Before we start, you will need a Debian 10 VPS (you can get one on digitalocean for example), if you prefer to use your own self hosted server, make sure that port 80 and 443 are correctly port forwarded so that the public ip points to the server and not the router. Once that's done, go and ssh into your debian 10 server.
First of all, SSH into your server and install the dependencies:
dpkg-reconfigure locales
Tick en_US UTF8, then you choose en_US UTF8 as default locale, and only after do we install postgres and other dependencies:
apt-get -y install apt-transport-https lsb-release ca-certificates curl gnupg -y
root@zabbix:~# apt install apache2 php php-mysql php-mysqlnd php-ldap php-bcmath php-mbstring php-gd php-pdo php-xml libapache2-mod-php
Then configure mysql:
root@zabbix:~# apt install mariadb-server mariadb-client
root@zabbix:~# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.
You already have your root account protected, so you can safely answer 'n'.
Switch to unix_socket authentication [Y/n] n
... skipping.
You already have your root account protected, so you can safely answer 'n'.
Change the root password? [Y/n] n
... skipping.
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
root@zabbix:~# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 36
Server version: 10.5.18-MariaDB-0+deb11u1 Debian 11
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> create database zabbix character set utf8 collate utf8_bin;
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> grant all privileges on zabbix.* to zabbix@localhost identified by 'PASSWORD';
Query OK, 0 rows affected (0.003 sec)
MariaDB [(none)]> quit;
Bye
Then we install zabbix itself ( browse zabbix's repository here and choose the latest version:
root@zabbix:~# wget https://repo.zabbix.com/zabbix/6.3/debian/pool/main/z/zabbix-release/zabbix-release_6.3-1%2Bdebian11_all.deb
--2022-12-24 09:35:45-- https://repo.zabbix.com/zabbix/6.3/debian/pool/main/z/zabbix-release/zabbix-release_6.3-1%2Bdebian11_all.deb
Resolving repo.zabbix.com (repo.zabbix.com)... 178.128.6.101, 2604:a880:2:d0::2062:d001
Connecting to repo.zabbix.com (repo.zabbix.com)|178.128.6.101|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 3672 (3.6K) [application/octet-stream]
Saving to: ‘zabbix-release_6.3-1+debian11_all.deb’
zabbix-release_6.3-1+debian11_all 100%[============================================================>] 3.59K --.-KB/s in 0s
2022-12-24 09:35:45 (26.9 MB/s) - ‘zabbix-release_6.3-1+debian11_all.deb’ saved [3672/3672]
root@zabbix:~# dpkg -i zabbix-release_6.3-1+debian11_all.deb
Selecting previously unselected package zabbix-release.
(Reading database ... 35659 files and directories currently installed.)
Preparing to unpack zabbix-release_6.3-1+debian11_all.deb ...
Unpacking zabbix-release (1:6.3-1+debian11) ...
Setting up zabbix-release (1:6.3-1+debian11) ...
root@zabbix:~# apt update
root@zabbix:~# apt -y install zabbix-server-mysql zabbix-frontend-php zabbix-agent zabbix-sql-scripts
root@zabbix:/usr/share/zabbix-sql-scripts/mysql# ls -lash
total 3.9M
4.0K drwxr-xr-x 2 root root 4.0K Dec 24 09:39 .
4.0K drwxr-xr-x 5 root root 4.0K Dec 24 09:39 ..
4.0K -rw-r--r-- 1 root root 282 Nov 21 10:18 double.sql
4.0K -rw-r--r-- 1 root root 1.5K Dec 20 10:57 history_pk_prepare.sql
180K -rw-r--r-- 1 root root 179K Dec 20 10:57 proxy.sql
3.7M -rw-r--r-- 1 root root 3.7M Dec 20 11:38 server.sql.gz
root@zabbix:/usr/share/zabbix-sql-scripts/mysql# zcat /usr/share/zabbix-sql-scripts/mysql/server.sql.gz | mysql -u zabbix -p zabbix
Enter password:
Wait a bit for the schema to be added, then edit /etc/zabbix/zabbix_server.conf for the db connection:
root@zabbix:~# vim /etc/zabbix/zabbix_server.conf
[...]
DBHost=localhost
DBName=zabbix
DBUser=zabbix
DBPassword=PASSWORD
[...]
:wq
root@zabbix:~# systemctl restart zabbix-server zabbix-agent
root@zabbix:~# systemctl enable zabbix-server zabbix-agent
Synchronizing state of zabbix-server.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable zabbix-server
Synchronizing state of zabbix-agent.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable zabbix-agent
Created symlink /etc/systemd/system/multi-user.target.wants/zabbix-server.service → /lib/systemd/system/zabbix-server.service.
root@zabbix:~# apt install zabbix-apache-conf
Then restart apache2 and proceed to the gui to complete the installation at http://10.0.0.190/zabbix/setup.php:
root@zabbix:~# ln -s /etc/zabbix/apache.conf /etc/apache2/conf-enabled/zabbix.conf
ln: failed to create symbolic link '/etc/apache2/conf-enabled/zabbix.conf': File exists
root@zabbix:~# systemctl restart apache2
Then to login you need to use the "Admin:zabbix" default credentials:
And there you go! We managed to install zabbix.
