Theory

Zabbix is an enterprise monitoring software flexible enough for a wide range of monitoring use.

For this setup I will break up the various components of Zabbix. Why? Stability and to avoid resource contention. Just imagine if you had thousands of servers and networking device to monitor with one server. You'd be effectively doing a DDOS on you're Zabbix server!

So.... my setup will consist of the following:

  1. Zabbix Server
  2. Zabbix Proxy
  3. Zabbix Server Database
  4. Zabbix Web Server

The main responsiblity of the Zabbix server is process the data collected by the proxy. The proxy collects data from the devices being monitored and passes that data to the Zabbix server to take action with said data. The database I'll be using is MySQL, this database will be used by the server. Apache will be used as the web server. It will provide the frontend access and API endpoint.

The operating system I will be using for all four servers is CentOS 7.5

For this tutorial I will be referencing the Zabbix install guide located on the offical Zabbix wiki for version 3.4.11:

https://www.zabbix.com/documentation/3.4/manual/installation/install_from_packages/rhel_centos

Installing the Zabbix Web Server

  1. Add the Zabbix repository
rpm -ivh http://repo.zabbix.com/zabbix/3.4/rhel/7/x8664/zabbix-release-3.4-2.el7.noarch.rpm

2.   Install Apache and php

yum install httpd php php-bcmath php-cli php-common php-gd php-ldap php-mbstring php-mysql php-pdo php-xml

3. Add a firewall entry for port 80 and 443. Then reload firewall settings

firewall-cmd --add-service=http --permanent && firewall-cmd --add-service=https --permanent
firewall-cmd --reload

4. Install additional packages needed by the frontend

yum-config-manager --enable rhel-7-server-optional-rpms

5. Install Zabbix Frontend

yum install zabbix-web-mysql

6. Edit php settings

vim /etc/httpd/conf.d/zabbix.conf

Edit the following:

php_value max_execution_time 300
php_value memory_limit 128M
php_value post_max_size 16M
php_value upload_max_filesize 2M
php_value max_input_time 300
php_value always_populate_raw_post_data -1
php_value date.timezone America/New_York

7. Start and enable apache

systemctl start httpd && systemctl enable httpd

8. Enable communication between frontend and Zabbix server

setsebool -P httpd_can_connect_zabbix on
setsebool -P httpd_can_network_connect_db on

Installing the Database

Now lets hop on over to our database server and install MySQL for the Zabbix server.

  1. Install MySQL
wget https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm
rpm -ivh mysql57-community-release-el7-9.noarch.rpm
yum install mysql-server

2. Open port tcp 3306 and allow the IP of the Zabbix server to connect

firewall-cmd --permanent --zone=trusted --add-source=172.17.171.31/24
firewall-cmd --permanent --zone=trusted --add-port=3306/tcp
firewall-cmd --reload

3. Start and enable MySQL

systemctl start mysqld
systemctl enable mysqld

4. Find the default MySQL password

grep 'temporary password' /var/log/mysqld.log

5. Secure MySQL

mysql_secure_installation

6. Log into MySQL and create a user and DB for Zabbix

CREATE DATABASE zabbix CHARACTER SET utf8;
GRANT ALL PRIVILEGES ON zabbix.* TO 'zabbix'@'localhost' IDENTIFIED BY 'PASSWORD';
FLUSH PRIVILEGES;

For now we will pause the database setup and move on to the server install.

Installing the Zabbix Server

  1. Edit the host file and add an entry for the Zabbix database and proxy so it can route traffic based on IP address
  2. Add Zabbix repository
rpm -ivh http://repo.zabbix.com/zabbix/3.4/rhel/7/x86_64/zabbix-release-3.4-2.el7.noarch.rpm

3. Install the Zabbix server

yum install zabbix-server-mysql

4. Install optional tools

yum-config-manager --enable rhel-7-server-optional-rpms
yum install yum-utils

5. Create a Zabbix system account and group

useradd --system -g zabbix -d /usr/lib/zabbix -s /sbin/nologin -c "Zabbix Monitoring System" zabbix
groupadd --system zabbix

6. Edit the Zabbix server config file

vim /etc/zabbix/zabbix_server.conf

Edit the following lines:

