7 What’s new in Zabbix 5.2.2

Disabled autocomplete attribute for sensitive fields

To avoid potential exposure of data, the autocomplete attribute is now turned off for many fields containing sensitive information, such as a user’s password for logging into Zabbix, pre-shared keys (PSK), usernames and passwords used for data collection by various items and hosts, SNMPv3 authentication and privacy passphrases, passwords for media types; SSL key password and HTTP proxy fields used in web scenarios and HTTP items; usernames, passwords and key passphrases in remote commands. This setting shall prevent most browsers from using autocompletion in the affected fields.

Systemd discovery based on unit state

Zabbix agent 2 item systemd.unit.discovery now also returns the current enablement status of unit files under the {#UNIT.UNITFILESTATE} low-level discovery macro. As a use case example, these data may be used in the discovery rule filter to filter out all disabled systemd units and discover only enabled ones.

Protection against user enumeration attacks

To make sure an attacker may not guess valid user names because temporary account blocking after consecutive failed login attempts is only applied to existing user names, the account blocking is now also enforced if non-existing user names are used.

To further obscure the possibility of such attacks, a unified generic message is now displayed for all problems related to incorrect login:

  1. Incorrect user name or password or account is temporarily blocked.

iTOP webhook integration

A new integration is available allowing to use the webhook media type for pushing Zabbix notifications to iTop.

New templates

The following templates are now available for out-of-the-box monitoring:

Apache projects
  • Hadoop by HTTP - monitoring of Apache Hadoop using HTTP agent – see HTTP templates for setup instructions.

  • ZooKeeper by HTTP - monitoring of Apache ZooKeeper using HTTP agent – see HTTP templates for setup instructions.

Aranet Cloud
Morningstar
  • Morningstar ProStar MPPT SNMP - monitoring of Prostar MPPT solar charge controller via SNMP;

  • Morningstar ProStar PWM SNMP - monitoring of ProStar pulse width modulation (PWM) solar charge controller via SNMP;

  • Morningstar SunSaver MPPT SNMP - monitoring of SunSaver MPPT solar charge controller via SNMP;

  • Morningstar SureSine SNMP - monitoring of SureSine pure sine wave inverter via SNMP;

  • Morningstar TriStar MPPT 600V SNMP - monitoring of TriStar MPPT 600V solar charge controller via SNMP;

  • Morningstar TriStar MPPT SNMP - monitoring of TriStar MPPT solar charge controller via SNMP;

  • Morningstar TriStar PWM SNMP - monitoring of TriStar PWM solar charge controller via SNMP.

These templates are specifically designed for monitoring Morningstar devices; a step-by-step User guide to setting up Zabbix monitoring of the Morningstar products is also available.

Virtual machines

VMware FQDN - agent-less monitoring of VMware vCenter and ESX hypervisor – see Virtual machine monitoring for additional info.

You can get these templates:

  • In ConfigurationTemplates in new installations;

  • If you are upgrading from previous versions, you can download new templates from Zabbix Git repository or find them in the templates directory of the downloaded latest Zabbix version. Then, while in ConfigurationTemplates you can import them manually into Zabbix.

Updated items

  • vmware.vm.discovery item, used for virtual machine discovery, now returns additional fields {#VM.DNS}, {#VM.GUESTFAMILY}, {#VM.GUESTFULLNAME}, {#VM.IP};

  • vmware.hv.discovery item, used for hypervisor discovery, now returns an additional field {#HV.IP}.