Next we're going to use acme.sh to get the free letsencrypt TLS certificate:
wget -O - https://get.acme.sh | sh
cd
source .bashrc
systemctl stop nginx
acme.sh --issue --standalone -d ech2.duckdns.org -k 4096
systemctl start nginx
From here enable the other services:
systemctl enable zabbix-server zabbix-agent --now
Now here you may get the 'Zabbix server is not running: the information displayed may not be current.' error message at the bottom, so let's fix this by editing the /etc/zabbix/zabbix_server.conf file:
root@Zabbix:~# tail -f /var/log/zabbix/zabbix_server.log
20777:20210501:184150.043 database is down: reconnecting in 10 seconds
20777:20210501:184200.060 [Z3001] connection to database 'zabbix' failed: [0] fe_sendauth: no password supplied
20777:20210501:184200.061 database is down: reconnecting in 10 seconds
20777:20210501:184210.079 [Z3001] connection to database 'zabbix' failed: [0] fe_sendauth: no password supplied
20777:20210501:184210.079 database is down: reconnecting in 10 seconds
20777:20210501:184220.096 [Z3001] connection to database 'zabbix' failed: [0] fe_sendauth: no password supplied
20777:20210501:184220.096 database is down: reconnecting in 10 seconds
root@Zabbix:~# vim /etc/zabbix/zabbix_server.conf
[...]
DBPassword=zabbix
[...]
:wq
root@Zabbix:~# systemctl restart zabbix-server
And that's it! That's what you need to do if the zabbix-server is not running, you need to check what's happening from the error log /var/log/zabbix/zabbix_server.log, and then edit /etc/zabbix/zabbix_server.conf accordingly.
Now before moving forward let's make sure snmp is configured on our debian zabbix host:
root@Zabbix:~# apt install snmp snmpd php7.3-snmp -y
root@Zabbix:~# systemctl restart zabbix-server
Once that's done, you will be able to add hosts with snmp:
We're going to use a macro that will contain our 'secret' snmp community string, obviously if you are using a public host you want this snmp community string to be complex and hard to guess to be secure.
Save the new host and enable it:
here you can see that the snmp queries are working, since we have access to graphs about our host:
Now that we know it's working, we're going to edit the main zabbix dashboard, and we will add a Widget containing one of the graphs of our SNMP host:
And there you go ! We managed to add a customized graph containing ICMP response time.
Now let's try to add Hosts using the Zabbix Agent:
root@Zabbix:~# ip a | grep inet
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
inet 10.0.0.220/16 brd 10.0.255.255 scope global ens18
inet6 fe80::20f6:74ff:fe83:4fa3/64 scope link
root@Zabbix:~# apt install zabbix-agent
Reading package lists... Done
Building dependency tree
Reading state information... Done
zabbix-agent is already the newest version (1:5.2.6-1+debian10).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@Zabbix:~# systemctl enable --now zabbix-agent
Another example for the 10.0.0.101 host:
root@home:~# ip a | grep inet
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
inet 10.0.0.101/16 brd 10.0.255.255 scope global ens18
inet6 fe80::94b0:53ff:fe08:49a6/64 scope link
root@home:~# apt install zabbix-agent -y
Reading package lists... Done
Building dependency tree
Reading state information... Done
zabbix-agent is already the newest version (1:4.0.4+dfsg-1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@home:~# vim /etc/zabbix/zabbix_agentd.conf
[...]
Server=0.0.0.0/0
ListenPort=10050
[...]
:wq
root@home:~# systemctl enable --now zabbix-agent
root@home:~# systemctl status zabbix-agent
● zabbix-agent.service - Zabbix Agent
Loaded: loaded (/lib/systemd/system/zabbix-agent.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2021-05-01 18:18:08 CEST; 5s ago
Docs: man:zabbix_agentd
Main PID: 30420 (zabbix_agentd)
Tasks: 6 (limit: 4915)
Memory: 3.1M
CGroup: /system.slice/zabbix-agent.service
├─30420 /usr/sbin/zabbix_agentd --foreground
├─30421 /usr/sbin/zabbix_agentd: collector [idle 1 sec]
├─30422 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection]
├─30423 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection]
├─30424 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection]
└─30425 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec]
May 01 18:18:08 home systemd[1]: Started Zabbix Agent.
May 01 18:18:08 home zabbix_agentd[30420]: Starting Zabbix Agent [home]. Zabbix 4.0.4 (revision 89349).
May 01 18:18:08 home zabbix_agentd[30420]: Press Ctrl+C to exit.
Now just add the 2 Hosts:
And with this we can add for example their CPU utilization:
If you want to monitor hosts by ICMP only do the following:
root@Zabbix:~# apt install fping -y
Reading package lists... Done
Building dependency tree
Reading state information... Done
fping is already the newest version (4.2-1).
fping set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@Zabbix:~# which fping
/usr/bin/fping
root@Zabbix:~# vim /etc/zabbix/zabbix_server.conf
[...]
FpingLocation=/usr/bin/fping
StartPingers=100
Timeout=4
[...]
:wq
root@Zabbix:~# systemctl restart zabbix-server
Then add the host itself:
Once you created the host with the ICMP Ping template, you can check it's new items:
ANd now that's done, we can add it to our dashboard:
Here's an example with 3 hosts:
After using zabbix for approximately 3 months, here's what it ends up like:
Right now i have a VPS with a monthly 1TB bandwidth limit, so i need to monitor it. To do so i use snmp and vnstat:
[ 10.66.66.2/32 ] [ /dev/pts/27 ] [~/Documents/Github]
→ ssh temple
root@Temple:~# apt install vnstat -y
root@Temple:~# systemctl enable vnstat
Synchronizing state of vnstat.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable vnstat
root@Temple:~# systemctl status vnstat
● vnstat.service - vnStat network traffic monitor
Loaded: loaded (/lib/systemd/system/vnstat.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2021-06-14 08:37:10 UTC; 2min 50s ago
Docs: man:vnstatd(8)
man:vnstat(1)
man:vnstat.conf(5)
Main PID: 13780 (vnstatd)
Tasks: 1 (limit: 1040)
Memory: 864.0K
CGroup: /system.slice/vnstat.service
└─13780 /usr/sbin/vnstatd -n
Jun 14 08:37:10 Temple systemd[1]: Started vnStat network traffic monitor.
Jun 14 08:37:10 Temple vnstatd[13780]: No interfaces found in database, adding available interfaces...
Jun 14 08:37:10 Temple vnstatd[13780]: Interface "enp1s0" added with 1000 Mbit bandwidth limit.
Jun 14 08:37:10 Temple vnstatd[13780]: Interface "wg0" added with 1000 Mbit bandwidth limit.
Jun 14 08:37:10 Temple vnstatd[13780]: -> 2 new interfaces found.
Jun 14 08:37:10 Temple vnstatd[13780]: Limits can be modified using the configuration file. See "man vnstat.conf".
Jun 14 08:37:10 Temple vnstatd[13780]: Unwanted interfaces can be removed from monitoring with "vnstat --remove".
Jun 14 08:37:10 Temple vnstatd[13780]: Info: vnStat daemon 2.6 started. (pid:13780 uid:114 gid:119 64-bit)
Jun 14 08:37:10 Temple vnstatd[13780]: Info: Monitoring (2): wg0 (1000 Mbit) enp1s0 (1000 Mbit)
Now that we enabled the vnstat service, we can monitor our bandwidth usage from the commandline and as you can see from the service status output, it is monitoring the enp1s0 and wg0 interfaces:
root@Temple:~# vnstat -i wg0
Database updated: 2021-06-14 08:42:20
wg0 since 2021-06-14
rx: 23.83 MiB tx: 25.43 MiB total: 49.26 MiB
monthly
rx | tx | total | avg. rate
------------------------+-------------+-------------+---------------
2021-06 23.83 MiB | 25.43 MiB | 49.26 MiB | 357 bit/s
------------------------+-------------+-------------+---------------
estimated 51.91 MiB | 56.85 MiB | 108.76 MiB |
daily
rx | tx | total | avg. rate
------------------------+-------------+-------------+---------------
today 23.83 MiB | 25.43 MiB | 49.26 MiB | 13.19 kbit/s
------------------------+-------------+-------------+---------------
estimated 65.75 MiB | 70.15 MiB | 135.90 MiB |
root@Temple:~# vnstat -i enp1s0
Database updated: 2021-06-14 08:42:20
enp1s0 since 2021-06-14
rx: 25.02 MiB tx: 26.66 MiB total: 51.68 MiB
monthly
rx | tx | total | avg. rate
------------------------+-------------+-------------+---------------
2021-06 25.02 MiB | 26.66 MiB | 51.68 MiB | 375 bit/s
------------------------+-------------+-------------+---------------
estimated 54.38 MiB | 59.33 MiB | 113.71 MiB |
daily
rx | tx | total | avg. rate
------------------------+-------------+-------------+---------------
today 25.02 MiB | 26.66 MiB | 51.68 MiB | 13.83 kbit/s
------------------------+-------------+-------------+---------------
estimated 69.03 MiB | 73.54 MiB | 142.57 MiB |
Currently i have 2 network interfaces i want to monitor: enp1s0 and wg0. Now the goal for me is to monitor the monthly total bandwidth usage, so that i can monitor if i'm going to hit the limit or not.
