Hi Tony,

I'm monitoring using the following userparameter (basically run "ipactl status" and grep out lines which are known good so only errors are returned):

UserParameter=ipa.status,sudo /usr/sbin/ipactl status 2>&1 | egrep -v "(INFO\: The ipactl command was successful$|: RUNNING$)"

ipactl needs root access so I have a file in /etc/sudoers.d/zabbix with these lines to allow the zabbix user to sudo the ipactl status command only without a password:

Then just create a trigger to alert if the returned value contains any characters. eg this matches on any char apart from whitespace:

{Custom Template IPA Server:ipa.status.regexp([^\s],1200)}=1

If anyone else has a better way to do this I'd be interested to hear it.

Regards,

Neal.