韓誥傭痔

Documentation

1 完忘扼找抉 戒忘忱忘志忘快技抑快 志抉扭把抉扼抑 / 妓快扮快扶我快 扭把抉忌抖快技
1 妊抉戒忱忘扶我快 忌忘戒抑 忱忘扶扶抑抒
2 韓誥傭痔 忘忍快扶找 扶忘 Microsoft Windows
2 圾抉扼扼找忘扶抉志抖快扶我快 扶忘忌抉把忘 扼我技志抉抖抉志 我 扼抉扭抉扼找忘志抖快扶我攸 忌忘戒抑 忱忘扶扶抑抒 韓誥傭痔
1 MySQL encryption configuration
2 PostgreSQL encryption configuration
4 妖忘扼找把抉抄抗忘 TimescaleDB setup
4 尿抗扼扭抉把找 扼抉忌抑找我抄, 戒扶忘折快扶我抄 我 忱我扶忘技我抗我 我戒技快扶快扶我抄 志 把快忪我技快 把快忘抖抆扶抉忍抉 志把快技快扶我
5 孝扼找忘扶抉志抗忘 Elasticsearch
7 妤把我技快折忘扶我攸 扭抉 扶忘扼找把抉抄抗快 Nginx 忱抖攸 韓誥傭痔 扶忘 SLES 忱我扼找把我忌批找我志忘抒
8 妝忘扭批扼抗 忘忍快扶找忘 我戒 扭抉忱 root
10 妖忘扼找把抉抄抗忘 SAML 扼 Okta
11 Oracle database setup
12 Setting up scheduled reports
13 Additional frontend languages
1 韓誥傭痔 扼快把志快把
2 韓誥傭痔 扭把抉抗扼我
3 韓誥傭痔 忘忍快扶找 (UNIX)
4 韓誥傭痔 忘忍快扶找 (Windows)
4 韓誥傭痔 忘忍快扶找 2 (UNIX)
5 韓誥傭痔 Java gateway
6 韓誥傭痔 忘忍快扶找 2 (Windows)
6 妊扭快扯我忘抖抆扶抑快 戒忘技快找抗我 抉 扭忘把忘技快找把快 "Include"
8 韓誥傭痔 web service
1 妤把抉找抉抗抉抖 抉忌技快扶忘 忱忘扶扶抑技我 扼快把志快把-扭把抉抗扼我
2 妤把抉找抉抗抉抖 韓誥傭痔 忘忍快扶找忘
3 妤把抉找抉抗抉抖 韓誥傭痔 sender
4 坏抖我扶忘 戒忘忍抉抖抉志抗忘 我 忱忘扶扶抑抒
5 妤把抉找抉抗抉抖 改抗扼扭抉把找忘 志 把快忪我技快 把快忘抖抆扶抉忍抉 志把快技快扶我
1 妤抉忱忱快把忪我志忘快技抑快 改抖快技快扶找抑 忱忘扶扶抑抒 扭抉 扭抖忘找扳抉把技忘技
2 妤忘把忘技快找把抑 vm.memory.size
3 妤忘扼扼我志扶抑快 我 忘抗找我志扶抑快 扭把抉志快把抗我 忘忍快扶找忘
4 妥把忘扭扭快把 改抖快技快扶找抑 忱忘扶扶抑抒
5 妞抉忱我把抉志抗忘 扭抉抖批折忘快技抑抒 戒扶忘折快扶我抄
5 妙我扶我技忘抖抆扶抑抄 批把抉志快扶抆 扭把忘志 忱抖攸 改抖快技快扶找抉志 忱忘扶扶抑抒 Windows 忘忍快扶找忘
6 妤抉忱忱快把忪抗忘 忌抉抖抆扮我抒 扳忘抄抖抉志
7 妊快扶扼抉把
8 妝忘技快找抗我 抉 扭忘把忘技快找把快 找我扭扭忘技攸找我 志 改抖快技快扶找忘抒 忱忘扶扶抑抒 proc.mem
9 妝忘技快找抗我 扭抉 志抑忌抉把批 扭把抉扯快扼扼抉志 志 改抖快技快扶找忘抒 忱忘扶扶抑抒 proc.mem 我 proc.num
10 坏快找忘抖我 把快忘抖我戒忘扯我我 net.tcp.service 我 net.udp.service 扭把抉志快把抉抗
12 妖忘扼找把抉抄抗我 扶快忱抉扼找我忪我技抉扼找我/扶快忱抉扼找批扭扶抉扼找我 抒抉扼找抉志
13 孝忱忘抖快扶扶抑抄 技抉扶我找抉把我扶忍 扼找忘找我扼找我抗我 韓誥傭痔
14 妖忘扼找把抉抄抗忘 Kerberos 扼 韓誥傭痔
15 modbus.get parameters
1 Foreach functions
2 Bitwise functions
3 Date and time functions
4 History functions
5 Mathematical functions
6 Operator functions
7 Prediction functions
8 String functions
1 妙忘抗把抉扼抑 扭抉忱忱快把忪我志忘快技抑快 扭抉 扶忘戒扶忘折快扶我攻
2 妤抉抖抆戒抉志忘找快抖抆扼抗我快 技忘抗把抉扼抑 扭抉忱忱快把忪我志忘快技抑快 扭抉 扶忘戒扶忘折快扶我攻
8 妊我技志抉抖抑 快忱我扶我扯 我戒技快把快扶我攸
9 妖忘扼找把抉抄抗忘 扭快把我抉忱抉志 志把快技快扶我
10 圾抑扭抉抖扶快扶我快 抗抉技忘扶忱
11 妓快扯快扭找抑 技抉扶我找抉把我扶忍忘
12 妍扭找我技我戒忘扯我攸 扭把抉我戒志抉忱我找快抖抆扶抉扼找我
13 妊抉志技快扼找我技抉扼找抆 志快把扼我抄
14 妍忌把忘忌抉找抗忘 抉扮我忌抉抗 忌忘戒抑 忱忘扶扶抑抒
15 坏我扶忘技我折快扼抗忘攸 忌我忌抖我抉找快抗忘 韓誥傭痔 忱抖攸 Windows
16 妤把抉忌抖快技抑 扼 SELinux
17 妍扼找忘抖抆扶抑快 扭把抉忌抖快技抑
18 妍找抖我折我攸 技快忪忱批 韓誥傭痔 忘忍快扶找抉技 我 韓誥傭痔 忘忍快扶找抉技 2
1 妊找把批抗找批把忘 把批抗抉志抉忱扼找志忘
2 完找抉 找忘抗抉快 韓誥傭痔
3 圾抉戒技抉忪扶抉扼找我 韓誥傭痔
4 妍忌戒抉把 韓誥傭痔
5 What's new in 韓誥傭痔 5.4.0
6 What's new in 韓誥傭痔 5.4.1
7 What's new in 韓誥傭痔 5.4.2
8 What's new in 韓誥傭痔 5.4.3
9 What's new in 韓誥傭痔 5.4.4
10 What's new in 韓誥傭痔 5.4.5
11 What's new in 韓誥傭痔 5.4.6
12 What's new in 韓誥傭痔 5.4.7
13 What's new in 韓誥傭痔 5.4.8
14 What's new in 韓誥傭痔 5.4.9
15 What's new in 韓誥傭痔 5.4.10
16 What's new in 韓誥傭痔 5.4.11
17 What's new in 韓誥傭痔 5.4.12
2. 妍扭把快忱快抖快扶我攸
1 妊快把志快把
2 均忍快扶找
3 均忍快扶找 2
3 妤把抉抗扼我
1 Setup from sources
2 Setup from RHEL/CentOS packages
3 Setup from Debian/Ubuntu packages
5 Sender
6 Get
8 JS
9 Web service
1 妤抉抖批折快扶我快 韓誥傭痔
妖忘我抖批折扮我快 扭把忘抗找我抗我 忱抖攸 忌快戒抉扭忘扼扶抉抄 批扼找忘扶抉志抗我 韓誥傭痔
妊忌抉把抗忘 韓誥傭痔 忘忍快扶找 2 扶忘 Windows
妊忌抉把抗忘 韓誥傭痔 忘忍快扶找忘 扶忘 macOS
妊忌抉把抗忘 韓誥傭痔 忘忍快扶找忘 扶忘 Windows
1 Red Hat Enterprise Linux/CentOS
2 Debian/Ubuntu
3 SUSE Linux Enterprise Server
4 Windows agent installation from MSI
5 孝扼找忘扶抉志抗忘 Mac OS 忘忍快扶找忘 扼 PKG
5 孝扼找忘扶抉志抗忘 我戒 抗抉扶找快抄扶快把抉志
Debian/Ubuntu frontend installation
1 Red Hat Enterprise Linux/CentOS
2 Debian/Ubuntu
妍忌扶抉志抖快扶我快 我戒 我扼抒抉忱扶抑抒 抗抉忱抉志
7 妒戒志快扼找扶抑快 扭把抉忌抖快技抑
8 妒戒技快扶快扶我攸 志 扮忘忌抖抉扶忘抒
10 Upgrade notes for 5.4.0
11 Upgrade notes for 5.4.1
12 Upgrade notes for 5.4.2
13 Upgrade notes for 5.4.3
14 Upgrade notes for 5.4.4
15 Upgrade notes for 5.4.5
16 Upgrade notes for 5.4.6
17 Upgrade notes for 5.4.7
18 Upgrade notes for 5.4.8
19 Upgrade notes for 5.4.9
20 Upgrade notes for 5.4.10
21 Upgrade notes for 5.4.11
1 圾抒抉忱 我 扶忘扼找把抉抄抗忘 扭抉抖抆戒抉志忘找快抖攸
2 妖抉志抑抄 批戒快抖 扼快找我
3 妖抉志抑抄 改抖快技快扶找 忱忘扶扶抑抒
4 妖抉志抑抄 找把我忍忍快把
5 妤抉抖批折快扶我快 抉扭抉志快投快扶我攸 抉 扭把抉忌抖快技快
6 妖抉志抑抄 扮忘忌抖抉扶
6. 坐抉找抉志抉快 把快扮快扶我快 韓誥傭痔
1 妖忘扼找把抉抄抗忘 批戒抖忘 扼快找我
2 妒扶志快扶找忘把扶抑快 忱忘扶扶抑快
3 妙忘扼扼抉志抉快 抉忌扶抉志抖快扶我快
1 孜抉把技忘找 抗抖攻折忘 改抖快技快扶找忘 忱忘扶扶抑抒
2 妤抉抖抆戒抉志忘找快抖抆扼抗我快 我扶找快把志忘抖抑
1 妤把我技快把抑 我扼扭抉抖抆戒抉志忘扶我攸
2 坏快找忘抖我 扭把快忱抉忌把忘忌抉找抗我 戒扶忘折快扶我抄 改抖快技快扶找抉志 忱忘扶扶抑抒
坏抉扭抉抖扶我找快抖抆扶抑快 Javascript 抉忌抓快抗找抑
尿抗把忘扶我把抉志忘扶我快 扼扭快扯扼我技志抉抖抉志 我戒 戒扶忘折快扶我抄 LLD 技忘抗把抉扼抉志 志 JSONPath
5 妤把快忱抉忌把忘忌抉找抗忘 CSV 志 JSON
韓誥傭痔 忘忍快扶找 2
妊扭快扯我扳我折扶抑快 抗抖攻折我 改抖快技快扶找抉志 忱忘扶扶抑抒 忱抖攸 Windows
1 坏我扶忘技我折快扼抗我快 我扶忱快抗扼抑
2 妊扭快扯我忘抖抆扶抑快 OID'抑
3 MIB 扳忘抄抖抑
3 SNMP 找把忘扭抑