root@Temple:~# vnstat
rx / tx / total / estimated
enp1s0:
2021-06 66.75 MiB / 70.79 MiB / 137.54 MiB / 306.52 MiB
today 66.75 MiB / 70.79 MiB / 137.54 MiB / 373.70 MiB
wg0:
2021-06 59.36 MiB / 67.49 MiB / 126.86 MiB / 281.80 MiB
today 59.36 MiB / 67.49 MiB / 126.86 MiB / 344.66 MiB
root@Temple:~# vnstat --oneline
1;enp1s0;2021-06-14;66.75 MiB;70.79 MiB;137.54 MiB;36.28 kbit/s;2021-06;66.75 MiB;70.79 MiB;137.54 MiB;998 bit/s;66.75 MiB;70.79 MiB;137.54 MiB
root@Temple:~# vnstat --oneline | awk -F\; '{ print $11 }'
137.54 MiB
Basically for me the wg0 bandwidth usage is included in the enp1s0 bandwidth usage. Therefore i only need to monitor the enp1s0 interface, so i end up with the following bashscript:
root@Temple:~# vim bandwidth.sh
#!/bin/bash
# Current month total bandwidth in MB
i=$(vnstat --oneline | awk -F\; '{ print $11 }')
bandwidth_number=$(echo $i | awk '{ print $1 }')
bandwidth_unit=$(echo $i | awk '{ print $2 }')
#echo "$i "
#echo "$bandwidth_number"
#echo "$bandwidth_unit"
case "$bandwidth_unit" in
KiB) bandwidth_number_MB=$(echo "$bandwidth_number/1024" | bc)
;;
MiB) bandwidth_number_MB=$bandwidth_number
;;
GiB) bandwidth_number_MB=$(echo "$bandwidth_number*1024" | bc)
;;
TiB) bandwidth_number_MB=$(echo "$bandwidth_number*1024*1024" | bc)
;;
esac
echo $bandwidth_number_MB
:wq
root@Temple:~# chmod +x bandwidth.sh
root@Temple:~# ./bandwidth.sh
root@Temple:~# ./bandwidth.sh
195.35
root@Temple:~# cp bandwidth.sh /usr/local/bin/bandwidth
root@Temple:~# chmod +x /usr/local/bin/bandwidth
root@Temple:~# /usr/local/bin/bandwidth
314.77
Now we have a script which gives us the bandwidth usage in MiB. Now we need to make sure that zabbix can retrieve that information and use it in the graphs. We will modify our snmpd.conf file:
root@Temple:~# vim /etc/snmp/snmpd.conf
[...]
# This line allows Observium to detect the host OS if the distro script is installed
extend .1.3.6.1.4.1.2021.7890.1 distro /usr/local/bin/distro
# check bandwidth usage
extend .1.3.6.1.4.1.53864.1.1 bandwidth /usr/local/bin/bandwidth
[...]
:wq
root@Temple:~# systemctl restart snmpd
Now that you modified the snmpd config and restarted the service, you should be able to use the OID that corresponds to the bandwidth script from snmpwalk:
[ 10.66.66.2/32 ] [ /dev/pts/28 ] [~/Documents/Github]
→ snmpwalk -v2c temple.void.yt -c void.yt .1.3.6.1.4.1.53864.1.1
iso.3.6.1.4.1.53864.1.1.1.0 = INTEGER: 1
iso.3.6.1.4.1.53864.1.1.2.1.2.9.98.97.110.100.119.105.100.116.104 = STRING: "/usr/local/bin/bandwidth"
iso.3.6.1.4.1.53864.1.1.2.1.3.9.98.97.110.100.119.105.100.116.104 = ""
iso.3.6.1.4.1.53864.1.1.2.1.4.9.98.97.110.100.119.105.100.116.104 = ""
iso.3.6.1.4.1.53864.1.1.2.1.5.9.98.97.110.100.119.105.100.116.104 = INTEGER: 5
iso.3.6.1.4.1.53864.1.1.2.1.6.9.98.97.110.100.119.105.100.116.104 = INTEGER: 1
iso.3.6.1.4.1.53864.1.1.2.1.7.9.98.97.110.100.119.105.100.116.104 = INTEGER: 1
iso.3.6.1.4.1.53864.1.1.2.1.20.9.98.97.110.100.119.105.100.116.104 = INTEGER: 4
iso.3.6.1.4.1.53864.1.1.2.1.21.9.98.97.110.100.119.105.100.116.104 = INTEGER: 1
iso.3.6.1.4.1.53864.1.1.3.1.1.9.98.97.110.100.119.105.100.116.104 = STRING: "364.55"
iso.3.6.1.4.1.53864.1.1.3.1.2.9.98.97.110.100.119.105.100.116.104 = STRING: "364.55"
iso.3.6.1.4.1.53864.1.1.3.1.3.9.98.97.110.100.119.105.100.116.104 = INTEGER: 1
iso.3.6.1.4.1.53864.1.1.3.1.4.9.98.97.110.100.119.105.100.116.104 = INTEGER: 0
iso.3.6.1.4.1.53864.1.1.4.1.2.9.98.97.110.100.119.105.100.116.104.1 = STRING: "364.55"
And there you go! We have been able to query our monthly bandwidth usage integer. So now we need to get zabbix to query that specific oid aswell.
