Difference between revisions of "Zabbix"

From SME Server
Jump to navigationJump to search
Line 235: Line 235:
 
Please read Chap. 2.3.4.ZABBIX Agent page 39 and Chap. 3.3.ZABBIX Agent (UNIX, standalone daemon) of the manual for more information on Zabbix agent.
 
Please read Chap. 2.3.4.ZABBIX Agent page 39 and Chap. 3.3.ZABBIX Agent (UNIX, standalone daemon) of the manual for more information on Zabbix agent.
  
===== Installation  SME9 =====
 
first enable the needed repo: Firewall service 
 
{{:Fws}}
 
  
and EPEL
+
<tabs container><tab name="For SME 10">
{{:Epel}}
+
yum install smeserver-extrarepositories-zabbix
 +
 
 +
then you need to enable the one you want zabbix42, zabbix44, zabbix45, zabbix50, zabbix51, zabbix52, zabbix53. You need to have an agent at most equal to the server version. If your zabbix server is on an SME it should equal or lesser than zabbix44 as per 2021/03. You can upgrade the agent later.
 +
 
 +
yum install smeserver-zabbix-agent --enablerepo=smecontribs,zabbix44
 +
 +
</tab>
 +
<tab name="For SME 9">
 +
first enable the needed repo: Firewall service  and EPEL
 +
yum install smeserver-extrarepositories-epel smeserver-extrarepositories-fws
 
  signal-event yum-modify
 
  signal-event yum-modify
  
 
to install Zabbix agent, just use yum:
 
to install Zabbix agent, just use yum:
 
  yum --enablerepo=smecontribs,fws,epel install smeserver-zabbix-agent
 
  yum --enablerepo=smecontribs,fws,epel install smeserver-zabbix-agent
 
+
</tab>
 +
</tabs>
  
 
This package will download at least the following dependencies:
 
This package will download at least the following dependencies:

Revision as of 16:31, 1 April 2021



Incomplete.png Incomplete:
This article or section needs to be expanded. Please help to fill the gaps or discuss the issue on the talk page



Maintainer

[1]Daniel B. from Firewall Services

Description

Zabbix offers advanced monitoring, alerting and visualisation features today which are missing in other monitoring systems, even some of the best commercial ones:

Features

Here are some of the features provided by Zabbix:

  • Distributed monitoring
    • Centralized configuration
    • Centralized access to all data
    • Up-to 1000 of nodes
    • Unlimited number of proxies
  • Scalability
    • Tested with 10,000 monitored devices and servers
    • Tested with 100,000 availability and performance checks
    • Processing of thousands of availability and performance checks per second
  • Real-time monitoring
    • Performance monitoring
    • Availability monitoring
    • Integrity monitoring
    • Flexible notification conditions
    • Alerting users (Email, SMS, Jabber)
    • Logging
  • Visualisation
    • User-defined views and slide shows
    • Mapping
    • Graphing (including pie charts)
    • Zooming
  • Fast Problem Resolution
    • Send alerts via email, cell phone, SMS or audio alerts
    • Execute remote commands
  • Assuring SLA
    • Hierarchical IT Services
    • Real-time SLA reporting
  • Reporting and trending
    • Easy integration of 3rd party tools
    • Analysis of yearly/monthly/daily statistics
    • SLA reports
  • XML data import/export
    • Easy sharing of templates
  • Auto discovery
    • Discovery by IP range, services and SNMP
    • Automatic monitoring of discovered devices
  • WEB monitoring
    • WEB performance and availability monitoring
    • Flexible scenarios
    • Support of POST and GET methods
  • Flexibility
    • Support of IPv4 and IPv6
    • Easily extendable native agents
    • Any notifications methods
    • Runs on any platform
  • Pro-active monitoring
    • Automatic execution of remote commands
    • Automatic IPMI commands
  • Aggregate monitoring
    • Monitoring of a group of hosts as a single host
  • Agentless monitoring
    • Monitoring of remote services (FTP, SSH, HTTP, other)
    • Support of SNMP v1,2,3
    • Support of IPMI
    • SNMP traps
  • High performance agents
    • All platforms supported (UNIX, Windows, Novell)
    • Memory utilisation
    • Network utilisation
    • Disk I/O
    • Disk space availability
    • File checksums
    • Monitoring of log files
    • And more...
  • Security
    • Flexible user permissions
    • Authentication by IP address
    • Protection against brute force attacks
  • Escalations and notifications
    • Repeated notifications
    • Unlimited escalations
    • Recovery messages
    • Be notified while problem is not resolved
  • Management functions
    • Ping, traceroute to a host
    • Any other functions
  • Dashboard
    • Personalized dashboard
    • Favourite resources
    • High level view
  • Agent-based monitoring
    • Native agent for any platform
    • Immune to connection problems
  • Open Source Solution
    • No license driven limitations
    • Access to source code
    • Open to code audit
  • Easy Administration
    • Very fast learning curve
    • All data is stored in a database (Oracle, MySQL, PostgreSQL, SQLite)
    • Centralised configuration and storage of information
  • and more...

