LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: October 17th, 2014
Linux Security Week: October 13th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Review: Zabbix 1.8 Network Monitoring Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Book Reviews If you have anything more than a small home network, you need to be monitoring the status of your systems to ensure they are providing the services they were designed to provide. Rihards Olups has created a comprehensive reference and usability guide for the latest version of Zabbix that anyone being tasked with implementing should have by their side.

Title: Review: Zabbix 1.8 Network Monitoring
Author: Rihards Olups
ISBN: ISBN-13: 978-1-847197-68-9
Reviewer: Dave Wreski <dwreski@guardiandigital.com>
Review Score: 4.2 of 5 Penguins
Publisher: Packt Publishing
Sample Chapter: Chapter Two: Getting Your First Notification

Zabbix is a modern network monitoring and alerting tool that provides an administrator with the ability to create events for changes in the status of services such as DNS or HTTP, as well as local events like a disk failure.

Before getting started implementing Zabbix, it's recommended that the administrator begin with a current installation of their favorite Linux distribution, with all updates applied, and services including MySQL, net-snmp, sufficient disk space and memory, perl and PHP, a working email system, and sufficient knowledge of how to use the Linux command-line for managing processes and editing configuration files.

Olups starts chapter one with basic set-up information, including how to install Zabbix, a general overview of the features, a discussion of the Zabbix terms including "Zabbix server" and "Zabbix Database", and "agents", which are installed on the remote server that is to be monitored by the Zabbix server.

Installation and setup is a pretty involved process that includes creating a database, adding users, adjusting the host security settings, installing packages or compiling the source code, and creating numerous Zabbix configuration files. Olups does a good job of outlining this process, but a moderate amount of Linux administration knowledge would also be necessary.

Once the system is set up and running, a web front-end is used to ease the process of adding new hosts and services to be monitored. Chapter two discusses this front-end, stepping you through the "wizards" and "templates" that are used to simplify the process, as well as configuring access to the Zabbix database server component, and a basic description of how to monitor simple events using SNMP. Central to using Zabbix is creating "triggers", or events that signal the Zabbix server to alert an adminstrator that a service requires attention. Configuring these events for simple expressions is a breeze, such as for CPU load exceeding a defined threshold. Creating simple graphs and reports is a matter f clicking a few checkboxes in the Monitoring section of the web front-end.

Chapter three begins the process of setting up the monitoring agent on the remote hosts to be monitored. Simple examples are provided for the common services such as HTTP and FTP, with a basic discussion of SNMP and how ICMP is used to check for connectivity and latency. Chapter three also discusses the differences between "passive" and "active" items, the latter of which involves an "agent" component that is installed on the remote host to be monitored, and communicates directly with the server.

Configuring network monitoring using the SNMP protocol is discussed in chapter four. The Simple Network Monitoring Protocol is a well-established method for signaling to a listener the status of a particular characteristic on the host, such as network bandwidth, printer out-of-paper warning, or a network fault from a router. Despite its name, it's actually quite complex, and chapter four describes the process of determining which events are available to be monitored by showing how the "snmpwalk:", "snmpget", and "snmpstatus" command-line functions are used.

While setting up and configuring SNMP is beyond the scope of the book, most current Linux distributions have packages available for this, and should not require much more than what is outlined in this chapter.

Chapter four also briefly discusses IPMI, a newer protocol that achieves much the same as SNMP, but tends to be more device-specific, and chances are that if your device supports IPMI, it also supports SNMP.

Chapter five is dedicated to managing user and group access to the web front-end. While Olups has done an acceptable job here, a more in-depth discussion of the security principles necessary to secure the Zabbix host and the services themselves would have been very useful.

Beginning with chapter six, Olups outlines more complex monitoring concepts, including “actions”, “triggers”, and “events”, Actions are what is actually performed upon receiving an alert, or trigger, such as restarting apache after learning it has stopped. There is a pretty comprehensive macro language that can be configured to automate much of this, as well as the procedure for using snmp to send traps.

About fifty pages are spent discussing the generation and management of reports and graphs through the web-based management system. Complex visual reports and graphs can be created showing system status, alerts over time, as well as the ability to generate custom reports based on your specific environment.

The remaining hundred pages discuss more advanced monitoring techniques, and later, using Zabbix through a proxy server.

Olups has done a fine job with providing an authoritative reference for the Zabbix monitoring system. Zabbix is a very complex application, and this guide really helps one get started using it productively.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
The Hacktivist as Angry Young Man
The Hacker Wars Hits NYC
CAINE Linux Distribution Helps Investigators With Forensic Analysis
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.