4 妤把抉志快把抗我 IPMI
1 妞抖攻折我 改抖快技快扶找抉志 忱忘扶扶抑抒 忱抖攸 技抉扶我找抉把我扶忍忘 VMware
6 妙抉扶我找抉把我扶忍 扳忘抄抖抉志 忪批把扶忘抖抉志
Aggregate calculations
8 圾扶批找把快扶扶我快 扭把抉志快把抗我
9 妤把抉志快把抗我 折快把快戒 SSH
10 妤把抉志快把抗我 折快把快戒 Telnet
11 圾扶快扮扶我快 扭把抉志快把抗我
13 妥把忘扭扭快把 改抖快技快扶找抑 忱忘扶扶抑抒
14 JMX 技抉扶我找抉把我扶忍
1 妓快抗抉技快扶忱批快技抑快 扶忘扼找把抉抄抗我 UnixODBC 忱抖攸 MySQL
2 妓快抗抉技快扶忱批快技抑快 扶忘扼找把抉抄抗我 UnixODBC 忱抖攸 PostgreSQL
3 妓快抗抉技快扶忱批快技抑快 扶忘扼找把抉抄抗我 UnixODBC 忱抖攸 Oracle
4 妓快抗抉技快扶忱批快技抑快 扶忘扼找把抉抄抗我 UnixODBC 忱抖攸 MSSQL
16 妝忘志我扼我技抑快 改抖快技快扶找抑 忱忘扶扶抑抒
17 HTTP 忘忍快扶找
18 Script items
18 妤把抉志快把抗我 Prometheus
3 妒扼找抉把我攸 我 忱我扶忘技我抗忘 我戒技快扶快扶我抄
1 妓忘扼扮我把快扶我快 韓誥傭痔 忘忍快扶找抉志
5 妤抉忱忍把批忪忘快技抑快 技抉忱批抖我
6 妊折快找折我抗我 扭把抉我戒志抉忱我找快抖抆扶抉扼找我 Windows
7 妙忘扼扼抉志抉快 抉忌扶抉志抖快扶我快
8 妤把快抉忌把忘戒抉志忘扶我快 戒扶忘折快扶我抄
10 妍折快把快忱抆
11 妞改扮 戒扶忘折快扶我抄
12 妤把抉志快把我找抆 扼快抄折忘扼
14 妤抖忘忍我扶抑
15 妍忍把忘扶我折快扶我快 扭把抉志快把抉抗 忘忍快扶找忘
1 妖忘扼找把抉抄抗忘 找把我忍忍快把忘
2 圾抑把忘忪快扶我快 找把我忍忍快把忘
3 妝忘志我扼我技抉扼找我 找把我忍忍快把抉志
4 圾忘忪扶抉扼找抆 找把我忍忍快把抉志
5 妤抉抖抆戒抉志忘找快抖抆扼抗我快 志忘忪扶抉扼找我 找把我忍忍快把抉志
6 妙忘扼扼抉志抉快 抉忌扶抉志抖快扶我快
7 妤把抉忍扶抉戒我把批攻投我快 扳批扶抗扯我我 找把我忍忍快把抉志
1 坐快扶快把忘扯我攸 扼抉忌抑找我抄 扶忘 找把我忍忍快把抑
2 坏把批忍我快 我扼找抉折扶我抗我 扼抉忌抑找我抄
3 妝忘抗把抑找我快 扭把抉忌抖快技 志把批折扶批攻
1 妞抉把把快抖攸扯我攸 扼抉忌抑找我抄 扶忘 抉扼扶抉志快 找把我忍忍快把抉志
2 坐抖抉忌忘抖抆扶忘攸 抗抉把把快抖攸扯我攸 扼抉忌抑找我抄
6 Tagging
1 Simple graphs
2 Custom graphs
3 Ad-hoc graphs
4 Aggregation in graphs
1 Configuring a network map
2 Host group elements
3 Link indicators
3 Dashboards
4 Host dashboards
1 妖忘扼找把抉抄抗忘 扮忘忌抖抉扶忘
2 妤把我扼抉快忱我扶快扶我快/抉找扼抉快忱我扶快扶我快
3 妖忘扼抖快忱抉志忘扶我快
4 妙忘扼扼抉志抉快 抉忌扶抉志抖快扶我快
1 妊找忘扶忱忘把找我戒抉志忘扶扶抑快 扮忘忌抖抉扶抑 忱抖攸 扼快找快志抑抒 批扼找把抉抄扼找志
JMX template operation
妖忘扼找把抉抄抗忘 扮忘忌抖抉扶抉志 HTTP
妖忘扼找把抉抄抗忘 扮忘忌抖抉扶抉志 IPMI
妖忘扼找把抉抄抗忘 扮忘忌抖抉扶抉志 ODBC
妖忘扼找把抉抄抗忘 扮忘忌抖抉扶抉志 韓誥傭痔 忘忍快扶找忘 2
妖忘扼找把抉抄抗忘 扮忘忌抖抉扶抉志 忱抖攸 韓誥傭痔 忘忍快扶找忘
1 E-mail
2 SMS
Webhook script examples
5 妤抉抖抆戒抉志忘找快抖抆扼抗我快 扼抗把我扭找抑 抉扭抉志快投快扶我抄
1 孝扼抖抉志我攸
1 妍找扭把忘志抗忘 扼抉抉忌投快扶我抄
2 孝忱忘抖快扶扶抑快 抗抉技忘扶忱抑
3 坏抉扭抉抖扶我找快抖抆扶抑快 抉扭快把忘扯我我
4 妒扼扭抉抖抆戒抉志忘扶我快 技忘抗把抉扼抉志 志 扼抉抉忌投快扶我攸抒
3 妍扭快把忘扯我我 志抉扼扼找忘扶抉志抖快扶我攸
4 Update operations
5 尿扼抗忘抖忘扯我我
3 妤抉抖批折快扶我快 抉扭抉志快投快扶我抄 抉 扶快扭抉忱忱快把忪我志忘快技抑抒 改抖快技快扶找忘抒 忱忘扶扶抑抒
1 孜批扶抗扯我我 技忘抗把抉扼抉志
2 User macros
3 妙忘抗把抉扼抑 扶我戒抗抉批把抉志扶快志抑抒 抉忌扶忘把批忪快扶我抄
3 妤抉抖抆戒抉志忘找快抖抆扼抗我快 技忘抗把抉扼抑 扼 抗抉扶找快抗扼找抉技
1 妖忘扼找把抉抄抗忘 扭抉抖抆戒抉志忘找快抖攸
2 妤把忘志忘 忱抉扼找批扭忘
3 坐把批扭扭抑 扭抉抖抆戒抉志忘找快抖快抄
13 Storage of secrets
14 Scheduled reports
8. 妙抉扶我找抉把我扶忍 批扼抖批忍
1 尿抖快技快扶找抑 忱忘扶扶抑抒 志快忌-技抉扶我找抉把我扶忍忘
2 妊扯快扶忘把我抄 我戒 把快忘抖抆扶抉抄 忪我戒扶我
1 妤抉抖攸 抗抖攻折快抄 抉忌扶忘把批忪快扶我攸 志我把找批忘抖抆扶抑抒 技忘扮我扶
11. 妍忌扼抖批忪我志忘扶我快
12. 妓快忍批抖攸把扶抑快 志抑把忘忪快扶我攸
13. 妤抉忱找志快把忪忱快扶我快 扭把抉忌抖快技
1 坐把批扭扭抑 批戒抖抉志 扼快找我
2 宋忘忌抖抉扶抑
3 孝戒抖抑 扼快找我
4 妞忘把找抑 扼快找我
5 Media types
1 妖忘扼找把抉抄抗忘 扭把忘志我抖忘 扼快找快志抉忍抉 抉忌扶忘把批忪快扶我攸
2 均志找抉把快忍我扼找把忘扯我攸 忘抗找我志扶抑抒 忘忍快扶找抉志
妝忘技快找抗我 扭抉 扶我戒抗抉批把抉志扶快志抉技批 抉忌扶忘把批忪快扶我攻
1 Item prototypes
2 Trigger prototypes
3 Graph prototypes
1 Discovery of mounted filesystems
2 Discovery of network interfaces
3 Discovery of CPUs and CPU cores
4 Discovery of SNMP OIDs
5 Discovery of JMX objects
6 Discovery of IPMI sensors
7 Discovery of systemd services
8 Discovery of Windows services
9 Discovery of Windows performance counter instances
10 Discovery using WMI queries
11 Discovery using ODBC SQL queries
12 Discovery using Prometheus data
13 Discovery of block devices
14 Discovery of host interfaces in 韓誥傭痔
1 妤把抉抗扼我
1 妒扼扭抉抖抆戒抉志忘扶我快 扼快把找我扳我抗忘找抉志
2 妒扼扭抉抖抆戒抉志忘扶我快 pre-shared 抗抖攻折快抄
1 妤把抉忌抖快技抑 扼 找我扭抉技 扭抉忱抗抖攻折快扶我攸 我抖我 扭把忘志忘技我
2 妤把抉忌抖快技抑 扼 扼快把找我扳我抗忘找忘技我
3 妤把抉忌抖快技抑 扼 PSK
1 妙快扶攻
1 圾我忱忪快找抑 妤均妖圻妣妒
2 妤把抉忌抖快技抑
3 妍忌戒抉把
1 坐把忘扳我抗我
2 圾快忌-扼扯快扶忘把我我
5 妤抉扼抖快忱扶我快 忱忘扶扶抑快
8 妞忘把找抑 扼快找我
9 妍忌扶忘把批忪快扶我快
10 孝扼抖批忍我
1 妍忌戒抉把
2 孝戒抖抑 扼快找我
1 妒扶扳抉把技忘扯我攸 抉 扼我扼找扼快技快
2 Scheduled reports
2 妍找折快找 抉 忱抉扼找批扭扶抉扼找我
3 100 扶忘我忌抉抖快快 忘抗找我志扶抑抒 找把我忍忍快把抉志
4 均批忱我找
5 夾批把扶忘抖 忱快抄扼找志我抄
6 妍扭抉志快投快扶我攸
1 坐把批扭扭抑 批戒抖抉志 扼快找我
1 Items
2 Triggers
3 Graphs
4 Discovery rules
5 Web scenarios
2 尿抖快技快扶找抑 忱忘扶扶抑抒
3 妥把我忍忍快把抑
4 坐把忘扳我抗我
5 妤把忘志我抖忘 抉忌扶忘把批忪快扶我攸
6 圾快忌-扼扯快扶忘把我我
4 妍忌扼抖批忪我志忘扶我快
5 坏快抄扼找志我攸
6 妞抉把把快抖攸扯我攸 扼抉忌抑找我抄
6 妍忌扶忘把批忪快扶我快
7 孝扼抖批忍我
1 妍忌投我快
2 妤把抉抗扼我
3 均批找快扶找我扳我抗忘扯我攸
4 坐把批扭扭抑 扭抉抖抆戒抉志忘找快抖快抄
5 妤抉抖抆戒抉志忘找快抖我
5 妓抉抖我 扭抉抖抆戒抉志忘找快抖攸
6 妊扭抉扼抉忌抑 抉扭抉志快投快扶我抄
7 妊抗把我扭找抑
8 妍折快把快忱抆
1 坐抖抉忌忘抖抆扶抑快 抉扭抉志快投快扶我攸
2 妝志批抗 志 忌把忘批戒快把忘抒
3 坐抖抉忌忘抖抆扶抑抄 扭抉我扼抗
4 妓快忪我技 抉忌扼抖批忪我志忘扶我攸 志快忌-我扶找快把扳快抄扼忘
5 妤忘把忘技快找把抑 扼找把忘扶我扯
6 妍扭把快忱快抖快扶我攸
7 妊抉戒忱忘扶我快 扼志抉快抄 找快技抑
8 妓快忪我技 抉找抖忘忱抗我
10 孜忘抄抖抑 扼ookie 我扼扭抉抖抆戒批快技抑快 韓誥傭痔
11 Time zones
> Audit log object
auditlog.get
> Authentication object
authentication.get
authentication.update
> Autoregistration object
autoregistration.get
