Shulou(Shulou.com)06/02 Report--

1. Overview of Zabbix's functions

1.1 what is zabbix

Alexei Vladishev created the Zabbix project, which is currently in an active development state, supported by Zabbix SIA.

Zabbix is an enterprise-class, open source, distributed monitoring suite.

Zabbix can monitor networks and services. Zabbix uses flexible alarm mechanism to realize automatic alarm of Wechat, SMS and email. Zabbix uses the stored monitoring data to provide monitoring reports and achieve graphical display.

Zabbix supports both polling and trapping. All Zabbix reports can be accessed through the configuration parameters in the WEB interface. You can view the monitoring status of the network and services in real time through the Web interface. Whether you are a small organization or a large company, Zabbix can play the role of monitoring your IT infrastructure through configuration that does not work.

Zabbix is cost-free because Zabbix is written and distributed based on the GPL V2 protocol. It means that the source code is released for free.

At the same time, Zabbix also provides commercial technical support.

1.2 zabbix featur

Zabbix is a highly integrated network monitoring suite that provides the following features through a single package

Data collection

Availability and performance testing

Support SNMP (trapping and polling), IPMI, JMX monitoring

Custom detection

Custom interval to collect receipts

Implementation of distributed Monitoring Environment with server/proxy/agents

Flexible threshold definition

Allows flexible customization of fault thresholds, called trigger in Zabbix, and stored in the back-end database

Advanced alarm configuration

You can customize alarm upgrade (escalation), recipient and alarm method.

Alarm information can be configured and allowed to use macro variables

Automate actions through remote commands (action)

Real-time drawing

Real-time drawing of monitoring data through built-in drawing engine

Extended graphical display

Allow custom creation of multiple monitor view

Network Topology (network maps)

Custom panels (screen) and slide shows, and allow display on dashboard pages

Report

High-level (commercial) monitoring resources

Historical data storage

The data is stored in the database

Historical data is configurable

Built-in data cleaning mechanism

Simple configuration

The host is added by adding monitoring devices.

Once configuration, lifetime monitoring (unless adjusted or deleted)

Monitoring devices allow the use of templates

Template usage

Group monitoring can be added to the template

Templates allow inheritance

Network automatic discovery

Automatic discovery of network devices

Agent automatic registration

Automatically discover file systems, network card devices, SNMP OID, etc.

Fast web interface

The web front end is written in php.

Access is accessible

You can do whatever you want.

Audit log

Zabbix API

Zabbix API provider-level access interface, which can be quickly accessed by third-party programs

Authority system

Secure authority authentication

Users can limit the list of allowed maintenance

Full-featured, easy to expand agent

Deploy on monitoring target

Support for Linux and Windows

Binary daemon

C development, high performance, low memory consumption

Transplant easily

Be able to deal with complex environmental conditions

Remote monitoring can be easily created through Zabbix proxy.

1.3 Zabbix Featur

Monitoring topology diagram description:

(1) automatic alarm mechanism can be realized through Wechat, SMS and email.

(2) you can configure it through the Web page and monitor the status to view it.

(3) the equipment of printer, router and switch can be monitored by SNMP protocol.

Monitor the server host by implanting agent

Monitoring of IP and PORT through ping or port inspection

You can monitor most systems, including windows, Linux, unix, Solaris, Mac, and so on, as shown in the figure:

Items that can be monitored for the host include:

CPU:CPU load, CPU utilization

Memory: memory utilization, interchangeable memory / virtual memory utilization

Network: network transmission, network failure, packet loss

Disk: disk utilization, disk Ibank O

Service: process monitoring, interface service, TCP port connection, response time, DNS monitoring, NTP monitoring

Log: log monitoring, text log, event log

File: file monitorin

Other: performance counters (Windows systems only)

Custom alarm mechanism:

As shown in the figure

If the fault is not resolved within 10 minutes, you can notify the system administrator by text message or email

If the fault is not resolved in 15 minutes, you can notify the operation and maintenance personnel by text message or email.

If the fault is not resolved within 30 minutes, you can notify the manager by text message or email.

The monitored monitoring data can be collected and sent to the server through the proxy proxy server and the proxy Zabbix server.

2. Zabbix program architecture

The architecture diagram is as follows:

Description of each component of Zabbix:

Zabbix Server

Zabbix Server is the core component, which is used to obtain agent survival status and monitoring data. All configuration, statistics and operation data are accessed to database through Server.