ListenPort=10051

Change the IP below with IP of your DB, if the DB is on the same host use 'localhost'

DBHost=172.17.171.32
DBName=zabbix
DBUser=zabbix
DBPassword=XXXX

7. Open ports on the firewall for Zabbix (10050 & 100051)

firewall-cmd --permanent --add-port=10051/tcp
firewall-cmd --permanent --add-port=10050/tcp
firewall-cmd --reload

8. Import the Zabbix data into the database

cd /usr/share/doc/zabbix-server-mysql-3.4.11
zcat create.sql.gz | mysql -u zabbix -h zbx-db1 -p zabbix

9. Start and enable Zabbix server

systemctl start zabbix-server
systemctl enable zabbix-server

Installing the Zabbix Proxy

  1. Add Zabbix repository
rpm -ivh http://repo.zabbix.com/zabbix/3.4/rhel/7/x86_64/zabbix-release-3.4-2.el7.noarch.rpm

2. Install optional tools

yum-config-manager --enable rhel-7-server-optional-rpms
yum install yum-utils

3. Add Zabbix user and group

useradd --system -g zabbix -d /usr/lib/zabbix -s /sbin/nologin -c "Zabbix Monitoring System" zabbix
groupadd --system zabbix

4. Open ports on the firewall

firewall-cmd --permanent --add-port=10050/tcp
firewall-cmd --permanent --add-port=10051/tcp
firewall-cmd --reload

5. Install Zabbix proxy

yum install -y zabbix-proxy-sqlite3

6. Add data to the proxy's local DB

zcat /usr/share/doc/zabbix-proxy-sqlite3-3.4.11/schema.sql.gz | sqlite3 /etc/zabbix/zabbix.sqlite

7. Edit the proxy config file

vim /etc/zabbix/zabbix_proxy.conf

Edit the following lines:

Server=172.17.171.31 #add the IP or hostname of your zabbix server
ServerPort=10051
Hostname=zbx-prx1
EnableRemoteCommands=1 #enable to execute remote commands
DBName=/etc/zabbix/zabbix.sqlite

8. Start and enable the proxy

systemctl start zabbix-proxy
systemctl enable zabbix-proxy

Configure the Zabbix Frontend

  1. Open your web broswer and go to http://<IP_ADDRESS_OF_WEB_SERVER>/zabbix

You should see the pre-req check page

2. Click 'Next step', and configure the DB.

• Database type - This tutorial is using MySQL

• Database host - IP address or hostname

• Database port - 3306

• Database name - zabbix or whatever you named your zabbix DB

• User - zabbix or whatever you named your zabbix user

• Password - Enter the Zabbix DB password

Installing the Zabbix Agent

This step is the same for all of the hosts you want to monitor.

  1. Download Zabbix agent for version 3.4.11
rpm -ivh http://repo.zabbix.com/zabbix/3.4/rhel/7/x86_64/zabbix-agent-3.4.11-1.el7.x86_64.rpm

2. Install Zabbix agent

yum install zabbix-agent

3. Set the selinux boolean value

setsebool -P zabbix_can_network on
setsebool -P httpd_can_connect_zabbix on

4. Edit the Zabbix agent config file

vim /etc/zabbix/zabbix_agentd.conf
EnableRemoteCommands=1
ListenPort=10050
Server=172.17.171.31 #IP of Zabbix server
ServerActive=172.17.171.31 #IP of Zabbix server or proxy
Hostname=zbx-prx1 #Hostname of your proxy
Include=/etc/zabbix/zabbix_agentd.d/*.conf

If you get an error like this:

Job for zabbix-agent.service failed because the control process exited with error code. See "systemctl status zabbix-agent.service" and "journalctl -xe" for details.

Do these steps:

cat /var/log/audit/audit.log | grep zabbix_agentd | grep denied | audit2allow -M zabbix_agent_setrlimit > zabbix_agent_setrlimit.te
semodule -i zabbix_agent_setrlimit.pp

If you're lazy like me you can use this script to install the agent on any host. Make edits on the Server and ServerActive IPs before executing.

https://github.com/pafable/zbx-tutorial.git

If you have not logged in already, you should see something like the picture below. Thanks for reading and stay tuned for future tutorials on how to use Zabbix to not only monitor but also do self healing.