autoregistration.update
> Housekeeping object
housekeeping.get
housekeeping.update
> Report object
report.create
report.delete
report.get
report.update
> Role object
role.create
role.delete
role.get
role.update
> Settings object
settings.get
settings.update
> Template dashboard object
templatedashboard.create
templatedashboard.delete
templatedashboard.get
templatedashboard.update
> Token object
token.create
token.delete
token.generate
token.get
token.update
> 妍忌抓快抗找 志快忌-扼扯快扶忘把我攸
httptest.create
httptest.delete
httptest.get
httptest.update
> 妍忌抓快抗找 忍把忘扳我抗忘
graph.create
graph.delete
graph.get
graph.update
> 妍忌抓快抗找 忍把批扭扭抑 扭抉抖抆戒抉志忘找快抖快抄
usergroup.create
usergroup.delete
usergroup.get
usergroup.update
> 妍忌抓快抗找 忍把批扭扭抑 批戒抖抉志 扼快找我
hostgroup.create
hostgroup.delete
hostgroup.get
hostgroup.massadd
hostgroup.massremove
hostgroup.massupdate
hostgroup.update
> 妍忌抓快抗找 忱快抄扼找志我攸
action.create
action.delete
action.get
action.update
> 妍忌抓快抗找 忱我扶忘技我抗我 我戒技快扶快扶我抄
trend.get
> Task object
task.create
task.get
> 妍忌抓快抗找 我戒抉忌把忘忪快扶我攸
image.create
image.delete
image.get
image.update
> 妍忌抓快抗找 我扶找快把扳快抄扼忘 批戒抖忘 扼快找我
hostinterface.create
hostinterface.delete
hostinterface.get
hostinterface.massadd
hostinterface.massremove
hostinterface.replacehostinterfaces
hostinterface.update
apiinfo.version
> 妍忌抓快抗找 我扼找抉把我我
history.get
> 妍忌抓快抗找 抗忘把找抑 扼快找我
map.create
map.delete
map.get
map.update
configuration.export
configuration.import
configuration.importcompare
> 妍忌抓快抗找 抗抉把把快抖攸扯我我
correlation.create
correlation.delete
correlation.get
correlation.update
> 妍忌抓快抗找 抉忌扶忘把批忪快扶扶抉忍抉 扼快把志我扼忘
dservice.get
> 妍忌抓快抗找 抉忌扶忘把批忪快扶扶抉忍抉 批戒抖忘 扼快找我
dhost.get
> 妍忌抓快抗找 抉忌扼抖批忪我志忘扶我攸
maintenance.create
maintenance.delete
maintenance.get
maintenance.update
> 妍忌抓快抗找 抉扭抉志快投快扶我攸
alert.get
> 妍忌抓快抗找 扭忘扶快抖我
dashboard.create
dashboard.delete
dashboard.get
dashboard.update
> 妍忌抓快抗找 扭抉抖抆戒抉志忘找快抖攸
user.checkAuthentication
user.create
user.delete
user.get
user.login
user.logout
user.update
> 妍忌抓快抗找 扭抉抖抆戒抉志忘找快抖抆扼抗抉忍抉 技忘抗把抉扼忘
usermacro.create
usermacro.createglobal
usermacro.delete
usermacro.deleteglobal
usermacro.get
usermacro.update
usermacro.updateglobal
> 妍忌抓快抗找 扭把忘志我抖忘 LLD
discoveryrule.copy
discoveryrule.create
discoveryrule.delete
discoveryrule.get
discoveryrule.update
> 妍忌抓快抗找 扭把忘志我抖忘 抉忌扶忘把批忪快扶我攸
drule.create
drule.delete
drule.get
drule.update
> 妍忌抓快抗找 扭把快抉忌把忘戒抉志忘扶我攸 戒扶忘折快扶我抄
valuemap.create
valuemap.delete
valuemap.get
valuemap.update
> 妍忌抓快抗找 扭把抉忌抖快技抑
problem.get
> 妍忌抓快抗找 扭把抉志快把抗我 抉忌扶忘把批忪快扶我攸
dcheck.get
> 妍忌抓快抗找 扭把抉抗扼我
proxy.create
proxy.delete
proxy.get
proxy.update
> 妍忌抓快抗找 扭把抉找抉找我扭抉志 忍把忘扳我抗抉志
graphprototype.create
graphprototype.delete
graphprototype.get
graphprototype.update
> 妍忌抓快抗找 扭把抉找抉找我扭忘 找把我忍忍快把抉志
triggerprototype.create
triggerprototype.delete
triggerprototype.get
triggerprototype.update
> 妍忌抓快抗找 扭把抉找抉找我扭忘 批戒抖抉志 扼快找我
hostprototype.create
hostprototype.delete
hostprototype.get
hostprototype.update
> 妍忌抓快抗找 扭把抉找抉找我扭忘 改抖快技快扶找抉志 忱忘扶扶抑抒
itemprototype.create
itemprototype.delete
itemprototype.get
itemprototype.update
> 妍忌抓快抗找 扼抗把我扭找忘
script.create
script.delete
script.execute
script.get
script.getscriptsbyhosts
script.update
> 妍忌抓快抗找 扼抉忌抑找我攸
event.acknowledge
event.get
> 妍忌抓快抗找 扼抉抉找志快找扼找志我攸 我抗抉扶抉抗
iconmap.create
iconmap.delete
iconmap.get
iconmap.update
> 妍忌抓快抗找 扼扭抉扼抉忌忘 抉扭抉志快投快扶我攸
mediatype.create
mediatype.delete
mediatype.get
mediatype.update
> 妍忌抓快抗找 找把我忍忍快把忘
trigger.adddependencies
trigger.create
trigger.delete
trigger.deletedependencies
trigger.get
trigger.update
> 妍忌抓快抗找 批戒抖忘 扼快找我
host.create
host.delete
host.get
host.massadd
host.massremove
host.massupdate
host.update
> 妍忌抓快抗找 批扼抖批忍我
service.adddependencies
service.addtimes
service.create
service.delete
service.deletedependencies
service.deletetimes
service.get
service.getsla
service.update
> 妍忌抓快抗找 扮忘忌抖抉扶忘
template.create
template.delete
template.get
template.massadd
template.massremove
template.massupdate
template.update
> 妍忌抓快抗找 改抖快技快扶找忘 忍把忘扳我抗忘
graphitem.get
> 妍忌抓快抗找 改抖快技快扶找忘 忱忘扶扶抑抒
item.create
item.delete
item.get
item.update
Appendix 2. Changes from 5.2 to 5.4
韓誥傭痔 API changes in 5.4
妤把我抖抉忪快扶我快 1. 妊扭把忘志抉折扶抑快 抗抉技技快扶找忘把我我
20. 妙抉忱批抖我
zabbix_agent2
zabbix_agentd
zabbix_get
zabbix_js
zabbix_proxy
zabbix_sender
zabbix_server
zabbix_web_service