Zabbix database

All Zabbix data is stored in the database

Web GUI

For easier barrier-free access to Zabbix, the web interface is provided. This interface, as part of Zabbix Server, usually runs on the same host as server

Note: if SQLite is used as the database, the web interface and Zabbix Server must be running on the same host

Proxy

Zabbix Proxy can replace Zabbix Server for performance and availability data collection. Proxy is an optional component for Zabbix deployment. If you want to share a single Zabbix Server load, it is recommended to use proxy.

Agent

Zabbix agents is deployed on the target monitor and monitors local resources and applications, reporting collected data to Zabbix Server

Monitoring process:

Monitor the data flow through zabbix and take corresponding measures.

First create a host, and then create an item to collect data

Create a trigger (trigger) through item

Create an action (action) through a trigger (trigger)

For example, if you want to monitor the CPU load of a server, you first create a host entry for the server, then create an item to monitor the CPU status of the server, and create a corresponding trigger mechanism. When the cpu load reaches a certain threshold, trigger action, which includes performing the set action and sending an email alarm.

You can set these operations as a template, and when you want to monitor a host, you can apply the template directly.

Structure diagram of each component of Zabbix:

Zabbix related terms:

Related nouns explain:

Host (host)

A network device you want to monitor (need to know IP/DNS)

Host group (host group)

A logical host group that contains hosts and templates. If the host and the template are in the same host, the template cannot be link to another. Host groups are usually used to create access rights to different user groups

Monitoring item (item)

The data you want to collect from the mainframe

Trigger (trigger)

A logical expression used to express that the data obtained from the monitoring item reaches the preset fault threshold

When the received monitoring value reaches the preset threshold, the state of the trigger changes from 'OK' to' Problem',. When the received monitoring value is lower than the threshold, the state is maintained / changed to 'OK'.

Event (event)

An event such as a trigger status change or an automatic discovery (discovery) / agent automatic registration

Action (action)

The default process when an event occurs

An action (action) includes an action (operations, such as sending an alarm) and a condition (when the specified operation is completed)

Alarm upgrade (escalation)

A custom operation execution process in an action, a queue for sending alarms / executing remote commands

Media (media)

The channel that sends the alarm

Alarm (notification)

Send event messages through media channels

Remote command (remote command)

A default command that executes automatically when the monitoring host reaches certain conditions (condition)

Template (template)

A group of entities that contain monitoring items, triggers, drawings, panels (screen), applications, low-level automatic discovery rules, etc., and can be applied by other hosts

Templates can improve the speed of host deployment of monitoring tasks, but also very easy to do batch (mass) updates to monitoring tasks. The template is linked by the host (link).

Application (application)

Monitoring item logic group

Web Scheme (scenario)

One or more http requests to check the availability of a web site

Front end (frontend)

Web interface provided by Zabbix

Zabbix API

Zabbix API allows you to create, update, obtain Zabbix objects (such as hosts, monitoring items, drawings, etc.) and complete custom tasks through the JSON RPC protocol

Zabbix server

Zabbix software center process, used to connect Zabbix proxy and agent to complete monitoring, evaluation triggers, sending alarms and central data storage

Zabbix agent

Processes deployed on monitoring hosts to monitor local resources and applications

Zabbix proxy

The process of completing data collection instead of Zabbix server, usually used to reduce the load on the central Zabbix Server

Node (node)

A complete set of Zabbix server configurations, usually located in a distributed system, used to monitor the area

Zabbix Workflow Chart:

Server

Zabbix server is the core process of Zabbix software.

Server uses polling and trapping to collect data to determine whether the threshold is reached or not, and then uses the trigger to send an alarm to the user. Server can also perform remote network service detection through simple service check (simple service check).

Server is not only a database that stores all configuration, statistics and operation data, but also a fault alarm service.

According to different functions, Zabbix server can be divided into three parts: Zabbix server, Web GUI and Database.

Because all the configuration information of Zabbix is stored in the database, server and web GUI can operate directly. For example, when a new monitor item is created through the Web interface (or API), it inserts the created data into the database. In about a minute, Zabbix server will query the data table of monitoring items and save the list of monitoring items in its own cache (cache). This is why changes made through the Zabbix front end will take effect in about two minutes.

Zabbix server runs as a daemon process.

Zabbix server is required to run under a non-root account by default.

