRIPT
parameters:
- return (100 - value)
master_item:
key: perf_counter_en["\Paging file(_Total)\% Usage"]
tags:
- tag: component
value: memory
- tag: component
value: storage
- uuid: b5af29f7b8ee451895b49c0444e929f4
name: 'Swap: Espaço Total'
key: system.swap.size[,total]
units: B
description: Tamanho total do arquivo de swap em bytes.
tags:
- tag: component
value: memory
- tag: component
value: storage
type: ZABBIX_ACTIVE
- uuid: 8fa1259420ad486ab6e2520c9b047073
name: 'Sistema: Descrição'
key: system.uname
delay: 15m
value_type: CHAR
trends: '0'
description: 'Descrição do sistema operacional do host.'
preprocessing:
- type: DISCARD_UNCHANGED_HEARTBEAT
parameters:
- 1d
tags:
- tag: component
value: system
type: ZABBIX_ACTIVE
- uuid: 695053710ea14cc48692b5cb260d0dfb
name: 'Sistema: Uptime'
key: system.uptime
delay: 30s
trends: '0'
units: uptime
description: 'Tempo de atividade do sistema no formato: "N dias, hh:mm:ss".'
tags:
- tag: component
value: system
triggers:
- uuid: d6062fc4b70b4755ae4c6c3d987c6906
expression: last(/Windows by Zabbix agent/system.uptime)<10m
name: '⚠️ Windows: Servidor Reiniciou'
event_name: '⚠️ Windows: Servidor Reiniciou (uptime < 10m)'
priority: WARNING
description: 'O servidor foi reiniciado recentemente (Sistema: Uptime < 10m).'
manual_close: 'YES'
tags:
- tag: scope
value: notice
type: ZABBIX_ACTIVE
- uuid: 60a17a94a9ad4e4192547d0a6a1e1d25
name: Get filesystems
key: vfs.fs.get
history: '0'
value_type: TEXT
trends: '0'
description: A chave `vfs.fs.get` adquire informações brutas sobre sistemas de arquivos para pré-processamento.
tags:
- tag: component
value: raw
type: ZABBIX_ACTIVE
- uuid: 83185781999742268a7742695c5d3ee3
name: 'Memória: Total'
key: vm.memory.size[total]
units: B
description: 'Memória total expressa em bytes.'
tags:
- tag: component
value: memory
type: ZABBIX_ACTIVE
- uuid: f85ec8917f084c7d9b6bc36e186d74d6
name: 'Memória: Usada'
key: vm.memory.size[used]
units: B
description: 'Memória usada em bytes.'
tags:
- tag: component
value: memory
type: ZABBIX_ACTIVE
- uuid: 9b62965a4670472b8c672dc1021bb8fd
name: 'Memória: % de Utilização'
type: CALCULATED
key: vm.memory.util
value_type: FLOAT
units: '%'
params: last(//vm.memory.size[used]) / last(//vm.memory.size[total]) * 100
description: 'Porcentagem de memória utilizada.'
tags:
- tag: component
value: memory
triggers:
- uuid: 4a3e88d42c544538b1550c45fb5573ac
expression: min(/Windows by Zabbix agent/vm.memory.util,5m)>{$MEMORY.UTIL.MAX}
name: '🧠 Windows: Memória Esgotada'
event_name: '🧠 Windows: Memória Esgotada (>{$MEMORY.UTIL.MAX}% por 5m)'
priority: AVERAGE
description: O sistema está ficando sem memória livre. Verifique processos consumidores.
tags:
- tag: scope
value: capacity
- tag: scope
value: performance
- uuid: c35940d1a12e4b96b7114ac8dbbfcec4
name: 'Windows: Network interfaces WMI get'
key: wmi.getall[root\cimv2,"select Name,Description,NetConnectionID,Speed,AdapterTypeId,NetConnectionStatus,GUID from win32_networkadapter where PhysicalAdapter=True and NetConnectionStatus>0"]
history: '0'
value_type: TEXT
trends: '0'
description: Dados brutos de `win32_networkadapter`.
preprocessing:
- type: DISCARD_UNCHANGED_HEARTBEAT
parameters:
- 1h
tags:
- tag: component
value: raw
type: ZABBIX_ACTIVE
- uuid: 3dcf69f6637f496ca0406e0ed403f03c
name: 'Hardware: Número de Cores'
key: wmi.get[root/cimv2,"Select NumberOfLogicalProcessors from Win32_ComputerSystem"]
description: Número de processadores lógicos disponíveis.
tags:
- tag: component
value: cpu
type: ZABBIX_ACTIVE
- uuid: 64875dc74c3a45da82ddad6648198304
name: Disponibilidade do Agente Zabbix
type: INTERNAL
key: zabbix[host,agent,available]
description: Usado para monitorar a disponibilidade do agente.
valuemap:
name: zabbix.host.disponível
tags:
- tag: component
value: system
triggers:
- uuid: 2a79c64e07144a40b728e4a210fa0976
expression: max(/Windows by Zabbix agent/zabbix[host,agent,available],{$AGENT.TIMEOUT})=0
name: '🚨 Windows: Agente Zabbix Indisponível'
event_name: '🚨 Windows: Agente Zabbix Indisponível (for {$AGENT.TIMEOUT})'
priority: AVERAGE
description: O Agente Zabbix parou de responder. Verifique se o serviço está rodando ou se há bloqueio de firewall.
manual_close: 'YES'
tags:
- tag: scope
value: availability
- uuid: ab5cc8d3c6734c7c9456c02dfecffd5d
name: 'RDP: Sessões Ativas (Total)'
key: perf_counter_en["\Terminal Services\Total Sessions"]
type: ZABBIX_ACTIVE
delay: 1m
value_type: FLOAT
units: ''
description: Número total de sessões de Terminal Services (RDP) ativas.
tags:
- tag: component
value: security
- tag: component
value: remote_access
triggers:
- uuid: 60c93c0b66f8480a905f32f6789f4dcd
expression: min(/Windows by Zabbix agent/perf_counter_en["\Terminal Services\Total Sessions"],15m)>2
name: '⚠️ Windows: Muitas Sessões RDP Ativas'
event_name: '⚠️ Windows: Muitas Sessões RDP Ativas ({ITEM.LASTVALUE} > 2)'
priority: WARNING
description: Existem muitas sessões de terminal abertas. Isso pode consumir recursos ou indicar sessões "penduradas".
- uuid: 44cf725b9c03464cac04df1103f51092
name: 'Disco: Tamanho da Fila (Queue Length)'
type: ZABBIX_ACTIVE
key: perf_counter_en["\PhysicalDisk(_Total)\Current Disk Queue Length"]
delay: 1m
value_type: FLOAT
description: Número de solicitações de I/O aguardando serviço. Valores altos constantes indicam gargalo de disco.
tags:
- tag: component
value: storage
- tag: component
value: performance
triggers:
- uuid: 1990ac56e67a436585de7af74e1b6684
expression: min(/Windows by Zabbix agent/perf_counter_en["\PhysicalDisk(_Total)\Current Disk Queue Length"],10m)>2
name: '🐢 Windows: Disco Lento (Queue Length Alta)'
event_name: '🐢 Windows: Disco Lento (Queue Total > 2 por 10m)'
priority: AVERAGE
description: A fila de disco está constantemente alta. O armazenamento não está dando conta das requisições.
- uuid: 141cc10cfa0b40c0a00e4737a965ef87
name: 'Segurança: Falhas de Login (Audit Failure)'
type: ZABBIX_ACTIVE
key: eventlog[Security,,,,4625]
delay: 1m
value_type: LOG
preprocessing:
- type: JAVASCRIPT
parameters:
- |
var accountName = "N/A";
var accountDomain = "N/A";
var workstation = "N/A";
var sourceIP = "N/A";
var reason = "N/A";
var accountMatch = value.match(/Account For Which Logon Failed:[\s\S]*?Account Name:\s+([^\r\n]+)/);
if (accountMatch) accountName = accountMatch[1].trim();
var domainMatch = value.match(/Account For Which Logon Failed:[\s\S]*?Account Domain:\s+([^\r\n]+)/);
if (domainMatch) accountDomain = domainMatch[1].trim();
var workstationMatch = value.match(/Network Information:[\s\S]*?Workstation Name:\s+([^\r\n]+)/);
if (workstationMatch) workstation = workstationMatch[1].trim();
var ipMatch = value.match(/Source Network Address:\s+([^\r\n]+)/);
if (ipMatch) sourceIP = ipMatch[1].trim();
var reasonMatch = value.match(/Failure Reason:\s+([^\r\n]+)/);
if (reasonMatch) reason = reasonMatch[1].trim();
return "👤 Usuário: " + accountName + "\n🏢 Domínio: " + accountDomain + "\n💻 Estação: " + workstation + "\n🌍 Origem: " + sourceIP + "\n❌ Motivo: " + reason;
description: Monitora o Event ID 4625 (Logon falhou) no log de Segurança.
tags:
- tag: component
value: security
triggers:
- uuid: 530b3a4e5b2041e49f1c080586a44613
expression: count(/Windows by Zabbix agent/eventlog[Security,,,,4625],2m)>5
name: '👮 Windows: Possível Brute Force (Falhas de Login)'
event_name: '👮 Windows: 5+ Falhas de Login em 2m'
priority: AVERAGE
description: |
Foram detectadas múltiplas falhas de login (Event ID 4625) em curto período.
📉 **Impacto**:
Pode indicar uma tentativa de ataque de força bruta ou, mais comumente, um serviço/aplicação com credenciais antigas tentando autenticar repetidamente. Isso pode bloquear a conta do usuário no AD.
🛠️ **Ação (N1/N2)**:
1. Verifique o campo "Account Name" e "Workstation Name" no log abaixo.
2. Se for um *usuário*, contate-o para verificar se ele trocou a senha recentemente e esqueceu de atualizar no celular/tablet.
3. Se for um *serviço*, verifique tarefas agendadas ou serviços do Windows com credenciais inválidas.
4. Se o "Source Network Address" for externo, bloqueie o IP no Firewall imediatamente.
discovery_rules:
- uuid: c05c8d1be5614ffab1688cc92db32f12
name: Descoberta de interfaces de rede
type: DEPENDENT
key: net.if.discovery
delay: '0'
filter:
evaltype: AND
conditions:
- macro: '{#IFALIAS}'
value: '{$NET.IF.IFALIAS.MATCHES}'
formulaid: A
- macro: '{#IFALIAS}'
value: '{$NET.IF.IFALIAS.NOT_MATCHES}'
operator: NOT_MATCHES_REGEX
formulaid: B
- macro: '{#IFDESCR}'
value: '{$NET.IF.IFDESCR.MATCHES}'
formulaid: C
- macro: '{#IFDESCR}'
value: '{$NET.IF.IFDESCR.NOT_MATCHES}'
operator: NOT_MATCHES_REGEX
formulaid: D
- macro: '{#IFNAME}'
value: '{$NET.IF.IFNAME.MATCHES}'
formulaid: E
- macro: '{#IFNAME}'
value: '{$NET.IF.IFNAME.NOT_MATCHES}'
operator: NOT_MATCHES_REGEX
formulaid: F
description: Descoberta de interfaces de rede instaladas.
item_prototypes:
- uuid: 344f0ce5ba5244cb90cc08db556e6f9c
name: 'Interface {#IFNAME}: Pacotes Descartados (In)'
key: net.if.in["{#IFGUID}",dropped]
delay: 3m
description: Número de pacotes de entrada descartados na interface.
preprocessing:
- type: CHANGE_PER_SECOND
parameters:
- ''
tags:
- tag: component
value: network
- tag: description
value: '{#IFALIAS}'
- tag: interface
value: '{#IFNAME}'
- uuid: a2461163f9b44b678008e3d5fd96a168
name: 'Interface {#IFNAME}: Erros de Pacote (In)'
key: net.if.in["{#IFGUID}",errors]
delay: 3m
description: Número de pacotes de entrada com erros na interface.
preprocessing:
- type: CHANGE_PER_SECOND
parameters:
- ''
tags:
- tag: component
value: network
- tag: description
value: '{#IFALIAS}'
- tag: interface
value: '{#IFNAME}'
- uuid: a8f69dac86d646b194f9b204f22aeb3b
name: 'Interface {#IFNAME}: Tráfego de Entrada'
key: net.if.in["{#IFGUID}"]
delay: 3m
units: bps
description: Tráfego de entrada na interface de rede.
preprocessing:
- type: CHANGE_PER_SECOND
parameters:
- ''
- type: MULTIPLIER
parameters:
- '8'
tags:
- tag: component
value: network
- tag: description
value: '{#IFALIAS}'
- tag: interface
value: '{#IFNAME}'
- uuid: 46d947876b844223bb500f29cbf82273
name: 'Interface {#IFNAME}: Pacotes Descartados (Out)'
key: net.if.out["{#IFGUID}",dropped]
delay: 3m
description: Número de pacotes de saída descartados na interface.
preprocessing:
- type: CHANGE_PER_SECOND
parameters:
- ''
tags:
- tag: component
value: network
- tag: description
value: '{#IFALIAS}'
- tag: interface
value: '{#IFNAME}'
- uuid: 1f5854d4ad5d4b65b63e5ca9ffa5007c
name: 'Interface {#IFNAME}: Erros de Pacote (Out)'
key: net.if.out["{#IFGUID}",errors]
delay: 3m
description: Número de pacotes de saída com erros na interface.
preprocessing:
- type: CHANGE_PER_SECOND
parameters:
- ''
tags:
- tag: component
value: network
- tag: description
value: '{#IFALIAS}'
- tag: interface
value: '{#IFNAME}'
- uuid: 1adceed263804e089108bb2cc1aa51e1
name: 'Interface {#IFNAME}: Tráfego de Saída'
key: net.if.out["{#IFGUID}"]
delay: 3m
units: bps
description: Tráfego de saída na interface de rede.
preprocessing:
- type: CHANGE_PER_SECOND
parameters:
- ''
- type: MULTIPLIER
parameters:
- '8'
tags:
- tag: component
value: network
- tag: description
value: '{#IFALIAS}'
- tag: interface
value: '{#IFNAME}'
- uuid: 820ca9809e6f46af8aa3f41195f246d9
name: 'Interface {#IFNAME}: Velocidade Negociada'
type: DEPENDENT
key: net.if.speed["{#IFGUID}"]
delay: '0'
trends: '0'
units: bps
description: Largura de banda estimada da interface de rede.
preprocessing:
- type: JSONPATH
parameters:
- $[?(@.GUID == "{#IFGUID}")].Speed.first()
error_handler: CUSTOM_VALUE
error_handler_params: '0'
- type: JAVASCRIPT
parameters:
- 'return (value==''9223372036854775807'' ? 0 : value)'
- type: DISCARD_UNCHANGED_HEARTBEAT
parameters:
- 1h
master_item:
key: wmi.getall[root\cimv2,"select Name,Description,NetConnectionID,Speed,AdapterTypeId,NetConnectionStatus,GUID from win32_networkadapter where PhysicalAdapter=True and NetConnectionStatus>0"]
tags:
- tag: component
value: network
- tag: description
value: '{#IFALIAS}'
- tag: interface
value: '{#IFNAME}'
- uuid: 929917f16ecd4369a5535fe8178248d6
name: 'Interface {#IFNAME}: Status Operacional'
type: DEPENDENT
key: net.if.status["{#IFGUID}"]
delay: '0'
trends: '0'
description: Status operacional da interface de rede.