17. 宋我扳把抉志忘扶我快

妍忌戒抉把

韓誥傭痔 扭抉忱忱快把忪我志忘快找 扮我扳把抉志忘扶我快 扼抉快忱我扶快扶我抄 技快忪忱批 韓誥傭痔 扼快把志快把抉技, 韓誥傭痔 扭把抉抗扼我, 韓誥傭痔 忘忍快扶找抉技, zabbix_sender 我 zabbix_get 批找我抖我找忘技我 扼 我扼扭抉抖抆戒抉志忘扶我快技 Transport Layer Security (TLS) 扭把抉找抉抗抉抖忘 v.1.2. 宋我扳把抉志忘扶我快 扭抉忱忱快把忪我志忘快找扼攸 扶忘折我扶忘攸 扼 韓誥傭痔 3.0. 妤抉忱忱快把忪我志忘攻找扼攸 扮我扳把抉志忘扶我攸 扶忘 抉扼扶抉志快 扼快把找我扳我抗忘找忘 我 扶忘 抉扼扶抉志快 pre-shared 抗抖攻折忘.

宋我扳把抉志忘扶我快 抉扭扯我抉扶忘抖抆扶抉 我 扶忘扼找把忘我志忘快找扼攸 忱抖攸 抉找忱快抖抆扶抑抒 抗抉技扭抉扶快扶找抉志 (扶忘扭把我技快把, 扶快抗抉找抉把抑快 扭把抉抗扼我 我 忘忍快扶找抑 技抉忪扶抉 扶忘扼找把抉我找抆 扶忘 我扼扭抉抖抆戒抉志忘扶我快 扮我扳把抉志忘扶我攸 扼 扼快把志快把抉技 扶忘 抉扼扶抉志快 扼快把找我扳我抗忘找抉志, 志 找抉 志把快技攸 抗忘抗 忱把批忍我快 技抉忍批找 我扼扭抉抖抆戒抉志忘找抆 扮我扳把抉志忘扶我快 扶忘 抉扼扶抉志快 pre-shared 抗抖攻折忘, 忘 抉扼找忘抖抆扶抑快 技抉忍批找 扭把抉忱抉抖忪忘找抆 我扼扭抉抖抆戒抉志忘找抆 扶快戒忘扮我扳把抉志忘扶扶抑快 扼抉快忱我扶快扶我攸 抗忘抗 我 把忘扶快快).

妊快把志快把 (扭把抉抗扼我) 技抉忪快找 我扼扭抉抖抆戒抉志忘找抆 把忘戒抖我折扶抑快 扶忘扼找把抉抄抗我 扼 把忘戒扶抑技我 批戒抖忘技我 扼快找我.

妤把抉忍把忘技技抑 韓誥傭痔 忱快技抉扶抉志 扼抖批扮忘攻找 抉忱我扶 扭抉把找 忱抖攸 扮我扳把抉志忘扶扶抑抒 我 扶快戒忘扮我扳把抉志忘扶扶抑抒 志抒抉忱攸投我抒 扭抉忱抗抖攻折快扶我抄. 坏抉忌忘志抖快扶我快 扮我扳把抉志忘扶我攸 扶快 扭抉找把快忌批快找 抉找抗把抑志忘找抆 扶抉志抑快 扭抉把找抑 扶忘 忌把忘扶忱技忘批改把忘抒.

妍忍把忘扶我折快扶我攸

  • 妤把我志忘找扶抑快 抗抖攻折我 抒把忘扶攸找扼攸 志 扳抉把技忘找快 抉忌抑折扶抉忍抉 找快抗扼找忘 志 扳忘抄抖忘抒, 抗抉找抉把抑快 韓誥傭痔 抗抉技扭抉扶快扶找抑 扼折我找抑志忘攻找 志 扭把抉扯快扼扼快 戒忘扭批扼抗忘.
  • 圾志快忱快扶扶抑快 pre-shared 抗抖攻折我 志 志快忌-我扶找快把扳快抄扼快 韓誥傭痔 抒把忘扶攸找扼攸 志 忌忘戒快 忱忘扶扶抑抒 韓誥傭痔 志 志我忱快 抉忌抑折扶抉忍抉 找快抗扼找忘.
  • 圾扼找把抉快扶扶抉快 扮我扳把抉志忘扶我快 扶快 戒忘投我投忘快找 抗抉技技批扶我抗忘扯我我:
   * 技快忪忱批 志快忌-扼快把志快把抉技 扼 志快忌-我扶找快把扳快抄扼抉技 韓誥傭痔 我 志快忌-忌把忘批戒快把抉技 扶忘 扼找把抉扶快 扭抉抖抆戒抉志忘找快抖攸,
          * 技快忪忱批 韓誥傭痔 志快忌-我扶找快把扳快抄扼抉技 我 韓誥傭痔 扼快把志快把抉技,
          * 技快忪忱批 韓誥傭痔 扼快把志快把抉技 (扭把抉抗扼我) 我 忌忘戒抉抄 忱忘扶扶抑抒 韓誥傭痔.
       * 圾 扶忘扼找抉攸投快快 志把快技攸 抗忘忪忱抉快 扶快戒忘扮我扳把抉志忘扶扶抉快 扼抉快忱我扶快扶我快 抉找抗把抑志忘快找扼攸 扼 扭抉抖扶抑技我 TLS 扭快把快忍抉志抉把忘技我, 抗改扮我把抉志忘扶我快 扼快扼扼我抄 我 忌我抖快找抑 扶快 把快忘抖我戒抉志忘扶抑.
       * 坏抉忌忘志抖快扶我快 扮我扳把抉志忘扶我攸 批志快抖我折我志忘快找 志把快技攸 扭把抉志快把抉抗 我 忱快抄扼找志我抄, 志 戒忘志我扼我技抉扼找我 抉找 扼快找快志抑抒 戒忘忱快把忪快抗.\\ 妖忘扭把我技快把, 快扼抖我 扭忘抗快找 抉扭忘戒忱抑志忘快找 扶忘 100技扼, 找抉忍忱忘 抉找抗把抑找我快 TCP 扼抉快忱我扶快扶我快 我 抉找扭把忘志抗忘 扶快戒忘扮我扳把抉志忘扶扶抉忍抉 戒忘扭把抉扼忘 戒忘抄技快找 抉抗抉抖抉 200技扼.\\ 妤把我 扶忘抖我折我我 扮我扳把抉志忘扶我攸 扶忘 批扼找忘扶抉志抗批 TLS 扼抉快忱我扶快扶我攸 忱抉忌忘志我找扼攸 抉抗抉抖抉 1000 技扼.\\ 圾抉戒技抉忪扶抉 扭抉找把快忌批快找扼攸 批志快抖我折我找抆 志把快技攸 抉忪我忱忘扶我攸, 志 扭把抉找我志扶抉技 扼抖批折忘快 扶快抗抉找抉把抑快 改抖快技快扶找抑 忱忘扶扶抑抒 我 忱快抄扼找志我攸, 志抑扭抉抖扶攸攻投我快 批忱忘抖快扶扶抑快 扼抗把我扭找抑 扶忘 忘忍快扶找忘抒 扼技抉忍批找 把忘忌抉找忘找抆 扼 扶快戒忘扮我扳把抉志忘扶扶抑技我 扼抉快忱我扶快扶我攸技我,\\ 扶抉 扶快 扼技抉忍批找 扭把我 扮我扳把抉志忘扶扶抉技 扼抉快忱我扶快扶我我 (忌批忱快找 扭把快志抑扮快扶抉 志把快技攸 抉忪我忱忘扶我攸).

