Review: Zabbix 1.8 Network Monitoring
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Book Reviews If you have anything more than a small home network, you need to be monitoring the status of your systems to ensure they are providing the services they were designed to provide. Rihards Olups has created a comprehensive reference and usability guide for the latest version of Zabbix that anyone being tasked with implementing should have by their side.

Title: Review: Zabbix 1.8 Network Monitoring
Author: Rihards Olups
ISBN: ISBN-13: 978-1-847197-68-9
Reviewer: Dave Wreski <dwreski@guardiandigital.com>
Review Score: 4.2 of 5 Penguins
Publisher: Packt Publishing
Sample Chapter: Chapter Two: Getting Your First Notification

Zabbix is a modern network monitoring and alerting tool that provides an administrator with the ability to create events for changes in the status of services such as DNS or HTTP, as well as local events like a disk failure.

Before getting started implementing Zabbix, it's recommended that the administrator begin with a current installation of their favorite Linux distribution, with all updates applied, and services including MySQL, net-snmp, sufficient disk space and memory, perl and PHP, a working email system, and sufficient knowledge of how to use the Linux command-line for managing processes and editing configuration files.

Olups starts chapter one with basic set-up information, including how to install Zabbix, a general overview of the features, a discussion of the Zabbix terms including "Zabbix server" and "Zabbix Database", and "agents", which are installed on the remote server that is to be monitored by the Zabbix server.

Installation and setup is a pretty involved process that includes creating a database, adding users, adjusting the host security settings, installing packages or compiling the source code, and creating numerous Zabbix configuration files. Olups does a good job of outlining this process, but a moderate amount of Linux administration knowledge would also be necessary.

Once the system is set up and running, a web front-end is used to ease the process of adding new hosts and services to be monitored. Chapter two discusses this front-end, stepping you through the "wizards" and "templates" that are used to simplify the process, as well as configuring access to the Zabbix database server component, and a basic description of how to monitor simple events using SNMP. Central to using Zabbix is creating "triggers", or events that signal the Zabbix server to alert an adminstrator that a service requires attention. Configuring these events for simple expressions is a breeze, such as for CPU load exceeding a defined threshold. Creating simple graphs and reports is a matter f clicking a few checkboxes in the Monitoring section of the web front-end.

Chapter three begins the process of setting up the monitoring agent on the remote hosts to be monitored. Simple examples are provided for the common services such as HTTP and FTP, with a basic discussion of SNMP and how ICMP is used to check for connectivity and latency. Chapter three also discusses the differences between "passive" and "active" items, the latter of which involves an "agent" component that is installed on the remote host to be monitored, and communicates directly with the server.

Configuring network monitoring using the SNMP protocol is discussed in chapter four. The Simple Network Monitoring Protocol is a well-established method for signaling to a listener the status of a particular characteristic on the host, such as network bandwidth, printer out-of-paper warning, or a network fault from a router. Despite its name, it's actually quite complex, and chapter four describes the process of determining which events are available to be monitored by showing how the "snmpwalk:", "snmpget", and "snmpstatus" command-line functions are used.

While setting up and configuring SNMP is beyond the scope of the book, most current Linux distributions have packages available for this, and should not require much more than what is outlined in this chapter.

Chapter four also briefly discusses IPMI, a newer protocol that achieves much the same as SNMP, but tends to be more device-specific, and chances are that if your device supports IPMI, it also supports SNMP.

Chapter five is dedicated to managing user and group access to the web front-end. While Olups has done an acceptable job here, a more in-depth discussion of the security principles necessary to secure the Zabbix host and the services themselves would have been very useful.

Beginning with chapter six, Olups outlines more complex monitoring concepts, including “actions”, “triggers”, and “events”, Actions are what is actually performed upon receiving an alert, or trigger, such as restarting apache after learning it has stopped. There is a pretty comprehensive macro language that can be configured to automate much of this, as well as the procedure for using snmp to send traps.

About fifty pages are spent discussing the generation and management of reports and graphs through the web-based management system. Complex visual reports and graphs can be created showing system status, alerts over time, as well as the ability to generate custom reports based on your specific environment.

The remaining hundred pages discuss more advanced monitoring techniques, and later, using Zabbix through a proxy server.

Olups has done a fine job with providing an authoritative reference for the Zabbix monitoring system. Zabbix is a very complex application, and this guide really helps one get started using it productively.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!