valuemap:
name: Win32_NetworkAdapter::NetConnectionStatus
preprocessing:
- type: JSONPATH
parameters:
- $[?(@.GUID == "{#IFGUID}")].NetConnectionStatus.first()
- type: DISCARD_UNCHANGED_HEARTBEAT
parameters:
- 1d
master_item:
key: wmi.getall[root\cimv2,"select Name,Description,NetConnectionID,Speed,AdapterTypeId,NetConnectionStatus,GUID from win32_networkadapter where PhysicalAdapter=True and NetConnectionStatus>0"]
tags:
- tag: component
value: network
- tag: description
value: '{#IFALIAS}'
- tag: interface
value: '{#IFNAME}'
trigger_prototypes:
- uuid: 08a59de19b8d444cbe0929a30af08889
expression: '{$IFCONTROL:"{#IFNAME}"}=1 and last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])<>2 and (last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#1)<>last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#2))'
recovery_mode: RECOVERY_EXPRESSION
recovery_expression: last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])=2 or {$IFCONTROL:"{#IFNAME}"}=0
name: '🚨 Interface {#IFNAME}: Link Down'
opdata: 'Current state: {ITEM.LASTVALUE1}'
priority: AVERAGE
description: 'Esta trigger funciona assim:
1. Dispara se o status operacional for Down.
2. `{$IFCONTROL:"{#IFNAME}"}=1` - defina a macro como "0" para ignorar esta interface.
No new trigger will be fired if this interface is down.
3. `last(/TEMPLATE_NAME/METRIC,#1)<>last(/TEMPLATE_NAME/METRIC,#2)` - the trigger fires only if the operational status was up to (1) sometime before (so, does not fire for the ''eternal off'' interfaces.)
WARNING: if closed manually - it will not fire again on the next poll, because of .diff.
'
manual_close: 'YES'
tags:
- tag: scope
value: availability
- uuid: 1e513ffd8cd24a39a04b2140dce65b62
name: 'Interface {#IFNAME}: Tipo de Interface'
type: DEPENDENT
key: net.if.type["{#IFGUID}"]
delay: '0'
trends: '0'
description: The type of the network interface.
valuemap:
name: Win32_NetworkAdapter::AdapterTypeId
preprocessing:
- type: JSONPATH
parameters:
- $[?(@.GUID == "{#IFGUID}")].AdapterTypeId.first()
- type: DISCARD_UNCHANGED_HEARTBEAT
parameters:
- 1d
master_item:
key: wmi.getall[root\cimv2,"select Name,Description,NetConnectionID,Speed,AdapterTypeId,NetConnectionStatus,GUID from win32_networkadapter where PhysicalAdapter=True and NetConnectionStatus>0"]
tags:
- tag: component
value: network
- tag: description
value: '{#IFALIAS}'
- tag: interface
value: '{#IFNAME}'
trigger_prototypes:
- uuid: 27a60f88cbd0457291153105ace75e4d
expression: 'change(/Windows by Zabbix agent/net.if.speed["{#IFGUID}"])<0 and
last(/Windows by Zabbix agent/net.if.speed["{#IFGUID}"])>0 and
last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])=2
'
name: '⚠️ Interface {#IFNAME}: Velocidade Reduzida (Negociação?)'
opdata: 'Current reported speed: {ITEM.LASTVALUE1}'
priority: INFO
description: "⚠️ A velocidade da interface caiu (Ex: 1Gb -> 100Mb).\n\n📉 Impacto: Lentidão na transferência de dados.\n🛠 Ação: 1. Verifique a categoria do cabo (Cat5e/Cat6). 2. Verifique configurações de Duplex/Speed no switch e servidor."
manual_close: 'YES'
dependencies:
- name: '🚨 Interface {#IFNAME}: Link Down'
expression: '{$IFCONTROL:"{#IFNAME}"}=1 and last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])<>2 and (last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#1)<>last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#2))'
recovery_expression: last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])=2 or {$IFCONTROL:"{#IFNAME}"}=0
tags:
- tag: scope
value: capacity
- uuid: 728a12bd7b6748cd97e0ca7b0cbf2b77
expression: '(avg(/Windows by Zabbix agent/net.if.in["{#IFGUID}"],15m)>({$IF.UTIL.MAX:"{#IFNAME}"}/100)*last(/Windows by Zabbix agent/net.if.speed["{#IFGUID}"]) or
avg(/Windows by Zabbix agent/net.if.out["{#IFGUID}"],15m)>({$IF.UTIL.MAX:"{#IFNAME}"}/100)*last(/Windows by Zabbix agent/net.if.speed["{#IFGUID}"])) and
last(/Windows by Zabbix agent/net.if.speed["{#IFGUID}"])>0
'
recovery_mode: RECOVERY_EXPRESSION
recovery_expression: 'avg(/Windows by Zabbix agent/net.if.in["{#IFGUID}"],15m)<(({$IF.UTIL.MAX:"{#IFNAME}"}-3)/100)*last(/Windows by Zabbix agent/net.if.speed["{#IFGUID}"]) and
avg(/Windows by Zabbix agent/net.if.out["{#IFGUID}"],15m)<(({$IF.UTIL.MAX:"{#IFNAME}"}-3)/100)*last(/Windows by Zabbix agent/net.if.speed["{#IFGUID}"])
'
name: '🔥 Interface {#IFNAME}: Saturação de Banda'
event_name: '🔥 Interface {#IFNAME}: Saturação de Banda (>{$IF.UTIL.MAX:"{#IFNAME}"}%)'
opdata: 'In: {ITEM.LASTVALUE1}, out: {ITEM.LASTVALUE3}, speed: {ITEM.LASTVALUE2}'
priority: WARNING
description: "⚠️ Uso de banda elevado.\n\n📉 Impacto: A interface atingiu o limite de tráfego. O acesso ao servidor ficará lento e pacotes podem ser descartados.\n🛠 Ação: 1. Identifique qual processo/usuário está consumindo banda. 2. Avalie necessidade de upgrade de link."
manual_close: 'YES'
dependencies:
- name: '🚨 Interface {#IFNAME}: Link Down'
expression: '{$IFCONTROL:"{#IFNAME}"}=1 and last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])<>2 and (last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#1)<>last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#2))'
recovery_expression: last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])=2 or {$IFCONTROL:"{#IFNAME}"}=0
tags:
- tag: scope
value: performance
- uuid: 1945fd9bc15c471fb050d0a5430245a6
expression: 'min(/Windows by Zabbix agent/net.if.in["{#IFGUID}",errors],5m)>{$IF.ERRORS.WARN:"{#IFNAME}"}
or min(/Windows by Zabbix agent/net.if.out["{#IFGUID}",errors],5m)>{$IF.ERRORS.WARN:"{#IFNAME}"}
'
recovery_mode: RECOVERY_EXPRESSION
recovery_expression: 'max(/Windows by Zabbix agent/net.if.in["{#IFGUID}",errors],5m)<{$IF.ERRORS.WARN:"{#IFNAME}"}*0.8
and max(/Windows by Zabbix agent/net.if.out["{#IFGUID}",errors],5m)<{$IF.ERRORS.WARN:"{#IFNAME}"}*0.8
'
name: '🔥 Interface {#IFNAME}: Alta Taxa de Erros'
event_name: '🔥 Interface {#IFNAME}: Alta Taxa de Erros (>{$IF.ERRORS.WARN:"{#IFNAME}"} por 5m)'
opdata: 'errors in: {ITEM.LASTVALUE1}, errors out: {ITEM.LASTVALUE2}'
priority: WARNING
description: "⚠️ Erros de transmissão detectados.\n\n📉 Impacto: Perda de pacotes, retransmissões e lentidão.\n🛠 Ação: 1. Substitua o cabo de rede. 2. Teste outra porta no switch."
