Monitor Your Net with Free, High-Performance ZABBIX

Tuesday May 24th 2005 by Carla Schroder
Share:

With ZABBIX, you get a high-performance tool that monitors networks and servers, offers a wide array of notification tools, and rivals the feature list of commercial offerings.

If you are looking for a first-class network and system monitor, and don't want to mortgage your firstborn to pay for it, look no farther than ZABBIX.

ZABBIX is a great, free-of-cost, GPL-licensed (define), all-in-one 24x7 monitoring and alerting tool for networks and servers. It has a nice Web-based interface for administration, reporting, and graphing; and it has other features rivaling expensive commercial products. ZABBIX's alerting mechanism is nearly prescient -- it can catch trouble early and send an alert before a problem becomes becomes critical. You have your choice of email, SMS-capable devices (define), pager and even WinPopUps. Or all of the above.

System Requirements
ZABBIX supports virtually all modern operating systems. The server component runs on Linux, Unix, and Mac OS X, and there is client software for Unix variants and Windows. There is a reason for limiting the server component to Unix variants, as the ZABBIX manual explains: "Due to security requirements and mission-critical nature of monitoring server, UNIX is the only operating system that can consistently deliver the necessary performance, fault tolerance and resilience."

ZABBIX stores data in a database backend, either MySQL or PostgreSQL. MySQL is recommended for fastest performance. You'll also need Apache, PHP and development files for whichever database you choose. Also important is network time synchronization, so be sure to run a local time server. (See Resources.)

Also on Network Monitor Tools at ENP

  • Keep Tabs on Your Network Traffic
  • Choose the Right Network Management Tool
  • Choose the Right Network Management Tool (Part 2)
  • Mind Your Packets with Ethereal
  • Use Snort for Lightweight Intrusion Detection
  • Hardware requirements vary according to demand, of course, with the database backend being the largest consumer. Memory and storage are more important than a fast CPU, so an ordinary newish Athlon or Pentium with 256 megabytes of RAM and a 20 gigabyte hard drive will handle a couple of hundred hosts easily.

    Installation
    Refer to the ZABBIX manual for the installation howto for installing from source code. ZABBIX has two components: Server and Agent. There are RPMs for ZABBIX (search rpm.pbone.net); I have not found any Debian packages yet.

    Server Configuration
    The Web-based interface is clean and well-organized. After installation point a Web browser to wherever your PHP scripts installed, usually http://localhost/~zabbix. Click on "Config." The initial login is "Admin" with no password. Make yourself a ZABBIX account by clicking "Users", give yourself read/write/add permissions, then click the "Media" link to add your email address. Then go back and set the Admin password.

    Setting the SMTP server is necessary if you want ZABBIX to send email alerts to you, so do this next. Then you can start adding hosts to be monitored by clicking the "Hosts" link. Every system that is being monitored must have the ZABBIX agent installed. You may add hosts to the ZABBIX server before installing the client software by setting the status to "Not Monitored." Be sure to change this after installing the ZABBIX agent.

    Finally, start the ZABBIX server daemon, suckerd:

    # /opt/zabbix/bin/zabbix_suckerd

    Monitored Parameters
    Every time you add a new host you get a big list of possible items to monitor. Not all services require the ZABBIX agent, like Web, FTP, SSH, and mail servers. ZABBIX connects directly to these to see if they are running and accepting connections.

    Using the ZABBIX agent opens up a whole new world of monitoring possibilities. For example, you can monitor servers on non-standard ports, like this:

    check_service[http, 8080]

    The real ZABBIX gold is in the performance monitors. Users are always griping about "the network is slow. The mail server is slow. Everything is slow." ZABBIX gives you the tools to find out for yourself. Some of the available checks are:

    How many seconds does it take to get a response from the POP server:

    check_service_perf[pop,192.168.1.100,110]

    How many seconds does it take to get a response from the Web server:

    check_service_perf[http,192.168.1.101,80]

    And so forth for all of your servers. Another useful item to monitor is used/remaining disk space:

    diskfree[/home]
    disktotal[/var]
    diskused[/]

    You can dig more deeply into server load by monitoring numbers of writes in the last minute or five minutes, or whatever you specify:

    disk_write_ops1[hdb3]
    disk_write_ops5[hdb3]

    And also reads:

    disk_read_ops1[hdb3]
    disk_read_ops5[hdb3]

    Swap space, physical memory, CPU temperature, number of running processes, number of inodes, and netload are but a few of the many remaining items that ZABBIX can monitor.

    Continued on page 2: Triggers

    Continued From Page 1

    Triggers
    All of this monitoring is well and good, but what really makes it worthwhile is setting the alert trigger levels to a level that is useful to you. This is completely customizable, so you can play interesting tricks like "make the triggers more sensitive before you leave on vacation and leave everything in the capable hands of your new assistant." (It's not hazing, it's accelerated training.)

    For example, you want to watch the incoming traffic load on a particular NIC:

    ({bratgrrl.com:netloadin1[eth1]})>500K

    When number of received bytes on eth1 is more than 500 KB within a minute, an alert will be triggered. A very useful trigger is changes in files that should not change, like files in /bin:

    ({bratgrrl.com:cksum[/bin/login].diff(0)})>0

    It takes a bit of practice to get the hang of writing triggers, but the ZABBIX manual documents all the options thoroughly and gives a lot of useful examples.

    Pretty Graphs
    A picture is truly worth a thousand words, and ZABBIX comes with bales of customizable graphs. Graphs are customizable to show whatever you like -- system load, network load, storage, memory, CPU load -- anything that ZABBIX watches can be graphed.

    Maps
    This is where ZABBIX really earns its beans, with network maps showing all monitored devices and their status, so you know at a glance if there are any trouble spots. The default map does the job quite nicely, and of course you may customize it to your heart's content. Visit the screenshots page to see all of this in action.

    The user's manual is good, and the user's forum will help if you get stuck. All in all this is an impressive product. Visit zabbix.com to find downloads, documentation, screenshots, and help resources.

    Resources

    Share:
    Home
    Mobile Site | Full Site
    Copyright 2017 © QuinStreet Inc. All Rights Reserved