Here we're basically going to create an iten for our current snmp host called Temple:
[ 10.66.66.2/32 ] [ /dev/pts/29 ] [~/Documents/Github]
→ snmpget -v 2c -c void.yt temple.void.yt .1.3.6.1.4.1.53864.1.1
iso.3.6.1.4.1.53864.1.1 = No Such Object available on this agent at this OID
[ 10.66.66.2/32 ] [ /dev/pts/29 ] [~/Documents/Github]
→ snmpwalk -v2c temple.void.yt -c void.yt .1.3.6.1.4.1.53864.1.1
iso.3.6.1.4.1.53864.1.1.1.0 = INTEGER: 1
iso.3.6.1.4.1.53864.1.1.2.1.2.9.98.97.110.100.119.105.100.116.104 = STRING: "/usr/local/bin/bandwidth"
iso.3.6.1.4.1.53864.1.1.2.1.3.9.98.97.110.100.119.105.100.116.104 = ""
iso.3.6.1.4.1.53864.1.1.2.1.4.9.98.97.110.100.119.105.100.116.104 = ""
iso.3.6.1.4.1.53864.1.1.2.1.5.9.98.97.110.100.119.105.100.116.104 = INTEGER: 5
iso.3.6.1.4.1.53864.1.1.2.1.6.9.98.97.110.100.119.105.100.116.104 = INTEGER: 1
iso.3.6.1.4.1.53864.1.1.2.1.7.9.98.97.110.100.119.105.100.116.104 = INTEGER: 1
iso.3.6.1.4.1.53864.1.1.2.1.20.9.98.97.110.100.119.105.100.116.104 = INTEGER: 4
iso.3.6.1.4.1.53864.1.1.2.1.21.9.98.97.110.100.119.105.100.116.104 = INTEGER: 1
iso.3.6.1.4.1.53864.1.1.3.1.1.9.98.97.110.100.119.105.100.116.104 = STRING: "699.06"
iso.3.6.1.4.1.53864.1.1.3.1.2.9.98.97.110.100.119.105.100.116.104 = STRING: "699.06"
iso.3.6.1.4.1.53864.1.1.3.1.3.9.98.97.110.100.119.105.100.116.104 = INTEGER: 1
iso.3.6.1.4.1.53864.1.1.3.1.4.9.98.97.110.100.119.105.100.116.104 = INTEGER: 0
iso.3.6.1.4.1.53864.1.1.4.1.2.9.98.97.110.100.119.105.100.116.104.1 = STRING: "699.06"
[ 10.66.66.2/32 ] [ /dev/pts/29 ] [~/Documents/Github]
→ snmpget -v 2c -c void.yt temple.void.yt iso.3.6.1.4.1.53864.1.1.3.1.1.9.98.97.110.100.119.105.100.116.104
iso.3.6.1.4.1.53864.1.1.3.1.1.9.98.97.110.100.119.105.100.116.104 = STRING: "699.06"
If you pick the oid ending in .1.1 you will get the 'No such Object available on this agent at this OID' error. So when we do snmpwalk we see that the full OID is iso.3.6.1.4.1.53864.1.1.3.1.1.9.98.97.110.100.119.105.100.116.104. So we add it accordingly to our custom zabbix item:
We can test the OID here aswell:
And here we see that it is getting the right value ! So we can add it to our graphs:
Now here we see a problem with the units of the graph, we see that zabbix wants the base unit to be in iB because it will add the K M G T behind it. so let's simply edit our bandwidth script:
root@Temple:~# vim /usr/local/bin/bandwidth
#echo "$i "
#echo "$bandwidth_number"
#echo "$bandwidth_unit"
case "$bandwidth_unit" in
KiB) bandwidth_number_B=$(echo "$bandwidth_number*1024" | bc)
;;
MiB) bandwidth_number_B=$(echo "$bandwidth_number*1024*1024" | bc)
;;
GiB) bandwidth_number_B=$(echo "$bandwidth_number*1024*1024*1024" | bc)
;;
TiB) bandwidth_number_B=$(echo "$bandwidth_number*1024*1024*1024*1024" | bc)
;;
esac
echo $bandwidth_number_B
:wq
root@Temple:~# /usr/local/bin/bandwidth
1621350154.24
Now we have the Bytes instead of MegaBytes, so we clear the zabbix data for the bandwidth item and then check our graph again:
And here you see we have the correct units to monitor monthly bandwidth usage.