manual_close: 'YES'
dependencies:
- name: '🚨 Interface {#IFNAME}: Link Down'
expression: '{$IFCONTROL:"{#IFNAME}"}=1 and last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])<>2 and (last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#1)<>last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"],#2))'
recovery_expression: last(/Windows by Zabbix agent/net.if.status["{#IFGUID}"])=2 or {$IFCONTROL:"{#IFNAME}"}=0
tags:
- tag: scope
value: availability
graph_prototypes:
- uuid: cf5e38d45e394757955ce0257cfd2f04
name: 'Interface {#IFNAME}({#IFALIAS}): Network traffic'
graph_items:
- drawtype: GRADIENT_LINE
color: 199C0D
item:
host: Windows by Zabbix agent
key: net.if.in["{#IFGUID}"]
- sortorder: '1'
drawtype: BOLD_LINE
color: F63100
item:
host: Windows by Zabbix agent
key: net.if.out["{#IFGUID}"]
- sortorder: '2'
color: 00611C
yaxisside: RIGHT
item:
host: Windows by Zabbix agent
key: net.if.out["{#IFGUID}",errors]
- sortorder: '3'
color: F7941D
yaxisside: RIGHT
item:
host: Windows by Zabbix agent
key: net.if.in["{#IFGUID}",errors]
- sortorder: '4'
color: FC6EA3
yaxisside: RIGHT
item:
host: Windows by Zabbix agent
key: net.if.out["{#IFGUID}",dropped]
- sortorder: '5'
color: 6C59DC
yaxisside: RIGHT
item:
host: Windows by Zabbix agent
key: net.if.in["{#IFGUID}",dropped]
master_item:
key: wmi.getall[root\cimv2,"select Name,Description,NetConnectionID,Speed,AdapterTypeId,NetConnectionStatus,GUID from win32_networkadapter where PhysicalAdapter=True and NetConnectionStatus>0"]
preprocessing:
- type: JAVASCRIPT
parameters:
- "output = JSON.parse(value).map(function(net){\n\treturn {\n\t\t\"{#IFNAME}\": net.Name,\n\t\t\"{#IFDESCR}\": net.Description,\n\t\t\"{#IFALIAS}\": net.NetConnectionID,\n\t\t\"{#IFGUID}\": net.GUID\n\t}})\nreturn JSON.stringify({\"data\": output})\n"
- type: DISCARD_UNCHANGED_HEARTBEAT
parameters:
- 1h
- uuid: b2a9c04e3e0846ab89d5dbc39d273567
name: Descoberta de discos físicos
key: perf_instance_en.discovery[PhysicalDisk]
delay: 1h
filter:
evaltype: AND
conditions:
- macro: '{#DEVNAME}'
value: '{$VFS.DEV.DEVNAME.MATCHES}'
formulaid: A
- macro: '{#DEVNAME}'
value: '{$VFS.DEV.DEVNAME.NOT_MATCHES}'
operator: NOT_MATCHES_REGEX
formulaid: B
description: Discovery of installed physical disks.
item_prototypes:
- uuid: 714bbd069d34400895df413fe4627543
name: '{#DEVNAME}: Utilização de disco por tempo ocioso'
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\% Idle Time",60]
value_type: FLOAT
units: '%'
description: This item is the percentage of elapsed time that the selected disk drive was busy servicing read or writes requests based on idle time.
preprocessing:
- type: JAVASCRIPT
parameters:
- return (100 - value)
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
trigger_prototypes:
- uuid: 7cbd65184e1041ca959172328db83f58
expression: min(/Windows by Zabbix agent/perf_counter_en["\PhysicalDisk({#DEVNAME})\% Idle Time",60],15m)>{$VFS.DEV.UTIL.MAX.WARN}
name: '🔥 Windows: Disco Saturado (I/O) em {#DEVNAME}'
event_name: '🔥 Disco Crítico em {HOST.NAME}: {#DEVNAME} está com {ITEM.LASTVALUE}% de Utilização (Crit: > {$VFS.DEV.UTIL.MAX.WARN}%)'
priority: WARNING
description: "⚠️ Disco operando perto da capacidade máxima.\n\n📉 Impacto: Lentidão geral no sistema, aplicações travando e demora para buscar arquivos.\n\n🛠 Ação: 1. Verifique quais processos estão consumindo I/O (Resource Monitor). 2. Considere mover arquivos para outro disco ou upgrade para SSD."
manual_close: 'YES'
dependencies:
- name: '⚠️ Windows: Latência de Leitura Alta em {#DEVNAME}'
expression: min(/Windows by Zabbix agent/perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Read",60],15m) > {$VFS.DEV.READ.AWAIT.WARN:"{#DEVNAME}"}
- name: '⚠️ Windows: Latência de Escrita Alta em {#DEVNAME}'
expression: min(/Windows by Zabbix agent/perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Write",60],15m) > {$VFS.DEV.WRITE.AWAIT.WARN:"{#DEVNAME}"}
tags:
- tag: scope
value: performance
- uuid: abdcdffc92114fda93d4893c772cf14a
name: '{#DEVNAME}: Tamanho médio da fila de leitura'
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk Read Queue Length",60]
value_type: FLOAT
description: Average disk read queue, the number of requests outstanding on the disk at the time the performance data is collected.
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
- uuid: 208b3a3868844e85a7e3e5f3940d744d
name: '{#DEVNAME}: Tempo médio de espera de leitura'
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Read",60]
value_type: FLOAT
units: s
description: The average time for read requests issued to the device to be served. This includes the time spent by the requests in queue and the time spent servicing them.
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
trigger_prototypes:
- uuid: 3ee49a01474c4770874fa30bc417fa20
expression: min(/Windows by Zabbix agent/perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Read",60],15m) > {$VFS.DEV.READ.AWAIT.WARN:"{#DEVNAME}"}
name: '⚠️ Windows: Latência de Leitura Alta em {#DEVNAME}'
event_name: '⚠️ Latência de Leitura Alta em {HOST.NAME}: {#DEVNAME} com {ITEM.LASTVALUE}s (Crit: > {$VFS.DEV.READ.AWAIT.WARN:"{#DEVNAME}"}s)'
priority: WARNING
description: "⚠️ Latência alta no disco (Lentidão).\n\n📉 Impacto: O sistema demora para ler/gravar dados. Bancos de dados e sistemas de arquivos serão afetados.\n\n🛠 Ação: 1. Verifique saúde do disco (SMART/Event Log). 2. Verifique se há backup ou antivírus rodando no momento."
manual_close: 'YES'
tags:
- tag: scope
value: performance
- uuid: 6a162aca790c48a7bd726d54494d67e9
name: '{#DEVNAME}: Tempo médio de espera de escrita'
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Write",60]
value_type: FLOAT
units: s
description: The average time for write requests issued to the device to be served. This includes the time spent by the requests in queue and the time spent servicing them.
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
trigger_prototypes:
- uuid: c270b6ce40404a099993b3fb967fb302
expression: min(/Windows by Zabbix agent/perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Write",60],15m) > {$VFS.DEV.WRITE.AWAIT.WARN:"{#DEVNAME}"}
name: '⚠️ Windows: Latência de Escrita Alta em {#DEVNAME}'
event_name: '⚠️ Latência de Escrita Alta em {HOST.NAME}: {#DEVNAME} com {ITEM.LASTVALUE}s (Crit: > {$VFS.DEV.WRITE.AWAIT.WARN:"{#DEVNAME}"}s)'
priority: WARNING
description: "⚠️ Latência alta no disco (Lentidão).\n\n📉 Impacto: O sistema demora para ler/gravar dados. Bancos de dados e sistemas de arquivos serão afetados.\n\n🛠 Ação: 1. Verifique saúde do disco (SMART/Event Log). 2. Verifique se há backup ou antivírus rodando no momento."
manual_close: 'YES'
tags:
- tag: scope
value: performance
- uuid: ba3a369741544f6c88a476a4f2d30ab2
name: '{#DEVNAME}: Tamanho médio da fila de escrita'
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk Write Queue Length",60]
value_type: FLOAT
description: Average disk write queue, the number of requests outstanding on the disk at the time the performance data is collected.
