https://wiki.koozali.org/api.php?action=feedcontributions&user=Morpheus&feedformat=atomSME Server - User contributions [en]2024-03-29T08:55:59ZUser contributionsMediaWiki 1.35.5https://wiki.koozali.org/index.php?title=Update_contribs&diff=33721Update contribs2017-07-17T09:21:03Z<p>Morpheus: /* Bugzilla */</p>
<hr />
<div>{{usefulnote}}<br />
==Update contribs==<br />
<br />
===Background===<br />
{{Note box|msg=These scripts depend on a yum feature introduced in Centos 6 / SME 9, and will not work on earlier versions}}<br />
Due to dependencies, the installation of contribs requires very often the installation of rpms coming from 3rd party (non-SME) repositories.<br />
<br />
Enabling 3rd party repositories during a general <tt>yum update</tt> can pull in packages that are incompatible with SME server such as newer versions of PHP, mysql, samba, etc.<br />
<br />
Updating the installed contribs needs sometimes to update the dependencies or sometimes only the dependencies get updated.<br />
<br />
In order to avoid serious problems of compatibility, it is very important that all the rpms get updated only from the repository they are installed from, instead of only taking the most recent release existing in all the repositories that are available.<br />
<br />
Yum doesn't do this job in one command but small scripts must be used for this purpose.<br />
<br />
===yumcheck.sh===<br />
<br />
yumcheck.sh can be used to check for and optionally install updates to packages that were originally installed from a 3rd party repository.<br />
<br />
yumcheck.sh is an attachment to [[bugzilla:10158]]<br />
<br />
Install at the sme server shell using:<br />
<nowiki>curl -s https://bugs.contribs.org/attachment.cgi?id=5837 |sed -e 's/\r//' >/usr/local/bin/yumcheck.sh<br />
chmod +x /usr/local/bin/yumcheck.sh<br />
</nowiki><br />
<br />
Usage:<br />
: <tt>yumcheck.sh</tt><br />
:: Check for updates for all packages installed from non-standard repos. Output only info for packages that need updates<br />
:: Indicate before exit if any packages were installed using ''yum localinstall''<br />
:: Indicate before exit if the server requires ''signal-event post-upgrade; signal-event reboot''<br />
: <tt>yumcheck.sh update</tt><br />
:: Run in verbose mode, do the updates, prompt the user after checking each repo if updates are pending<br />
: <tt>yumcheck.sh update -q -y</tt><br />
:: Show only those items to be updated, do the updates, and answer 'yes' to each suggested update.<br />
: <tt>yumcheck.sh @/ </tt><br />
:: List all rpms that have been installed using ''yum localinstall''<br />
: <tt>yumcheck.sh @smecontribs @sogo @/</tt><br />
:: Check for updates from "smecontribs", "sogo3", and any locally installed rpms<br />
:: Note that "@sogo" will be expanded to "sogo3" at runtime. Likewise, "@sme" would expand to "smecontribs"<br />
<br />
Notes:<br />
* Using the default settings will list updates from the enabled repositories multiple times (once for each disabled repo with installed packages)<br />
* Since this command starts from the output of <tt>/sbin/e-smith/audittools/newrpms</tt>, it is possible to get errors. That is, if you configure a repository, install a package from it, then remove the configuration, this script will error.<br />
* Arguments starting with "@" are stripped out and handled separately. If *all* arguments start with "@", the default "check-update -q" will be passed to yum.<br />
<br />
<br />
===Related Information===<br />
====Alternative Scripts====<br />
: [https://wiki.contribs.org/Talk:Update_contribs Original scripts]<br />
====Forum====<br />
:[https://forums.contribs.org/index.php/topic,52795.0.htm How to update completely and properly a SME?]<br />
====Bugzilla====<br />
:{{#bugzilla:columns=id,product,component,summary<br />
|id=10158<br />
|sort=version,component,id<br />
|disablecache=1<br />
|noresultsmessage="Bug not found"<br />
|headers=show}}<br />
<br />
[[Category:Howto]] [[Category:Tools]]<br />
[[Category:Updating]]</div>Morpheushttps://wiki.koozali.org/index.php?title=Update_contribs&diff=33720Update contribs2017-07-17T09:18:24Z<p>Morpheus: Added extra category</p>
<hr />
<div>{{usefulnote}}<br />
==Update contribs==<br />
<br />
===Background===<br />
{{Note box|msg=These scripts depend on a yum feature introduced in Centos 6 / SME 9, and will not work on earlier versions}}<br />
Due to dependencies, the installation of contribs requires very often the installation of rpms coming from 3rd party (non-SME) repositories.<br />
<br />
Enabling 3rd party repositories during a general <tt>yum update</tt> can pull in packages that are incompatible with SME server such as newer versions of PHP, mysql, samba, etc.<br />
<br />
Updating the installed contribs needs sometimes to update the dependencies or sometimes only the dependencies get updated.<br />
<br />
In order to avoid serious problems of compatibility, it is very important that all the rpms get updated only from the repository they are installed from, instead of only taking the most recent release existing in all the repositories that are available.<br />
<br />
Yum doesn't do this job in one command but small scripts must be used for this purpose.<br />
<br />
===yumcheck.sh===<br />
<br />
yumcheck.sh can be used to check for and optionally install updates to packages that were originally installed from a 3rd party repository.<br />
<br />
yumcheck.sh is an attachment to [[bugzilla:10158]]<br />
<br />
Install at the sme server shell using:<br />
<nowiki>curl -s https://bugs.contribs.org/attachment.cgi?id=5837 |sed -e 's/\r//' >/usr/local/bin/yumcheck.sh<br />
chmod +x /usr/local/bin/yumcheck.sh<br />
</nowiki><br />
<br />
Usage:<br />
: <tt>yumcheck.sh</tt><br />
:: Check for updates for all packages installed from non-standard repos. Output only info for packages that need updates<br />
:: Indicate before exit if any packages were installed using ''yum localinstall''<br />
:: Indicate before exit if the server requires ''signal-event post-upgrade; signal-event reboot''<br />
: <tt>yumcheck.sh update</tt><br />
:: Run in verbose mode, do the updates, prompt the user after checking each repo if updates are pending<br />
: <tt>yumcheck.sh update -q -y</tt><br />
:: Show only those items to be updated, do the updates, and answer 'yes' to each suggested update.<br />
: <tt>yumcheck.sh @/ </tt><br />
:: List all rpms that have been installed using ''yum localinstall''<br />
: <tt>yumcheck.sh @smecontribs @sogo @/</tt><br />
:: Check for updates from "smecontribs", "sogo3", and any locally installed rpms<br />
:: Note that "@sogo" will be expanded to "sogo3" at runtime. Likewise, "@sme" would expand to "smecontribs"<br />
<br />
Notes:<br />
* Using the default settings will list updates from the enabled repositories multiple times (once for each disabled repo with installed packages)<br />
* Since this command starts from the output of <tt>/sbin/e-smith/audittools/newrpms</tt>, it is possible to get errors. That is, if you configure a repository, install a package from it, then remove the configuration, this script will error.<br />
* Arguments starting with "@" are stripped out and handled separately. If *all* arguments start with "@", the default "check-update -q" will be passed to yum.<br />
<br />
<br />
===Related Information===<br />
====Alternative Scripts====<br />
: [https://wiki.contribs.org/Talk:Update_contribs Original scripts]<br />
====Forum====<br />
:[https://forums.contribs.org/index.php/topic,52795.0.htm How to update completely and properly a SME?]<br />
====Bugzilla====<br />
:{{#bugzilla:columns=id,product,component,summary<br />
|id=10158<br />
|sort=version,component,id<br />
|disablecache=1<br />
|noresultsmessage="Bug not found"<br />
|headers=show}}<br />
<br />
[[Category:Howto]] [[Category:Tools]]<br />
[[Category:Administration:Updating]]</div>Morpheushttps://wiki.koozali.org/index.php?title=Logwatch&diff=33705Logwatch2017-07-12T12:57:37Z<p>Morpheus: /* Mail messages in html */ correct line number</p>
<hr />
<div>Logwatch is a program that analyzes the server logs in /var/logs to detect errors and warnings such as, for example, attempts unsuccessful of authentication, mail delivery errors ecc...<br />
All logs will be monitored, and an email summarizing the full report will be sent to the administrator of the Sme (admin) every night.<br />
To install the package:<br />
<br />
yum --enablerepo=smecontribs install logwatch<br />
<br />
then you can type this if you want a report lighter without the firewall reporting<br />
<br />
echo 'Service = "-iptables"' >> /etc/logwatch/conf/logwatch.conf<br />
echo 'Service = "-iptables-multi"' >> /etc/logwatch/conf/logwatch.conf<br />
<br />
signal-event post-upgrade && signal-event reboot<br />
<br />
The program at the present time works without templates so all modification can be performed directly over scripts/conf files.<br />
<br />
==Mixed tweaks==<br />
===Mail messages in html===<br />
If you want the mail message in html format you must edit the main perl script with your favourite editor (mc, nano, joe, vi....):<br />
/usr/share/logwatch/scripts/logwatch.pl<br />
find the line (it should be line 85):<br />
$Config{'output'} = "unformatted";<br />
and modify it in:<br />
$Config{'output'} = "html";<br />
<br />
===Parsing Fetchmail log===<br />
The actual release does not contain a script to parse /var/maillog; you can simply add a script and the related conf to do this.<br />
Create the fetchmail script file:<br />
/usr/share/logwatch/scripts/services/fetchmail<br />
and paste into the file the following:<br />