EDIT: apparently Vultr measures bandwidth in a weird way. They basically take the inbound traffic and the outbound traffic independently, and only take into account the higher of the 2 not the total of the 2. So here's my updated script:
#!/bin/bash
# Current month total bandwidth in MB
#i=$(vnstat --oneline | awk -F\; '{ print $11 }')
#DAILY
#i=$(vnstat --oneline | awk -F\; '{ print $4 }')
#j=$(vnstat --oneline | awk -F\; '{ print $5 }')
#MONTHLY
i=$(vnstat --oneline | awk -F\; '{ print $9 }')
j=$(vnstat --oneline | awk -F\; '{ print $10 }')
bn1=$(echo $i | awk '{ print $1 }')
bn2=$(echo $j | awk '{ print $1 }')
bunit1=$(echo $i | awk '{ print $2 }')
bunit2=$(echo $j | awk '{ print $2 }')
case "$bunit1" in
KiB) bnB1=$(echo "$bn1*1024" | bc)
;;
MiB) bnB1=$(echo "$bn1*1024*1024" | bc)
;;
GiB) bnB1=$(echo "$bn1*1024*1024*1024" | bc)
;;
TiB) bnB1=$(echo "$bn1*1024*1024*1024*1024" | bc)
;;
esac
case "$bunit2" in
KiB) bnB2=$(echo "$bn2*1024" | bc)
;;
MiB) bnB2=$(echo "$bn2*1024*1024" | bc)
;;
GiB) bnB2=$(echo "$bn2*1024*1024*1024" | bc)
;;
TiB) bnB2=$(echo "$bn2*1024*1024*1024*1024" | bc)
;;
esac
if (( $(echo "$bnB1 > $bnB2" |bc -l) )); then
bandwidth_number=$bnB1
else
bandwidth_number=$bnB2
fi
#convert gibibytes into gigabyte (*1.073742)
final=$(echo "$bandwidth_number * 1.073742" | bc)
echo $final
2022: Now let's try to add SNMPv3 Hosts. Lets' first set it up on the zabbix server itself:
root@zabbix:~# apt install snmp snmpd libsnmp-dev
root@zabbix:~# systemctl stop snmpd
root@zabbix:~# vim /etc/snmp/snmpd.conf
root@zabbix:~# cat /etc/snmp/snmpd.conf
sysLocation Nowhere
sysContact Nihilist <nihilist@nihilism.network>
sysServices 72
master agentx
agentaddress 0.0.0.0,[::]
view systemonly included .1
view systemonly included .1.3.6.1.2.1.1
view systemonly included .1.3.6.1.2.1.25.1
rocommunity public default -V systemonly
rocommunity6 public default -V systemonly
rouser nihilist authpriv -V systemonly
root@zabbix:~# systemctl stop snmpd
root@zabbix:~# mkdir /snmp
root@zabbix:~# net-snmp-config --create-snmpv3-user -ro -a SHA-512 -A "AEFB9DWADWAW630B38A9B1F61183" -x AES -X "AEFB9DWADWAW630B38A9B1F61183" nihilist
adding the following line to /var/lib/snmp/snmpd.conf:
createUser authPrivUser SHA-512 "myauthphrase" AES "myprivphrase"
adding the following line to /snmp/snmpd.conf:
rouser authPrivUser
root@zabbix:~# systemctl restart snmpd
root@zabbix:~# systemctl status snmpd
● snmpd.service - Simple Network Management Protocol (SNMP) Daemon.
Loaded: loaded (/lib/systemd/system/snmpd.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2022-12-24 10:51:15 CET; 4s ago
Process: 23239 ExecStartPre=/bin/mkdir -p /var/run/agentx (code=exited, status=0/SUCCESS)
Main PID: 23240 (snmpd)
Tasks: 1 (limit: 4670)
Memory: 4.9M
CPU: 262ms
CGroup: /system.slice/snmpd.service
└─23240 /usr/sbin/snmpd -LOw -u Debian-snmp -g Debian-snmp -I -smux mteTrigger mteTriggerConf -f -p /run/snmpd.pid
root@zabbix:~# snmpget -v 3 -u nihilist -l authpriv -a SHA-512 -A AEFB9DWADWAW630B38A9B1F61183 -x AES -X AEFB9DWADWAW630B38A9B1F61183 127.0.0.1 1.3.6.1.2.1.1.1.0
MIB search path: /root/.snmp/mibs:/usr/share/snmp/mibs:/usr/share/snmp/mibs/iana:/usr/share/snmp/mibs/ietf
Cannot find module (SNMPv2-MIB): At line 1 in (none)
Cannot find module (IF-MIB): At line 1 in (none)
Cannot find module (IP-MIB): At line 1 in (none)
Cannot find module (TCP-MIB): At line 1 in (none)
[...]