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
- uuid: 24d15f53439148919e11d5811f25adf1
name: '{#DEVNAME}: Tamanho médio da fila de disco (avgqu-sz)'
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Current Disk Queue Length",60]
value_type: FLOAT
description: The current average disk queue; the number of requests outstanding on the disk while the performance data is being collected.
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
- uuid: c1424c1c2fe647a8baf3357c34ae261e
name: '{#DEVNAME}: Taxa de leitura de disco'
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Disk Reads/sec",60]
value_type: FLOAT
units: '!r/s'
description: Taxa de operações de leitura no disco.
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
- uuid: 4d10e563bbd1402daa1c9c8516095aa8
name: '{#DEVNAME}: Taxa de escrita de disco'
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Disk Writes/sec",60]
value_type: FLOAT
units: '!w/s'
description: Taxa de operações de escrita no disco.
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
graph_prototypes:
- uuid: d57e7ea5e83948d39c5dc37692ee5d2f
name: '{#DEVNAME}: Tamanho médio da fila de disco'
graph_items:
- color: 199C0D
item:
host: Windows by Zabbix agent
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk Read Queue Length",60]
- sortorder: '1'
color: F63100
item:
host: Windows by Zabbix agent
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk Write Queue Length",60]
- uuid: 3418a65445664f16ae044b340f019059
name: '{#DEVNAME}: Tempo médio de espera do disco'
graph_items:
- color: 199C0D
item:
host: Windows by Zabbix agent
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Read",60]
- sortorder: '1'
drawtype: GRADIENT_LINE
color: F63100
item:
host: Windows by Zabbix agent
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Avg. Disk sec/Write",60]
- uuid: 93f9ce11052e4ad39b85cde3adee381a
name: '{#DEVNAME}: Taxas de leitura/escrita do disco'
graph_items:
- color: 199C0D
item:
host: Windows by Zabbix agent
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Disk Reads/sec",60]
- sortorder: '1'
drawtype: GRADIENT_LINE
color: F63100
item:
host: Windows by Zabbix agent
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Disk Writes/sec",60]
- uuid: e4956240463543dca5cce52847581d25
name: '{#DEVNAME}: Utilização e fila do disco'
graph_items:
- color: 199C0D
yaxisside: RIGHT
item:
host: Windows by Zabbix agent
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\Current Disk Queue Length",60]
- sortorder: '1'
drawtype: GRADIENT_LINE
color: F63100
item:
host: Windows by Zabbix agent
key: perf_counter_en["\PhysicalDisk({#DEVNAME})\% Idle Time",60]
preprocessing:
- type: STR_REPLACE
parameters:
- '{#INSTANCE}'
- '{#DEVNAME}'
- uuid: dbde6e6c7c13436b9bd20230f1d309ed
name: Descoberta de serviços Windows
key: service.discovery
delay: 1h
filter:
evaltype: AND
conditions:
- macro: '{#SERVICE.NAME}'
value: '{$SERVICE.NAME.MATCHES}'
formulaid: A
- macro: '{#SERVICE.NAME}'
value: '{$SERVICE.NAME.NOT_MATCHES}'
operator: NOT_MATCHES_REGEX
formulaid: B
- macro: '{#SERVICE.STARTUPNAME}'
value: '{$SERVICE.STARTUPNAME.MATCHES}'
formulaid: C
- macro: '{#SERVICE.STARTUPNAME}'
value: '{$SERVICE.STARTUPNAME.NOT_MATCHES}'
operator: NOT_MATCHES_REGEX
formulaid: D
description: Descoberta de serviços Windows baseada nas macros do template.
item_prototypes:
- uuid: d6379e85f1974734abbe60fef1a6ca1d
name: Estado do serviço "{#SERVICE.NAME}" ({#SERVICE.DISPLAYNAME})
key: service.info["{#SERVICE.NAME}",state]
valuemap:
name: Windows service state
tags:
- tag: component
value: system
- tag: name
value: '{#SERVICE.DISPLAYNAME}'
- tag: service
value: '{#SERVICE.NAME}'
trigger_prototypes:
- uuid: 1ac218b99f1347b4b467c75c10f074a3
expression: min(/Windows by Zabbix agent/service.info["{#SERVICE.NAME}",state],#3)<>0
name: '🚨 Windows: Serviço Crítico Parado: {#SERVICE.DISPLAYNAME} ({#SERVICE.NAME})'
event_name: '🚨 Serviço Parado em {HOST.NAME}: {#SERVICE.DISPLAYNAME} está Down (Startup: {#SERVICE.STARTUPNAME})'
priority: AVERAGE
description: "⚠️ O serviço monitorado parou de responder.\n\n📉 Impacto: Funcionalidades dependentes deste serviço estão indisponíveis.\n🛠 Ação: 1. Tente iniciar o serviço via 'net start \"{#SERVICE.NAME}\"'. 2. Verifique logs (Event Viewer > System/Application)."
tags:
- tag: scope
value: notice
- uuid: 4fbbdf83609e48e68011f6c394c652f9
name: Descoberta de sistemas de arquivos montados
type: DEPENDENT
key: vfs.fs.dependent.discovery
delay: '0'
filter:
evaltype: AND
conditions:
- macro: '{#FSDRIVETYPE}'
value: '{$VFS.FS.FSDRIVETYPE.MATCHES}'
formulaid: A
- macro: '{#FSDRIVETYPE}'
value: '{$VFS.FS.FSDRIVETYPE.NOT_MATCHES}'
operator: NOT_MATCHES_REGEX
formulaid: B
- macro: '{#FSNAME}'
value: '{$VFS.FS.FSNAME.MATCHES}'
formulaid: C
- macro: '{#FSNAME}'
value: '{$VFS.FS.FSNAME.NOT_MATCHES}'
operator: NOT_MATCHES_REGEX
formulaid: D
- macro: '{#FSTYPE}'
value: '{$VFS.FS.FSTYPE.MATCHES}'
formulaid: E
- macro: '{#FSTYPE}'
value: '{$VFS.FS.FSTYPE.NOT_MATCHES}'
operator: NOT_MATCHES_REGEX
formulaid: F
description: Descoberta de sistemas de arquivos.
item_prototypes:
- uuid: 821daa0e25a2456ca637e441a844dfe6
name: 'FS [{#FSLABEL}({#FSNAME})]: Espaço: Disponível'
type: DEPENDENT
key: vfs.fs.dependent.size[{#FSNAME},free]
delay: '0'
units: B
description: Espaço disponível em bytes.
preprocessing:
- type: JSONPATH
parameters:
- $.bytes.free
master_item:
key: vfs.fs.dependent[{#FSNAME},data]
tags:
- tag: component
value: storage
- tag: filesystem
value: '{#FSNAME}'
- tag: fstype
value: '{#FSTYPE}'
- uuid: 8949201f93ab46f0a0ad95ca6ce6124c
name: 'FS [{#FSLABEL}({#FSNAME})]: Espaço: Usado, em %'
type: DEPENDENT
key: vfs.fs.dependent.size[{#FSNAME},pused]
delay: '0'
value_type: FLOAT
units: '%'
description: Calculado como porcentagem de espaço usado em relação ao total.