Full documentation

A complete documentation is available as a PDF file here http://www.zabbix.com/documentation.php You'll also find some useful informations on the official wiki of the project and the forum.


Important.png Note:
This wiki page is not a complete guide for Zabbix, but just a starting point to run it on your SME Server using this contrib.

For a complete documentation, please refer to the project documentation: http://www.zabbix.com/documentation.php


Versions

The following is the information about the latest release of each component:

Contrib 10:
Devel 9:
Contrib 9:
smeserver-zabbix-server
The latest version of smeserver-zabbix-server is available in the SME repository, click on the version number(s) for more information.


smeserver-zabbix-proxy
The latest version of smeserver-zabbix-proxy is available in the SME repository, click on the version number(s) for more information.


Contrib 10:
smeserver-zabbix-agent
The latest version of smeserver-zabbix-agent is available in the SME repository, click on the version number(s) for more information.


Contrib 10:
zabbix-agent-addons
The latest version of zabbix-agent-addons is available in the SME repository, click on the version number(s) for more information.


Requirements

  • SME Server 7.X (9.X or higher for zabbix-server)
  • php>=5.4 for zabbix server only, hence you will need to first install smeserver-php-scl on SME9 and set php54 or higher as default php version

Components

Zabbix is composed of four major components:

  • The server (the main part). The server will store and analyse the different data, send alerts, etc...
  • The web interface (which is automatically installed with the server with this contrib).
  • The agent, which gathers informations on the different hosts you monitor.
  • The proxy, which is an optional part, can be used to collect performance and availability data locally, and send it to the server.

Server

The server is the core component of Zabbix software. It uses one database (MySQL in this contrib) to store configuration, performance and integrity information. The server can check network services with simple check (ICMP, TCP etc...) for agent-less monitoring, it can monitor network devices using SNMP and is also the central component to which agent report information (agent can work in active, passive, or both mode). The server will also analyse all the information and send alerts depending on very flexible triggers.

Installation on SME9

First enable the needed repo: Firewall service and REMI

db yum_repositories set fws repository \
BaseURL http://repo.firewall-services.com/centos/\$releasever \
EnableGroups no GPGCheck yes \
Name "Firewall Services" \
GPGKey http://repo.firewall-services.com/RPM-GPG-KEY \
Visible no status disabled


db yum_repositories set fws-testing repository \
BaseURL http://repo.firewall-services.com/centos-testing/\$releasever \
EnableGroups no GPGCheck yes \
Name "Firewall Services Testing" \
GPGKey http://repo.firewall-services.com/RPM-GPG-KEY \
Visible no status disabled


issue the following command on the SME Server shell:

/sbin/e-smith/db yum_repositories set remi-safe repository \
Name 'Remi - safe' \
BaseURL 'http://rpms.famillecollet.com/enterprise/$releasever/safe/$basearch/' \
EnableGroups no \
GPGCheck yes \
GPGKey http://rpms.famillecollet.com/RPM-GPG-KEY-remi \
Visible yes \
status enabled


signal-event yum-modify

to install Zabbix server, just use yum:

yum --enablerepo=smecontribs,fws,remi-safe install smeserver-zabbix-server --exclude=smeserver-zabbix-proxy

NB: the --exclude=smeserver-zabbix-proxy is due to a conflict in late 2019 on SME9 as FWS started using zabbix from zabbix repo instead of building it. We will fix this for SME10 in few months.

then go to your server-manager to set php5.4 or higher as default php for your SME, or you will not be able to access to zabbix web gui, or just issue the following

config setprop php54 PhpModule enabled   #replace here with php55 or php56 if you have other needs
signal-event php-update

then you will have to either tweak the default configuration as explain in next step or just issue :

signal-event zabbix-server-update

then go to your web interface : https://yourserveradress/zabbix

DB Parameters

Here's the list of available DB parameters for zabbix-server service on SME:

  • DbName: The name of the database where everything is stored. Default is 'zabbixdb'
  • DbPassword: The password of the database. A random password is generated during the installation
  • DbUser: The user name to access the database. Default is zabbixuser
  • JabberAccount: Account used to send jabber notification
  • JabberServer: Jabber server to use to send notifications
  • JabberPassword: Password for the account (for "JabberAccount")
  • JabberTLS: (enabled|disabled) Does your Jabber server requires TLS security
Important.png Note:
The different Jabber settings above are not for the built-in jabber notification function (because I couldn't get it working as my server requires TLS and the built-in features do not support it). But I've included a external script using sendxmpp to send the notification. You should have a media called 'xmpp' in zabbix administration.


  • NodeID: The node ID of your server. If you don't use distributed monitoring (just one central Zabbix server), you should let this to 0
  • TCPPort: Port used for agent<->server (and proxy<->server) communication. The default is 10051
  • TimeZone: It's very important for zabbix to know your time zone (PHP TimeZone setting). Unfortunately, SME do not set it. You can specify your time zone. This setting will only affect Zabbix
  • WebAccess: (local|public|disabled) From where you'll be able to access the web interface. You can set it to disabled if you want to disable the web interface (for example, if your server is a node of a distributed environment)
  • access: (public|local) From where zabbix port will be available (controlled by TCPPort). You should restrict the access to a list of host with the AllowHosts key if you set public here.
  • status: Should the service be started automatically ?


Once you have everything configured like you want, just issue

signal-event zabbix-server-update

to expand the templates and restart the needed services.

Web Interface

The main web interface is available (if not disabled with the key WebAccess) on https://server.domain.tld/zabbix. The default user is Admin (with uppercase A as first letter), with password zabbix (you should change this password ASAP)

Here are some screenshots of what you can get with zabbix

CPU Usage Graph
Memory Usage Graph
Network Usage Graph
Important.png Note:
You can select a period on any graph. With this great feature, you can easily zoom on a period of time to analyse things with hight precision


Incoming mails statistics
Screen
Important.png Note:
You can display as many graphs as you want in one screen, automatically refresh it, change it (display network graphs of hosts 1 during 2minutes, then display hardware graphs of hosts2 for 3 minutes etc...)


Triggers overview
Hosts Map
Important.png Note:
this is a very simple map, you can make it look nicer



For more screenshots, visit the project website here

Agent

Zabbix agent is a very small daemon which will gather information about the host being monitored, and report it to one or several server(s) (or proxy(s)). Agents can run in active or passive mode (or both):

  • In active mode, the agent will make outgoing connection to the server (port 10051 by default).
  • In passive mode, the server will connect to the agent (on port 10050 by default).

Please read Chap. 2.3.4.ZABBIX Agent page 39 and Chap. 3.3.ZABBIX Agent (UNIX, standalone daemon) of the manual for more information on Zabbix agent.


yum install smeserver-extrarepositories-zabbix

then you need to enable the one you want zabbix42, zabbix44, zabbix45, zabbix50, zabbix51, zabbix52, zabbix53. You need to have an agent at most equal to the server version. If your zabbix server is on an SME it should equal or lesser than zabbix44 as per 2021/03. You can upgrade the agent later.

yum install smeserver-zabbix-agent --enablerepo=smecontribs,zabbix44

first enable the needed repo: Firewall service and EPEL

yum install smeserver-extrarepositories-epel smeserver-extrarepositories-fws
signal-event yum-modify

to install Zabbix agent, just use yum:

yum --enablerepo=smecontribs,fws,epel install smeserver-zabbix-agent

This package will download at least the following dependencies:

  • zabbix (very small package with just common directories used by all zabbix components)
  • zabbix-agent (the agent)
  • smeserver-remoteuseraccess: this contrib is needed because it provides needed templates metadata for /etc/sudoers.
DB parameters

Here's the list of available DB parameters for zabbix-agent service on SME:

  • RemoteCommands: (enabled|disabled). If you want to enable remote commands on zabbix agent (you should read the zabbix documentation). Please, be aware that there're security implications if you enable it. The default is disabled
  • ServerPort: port to contact the server when running in active mode. Default to 10051
  • Servers: List of servers (or proxy), separated by commas, to which send informations. The first one may be used for active checks, the others are only for passive mode
  • TCPPort: TCP port on which the agent will listen if passive mode is enabled
  • access: (public|private) If you want to open the agent on the public interface (only useful if passive is enabled). If you set this to 'public' you should use the AllowHosts key to limit the access
  • active: (enabled|disabled) Do you want to enabled the active mode
  • passive: (enabled|disabled) Do you want to enable the passive mode
  • status: (enabled|disabled) Should the service be automatically started


Once you have everything configured like you want, just issue

signal-event zabbix-agent-update

to expand the templates and restart the needed services.

Remote client with encryption

on the client do:

openssl rand -hex 32 > /etc/zabbix/zabbix_agentd.psk
chown :zabbix /etc/zabbix/zabbix_agentd.psk
chmod 640 /etc/zabbix/zabbix_agentd.psk
signal-event zabbix-agent-update
cat /etc/zabbix/zabbix_agentd.psk

you might also need a public access there:

config setprop zabbix-agent  Servers IP1,IP2 access public  active disabled passive enabled AllowHosts IP1,IP2
signal-event zabbix-agent-update

On the Zabbix server interface for this client select :

  1. Connections to host: psk
  2. Connections from host: psk
  3. PSK identity: domain.name-agent
  4. psk: [paste here the output of cat /etc/zabbix/zabbix_agentd.psk]
agent on the local zabbix server
# config setprop zabbix-agent  access localhost  Servers localhost  active disabled  passive enabled
# signal-event zabbix-agent-update
Additional checks

Even if Zabbix agent is great and support natively a lot of checks, some were missing for my use, so I've added some UserParameters entries in the configuration file. For each of this check, you should add a new item with the name of the check as the key. Configuring the corresponding checks on the server can be quite long. You can have a look at the templates I use to monitor SME Servers. This archive contains some templates/items/graphs/triggers in XML format (exported from Zabbix). You can use the Import/Export functionality of Zabbix (Manual Chap. 8.XML IMPORT AND EXPORT page 154) to import it on your server.

You can also have a look at the configuration file /etc/zabbix/zabbix_agentd.conf to see the commands used to return the corresponding values. You'll also find for each UserParameter information on how to create the corresponding item on the server.

Please, read chapter 4.11.User Parameters page 119 of the manual to have more information on how UserParameters work.

  • External IP:
    • ip.external: Return the real external IP address.
  • Incoming mails statistics:


Important.png Note:
Since version 0.1-28 of smeserver-zabbix-agent, the keys to retrieve emails statistics has changed. The value retrieved here are for the last 10 Minutes (the statistics are updated with a cronjob every 10 minutes), so you should configured these items to be refreshed every 600 seconds


    • mail.in[dnsbl]: number of emails rejected by DNSBL
    • mail.in[rhsbl]: number of emails rejected by RHSBL
    • mail.in[clamav]: number of emails rejected by CLAMAV
    • mail.in[check_earlytalker]: number of emails rejected by EARLYTALKER
    • mail.in[check_basicheaders]: number of emails rejected by BASICHEADERS
    • mail.in[check_goodrcptto]: number of emails rejected by GOODRCPTTO
    • mail.in[check_spamhelo]: number of emails rejected by SPAMHELO
    • mail.in[total_denied]: sum of rejected emails (sum of the above checks)
    • mail.in[spam_denied]: number of emails rejected by SPAMASSASSIN
    • mail.in[other_denied]: number of emails rejected by others checks
    • mail.in[spam_queued]: number of emails queued but marked as spam by SPAMASSASSIN
    • mail.in[queued]: number of emails queued (HAM)
    • mail.in[total]: number of emails received (accept + denied)
  • Outgoing mails statistics:
    • mail.out[total]: sum of outgoing emails
    • mail.out[success]: number of successful transmitted emails
    • mail.out[deferral]: number of deferred emails
    • mail.out[failure]: number of failures
  • Memory/Swap usage:
    • vm.memory.size.used: Actually used memory in bytes
    • vm.memory.size.pused: Actually used memory in %
    • system.swap.size.used: Actually used swap space in bytes
  • MySQL Information:
    • mysql.uptime: uptime of mysql server in seconds
    • mysql.threads: number of threads
    • mysql.questions: number of queries since mysql has been started
    • mysql.slowqueries: number of slow queries
    • mysql.qps: average queries per seconds
    • mysql.size: total space used by mysql databases
  • Network usage. These checks are useful if you want to monitor several SME Servers using one template (so same checks), but those servers use different interfaces configuration (eth0, eth1, br0, bond0, ppp0 etc...)
    • net.if.in.internal: Equivalent to net.if.in[ethX,bytes], but is independent of your internal interface name (eth0, bond0, br0 etc...)
    • net.if.out.internal: Equivalent to net.if.out[ethX,bytes]
    • net.if.in.external: Equivalent to net.if.in[ethX,bytes], but is independent of your external interface name (eth0, eth1, ppp0 etc...)
    • net.if.out.external: Equivalent to net.if.out[ethX,bytes]


Important.png Note:
Since version 0.1-38 of smeserver-zabbix-agent, the keys to retrieve UPS informations has changed. You now have to select the name of your UPS on the server side. The default name for an UPS in SME is UPS


  • UPS status:
    • ups.load[UPS]: Current load (in %) of your UPS
    • ups.battery.charge[UPS]: Current charge (in %) of the battery
    • ups.status[UPS]: Current status of the UPS (OL, OB, OL CHRG etc...)
    • ups.model[UPS]: Model of the UPS
  • Raid Array Monitoring:
    • raid.sw.status: Current status of your software Raid (all array)
    • raid.mega.status: Current status of your mega raid based raid array (for example, the perc5/6(i) are megaraid based). Requires additional MegaCLI package available from here: [2]

Proxy

Zabbix proxy is a lightweight daemon. It will act as a server for agents, will cache locally (in a mysql database) the information, and send it to the server it belongs to. This is useful to monitor networks elements behind a firewall.

Installation SME9

first enable the needed repo: Firewall service

db yum_repositories set fws repository \
BaseURL http://repo.firewall-services.com/centos/\$releasever \
EnableGroups no GPGCheck yes \
Name "Firewall Services" \
GPGKey http://repo.firewall-services.com/RPM-GPG-KEY \
Visible no status disabled


db yum_repositories set fws-testing repository \
BaseURL http://repo.firewall-services.com/centos-testing/\$releasever \
EnableGroups no GPGCheck yes \
Name "Firewall Services Testing" \
GPGKey http://repo.firewall-services.com/RPM-GPG-KEY \
Visible no status disabled


signal-event yum-modify

to install Zabbix proxy, just use yum:

yum --enablerepo=smecontribs,fws install smeserver-zabbix-proxy
DB Parameters
  • DbName: the name of the database used by the proxy. The default is zabbixproxydb
  • DbPassword: the password to access the database
  • DbUser: the user to access the database
  • Servers: List of servers (separated by commas) to which send the informations
  • TCPPort: TCP port on which the proxy listen. Clients will connect on the proxy as if it's a Zabbix server. The default is 10051
  • access: (private|public) If you want to open zabbix-proxy on the external interface. If you set this to public, you should use the AllowHosts key to limit the access
  • status: (enabled|disabled) Should the service be started automatically

