The Zabbix project began in 1998 when Alexei Vladishev started working on an internal project. By 2001, it was released in alpha and the first stable release was in 2004. Six years is a long time for a project to reach stable release, but Zabbix is an ambitious undertaking.
Zabbix uses a variety of mechanisms to collect data. It supports SNMP gets and also provides an installable host agent. The host agent supports passive and active checks -- queries that only return data to be processed by the server versus those that require processing by the client prior to returning the check response to the server. It is also designed to be scalable, providing a data-collecting proxy and a Java JMX application-monitoring proxy -- the Zabbix Java Gateway.
It is reasonably easy to install and configure the basic functionality. But Zabbix is not an entry-level application. An experienced administrator is necessary to design and install a full-featured deployment. For example, implementing SNMP checks is described on the supporting documentation web page, but the administrator configuring the checks needs to have some familiarity with SNMP MIBs to obtain useful (and appropriate) OIDs. Adding functionality beyond the considerable amount available out-of-the-box also requires some regular expression knowledge.
Even the Debian Wheezy installation requires some extra work. Debian's apt packaging system is normally very good at installing all of the dependencies. Not so with Zabbix. It took some hunting around the blogosphere to figure out a workable installation. Start by installing the Postfix Mail Server and MySQL database. Zabbix also supports Postgres databases, but the virtual machine test environment in which this is deployed is served well by MySQL.
Zabbix Installation
The command line installation requires three steps:
- apt-get install postfix postfix-mysql mysql-client mysql-server
- apt-get install apache2 apache2-mpm-prefork apache2-utils libexpat1 libapache2-mod-php5 php5-common php5-gd php5-mysql php5-cli php5-cgi libapache2-mod-fcgid php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick php5-curl libcurl4-openssl-dev
- apt-get install zabbix-agent zabbix-server-mysql zabbix-frontend-php phpmyadmin
The video below illustrates these three steps with prompted configurations designed for the test environment.
Upon completing the command line installation, copy the zabbix apache configuration file to the apache conf.d directory and procede with the web-based installation. You will have to correct the php.ini file, create and populate a zabbix database, install the zabbix.conf.php configuration file, modify the /etc/default/zabbix_server file and update the /etc/zabbix/zabbix_server.conf file with the correct username and password. These steps are illustrated in the video below.
Unlike many Debian LAMP applications that are installed but securely locked down, there is a bit more work to deploy Zabbix. First, copy the /usr/share/doc/zabbix-frontend-php/apache.conf file, renaming it as /etc/apache2/conf.d/zabbix.conf. Use PHPMyAdmin to create and populate a zabbix database. The installation is now ready to continue with the Zabbix web installer. Browse to http://<servername>/zabbix. It first checks the /etc/php5/php.ini file and the default installation requires some modifications. These are clearly indicated. Once the edits are complete, recheck and proceed. Next, configure Zabbix for the MySQL server. Then supply the Zabbix server name and review the final check. Download the zabbix.conf.php file and upload it to the server's /etc/zabbix directory. The server is now almost ready to use. Modify the /etc/default/zabbix-server file from the default START=no to START=yes. Then, provide the mysql user "root" and its password to the /etc/zabbix/zabbix_server.conf file.
Zabbix Configuration
Discovery
Browse to http://<servername>/zabbix and supply the default user name "admin" and password "zabbix". The default theme is clean and attractive, but I prefer darker colors and change the theme to Black and Blue.
On a production deployment, one of the first things to configure appears near the end of the support site's documentation: Discovery. This is a great feature, even when implemented in a basic form. Zabbix provides a very configurable discovery system that saves a lot of work for an administrator who knows how to set it up.
Agents
The first step is to deploy Zabbix Agents on the monitored hosts. Many operating systems are supported, but only Linux and Windows are described here. The Linux client is well documented. There are only three mandatory changes to apply: Server, ServerActive and Hostname. The first two define the IP address of the Zabbix server for passive and active checks. The third provides the unique host name to the server. The Windows client configuration file is a deplorable mess: a long string of characters lacking carriage returns. Just add the three lines above to the file and call it good enough for now.
Host Groups
Devices may be logically grouped by type using Host Groups. "Linux Servers is included by default. For this example, add a group "Windows Servers" to display them under one heading.
Templates
Templates provide a configurable set of monitoring, trigger and display items and a large number are included by default. For this example, modify "Template OS Linux" and "Template OS Windows" to add a default SNMP community string "public" to the OS templates.
