i'm trying to monitor all antivirus software installed on windows computer.
now, i do this:
zabbix_agentd.conf:
UserParameter=product_state,wmic /NAMESPACE:\\root\SecurityCenter2 PATH AntiVirusProduct GET /value | find "productState"
Zabbix Item:
Type: Zabbix Agent
Key: product_sate
type of information: Text
Zabbix Trigger:
Severity: Disaster
Expression: ({hostname:product_state.last(0)}<>266240) and ({hostname:product_state.last(0)}<>397312)
My problem occur when the agent sends the data with multiple values, like this:
productState=266240
productState=393472
In this case, i have a "Eset Antivirus" and "Windows defender" installed on client computer.
I think the solution is make a "discovery" in zabbix, but i don't know how to get the data from "wmic" command and monitor it.
please, can anybody helps me?
Thanks
