Monitoring with Zabbix

Competa Conference Center 31st May 2011
Raymond Kuiper

Our agenda for today: About me Zabbix Architecture Retrieval of information Monitoring and alerting Lab Excercises Task 1 – 2 Break Data visualization Advanced features Lab Excercises Task 3 – 5

About me Raymond Kuiper Infrastructure Specialist at Competa IT Owner / consultant at Qixia Cisco / Linux guy Working with Zabbix since 2006 http://nl.linkedin.com/in/raymondkuiper RaymondKuiper

Zabbix Architecture Zabbix monitoring environment consists of: Zabbix Servers (daemon) Database (MySQL. PostgreSQL. Oracle. etc.) Zabbix frontend (php) Zabbix Proxies (daemon) Zabbix Agents (daemon/service)

Zabbix Architecture Basic setup: Host Frontend (PHP) Host Database Zabbix Server Host Host

Zabbix Architecture Distributed setup: Database Host Frontend (PHP) Database Zabbix Node 1 Frontend (PHP) Host Database Zabbix Node 2 Host

Zabbix Architecture Differences between Zabbix Proxy and Zabbix DM node: Proxy is easier to maintain (no local configuration on proxy) Easy to setup (auto creation of DB on proxy) No alerting from proxy No local administrator access (no frontend) on proxy

Retrieval of information Zabbix can monitor hosts and devices via: Zabbix Agents (active and passive) SNMP (v2. v3) IPMI (hardware monitoring) Simple checks (ping. tcp connections. etc.) Web (actively look at webpage content) External scripts (server side) Zabbix trapper scripts Telnet / SSH checks ODBC (monitor databases. Beta and undocumented)

Retrieval of information 3rd Party extensions: Zabcat (JMX Zabbix bridge) Orabbix (Oracle) Postbix (PostgreSQL) MySQLbix (MySQL) Zbxlog (Syslog) …. .

Monitoring and alerting How the monitoring 'cascade' works: Hosts (IP / DNS based) Items (What values to retrieve) Triggers (When is a value worth noticing) Events ( Occurence of trigger activity) Actions (What to do when a event occurs) .

Monitoring and alerting Hosts: Object that needs to be monitored Connect on IP / Hostname Can be grouped in 'Host groups' Can be linked to (multiple) 'Templates'

Can be grouped in 'Applications' .Monitoring and alerting Items Identified by a 'Key' Can contain numerical or textual values. Are based on Zabbix Agent / SNMP / IPMI / SSH / Telnet / Simple Checks / Scripts / Calculation / Zabbix Internals / ODBC (beta) Contain timer settings like update interval and history retention period.

Monitoring and alerting Triggers Use logic to interpret item values Can check against things like min. max. avg or last value Textual recognition based on string or regex Also a lot of other things like dates and times can be used for comparison Can become quite complex. but are very powerful Outcome is always numerical! (It's like math)

Monitoring and alerting Events Trigger state change and duration Are logged for future reference or audit Can be acknowledged

Monitoring and alerting Actions Work on the basis of conditions Send out (repeated) notifications Run scripts on hosts

Lab Excercises Complete these tasks Task 1: Configure a new host Task 2: Using Templates Break .

Data visualization Different methods Graphs Maps Screens Reports .

Data visualization Graphs Normal. Stacked or Pie

Data visualization Maps

Data visualization Screens (can be bundled in slide shows)

Data visualization Reports Bar Reports. IT Services (SLA)

Advanced Features Zabbix provides some advanced features to ease administration: Web monitoring (monitor websites) Discovery / Auto registration (automatically add hosts to monitoring) Maintenance periods (disable monitoring for a host during specific times) Inventory (CMDB like information) XML import / export API (JSON)

Lab Excercises Complete these tasks Task 3: Web monitoring Task 4: Zabbix Trappers Task 5: Daunting tasks if time will permit it Thanks for attending!