妞抉技扭我抖攸扯我攸 韓誥傭痔 扼 扭抉忱忱快把忪抗抉抄 扮我扳把抉志忘扶我攸

坏抖攸 扭抉忱忱快把忪抗我 扮我扳把抉志忘扶我攸 韓誥傭痔 忱抉抖忪快扶 忌抑找抆 扼抗抉技扭我抖我把抉志忘找抆 我 扼志攸戒忘扶 扼 扭抉 抗把忘抄扶快抄 技快把快 抉忱扶抉抄 抗把我扭找抉 忌我忌抖我抉找快抗抉抄:

  • mbed TLS (把忘扶快快 PolarSSL)(志快把扼我攸 1.3.9 我抖我 忌抉抖快快 扶抉志抑快 1.3.x). mbed TLS 2.x 志 扶忘扼找抉攸投快快 志把快技攸 扶快 扭抉忱忱快把忪我志忘快找扼攸, 改找抉 扶快 扭把抉扼找忘攸 戒忘技快扶忘 志快找抗我 1.3, 韓誥傭痔 扶快 扼抗抉技扭我抖我把批快找扼攸 扼 mbed TLS 2.x.
  • GnuTLS (扼 志快把扼我我 3.1.18)
  • OpenSSL (扼 志快把扼我我 1.0.1)

坎我忌抖我抉找快抗忘 志抑忌我把忘快找扼攸 扭把我 扭抉技抉投我 抉扭扯我我 志 扼抗把我扭找快 "configure":

  • --with-mbedtls[=DIR]
  • --with-gnutls[=DIR]
  • --with-openssl[=DIR]

妖忘扭把我技快把, 折找抉忌抑 扼抗抉扶扳我忍批把我把抉志忘找抆 我扼抒抉忱扶抑快 抗抉忱抑 扼快把志快把忘 我 忘忍快扶找忘 扼 OpenSSL, 志抑 技抉忪快找快 我扼扭抉抖抆戒抉志忘找抆 折找抉-找抉 志把抉忱快:
./configure --enable-server --enable-agent --with-mysql --enable-ipv6 --with-net-snmp --with-libcurl --with-libxml2 --with-openssl

妙抉忪扶抉 扼抗抉技扭我抖我把抉志忘找抆 把忘戒扶抑快 抗抉技扭抉扶快扶找抑 韓誥傭痔 扼 把忘戒抖我折扶抑技我 抗把我扭找抉 忌我忌抖我抉找快抗忘技我 (扶忘扭把我技快把, 扼快把志快把 扼 OpenSSL, 忘忍快扶找 扼 GnuTLS).

圻扼抖我 志抑 扭抖忘扶我把批快找快 我扼扭抉抖抆戒抉志忘找抆 pre-shared 抗抖攻折我 (PSK) 把忘扼扼技抉找把我找快 志抉戒技抉忪扶抉扼找抆 我扼扭抉抖抆戒抉志忘扶我攸 忌我忌抖我抉找快抗 GnuTLS 我抖我 mbed TLS 扼 抗抉技扭抉扶快扶找忘技我 韓誥傭痔, 我扼扭抉抖抆戒批攻投我抒 PSK. 坎我忌抖我抉找快抗我 GnuTLSmbed TLS 扭抉忱忱快把忪我志忘攻找 扶忘忌抉把抑 扮我扳把抉志 PSK 扼 (Perfect forward secrecy). OpenSSL 忌我忌抖我抉找快抗忘 (志快把扼我我 1.0.1, 1.0.2c) 扭抉忱忱快把忪我志忘快找 PSK, 扶抉 忱抉扼找批扭扶抑快 扶忘忌抉把抑 扮我扳把抉志 PSK 扶快 抉忌快扼扭快折我志忘攻找 妊抉志快把扮快扶扶批攻 扭把攸技批攻 扼快抗把快找扶抉扼找抆.

孝扭把忘志抖快扶我快 戒忘扮我把抉志忘扶扶抑技我 扼抉快忱我扶快扶我攸技我

妊抉快忱我扶快扶我攸 志 韓誥傭痔 技抉忍批找 我扼扭抉抖抆戒抉志忘找抆:

妒技快快找扼攸 忱志忘 志忘忪扶抑抒 扭忘把忘技快找把忘, 抗抉找抉把抑快 我扼扭抉抖抆戒批攻找扼攸, 折找抉忌抑 批抗忘戒忘找抆 扮我扳把抉志忘扶我快 技快忪忱批 抗抉技扭抉扶快扶找忘技我 韓誥傭痔:

  • TLSConnect
  • TLSAccept

TLSConnect 戒忘忱忘快找 抗忘抗抉快 我扼扭抉抖抆戒抉志忘找抆 扮我扳把抉志忘扶我快 我 技抉忪快找 扭把我扶我技忘找抆 抉忱扶抉 我戒 3 戒扶忘折快扶我抄 (unencrypted, PSK, certificate). TLSConnect 我扼扭抉抖抆戒批快找扼攸 志 扳忘抄抖忘抒 抗抉扶扳我忍批把忘扯我我 韓誥傭痔 扭把抉抗扼我 (志 忘抗找我志扶抉技 把快忪我技快 戒忘忱忘快找 找抉抖抆抗抉 扭抉忱抗抖攻折快扶我攸 抗 扼快把志快把批) 我 韓誥傭痔 agentd (扭把我 忘抗找我志扶抑抒 扭把抉志快把抗忘抒). 圾 志快忌-我扶找快把扳快抄扼快 韓誥傭痔 扭忘把忘技快找把 TLSConnect 攸志抖攸快找扼攸 改抗志我志忘抖快扶找抉技 扭抉抖攸 妤抉忱抗抖攻折快扶我攸 抗 批戒抖批 扼快找我 扼 志抗抖忘忱抗我 妖忘扼找把抉抄抗忘↙孝戒抖抑 扼快找我↙<抗忘抗抉抄-找抉 批戒快抖 扼快找我>↙宋我扳把抉志忘扶我快 我 扭抉抖攸 妤抉忱抗抖攻折快扶我攸 抗 扭把抉抗扼我 扼 志抗抖忘忱抗我 均忱技我扶我扼找把我把抉志忘扶我快↙妤把抉抗扼我↙<抗忘抗抉抄-找抉 扭把抉抗扼我>↙宋我扳把抉志忘扶我快. 圻扼抖我 扶忘扼找把抉快扶扶抑抄 找我扭 扮我扳把抉志忘扶我攸 忱抖攸 扼抉快忱我扶快扶我攸 戒忘志快把扮我找扼攸 扶快批忱忘折快抄, 忱把批忍我快 找我扭抑 扮我扳把抉志忘扶我攸 扶快 忌批忱批找 抉扭把抉忌抉志忘扶抑.

TLSAccept 戒忘忱忘快找 抗忘抗抉抄 找我扭 扼抉快忱我扶快扶我抄 把忘戒把快扮快扶 扭把我 志抒抉忱攸投我抒 扭抉忱抗抖攻折快扶我攸抒. 妥我扭 扭抉忱抗抖攻折快扶我抄: unencrypted, PSK, certificate. 妙抉忪扶抉 批抗忘戒忘找抆 抉忱扶抉 我抖我 忌抉抖快快 戒扶忘折快扶我抄. TLSAccept 我扼扭抉抖抆戒批快找扼攸 志 扳忘抄抖忘抒 抗抉扶扳我忍批把忘扯我我 韓誥傭痔 扭把抉抗扼我 (志 扭忘扼扼我志扶抉技 把快忪我技快 戒忘忱忘快找 找抉抖抆抗抉 扼抉快忱我扶快扶我攸 扼 扼快把志快把忘) 我 韓誥傭痔 agentd (扭把我 扭忘扼扼我志扶抑抒 扭把抉志快把抗忘抒). 圾 志快忌-我扶找快把扳快抄扼快 韓誥傭痔 扭忘把忘技快找把 TLSAccept 攸志抖攸快找扼攸 改抗志我志忘抖快扶找抉技 扭抉抖攸 妊抉快忱我扶快扶我攸 扼 批戒抖忘 扼快找我 扼 志抗抖忘忱抗我 妖忘扼找把抉抄抗忘↙孝戒抖抑 扼快找我↙<抗忘抗抉抄-找抉 批戒快抖 扼快找我>↙宋我扳把抉志忘扶我快 我 扭抉抖攸 "妊抉快忱我扶快扶我攸 扼 扭把抉抗扼我" 扼 志抗抖忘忱抗我 均忱技我扶我扼找把我把抉志忘扶我快↙妤把抉抗扼我↙<抗忘抗抉抄-找抉 扭把抉抗扼我>↙宋我扳把抉志忘扶我快.

妞忘抗 扭把忘志我抖抉, 志抑 扶忘扼找把忘我志忘快找快 找抉抖抆抗抉 抉忱我扶 找我扭 扮我扳把抉志忘扶我攸 忱抖攸 志抒抉忱攸投我抒 扭抉忱抗抖攻折快扶我抄. 妖抉 志抑 技抉忪快找快 戒忘抒抉找我找快 扭快把快抗抖攻折我找抆 把快忪我技 扮我扳把抉志忘扶我攸, 扶忘扭把我技快把 扼 扶快戒忘扮我把抉志忘扶扶抉忍抉 扶忘 抉扼扶抉志忘扶扶抑抄 扶忘 扼快把找我扳我抗忘找忘抒 扼 技我扶我技忘抖抆扶抑技 志把快技快扶快技 扭把抉扼找抉攸 我 扼 志抉戒技抉忪扶抉扼找抆攻 抉找抗忘找忘. 坏抖攸 改找抉忍抉 志抑 技抉忪快找快 戒忘忱忘找抆 TLSAccept=unencrypted,cert 志 扳忘抄抖快 抗抉扶扳我忍批把忘扯我我 agentd 我 扭快把快戒忘扭批扼找我找抆 忘忍快扶找忘 韓誥傭痔.
妝忘找快技 志抑 技抉忪快找快 扭把抉找快扼找我把抉志忘找抆 扭抉忱抗抖攻折快扶我快 抉找 zabbix_get 抗 忘忍快扶找批, 我扼扭抉抖抆戒批攸 扼快把找我扳我抗忘找. 圻扼抖我 扭抉忱抗抖攻折快扶我快 把忘忌抉找忘快找, 志抑 技抉忪快找快 扭快把快扶忘扼找把抉我找抆 扮我扳把抉志忘扶我快 批 改找抉忍抉 忘忍快扶找忘 志 韓誥傭痔 志快忌-我扶找快把扳快抄扼快 扶忘 志抗抖忘忱抗快 妖忘扼找把抉抄抗忘↙孝戒抖抑 扼快找我↙<抗忘抗抉抄-找抉 批戒快抖 扼快找我>↙宋我扳把抉志忘扶我快, 扭快把快抗抖攻折我志 扶忘扼找把抉抄抗批 妤抉忱抗抖攻折快扶我攸 抗 批戒抖批 扼快找我 扶忘 "妊快把找我扳我抗忘找".
妞抉忍忱忘 抗改扮 抗抉扶扳我忍批把忘扯我我 扼快把志快把忘 抉忌扶抉志我找扼攸 (我 抗抉扶扳我忍批把忘扯我攸 扭把抉抗扼我 抉忌扶抉志我找扼攸, 快扼抖我 批戒快抖 扼快找我 扶忘忌抖攻忱忘快找扼攸 折快把快戒 扭把抉抗扼我), 找抉忍忱忘 扭抉忱抗抖攻折快扶我攸 抗 改找抉技批 忘忍快扶找批 忌批忱批找 戒忘扮我扳把抉志忘扶抑.
圻扼抖我 志扼忸 把忘忌抉找忘快找 抗忘抗 抉忪我忱忘快找扼攸, 志抑 技抉忪快找快 戒忘忱忘找抆 TLSAccept=cert 志 扳忘抄抖快 抗抉扶扳我忍批把忘扯我我 忘忍快扶找忘 我 扭快把快戒忘扭批扼找我找抆 韓誥傭痔 忘忍快扶找忘.
妥快扭快把抆 忘忍快扶找 忌批忱快找 扭把我扶我技忘找抆 找抉抖抆抗抉 戒忘扮我扳把抉志忘扶扶抑快 扭抉忱抗抖攻折快扶我攸 扶忘 抉扼扶抉志快 扼快把找我扳我抗忘找抉志. 妖快戒忘扮我扳把抉志忘扶扶抑快 我 抉扼扶抉志忘扶扶抑快 扶忘 PSK 扭抉忱抗抖攻折快扶我攸 忌批忱批找 抉找抗抖抉扶快扶抑.

宋我扳把抉志忘扶我快 扶忘 扼快把志快把快 我 扭把抉抗扼我 把忘忌抉找忘快找 忘扶忘抖抉忍我折扶抑技 抉忌把忘戒抉技. 圻扼抖我 志 志快忌-我扶找快把扳快抄扼快 韓誥傭痔 志 扶忘扼找把抉抄抗快 批戒抖忘 扼快找我 妊抉快忱我扶快扶我攸 扼 批戒抖忘 扼快找我 戒忘忱忘扶抉 把忘志扶抑技 "妊快把找我扳我抗忘找", 找抉忍忱忘 抉找 忘忍快扶找忘 (忘抗找我志扶抑快 扭把抉志快把抗我) 我 zabbix_sender (找把忘扭扭快把 改抖快技快扶找抑 忱忘扶扶抑抒) 忌批忱批找 扭把我扶我技忘找抆扼攸 找抉抖抆抗抉 戒忘扮我扳把抉志忘扶扶抑快 扼抉快忱我扶快扶我攸 扶忘 抉扼扶抉志快 扼快把找我扳我抗忘找抉志.

妊抗抉把快快 志扼快忍抉 志抑 扶忘扼找把抉我找快 志抒抉忱攸投我快 我 我扼抒抉忱攸投我快 扼抉快忱我扶快扶我攸 扶忘 我扼扭抉抖抆戒抉志忘扶我快 抉忱扶抉忍抉 找我扭忘 扮我扳把抉志忘扶我攸 我抖我 忌快戒 扮我扳把抉志忘扶我攸 志抉志扼快. 妖抉, 找快抒扶我折快扼抗我, 我技快快找扼攸 志抉戒技抉忪扶抉扼找抆 扶忘扼找把抉我找抆 扮我扳把抉志忘扶我快 忘扼我技技快找把我折扶抉, 扶忘扭把我技快把, 扮我扳把抉志忘扶我快 扶忘 抉扼扶抉志快 扼快把找我扳我抗忘找抉志 忱抖攸 志抒抉忱攸投我抒 扭抉忱抗抖攻折快扶我抄 我 扶忘 抉扼扶抉志快 PSK 忱抖攸 我扼抒抉忱攸投我抒 扭抉忱抗抖攻折快扶我抄.

妍忌戒抉把扶抑快 扶忘扼找把抉抄抗我 扮我扳把抉志忘扶我攸 抉找抉忌把忘忪忘攻找扼攸 志 志快忌-我扶找快把扳快抄扼快 韓誥傭痔 妖忘扼找把抉抄抗忘↙孝戒抖抑 扼快找我 扭抉 抗忘忪忱抉技批 批戒抖批 扼快找我 扭抉 扭把忘志抉抄 扼找抉把抉扶快, 志 抗抉抖抉扶抗快 宋妒孜妓妍圾均妖妒圻 均坐圻妖妥均. 妤把我技快把抑 抉找抉忌把忘忪快扶我攸 扶忘扼找把抉快抗:

妤把我技快把 妤抉忱抗抖攻折快扶我攸 妞 批戒抖批 扼快找我 妓忘戒把快扮快扶扶抑快 扭抉忱抗抖攻折快扶我攸 妍妥 批戒抖忘 扼快找我 妍找抗抖抉扶快扶扶抑快 扭抉忱抗抖攻折快扶我攸 妊 批戒抖忘 扼快找我
none.png 妖快戒忘扮我扳把抉志忘扶抉 妖快戒忘扮我扳把抉志忘扶抉 妝忘扮我扳把抉志忘扶抉 扶忘 抉扼扶抉志快 扼快把找我扳我抗忘找忘 我 PSK
cert.png 妝忘扮我扳把抉志忘扶抉, 扶忘 抉扼扶抉志快 扼快把找我扳我抗忘找忘 妝忘扮我扳把抉志忘扶抉, 扶忘 抉扼扶抉志快 扼快把找我扳我抗忘找忘 妖快戒忘扮我扳把抉志忘扶抉 我 扶忘 抉扼扶抉志快 PSK
psk_psk.png 妝忘扮我扳把抉志忘扶抉 扶忘 抉扼扶抉志快 PSK 妝忘扮我扳把抉志忘扶抉 扶忘 抉扼扶抉志快 PSK 妖快戒忘扮我扳把抉志忘扶抉 我 扶忘 抉扼扶抉志快 扼快把找我扳我抗忘找忘
psk_none_psk.png 妝忘扮我扳把抉志忘扶抉 扶忘 抉扼扶抉志快 PSK 妖快戒忘扮我扳把抉志忘扶抉 我 戒忘扮我扳把抉志忘扶抉 扶忘 抉扼扶抉志快 PSK 妖忘 抉扼扶抉志快 扼快把找我扳我抗忘找忘
all.png 妝忘扮我扳把抉志忘扶抉 扶忘 抉扼扶抉志快 扼快把找我扳我抗忘找忘 妖快戒忘扮我扳把抉志忘扶抉 扶忘 抉扼扶抉志快 PSK 我抖我 戒忘扮我扳把抉志忘扶抉 扶忘 抉扼扶抉志快 扼快把找我扳我抗忘找忘 -

妤抉 批技抉抖折忘扶我攻 我扼扭抉抖抆戒批攻找扼攸 扶快戒忘扮我扳把抉志忘扶扶抑快 扭抉忱抗抖攻折快扶我攸. 宋我扳把抉志忘扶我快 扶快抉忌抒抉忱我技抉 扶忘扼找把忘我志忘找抆 扭抉 抗忘忪忱抉技批 批戒抖批 扼快找我 我 扭把抉抗扼我 抉找忱快抖抆扶抉.

zabbix_get 我 zabbix_sender 扼 扮我扳把抉志忘扶我快技

妊技抉找把我找快 扼找把忘扶我扯抑 扭抉技抉投我 zabbix_getzabbix_sender 扭抉 我扼扭抉抖抆戒抉志忘扶我攻 改找我抒 批找我抖我找 扭把我 扶忘抖我折我我 扮我扳把抉志忘扶我攸.

均抖忍抉把我找技抑 扮我扳把抉志忘扶我攸

均抖忍抉把我找技抑 抗抉扶扳我忍批把我把批攻找扼攸 志扶批找把我 志 扭把抉扯快扼扼快 戒忘扭批扼抗忘 韓誥傭痔 我 戒忘志我扼攸找 抉找 抗把我扭找抉 忌我忌抖我抉找快抗我, 志 扶忘扼找抉攸投快快 志把快技攸 忘抖忍抉把我找技抑 扶快抖抆戒攸 扶忘扼找把忘我志忘找抆 扭抉抖抆戒抉志忘找快抖攸技我.

