One of the issues I have with Observium is how limited the Device Discovery is. Not all SNMP devices are recognized, and there is no way to customize the system with new Device MIB Files. Zabbix was recommended to me by a couple of former coworkers, so I decided to give it a shot.
First I built a standard CentOS 7 VM and ran
yum update
Next I installed the Zabbix Repository RPM
[root@zabbix ~]# rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
Retrieving http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
warning: /var/tmp/rpm-tmp.434W6N: Header V4 DSA/SHA1 Signature, key ID 79ea5ed4: NOKEY
Preparing… ################################# [100%]
Updating / installing…
1:zabbix-release-3.0-1.el7 ################################# [100%]
The next step is to install the Zabbix Server and Web Frontend with MySQL.
yum install zabbix-server-mysql zabbix-web-mysql
Next we install the zabbix agent in order to allow the server to monitor itself
yum install zabbix-agent
Next we need to install MySQL
yum install mariadb-server
Next we enable and start the service
systemctl enable mariadb
systemctl start mariadb
Now we set the root password for the database by running
mysql_secure_installation
You will see a handful of questions, and you should evaluate them individually. My responses are not the most secure but for a demo they are fine to use.
[root@zabbix ~]# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!In order to log into MariaDB to secure it, we’ll need the current
password for the root user. If you’ve just installed MariaDB, and
you haven’t set the root password yet, the password will be blank,
so you should just press enter here.Enter current password for root (enter for none):
OK, successfully used password, moving on…Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
… Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.Remove anonymous users? [Y/n] y
… Success!Normally, root should only be allowed to connect from ‘localhost’. This
ensures that someone cannot guess at the root password from the network.Disallow root login remotely? [Y/n] n
… skipping.By default, MariaDB comes with a database named ‘test’ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.Remove test database and access to it? [Y/n] y
– Dropping test database…
… Success!
– Removing privileges on test database…
… Success!Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.Reload privilege tables now? [Y/n] y
… Success!Cleaning up…
All done! If you’ve completed all of the above steps, your MariaDB
installation should now be secure.Thanks for using MariaDB!
We login to the database as the root user and create the Zabbix Database
mysql -uroot -p
From the mysql prompt enter the following to create the database
create database zabbix character set utf8;
Then we grant the zabbix server rights to the database. You can change “Changeme123” to whatever password you wish.
grant all privileges on zabbix.* to zabbix@localhost identified by ‘Changeme123‘;
Finally apply the new permissions and exit the database prompt
flush privileges;
quit;
Next we need to import the schema and data into the Database. It will prompt you for a password, of which the zabbix password set above can be used.
zcat /usr/share/doc/zabbix-server-mysql-3.0.9/create.sql.gz | mysql -u zabbix -p zabbix
Open the following configuration file and go to line 115
vim /etc/zabbix/zabbix_server.conf
Your output should look like below after you have made the recquired changes
### Option: DBPassword
# Database password. Ignored for SQLite.
# Comment this line if no password is used.
#
# Mandatory: no
# Default:
DBPassword=Changeme123
Next we update the system for the special PHP server Settings that Zabbix needs and open the following file.
vim /etc/httpd/conf.d/zabbix.conf
Go to line 19 and change the PHP value to be your timezone. You can determine your closet timezone here.
My file looks like below
#
# Zabbix monitoring system php web frontend
#Alias /zabbix /usr/share/zabbix
<Directory “/usr/share/zabbix”>
Options FollowSymLinks
AllowOverride None
Require all granted<IfModule mod_php5.c>
php_value max_execution_time 300
php_value memory_limit 128M
php_value post_max_size 16M
php_value upload_max_filesize 2M
php_value max_input_time 300
php_value always_populate_raw_post_data -1
php_value date.timezone America/New_York
</IfModule>
</Directory><Directory “/usr/share/zabbix/conf”>
Require all denied
</Directory><Directory “/usr/share/zabbix/app”>
Require all denied
</Directory><Directory “/usr/share/zabbix/include”>
Require all denied
</Directory><Directory “/usr/share/zabbix/local”>
Require all denied
</Directory>
Next we go to the host specific httpd configuration file.
vim /etc/httpd/conf/httpd.conf
Go to line 95 and change it from
#ServerName http://www.example.com:80
to
ServerName <YOURIPADDRESS>:80
Next we restart httpd
systemctl restart httpd
Before we start the Zabbix Server you need to give the Zabbix User rights to certain folders.
