[prev in list] [next in list] [prev in thread] [next in thread]
List: debian-user
Subject: Re: Tying debsecan & Zabbix (or RT) together?
From: Florian Weimer <fw () deneb ! enyo ! de>
Date: 2008-12-14 20:25:47
Message-ID: 87ljuia4hg.fsf () mid ! deneb ! enyo ! de
[Download RAW message or body]
* Richard Hartmann:
>> What kind of data does Zabbix need?
>
> It can collect, and then trigger on, arbitrary data. In this case, it
> would probably make sense to collect CVE number, remote/local,
> the package in question, the version in question, the severity and
> if there is a fix available.
The default debsecan output format might suffice for this.
> If any of this changes (probably only the availability of a fix or
> if a fixed package has been installed), it should send new data.
However, it does not contain change detection.
> I take it you have an interest in this to make centralised host
> security management easier?
Yes, but I don't know if Zabbix is part of the solution.
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic