Server Monitoring with Zabbix

Think implementing a large monitoring service is tedious? Not so with Zabbix. Start monitoring several-dozen critical hardware and services quickly.
Triggers

Select the Triggers link from your Global search results (Figure 5). A trigger in Zabbix monitors the data that the Items collect. If the data exceeds a configured threshold, it's assigned to one of six severity levels. Figure 7 shows the triggers that come with Template_Linux. Displayed are the severity level, status, description and an expression that makes up the trigger. Click on the trigger named Low free disk space on Template_Linux volume /, and the trigger configuration screen should come up (Figure 8).

Figure 7. Template_Linux Triggers

Figure 8. Trigger Configuration Screen

The first field, the Name field, should describe the problem. For instance, “IMAP port not responding on server123” is better than “E-mail down”. This most likely will be the text that you're going to receive in an e-mail, page or SMS message, so a clear, descriptive name will be very helpful at 2am should that call occur.

The Expression field is what Item this Trigger is going to monitor and what its thresholds are. Our expression for this trigger is configured with {Template_Linux:vfs.fs.size[/,pfree].last(0)}<10", which loosely reads, “Monitor the host called Template_Linux and its key vfs.fs.size[/,pfree]. If the last value it returned is less than 10, assign it a severity level of High.” Click Select. From here, you can change the expression to trigger on averages, absolute values or maximum values for a period of time. For now, I'll leave the trigger function as is, except I want to change at what value it triggers. So close the Condition pop-up window and change the expression to 5% by changing the value from 10 to 5 at the end of the line. Click Save to make the changes.

Actions

Actions occur when a trigger is activated. They can be via e-mail, Jabber, SMS message or running a remote script. Let's configure an action to e-mail the admin if any trigger with level Disaster has been activated. Select Configuration→Actions, and then the Create Action button on the right-hand side of the screen. The Configuration of Actions screen should be visible (Figure 9). Name it something helpful, then click the New button under Action conditions. Choose Trigger severity from the New Condition area, and change the severity level from Information to Disaster. Click Add when finished. Next, select the New button in the Action operations area. Configure the operation to send a message to a single user named admin (Figure 10). Click Add when done. Finally, click the Save button. Now, any trigger that you assign the severity level of Disaster will result in an e-mail being sent to the Admin user. You can create Actions for a single trigger from a specific host if needed, but the action above can be treated like a “site-wide” action.

Figure 9. Configuration of Actions Screen

Figure 10. Configuring the Operation

Daily Monitoring

There are several ways to monitor the clients you have configured. One of the screens I find most informative is the Status of Triggers Web page. Click Monitoring→Triggers (make sure Group and Host have “all” listed from the pull-down on the right-hand side of the screen). On this screen, Zabbix lists all the triggers that have been activated, their assigned severity level, the date of last change and short description as well as an Acknowledged and Comments column. This could be considered a sysadmin's to-do list.

Paul Tader is an independent consultant implementing open-source solutions in the Chicago area, where he has run every Linux and BSD flavor since the mid-1990s as well as instructing Linux certification courses at a local college. Feel free to contact Paul at ptader@linuxscope.com.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Single page view...

JasonBourne's picture

is it possible we can have single page view as an option? Would rather see entire article on 1 page rather than several. Thanks!!

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix