监控配置流程
让zabbix服务开机自启
//首先查看端口号
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 127.0.0.1:9000 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 *:80 *:*
//发现没有启动zabbix
//写一个文件将zabbix设置为开机自启(有两个服务:zabbix、agent)
[root@localhost ~]# cp /usr/lib/systemd/system/sshd.service /usr/lib/systemd/system/zabbix_server.service
//修改文件
[root@localhost ~]# vim /usr/lib/systemd/system/zabbix_server.service
[Unit]
Description=zabbix server daemon
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/sbin/zabbix_server 启动方式
ExecStop=pkill zabbix_server 停止方式
ExecReload=/bin/kill -HUP $MAINPID 重新加载(给他发送信号)
[Install]
WantedBy=multi-user.target
[root@localhost ~]# cp /usr/lib/systemd/system/zabbix_server.service /usr/lib/systemd/system/zabbix_agentd.service
[root@localhost ~]# vim /usr/lib/systemd/system/zabbix_agentd.service
[Unit]
Description=zabbix agentd
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/sbin/zabbix_agentd
ExecStop=pkill zabbix_agentd
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
//启动
[root@localhost ~]# zabbix_server
[root@localhost ~]# zabbix_agentd
//先查看一下服务
[root@localhost ~]# ps -ef | grep zabbix
zabbix 1330 1 0 23:17 ? 00:00:00 zabbix_server
zabbix 1331 1330 0 23:17 ? 00:00:00 zabbix_server: ha manager
zabbix 1332 1330 0 23:17 ? 00:00:00 zabbix_server: service manager #1 [processed 0 events, updated 0 event tags, deleted 0 problems, synced 0 service updates, idle 5.056802 sec during 5.056921 sec]
……(省略)
//杀死所有zabbix进程
[root@localhost ~]# pkill zabbix
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 127.0.0.1:9000 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 *:80 *:*
[root@localhost ~]# ps -ef | grep zabbix
root 1517 1254 0 23:07 pts/0 00:00:00 grep --color=auto zabbix
//重新加载一下
[root@localhost ~]# systemctl daemon-reload
[root@localhost ~]# systemctl enable --now zabbix_server //设置开机自启
Created symlink /etc/systemd/system/multi-user.target.wants/zabbix_server.service → /usr/lib/systemd/system/zabbix_server.service.
[root@localhost ~]# systemctl enable --now zabbix_agentd //设置开机自启
Created symlink /etc/systemd/system/multi-user.target.wants/zabbix_agentd.service → /usr/lib/systemd/system/zabbix_agentd.service.
检查
//查看状态
[root@localhost ~]# systemctl status zabbix_server
● zabbix_server.service - zabbix server daemon
Loaded: loaded (/usr/lib/systemd/system/zabbix_server.service; enabled; vend>
Active: active (running) since Mon 2023-09-25 23:46:16 CST; 4min 27s ago
Main PID: 1418 (zabbix_server)
[root@localhost ~]# systemctl status zabbix_agentd
● zabbix_agentd.service - zabbix agentd
Loaded: loaded (/usr/lib/systemd/system/zabbix_agentd.service; enabled; vend>
Active: active (running) since Mon 2023-09-25 23:46:32 CST; 4min 18s ago
Process: 1485 ExecStart=/usr/local/sbin/zabbix_agentd (code=exited, status=0/>
Main PID: 1487 (zabbix_agentd)
//查看端口号
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:10050 0.0.0.0:*
LISTEN 0 128 0.0.0.0:10051 0.0.0.0:*
LISTEN 0 128 127.0.0.1:9000 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
布局
编辑
长按可将模块移动
功能介绍:
用户设置
查看帮助文档
主要功能
清单:
监控:
linux监控一台主机
//关闭防火墙 关闭selinux
[root@localhost ~]# systemctl disable firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# setenforce 0
//安装代理
//先创建用户
[root@localhost ~]# useradd -r -M -s /sbin/nologin zabbix
//将文件从一个主机传输到另一个主机
[root@server ~]# scp zabbix-6.4.6.tar.gz 192.168.134.151:/root/ //传输文件
The authenticity of host '192.168.134.151 (192.168.134.151)' can't be established.
