5 Minimum permission level for Windows agent items

Overview

When monitoring systems using an agent, a good practice is to obtain metrics from the host on which the agent is installed. To use the principle of least privilege, it is necessary to determine what metrics are obtained from the agent.

The table in this document allows you to select the minimum rights for guaranteed correct operation of Zabbix agent.

If a different user is selected for the agent to work, rather than ‘LocalSystem’, then for the operation of agent as a Windows service, the new user must have the rights “Log on as a service” from “Local Policy→User Rights Assignment” and the right to create, write and delete the Zabbix agent log file. An Active Directory user must be added to the Performance Monitor Users group.

When working with the rights of an agent based on the “minimum technically acceptable” group, prior provision of rights to objects for monitoring is required.

Common agent items supported on Windows

Item keyUser group
RecommendedMinimum technically acceptable (functionality is limited)
agent.hostnameGuestsGuests
agent.pingGuestsGuests
agent.variantGuestsGuests
agent.versionGuestsGuests
logAdministratorsGuests
log.countAdministratorsGuests
logrtAdministratorsGuests
logrt.countAdministratorsGuests
net.dnsGuestsGuests
net.dns.recordGuestsGuests
net.if.discoveryGuestsGuests
net.if.inGuestsGuests
net.if.outGuestsGuests
net.if.totalGuestsGuests
net.tcp.listenGuestsGuests
net.tcp.portGuestsGuests
net.tcp.serviceGuestsGuests
net.tcp.service.perfGuestsGuests
net.udp.serviceGuestsGuests
net.udp.service.perfGuestsGuests
proc.numAdministratorsGuests
system.cpu.discoveryPerformance Monitor UsersPerformance Monitor Users
system.cpu.loadPerformance Monitor UsersPerformance Monitor Users
system.cpu.numGuestsGuests
system.cpu.utilPerformance Monitor UsersPerformance Monitor Users
system.hostnameGuestsGuests
system.localtimeGuestsGuests
system.runAdministratorsGuests
system.sw.archGuestsGuests
system.swap.sizeGuestsGuests
system.unameGuestsGuests
system.uptimePerformance Monitor UsersPerformance Monitor Users
vfs.dir.countAdministratorsGuests
vfs.dir.getAdministratorsGuests
vfs.dir.sizeAdministratorsGuests
vfs.file.cksumAdministratorsGuests
vfs.file.contentsAdministratorsGuests
vfs.file.existsAdministratorsGuests
vfs.file.md5sumAdministratorsGuests
vfs.file.regexpAdministratorsGuests
vfs.file.regmatchAdministratorsGuests
vfs.file.sizeAdministratorsGuests
vfs.file.timeAdministratorsGuests
vfs.fs.discoveryAdministratorsGuests
vfs.fs.sizeAdministratorsGuests
vm.memory.sizeGuestsGuests
web.page.getGuestsGuests
web.page.perfGuestsGuests
web.page.regexpGuestsGuests
zabbix.statsGuestsGuests

Windows-specific item keys

Item keyUser group
RecommendedMinimum technically acceptable (functionality is limited)
eventlogEvent Log ReadersGuests
net.if.listGuestsGuests
perf_counterPerformance Monitor UsersPerformance Monitor Users
proc_infoAdministratorsGuests
service.discoveryGuestsGuests
service.infoGuestsGuests
servicesGuestsGuests
wmi.getAdministratorsGuests
vm.vmemory.sizeGuestsGuests