[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-user
Subject:    Re: Tying debsecan & Zabbix (or RT) together?
From:       Florian Weimer <fw () deneb ! enyo ! de>
Date:       2008-12-14 20:25:47
Message-ID: 87ljuia4hg.fsf () mid ! deneb ! enyo ! de
[Download RAW message or body]

* Richard Hartmann:

>>  What kind of data does Zabbix need?
>
> It can collect, and then trigger on, arbitrary data. In this case, it
> would probably make sense to collect CVE number, remote/local,
> the package in question, the version in question, the severity and
> if there is a fix available.

The default debsecan output format might suffice for this.

> If any of this changes (probably only the availability of a fix or
> if a fixed package has been installed), it should send new data.

However, it does not contain change detection.

> I take it you have an interest in this to make centralised host
> security management easier?

Yes, but I don't know if Zabbix is part of the solution.


-- 
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

[prev in list] [next in list] [prev in thread] [next in thread]