Scribd
Upload
83 views3 pages

Resumo A2

- The Zabbix agent is a process that collects data from monitored devices and applications and sends it to the Zabbix server. It has low resource usage and supports both passive and active monitoring modes. - Triggers in Zabbix represent the current system state based on data collected by items and allow defining thresholds to detect problems. Templates help manage monitoring for many hosts by grouping common metrics.

Uploaded by

Higor Medeiros
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
83 views3 pages

Resumo A2

- The Zabbix agent is a process that collects data from monitored devices and applications and sends it to the Zabbix server. It has low resource usage and supports both passive and active monitoring modes. - Triggers in Zabbix represent the current system state based on data collected by items and allow defining thresholds to detect problems. Templates help manage monitoring for many hosts by grouping common metrics.

Uploaded by

Higor Medeiros
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

Zabbix Agent installation

- Zabbix agent is a process deployed on monitoring targets


- Developed in C language
- Roda em todas plataforma: win, lin etc
- Collects data from a device or application
- Has very low memory footprint and resource usage
- Can work in passive and active modes
- Uses a JSON based protocol for communication with Zabbix server
- dnf install zabbix-agent
systemctl start zabbix-agent
systemctl enable zabbix-agent
- zabbix_agentd.conf configurar o server do zabbix
- Zabbix Agent 2 is written in Go
Can't be installed as a Windows service
SQLite can be used to buffer data
Extens�vel com plugins
Reduce the number of TCP connections

Zabbix agent Passive checks:


- A passive check is a simple data request
Zabbix server or proxy asks for some data (for example, CPU load) and Zabbix
agent sends
back the result to the server/proxy
- Configuration > Hosts > {host} > Interfaces IP/DNS and Port
Configura o IP do agente ou DNS (afinal n�s teremos q consult�-lo)
- � uma das poucas coisas q se configura qdo cria um host (claro q tem tb templates
pra associar, macros...)
- Zabbix Server (poller) --request system.cpu.load --> Zabbix Agent |
zabbix_agentd.conf
Server=<IP/DNS>
Timeout=3s
Listening port 10050/TCP

zabbix_agentd
<-----response to poller-------collects metrics
- Alguns keys:
Host name system.hostname[<type>]
Availability agent.ping
Remote services net.tcp.service[service,<ip>,<port>]
Processes proc.num[<name>,<user>,<state>,<cmdline>]
Disk space availability vfs.fs.size[fs,<mode>]
Directory entry count vfs.dir.count[dir]
Network net.if.in/out/total[interface]
Memory availability vm.memory.size[<mode>]
CPU load (Unix) system.cpu.load[<cpu>,<mode>]
CPU utilization (Win) system.cpu.util[<cpu>,<type>,<mode>]
- Linha de comando (no agente): zabbix_agentd -t system.cpu.load
zabbix_agentd -t "vfs.file.regexp[/etc/passwd,root]"
- Retrieves information from remote passive Zabbix agent daemons:
podemos checar alguns par�metro do agente
zabbix_get -s 127.0.0.1 -k system.cpu.load

Agent must be configured to accept incoming connection from machine executing


zabbix_get

Zabbix agent Active checks


- Agent retrieves a list of ITEMS from Zabbix server for independent processing
� On agent start
� Every 120 seconds
- Periodically SENDS NEW VALUES to server in bulk
� Every 5 seconds and clears buffer
� When buffer is full (if it happens faster than 5 seconds)
� Local system timestamp is used for collected values
- Can buffer data in memory if connection is lost
- AGENT --> ZABBIX SERVER (TRAPER)
- zabbix_agentd.conf:
ServerActive=<IP/DNS>
Hostname=student-XX
- Passive (polling) : Icone ZBX|SNMP|JMX|IPMI verde no ZBX
Active (trapping)
- Zabbix agent diferen�as:
Passive checks related
Server=<IP/DNS>
ListenPort=10050 (escuta pelo server)
StartAgents=3
Active checks related
ServerActive=<IP/DNS>
Hostname=<hostname>
RefreshActiveChecks=120
BufferSize=100
BufferSend=5
- ZABBIX AGENT ON MICROSOFT WINDOWS:
key to monitor all windows eventlogs (must be active check)
eventlog[name,<regexp>,<severity>,<source>,<eventid>,<maxlines>,<mode>]

Discovery of Windows services


service.discovery - reports back JSON object containing Windows services

Windows service monitoring item


key: service.info[service,<param>]
param values: display name, state, path, user, startup or description

Listing of services
key: services[<type>,<state>,<exclude>]
� type - all (default), automatic, manual or disabled
� state - all (default), stopped, started etc.
� exclude - services to exclude from the result.

Value of any performance counter


perf_counter[counter,<interval>]

WMI queries are performed with WQL


key: wmi.get[<namespace>,<query>]
Ex Status of the first physical disk
� wmi.get["root\cimv2,select status from Win32_DiskDrive where Name like
'%PHYSICALDRIVE0%'"]

MACROS:
- Syntax: {MACRO.NAME}
- Used in various places
� Hosts and templates {HOST.NAME}, {HOST.CONN}
� Triggers {ITEM.VALUE}, {ITEM.LASTVALUE}
� Tags
� Notifications {EVENT.DATE}
� Web monitoring
- User: {$MACRO.NAME}
Three levels
� Global (Administration > General > Macros)
� Template (Configuration > Templates > {template} > Macros)
� Host (Configuration > Hosts > {host} > Macros)
- ex net.tcp.service[ssh,{$SSH.PORT}]
- Inheritance can be seen and modified on templates and hosts

Problem detection
Triggers
- Triggers are logical expressions that �evaluate� data gathered by items
- Represents current system state
- Allows to define a threshold (state of data is "acceptable"/"not acceptable")
- sTATUS:
OK normal trigger state.
PROBLEM something happened. For example, the processor load is too high.
- When trigger changes state new event is created
- Trigger status (expression) is recalculated every time Zabbix server receives a
new value
that is part of the expression
- Triggers are evaluated based on history data only; trend data are never
considered
- Suporta macros, como as de sistema:
{HOST.HOST}, {HOST.NAME}, {HOST.CONN}, {HOST.DNS}, {HOST.IP}, {ITEM.VALUE}
- Operational data: ex item.last (ultimo valor)
If not configured, latest values of all items from the expression are displayed
- Severity: High, Informative, etc
- ex: {host1:item1.func(5m)}>10 and {host1:item2.func(5m)}>5
{ Zabbix : system.uptime . last() } < 10m
- Functions: min(), max(), avg(), last(), diff(), count(), delta(), time(), etc
- pode ter a recovery expression para recolocar em ok (por ex, somente apos 5 pings
ok volta)
- Triggers have an option to define custom event tags
Trigger may have several tags with the same name, but different values

TEMPLATES
- Template is a set of entities that can be applied to multiple hosts
- Easily set up and manage monitoring for hundreds, thousands of hosts
- Ex: v�rios hosts tem m�tricas semelhantes, d� pra agrupar num template e
distribuir p cada host
- You can use the Clone and Full clone buttons in the form of an existing template
or host to create a new one
[Clone] Will retain all parameters and linkage (e.g. keeping all entities
from the templates)
[Full clone] Full clone will additionally retain directly attached entities
(applications, items,
triggers, etc.)

You might also like