##########################################################################<br />
# $Id: fetchmail $<br />
##########################################################################<br />
<br />
########################################################<br />
# This was written and is maintained by:<br />
# Oron Peled <oron \@\ actcom.net.il><br />
#<br />
########################################################<br />
my $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0;<br />
my %no_mail;<br />
my %messages_for;<br />
my %auth_fail;<br />
my %conn_fail;<br />
<br />
#Inits<br />
<br />
while (defined($ThisLine = <STDIN>)) {<br />
chomp($ThisLine);<br />
$ThisLine =~ s/^[a-zA-Z0-9]+: //;<br />
if($ThisLine =~ s/^No mail for (\S+) at (\S+)//) {<br />
$no_mail{"${1} at ${2}"}++;<br />
} elsif($ThisLine =~ /^reading message /) {<br />
# ignore<br />
} elsif($ThisLine =~ s/^Query status=[23]//) {<br />
# ignore. Counted below (Authorization, Connection)<br />
} elsif($ThisLine =~ s/^Authorization failure on (\S+)//) {<br />
$auth_fail{"${1}"}++;<br />
} elsif($ThisLine =~ s/^\S+ connection to \S+ failed: .*//) {<br />
# ignore. Counted below<br />
} elsif($ThisLine =~ s/^connection to (\S+) \[[^]]+\] failed: (.*).//) {<br />
$conn_fail{"${1} -- ${2}"}++;<br />
} elsif($ThisLine =~ s/^(\d+) messages? for (\S+) at (\S+).*.//) {<br />
$messages_for{"${2} at ${3}"} += $1;<br />
} else {<br />
chomp($ThisLine);<br />
# Report any unmatched entries...<br />
$OtherList{$ThisLine}++;<br />
}<br />
}<br />
<br />
if (keys %messages_for) {<br />
my $total;<br />
print "\nMessages\n";<br />
foreach my $who (sort keys %messages_for) {<br />
print " $who: $messages_for{$who}\n";<br />
$total += $messages_for{$who};<br />
}<br />
print " Total: $total\n";<br />
}<br />
<br />
if (keys %conn_fail) {<br />
my $total;<br />
print "\nConnection failures\n";<br />
foreach my $who (sort keys %conn_fail) {<br />
print " $who: $conn_fail{$who} Time(s)\n";<br />
$total += $conn_fail{$who};<br />
}<br />
print " Total: $total\n";<br />
}<br />
<br />
if (keys %auth_fail) {<br />
my $total;<br />
print "\nAuthorization failures\n";<br />
foreach my $who (sort keys %auth_fail) {<br />
print " $who: $auth_fail{$who} Time(s)\n";<br />
$total += $auth_fail{$who};<br />
}<br />
print " Total: $total\n";<br />
}<br />
<br />
if (keys %no_mail) {<br />
my $total;<br />
print "\nNo Mail\n";<br />
foreach my $who (sort keys %no_mail) {<br />
print " $who: $no_mail{$who} Time(s)\n";<br />
$total += $no_mail{$who};<br />
}<br />
print " Total: $total\n";<br />
}<br />
<br />
if (keys %OtherList) {<br />
print "\n**Unmatched Entries**\n";<br />
foreach $line (sort {$OtherList{$b}<=>$OtherList{$a} } keys %OtherList) {<br />
print " $line: $OtherList{$line} Time(s)\n";<br />
}<br />
}<br />
<br />
exit(0);<br />
<br />
# vi: shiftwidth=3 tabstop=3 syntax=perl et<br />
<br />
File permissions are:<br />
root:root rwxr-xr-x<br />
<br />
Then you must create the corresponding conf file:<br />
/usr/share/logwatch/default.conf/services/fetchmail.conf<br />
and paste into the file the following:<br />
<br />
###########################################################################<br />
# $Id: fetchmail $<br />
###########################################################################<br />
<br />
# You can put comments anywhere you want to. They are effective for the<br />
# rest of the line.<br />
<br />
# this is in the format of <name> = <value>. Whitespace at the beginning<br />
# and end of the lines is removed. Whitespace before and after the = sign<br />
# is removed. Everything is case *insensitive*.<br />
<br />
# Yes = True = On = 1<br />
# No = False = Off = 0<br />
<br />
Title = "Fetchmail"<br />
<br />
# Which logfile group...<br />
LogFile = maillog<br />
<br />
*OnlyService = fetchmail<br />
*RemoveHeaders<br />
<br />
#Fetchmail Global ENV Variables<br />
<br />
########################################################<br />
# This was written and is maintained by:<br />
# Oron Peled <oron \@\ actcom.net.il><br />
#<br />
########################################################<br />
<br />
# vi: shiftwidth=3 tabstop=3 et<br />
<br />
File permissions are:<br />
root:root rw-r--r--<br />
<br />
[[Category:Administration:Monitoring]][[Category:Contrib]]</div>Morpheushttps://wiki.koozali.org/index.php?title=B2evolution&diff=33667B2evolution2017-07-05T07:41:52Z<p>Morpheus: </p>
<hr />
<div>==Introduction==<br />
[http://b2evolution.net/ b2evolution] is a free blog tool for the next generation of blogs.<br />
<br />
It includes all the features of traditional blog tools, and extends them with evolved features such as file & photo management, advanced skinning, multiple blogs support as well as detailed user permissions...<br />
Not to mention third party plug-ins! <br />
<br />
Plus, it's free, open-source (GPL), it runs on virtually any webserver featuring PHP+MySQL and it's available in many languages!<br />
<br />
== Installation ==<br />
<br />
=== Download ===<br />
The package can be downloaded with the following command:<br />
wget http://downloads.sourceforge.net/evocms/b2evolution-1.10.2-2007-06-08.zip<br />
<br />
=== Putting things in the right place ===<br />
After the download you will have to extract the archive<br />
unzip b2evolution-1.10.2-2007-06-08.zip<br />
And move the source to /opt/<br />
mv /tmp/downloads/b2evolution /opt/<br />
<br />
=== Adding templates ===<br />
To be able to access b2evolution on our webserver we need to add some sections to the webserver configuration file. As this file is templated it means we need to create some template fragments:<br />
<br />
mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/<br />
cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/<br />
<br />
Open a text editor:<br />
pico 89b2evolution<br />
<br />
And copy the section below:<br />
<br />
# b2evolution<br />
<br />
Alias /blog /opt/b2evolution/blogs<br />
<Directory /opt/b2evolution/blogs><br />
Options -Indexes<br />
AllowOverride None<br />
order deny,allow<br />
deny from all<br />
allow from all<br />
AuthName "b2evolution"<br />
AuthType Basic<br />
AuthExternal pwauth<br />
Satisfy all<br />
AddType application/x-httpd-php .php .php3<br />
php_flag magic_quotes_gpc on<br />
php_flag track_vars on<br />
</Directory><br />
<br />
Save by pressing Ctrl+X, press Y to save changes and confirm with enter. <br />
<br />
Now we need to generate the new configuration file for the webserver:<br />
expand-template /etc/httpd/conf/httpd.conf<br />
And restart the server<br />
sv t httpd-e-smth<br />
<br />
=== Create Database ===<br />
To create the database for the package execute the following statements as root user:<br />
<br />
mysql -e "create database b2evolution"<br />
mysql -e "grant all privileges on b2evolution.* to bloguser@localhost identified by 'yourpassword'"<br />
mysql -e "flush privileges"<br />
<br />
==Still Under Underconstruction ==<br />
<br />
chown -R www.www /opt/b2evolution<br />
chmod 755 /opt/b2evolution<br />
<br />
Go to your web browser and open http://your.domain.or.IP/blog/install/index.php<br />
<br />
You will need the database user name and password created in the database setup for this step, then once finished filling in the details select Then select the '''update config file''' at the bootom of page to continue<br />
<br>[[Image:B2evolution_installer.png|center|800px]]<br><br />
<br />
How do you want to install b2evolution?<br />
<br />
if new install, then select the radio button for new install and select the go button<br />
<br />
'''Don't forget to write down your password'''<br />
<br />
Now you can log in with the login "admin" and password <br />
<br />
'''Note that password carefully! It is a random password that is given to you when you install b2evolution. If you lose it, you will have to delete the database tables and re-install anew.''' <br />
<br />
----<br />
[[Category: Howto]]<br />
[[Category: Webapps]]<br />
[[Category: CMS]]<br />
[[Category: Social Media Apps]]</div>Morpheushttps://wiki.koozali.org/index.php?title=Talk:Clamav_unofficial_sigs&diff=33666Talk:Clamav unofficial sigs2017-07-05T03:45:17Z<p>Morpheus: /* workaround for securite informatique */</p>
<hr />
<div>THANK YOU for this!!!!!<br />
<br />
==workaround for securite informatique==<br />
<br />
to use securiteinfo since 2015<br />
<br />
install, but do not yet do the signal-event or run the script<br />
<br />
go to register at http://www.securiteinfo.com<br />
<br />
mkdir -p /etc/e-smith/templates-custom/etc/clamav-unofficial-sigs/clamav-unofficial-sigs.conf/<br />
vim /etc/e-smith/templates-custom/etc/clamav-unofficial-sigs/clamav-unofficial-sigs.conf/099securiteinfo<br />
<br />
<br />
the content should be '''(Please paste your personal key where designated)''':<br />
<br />
{<br />
# paste you code here:<br />
my $securiteinfo_authorisation_signature="PASTE HERE";<br />
<br />
$OUT = "securiteinfo_authorisation_signature=\"$securiteinfo_authorisation_signature\"\n";<br />
$OUT .= "add_dbs=\"<br />
http://www.securiteinfo.com/get/signatures/$securiteinfo_authorisation_signature/securiteinfo.hdb<br />
http://www.securiteinfo.com/get/signatures/$securiteinfo_authorisation_signature/securiteinfo.ign2<br />
http://www.securiteinfo.com/get/signatures/$securiteinfo_authorisation_signature/javascript.ndb<br />
http://www.securiteinfo.com/get/signatures/$securiteinfo_authorisation_signature/spam_marketing.ndb<br />
http://www.securiteinfo.com/get/signatures/$securiteinfo_authorisation_signature/securiteinfohtml.hdb<br />
http://www.securiteinfo.com/get/signatures/$securiteinfo_authorisation_signature/securiteinfoascii.hdb<br />
http://www.securiteinfo.com/get/signatures/$securiteinfo_authorisation_signature/securiteinfoandroid.hdb<br />
<br />
\";";<br />
}<br />
then <br />
expand-template /etc/clamav-unofficial-sigs/clamav-unofficial-sigs.conf<br />
<br />
then <br />
download manually each of the securiteinformatique files in /var/lib/clamav-unofficial-sigs/add-dbs and /var/clamav/ '''(Please paste your personal key where designated)'''<br />
cd /var/lib/clamav-unofficial-sigs/add-dbs<br />
securiteinfo_authorisation_signature="PASTE HERE"<br />
wget http://www.securiteinfo.com/get/signatures/$securiteinfo_authorisation_signature/securiteinfo.hdb \<br />
http://www.securiteinfo.com/get/signatures/$securiteinfo_authorisation_signature/securiteinfo.ign2 \<br />
http://www.securiteinfo.com/get/signatures/$securiteinfo_authorisation_signature/javascript.ndb \<br />
http://www.securiteinfo.com/get/signatures/$securiteinfo_authorisation_signature/spam_marketing.ndb \<br />
http://www.securiteinfo.com/get/signatures/$securiteinfo_authorisation_signature/securiteinfohtml.hdb \<br />
http://www.securiteinfo.com/get/signatures/$securiteinfo_authorisation_signature/securiteinfoascii.hdb \<br />
http://www.securiteinfo.com/get/signatures/$securiteinfo_authorisation_signature/securiteinfoandroid.hdb<br />
cp -a * /var/clamav/<br />
<br />
signal-event clamav-update<br />
and<br />
clamav-unofficial-sigs.sh<br />
<br />
[[User:Unnilennium|Unnilennium]] ([[User talk:Unnilennium|talk]])</div>Morpheushttps://wiki.koozali.org/index.php?title=PhreeBooks&diff=33664PhreeBooks2017-07-05T02:07:33Z<p>Morpheus: update source for project and note changes</p>
<hr />
<div>= PhreeBooks Accounting =<br />
Author: Charles2008<br><br />
Source 1: http://forums.contribs.org/index.php/topic,50284.0/topicseen.html <br><br />
Source 2: http://www.phreebooks.com/documentation/how-tos/sme-server-phreebooks-install-howto/ <br><br />
<br />
{{Warning box| Before you use PhreeBooks Accounting in a business environment you must satisfy yourself that it is suitable and meets you organisation's needs and the needs of your business jurisdiction you must also ensure that your unique set-up and file permissions meet your requirements and are appropriate for your hosing environment. <br><br />
<br>'''You use anything included here at your own risk'''.<br><br />
}}<br />
== Description ==<br />
<br />
{{Note box| Many changes in the project, visit https://github.com/phreebooks/PhreeBooksERP for more information and sources<br />
<br />
}}<br />
PhreeBooks Accounting (previously called PhreedomERP) is a web based (multi-user), OpenSource, double-entry ERP/accounting software.<br><br />
Demo: http://www.phreebooks.com/pb-demo ... (demo, demouser)<br><br />
<br><br />
Dave Premo is the project leader and has kept a very firm control of development. <br><br />
In his own words - http://www.phreebooks.com/pb-forum/viewtopic.php?p=3178#p3178<br><br />
<br><br />
'''PhreeBooks aims to be a viable OpenSource alternative to Quickbooks and Peachtree/Sage.'''<br />
<br />
== Set-up on SME8 ==<br />
<br />
{{Note box| PhreeBooks doesn't like 'hardened-PHP' (Suhosin)}}<br />
<br />
<br />
==Create a Bookkeeping ibay==<br />
This will be the directory Phreebook will run from. You must create it from Server Manager<br><br />
Information bay name - '''bookkeeping'''<br><br />
Description – '''Phreebooks Accounting'''<br><br />
Group – Admin ... (set user Group)<br><br />
User access via file sharing or user ftp – '''Write = group, Read = group'''<br><br />
Public access via web or anonymous ftp – '''Local network, no password required''' <br> <br />
Execution of dynamic content (CGI, PHP, SSI) – '''Enabled'''<br><br />
<br><br />
<br />
==Create a PhreeBooks database==<br />
You can do it via via command line or I use [[PHPMyAdmin]].<br />
<br />
{{Note box| Please note that it is strongly advised to set MySQL to default to the InnoDB format using [[MySQL#Enable_InnoDB_engine]] <br><br />
and not MyISAM, as apparently InnoDB is 'more robust'. <br><br />
BTW: PhpMyAdmin seems to be set out-of-the-box to default to MyISAM. <br> <br />
<br><br />
This InnoDB / MyISAM issue won't affect getting PhreeBooks going now, however, may cause some data integrity uncertainty down the road. Best to get it right now. }}<br />
<br />
In PHPMyAdmin:<br><br />
Create database - '''phreebooks'''<br><br />
Collation – '''utf8_general_ci'''<br><br />
Create user: select ''''phreebooks'''' database from list on LHS > Privileges > Add User<br><br />
Choose a unique '''User Name''' and '''Password''' and (make sure that you have made a note of these!<br><br />
host - '''localhost'''<br><br />
Database for user - '''Grant all privileges''' on database '''phreebooks'''<br><br />
'''Add User'''<br><br />
<br />
<br />
<br />
<br />
'''Missing instruction about how to do it on CLI ''' that´s for LATER!<br />
<br />
<br />
<br />
<br />
==Sort out OpenBaseDir restriction==<br />
This is needed to allow files to be uploaded by PhreeBooks<br><br />
You can read about this at [[PHP#Open_basedir_restriction]]<br />
<br />
<br><br />
Remotely get to console of SME8 server using ssh (secure shell)<br><br />
Run 'sudo su -' on a Ubuntu PC use '''Putty''' on Windows PCs.<br />
<br />
ssh root@'''<server ip address>''' -L443:localhost:443 <br />
<br />
Then run this: <br />
db accounts setprop bookkeeping PHPBaseDir /home/e-smith/files/ibays/bookkeeping/:/tmp/<br />
signal-event ibay-modify bookkeeping<br />
<br />
==Delete the index.html==<br />
<br />
rm /home/e-smith/files/ibays/bookkeeping/html/index.html<br />
<br />
==Get PhreeBooks==<br />
<br />
cd /home/e-smith/files/ibays/bookkeeping/files/<br />
wget http://sourceforge.net/projects/phreebooks/files/latest/download?source=directory<br />
<br />
that will download latest version from PhreeBook site, now unzip it using:<br />
<br />
unzip <filename> <br />
<br />
for today that would be:<br />
<br />
unzip PhreeBooksR36RC2.zip<br />
<br />
there should be 2 entries similar to this: <br />
PhreeBooksR36RC2<br />
PhreeBooksR36RC2.zip<br />
<br />
One it´s the originally downloaded file (version can be newer) and other the directory with unzipped content.<br />
<br />
==Put files on right directory and right permissions==<br />
<br />
mv phreebooks/* ../html/<br />
chown -R www:www /home/e-smith/files/ibays/bookkeeping<br />
chmod -R 0750 /home/e-smith/files/ibays/bookkeeping<br />
<br />
==Install and configure PhreeBooks using browser==<br />
<br />
Open a browser and type:<br />
http'''s'''://<server ip address>/bookkeeping<br />
<br />
{{Note box| Please be patient, this can take 30 seconds or so (depending on processor speed etc )}}<br />
<br />
Now follow the on-screen instructions.<br />
<br />
==Post-install adjustments==<br />
<br />
After install, the web server needs RO access to all directories except /my_files which needs write access also for writing company specific files. <br><br />
Once you have the normal PhreeBooks desktop view (with dropdown menus across the top of the screen) then rename or delete the Install directory and make Includes/configure.php read only. <br><br />
<br />
mv /home/e-smith/files/ibays/bookkeeping/html/install /home/e-smith/files/ibays/bookkeeping/html/install.old<br />
<br />
or <br />
<br />
rm -rf /home/e-smith/files/ibays/bookkeeping/html/install<br />
<br />
And configure rigth file permissions:<br />
<br />
chmod -R 0551 /home/e-smith/files/ibays/bookkeeping<br />
chmod -R 0750 /home/e-smith/files/ibays/bookkeeping/html/my_files<br />
chmod 0400 /home/e-smith/files/ibays/bookkeeping/html/includes/configure.php <br />
<br />
{{Note box| I am investigating whether the 0551 file-permission above can be lowered to 0550 IF the user can pre-establish membership of a 'Group', i.e. by password protecting the ibay.}}<br />
<br />
I hope it works now. :)<br />
<br />
<br />
----<br />
[[Category:Howto]]</div>Morpheushttps://wiki.koozali.org/index.php?title=Install_From_USB&diff=33647Install From USB2017-06-29T04:22:31Z<p>Morpheus: </p>
<hr />
<div>{{Level|Medium}}<br />
<br />
= SME Server 9 =<br />
<br />
As of SME Server 9 a hybrid ISO image is used for creating bootable installation media. Note that not all USB Disk Creation software can properly handle this type of image (yet).<br />
<br />
== Requirements ==<br />
<br />
* Bootable USB Disk - 2GB is sufficient<br />
* SME Image of your choice - eg SME 9.1 [http://mirror.contribs.org/releases/9.1/iso/i386/smeserver-9.1-i386.iso smeserver-9.1-i386.iso] or [http://mirror.contribs.org/releases/9.1/iso/x86_64/smeserver-9.1-x86_64.iso smeserver-9.1-x86_64.iso]. See the page [[SME_Server:Download]] for the current images.<br />
* For Windows:<br />
** Fedora Live-USB Creator: https://fedorahosted.org/liveusb-creator/<br />
* For Linux:<br />
** The <tt>dd</tt> command is used from the commandline<br />
* For OS X:<br />
** The <tt>dd</tt> command is used from the commandline<br />
<br />
== Creating the USB stick on Windows ==<br />
<br />
* Insert USB Device and note the drive-letter used for it by Windows<br />
* Fire-up the the Fedora Live-USB Creator<br />
* Click 'Browse' to use and existing Live CD and select the downloaded SME Server ISO<br />
* Under 'Target Device' be sure to select the right USB Device<br />
* Click 'Create Live USB'<br />
<br />
== Creating the USB stick on Linux ==<br />
<br />
* Insert USB device<br />
* Go to the commandline<br />
* If the USB device gets automatically mounted, unmount it first.<br />'''PAY ATTENTION! Be sure to use the right device.'''''<br />
umount /dev/sdX<br />
: ''Where sdX is your USB device name.<br />
* Write the ISO to the USB device and make sure buffered data is written to disk.<br />'''WARNING! Be sure to pick the right device as you might destroy your system when wrong!!'''''<br />
dd if=FILENAME.ISO of=/dev/sdX<br />
sync<br />
: ''Again where sdX is your USB device name.<br />
<br />
== Creating the USB stick on OS X ==<br />
* Insert USB Device<br />
* Start the 'Terminal' program (<tt>Finder → Applications → Utilities</tt>)<br />
* Find out what device name is your USB stick<br />
diskutil list<br />
* Unmount the USB device.<br />'''PAY ATTENTION! Be sure to use the right device.'''''<br />
diskutil unmountDisk /dev/diskX<br />
: ''Where diskX is your USB device name.<br />
* Write the ISO to the USB device and make sure buffered data is written to disk.<br />'''WARNING! Be sure to pick the right device as you might destroy your system when wrong!!'''''<br />
dd if=FILENAME.ISO of=/dev/diskX conv=sync<br />
: ''Again where diskX is your USB device name.<br />
<br />
The dd command can take a long time, so be patient. The 670MB image transferred to an older USB 2.0 device took about thirteen (13) minutes.<br />
<br />
== Usage ==<br />
Boot your server from USB device and when you get the 'Installation Method' dialog-box choose: <tt>Harddisk → sda1</tt><br />
<br />
<br />
= SME Server 8 =<br />
== Requirements ==<br />
* Bootable USB Disk - 2GB is sufficient<br />
* SME Image of your choice - eg SME 8.2 [http://mirror.canada.pialasse.com/releases/8.2/iso/i386/smeserver-8.2-i386.iso smeserver-8.2-i386.iso] or [http://mirror.canada.pialasse.com/releases/8.2/iso/x86_64/smeserver-x86_64.iso smeserver-8.2-x86_64.iso]<br />
* USB Disk Creation Software<br />
** http://unetbootin.sourceforge.net/<br />
** http://liveusb.info/dotclear/index.php?<br />
<br />
Note: Using Windows 7, should work on XP and later<br /><br />
<br />
Note: Multisystem can be used on Windows and/or Linux, as can unetbootin :D<br />
<br />
== Creating USB stick ==<br />
* Insert USB device<br />
* Run the Software<br />
* Point to the SME ISO file<br />
<br />
== Using ==<br />
On your new Hardware ...<br />
# Boot from USB<br />
# Select Install from Hard Disk<br />
# Choose Partition<br />
** Generally it will be the last partition<br />
** it was ''/dev/sda1'' when no partition, sde1 when I re-installed on the HP Microserver<br />
** leave the path blank<br />
<br />
===Make the USB-key with UNetbootin===<br />
{{Note box|5th July 2013: I found that unetbootin-windows-585.exe expanded the smeserver-8.0-i386.iso onto the USB stick (creating the directory structure etc), thus there was no .iso image to be found at the select an image point in the install process. I simply copied the smeserver-8.0-i386.iso into the USB sticks root directory.}}<br />
* USB Disk In<br />
* Run Unetbootin<br />
* Point to the SME ISO file<br />
* Wait until Unetbooting has finished<br />
* Simply copy the smeserver-8.0-i386.iso into the USB sticks root directory.<br />
Then<br />
* Boot from USB<br />
* Select Install from Hard Disk<br />
* Choose Partition<br />
** Generally it will be the last partition<br />
** it was ''/dev/sda1'' when no partition, sde1 when I re-installed on the HP Microserver<br />
** leave the path blank<br />
<br />
{{Warning box| you don't have the boot menu where you can pass special commands on raid, no lvm...}}<br />
<br />
===Make the USB-key with Multisystem===<br />
Multisystem is a useful tool when you want to get several isos on your usb key, see [http://liveusb.info/dotclear/index.php? multisystem]<br /><br />
<br />
The installation is quite easy, drag and drop the iso in the below appropriate place, give the password of the user who needs the sudo right...it is nearly finished.<br />
<br />
* USB Disk In<br />
* Run multisystem<br />
* Point to the SME ISO file<br />
* Wait that multisystem is finished<br />
* Simply copy the smeserver-8.0-i386.iso into the USB sticks root directory.<br />
Then<br />
* Boot from USB, select the right O.S you want to start.<br />
* Optional : At boot prompt if you want to give some options to install sme in a particular way, you have to select the SME Server menu and press "e"<br />
Then you need to find the line<br />
linux (loop)/isolinux/vmlinux linux repo=hd:<br />
and insert your option line like this : <br />
linux (loop)/isolinux/vmlinux '''nolvm ext4''' linux repo=hd:<br />
All [[Booting|Booting]] options can be find in the wiki.<br />
once done, you can press ctrl+x or F10 to launch the installation.<br />
<br />
* Select Install from Hard Disk<br />
* Choose Partition<br />
** Generally it will be the last partition<br />
** it was ''/dev/sda1'' when no partition, sde1 when I re-installed on the HP Microserver<br />
** leave the path blank<br />
<br />
==References==<br />
* http://unetbootin.sourceforge.net/<br />
* [http://forums.contribs.org/index.php?topic=48479.0 ''SME Server USB installer'' topic in the Contribs forums]<br />
* http://wiki.centos.org/HowTos/GrubInstallation<br />
<br />
'''Long Live SME ...'''<br />
----<br />
[[Category:Howto]]</div>Morpheushttps://wiki.koozali.org/index.php?title=Zabbix&diff=33646Zabbix2017-06-29T04:05:29Z<p>Morpheus: added category so Zabbix shows up under Monitoring</p>
<hr />
<div>{{Languages|Zabbix}}<br />
<br />
{{Incomplete}}<br />
<br />
<br />
===Maintainer===<br />
[mailto:daniel@firewall-services.com[[User:VIP-ire|Daniel B.]]] from [http://www.firewall-services.com Firewall Services]<br />
=== Description ===<br />
<br />
[http://www.zabbix.com Zabbix] offers advanced monitoring, alerting and visualisation features today which are missing in other monitoring systems, even some of the best commercial ones:<br />
<br />
=== Features ===<br />
<br />
Here are some of the features provided by Zabbix:<br />
<br />
*Distributed monitoring<br />
** Centralized configuration<br />
** Centralized access to all data<br />
** Up-to 1000 of nodes<br />
** Unlimited number of proxies<br />
<br />
*Scalability<br />
** Tested with 10,000 monitored devices and servers<br />
** Tested with 100,000 availability and performance checks<br />
** Processing of thousands of availability and performance checks per second<br />
<br />
*Real-time monitoring<br />
** Performance monitoring<br />
** Availability monitoring<br />
** Integrity monitoring<br />
** Flexible notification conditions<br />
** Alerting users (Email, SMS, Jabber)<br />
** Logging<br />
<br />
*Visualisation<br />
** User-defined views and slide shows<br />
** Mapping<br />
** Graphing (including pie charts)<br />
** Zooming<br />
<br />
*Fast Problem Resolution<br />
** Send alerts via email, cell phone, SMS or audio alerts<br />
** Execute remote commands<br />
<br />
*Assuring SLA<br />
** Hierarchical IT Services<br />
** Real-time SLA reporting<br />
<br />
*Reporting and trending<br />
** Easy integration of 3rd party tools<br />
** Analysis of yearly/monthly/daily statistics<br />
** SLA reports<br />
<br />
*XML data import/export<br />
** Easy sharing of templates<br />
<br />
*Auto discovery<br />
** Discovery by IP range, services and SNMP<br />
** Automatic monitoring of discovered devices<br />
<br />
*WEB monitoring<br />
** WEB performance and availability monitoring<br />
** Flexible scenarios<br />
** Support of POST and GET methods<br />
<br />
*Flexibility<br />
** Support of IPv4 and IPv6<br />
** Easily extendable native agents<br />
** Any notifications methods<br />
** Runs on any platform<br />
<br />
*Pro-active monitoring<br />
** Automatic execution of remote commands<br />
** Automatic IPMI commands<br />
<br />
*Aggregate monitoring<br />
** Monitoring of a group of hosts as a single host<br />
<br />
*Agentless monitoring<br />
** Monitoring of remote services (FTP, SSH, HTTP, other)<br />
** Support of SNMP v1,2,3<br />
** Support of IPMI<br />
** SNMP traps<br />
<br />
*High performance agents<br />
** All platforms supported (UNIX, Windows, Novell)<br />
** Memory utilisation<br />
** Network utilisation<br />
** Disk I/O<br />
** Disk space availability<br />
** File checksums<br />
** Monitoring of log files<br />
** And more...<br />
<br />
*Security<br />
** Flexible user permissions<br />
** Authentication by IP address<br />
** Protection against brute force attacks<br />
<br />
*Escalations and notifications<br />
** Repeated notifications<br />
** Unlimited escalations<br />
** Recovery messages<br />
** Be notified while problem is not resolved<br />
<br />
*Management functions<br />
** Ping, traceroute to a host<br />
** Any other functions<br />
<br />
*Dashboard<br />
** Personalized dashboard<br />
** Favourite resources<br />
** High level view<br />
<br />
*Agent-based monitoring<br />
** Native agent for any platform<br />
** Immune to connection problems<br />
<br />
*Open Source Solution<br />
** No license driven limitations<br />
** Access to source code<br />
** Open to code audit<br />
<br />
*Easy Administration<br />
** Very fast learning curve<br />
** All data is stored in a database (Oracle, MySQL, PostgreSQL, SQLite)<br />
** Centralised configuration and storage of information<br />
<br />
*and more...<br />
<br />
=== Full documentation ===<br />
<br />
A complete documentation is available as a PDF file here http://www.zabbix.com/documentation.php<br />
You'll also find some useful informations on the official [http://www.zabbix.com/wiki/doku.php wiki] of the project and the [http://www.zabbix.com/forum/ forum].<br />
<br />
{{Note box|This wiki page is not a complete guide for Zabbix, but just a starting point to run it on your SME Server using this contrib.<br />
For a complete documentation, please refer to the project documentation: http://www.zabbix.com/documentation.php}}<br />
<br />
=== Versions ===<br />
The following is the information about the latest release of each component:<br />
{{ #smeversion: smeserver-zabbix-server }}<br />
{{ #smeversion: zabbix-server }}<br />
{{ #smeversion: smeserver-zabbix-agent }}<br />
{{ #smeversion: zabbix-agent }}<br />
{{ #smeversion: smeserver-zabbix-proxy }}<br />
{{ #smeversion: zabbix-proxy }}<br />
<br />
=== Requirements ===<br />
*SME Server 7.X (9.X or higher for zabbix-server)<br />
*php>=5.4 for zabbix server only, hence you will need to first install smeserver-php-scl on SME9 and set php54 or higher as default php version<br />
<br />
=== Components ===<br />
<br />
Zabbix is composed of four major components:<br />
*The server (the main part). The server will store and analyse the different data, send alerts, etc...<br />
*The web interface (which is automatically installed with the server with this contrib).<br />
*The agent, which gathers informations on the different hosts you monitor.<br />
*The proxy, which is an optional part, can be used to collect performance and availability data locally, and send it to the server.<br />
<br />
==== Server ====<br />
<br />
The server is the core component of Zabbix software. It uses one database (MySQL in this contrib) to store configuration, performance and integrity information. The server can check network services with simple check (ICMP, TCP etc...) for agent-less monitoring, it can monitor network devices using SNMP and is also the central component to which agent report information (agent can work in active, passive, or both mode). The server will also analyse all the information and send alerts depending on very flexible triggers.<br />
<br />
===== Installation on SME9=====<br />
First enable the needed repo: Firewall service and REMI <br />
{{:Fws}}<br />
{{:Remi-safe}}<br />
<br />
signal-event yum-modify<br />
<br />
to install Zabbix server, just use yum:<br />
yum --enablerepo=smecontribs,fws,remi-safe install smeserver-zabbix-server<br />
<br />
then go to your server-manager to set php5.4 or higher as default php for your SME, or you will not be able to access to zabbix web gui, or just issue the following<br />
config setprop php54 PhpModule enabled #replace here with php55 or php56 if you have other needs<br />
signal-event php-update<br />
<br />
then you will have to either tweak the default configuration as explain in next step or just issue :<br />
signal-event zabbix-server-update<br />
<br />
then go to your web interface : https://yourserveradress/zabbix<br />
<br />
===== DB Parameters =====<br />
<br />
Here's the list of available DB parameters for zabbix-server service on SME:<br />
*'''DbName''': The name of the database where everything is stored. Default is 'zabbixdb'<br />
*'''DbPassword''': The password of the database. A random password is generated during the installation<br />
*'''DbUser''': The user name to access the database. Default is zabbixuser<br />
*'''JabberAccount''': Account used to send jabber notification<br />
*'''JabberServer''': Jabber server to use to send notifications<br />
*'''JabberPassword''': Password for the account (for "JabberAccount")<br />
*'''JabberTLS''': (enabled|disabled) Does your Jabber server requires TLS security<br />
{{Note box|The different Jabber settings above are not for the built-in jabber notification function (because I couldn't get it working as my server requires TLS and the built-in features do not support it). But I've included a external script using sendxmpp to send the notification. You should have a media called 'xmpp' in zabbix administration. }} <br />
<br />
*'''NodeID''': The node ID of your server. If you don't use distributed monitoring (just one central Zabbix server), you should let this to 0<br />
*'''TCPPort''': Port used for agent<->server (and proxy<->server) communication. The default is 10051<br />
*'''TimeZone''': It's very important for zabbix to know your time zone (PHP TimeZone setting). Unfortunately, SME do not set it. You can specify your time zone. This setting will only affect Zabbix<br />
*'''WebAccess''': (local|public|disabled) From where you'll be able to access the web interface. You can set it to disabled if you want to disable the web interface (for example, if your server is a node of a distributed environment)<br />
*'''access''': (public|local) From where zabbix port will be available (controlled by TCPPort). You should restrict the access to a list of host with the AllowHosts key if you set public here.<br />
*'''status''': Should the service be started automatically ?<br />
<br />
<br />
<br />
Once you have everything configured like you want, just issue<br />
signal-event zabbix-server-update<br />
<br />
to expand the templates and restart the needed services.<br />
<br />
===== Web Interface =====<br />
<br />
The main web interface is available (if not disabled with the key WebAccess) on https://server.domain.tld/zabbix.<br />
The default user is '''admin''', with password '''zabbix''' (you should change this password ASAP)<br />
<br />
Here are some screenshots of what you can get with zabbix<br />
[[File:Zabbix_graph_cpu.png|768px|thumb|center|CPU Usage Graph]]<br />
[[File:Zabbix_graph_mem.png|768px|thumb|center|Memory Usage Graph]]<br />
[[File:Zabbix_graph_network.png|768px|thumb|center|Network Usage Graph]]<br />
{{Note box|You can select a period on any graph. With this great feature, you can easily zoom on a period of time to analyse things with hight precision}}<br />
[[File:Zabbix_graph_mail_in.png|768px|thumb|center|Incoming mails statistics]]<br />
[[File:Zabbix_screen.png|768px|thumb|center|Screen]]<br />
{{Note box|You can display as many graphs as you want in one screen, automatically refresh it, change it (display network graphs of hosts 1 during 2minutes, then display hardware graphs of hosts2 for 3 minutes etc...)}}<br />
[[File:Zabbix_overview.png|768px|thumb|center|Triggers overview]]<br />
[[File:Zabbix_map.png|768px|thumb|center|Hosts Map]]<br />
{{Note box|this is a very simple map, you can make it look nicer}}<br />
<br />
<br />
For more screenshots, visit the project website [http://www.zabbix.com/screenshots.php here]<br />
<br />
==== Agent ====<br />
<br />
Zabbix agent is a very small daemon which will gather information about the host being monitored, and report it to one or several server(s) (or proxy(s)).<br />
Agents can run in active or passive mode (or both):<br />
*In active mode, the agent will make outgoing connection to the server (port 10051 by default).<br />
*In passive mode, the server will connect to the agent (on port 10050 by default). <br />
<br />
Please read Chap. 2.3.4.ZABBIX Agent page 39 and Chap. 3.3.ZABBIX Agent (UNIX, standalone daemon) of the manual for more information on Zabbix agent.<br />
<br />
===== Installation SME9 =====<br />
first enable the needed repo: Firewall service <br />
{{:Fws}}<br />
<br />
signal-event yum-modify<br />
<br />
to install Zabbix agent, just use yum:<br />
yum --enablerepo=smecontribs,fws install smeserver-zabbix-agent<br />
<br />
<br />
This package will download at least the following dependencies:<br />
*zabbix (very small package with just common directories used by all zabbix components)<br />
*zabbix-agent (the agent)<br />
*smeserver-remoteuseraccess: this contrib is needed because it provides needed templates metadata for /etc/sudoers.<br />
<br />
===== DB parameters =====<br />
<br />
Here's the list of available DB parameters for zabbix-agent service on SME:<br />
*'''RemoteCommands''': (enabled|disabled). If you want to enable remote commands on zabbix agent (you should read the zabbix documentation). Please, be aware that there're security implications if you enable it. The default is disabled<br />
*'''ServerPort''': port to contact the server when running in active mode. Default to 10051<br />
*'''Servers''': List of servers (or proxy), separated by commas, to which send informations. The first one may be used for active checks, the others are only for passive mode<br />
*'''TCPPort''': TCP port on which the agent will listen if passive mode is enabled<br />
*'''access''': (public|private) If you want to open the agent on the public interface (only useful if passive is enabled). If you set this to 'public' you should use the AllowHosts key to limit the access<br />
*'''active''': (enabled|disabled) Do you want to enabled the active mode<br />
*'''passive''': (enabled|disabled) Do you want to enable the passive mode<br />
*'''status''': (enabled|disabled) Should the service be automatically started<br />
<br />
<br />
<br />
Once you have everything configured like you want, just issue<br />
signal-event zabbix-agent-update<br />
<br />
to expand the templates and restart the needed services.<br />
<br />
===== Remote client with encryption =====<br />
on the client do:<br />
openssl rand -hex 32 > /etc/zabbix/zabbix_agentd.psk<br />
chown :zabbix /etc/zabbix/zabbix_agentd.psk<br />
chmod 640 /etc/zabbix/zabbix_agentd.psk<br />
signal-event zabbix-agent-update<br />
cat /etc/zabbix/zabbix_agentd.psk<br />
<br />
you might also need a public access there:<br />
config setprop zabbix-agent Servers IP1,IP2 access public active disabled passive enabled AllowHosts IP1,IP2<br />
signal-event zabbix-agent-update<br />
<br />
On the Zabbix server interface for this client select : <br />