If Zabbix server and agent are running on the same host, it is recommended to run under different users, because once running under the same user, agent will be able to access server's configuration files and easily obtain Zabbix Admin-level users, such as database passwords.

Zabbix server has been tested on the following platforms:

Linux

Solaris

AIX

HP-UX

Mac OS X

FreeBSD

OpenBSD

NetBSD

SCO Open Server

Tru64/OSF1

Agent:

Zabbix agent is deployed on the monitored host to monitor local resources and applications (such as hard drives, memory, processors, etc.).

Zabbix agent collects the running information of the local host and sends the data to Zabbix server for processing. Once an exception occurs (such as the hard disk is full or the service process is interrupted), Zabbix server will automatically respond and give an alarm.

Zabbix agent uses local system calls to collect statistics, so it is very efficient.

Passive (passive) and active (active) checks

Zabbix agent provides both passive and active inspection methods.

In passive check mode, agent replies to a data request, Zabbix server or proxy asks for agent data, such as CPU load, and Zabbix agent sends back the result to server.

The process of active inspection will be relatively complex. Agent must first request Zabbix server for a list of monitoring items, and then send the corresponding values to server.

To choose whether to check passively or actively, you need to select 'Zabbix agent' or' Zabbix agent (active)'in the monitoring item type.

Zabbix agent runs on the monitored host and can be run by daemon.

Zabbix agent is generally required to run under a non-root account.

If you start Zabbix agent under your 'root' account, it will automatically select the' zabbix' users' created in the operating system unless you modify the 'AllowRoot'' parameter in the agent configuration file.

Zabbix agent supports the following platforms:

Linux

IBM AIX

FreeBSD

NetBSD

OpenBSD

HP-UX

Mac OS X

Solaris

Windows: 2000, Server 2003, XP, Vista, Server 2008, 7

Agent proxy

The Zabbix agent (proxy) is often used instead of server to collect monitoring information and send data to Zabbix server. The collected data is stored in the cache of the proxy host and then transferred to Zabbix server.

The proxy is optional, but using it can effectively reduce the load of a single Zabbix server in a distributed environment. Through the agent to collect monitoring data, server can effectively reduce CPU and disk I mango O consumption.

The Zabbix agent can perform the centralized monitoring of remote areas, branch offices and networks without local administrators.

The Zabbix agent uses a separate database.

Note: Zabbix proxy database can use SQLite, MySQL, PostgreSQL. If there are limitations and risks when Oracle or IBM DB2 automatically discovers rules at a low level.

Zabbix proxy runs as a daemon.

Zabbix proxy is generally required to run under a non-root account.

If running under the 'root' account, it automatically selects' zabbix' users that were previously established in the operating system, but cannot be configured at compile time or in the configuration file.

Java gateway

A feature introduced after zabbix2.0. Java gateway, similar to agentd, but only used to monitor Java applications running on Java virtual machines. It can only obtain data actively, not passively. Its data will eventually be given to server or proxy.

Zabbix 2.0 monitors JMX applications through Zabbix Java gateway daemons. Zabbix Java gateway is a daemon written in Java. Zabbix Java gateway uses JMX API to request remote applications.

Java gateway accepts connections from Zabbix server or proxy. Specify the IP and port of JAVA gateway in the configuration file of Zabbix server or proxy, so only one Java gateway can be configured in each Zabbix server or proxy.

When a monitor value on Java gateway is updated, the Zabbix server or agent will connect to Java gateway to request the value. Similarly, Java gateway does not cache any values.

The Zabbix server or agent can control the process of connecting to the Java gateway through StartJavaPollers. Java gateway starts internally using multithreading through the START_POLLERS control option. On the Zabbix Server side, if a connection request exceeds the number of seconds set by Timeout, the connection will be terminated, but Java gateway may still be busy retrieving the value from the JMX counter.

It is recommended that StartJavaPollers be less than or equal to START_POLLERS, otherwise it may cause Java gateway to have no extra threads to process when connecting to Java gateway.

When Java gateway is already running, you need to specify the IP and port of JavaGateway in the server configuration file. If the JMX application is monitored by Zabbix agent, you need to specify the corresponding connection parameters in the agent configuration file.

Sender

The Zabbix sender command line tool is often used to send performance data to Zabbix server.

This tool is often used in long-running user custom scripts to continuously send availability and performance data.

Get

Zabbix get is used to connect to the Zabbix agent and retrieve the required information from the agent.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.