ECDSA key fingerprint is SHA256:LOnSmZ7snzoUsYrGepw0CYRjYewQxtDNMohlKX5QeIA.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.134.151' (ECDSA) to the list of known hosts.
root@192.168.134.151's password: //输入密码
zabbix-6.4.6.tar.gz 100% 42MB 141.3MB/s 00:00
//查看
[root@localhost ~]# ls
anaconda-ks.cfg zabbix-6.4.6.tar.gz
//解压
[root@localhost ~]# tar xf zabbix-6.4.6.tar.gz
[root@localhost ~]# ls
anaconda-ks.cfg zabbix-6.4.6 zabbix-6.4.6.tar.gz
//下载命令
[root@localhost ~]# yum -y install gcc gcc-c++ make wget
//进入目录查看要安装的
[root@localhost ~]# cd zabbix-6.4.6
[root@localhost zabbix-6.4.6]# ls
aclocal.m4 conf database Makefile.am README
AUTHORS config.guess depcomp Makefile.in sass
bin config.sub include man src
build configure INSTALL misc ui
ChangeLog configure.ac install-sh missing
compile COPYING m4 NEWS
[root@localhost zabbix-6.4.6]# ./configure --help | grep agent
--enable-agent Turn on build of Zabbix agent and client utilities
--enable-agent2 Turn on build of Zabbix agent 2
//报错:
configure: error: cannot find pkg-config package for libpcre
//解决:
[root@localhost zabbix-6.4.6]# yum -y install pcre-devel
[root@localhost zabbix-6.4.6]# ./configure --enable-agent
***********************************************************
* Now run 'make install' *
* *
* Thank you for using Zabbix! *
* <http://www.zabbix.com> *
***********************************************************
[root@localhost zabbix-6.4.6]# make install
//将文件从主机传输到要监控的主机上
[root@server ~]# scp /usr/lib/systemd/system/zabbix_agentd.service 192.168.134.151:/usr/lib/systemd/system/
root@192.168.134.151's password: //输入密码
zabbix_agentd.service 100% 221 60.0KB/s 00:00
//查看一下文件
[root@localhost zabbix-6.4.6]# cat /usr/lib/systemd/system/zabbix_agentd.service
[Unit]
Description=zabbix agentd
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/sbin/zabbix_agentd
ExecStop=pkill zabbix_agentd
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
//配置
[root@localhost local]# cd /usr/local/etc/
[root@localhost etc]# ls
zabbix_agentd.conf zabbix_agentd.conf.d
//打开文件
[root@localhost etc]# vi zabbix_agentd.conf
//搜索Server
# Mandatory: yes, if StartAgents is not explicitly set to 0
# Default:
# Server=
Server=192.168.134.148 //将此处改成server端ip
ServerActive=192.168.134.148 //将此处改成server端ip
# Mandatory: no
# Default:
# Hostname=
Hostname=hahalinux //将此处的名字改成自己想取的名字
//加载
[root@localhost zabbix-6.4.6]# systemctl daemon-reload
//设置开机自启
[root@localhost etc]# systemctl enable --now zabbix_agentd
Created symlink /etc/systemd/system/multi-user.target.wants/zabbix_agentd.service → /usr/lib/systemd/system/zabbix_agentd.service.