# Connections to host: psk <br />
# Connections from host: psk<br />
# PSK identity: domain.name-agent<br />
# psk: [paste here the output of cat /etc/zabbix/zabbix_agentd.psk]<br />
<br />
===== Additional checks =====<br />
<br />
Even if Zabbix agent is great and support natively a lot of checks, some were missing for my use, so I've added some UserParameters entries in the configuration file. For each of this check, you should add a new item with the name of the check as the key.<br />
Configuring the corresponding checks on the server can be quite long. You can have a look at the [http://sme.firewall-services.com/downloads/zabbix/zabbix_SME.zip templates] I use to monitor SME Servers. This archive contains some templates/items/graphs/triggers in XML format (exported from Zabbix). You can use the Import/Export functionality of Zabbix (Manual Chap. 8.XML IMPORT AND EXPORT page 154) to import it on your server.<br />
<br />
You can also have a look at the configuration file /etc/zabbix/zabbix_agentd.conf to see the commands used to return the corresponding values. You'll also find for each UserParameter information on how to create the corresponding item on the server.<br />
<br />
Please, read chapter 4.11.User Parameters page 119 of the manual to have more information on how UserParameters work.<br />
<br />
*External IP:<br />
**'''ip.external''': Return the real external IP address.<br />
<br />
*Incoming mails statistics:<br />
<br />
{{Note box|Since version 0.1-28 of smeserver-zabbix-agent, the keys to retrieve emails statistics has changed. The value retrieved here are for the last 10 Minutes (the statistics are updated with a cronjob every 10 minutes), so you should configured these items to be refreshed every 600 seconds}}<br />
<br />
**'''mail.in[dnsbl]''': number of emails rejected by DNSBL<br />
**'''mail.in[rhsbl]''': number of emails rejected by RHSBL<br />
**'''mail.in[clamav]''': number of emails rejected by CLAMAV<br />
**'''mail.in[check_earlytalker]''': number of emails rejected by EARLYTALKER<br />
**'''mail.in[check_basicheaders]''': number of emails rejected by BASICHEADERS<br />
**'''mail.in[check_goodrcptto]''': number of emails rejected by GOODRCPTTO<br />
**'''mail.in[check_spamhelo]''': number of emails rejected by SPAMHELO<br />
**'''mail.in[total_denied]''': sum of rejected emails (sum of the above checks)<br />
**'''mail.in[spam_denied]''': number of emails rejected by SPAMASSASSIN<br />
**'''mail.in[other_denied]''': number of emails rejected by others checks<br />
**'''mail.in[spam_queued]''': number of emails queued but marked as spam by SPAMASSASSIN<br />
**'''mail.in[queued]''': number of emails queued (HAM)<br />
**'''mail.in[total]''': number of emails received (accept + denied)<br />
<br />
*Outgoing mails statistics:<br />
**'''mail.out[total]''': sum of outgoing emails<br />
**'''mail.out[success]''': number of successful transmitted emails<br />
**'''mail.out[deferral]''': number of deferred emails<br />
**'''mail.out[failure]''': number of failures<br />
<br />
*Memory/Swap usage:<br />
**'''vm.memory.size.used''': Actually used memory in bytes<br />
**'''vm.memory.size.pused''': Actually used memory in %<br />
**'''system.swap.size.used''': Actually used swap space in bytes<br />
<br />
*MySQL Information:<br />
**'''mysql.uptime''': uptime of mysql server in seconds<br />
**'''mysql.threads''': number of threads<br />
**'''mysql.questions''': number of queries since mysql has been started<br />
**'''mysql.slowqueries''': number of slow queries<br />
**'''mysql.qps''': average queries per seconds<br />
**'''mysql.size''': total space used by mysql databases<br />
<br />
*Network usage. These checks are useful if you want to monitor several SME Servers using one template (so same checks), but those servers use different interfaces configuration (eth0, eth1, br0, bond0, ppp0 etc...)<br />
**'''net.if.in.internal''': Equivalent to net.if.in[ethX,bytes], but is independent of your internal interface name (eth0, bond0, br0 etc...)<br />
**'''net.if.out.internal''': Equivalent to net.if.out[ethX,bytes]<br />
**'''net.if.in.external''': Equivalent to net.if.in[ethX,bytes], but is independent of your external interface name (eth0, eth1, ppp0 etc...)<br />
**'''net.if.out.external''': Equivalent to net.if.out[ethX,bytes]<br />
<br />
{{Note box|Since version 0.1-38 of smeserver-zabbix-agent, the keys to retrieve UPS informations has changed. You now have to select the name of your UPS on the server side. The default name for an UPS in SME is '''UPS'''}}<br />
<br />
*UPS status:<br />
**'''ups.load[UPS]''': Current load (in %) of your UPS<br />
**'''ups.battery.charge[UPS]''': Current charge (in %) of the battery<br />
**'''ups.status[UPS]''': Current status of the UPS (OL, OB, OL CHRG etc...)<br />
**'''ups.model[UPS]''': Model of the UPS<br />
<br />
*Raid Array Monitoring:<br />
**'''raid.sw.status''': Current status of your software Raid (all array)<br />
**'''raid.mega.status''': Current status of your mega raid based raid array (for example, the perc5/6(i) are megaraid based). Requires additional MegaCLI package available from here: [http://www.lsi.com/storage_home/products_home/internal_raid/megaraid_sas/]<br />
<br />
==== Proxy ====<br />
<br />
Zabbix proxy is a lightweight daemon. It will act as a server for agents, will cache locally (in a mysql database) the information, and send it to the server it belongs to. This is useful to monitor networks elements behind a firewall.<br />
<br />
===== Installation SME9=====<br />
first enable the needed repo: Firewall service <br />
{{:Fws}}<br />
<br />
signal-event yum-modify<br />
to install Zabbix proxy, just use yum:<br />
yum --enablerepo=smecontribs,fws install smeserver-zabbix-proxy<br />
<br />
===== DB Parameters =====<br />
*'''DbName''': the name of the database used by the proxy. The default is zabbixproxydb<br />
*'''DbPassword''': the password to access the database<br />
*'''DbUser''': the user to access the database<br />
*'''Servers''': List of servers (separated by commas) to which send the informations<br />
*'''TCPPort''': TCP port on which the proxy listen. Clients will connect on the proxy as if it's a Zabbix server. The default is 10051<br />
*'''access''': (private|public) If you want to open zabbix-proxy on the external interface. If you set this to public, you should use the AllowHosts key to limit the access<br />
*'''status''': (enabled|disabled) Should the service be started automatically<br />
<br />
=== Monitoring SME servers ===<br />
<br />
If you want to monitor SME Servers with zabbix, you'll first need to install the agent as explained earlier, then configure the agent to accept connection from your server. For example, to monitor you local server (the one running zabbix-server):<br />
<br />
db configuration setprop zabbix-agent Servers localhost active disabled passive enabled<br />
signal-event zabbix-agent-update<br />
<br />
{{Note box|After installation, the agent is configured for active checks only. Here, we disable the active checks, and enable the passive ones.}}<br />
<br />
Then, just add a host in Zabbix, pointing to localhost.<br />
<br />
Now you can start adding items (type agent (active or passive depending on the mode you use on the agent)) to this new host.<br />
<br />
If you want to monitor SME Servers on the Internet and use passive mode, the server will initiate connections to the agent. You'll need to port-forward the port if you run in serveronly mode (the default is port 10050 TCP), or to open this port in the firewall if runing in server&gateway mode:<br />
<br />
db configuration setprop zabbix-agent Servers w.x.y.z active disabled passive enabled access public AllowHosts w.x.y.z<br />
signal-event zabbix-agent-update<br />
<br />
{{Warning box|If you use active checks, you need to name the host in zabbix server hostname.domainname.tld (check the file /etc/zabbix/zabbix_agentd.conf, the directive Hostname). If you don't do that, checks won't work}}<br />
<br />
You can download [http://repo.firewall-services.com/misc/monitoring/templates_zabbix.zip here] an archive with some XML exports of the templates I use to monitor my servers. Just extract the archive, and import the templates you want in Zabbix (using the Import/Export menu of zabbix configuration)<br />
<br />
Each XML file represent a template in Zabbix<br />
<br />
*'''Template_SME''' is the main template. It'll add a lot of items for global system monitoring, triggers if load is too high, lack of free memory, httpd is down, passwd has changed etc... and also some graphs like CPU usage, memory, disk space, network usage etc... This templates requires the '''Template_icmp''' and '''Template_app_MySQL''' template<br />
<br />
*'''Template_SME_coovaChilli''' will add tun0 statistics (useful if you use [[CoovaChilli]] contrib). It'll also create a graph for tun0 stats<br />
<br />
*'''Template_SME_softRaid''' will add items and triggers for software raid monitoring. If you link a SME Server with this template, you'll be warned if one of the raid array is degraded or rebuilding<br />
<br />
*'''Template_SME_megaRaid''' will do the same but for MegaRaid based cards. It also requires the MegaCli utility from [http://www.lsi.com/storage_home/products_home/internal_raid/megaraid_sas/ LSI] website<br />
<br />
*'''Template_SME_nutUPS''': Will add items and triggers to be warned if your UPS is on battery, or overloaded.<br />
<br />