妖忘扼找把抉快扶扶抑快 忘抖忍抉把我找技抑 扮我扳把抉志忘扶我攸 扭抉 找我扭批 忌我忌抖我找快抗我 扼 忌抉抖快快 志抑扼抉抗抉忍抉 批把抉志扶攸 抗 扶我戒抗抉技批 批把抉志扶攻:

坎我忌抖我抉找快抗忘 均抖忍抉把我找技抑 扮我扳把抉志忘扶我攸 扼快把找我扳我抗忘找抉志 均抖忍抉把我找技抑 扮我扳把抉志忘扶我攸 PSK
mbed TLS (PolarSSL) 1.3.9 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256
TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA
TLS-RSA-WITH-AES-128-GCM-SHA256
TLS-RSA-WITH-AES-128-CBC-SHA256
TLS-RSA-WITH-AES-128-CBC-SHA		 TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256
TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA
TLS-PSK-WITH-AES-128-GCM-SHA256
TLS-PSK-WITH-AES-128-CBC-SHA256
TLS-PSK-WITH-AES-128-CBC-SHA
GnuTLS 3.1.18 TLS_ECDHE_RSA_AES_128_GCM_SHA256
TLS_ECDHE_RSA_AES_128_CBC_SHA256
TLS_ECDHE_RSA_AES_128_CBC_SHA1
TLS_RSA_AES_128_GCM_SHA256
TLS_RSA_AES_128_CBC_SHA256
TLS_RSA_AES_128_CBC_SHA1		 TLS_ECDHE_PSK_AES_128_CBC_SHA256
TLS_ECDHE_PSK_AES_128_CBC_SHA1
TLS_PSK_AES_128_GCM_SHA256
TLS_PSK_AES_128_CBC_SHA256
TLS_PSK_AES_128_CBC_SHA1
OpenSSL 1.0.2c ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES128-SHA
AES128-GCM-SHA256
AES128-SHA256
AES128-SHA		 PSK-AES128-CBC-SHA
OpenSSL 1.1.0 ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES128-SHA
AES128-GCM-SHA256
AES128-CCM8
AES128-CCM
AES128-SHA256
AES128-SHA
 ECDHE-PSK-AES128-CBC-SHA256
ECDHE-PSK-AES128-CBC-SHA
PSK-AES128-GCM-SHA256
PSK-AES128-CCM8
PSK-AES128-CCM
PSK-AES128-CBC-SHA256
PSK-AES128-CBC-SHA

均抖忍抉把我找技抑 扮我扳把抉志忘扶我攸 扭把我 我扼扭抉抖抆戒抉志忘扶我我 扼快把找我扳我抗忘找抉志:

TLS 扼快把志快把
TLS 抗抖我快扶找 mbed TLS (PolarSSL) GnuTLS OpenSSL 1.0.2
mbed TLS (PolarSSL) TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
GnuTLS TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
OpenSSL 1.0.2 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256

均抖忍抉把我找技抑 扮我扳把抉志忘扶我攸 扭把我 我扼扭抉抖抆戒抉志忘扶我我 PSK:

TLS 扼快把志快把
TLS 抗抖我快扶找 mbed TLS (PolarSSL) GnuTLS OpenSSL 1.0.2
mbed TLS (PolarSSL) TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 TLS-PSK-WITH-AES-128-CBC-SHA
GnuTLS TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 TLS-PSK-WITH-AES-128-CBC-SHA
OpenSSL 1.0.2 TLS-PSK-WITH-AES-128-CBC-SHA TLS-PSK-WITH-AES-128-CBC-SHA TLS-PSK-WITH-AES-128-CBC-SHA

User-configured ciphersuites

The built-in ciphersuite selection criteria can be overridden with user-configured ciphersuites.

User-configured ciphersuites is a feature intended for advanced users who understand TLS ciphersuites, their security and consequences of mistakes, and who are comfortable with TLS troubleshooting.

The built-in ciphersuite selection criteria can be overridden using the following parameters:

Override scope Parameter Value Description
Ciphersuite selection for certificates TLSCipherCert13 Valid OpenSSL 1.1.1 for TLS 1.3 protocol (their values are passed to the OpenSSL function SSL_CTX_set_ciphersuites()). Certificate-based ciphersuite selection criteria for TLS 1.3

Only OpenSSL 1.1.1 or newer.
TLSCipherCert Valid OpenSSL for TLS 1.2 or valid GnuTLS . Their values are passed to the SSL_CTX_set_cipher_list() or gnutls_priority_init() functions, respectively. Certificate-based ciphersuite selection criteria for TLS 1.2/1.3 (GnuTLS), TLS 1.2 (OpenSSL)
Ciphersuite selection for PSK TLSCipherPSK13 Valid OpenSSL 1.1.1 for TLS 1.3 protocol (their values are passed to the OpenSSL function SSL_CTX_set_ciphersuites()). PSK-based ciphersuite selection criteria for TLS 1.3

Only OpenSSL 1.1.1 or newer.
TLSCipherPSK Valid OpenSSL for TLS 1.2 or valid GnuTLS . Their values are passed to the SSL_CTX_set_cipher_list() or gnutls_priority_init() functions, respectively. PSK-based ciphersuite selection criteria for TLS 1.2/1.3 (GnuTLS), TLS 1.2 (OpenSSL)
Combined ciphersuite list for certificate and PSK TLSCipherAll13 Valid OpenSSL 1.1.1 for TLS 1.3 protocol (their values are passed to the OpenSSL function SSL_CTX_set_ciphersuites()). Ciphersuite selection criteria for TLS 1.3

Only OpenSSL 1.1.1 or newer.
TLSCipherAll Valid OpenSSL for TLS 1.2 or valid GnuTLS . Their values are passed to the SSL_CTX_set_cipher_list() or gnutls_priority_init() functions, respectively. Ciphersuite selection criteria for TLS 1.2/1.3 (GnuTLS), TLS 1.2 (OpenSSL)

To override the ciphersuite selection in zabbix_get and zabbix_sender utilities - use the command-line parameters:

  • --tls-cipher13
  • --tls-cipher

The new parameters are optional. If a parameter is not specified, the internal default value is used. If a parameter is defined it cannot be empty.

If the setting of a TLSCipher* value in the crypto library fails then the server, proxy or agent will not start and an error is logged.

It is important to understand when each parameter is applicable.

Outgoing connections

The simplest case is outgoing connections:

  • For outgoing connections with certificate - use TLSCipherCert13 or TLSCipherCert
  • For outgoing connections with PSK - use TLSCipherPSK13 and TLSCipherPSK
  • In case of zabbix_get and zabbix_sender utilities the command-line parameters --tls-cipher13 and --tls-cipher can be used (encryption is unambiguously specified with a --tls-connect parameter)
Incoming connections

It is a bit more complicated with incoming connections because rules are specific for components and configuration.

For 韓誥傭痔 agent:

Agent connection setup Cipher configuration
TLSConnect=cert TLSCipherCert, TLSCipherCert13
TLSConnect=psk TLSCipherPSK, TLSCipherPSK13
TLSAccept=cert TLSCipherCert, TLSCipherCert13
TLSAccept=psk TLSCipherPSK, TLSCipherPSK13
TLSAccept=cert,psk TLSCipherAll, TLSCipherAll13

For 韓誥傭痔 server and ** proxy**:

Connection setup Cipher configuration
Outgoing connections using PSK TLSCipherPSK, TLSCipherPSK13
Incoming connections using certificates TLSCipherAll, TLSCipherAll13
Incoming connections using PSK if server has no certificate TLSCipherPSK, TLSCipherPSK13
Incoming connections using PSK if server has certificate TLSCipherAll, TLSCipherAll13

Some pattern can be seen in the two tables above:

  • TLSCipherAll and TLSCipherAll13 can be specified only if a combined list of certificate- and PSK-based ciphersuites is used. There are two cases when it takes place: server (proxy) with a configured certificate (PSK ciphersuites are always configured on server, proxy if crypto library supports PSK), agent configured to accept both certificate- and PSK-based incoming connections
  • in other cases TLSCipherCert* and/or TLSCipherPSK* are sufficient

The following tables show the TLSCipher* built-in default values. They could be a good starting point for your own custom values.

Parameter GnuTLS 3.6.12
TLSCipherCert NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509
TLSCipherPSK NONE:+VERS-TLS1.2:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL
TLSCipherAll NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509
Parameter OpenSSL 1.1.1d 1
TLSCipherCert13
TLSCipherCert EECDH+aRSA+AES128:RSA+aRSA+AES128
TLSCipherPSK13 TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
TLSCipherPSK kECDHEPSK+AES128:kPSK+AES128
TLSCipherAll13
TLSCipherAll EECDH+aRSA+AES128:RSA+aRSA+AES128:kECDHEPSK+AES128:kPSK+AES128

1 Default values are different for older OpenSSL versions (1.0.1, 1.0.2, 1.1.0), for LibreSSL and if OpenSSL is compiled without PSK support.

** Examples of user-configured ciphersuites **

See below the following examples of user-configured ciphersuites:

Testing cipher strings and allowing only PFS ciphersuites

To see which ciphersuites have been selected you need to set 'DebugLevel=4' in the configuration file, or use the -vv option for zabbix_sender.

Some experimenting with TLSCipher* parameters might be necessary before you get the desired ciphersuites. It is inconvenient to restart 韓誥傭痔 server, proxy or agent multiple times just to tweak TLSCipher* parameters. More convenient options are using zabbix_sender or the openssl command. Let's show both.

1. Using zabbix_sender.

Let's make a test configuration file, for example /home/zabbix/test.conf, with the syntax of a zabbix_agentd.conf file:

  Hostname=nonexisting
         ServerActive=nonexisting
         
         TLSConnect=cert
         TLSCAFile=/home/zabbix/ca.crt
         TLSCertFile=/home/zabbix/agent.crt
         TLSKeyFile=/home/zabbix/agent.key
         TLSPSKIdentity=nonexisting
         TLSPSKFile=/home/zabbix/agent.psk

You need valid CA and agent certificates and PSK for this example. Adjust certificate and PSK file paths and names for your environment.

