1、在 agent 端建立脚本,并赋予 zabbix 执行权限

#!/bin/bash  

# Script to fetch Netstat statuses for tribily monitoring systems  

# Author: hanxiao2100@qq.com  

# License: GPLv2 

# Set Variables  


# Functions to return tcp stats 

 

function tcp {  

netstat -n | grep tcp | wc -l


function udp {

netstat -n | grep udp | wc -l


function icmp {

netstat -n | grep icmp | wc -l


function syn {  

netstat -n | grep SYN | wc -l 

 

function timewait {  

netstat -n | grep TIME_WAIT | wc -l 

 

function established {  

netstat -n | grep ESTABLISHED | wc -l 

 

function close {  

netstat -n | grep CLOSE | wc -l

 

# Run the requested function  

$1


2、添加zabbix_agent用户参数

# Monitor Network status

UserParameter=network.tcp,/usr/local/zabbix_agent/etc/scripts/networkStatus tcp

UserParameter=network.udp,/usr/local/zabbix_agent/etc/scripts/networkStatus udp

UserParameter=network.icmp,/usr/local/zabbix_agent/etc/scripts/networkStatus icmp

UserParameter=network.tcp.syn,/usr/local/zabbix_agent/etc/scripts/networkStatus syn

UserParameter=network.tcp.timewait,/usr/local/zabbix_agent/etc/scripts/networkStatus timewait

UserParameter=network.tcp.established,/usr/local/zabbix_agent/etc/scripts/networkStatus established

UserParameter=network.tcp.close,/usr/local/zabbix_agent/etc/scripts/networkStatus close


到服务端来采集,测试下是不是正常

c2fdfc039245d688ab63cb99a7c27d1ed21b24ad

  

3、在zabbix 服务端创建模板

77094b36acaf2edd8d303ad48e1001e9380193cd

37d3d539b6003af328b7ae5d362ac65c1038b6f9


创建 Applications 应用

810a19d8bc3eb13557bec586a51ea8d3fd1f4495


创建监控项目

3b292df5e0fe9925eccd1a6d37a85edf8cb171cd

aa64034f78f0f73602c83e3c0955b319ebc413dc

d4628535e5dde711afdf31cba4efce1b9d1661f9

9e3df8dcd100baa1b6ed34864410b912c9fc2ecd

faedab64034f78f05acae9ce7a310a55b2191ccd

4610b912c8fcc3ce43cdbb0e9145d688d43f20f9

0b7b02087bf40ad1b8d2b5de542c11dfa9eccedd


创建图表

55e736d12f2eb938a38d07cfd6628535e5dd6f2e


4、查看监控数据

cefc1e178a82b901f9a0bb0e708da9773912effa


http://www.linuxidc.com/Linux/2012-06/62870.htm

onitoring network connection states with Zabbix (+ iptables + iptstate)

This is a little howto about displaying some small n’ nice graphs regarding to network connections of your machine. In the way of “Nothing is silly if it involves getting graphs”, the goal of this article is to get a realtime graph showing numbers of current server connections according to protocols,

本文内容英文原文由以下博客作者提供!我做中文说明. 呵呵

http://blog.portwd.com/sysadmin/monitoring-iptables-with-zabbix/

1. iptables, iptstate, zabbix server/agent

2. iptables Zabbix template

3. monitoring scripts

We need to get the template from point 2. and import it to Zabbix sever. Then we will rename it’s application from “Network” to e.g. Network_iptables, due to namespace conflict with default Linux template. Now when we have a possibility to display TCP states and type of connections, let’s fill it with data.

/etc/zabbix_agentd.conf:

UserParameter=iptstate.tcp,/etc/zabbix/scripts/net-tcp

UserParameter=iptstate.tcp.syn,/etc/zabbix/scripts/net-syn

UserParameter=iptstate.tcp.timewait,/etc/zabbix/scripts/net-time-wait

UserParameter=iptstate.tcp.established,/etc/zabbix/scripts/net-established

UserParameter=iptstate.tcp.close,/etc/zabbix/scripts/net-close

UserParameter=iptstate.udp,/etc/zabbix/scripts/net-udp

UserParameter=iptstate.icmp,/etc/zabbix/scripts/net-icmp

Bold font are the names of keys in our newly imported iptables/iptstate zabbix template. Then you need to authorize zabbix user to run iptstate command (potentially without password) and you do it in /etc/sudoers file. Since zabbix agent doesn’t allow to callsudo command directly from it’s config ( you will end up with error log “you must have a tty to run sudo” ), it is also required to turn off “Defaults requiretty” by commenting it out. The scripts which are called in the example above are located in point 3.

#!/bin/bash

est=`sudo iptstate -s | grep ESTABLISHED | wc -l`

echo $est

Output of this simple script is a number of connections which are in ESTABLISHED TCP state. These checks are periodical, so after restarting zabbix-agentd, you’ll get graphs like from beggining of this article. Good part is that you don’t need to be stuck with defaults, you can define some more like this:

iptstate -s -t | head -2 |tail -1 | sed 's/^.*OTHER: //'

上一张我的图吧,还是热呼呼的,呵呵!


第一步,导入zabbix的关于tcp的模版和脚本文件.见附件!

第二步编辑/etc/zabbix_agentd.conf:

UserParameter=iptstate.tcp,/etc/zabbix/scripts/net-tcp

UserParameter=iptstate.tcp.syn,/etc/zabbix/scripts/net-syn

UserParameter=iptstate.tcp.timewait,/etc/zabbix/scripts/net-time-wait

UserParameter=iptstate.tcp.established,/etc/zabbix/scripts/net-established

UserParameter=iptstate.tcp.close,/etc/zabbix/scripts/net-close

UserParameter=iptstate.udp,/etc/zabbix/scripts/net-udp

UserParameter=iptstate.icmp,/etc/zabbix/scripts/net-icmp

建立脚本文件到/etc/zabbix/scripts这个目录里。

请到这儿下载 http://data.portwd.com/code/zabbix-iptables/

第三步:替换掉/etc/sudoers里的选项

sed -i -e 's/^Defaults.*requiretty/# &/' /etc/sudoers

第三步不做的后果是:

a、zabbix-agentd.log会在你查看关于tcp的图形时,狂报以下信息:

sudo: sorry, you must have a tty to run sudo

第四步重启zabbix-agent

备注1: 在测试中有发现部分机器使用iptstate 没有任何的输出。此时,我们需要加载一个模块。

# modprobe ip_conntrack

关于tcp的脚本,建议先在客户端执行,确认有数字输出,如果本地都没有输出,在zabbix server端也不会有输出。

备注2:在客户端使用zabbix用户执行net-tcp时,出现iptstate  找不到命令。请使用完全路径,我也是在某台vps发现这个问题,我的附件里没有修改。太懒了,原作者的也没有修改。关于iptstate,请使用绝对路径

[root@s10315190 scripts]# cat net-icmp

#!/bin/bash

est=`sudo /usr/sbin/iptstate -s | grep icmp | wc -l`

echo $est

使用zabbix 不超过3天,收获真是不少!官方详尽的文档,不少网站和博客上大量的模版,让我收益良多!

免费下载地址在 http://linux.linuxidc.com/

用户名与密码都是www.linuxidc.com

具体下载目录在 /2012年资料/6月/14日/Zabbix 如何监控TCP的SYN,establised?/