*'''Template_icmp''': will configure two items to check if the server is alive, and measure the latency. It also provides latency graphs and some triggers (if latency is too high, if host is down since more than 5min and if hosts is down for more than 1 hour)<br />
<br />
=== Bugs ===<br />
Please raise bugs under the SME-Contribs section in [http://bugs.contribs.org/enter_bug.cgi bugzilla]<br />
and select the smeserver-zabbix component or use on of this link:<br />
====smeserver-zabbix-proxy====<br />
new bug for {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-zabbix-proxy|title=proxy}}<br />
{{#bugzilla:columns=id,product,version,status,summary |sort=id|order=desc |component=smeserver-zabbix-zabbix-proxy|noresultsmessage="No open bugs found."}}<br />
<br />
====smeserver-zabbix-agent====<br />
new bug for {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-zabbix-agent|title=agent}}<br />
{{#bugzilla:columns=id,product,version,status,summary |sort=id|order=desc |component=smeserver-zabbix-agent|noresultsmessage="No open bugs found."}}<br />
<br />
====smeserver-zabbix-server====<br />
new bug for {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-zabbix-server|title=server}}<br />
{{#bugzilla:columns=id,product,version,status,summary |sort=id|order=desc |component=smeserver-zabbix-server|noresultsmessage="No open bugs found."}}<br />
<br />
<br />
<br />
----<br />
[[Category:Contrib]]<br />
[[Category:Administration:Monitoring]]</div>Morpheushttps://wiki.koozali.org/index.php?title=Zabbix&diff=33645Zabbix2017-06-29T03:54:26Z<p>Morpheus: /* Versions */</p>
<hr />
<div>{{Languages|Zabbix}}<br />
<br />
{{Incomplete}}<br />
<br />
<br />
===Maintainer===<br />
[mailto:daniel@firewall-services.com[[User:VIP-ire|Daniel B.]]] from [http://www.firewall-services.com Firewall Services]<br />
=== Description ===<br />
<br />
[http://www.zabbix.com Zabbix] offers advanced monitoring, alerting and visualisation features today which are missing in other monitoring systems, even some of the best commercial ones:<br />
<br />
=== Features ===<br />
<br />
Here are some of the features provided by Zabbix:<br />
<br />
*Distributed monitoring<br />
** Centralized configuration<br />
** Centralized access to all data<br />
** Up-to 1000 of nodes<br />
** Unlimited number of proxies<br />
<br />
*Scalability<br />
** Tested with 10,000 monitored devices and servers<br />
** Tested with 100,000 availability and performance checks<br />
** Processing of thousands of availability and performance checks per second<br />
<br />
*Real-time monitoring<br />
** Performance monitoring<br />
** Availability monitoring<br />
** Integrity monitoring<br />
** Flexible notification conditions<br />
** Alerting users (Email, SMS, Jabber)<br />
** Logging<br />
<br />
*Visualisation<br />
** User-defined views and slide shows<br />
** Mapping<br />
** Graphing (including pie charts)<br />
** Zooming<br />
<br />
*Fast Problem Resolution<br />
** Send alerts via email, cell phone, SMS or audio alerts<br />
** Execute remote commands<br />
<br />
*Assuring SLA<br />
** Hierarchical IT Services<br />
** Real-time SLA reporting<br />
<br />
*Reporting and trending<br />
** Easy integration of 3rd party tools<br />
** Analysis of yearly/monthly/daily statistics<br />
** SLA reports<br />
<br />
*XML data import/export<br />
** Easy sharing of templates<br />
<br />
*Auto discovery<br />
** Discovery by IP range, services and SNMP<br />
** Automatic monitoring of discovered devices<br />
<br />
*WEB monitoring<br />
** WEB performance and availability monitoring<br />
** Flexible scenarios<br />
** Support of POST and GET methods<br />
<br />
*Flexibility<br />
** Support of IPv4 and IPv6<br />
** Easily extendable native agents<br />
** Any notifications methods<br />
** Runs on any platform<br />
<br />
*Pro-active monitoring<br />
** Automatic execution of remote commands<br />
** Automatic IPMI commands<br />
<br />
*Aggregate monitoring<br />
** Monitoring of a group of hosts as a single host<br />
<br />
*Agentless monitoring<br />
** Monitoring of remote services (FTP, SSH, HTTP, other)<br />
** Support of SNMP v1,2,3<br />
** Support of IPMI<br />
** SNMP traps<br />
<br />
*High performance agents<br />
** All platforms supported (UNIX, Windows, Novell)<br />
** Memory utilisation<br />
** Network utilisation<br />
** Disk I/O<br />
** Disk space availability<br />
** File checksums<br />
** Monitoring of log files<br />
** And more...<br />
<br />
*Security<br />
** Flexible user permissions<br />
** Authentication by IP address<br />
** Protection against brute force attacks<br />
<br />
*Escalations and notifications<br />
** Repeated notifications<br />
** Unlimited escalations<br />
** Recovery messages<br />
** Be notified while problem is not resolved<br />
<br />
*Management functions<br />
** Ping, traceroute to a host<br />
** Any other functions<br />
<br />
*Dashboard<br />
** Personalized dashboard<br />
** Favourite resources<br />
** High level view<br />
<br />
*Agent-based monitoring<br />
** Native agent for any platform<br />
** Immune to connection problems<br />
<br />
*Open Source Solution<br />
** No license driven limitations<br />
** Access to source code<br />
** Open to code audit<br />
<br />
*Easy Administration<br />
** Very fast learning curve<br />
** All data is stored in a database (Oracle, MySQL, PostgreSQL, SQLite)<br />
** Centralised configuration and storage of information<br />
<br />
*and more...<br />
<br />
=== Full documentation ===<br />
<br />
A complete documentation is available as a PDF file here http://www.zabbix.com/documentation.php<br />
You'll also find some useful informations on the official [http://www.zabbix.com/wiki/doku.php wiki] of the project and the [http://www.zabbix.com/forum/ forum].<br />
<br />
{{Note box|This wiki page is not a complete guide for Zabbix, but just a starting point to run it on your SME Server using this contrib.<br />
For a complete documentation, please refer to the project documentation: http://www.zabbix.com/documentation.php}}<br />
<br />
=== Versions ===<br />
The following is the information about the latest release of each component:<br />
{{ #smeversion: smeserver-zabbix-server }}<br />
{{ #smeversion: zabbix-server }}<br />
{{ #smeversion: smeserver-zabbix-agent }}<br />
{{ #smeversion: zabbix-agent }}<br />
{{ #smeversion: smeserver-zabbix-proxy }}<br />
{{ #smeversion: zabbix-proxy }}<br />
<br />
=== Requirements ===<br />
*SME Server 7.X (9.X or higher for zabbix-server)<br />
*php>=5.4 for zabbix server only, hence you will need to first install smeserver-php-scl on SME9 and set php54 or higher as default php version<br />
<br />
=== Components ===<br />
<br />
Zabbix is composed of four major components:<br />
*The server (the main part). The server will store and analyse the different data, send alerts, etc...<br />
*The web interface (which is automatically installed with the server with this contrib).<br />
*The agent, which gathers informations on the different hosts you monitor.<br />
*The proxy, which is an optional part, can be used to collect performance and availability data locally, and send it to the server.<br />
<br />
==== Server ====<br />
<br />
The server is the core component of Zabbix software. It uses one database (MySQL in this contrib) to store configuration, performance and integrity information. The server can check network services with simple check (ICMP, TCP etc...) for agent-less monitoring, it can monitor network devices using SNMP and is also the central component to which agent report information (agent can work in active, passive, or both mode). The server will also analyse all the information and send alerts depending on very flexible triggers.<br />
<br />
===== Installation on SME9=====<br />
First enable the needed repo: Firewall service and REMI <br />
{{:Fws}}<br />
{{:Remi-safe}}<br />
<br />
signal-event yum-modify<br />
<br />
to install Zabbix server, just use yum:<br />
yum --enablerepo=smecontribs,fws,remi-safe install smeserver-zabbix-server<br />
<br />
then go to your server-manager to set php5.4 or higher as default php for your SME, or you will not be able to access to zabbix web gui, or just issue the following<br />
config setprop php54 PhpModule enabled #replace here with php55 or php56 if you have other needs<br />
signal-event php-update<br />
<br />
then you will have to either tweak the default configuration as explain in next step or just issue :<br />
signal-event zabbix-server-update<br />
<br />
then go to your web interface : https://yourserveradress/zabbix<br />
<br />
===== DB Parameters =====<br />
<br />
Here's the list of available DB parameters for zabbix-server service on SME:<br />
*'''DbName''': The name of the database where everything is stored. Default is 'zabbixdb'<br />
*'''DbPassword''': The password of the database. A random password is generated during the installation<br />
*'''DbUser''': The user name to access the database. Default is zabbixuser<br />
*'''JabberAccount''': Account used to send jabber notification<br />
*'''JabberServer''': Jabber server to use to send notifications<br />
*'''JabberPassword''': Password for the account (for "JabberAccount")<br />
*'''JabberTLS''': (enabled|disabled) Does your Jabber server requires TLS security<br />
{{Note box|The different Jabber settings above are not for the built-in jabber notification function (because I couldn't get it working as my server requires TLS and the built-in features do not support it). But I've included a external script using sendxmpp to send the notification. You should have a media called 'xmpp' in zabbix administration. }} <br />
<br />