preprocessing:
- type: JSONPATH
parameters:
- $.bytes.pused
master_item:
key: vfs.fs.dependent[{#FSNAME},data]
tags:
- tag: component
value: storage
- tag: filesystem
value: '{#FSNAME}'
- tag: fstype
value: '{#FSTYPE}'
trigger_prototypes:
- uuid: 82749ca091b047109ec8374febd3f1a8
expression: min(/Windows by Zabbix agent/vfs.fs.dependent.size[{#FSNAME},pused],5m)>{$VFS.FS.PUSED.MAX.CRIT:"{#FSLABEL}({#FSNAME})"}
name: '🚨 Windows: Disco Crítico em {#FSNAME} ({#FSLABEL})'
event_name: '🚨 Disco Crítico em {HOST.NAME}: {#FSNAME} ({#FSLABEL}) com {ITEM.LASTVALUE}% Usado (Crit: > {$VFS.FS.PUSED.MAX.CRIT:"{#FSLABEL}({#FSNAME})"}%)'
opdata: 'Space used: {{ITEM.LASTVALUE1}.fmtnum(1)}%'
priority: HIGH
description: "🚨 O disco local atingiu nível CRÍTICO de uso.\n\n📉 Impacto: Aplicações podem falhar ao gravar dados, log rotation pode falhar, sistema instável.\n🛠 Ação: 1. Limpe arquivos temporários. 2. Expanda o disco."
manual_close: 'YES'
tags:
- tag: scope
value: availability
- tag: scope
value: capacity
- uuid: a78fdba44690444cb9898bfa6e7f0ed9
expression: min(/Windows by Zabbix agent/vfs.fs.dependent.size[{#FSNAME},pused],5m)>{$VFS.FS.PUSED.MAX.WARN:"{#FSLABEL}({#FSNAME})"}
name: '⚠️ Windows: Disco Cheio em {#FSNAME} ({#FSLABEL})'
event_name: '⚠️ Disco Cheio em {HOST.NAME}: {#FSNAME} ({#FSLABEL}) com {ITEM.LASTVALUE}% Usado (Warn: > {$VFS.FS.PUSED.MAX.WARN:"{#FSLABEL}({#FSNAME})"}%)'
opdata: 'Space used: {{ITEM.LASTVALUE1}.fmtnum(1)}%'
priority: WARNING
description: "⚠️ O disco local está atingindo o limite de alerta.\n\n📉 Impacto: Prevenção de incidente crítico futura.\n🛠 Ação: 1. Planeje expansão ou limpeza."
manual_close: 'YES'
dependencies:
- name: '🚨 Windows: Disco Crítico em {#FSNAME} ({#FSLABEL})'
expression: min(/Windows by Zabbix agent/vfs.fs.dependent.size[{#FSNAME},pused],5m)>{$VFS.FS.PUSED.MAX.CRIT:"{#FSLABEL}({#FSNAME})"}
tags:
- tag: scope
value: availability
- tag: scope
value: capacity
- uuid: d45f2c3469dd424486bdee586e4a61eb
name: 'FS [{#FSLABEL}({#FSNAME})]: Espaço: Total'
type: DEPENDENT
key: vfs.fs.dependent.size[{#FSNAME},total]
delay: '0'
units: B
description: Espaço total em bytes.
preprocessing:
- type: JSONPATH
parameters:
- $.bytes.total
master_item:
key: vfs.fs.dependent[{#FSNAME},data]
tags:
- tag: component
value: storage
- tag: filesystem
value: '{#FSNAME}'
- tag: fstype
value: '{#FSTYPE}'
- uuid: ddd24d7eaa5742ac9d6cbae42bcfa1ae
name: 'FS [{#FSLABEL}({#FSNAME})]: Espaço: Usado'
type: DEPENDENT
key: vfs.fs.dependent.size[{#FSNAME},used]
delay: '0'
units: B
description: Espaço usado em bytes.
preprocessing:
- type: JSONPATH
parameters:
- $.bytes.used
master_item:
key: vfs.fs.dependent[{#FSNAME},data]
tags:
- tag: component
value: storage
- tag: filesystem
value: '{#FSNAME}'
- tag: fstype
value: '{#FSTYPE}'
- uuid: b9ad1677ea6841309c7dc3a304b61c37
name: 'FS [{#FSLABEL}({#FSNAME})]: Obter dados'
type: DEPENDENT
key: vfs.fs.dependent[{#FSNAME},data]
delay: '0'
history: 1h
value_type: TEXT
trends: '0'
description: Dados intermediários do sistema de arquivos `{#FSNAME}`.
preprocessing:
- type: JSONPATH
parameters:
- $.[?(@.fsname=='{#FSNAME}')].first()
master_item:
key: vfs.fs.get
tags:
- tag: component
value: raw
- tag: component
value: storage
- tag: filesystem
value: '{#FSNAME}'
- tag: fstype
value: '{#FSTYPE}'
graph_prototypes:
- uuid: 0ab6167e4a5d4d8f8dbe8b521db43bb0
name: 'FS [{#FSLABEL}({#FSNAME})]: Space usage graph, in %'
width: '600'
height: '340'
ymin_type_1: FIXED
ymax_type_1: FIXED
graph_items:
- drawtype: FILLED_REGION
color: F63100
calc_fnc: ALL
item:
host: Windows by Zabbix agent
key: vfs.fs.dependent.size[{#FSNAME},pused]
- uuid: 231acb4a719d4eea911c52e106b2ab27
name: 'FS [{#FSLABEL}({#FSNAME})]: Space utilization chart'
width: '600'
height: '340'
type: PIE
show_3d: 'YES'
graph_items:
- color: '787878'
calc_fnc: LAST
type: GRAPH_SUM
item:
host: Windows by Zabbix agent
key: vfs.fs.dependent.size[{#FSNAME},total]
- sortorder: '1'
color: F63100
calc_fnc: LAST
item:
host: Windows by Zabbix agent
key: vfs.fs.dependent.size[{#FSNAME},used]
- sortorder: '2'
color: 199C09
calc_fnc: LAST
item:
host: Windows by Zabbix agent
key: vfs.fs.dependent.size[{#FSNAME},free]
master_item:
key: vfs.fs.get
lld_macro_paths:
- lld_macro: '{#FSDRIVETYPE}'
path: $.fsdrivetype
- lld_macro: '{#FSLABEL}'
path: $.fslabel
- lld_macro: '{#FSNAME}'
path: $.fsname
- lld_macro: '{#FSTYPE}'
path: $.fstype
preprocessing:
- type: JAVASCRIPT
parameters:
- "var filesystems = JSON.parse(value);\n\nresult = filesystems.map(function (filesystem) {\n\treturn {\n\t\t'fsname': filesystem.fsname,\n\t\t'fstype': filesystem.fstype,\n\t\t'fslabel': filesystem.fslabel,\n\t\t'fsdrivetype': filesystem.fsdrivetype\n\t};\n});\n\nreturn JSON.stringify(result);\n"
- type: DISCARD_UNCHANGED_HEARTBEAT
parameters:
- 1h
tags:
- tag: class
value: os
- tag: target
value: windows
macros:
- macro: '{$AGENT.TIMEOUT}'
value: 3m
description: Timeout para considerar agente indisponível (apenas modo passivo).
- macro: '{$CPU.INTERRUPT.CRIT.MAX}'
value: '50'
description: Limiar crítico para % Interrupt Time.
- macro: '{$CPU.PRIV.CRIT.MAX}'
value: '30'
description: Limiar crítico para % Privileged Time.
- macro: '{$CPU.QUEUE.CRIT.MAX}'
value: '3'
description: Limiar para Processor Queue Length.
- macro: '{$CPU.UTIL.CRIT}'
value: '90'
description: 'The critical threshold of the Utilização Total da CPU expressa em %.'
- macro: '{$IF.ERRORS.WARN}'
value: '2'
description: Limiar de aviso para taxa de erros de pacote.
- macro: '{$IF.UTIL.MAX}'
value: '90'
description: Limiar para trigger de utilização de interface.
- macro: '{$IFCONTROL}'
value: '1'
description: Macro para estado operacional (trigger link down). Use 0 para desativar.
- macro: '{$MEM.PAGE_SEC.CRIT.MAX}'
value: '1000'
description: Limiar de aviso para Memory Pages/sec.
- macro: '{$MEM.PAGE_TABLE_CRIT.MIN}'
value: '5000'
description: Limiar de aviso para Free System Page Table Entries.