Cannot adopt OID in UCD-SNMP-MIB: laLoadInt ::= { laEntry 5 }
Cannot adopt OID in UCD-SNMP-MIB: laConfig ::= { laEntry 4 }
Cannot adopt OID in UCD-SNMP-MIB: laLoad ::= { laEntry 3 }
Cannot adopt OID in UCD-SNMP-MIB: laNames ::= { laEntry 2 }
Cannot adopt OID in UCD-SNMP-MIB: laIndex ::= { laEntry 1 }
iso.3.6.1.2.1.1.1.0 = STRING: "Linux zabbix 5.10.0-20-amd64 #1 SMP Debian 5.10.158-2 (2022-12-13) x86_64"
Then test it from another host:
[ 10.8.0.3/24 ] [ nowhere ] [~/HTB]
→ sudo pacman -S net-snmp
[sudo] password for nothing:
resolving dependencies...
looking for conflicting packages...
Packages (1) net-snmp-5.9.1-5
Total Download Size: 1.75 MiB
Total Installed Size: 7.79 MiB
:: Proceed with installation? [Y/n] y
[ 10.8.0.3/24 ] [ nowhere ] [~/HTB]
→ snmpget -v 3 -u nihilist -l authpriv -a SHA-512 -A AEFB9DWADWAW630B38A9B1F61183 -x AES -X AEFB9DWADWAW630B38A9B1F61183 10.0.0.190 1.3.6.1.2.1.1.1.0
SNMPv2-MIB::sysDescr.0 = STRING: Linux zabbix 5.10.0-20-amd64 #1 SMP Debian 5.10.158-2 (2022-12-13) x86_64
Then add it in zabbix:
If it doesnt display the server's disk space, make sure you set the IPMI from "user" to "admin", that way you will collect more data:
Then you also make sure that the Discovery Rules are all tested, and enabled:
If it doesn't display in zabbix, its possible that restarting zabbix-server may fix the issue. This is due to the fact that snmpEngineIDs are not checked by snmp tools like snmpwalk, but Zabbix uses it to differentiate between packets from different devices. If these are not unique then it can create issues like authentifiaction failing via snmp. So just restart zabbix-server. (source: here)
root@zabbix:~# systemctl status snmpd
● snmpd.service - Simple Network Management Protocol (SNMP) Daemon.
Loaded: loaded (/lib/systemd/system/snmpd.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2022-12-24 10:51:15 CET; 6min ago
Process: 23239 ExecStartPre=/bin/mkdir -p /var/run/agentx (code=exited, status=0/SUCCESS)
Main PID: 23240 (snmpd)
Tasks: 1 (limit: 4670)
Memory: 4.9M
CPU: 643ms
CGroup: /system.slice/snmpd.service
└─23240 /usr/sbin/snmpd -LOw -u Debian-snmp -g Debian-snmp -I -smux mteTrigger mteTriggerConf -f -p /run/snmpd.pid
Dec 24 10:57:15 zabbix snmpd[23240]: Authentication failed for nihilist
Dec 24 10:57:15 zabbix snmpd[23240]: Authentication failed for nihilist
Dec 24 10:57:15 zabbix snmpd[23240]: Authentication failed for nihilist
Dec 24 10:57:15 zabbix snmpd[23240]: Authentication failed for nihilist
Dec 24 10:57:15 zabbix snmpd[23240]: Authentication failed for nihilist
Dec 24 10:57:15 zabbix snmpd[23240]: Authentication failed for nihilist
Dec 24 10:57:15 zabbix snmpd[23240]: Authentication failed for nihilist
Dec 24 10:57:15 zabbix snmpd[23240]: Authentication failed for nihilist
Dec 24 10:57:16 zabbix snmpd[23240]: Authentication failed for nihilist
Dec 24 10:57:16 zabbix snmpd[23240]: Authentication failed for nihilist
root@zabbix:~# systemctl restart zabbix-server
Then see that the data gets populated in zabbix:
To speedup the snmpv3 setup on hosts, i have the following script:
root@zabbix:~# cat snmpsetup.sh
#!/bin/bash
systemctl stop snmpd
echo "[+] ADD THE NON-FREE REPOS IN /etc/apt/sources.list !!!"
apt install snmp-mibs-downloader
rm -rf /etc/snmp
rm -rf /snmp/
apt purge snmp snmpd libsnmp-dev -y
apt install snmp snmpd libsnmp-dev vnstat bc wget -y
wget https://nihilism.network/snmp/snmpd.conf -O /etc/snmp/snmpd.conf
systemctl restart snmpd
wget https://nihilism.network/snmp/distro -O /usr/local/bin/distro
chmod +x /usr/local/bin/distro
/usr/local/bin/distro
wget https://nihilism.network/snmp/bandwidth.sh -O /usr/local/bin/bandwidth
chmod +x /usr/local/bin/bandwidth
/usr/local/bin/bandwidth
mkdir /snmp/
systemctl stop snmpd
kill -9 $(pidof snmpd)
net-snmp-config --create-snmpv3-user -ro -a SHA-512 -A "YOURPASSWORD" -x AES -X "YOURPASSWORD" nihilist
snmpget -v 3 -u nihilist -l authpriv -a SHA-512 -A "YOURPASSWORD" -x AES -X "YOURPASSWORD" 127.0.0.1 1.3.6.1.2.1.1.1.0
systemctl enable --now vnstat snmpd
systemctl restart vnstat snmpd
systemctl status vnstat snmpd
If you get the following error on a host you want to monitor via SNMP:
root@pve:~# systemctl status snmpd
● snmpd.service - Simple Network Management Protocol (SNMP) Daemon.