Monitoring SME servers

If you want to monitor SME Servers with zabbix, you'll first need to install the agent as explained earlier, then configure the agent to accept connection from your server. For example, to monitor you local server (the one running zabbix-server):

db configuration setprop zabbix-agent Servers localhost active disabled passive enabled
signal-event zabbix-agent-update


Important.png Note:
After installation, the agent is configured for active checks only. Here, we disable the active checks, and enable the passive ones.


Then, just add a host in Zabbix, pointing to localhost.

Now you can start adding items (type agent (active or passive depending on the mode you use on the agent)) to this new host.

If you want to monitor SME Servers on the Internet and use passive mode, the server will initiate connections to the agent. You'll need to port-forward the port if you run in serveronly mode (the default is port 10050 TCP), or to open this port in the firewall if runing in server&gateway mode:

db configuration setprop zabbix-agent Servers w.x.y.z active disabled passive enabled access public AllowHosts w.x.y.z
signal-event zabbix-agent-update


Warning.png Warning:
If you use active checks, you need to name the host in zabbix server hostname.domainname.tld (check the file /etc/zabbix/zabbix_agentd.conf, the directive Hostname). If you don't do that, checks won't work


You can download here an archive with some XML exports of the templates I use to monitor my servers. Just extract the archive, and import the templates you want in Zabbix (using the Import/Export menu of zabbix configuration)

Each XML file represent a template in Zabbix

  • Template_SME is the main template. It'll add a lot of items for global system monitoring, triggers if load is too high, lack of free memory, httpd is down, passwd has changed etc... and also some graphs like CPU usage, memory, disk space, network usage etc... This templates requires the Template_icmp and Template_app_MySQL template
  • Template_SME_coovaChilli will add tun0 statistics (useful if you use CoovaChilli contrib). It'll also create a graph for tun0 stats
  • Template_SME_softRaid will add items and triggers for software raid monitoring. If you link a SME Server with this template, you'll be warned if one of the raid array is degraded or rebuilding
  • Template_SME_megaRaid will do the same but for MegaRaid based cards. It also requires the MegaCli utility from LSI website
  • Template_SME_nutUPS: Will add items and triggers to be warned if your UPS is on battery, or overloaded.
  • Template_icmp: will configure two items to check if the server is alive, and measure the latency. It also provides latency graphs and some triggers (if latency is too high, if host is down since more than 5min and if hosts is down for more than 1 hour)

Bugs

Please raise bugs under the SME-Contribs section in bugzilla and select the smeserver-zabbix component or use on of this link:

smeserver-zabbix-proxy

new bug for proxy

"No open bugs found."

smeserver-zabbix-agent

new bug for agent

IDProductVersionStatusSummary
12313SME Contribs10.0CONFIRMEDremove active and passive property and document better Servers vs ServerActive

zabbix-agent-addons

new bug for agent

"No open bugs found."

smeserver-zabbix-server

new bug for server

IDProductVersionStatusSummary (5 tasks)
12282SME Contribs10.0CONFIRMEDIncorrect default charset for Zabbix database: "utf8mb4" instead "UTF8, UTF8MB3".
12281SME Contribs10.0CONFIRMEDmisisng font firectory in php base dir
12279SME Contribs10.0CONFIRMEDmissing deps
11747SME Contribs10.0CONFIRMEDadd SME specific templates
11743SME Contribs10.0CONFIRMEDswitch or at least configure ldap auth