Add Mozilla HTTP Observatory API template for Zabbix 7.4

[redpeppers-01]

Summary

Add a new Mozilla HTTP Observatory API template for Zabbix 7.4.

This contribution adds the full template structure for monitoring Mozilla HTTP Observatory scan results through the API, including discovery, item prototypes, trigger logic, macros, supporting images, and complete end-user documentation.

What Changed

• Added the Mozilla HTTP Observatory API template for Zabbix 7.4
• Added HTTP agent-based target discovery using {$MOZ_API_TARGETS}
• Added item prototypes for:
  • grade
  • score
  • status code
  • tests passed
  • tests failed
  • tests quantity
  • error
  • details URL
• Added trigger prototype for grades outside the allowed policy
• Added template macros for:
  • {$MOZ_API_BASE}
  • {$MOZ_API_TARGETS}
  • {$MOZ_API_ALLOWED_GRADES_REGEX}
• Added JavaScript preprocessing for target normalization and deduplication
• Added documentation and visual references for the template structure:
  • LLD rules
  • item prototypes
  • trigger prototype

Default Behavior

• Default allowed grades regex:
  • ^(A\+|A|A-)$
• Trigger alerts when a returned grade falls outside the allowed set
• NOT_FOUND handling is excluded from alerting logic
• Recovery is automatic when the grade returns to an allowed value

Why

This template adds a reusable way to monitor external web security posture in Zabbix using Mozilla HTTP Observatory results. It provides a structured template implementation with discovery, policy-based alerting, and documentation for deployment and operational use.

Notes

• Includes template structure and documentation as a complete contribution
• README content was verified against the template YAML for consistency
• Built for Zabbix 7.4

[Copilot]

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

Adds a Zabbix 7.4 template to monitor Mozilla HTTP Observatory scan results via the public API, including discovery, per-target items, alerting policy, and end-user documentation.

Changes:

• Added a new Zabbix template YAML with LLD, item prototypes, trigger prototype, and macros.
• Implemented JavaScript preprocessing to normalize/deduplicate targets from {$MOZ_API_TARGETS}.
• Added a comprehensive README describing installation, usage, and troubleshooting.

Reviewed changes

Copilot reviewed 2 out of 5 changed files in this pull request and generated 24 comments.

File	Description
Web_scenarios/template_mozilla_http_observatory/7.4/template_mozilla_http_observatory.yaml	Defines the new Zabbix 7.4 template (LLD, HTTP agent items, triggers, macros).
Web_scenarios/template_mozilla_http_observatory/7.4/README.md	Documents template features, setup steps, and operational guidance.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Each discovered target performs 8 separate HTTP agent POST requests to the same /api/v2/scan?host=... endpoint every interval. If the endpoint triggers (or queues) a scan per call, this multiplies external load and can lead to throttling/timeouts and unnecessary Zabbix worker utilization. Consider switching to a single 'master' HTTP agent item per target that fetches the JSON once, then implement the other metrics as dependent items extracting grade/score/status_code/tests_* (via JSONPath or JavaScript preprocessing).

[Copilot]

Each discovered target performs 8 separate HTTP agent POST requests to the same /api/v2/scan?host=... endpoint every interval. If the endpoint triggers (or queues) a scan per call, this multiplies external load and can lead to throttling/timeouts and unnecessary Zabbix worker utilization. Consider switching to a single 'master' HTTP agent item per target that fetches the JSON once, then implement the other metrics as dependent items extracting grade/score/status_code/tests_* (via JSONPath or JavaScript preprocessing).

[Copilot]

Each discovered target performs 8 separate HTTP agent POST requests to the same /api/v2/scan?host=... endpoint every interval. If the endpoint triggers (or queues) a scan per call, this multiplies external load and can lead to throttling/timeouts and unnecessary Zabbix worker utilization. Consider switching to a single 'master' HTTP agent item per target that fetches the JSON once, then implement the other metrics as dependent items extracting grade/score/status_code/tests_* (via JSONPath or JavaScript preprocessing).

[Copilot]

Each discovered target performs 8 separate HTTP agent POST requests to the same /api/v2/scan?host=... endpoint every interval. If the endpoint triggers (or queues) a scan per call, this multiplies external load and can lead to throttling/timeouts and unnecessary Zabbix worker utilization. Consider switching to a single 'master' HTTP agent item per target that fetches the JSON once, then implement the other metrics as dependent items extracting grade/score/status_code/tests_* (via JSONPath or JavaScript preprocessing).

[Copilot]

Each discovered target performs 8 separate HTTP agent POST requests to the same /api/v2/scan?host=... endpoint every interval. If the endpoint triggers (or queues) a scan per call, this multiplies external load and can lead to throttling/timeouts and unnecessary Zabbix worker utilization. Consider switching to a single 'master' HTTP agent item per target that fetches the JSON once, then implement the other metrics as dependent items extracting grade/score/status_code/tests_* (via JSONPath or JavaScript preprocessing).

[Copilot]

These image links are relative to the README location. Since this README is already under .../7.4/, prefixing with 7.4/ likely makes the paths incorrect (resolving to .../7.4/7.4/files/...). Update the links to be relative to the README directory (e.g., files/img/lld_rules.png, etc.) so they render correctly in GitHub.

Suggested change

	
	### Item Prototypes
	
	### Trigger Prototype
	
	
	### Item Prototypes
	
	### Trigger Prototype
	

[Copilot]

These image links are relative to the README location. Since this README is already under .../7.4/, prefixing with 7.4/ likely makes the paths incorrect (resolving to .../7.4/7.4/files/...). Update the links to be relative to the README directory (e.g., files/img/lld_rules.png, etc.) so they render correctly in GitHub.

Suggested change

	
	### Item Prototypes
	
	### Trigger Prototype
	
	
	### Item Prototypes
	
	### Trigger Prototype
	

[Copilot]

These image links are relative to the README location. Since this README is already under .../7.4/, prefixing with 7.4/ likely makes the paths incorrect (resolving to .../7.4/7.4/files/...). Update the links to be relative to the README directory (e.g., files/img/lld_rules.png, etc.) so they render correctly in GitHub.

Suggested change

	
	### Item Prototypes
	
	### Trigger Prototype
	
	
	### Item Prototypes
	
	### Trigger Prototype
	

[Copilot]

Target splitting currently handles newline/comma/semicolon/space but not other common whitespace (e.g., tabs). To make input handling more robust and match the README claim of 'space-separated', consider splitting on general whitespace plus separators (e.g., include \\t or use \\s along with comma/semicolon).

Suggested change

	var parts = String(targetsRaw || '').split(/[\n,; ]+/);
	var parts = String(targetsRaw || '').split(/[\s,;]+/);

[Copilot]

The author line appears to have a malformed scheme (://...) and includes trailing whitespace in the description block. Consider normalizing this to a clear contact format (e.g., email without a pseudo-scheme, or a proper mailto:/URL), and remove trailing spaces to keep exported YAML clean and consistent.