If you are not using certificates, but only PSK, you can make a simpler test file:

  Hostname=nonexisting
         ServerActive=nonexisting
         
         TLSConnect=psk
         TLSPSKIdentity=nonexisting
         TLSPSKFile=/home/zabbix/agentd.psk

The selected ciphersuites can be seen by running zabbix_sender (example compiled with OpenSSL 1.1.d):

  $ zabbix_sender -vv -c /home/zabbix/test.conf -k nonexisting_item -o 1 2>&1 | grep ciphersuites
         zabbix_sender [41271]: DEBUG: zbx_tls_init_child() certificate ciphersuites: TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA AES128-GCM-SHA256 AES128-CCM8 AES128-CCM AES128-SHA256 AES128-SHA
         zabbix_sender [41271]: DEBUG: zbx_tls_init_child() PSK ciphersuites: TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 ECDHE-PSK-AES128-CBC-SHA256 ECDHE-PSK-AES128-CBC-SHA PSK-AES128-GCM-SHA256 PSK-AES128-CCM8 PSK-AES128-CCM PSK-AES128-CBC-SHA256 PSK-AES128-CBC-SHA
         zabbix_sender [41271]: DEBUG: zbx_tls_init_child() certificate and PSK ciphersuites: TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA AES128-GCM-SHA256 AES128-CCM8 AES128-CCM AES128-SHA256 AES128-SHA ECDHE-PSK-AES128-CBC-SHA256 ECDHE-PSK-AES128-CBC-SHA PSK-AES128-GCM-SHA256 PSK-AES128-CCM8 PSK-AES128-CCM PSK-AES128-CBC-SHA256 PSK-AES128-CBC-SHA

Here you see the ciphersuites selected by default. These default values are chosen to ensure interoperability with 韓誥傭痔 agents running on systems with older OpenSSL versions (from 1.0.1).

With newer systems you can choose to tighten security by allowing only a few ciphersuites, e.g. only ciphersuites with PFS (Perfect Forward Secrecy). Let's try to allow only ciphersuites with PFS using TLSCipher* parameters.

The result will not be interoperable with systems using OpenSSL 1.0.1 and 1.0.2, if PSK is used. Certificate-based encryption should work.

Add two lines to the test.conf configuration file:

  TLSCipherCert=EECDH+aRSA+AES128
         TLSCipherPSK=kECDHEPSK+AES128

and test again:

  $ zabbix_sender -vv -c /home/zabbix/test.conf -k nonexisting_item -o 1 2>&1 | grep ciphersuites            
         zabbix_sender [42892]: DEBUG: zbx_tls_init_child() certificate ciphersuites: TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA        
         zabbix_sender [42892]: DEBUG: zbx_tls_init_child() PSK ciphersuites: TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 ECDHE-PSK-AES128-CBC-SHA256 ECDHE-PSK-AES128-CBC-SHA        
         zabbix_sender [42892]: DEBUG: zbx_tls_init_child() certificate and PSK ciphersuites: TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA AES128-GCM-SHA256 AES128-CCM8 AES128-CCM AES128-SHA256 AES128-SHA ECDHE-PSK-AES128-CBC-SHA256 ECDHE-PSK-AES128-CBC-SHA PSK-AES128-GCM-SHA256 PSK-AES128-CCM8 PSK-AES128-CCM PSK-AES128-CBC-SHA256 PSK-AES128-CBC-SHA

The "certificate ciphersuites" and "PSK ciphersuites" lists have changed - they are shorter than before, only containing TLS 1.3 ciphersuites and TLS 1.2 ECDHE-* ciphersuites as expected.

2. TLSCipherAll and TLSCipherAll13 cannot be tested with zabbix_sender; they do not affect "certificate and PSK ciphersuites" value shown in the example above. To tweak TLSCipherAll and TLSCipherAll13 you need to experiment with the agent, proxy or server.

So, to allow only PFS ciphersuites you may need to add up to three parameters

  TLSCipherCert=EECDH+aRSA+AES128
         TLSCipherPSK=kECDHEPSK+AES128
         TLSCipherAll=EECDH+aRSA+AES128:kECDHEPSK+AES128

to zabbix_agentd.conf, zabbix_proxy.conf and zabbix_server_conf if each of them has a configured certificate and agent has also PSK.

If your 韓誥傭痔 environment uses only PSK-based encryption and no certificates, then only one:

  TLSCipherPSK=kECDHEPSK+AES128

Now that you understand how it works you can test the ciphersuite selection even outside of 韓誥傭痔, with the openssl command. Let's test all three TLSCipher* parameter values:

  $ openssl ciphers EECDH+aRSA+AES128 | sed 's/:/ /g'
         TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
         $ openssl ciphers kECDHEPSK+AES128 | sed 's/:/ /g'
         TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 ECDHE-PSK-AES128-CBC-SHA256 ECDHE-PSK-AES128-CBC-SHA
         $ openssl ciphers EECDH+aRSA+AES128:kECDHEPSK+AES128 | sed 's/:/ /g'
         TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-PSK-AES128-CBC-SHA256 ECDHE-PSK-AES128-CBC-SHA

You may prefer openssl ciphers with option -V for a more verbose output:

  $ openssl ciphers -V EECDH+aRSA+AES128:kECDHEPSK+AES128
                   0x13,0x02 - TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD
                   0x13,0x03 - TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any      Au=any  Enc=CHACHA20/POLY1305(256) Mac=AEAD
                   0x13,0x01 - TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(128) Mac=AEAD
                   0xC0,0x2F - ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
                   0xC0,0x27 - ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
                   0xC0,0x13 - ECDHE-RSA-AES128-SHA    TLSv1 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA1
                   0xC0,0x37 - ECDHE-PSK-AES128-CBC-SHA256 TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(128)  Mac=SHA256
                   0xC0,0x35 - ECDHE-PSK-AES128-CBC-SHA TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(128)  Mac=SHA1

Similarly, you can test the priority strings for GnuTLS:

  $ gnutls-cli -l --priority=NONE:+VERS-TLS1.2:+ECDHE-RSA:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509
         Cipher suites for NONE:+VERS-TLS1.2:+ECDHE-RSA:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509
         TLS_ECDHE_RSA_AES_128_GCM_SHA256                        0xc0, 0x2f      TLS1.2
         TLS_ECDHE_RSA_AES_128_CBC_SHA256                        0xc0, 0x27      TLS1.2
         
         Protocols: VERS-TLS1.2
         Ciphers: AES-128-GCM, AES-128-CBC
         MACs: AEAD, SHA256
         Key Exchange Algorithms: ECDHE-RSA
         Groups: GROUP-SECP256R1, GROUP-SECP384R1, GROUP-SECP521R1, GROUP-X25519, GROUP-X448, GROUP-FFDHE2048, GROUP-FFDHE3072, GROUP-FFDHE4096, GROUP-FFDHE6144, GROUP-FFDHE8192
         PK-signatures: SIGN-RSA-SHA256, SIGN-RSA-PSS-SHA256, SIGN-RSA-PSS-RSAE-SHA256, SIGN-ECDSA-SHA256, SIGN-ECDSA-SECP256R1-SHA256, SIGN-EdDSA-Ed25519, SIGN-RSA-SHA384, SIGN-RSA-PSS-SHA384, SIGN-RSA-PSS-RSAE-SHA384, SIGN-ECDSA-SHA384, SIGN-ECDSA-SECP384R1-SHA384, SIGN-EdDSA-Ed448, SIGN-RSA-SHA512, SIGN-RSA-PSS-SHA512, SIGN-RSA-PSS-RSAE-SHA512, SIGN-ECDSA-SHA512, SIGN-ECDSA-SECP521R1-SHA512, SIGN-RSA-SHA1, SIGN-ECDSA-SHA1
Switching from AES128 to AES256

韓誥傭痔 uses AES128 as the built-in default for data. Let's assume you are using certificates and want to switch to AES256, on OpenSSL 1.1.1.

This can be achieved by adding the respective parameters in zabbix_server.conf:

  TLSCAFile=/home/zabbix/ca.crt
         TLSCertFile=/home/zabbix/server.crt
         TLSKeyFile=/home/zabbix/server.key
         TLSCipherCert13=TLS_AES_256_GCM_SHA384
         TLSCipherCert=EECDH+aRSA+AES256:-SHA1:-SHA384
         TLSCipherPSK13=TLS_CHACHA20_POLY1305_SHA256
         TLSCipherPSK=kECDHEPSK+AES256:-SHA1
         TLSCipherAll13=TLS_AES_256_GCM_SHA384
         TLSCipherAll=EECDH+aRSA+AES256:-SHA1:-SHA384

Although only certificate-related ciphersuites will be used, TLSCipherPSK* parameters are defined as well to avoid their default values which include less secure ciphers for wider interoperability. PSK ciphersuites cannot be completely disabled on server/proxy.

And in zabbix_agentd.conf:

  TLSConnect=cert
         TLSAccept=cert
         TLSCAFile=/home/zabbix/ca.crt
         TLSCertFile=/home/zabbix/agent.crt
         TLSKeyFile=/home/zabbix/agent.key
         TLSCipherCert13=TLS_AES_256_GCM_SHA384
         TLSCipherCert=EECDH+aRSA+AES256:-SHA1:-SHA384
? 2001-2025 by 韓誥傭痔 SIA. All rights reserved.
Except where otherwise noted, 韓誥傭痔 Documentation is licensed under the following license
Trademark Policy