In the last column, I gave an overview of Zabbix, an open-source consolidated monitoring system. In this installment, I’ll explain Zabbix’s internal monitoring functions and other monitoring functions.
Review of Zabbix’s external monitoring functions
In Zabbix, monitoring items gather data from a host. The following types of external monitoring are executed from Zabbix Server.
- SNMP Agent/traps
- IPMI checks
- Simple Check
- ICMP ping
- Whether or not Ping is successful.
- Ping lost packets.
- Ping response time
- Net tcp/udp
- Service is up/down.
- Service performance
- External checks
- Executed by commands on Zabbix Server
- HTTP monitoring
- Monitoring of specified URL by Zabbix Server
- The request header can be specified.
- POST/GET/PUT/HEAD can be executed as the request.
- The request body can be selected from RAW data/JSON data/XML data and sent.
- For the response, the body, header, and body+header can be obtained.
- The response can be gathered in JSON format.
- HTTP authentication and SSL verification are possible.
Internal monitoring
Internal monitoring is monitoring directly from within the monitoring target. In general, Zabbix Agent is installed in the monitoring target. Monitoring using the Zabbix Agent is called agent monitoring. The following types of internal monitoring can be carried out with Zabbix.
- System information
- Host name
- system name
- Information output by uname — a
- System architecture
- i686, x86 _64, etc.
- Hardware model, serial number
- Hardware sensor information
- Specify the device name, sensor name, and mode (avg, max, min) to obtain the following information:
- Electricity usage
- Temperature
- Fan speed
- Boot time
- Uptime (amount of time since startup)
- Number of logged in users
- Device names
- List of PCI or USB-connected devices
- Host internal clock
- Number of processes used by the operating system
- Packet information
- List of packets such as RPM/dpkg
- CPU
- Number of CPUs
- Load averages
- CPU context switches
- CPU usage
- Idle, users, system, IOwait, interrupts, softirqs
- CPU hardware information
- System statistics
- You can obtain usage (%) of the CPU specified by the following parameters:
- Process name
- User name
- CPU type (total of system/user/system and user)
- Command line information for processes (regular expressions accepted)
- Time interval for statistical information (1/5/15-minute)
- Memory
- Memory size
You can specify total physical memory, memory in use, free memory, etc. - Memory usage
The names of memory in use and available can be shown as percentage display - Swap size
- Number of swap-in/outs
- System statistics
You can specify the following parameters to obtain memory usage in bytes: - Process name
- User name
- Statistical information mode (avg, max, min, total)
- Command line information for processes (regular expressions accepted)
- Memory type (for details see the Zabbix Manual)
- Memory size
- Storage
- Amount of disk read/write
- Entire disk or device name
- You can specify sector per second, number of reads per second, or number of bytes per second
- Number and size of inodes in specified file system
- Number of files in a specified directory:
- You can specify file type, file name (regular expressions accepted), size, and time of creation.
- Disk usage in a specified directory
- You can specify file names to apply to or exempt (regular expressions accepted) and the number of directory levels.
- Confirm specified file
- Does the file exist?
- Checksum
- You can specify integer value or md5.
- File content
- Does the file contain a specified string?
- Size
- Timestamp
- Network
- Number of collisions for an interface
- Specify interface name
- Input/output traffic for an interface or total input/output traffic
- Specify interface name
- You can specify number of bytes, number of packets, number of errors, number of drops, etc.
- Is DNS lookup possible?
- You can specify lookup target host, DNS IP address, TCP/UDP, etc.
- Results of DNS lookup
- You can specify lookup target host, DNS IP address, TCP/UDP, etc.
- MAC address interface
- Processes
- Process name
- Number of users
- Process state (waiting for disk access, start-up, sleep, suspended, zombie, and all others mentioned above)
- Command line information for processes (regular expressions accepted)
You can obtain the number of processes by specifying the following items:
- Log files
The following items can be specified to obtain information about log files.
- File names
- Regular expression string
- Character encoding (UTF-8 or ANSI)
- Whether or not to skip a processed log
- Output format
- Maximum delay time (seconds)
The following log file information can be obtained from the content specified by the items above.
- Contents of log files
The contents of files matching the specified conditions are gathered in the specified output format.
You can specify the maximum number of lines.- Log count
This obtains the number of lines in files matching the specified conditions.
You can specify the number of seconds from the current time for searching the logs.
- Information obtained through Zabbix Agent
- Host name specified in Zabbix Agent’s configuration file
- Whether or not Zabbix Agent is responding to communication from Zabbix Server
- Zabbix Agent’s version
- Content of Web page, load time, and content matching specified string (regular expressions accepted)
The content of Web pages can be obtained by specifying the host name, path portion of the URL, and port. - Execution of internal commands specified in Zabbix Agent’s configuration file
- Zabbix server information
Information about Zabbix Server/proxy itself
- Startup time of Zabbix Server/proxy
- Number of histories saved by Zabbix Server/proxy
- Number of hosts and items being monitored by Zabbix Server/proxy
- Execution of commands by Agent on monitored host
- Log monitoring
- Carry out monitoring of specified log files
- It is possible to monitor entire log, logs matching strings, number of logs, etc.
- By specifying the datetime format, it is possible to match the dates and
times in a log file with the dates and times displayed in Zabbix.
The following can monitored without going through Zabbix Agent:
- ssh/telnet checks
Commands executed on the monitored host from Zabbix Server through ssh/telnet.
- Commands executed through ssh/telnet.
- Use these commands when Zabbix Agent cannot be used.
- Monitoring using Zabbix sender
- Use Zabbix sender commands.
- It is possible to execute even if Zabbix Agent is not installed as long as Zabbix Server is connected to the network.
- Results of commands executed within a host can be sent as data to Zabbix Server by setting the host name, item names, measured values, etc.
Other types of monitoring
Zabbix has functions to store the results of external and internal monitoring after processing.
- Calculated items
- The results of calculations involving other items are collected.
- Average, sum, minimum, maximum, etc., can be calculated.
- Aggregate items
- Aggregate information for each host group is obtained from the history database.
- Average, sum, minimum, maximum, etc., can be aggregated.
- Dependent items
- Items that are separated into necessary parts and saved in history when one master item gathers multiple metrics
- The user specifies the items to be actually gathered. Only necessary parts for the values are extracted by preprocessing steps.
- Regular expressions, XML XPath, and JSONPath can be used for extraction.
Conclusion
As you can see, Zabbix comes with a variety of monitoring methods. In the next installment, we’ll examine hosts and host groups. See you then!
