Zabbix
Zabbix LLCmonitoring3 credentials
API Token
zabbix / api-token
Zabbix API requests can be authorized with an API token. Zabbix documents sending the token in the Authorization header using Bearer authentication.
Location
AuthorizationBearer token used for Zabbix API requests
ZABBIX_TOKEN, ZABBIX_API_TOKENautomation config, .env files, monitoring integration config, and deployment manifests
CI/CD variables, cloud secret managers, and monitoring automation secrets
Zabbix API scripts, Terraform providers, tests, and committed examples
API client traces, webhook automation logs, and CI output
Notes
API token permissions depend on the creating user and token scope. Treat tokens as bearer credentials for Zabbix API operations.
Frontend User Password
zabbix / frontend-user-password
Zabbix frontend users authenticate to the web interface and API workflows. Zabbix user accounts, groups, roles, and authentication settings control access to monitoring configuration and historical data.
Location
Zabbix database tables storing users, sessions, roles, and password verifier material
/zabbix/index.php, /zabbix/api_jsonrpc.phpZabbix web frontend and JSON-RPC API endpoint
frontend config, automation .env files, and integration settings
password vaults, CI/CD variables, and cloud secret managers
API scripts, deployment examples, tests, and accidentally committed credentials
web server logs, API request logs, and authentication troubleshooting output
Notes
Zabbix has historically documented installer/default credentials in some distribution contexts; avoid modeling a static default unless the exact package or appliance source states it ships that way.
Secret User Macro / External Secret
zabbix / macro-secret
Zabbix supports user macros, including secret user macros, and storage of secrets through external providers such as CyberArk and HashiCorp Vault. These secrets are often used by checks, web monitoring, and integrations.
Location
Zabbix secret macros, CyberArk, HashiCorp Vault, and frontend secret storage
Zabbix configuration database containing macro definitions and references
exported templates, automation config, and provisioning manifests
committed templates and monitoring-as-code repositories
item preprocessing logs, script output, and webhook debugging traces
Notes
Secret macros may contain credentials for monitored services and should be triaged as secrets even when they are not Zabbix login credentials.
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.