- macro: '{$MEMORY.UTIL.MAX}'
value: '90'
description: Limiar de aviso para uso de memória.
- macro: '{$NET.IF.IFALIAS.MATCHES}'
value: .*
description: Usado na descoberta de interface de rede. Pode ser sobrescrito.
- macro: '{$NET.IF.IFALIAS.NOT_MATCHES}'
value: CHANGE_THIS
description: Usado na descoberta de interface de rede. Pode ser sobrescrito.
- macro: '{$NET.IF.IFDESCR.MATCHES}'
value: .*
description: Usado na descoberta de interface de rede. Pode ser sobrescrito.
- macro: '{$NET.IF.IFDESCR.NOT_MATCHES}'
value: CHANGE_THIS
description: Usado na descoberta de interface de rede. Pode ser sobrescrito.
- macro: '{$NET.IF.IFNAME.MATCHES}'
value: .*
description: Usado na descoberta de interface de rede. Pode ser sobrescrito.
- macro: '{$NET.IF.IFNAME.NOT_MATCHES}'
value: Miniport|Virtual|Teredo|Kernel|Loopback|Bluetooth|HTTPS|6to4|QoS|Layer
description: Usado na descoberta de interface de rede. Pode ser sobrescrito.
- macro: '{$SERVICE.NAME.MATCHES}'
value: ^.*$
description: Usado na descoberta de serviços. Pode ser sobrescrito.
- macro: '{$SERVICE.NAME.NOT_MATCHES}'
value: ^(?:RemoteRegistry|MMCSS|gupdate|SysmonLog|clr_optimization_v.+|sppsvc|gpsvc|Pml Driver HPZ12|Net Driver HPZ12|MapsBroker|IntelAudioService|Intel\(R\) TPM Provisioning Service|dbupdate|DoSvc|CDPUserSvc_.+|WpnUserService_.+|OneSyncSvc_.+|WbioSrvc|BITS|tiledatamodelsvc|GISvc|ShellHWDetection|TrustedInstaller|TabletInputService|CDPSvc|wuauserv|edgeupdate|cbdhsvc_.+)$
description: Usado na descoberta de serviços. Pode ser sobrescrito.
- macro: '{$SERVICE.STARTUPNAME.MATCHES}'
value: ^(?:automatic|automatic delayed)$
description: Usado na descoberta de serviços. Pode ser sobrescrito.
- macro: '{$SERVICE.STARTUPNAME.NOT_MATCHES}'
value: ^(?:manual|disabled)$
description: Usado na descoberta de serviços. Pode ser sobrescrito.
- macro: '{$SWAP.PFREE.MIN.WARN}'
value: '20'
description: Limiar de aviso para swap livre mínimo.
- macro: '{$SYSTEM.FUZZYTIME.MAX}'
value: 60s
description: Limiar superior para diferença de tempo do sistema.
- macro: '{$SYSTEM.FUZZYTIME.MIN}'
value: 10s
description: Limiar inferior para diferença de tempo (recuperação).
- macro: '{$VFS.DEV.DEVNAME.MATCHES}'
value: .*
description: Usado na descoberta de disco físico.
- macro: '{$VFS.DEV.DEVNAME.NOT_MATCHES}'
value: _Total
description: Usado na descoberta de disco físico.
- macro: '{$VFS.DEV.READ.AWAIT.WARN}'
value: '0.02'
description: Tempo médio de leitura (s) para disparar trigger.
- macro: '{$VFS.DEV.UTIL.MAX.WARN}'
value: '95'
description: Limiar de aviso para utilização de disco (%).
- macro: '{$VFS.DEV.WRITE.AWAIT.WARN}'
value: '0.02'
description: Tempo médio de escrita (s) para disparar trigger.
- macro: '{$VFS.FS.FSDRIVETYPE.MATCHES}'
value: fixed
description: Usado na descoberta de sistema de arquivos.
- macro: '{$VFS.FS.FSDRIVETYPE.NOT_MATCHES}'
value: ^\s$
description: Usado na descoberta de sistema de arquivos.
- macro: '{$VFS.FS.FSNAME.MATCHES}'
value: .*
description: Usado na descoberta de sistema de arquivos.
- macro: '{$VFS.FS.FSNAME.NOT_MATCHES}'
value: ^(?:/dev|/sys|/run|/proc|.+/shm$)
description: Usado na descoberta de sistema de arquivos.
- macro: '{$VFS.FS.FSTYPE.MATCHES}'
value: .*
description: Usado na descoberta de sistema de arquivos.
- macro: '{$VFS.FS.FSTYPE.NOT_MATCHES}'
value: ^\s$
description: Usado na descoberta de sistema de arquivos.
- macro: '{$VFS.FS.PUSED.MAX.CRIT}'
value: '90'
description: Limiar crítico de utilização do sistema de arquivos.
- macro: '{$VFS.FS.PUSED.MAX.WARN}'
value: '80'
description: Limiar de aviso de utilização do sistema de arquivos.
dashboards:
- uuid: eddc508f92df461f9ae1a8d3d4926025
name: Filesystems
pages:
- name: Overview
widgets:
- type: graphprototype
width: '72'
height: '5'
fields:
- type: INTEGER
name: columns
value: '3'
- type: GRAPH_PROTOTYPE
name: graphid.0
value:
host: Windows by Zabbix agent
name: 'FS [{#FSLABEL}({#FSNAME})]: Space utilization chart'
- type: STRING
name: reference
value: AAAEB
- type: graphprototype
y: '5'
width: '72'
height: '5'
fields:
- type: INTEGER
name: columns
value: '1'
- type: GRAPH_PROTOTYPE
name: graphid.0
value:
host: Windows by Zabbix agent
name: 'FS [{#FSLABEL}({#FSNAME})]: Space usage graph, in %'
- type: STRING
name: reference
value: AAAEC
- uuid: cb725ec673d748dfb4f0cd1a6f303742
name: Network interfaces
pages:
- name: Overview
widgets:
- type: graphprototype
width: '72'
height: '5'
fields:
- type: INTEGER
name: columns
value: '1'
- type: GRAPH_PROTOTYPE
name: graphid.0
value:
host: Windows by Zabbix agent
name: 'Interface {#IFNAME}({#IFALIAS}): Network traffic'
- type: STRING
name: reference
value: AAAAI
- uuid: 35b47ad17195456b9c75673b08a6aa61
name: System performance
pages:
- widgets:
- type: graph
width: '36'
height: '5'
fields:
- type: GRAPH
name: graphid.0
value:
host: Windows by Zabbix agent
name: 'Windows: CPU usage'
- type: STRING
name: reference
value: AAAAA
- type: graph
y: '5'
width: '36'
height: '5'
fields:
- type: GRAPH
name: graphid.0
value:
host: Windows by Zabbix agent
name: 'Windows: Memória: % de Utilização'
- type: STRING
name: reference
value: AAAAC
- type: graphprototype
y: '10'
width: '72'
height: '5'
fields:
- type: INTEGER
name: columns
value: '3'
- type: GRAPH_PROTOTYPE
name: graphid.0
value:
host: Windows by Zabbix agent
name: 'FS [{#FSLABEL}({#FSNAME})]: Space utilization chart'
- type: STRING
name: reference
value: AAAEA
- type: graphprototype
y: '15'
width: '72'
height: '5'
fields:
- type: INTEGER
name: columns
value: '1'
- type: GRAPH_PROTOTYPE
name: graphid.0
value:
host: Windows by Zabbix agent
name: '{#DEVNAME}: Taxas de leitura/escrita do disco'
- type: STRING
name: reference
value: AAAAF
- type: graphprototype
y: '20'
width: '72'
height: '5'
fields:
- type: INTEGER
name: columns
value: '1'
- type: GRAPH_PROTOTYPE
name: graphid.0
value:
host: Windows by Zabbix agent
name: '{#DEVNAME}: Utilização e fila do disco'