chown -R zabbix:zabbix /var/log/zabbix
chown -R zabbix:zabbix /var/run/zabbix
chmod -R 775 /var/log/zabbix/
chmod -R 775 /var/run/zabbix/
Next we execute the following and let th zabbix_agentd what configuration file to use
/usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf
Next we disable SELINUX
setenforce 0
Now we need to allow HTTP traffic for FirewallD
firewall-cmd –zone=public –add-service=http –permanent
firewall-cmd –reload
Now we start the Zabbix Server
systemctl start zabbix-server
Finally check the zabbix-server status
systemctl status zabbix-server
The output should be similar to below
[root@zabbix ~]# systemctl status zabbix-server
● zabbix-server.service – Zabbix Server
Loaded: loaded (/usr/lib/systemd/system/zabbix-server.service; disabled; vendor preset: disabled)
Active: active (running) since Sun 2017-06-04 13:09:21 EDT; 39s ago
Process: 7480 ExecStart=/usr/sbin/zabbix_server -c $CONFFILE (code=exited, status=0/SUCCESS)
Main PID: 7482 (zabbix_server)
CGroup: /system.slice/zabbix-server.service
├─7482 /usr/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
├─7487 /usr/sbin/zabbix_server: configuration syncer [waiting 60 sec for processes]
├─7488 /usr/sbin/zabbix_server: db watchdog [synced alerts config in 0.000800 sec, idle 60 sec]
├─7489 /usr/sbin/zabbix_server: poller #1 [got 0 values in 0.000005 sec, idle 5 sec]
├─7491 /usr/sbin/zabbix_server: poller #2 [got 0 values in 0.000005 sec, idle 5 sec]
├─7492 /usr/sbin/zabbix_server: poller #3 [got 0 values in 0.000005 sec, idle 5 sec]
├─7493 /usr/sbin/zabbix_server: poller #4 [got 0 values in 0.000006 sec, idle 5 sec]
├─7494 /usr/sbin/zabbix_server: poller #5 [got 0 values in 0.000007 sec, idle 5 sec]
├─7495 /usr/sbin/zabbix_server: unreachable poller #1 [got 0 values in 0.000003 sec, idle 5 sec]
├─7496 /usr/sbin/zabbix_server: trapper #1 [processed data in 0.000000 sec, waiting for connection]
├─7497 /usr/sbin/zabbix_server: trapper #2 [processed data in 0.000000 sec, waiting for connection]
├─7498 /usr/sbin/zabbix_server: trapper #3 [processed data in 0.000738 sec, waiting for connection]
├─7499 /usr/sbin/zabbix_server: trapper #4 [processed data in 0.000000 sec, waiting for connection]
├─7500 /usr/sbin/zabbix_server: trapper #5 [processed data in 0.000000 sec, waiting for connection]
├─7501 /usr/sbin/zabbix_server: icmp pinger #1 [got 0 values in 0.000005 sec, idle 5 sec]
├─7502 /usr/sbin/zabbix_server: alerter [sent alerts: 0 success, 0 fail in 0.000391 sec, idle 30 sec]
├─7503 /usr/sbin/zabbix_server: housekeeper [startup idle for 30 minutes]
├─7504 /usr/sbin/zabbix_server: timer #1 [processed 0 triggers, 0 events in 0.000023 sec, 0 maintenances in 0.001165 sec, idle 30 sec…
├─7505 /usr/sbin/zabbix_server: http poller #1 [got 0 values in 0.000546 sec, idle 5 sec]
├─7506 /usr/sbin/zabbix_server: discoverer #1 [processed 0 rules in 0.000352 sec, idle 60 sec]
├─7507 /usr/sbin/zabbix_server: history syncer #1 [synced 0 items in 0.000001 sec, idle 1 sec]
├─7508 /usr/sbin/zabbix_server: history syncer #2 [synced 0 items in 0.000001 sec, idle 1 sec]
├─7509 /usr/sbin/zabbix_server: history syncer #3 [synced 0 items in 0.000001 sec, idle 1 sec]
├─7510 /usr/sbin/zabbix_server: history syncer #4 [synced 0 items in 0.000001 sec, idle 1 sec]
├─7511 /usr/sbin/zabbix_server: escalator #1 [processed 0 escalations in 0.000411 sec, idle 3 sec]
├─7512 /usr/sbin/zabbix_server: proxy poller #1 [exchanged data with 0 proxies in 0.000002 sec, idle 5 sec]
└─7513 /usr/sbin/zabbix_server: self-monitoring [processed data in 0.000009 sec, idle 1 sec]Jun 04 13:09:21 zabbix systemd[1]: Starting Zabbix Server…
Jun 04 13:09:21 zabbix systemd[1]: Started Zabbix Server.
Finally lets enable Zabbix to start at boot time.
systemctl enable zabbix-server
Navigate to http://<YOURIP>, and we need to do some configuration
Click Next and verify that all the checks come back with a status of OK
Click Next and enter in the zabbix database password
Click Next and leave the server settings at defaults
Verify your settings and click Next
Click Finish if no errors are returned
You will be brought to the zabbix login screen, where the user is admin and the password is zabbix.
Nerd Blogging - Tech Blogging 