Re: Tying debsecan & Zabbix (or RT) together?

[Florian Weimer <fw@deneb.enyo.de>]

* Richard Hartmann:

>>  What kind of data does Zabbix need?
>
> It can collect, and then trigger on, arbitrary data. In this case, it
> would probably make sense to collect CVE number, remote/local,
> the package in question, the version in question, the severity and
> if there is a fix available.

The default debsecan output format might suffice for this.

> If any of this changes (probably only the availability of a fix or
> if a fixed package has been installed), it should send new data.

However, it does not contain change detection.

> I take it you have an interest in this to make centralised host
> security management easier?

Yes, but I don't know if Zabbix is part of the solution.