Zabbix

From SME Server
Revision as of 21:51, 23 March 2009 by VIP-ire (talk | contribs) (small typo)
Jump to navigation Jump to search


Maintainer

Daniel B.
Firewall Services
mailto:daniel@firewall-services.com


  Incomplete:
This article or section needs to be expanded. Please help to fill the gaps or discuss the issue on the talk page


Description

Zabbix offers advanced monitoring, alerting and visualisation features today which are missing in other monitoring systems, even some of the best commercial ones:

Features

Here are some of the features provided by Zabbix:

  • Distributed monitoring
    • Centralized configuration
    • Centralized access to all data
    • Up-to 1000 of nodes
    • Unlimited number of proxies
  • Scalability
    • Tested with 10,000 monitored devices and servers
    • Tested with 100,000 availability and perfomance checks
    • Processing of thousands of availability and performance checks per second
  • Real-time monitoring
    • Performance monitoring
    • Availability monitoring
    • Integrity monitoring
    • Flexible notification conditions
    • Alerting users (Email, SMS, Jabber)
    • Logging
  • Visualisation
    • User-defined views and slide shows
    • Mapping
    • Graphing (including pie charts)
    • Zooming
  • Fast Problem Resolution
    • Send alerts via email, cell phone, SMS or audio alerts
    • Execute remote commands
  • Assuring SLA
    • Hierarchial IT Services
    • Real-time SLA reporting
  • Reporting and trending
    • Easy integration of 3rd party tools
    • Analysis of yearly/monthly/daily statistics
    • SLA reports
  • XML data import/export
    • Easy sharing of templates
  • Auto discovery
    • Discovery by IP range, services and SNMP
    • Automatic monitoring of discovered devices
  • WEB monitoring
    • WEB performance and availability monitoring
    • Flexible scenarios
    • Support of POST and GET methods
  • Flexibility
    • Support of IPv4 and IPv6
    • Easily extendable native agents
    • Any notifications methods
    • Runs on any platform
  • Pro-active monitoring
    • Automatic execution of remote commands
    • Automatic IPMI commands
  • Aggregate monitoring
    • Monitoring of a group of hosts as a single host
  • Agentless monitoring
    • Monitoring of remote services (FTP, SSH, HTTP, other)
    • Support of SNMP v1,2,3
    • Support of IPMI
    • SNMP traps
  • High performance agents
    • All platforms supported (UNIX, Windows, Novell)
    • Memory utilisation
    • Network utilisation
    • Disk I/O
    • Disk space availability
    • File checksums
    • Monitoring of log files
    • And more...
  • Security
    • Flexible user permissions
    • Authentication by IP address
    • Protection against brute force attacks
  • Escalations and notifications
    • Repeated notifications
    • Unlimited escalations
    • Recovery messages
    • Be notified while problem is not resolved
  • Management functions
    • Ping, traceroute to a host
    • Any other functions
  • Dashboard
    • Personalized dashboard
    • Favourite resources
    • High level view
  • Agent-based monitoring
    • Native agent for any platform
    • Immune to connection problems
  • Open Source Solution
    • No license driven limitations
    • Access to source code
    • Open to code audit
  • Easy Administration
    • Very fast learning curve
    • All data is stored in a database (Oracle, MySQL, PostgreSQL, SQLite)
    • Centralised configuration and storage of information
  • All Information is Available Online
    • ZABBIX Manual
    • ZABBIX Forums
    • ZABBIX Wiki
  • Backed by ZABBIX Company
    • Annual support agreements
    • Turn-key solutions
    • Technical Account Manager
    • Professional Services
  • and more...

Full documentation

This wiki page is not a complete guide for Zabbix, but just a starting point to run it on your SME Server using this contrib. For a complete documentation, please refere to the project documentation: http://www.zabbix.com/documentation.php

Versions

Here are informations about the latest release of each component:

Contrib 10:
Devel 9:
Contrib 9:
smeserver-zabbix-server
The latest version of smeserver-zabbix-server is available in the SME repository, click on the version number(s) for more information.


zabbix-server
The latest version of zabbix-server is available in the SME repository, click on the version number(s) for more information.


Contrib 10:
smeserver-zabbix-agent
The latest version of smeserver-zabbix-agent is available in the SME repository, click on the version number(s) for more information.


Alpha 9:
zabbix-agent
The latest version of zabbix-agent is available in the SME repository, click on the version number(s) for more information.


smeserver-zabbix-proxy
The latest version of smeserver-zabbix-proxy is available in the SME repository, click on the version number(s) for more information.


zabbix-proxy
The latest version of zabbix-proxy is available in the SME repository, click on the version number(s) for more information.




Requirements

  • SME Server 7.X
  • php-bcmath (smeserver-zabbix-server only): if you have the standard php4 module, it should be ok. If you have upgraded to php5 from centosplus repo, you should manually install php-bcmath package

Components

Zabbix is composed of four major components:

  • The server (the main part). The server will store and analyse the different data, send alerts, etc...
  • The web interface (which is automatically installed with the server with this contrib)
  • The agent, which gathers informations on the different hosts you monitor
  • The proxy, which is an optional part, can be used to collect performance and availability data locally, and send it to the server

Server

The server is the core component of Zabbix software. It uses one database (MySQL in this contrib) to store configuration, performance and integrity informations. The server can check network services with simple check (icmp, tcp etc...) for agent-less monitoring, it can monitor network devices using snmp and is also the central component to which agent report informations (agent can work in active, passive, or both mode). The server will also analyze all the informations and send alerts depending on very flexible triggers.

Installation

to install Zabbix server, just use yum:

yum --enablerepo=smecontribs install smeserver-zabbix-server
DB Parameters

Here's the list of available DB parameters for zabbix-server service on SME:

  • DbName: The name of the database where everything is stored. Default is 'zabbixdb'
  • DbPassword: The password of the database. A random password is generated during the installation
  • DbUser: The user name to access the database. Default is zabbixuser
  • JabberAccount: Account used to send jabber notification
  • JabberServer: Jabber server to use to send notifications
  • JabberPassword: Password for the account (for "JabberAccount")
  • JabberTLS: (enabled|disabled) Does your Jabber server requires TLS security
  Note:
The different Jabber settings above are not for the builtin jabber notification function (because I couldn't get it working as my server reuiqres TLS and the builtin feature do not support it). But I've included a external script using sendxmpp to send the notification. You should have a media called 'xmpp' in zabbix administration.


  • NodeID: The node ID of your server. If you don't use ditributed monitoring (just one central zabbix server), you should let this to 0
  • TCPPort: Port used for agent<->server (and proxy<->server) communication. The default is 10051
  • TimeZone: It's very important for zabbix to know your timezone (PHP TimeZone setting). Unfortunally, SME do not set it. You can specify your timezone. This setting will only affect Zabbix
  • WebAccess: (local|public|disabled) From where you'll be able to access the web interface. You can set it to disabled if you want to disable the web interface (for example, if your server is a node of a distributed environment)
  • access: (public|local) From where zabbix port will be available (controlled by TCPPort). You should restrict the access to a list of host with the AllowHost key if you set public here.
  • status: Should the service be started automatically ?


Once you have everything configured like you want, just issue

signal-event zabbix-server-update

to expand the templates and restart the needed services.

Web Interface

The main web interface is available (if not disabled with teh key WebAccess) on https://server.domain.tld/zabbix. The default user is admin, with password 'zabbix' (you should change this password ASAP)

Here are some screenshots of what you can get with zabbix

 
CPU Usage Graph
 
Memory Usage Graph
 
Network Usage Graph
  Note:
You can select a period on any graph. With this great feature, you can easily zoom on a period of time to analyse things with hight precision


 
Incoming mails statistics
 
Screen
  Note:
You can display as many graphs as you want in one screen, automatically refresh it, change it (display network graphs of hosts 1 during 2minutes, then display hardware graphs of hosts2 for 3 minutes etc...)


 
Triggers overview
 
Hosts Map
  Note:
this is a very simple map, you can make it look nicer



For more screenshots, you can have a look at the project website here

Agent

Zabbix agent is a very small daemon which will gather informations about the host being monitored, and report it to one or several server(s) (or proxy(s)). Agents can run in active or passive mode (or both):

  • In active mode, the agent will make outgoing connection to the server (port 10051 by default).
  • In passive mode, the server will connect to the agent (on port 10050 by default).

Please read Chap. 2.3.4.ZABBIX Agent page 39 and Chap. 3.3.ZABBIX Agent (UNIX, standalone daemon) of the manual for more informations on Zabbix agent.

Installation

to install Zabbix agent, just use yum:

yum --enablerepo=smecontribs install smeserver-zabbix-agent
DB parameters

Here's the list of available DB parameters for zabbix-agent service on SME:

  • RemoteCommands: (enabled|disabled). If you want to enable remote commands on zabbix agent (you should read the zabbix documentation). Please, be aware that there're security implications if you enable it. The default is disabled
  • ServerPort: port to contact the server when running in active mode. Default to 10051
  • Servers: List of servers (or proxy), separated by commas, to which send informations. The first one may be used for active checks, the others are only for passive mode
  • TCPPort: TCP port on which the agent will listen if passive mode is enabled
  • access: (public|private) If you want to open the agent on the public interface (only usefull if passive is enabled). If you set this to 'public' you should use the AllowHost key to limit the access
  • active: (enabled|disabled) Do you want to enabled the active mode
  • passvie: (enabled|disabled) Do you want to enable the passive mode
  • status: (enabled|disabled) Should the service be automatically started
Additional checks

Even if zabbix agent is great and support natively a lot of checks, some were missing for my use, so I've added some UserParameters entries in the configuration file. For each of this check, you should add a new item with the name of the check as the key. Configuring the corresponding checks on the server can be quite long. You can have a look at the templates I use to monitor SME Servers. This file is an XML export of my templates. You can use the Import/Export functionality of zabbix (Manual Chap. 8.XML IMPORT AND EXPORT page 154) to import it on your server.

You can also have a look at the configuration file /etc/zabbix/zabbix_agentd.conf (at the end of the file) to see the commands used to return the corresponding values.

Please, read chapter 4.11.User Parameters page 119 of the manual to have more informations on how UserParameters works.

  • External IP:
    • ip.external: Return the real external IP address.
  • Incomming mails statistics:
    • mail.in.denied.dnsbl: number of emails rejected by DNSBL since the last run
    • mail.in.denied.rhsbl: number of emails rejected by RHSBL since the last run
    • mail.in.denied.clamav: number of emails rejected by CLAMAV since the last run
    • mail.in.denied.earlytalker: number of emails rejected by EARLYTALKER since the last run
    • mail.in.denied.basicheaders: number of emails rejected by BASICHEADERS since the last run
    • mail.in.denied.goodrcptto: number of emails rejected by GOODRCPTTO since the last run
    • mail.in.denied.spamhelo: number of emails rejected by SPAMHELO since the last run
    • mail.in.denied.total: sum of rejected emails (sum of the above checks) since the last run
    • mail.in.denied.spam: number of emails rejected by SPAMASSASSIN since the last run
    • mail.in.denied.other: number of emails rejected by others checks since the last run
    • mail.in.queued.spam: number of emails queued but marked as spam by SPAMASSASSIN since the last run
    • mail.in.queued: number of emails queued (HAM) since the last run
    • mail.in.total: number of emails received since the last run (accept + denied)
  • Outgoing mails statistics
    • mail.out.total: sum of outgoing emails since the last run
    • mail.out.success: number of successful transmitted emails since the last run
    • mail.out.deferral: number of deferred emails since the last run
    • mail.out.failure: number of failures since the last run
  • Memory/Swap usage
    • vm.memory.size.used: Actually used memory in bytes
    • vm.memory.size.pused: Actually used memory in %
    • system.swap.size.used: Actually used swap space in bytes
  • MySQL Informations
    • mysql.uptime: uptime of mysql server in seconds
    • mysql.threads: number of threads
    • mysql.questions: number of queries since mysql has been started
    • mysql.slowqueries: number of slow queries
    • mysql.qps: average queries per seconds
    • mysql.size: total space used by mysql databases
  • Network usage. These checks are usefull if you want to monitor several SME Servers using one template (so same checks), but those servers use different interfaces configuration (eth0, eth1, br0, bond0, ppp0 etc...)
    • net.if.in.internal: Equivalent to net.if.in[ethX,bytes], but is independent of your internal interface name (eth0, bond0, br0 etc...)
    • net.if.out.internal: Equivalent to net.if.out[ethX,bytes]
    • net.if.in.external: Equivalent to net.if.in[ethX,bytes], but is independent of your external interface name (eth0, eth1, ppp0 etc...)
    • net.if.out.external: Equivalent to net.if.out[ethX,bytes]
  • UPS status
    • ups.load: Current load (in %) of your UPS
    • ups.battery.charge: Current charge (in %) of the battery
    • ups.status: Current status of the UPS (OL, OB, OL CHRG etc...)
    • ups.model: Model of the UPS

Proxy

Zabbix proxy is a lightweight daemon. It will act as a server for agents, will cache locally (in a mysql database) the informations, and send it to the server it belongs to. This is useful to monitor networks elements behind a firewall.

Installation

to install Zabbix proxy, just use yum:

yum --enablerepo=smecontribs install smeserver-zabbix-proxy
DB Parameters
  • DbName: the name of the database used by the proxy. The default is zabbixproxydb
  • DbPassword: the password to access the database
  • DbUser: the user to access the database
  • Servers: List of servers (separated by commas) to which send the informations
  • TCPPort: TCP port on which the proxy listen. Clients will connect on the proxy as if it's a zabbix server. The default is 10051
  • access: (private|public) If you want to open zabbix-proxy on the external interface. If you set this to public, you should use the AllowHosts key to limit the access
  • status: (enabled|disabled) Should the service be starte dautomatically

Monitoring SME servers

If you want to monitor SME Servers with zabbix, you'll first need to install the agent as explained earlier, then configure the agent to send informations to your server. For example, to monitor you local server (the one running zabbix-server):

db configuration setprop zabbix-agent Servers localhost
signal-event zabbix-agent-update


Then, just add a host in zabbix, pointing to localhost. Remember, the default mode for the agent is active mode only, so you'll have to name this new host <hostname>.<domain.tld>, then enter 127.0.0.1 in the IP address field.

Now you can start adding items (type agent (active)) to this new host.

You can download here an XML export of the templates I use to monitor some servers. Just extract the archive, and import it in zabbix (using the Import/Export menu of zabbix configuration) It'll create some new templates in zabbix:

  • Template_SME is for agents running in active mode (default of the contrib)
  • Template_SME_dynip is for agents running in passive mode (I use it to monitor SME Servers with a dynamic IP address)
  • Template_SME_hostpot will add tun0 statistics (usefull if you use CoovaChilli contrib)

If you use one of this template, it'll configure a lot of items, graphs, triggers. Of course, you'll need to adjust it to your needs.

Templates Template_SME and Template_SME_dynip are based on other templates you can use for other hosts (non SME):

  • Template_all uses only icmp checks. It'll enable latency graphs and triggers if latency is too high or if the host is down
  • Template_nutUPS can monitor the status of your UPS. It needs the UserParameters ups.load ups.battery.charge ups.status and ups.model which are allready configured on the agent on SME.
  • Template_app_MySQL: reports mysql statistics


Bugs

Please raise bugs under the SME-Contribs section in bugzilla and select the smeserver-zabbix component or use on of this link:


server

agent

proxy