Show pagesourceOld revisionsBacklinksBack to top Share via Share via... Twitter LinkedIn Facebook Pinterest Telegram WhatsApp Yammer RedditRecent ChangesSend via e-MailPrintPermalink × Table of Contents Zabbix (server monitoring) Maintainer Description Installation mrmarkuz repo Zabbix repo NethServer Zabbix Upgrade Languages Login Authentication Zabbix agent NethServer Zabbix Agent Template Module RAID check Backup check Postfix Systemd Images Issues Links Is this Nethserver module helpful to you? Please consider donating to the author Thank you kindly! 2019/03/04 12:06 · HF Zabbix (server monitoring) Maintainer mrmarkuz | dev@markusneuberger.at | https://www.markusneuberger.at Description Zabbix, the monitoring suite on NethServer from zabbix repo. Installation mrmarkuz repo Install mrmarkuz repo to ease installation/updates. Zabbix repo You need to choose which version you like to install. Install Zabbix 5.0 LTS (recommended): yum -y install https://repo.zabbix.com/zabbix/5.0/rhel/7/x86_64/zabbix-release-5.0-1.el7.noarch.rpm Install “oldstable” Zabbix 4.0 LTS: yum -y install https://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-release-4.0-2.el7.noarch.rpm NethServer Zabbix Install nethserver-zabbix: yum -y --enablerepo=mrmarkuz,zabbix,zabbix-frontend install nethserver-zabbix Upgrade To upgrade to 5.0 LTS it is necessary to remove zabbix-web* to get the newer version with yum without conflicts. This removes nethserver-zabbix too but we will reinstall it later. I recommend a database backup in a production environment, it's included in the NethServer backup. yum -y install https://repo.zabbix.com/zabbix/5.0/rhel/7/x86_64/zabbix-release-5.0-1.el7.noarch.rpm yum -y remove zabbix-web-* yum -y install --enablerepo=mrmarkuz,zabbix,zabbix-frontend nethserver-zabbix yum -y update --enablerepo=zabbix Languages After updating you may have mixed language in Zabbix. To solve it, just change the language to something else and change it back in the user settings. Login Go to https://NETHSERVER/zabbix and login with username Admin and password zabbix. Authentication Default authentication is local db. Make sure you change the Admin password directly after first login. Changing to Samba4 AD accountprovider / LDAP accountprovider: As Admin, go to Administration / Authentication. Click LDAP tab. Check LDAP authentication checkbox. LDAP host: ldaps://ad-domain.tld (best practice is to have a not used subdomain of the domain as ad-domain) Port: 636 for ldaps, 389 for ldap. Search attribute: sAMAccountName for Samba4 accountprovider, uid for OpenLDAP accountprovider. Bind DN: check servermanager for BindDN. Default is ldapservice@domain.tld Uncheck case sensitive login (zabbix is case sensitive for accountnames, disable this if you want lower case usernames only). Bind password: check servermanager and copy-paste it. Test settings: username: valid Samba4 AD / LDAP accountname password: password of the Samba4 AD / LDAP account Click test button. If ok, click update. Change authentication to LDAP: Click Athentication tab (first Tab). Click LDAP. Click update. Zabbix needs the Samba4 AD / LDAP user pre-created in the database, without password. Go to Administration / Users Click new user (top right) Alias: username (equal as user in Samba4 AD / LDAP) groups: add group you want the user to be member of. Leave password empty Set other preferences as you need them. click add. You can now log in with the Samba4 / LDAP account. Zabbix agent Zabbix agents for various OS can be downloaded here. For NethServer you can install the rpm nethserver-zabbix-agent Once you have installed the agent on the host you want to monitor with Zabbix, you have to create a host inside the UI of Zabbix. You must use the exact FQDN hostname in Host name field that it is set inside the Zabbix agent. Do hostname in the terminal of the client to use the same FQDN (SystemName.DomainName). you have also to choose what to monitor by adding templates NethServer Zabbix Agent Features: Encryption Raid check (only linux raid by mdadm) zabbix-agent2 (drop in replacement of zabbix-agent with more features) Thanks to Stephane de Labrusse for creating and developing the NethServer Zabbix Agent. Installation yum -y install nethserver-zabbix-agent --enablerepo=mrmarkuz zabbix-agent2 Decide which zabbix-agent version you want, we cannot for backward compatibility use zabbix-agent2 by default (for now) but it brings more discovery and template like systemd monitoring that the former version cannot do. For more information you can go to the official zabbix documentation For zabbix-agent2 (which is recommended) do : config setprop zabbix-agent status disabled config setprop zabbix-agent2 status enabled Copy your plugins to the new folder of zabbix-agent2 (if you get custom plugins in your agent) cp /etc/zabbix/zabbix_agentd.d/* /etc/zabbix/zabbix_agent2.d/ restart and configure zabbix-agent2 signal-event nethserver-zabbix-agent-update To configure Encryption and the agent (see explanation below) config setprop zabbix-agent2 ServerZabbix <Zabbix server hostname or IP> config setprop zabbix-agent2 PskId MyHumanUnicalString signal-event nethserver-zabbix-agent-update Configuration The agent needs to know its server: config setprop zabbix-agent ServerZabbix <Zabbix server hostname or IP> signal-event nethserver-zabbix-agent-update Encryption If you want to enable the encryption because your zabbix agent host is on a public network and not behind your firewall, you have to use a Human readable string for identifying the agent host, a pre-shared-key is automatically created in the agent host to encrypt the communication between the agent and the remote zabbix server config setprop zabbix-agent PskId MyHumanUnicalString signal-event nethserver-zabbix-agent-update Now to enable encryption between server and agent you need to set PSK from and to host, PSK identity and PSK in the Zabbix web portal of the host settings. The PSK is saved on the Agent side in /etc/zabbix/psk.shared The PSK identity is the property value of PskId See this howto Template Module Zabbix can be extended by adding some templates, for now manually RAID check In the Zabbix Web Portal an XML file needs to be imported, see Zabbix manual how to import templates. With this custom template, zabbix will discover your raid settings and will create an alert in case of degraded array. Only the linux raid by MDADM is supported Backup check To check Nethserver backups, Emiliano Vavassori provides following RPM: https://github.com/syntaxerrormmm/zbx-nethbackup-check Postfix Follow the instructions at stephdl github You will see three new graphs (once you have enabled the monitoring template to your host), you will receive alerts when you have too much bounce/rejected or if the smtp service is down. Systemd To monitor systemd service you need to use the zabbix-agent2, once enabled (see above) you need to follow the instruction at stephdl github When a service does not satisfy its conditional start but it is enabled by systemd, it is seen as failed. The default is that mdadm and iscsi services do not satisfy their conditional start, hence they are in HIGH alert. If you do not need these services (or any other service warnings) you can disabled the trigger by clicking on the alert then configuration and uncheck the enabled checkbox. The first dicovery needs at least few time, each minute the services are probed and give back an alert if needed Images Thanks to Andy Wismer for providing the map images. https://github.com/Andy-Wismer/Zabbix Issues Please raise Issues on NethServer Community Links Community threads: https://community.nethserver.org/t/zabbix-5-0-lts-has-been-released https://community.nethserver.org/t/zabbix-and-mrmarkuz-repo-testing https://community.nethserver.org/t/howto-install-zabbix-3-4 Optimize Postgres Database: https://e-mc2.net/using-zabbix-postgresql-database-backend module mrmarkuzrepo zabbix.txt Last modified: 2021/07/23 23:45by Markus Neuberger