//查看一下
[root@localhost etc]# systemctl status zabbix_agentd
● zabbix_agentd.service - zabbix agentd
Loaded: loaded (/usr/lib/systemd/system/zabbix_agentd.service;>
Active: active (running) since Tue 2023-09-26 01:51:00 CST; 1m>
Main PID: 21352 (zabbix_agentd)
//查看一下端口号
[root@localhost etc]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
LISTEN 0 128 0.0.0.0:10050 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
//设置selinux为关闭状态
[root@localhost etc]# vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled //将此处改成disabled
# SELINUXTYPE= can take one of these three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted //安装angentd服务完成
在监控网页将主机添加进去
主机组:
此时我们选择:(也可以自己添加一个主机组,直接写入)
通过哪种方式进行监控:
我们选择:
此处输入的ip为 192.168.134.151
总:
此处能发现新添加了
windows监控主机:
//首先去官网zabbix.com
在浏览器直接转到https://cdn.zabbix.com/zabbix/binaries/stable/6.4/6.4.6/zabbix_agent-6.4.6-windows-amd64-openssl.zip下载
windows监控server端主机名称 | ip |
---|---|
xixiwindows | 192.168.134.148 |
将此文件剪切到C:\Program Files
bin: 主程序
conf:配置文件
在C:\Program Files\zabbix_agent\conf 里面配置 通过ctrl+f查找Server
# Mandatory: yes, if StartAgents is not explicitly set to 0
# Default:
# Server=
Server=192.168.134.148 //将此处改成server端ip
# Mandatory: no
# Default:
# ServerActive=
ServerActive=192.168.134.148 //将此处改成server端ip
# Mandatory: no
# Default:
# Hostname=
Hostname=xixiwindows //将名字改为
启动
//首先进到bin文件里面去 复制地址
//搜索cmd
//发现端口已经启动
在监控网页添加windows
创建组
//能看到新创建的组
添加windows主机
搜索cmd:
C:\Program Files\zabbix_agent\bin>ipconfig
监控项配置
1、添加主机/主机组
2、添加监控项
手动添加
模板添加
3、添加触发器trigger
4、定义媒介(告警通知方式)
5、配置动作(告知、处理)
6、手动触发并验证
监控项
为哪台主机添加监控项
介绍:
添加监控项
选择linux主动形式
发现增加了监控项
为windows添加监控项
记得关闭防火墙(真机)
手动触发
c8-1上面的监控项,监控用户的配置文件(创建用户、删除用户)
//文件修改了 md5的值会变
[root@server ~]# echo "hello world" > abc
[root@server ~]# md5sum abc
6f5902ac237024bdd0c176cb93063dc4 abc
[root@server ~]# echo '#' >> abc
[root@server ~]# md5sum abc
511a0678a3a1e14850c82d2e8c0df2fb abc
由上图看出,查看该进程码采用:sha256
当用户被修改时,/etc/passwd这个文件就会发生改变
当文件被修改了,我们需要判断这个操作是否正常
//监控文件
[root@server ~]# sha256sum abc
cc258f14359e2048920ce51121e7b07d4ee5d59f8c7b1b489995d11da898eff4 abc
[root@server ~]# echo "#" >>abc
[root@server ~]# sha256sum abc
71e68d42f24fea702511564722cf9aa971ba22b0051f808da8091bb5546fbf30 abc
触发器:
上图表示上次触发的结果与这次触发的结果不相等,则报警
检查时间
觉得检查时间太长
1、手动添加一个监控项
2、更改检查时长
手动添加监控项
监控c8-1主机
//在主机c8-1上面田间文本写入文件
[root@c8-1 ~]# echo "hello world" > /tmp/testfile
将此模板改成
获取到的信息类型
更新间隔最低30s
此处,应用了时间间隔就不能使用下图,并且将更新间隔改为0
点击add(添加)
查看:
查看监控项能否获取到值
添加触发器(定义什么情况下报警)
检查:ctrl+f
发现此时已经有信息提示
发现这个数值并没有发生改变
//更改这个文件
[root@c8-1 ~]# echo '#' > /tmp/testfile
查看
图形化:
主页面介绍:
实例:将一个报警信息设置添加备注 显示为正常信息