Académique Documents
Professionnel Documents
Culture Documents
Features of Zabbix:
1. Infrastructure Monitoring
a. Provided by: Zabbix Server
b. Data collection provided by: Zabbix Server (Default=MySQL) || Zabbix Proxy
Package (Scales better by offloading data-collection)
b1. Pollers - interrogate devices for details - pull mechanism - fetches data
from targets (monitored HOSTs)
b2. Trappers - Receive data from: Senders, Agents, Proxies, Child Nodes
Note: Whether push || pull - retrieved data are collected by trappers and stored in
back-end DB: i.e. SQLite, MySQL, PostGreSQL, etc.
c. Users standard protocols: ICMP, TCP, UDP, etc. (i.e. MySQL, SSH, HTTP, HTTPS)
5. Modular
a. Zabbix Server (for particular DBs: i.e. MySQL, PostGreSQL) - Main monitoring
engine
b. Zabbix Proxy - Optional Data Collection Offload - ultimately propagates data
back to Zabbix Server -> DB
c. Zabbix Front-End - PHP Web Interface
d. Zabbix Agent (Multi-Platform) - Installed on Targets (HOSTs)
d1. NOTE: Default security = IP-based security
d2. NOTE: Zabbix communicates via: TCP: 10050
d3. NOTE: Default Agent behavior accepts Zabbix Server requests from localhost,
restricting access to potentially unknown, rogue, Zabbix Servers
d4. NOTE: Add L3 security (Firewall) to protect access
6. Reporting - Extensive
a. Zabbix Status, Availability Report, Top 100 Triggers, Bar Reports, Screens,
Graphs, etc.
7. Various Notifications via: 'Media Types': E-mail, SMS, Jabber, Custom Script
8. Maintenance Window Definition - Schedule Downtime of HOSTs
NOTE: Typically applied to groups or hosts: i.e. 'Linux Servers', 'ALL', 'Zabbix
Servers', 'linuxcbtbuild1'
9. SLA Monitoring - Maintenance Window Definition will NOT impact SLAs
#Installation & Configuration - Zabbix Server MySQL && Front-End Web Interface #
Features:
1. Monitoring Engine - 'zabbix-server-mysql...'
2. Web Front-End - 'zabbix-frontend-php...'
Tasks:
1. Obtain packages from: zabbix.com
a. NOTE: Packages are grouped by platform: i386, amd64, except Web Front-end,
which is platform-agnostic
b. 'wget http://repo.zabbix.com/zabbix/2.2/ubuntu/pool/main/z/zabbix/zabbix-
server-mysql_2.2.3-1+precise_amd64.deb'
c. 'wget http://repo.zabbix.com/zabbix/2.2/ubuntu/pool/main/z/zabbix/zabbix-
frontend-php_2.2.3-1+precise_all.deb'
2. Install Pre-Requisites:
a. 'aptitude install libiksemel3 libopenipmi0 libssh2-1 fping dbconfig-common
php5 libodbc1' - support the Zabbix packages
3. Install Server
a. 'dpkg -i zabbix-server-mysql_2.2.3-1+precise_amd64.deb' - auto-generates MySQL
password for user = 'zabbix'
b. 'dpkg -i zabbix-frontend-php_2.2.3-1+precise_all.deb'
4. Server Footprint
a. 'dpkg -L zabbix-server-mysql'
a1. '/etc/zabbix' - config container
a2. '/etc/zabbix/zabbix_server.conf' - primary config - also contains MySQL
credentials in clear-text - use on agents
a3. '/etc/zabbix/apache.conf' - applies to ALL virtual hosts and default host on
Apache instance. Move to VHost if desired.
a4. '/var/log/zabbix/zabbix_server.log' - primary log file
5. Front-end Footprint
a. 'dpkg -L zabbix-frontend-php'
6. Ensure that 'date.timezone = ?' - set to something prior to usage - Default PHP
implemenation is unset
a. 'grep timezone /etc/php5/apache2/php.ini' - ensure that a timezone is
specified
Tasks:
1. Login as Super Admin: 'admin' with Default password: 'zabbix'
2. Disable GUEST access
a. 'Administration -> Users -> Toggle 'Enabled' for Guests Group'
3. Change 'admin' password
a. 'Administration -> Users -> Admin... -> Change Password'
Tasks:
1. Monitor HOST
a. Download the agent
b. install & confirm
c. Add to Zabbix
c1. Configuration -> HOST -> Add - associate various templates
d. Troubleshoot - problems with NTP and MySQL
e. Removed NTP
f. Troubleshoot MySQL
NOTE: MySQL polling requires credentials in: $HOME of 'zabbix' user:
'/var/lib/zabbix'
g. 'mkdir /var/lib/zabbix && chown zabbix.zabbix /var/lib/zabbix && chmod 750
/var/lib/zabbix'
/var/lib/zabbix/.my.cnf
[client]
user=zabbix
password=t1G7hX5du20Mfff
# Problem with CentOS 6.5 regarding SELinux - Inability to access MySQL Socket #
Checks:
1. Ability to connect to MySQL from $SHELL as the user 'zabbix'
2. '/var/log/audit/audit.log' - 'avc' messages
Workarounds:
1. Set SELinux to 'Permissive'
a. 'setenforce 0'
b. Add 'linuxcbtcent2' to list of monitored HOSTs and then set SELinux to
Permissive
Note: Post SELinux Policy update, the option to rebuild 'zabbix' policy exists once
Note: Post-rebuild, Zabbix agent will be able to acces MySQL
# Notifications #
Features:
1. Actions invoked by Triggers
2. Logged via: Administration -> Notifications
Tasks:
1. Debug Zabbix Server's inability to contact agent on: 'linuxcbtcent2'
a. 'ps -ef | grep zabbix' - returns list of processes
b. 'netstat -ntlp | grep 10050' - returns socket
c.'grep -i server /etc/zabbix/zabbix_agentd.conf' - restricted to: 'localhost' -
this is the problem
NOTE: 'linuxcbtcent2' failed to generate a notification because it was NOT
completely, initially monitored. Limited data for SSH was returned
Tasks:
1. Setup basic Maintenance window for today for 2-hours
a. Configuration -> Maintenance - New Window with recurring schedule
b. Fail HTTP services and ensure that messages are NOT generated
Tasks:
1. Create 'devops' user -> operations@linuxcbtmon1.linuxcbt.internal
a. Add 'Media'
b. Assign permissions to HOST Group
# Reports #
Features:
1. Zabbix Status - Server
2. Availability for SLAs
3. Top Triggers - 100
4. Customizable Bar Reports