- type: STRING
name: reference
value: AAAAG
- type: graphprototype
y: '25'
width: '72'
height: '5'
fields:
- type: INTEGER
name: columns
value: '1'
- type: GRAPH_PROTOTYPE
name: graphid.0
value:
host: Windows by Zabbix agent
name: 'Interface {#IFNAME}({#IFALIAS}): Network traffic'
- type: STRING
name: reference
value: AAAAH
- type: graph
x: '36'
width: '36'
height: '5'
fields:
- type: ITEM
name: itemid.0
value:
host: Windows by Zabbix agent
key: perf_counter_en["\System\Processor Queue Length"]
- type: STRING
name: reference
value: AAAAB
- type: INTEGER
name: source_type
value: '1'
- type: graph
x: '36'
y: '5'
width: '36'
height: '5'
fields:
- type: GRAPH
name: graphid.0
value:
host: Windows by Zabbix agent
name: 'Windows: Swap usage'
- type: STRING
name: reference
value: AAAAD
valuemaps:
- uuid: bf2000c20fc64121ae5348f8f0de512c
name: Win32_NetworkAdapter::AdapterTypeId
mappings:
- value: '0'
newvalue: Ethernet 802.3
- value: '1'
newvalue: Token Ring 802.5
- value: '2'
newvalue: Fiber Distributed Data Interface (FDDI)
- value: '3'
newvalue: Wide Area Network (WAN)
- value: '4'
newvalue: LocalTalk
- value: '5'
newvalue: Ethernet using DIX header format
- value: '6'
newvalue: ARCNET
- value: '7'
newvalue: ARCNET (878.2)
- value: '8'
newvalue: ATM
- value: '9'
newvalue: Wireless
- value: '10'
newvalue: Infrared Wireless
- value: '11'
newvalue: Bpc
- value: '12'
newvalue: CoWan
- value: '13'
newvalue: '1394'
- uuid: 5aaee6cd7cab405096990f88d00ed809
name: Win32_NetworkAdapter::NetConnectionStatus
mappings:
- value: '0'
newvalue: Desconectado
- value: '1'
newvalue: Conectando
- value: '2'
newvalue: Conectado
- value: '3'
newvalue: Desconectando
- value: '4'
newvalue: Hardware Ausente
- value: '5'
newvalue: Hardware Desabilitado
- value: '6'
newvalue: Falha de Hardware
- value: '7'
newvalue: Media Desconectado
- value: '8'
newvalue: Autenticando
- value: '9'
newvalue: Autenticação com Sucesso
- value: '10'
newvalue: Falha na Autenticação
- value: '11'
newvalue: Endereço Inválido
- value: '12'
newvalue: Credenciais Necessárias
- uuid: 3ab5b73f4a5e48fabc302d617965cbc6
name: Windows service state
mappings:
- value: '0'
newvalue: Em Execução
- value: '1'
newvalue: Pausado
- value: '2'
newvalue: Início Pendente
- value: '3'
newvalue: Pausa Pendente
- value: '4'
newvalue: Continuação Pendente
- value: '5'
newvalue: Parada Pendente
- value: '6'
newvalue: Parado
- value: '7'
newvalue: Unknown
- value: '255'
newvalue: Serviço Inexistente
- uuid: d0aed5fe712e4ec6b0c0c46170f1e7db
name: zabbix.host.disponível
mappings:
- value: '0'
newvalue: indisponível
- value: '1'
newvalue: disponível
- value: '2'
newvalue: desconhecido
- uuid: 5e9932b1b82a45dca555b341b8ffa07a
name: Status do Agente Zabbix (Ping) status
mappings:
- value: '1'
newvalue: Up
triggers:
- uuid: cf818b8f44fe4c59b0a5edb9128cd336
expression: min(/Windows by Zabbix agent/perf_counter_en["\System\Processor Queue Length"],5m) - last(/Windows by Zabbix agent/wmi.get[root/cimv2,"Select NumberOfLogicalProcessors from Win32_ComputerSystem"]) * 2 > {$CPU.QUEUE.CRIT.MAX}
name: '⚠️ Windows: CPU com Fila Alta (Queue Length)'
event_name: '⚠️ Windows: CPU com Fila Alta (Queue > {$CPU.QUEUE.CRIT.MAX} por 5m)'
priority: WARNING
description: "⚠️ A fila de processamento da CPU está alta.\n\n📉 Impacto: Lentidão geral no sistema, atraso na resposta de aplicações.\n🛠 Ação: 1. Verifique processos consumindo CPU. 2. Adicione mais vCPUs se for VM."
dependencies:
- name: '🔥 Windows: Uso de CPU Crítico'
expression: min(/Windows by Zabbix agent/system.cpu.util,5m)>{$CPU.UTIL.CRIT}
tags:
- tag: scope
value: performance
- uuid: 6c522c46798046ddb34b594dfd4ad909
expression: max(/Windows by Zabbix agent/system.swap.pfree,5m)<{$SWAP.PFREE.MIN.WARN} and last(/Windows by Zabbix agent/system.swap.size[,total])>0
name: '⚠️ Windows: Swap em Uso Elevado'
event_name: '⚠️ Windows: Swap em Uso Elevado (Livre < {$SWAP.PFREE.MIN.WARN}%)'
opdata: 'Free: {ITEM.LASTVALUE1}, total: {ITEM.LASTVALUE2}'
priority: WARNING
description: "⚠️ O arquivo de paginação (Swap) está com pouco espaço livre.\n\n📉 Impacto: O sistema pode ficar instável ou travar aplicações por falta de memória virtual.\n🛠 Ação: 1. Aumente o tamanho do Pagefile. 2. Check memory leaks."
dependencies:
- name: '🧠 Windows: Memória Esgotada'
expression: min(/Windows by Zabbix agent/vm.memory.util,5m)>{$MEMORY.UTIL.MAX}
tags:
- tag: scope
value: performance
graphs:
- uuid: 9749724ae8c24c77bdfdc3e690ab3660
name: 'Windows: CPU jumps'
graph_items:
- color: 199C0D
item:
host: Windows by Zabbix agent
key: perf_counter_en["\System\Context Switches/sec"]
- sortorder: '1'
color: F63100
item:
host: Windows by Zabbix agent
key: perf_counter_en["\Processor Information(_total)\% Interrupt Time"]
- uuid: de895639f6d844f495a101276799efa0
name: 'Windows: CPU usage'
type: STACKED
ymin_type_1: FIXED
ymax_type_1: FIXED
graph_items:
- color: 199C0D
item:
host: Windows by Zabbix agent
key: perf_counter_en["\Processor Information(_total)\% User Time"]
- sortorder: '1'
color: F63100
item:
host: Windows by Zabbix agent
key: perf_counter_en["\Processor Information(_total)\% Privileged Time"]
- uuid: cfa34662a8b3468486dce4a36fe9ded7
name: 'Windows: CPU: Utilização Total'
ymin_type_1: FIXED
ymax_type_1: FIXED
graph_items:
- drawtype: GRADIENT_LINE
color: 199C0D
item:
host: Windows by Zabbix agent
key: system.cpu.util
- uuid: ff4e6c6c617f49118766b17ebd733f9d
name: 'Windows: Memória: % de Utilização'
ymin_type_1: FIXED
ymax_type_1: FIXED
graph_items:
- drawtype: GRADIENT_LINE
color: 199C0D
item:
host: Windows by Zabbix agent
key: vm.memory.util
- uuid: 2fffec59d28745c2beda2e15bd907f55
name: 'Windows: Swap usage'
graph_items:
- color: 199C0D
item:
host: Windows by Zabbix agent
key: system.swap.free
- sortorder: '1'
color: F63100
item:
host: Windows by Zabbix agent
key: system.swap.size[,total]
Reference in New Issue View Git Blame Copy Permalink