zabbix_export:
  version: '6.0'
  date: '2021-11-21T21:31:53Z'
  groups:
    -
      uuid: 7df96b18c230490a9a0a9e2307226338
      name: Templates
  templates:
    -
      uuid: 0ef119c02a0e44a4bfb2a81e4aaebae4
      template: Linux_Services
      name: 'Linux Services'
      description: |
        ## Overview
        
        This script detects processes that are running for a while and presumes that these are services that should be running always. The magic is in the regular expression.  
        The LLD-template will use the JSON-output to create the item proc.num[{#SERVICE}] for each of these processes and a trigger that will check if it is running or not.
        
        
        This takes away the need to specify in your template which service is supposed to be running.
        
        
        If it detects a service that does not need monitoring you can always disable it. If the service should never be monitored it is better to add these to the "Global regular expressions" of Zabbix (or in the script).
        
        
         */etc/zabbix/scripts/service\_discovery*
        
        
        **#!/bin/bash**
        
        
        **TMPDIR=`mktemp -t -d ${0//*\/}.XXXXXXXXXX`**
        
        
        **echo '^-**
        
        
        **^\_****^sleep$****^qmgr$****^showq$****^pickup$****^pigz$****^tar$****^pmm-ras$****^backupmng$****^proxymap$****^cleanup$****^tlsmgr$****^anvil$****^trivial-rewrite$****^dd$****^init$****^php****^perl$****^python$****^lua$****^sh$****^bash$****^auth$****^login$****^imap****^accounts-daemon$****^config$****^ssl-params$****^vlogger$****^ssh$****^zabbix\_agent****^systemd****^proxymap$****zip$****^awk$****^log$****^run-parts$****getty$****^smtp$****^smtpd$****^amavisd****^postgrey****^pure-ftpd****^proftpd****^Passenger****^qsync****^qWatchdogd****^spamd$' >${TMPDIR}/filter**
        
        
        **ps aux | egrep -io '([a-z]+[0-9]+| 20[0-9][0-9]) +[0-9]+:[0-9]+ [A-Za-z0-9/\_-]*( |:|$)' | \** **sed 's/.*\///g;s/[ :]$//g;s/.* //g' | grep '[a-z]' | \** **grep -vf ${TMPDIR}/filter | sort | uniq >${TMPDIR}/progs**
        
        
        **if [ -s ${TMPDIR}/progs ] ; then** **echo -e "{\n\t\"data\":["** **while read SERVICE ; do** **[ ${PRINTED} ] && echo ","** **PRINTED=true** **echo -en "\t\t{ \"{#SERVICE}\":\"${SERVICE}\" }"** **done <${TMPDIR}/progs** **echo -e "\n\t]\n}"****fi**  
        **rm -r ${TMPDIR}**
        
        
         
        
        
        
        ## Author
        
        Frater
        
        
      groups:
        -
          name: Templates
      discovery_rules:
        -
          uuid: 9a725c79a13645169cc520531fb17d31
          name: 'Linux service discovery'
          key: service.discovery
          delay: 1h
          filter:
            conditions:
              -
                macro: '{#SERVICE}'
                value: '@Linux service name for discovery'
                formulaid: A
          item_prototypes:
            -
              uuid: 8ec0013905b4478e9a22979116e46ce7
              name: 'Number of processes $1'
              key: 'proc.num[{#SERVICE}]'
              delay: 2m
              trigger_prototypes:
                -
                  uuid: 22148d0e6f8b40a3ba8a174f9972c910
                  expression: 'last(/Linux_Services/proc.num[{#SERVICE}])=0'
                  name: 'Service {#SERVICE} is not running'
                  priority: HIGH