Loaded: loaded (/lib/systemd/system/snmpd.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2022-12-24 12:26:48 CET; 6s ago
Process: 4049199 ExecStartPre=/bin/mkdir -p /var/run/agentx (code=exited, status=0/SUCCESS)
Main PID: 4049200 (snmpd)
Tasks: 1 (limit: 115830)
Memory: 5.4M
CPU: 63ms
CGroup: /system.slice/snmpd.service
└─4049200 /usr/sbin/snmpd -LOw -u Debian-snmp -g Debian-snmp -I -smux mteTrigger mteTriggerConf -f -p /run/snmpd.pid
Dec 24 12:26:48 pve snmpd[4049200]: Cannot adopt OID in NET-SNMP-AGENT-MIB: nsNotifyShutdown ::= { netSnmpNotifications 2 }
Dec 24 12:26:48 pve snmpd[4049200]: Cannot adopt OID in NET-SNMP-AGENT-MIB: nsNotifyRestart ::= { netSnmpNotifications 3 }
Dec 24 12:26:48 pve snmpd[4049200]: Cannot adopt OID in UCD-SNMP-MIB: laErrMessage ::= { laEntry 101 }
Dec 24 12:26:48 pve snmpd[4049200]: Cannot adopt OID in UCD-SNMP-MIB: laErrorFlag ::= { laEntry 100 }
Dec 24 12:26:48 pve snmpd[4049200]: Cannot adopt OID in UCD-SNMP-MIB: laLoadFloat ::= { laEntry 6 }
Dec 24 12:26:48 pve snmpd[4049200]: Cannot adopt OID in UCD-SNMP-MIB: laLoadInt ::= { laEntry 5 }
Dec 24 12:26:48 pve snmpd[4049200]: Cannot adopt OID in UCD-SNMP-MIB: laConfig ::= { laEntry 4 }
Dec 24 12:26:48 pve snmpd[4049200]: Cannot adopt OID in UCD-SNMP-MIB: laLoad ::= { laEntry 3 }
Dec 24 12:26:48 pve snmpd[4049200]: Cannot adopt OID in UCD-SNMP-MIB: laNames ::= { laEntry 2 }
Dec 24 12:26:48 pve snmpd[4049200]: Cannot adopt OID in UCD-SNMP-MIB: laIndex ::= { laEntry 1 }
Then you need to install snmp-mibs-downloader after enabling the non-free repos in /etc/apt/sources.list
root@pve:~# cat /etc/apt/sources.list
deb http://ftp.debian.org/debian bullseye main contrib non-free
deb http://ftp.debian.org/debian bullseye-updates main contrib non-free
# security updates
deb http://security.debian.org/debian-security bullseye-security main contrib non-free
root@pve:~# apt update -y
root@pve:~# apt-get install snmp-mibs-downloader
root@pve:~# systemctl restart snmpd
root@pve:~# systemctl status snmpd
● snmpd.service - Simple Network Management Protocol (SNMP) Daemon.
Loaded: loaded (/lib/systemd/system/snmpd.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2022-12-24 12:30:38 CET; 3s ago
Process: 4054749 ExecStartPre=/bin/mkdir -p /var/run/agentx (code=exited, status=0/SUCCESS)
Main PID: 4054750 (snmpd)
Tasks: 1 (limit: 115830)
Memory: 5.8M
CPU: 73ms
CGroup: /system.slice/snmpd.service
└─4054750 /usr/sbin/snmpd -LOw -u Debian-snmp -g Debian-snmp -I -smux mteTrigger mteTriggerConf -f -p /run/snmpd.pid
Dec 24 12:30:38 pve systemd[1]: Starting Simple Network Management Protocol (SNMP) Daemon....
Dec 24 12:30:38 pve systemd[1]: Started Simple Network Management Protocol (SNMP) Daemon..
If you get this timeout error It most likely means that the server is blocking 161/udp traffic, so you need to allow it via iptables or ufw:
[term1]
snmpget -v 3 -u nihilist -l authpriv -a SHA-512 -A PASSWORD -x AES128 -X PASSWORD 10.0.0.1 1.3
Timeout: No Response from 10.0.0.1.
[term2]
ufw allow 161
ufw allow snmp
#or with iptables
iptables -A INPUT -p udp -m udp -s 10.0.0.0/24 --dport 161 -j ACCEPT
Until there is Nothing left.
Donate XMR: 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8
Contact: nihilist@nihilism.network (PGP)