Monitor SELinux with Zabbix

Add the following to the end of /etc/zabbix/zabbix_agentd.conf
# SELinux Keys
UserParameter=selinux.status,/usr/sbin/sestatus | grep status | awk ‘{print $NF}’ | sed s/enabled/1/ | sed s/disabled/0/
UserParameter=selinux.mode,if [[ $(/usr/sbin/sestatus | egrep “status.*enabled”) ]]; then /usr/sbin/sestatus | grep mode | awk ‘{print $NF}’ | sed s/enforcing/1/ | sed s/permissive/0/; else echo 2; fi
UserParameter=selinux.boolean[*],if [[ $(/usr/sbin/sestatus | egrep “status.*enabled”) ]]; then /usr/sbin/sestatus -b | grep “^$1 ” | awk ‘{print $NF}’ | sed s/off/0/ | sed s/on/1/; else echo 2; fi

Restart the Zabbix agent
/etc/init.d/zabbix-agent restart

Scroll to top