Actions
There is much more to Discovery than simply pinging hosts or identifying agents. The Discovery - Agent interaction may be programmed to take care of a great deal of drudgery using Actions. Actions specify Operations to perform when specified Conditions are met. Take this rule, for instance. The Conditions specify the returned Zabbix Agent OS value is like "Linux" and the Operation is to place the Server in the Host Group "Linux Servers" and apply the monitoring Template "Template OS Linux" to the host. With no further manual work, discovered hosts are configured with a reasonably comprehensive set of monitoring rules. Clone this rule and change the OS value to "Windows" and the actions to automatically add Windows hosts to the Windows Host Group and apply the Template OS Windows.
Discovery
The default installation is disabled and configured to search the 192.168.1.1-255 network. Modify that value to match your local addressing scheme, but restrict the Discovery Process to one subnet at a time, preferably a 24-bit netmask. By default, this Discovery Process will look for hosts using Zabbix Agent queries and ICMP pings.Continue adding subnets to define the set of hosts to be monitored. How many you initially configure depends upon the hardware on which Zappix is deployed, but test with three to ten. It is a bit resource hungry when fully operational.
Agents
The first step is to deploy Zabbix Agents on the monitored hosts. Many operating systems are supported, but only Linux and Windows are described here. The Linux client is well documented. There are only three mandatory changes to apply: Server, ServerActive and Hostname. The first two define the IP address of the Zabbix server for passive and active checks. The third provides the unique host name to the server. The Windows client configuration file is a deplorable mess: a long string of characters lacking carriage returns. Just add the three lines above to the file and call it good enough for now.
Host Groups
Devices may be logically grouped by type using Host Groups. "Linux Servers is included by default. For this example, add a group "Windows Servers" to display them under one heading.
Templates
Templates provide a configurable set of monitoring, trigger and display items and a large number are included by default. For this example, modify "Template OS Linux" and "Template OS Windows" to add a default SNMP community string "public" to the OS templates.
Actions
There is much more to Discovery than simply pinging hosts or identifying agents. The Discovery - Agent interaction may be programmed to take care of a great deal of drudgery using Actions. Actions specify Operations to perform when specified Conditions are met. Take this rule, for instance. The Conditions specify the returned Zabbix Agent OS value is like "Linux" and the Operation is to place the Server in the Host Group "Linux Servers" and apply the monitoring Template "Template OS Linux" to the host. With no further manual work, discovered hosts are configured with a reasonably comprehensive set of monitoring rules. Clone this rule and change the OS value to "Windows" and the actions to automatically add Windows hosts to the Windows Host Group and apply the Template OS Windows.
Discovery
The default installation is disabled and configured to search the 192.168.1.1-255 network. Modify that value to match your local addressing scheme, but restrict the Discovery Process to one subnet at a time, preferably a 24-bit netmask. By default, this Discovery Process will look for hosts using Zabbix Agent queries and ICMP pings.Continue adding subnets to define the set of hosts to be monitored. How many you initially configure depends upon the hardware on which Zappix is deployed, but test with three to ten. It is a bit resource hungry when fully operational.
If you plan to monitor devices for which there are no Zabbix Agents -- such as switches and routers -- you should also add SNMP to the Discovery options. Provide the read-only community (typically public) and OID ifDescr and SNMP will search for Ethernet interfaces.
The following video depicts the above Discovery and Actions processes.
The following video depicts the above Discovery and Actions processes.
Zabbix Screens
Screens are a customizable way to aggregate information. There is a great variety of information that may be presented, and one example does not suffice. However, the video below shows how to add all of the network's WAN interfaces to a screen, an external URL to a NagVis visualization and the private interfaces for the Philadelphia router and Domain Controller. Once configured, the Domain Controller begins a download and WAN links begin to fail. Since the WAN routers use OSPF, they quickly fail over to live routes and the download continues. Zabbix graphs depict the traffic on WAN links throughout the scenario.Zabbix Alerts
Monitoring systems need to provide notifications. Zabbix provides well-implemented notification and tracking. First, add additional monitoring functionality to the SAN servers by applying Template SNMP Disks. Then create a user and the User Group SAN Admins.Unfortunately, Zabbix does not have readily configured topology logic in its alert system. For instance, if a router fails, Zabbix will alert not only the router has failed, but also any hosts behind it that are now unreachable. Thus, administrators are flooded with alerts that distract from the root cause of the problem: a failed router. This situation leads to confusion and additional difficulty diagnosing problems.
Thus, while Zabbix is very useful and one of the best Debian systems visualization packages available, it is primarily a host monitoring tool and not an enterprise-class systems management tool. It is well worth deploying for host trending and visualizations, but has drawbacks that do not recommend its use as an enterprise-class monitoring tool.