*'''NodeID''': The node ID of your server. If you don't use distributed monitoring (just one central Zabbix server), you should let this to 0<br />
*'''TCPPort''': Port used for agent<->server (and proxy<->server) communication. The default is 10051<br />
*'''TimeZone''': It's very important for zabbix to know your time zone (PHP TimeZone setting). Unfortunately, SME do not set it. You can specify your time zone. This setting will only affect Zabbix<br />
*'''WebAccess''': (local|public|disabled) From where you'll be able to access the web interface. You can set it to disabled if you want to disable the web interface (for example, if your server is a node of a distributed environment)<br />
*'''access''': (public|local) From where zabbix port will be available (controlled by TCPPort). You should restrict the access to a list of host with the AllowHosts key if you set public here.<br />
*'''status''': Should the service be started automatically ?<br />
<br />
<br />
<br />
Once you have everything configured like you want, just issue<br />
signal-event zabbix-server-update<br />
<br />
to expand the templates and restart the needed services.<br />
<br />
===== Web Interface =====<br />
<br />
The main web interface is available (if not disabled with the key WebAccess) on https://server.domain.tld/zabbix.<br />
The default user is '''admin''', with password '''zabbix''' (you should change this password ASAP)<br />
<br />
Here are some screenshots of what you can get with zabbix<br />
[[File:Zabbix_graph_cpu.png|768px|thumb|center|CPU Usage Graph]]<br />
[[File:Zabbix_graph_mem.png|768px|thumb|center|Memory Usage Graph]]<br />
[[File:Zabbix_graph_network.png|768px|thumb|center|Network Usage Graph]]<br />
{{Note box|You can select a period on any graph. With this great feature, you can easily zoom on a period of time to analyse things with hight precision}}<br />
[[File:Zabbix_graph_mail_in.png|768px|thumb|center|Incoming mails statistics]]<br />
[[File:Zabbix_screen.png|768px|thumb|center|Screen]]<br />
{{Note box|You can display as many graphs as you want in one screen, automatically refresh it, change it (display network graphs of hosts 1 during 2minutes, then display hardware graphs of hosts2 for 3 minutes etc...)}}<br />
[[File:Zabbix_overview.png|768px|thumb|center|Triggers overview]]<br />
[[File:Zabbix_map.png|768px|thumb|center|Hosts Map]]<br />
{{Note box|this is a very simple map, you can make it look nicer}}<br />
<br />
<br />
For more screenshots, visit the project website [http://www.zabbix.com/screenshots.php here]<br />
<br />
==== Agent ====<br />
<br />
Zabbix agent is a very small daemon which will gather information about the host being monitored, and report it to one or several server(s) (or proxy(s)).<br />
Agents can run in active or passive mode (or both):<br />
*In active mode, the agent will make outgoing connection to the server (port 10051 by default).<br />
*In passive mode, the server will connect to the agent (on port 10050 by default). <br />
<br />
Please read Chap. 2.3.4.ZABBIX Agent page 39 and Chap. 3.3.ZABBIX Agent (UNIX, standalone daemon) of the manual for more information on Zabbix agent.<br />
<br />
===== Installation SME9 =====<br />
first enable the needed repo: Firewall service <br />
{{:Fws}}<br />
<br />
signal-event yum-modify<br />
<br />
to install Zabbix agent, just use yum:<br />
yum --enablerepo=smecontribs,fws install smeserver-zabbix-agent<br />
<br />
<br />
This package will download at least the following dependencies:<br />
*zabbix (very small package with just common directories used by all zabbix components)<br />
*zabbix-agent (the agent)<br />
*smeserver-remoteuseraccess: this contrib is needed because it provides needed templates metadata for /etc/sudoers.<br />
<br />
===== DB parameters =====<br />
<br />
Here's the list of available DB parameters for zabbix-agent service on SME:<br />
*'''RemoteCommands''': (enabled|disabled). If you want to enable remote commands on zabbix agent (you should read the zabbix documentation). Please, be aware that there're security implications if you enable it. The default is disabled<br />
*'''ServerPort''': port to contact the server when running in active mode. Default to 10051<br />
*'''Servers''': List of servers (or proxy), separated by commas, to which send informations. The first one may be used for active checks, the others are only for passive mode<br />
*'''TCPPort''': TCP port on which the agent will listen if passive mode is enabled<br />
*'''access''': (public|private) If you want to open the agent on the public interface (only useful if passive is enabled). If you set this to 'public' you should use the AllowHosts key to limit the access<br />
*'''active''': (enabled|disabled) Do you want to enabled the active mode<br />
*'''passive''': (enabled|disabled) Do you want to enable the passive mode<br />
*'''status''': (enabled|disabled) Should the service be automatically started<br />
<br />
<br />
<br />
Once you have everything configured like you want, just issue<br />
signal-event zabbix-agent-update<br />
<br />
to expand the templates and restart the needed services.<br />
<br />
===== Remote client with encryption =====<br />
on the client do:<br />
openssl rand -hex 32 > /etc/zabbix/zabbix_agentd.psk<br />
chown :zabbix /etc/zabbix/zabbix_agentd.psk<br />
chmod 640 /etc/zabbix/zabbix_agentd.psk<br />
signal-event zabbix-agent-update<br />
cat /etc/zabbix/zabbix_agentd.psk<br />
<br />
you might also need a public access there:<br />
config setprop zabbix-agent Servers IP1,IP2 access public active disabled passive enabled AllowHosts IP1,IP2<br />
signal-event zabbix-agent-update<br />
<br />
On the Zabbix server interface for this client select : <br />
# Connections to host: psk <br />
# Connections from host: psk<br />
# PSK identity: domain.name-agent<br />
# psk: [paste here the output of cat /etc/zabbix/zabbix_agentd.psk]<br />
<br />
===== Additional checks =====<br />
<br />
Even if Zabbix agent is great and support natively a lot of checks, some were missing for my use, so I've added some UserParameters entries in the configuration file. For each of this check, you should add a new item with the name of the check as the key.<br />
Configuring the corresponding checks on the server can be quite long. You can have a look at the [http://sme.firewall-services.com/downloads/zabbix/zabbix_SME.zip templates] I use to monitor SME Servers. This archive contains some templates/items/graphs/triggers in XML format (exported from Zabbix). You can use the Import/Export functionality of Zabbix (Manual Chap. 8.XML IMPORT AND EXPORT page 154) to import it on your server.<br />
<br />
You can also have a look at the configuration file /etc/zabbix/zabbix_agentd.conf to see the commands used to return the corresponding values. You'll also find for each UserParameter information on how to create the corresponding item on the server.<br />
<br />
Please, read chapter 4.11.User Parameters page 119 of the manual to have more information on how UserParameters work.<br />
<br />
*External IP:<br />
**'''ip.external''': Return the real external IP address.<br />
<br />
*Incoming mails statistics:<br />
<br />
{{Note box|Since version 0.1-28 of smeserver-zabbix-agent, the keys to retrieve emails statistics has changed. The value retrieved here are for the last 10 Minutes (the statistics are updated with a cronjob every 10 minutes), so you should configured these items to be refreshed every 600 seconds}}<br />
<br />
**'''mail.in[dnsbl]''': number of emails rejected by DNSBL<br />
**'''mail.in[rhsbl]''': number of emails rejected by RHSBL<br />
**'''mail.in[clamav]''': number of emails rejected by CLAMAV<br />
**'''mail.in[check_earlytalker]''': number of emails rejected by EARLYTALKER<br />
**'''mail.in[check_basicheaders]''': number of emails rejected by BASICHEADERS<br />
**'''mail.in[check_goodrcptto]''': number of emails rejected by GOODRCPTTO<br />
**'''mail.in[check_spamhelo]''': number of emails rejected by SPAMHELO<br />
**'''mail.in[total_denied]''': sum of rejected emails (sum of the above checks)<br />
**'''mail.in[spam_denied]''': number of emails rejected by SPAMASSASSIN<br />
**'''mail.in[other_denied]''': number of emails rejected by others checks<br />
**'''mail.in[spam_queued]''': number of emails queued but marked as spam by SPAMASSASSIN<br />
**'''mail.in[queued]''': number of emails queued (HAM)<br />
**'''mail.in[total]''': number of emails received (accept + denied)<br />
<br />
*Outgoing mails statistics:<br />
**'''mail.out[total]''': sum of outgoing emails<br />
**'''mail.out[success]''': number of successful transmitted emails<br />
**'''mail.out[deferral]''': number of deferred emails<br />
**'''mail.out[failure]''': number of failures<br />
<br />
*Memory/Swap usage:<br />
**'''vm.memory.size.used''': Actually used memory in bytes<br />
**'''vm.memory.size.pused''': Actually used memory in %<br />
**'''system.swap.size.used''': Actually used swap space in bytes<br />
<br />
*MySQL Information:<br />
**'''mysql.uptime''': uptime of mysql server in seconds<br />
**'''mysql.threads''': number of threads<br />
**'''mysql.questions''': number of queries since mysql has been started<br />
**'''mysql.slowqueries''': number of slow queries<br />
**'''mysql.qps''': average queries per seconds<br />
**'''mysql.size''': total space used by mysql databases<br />
<br />
*Network usage. These checks are useful if you want to monitor several SME Servers using one template (so same checks), but those servers use different interfaces configuration (eth0, eth1, br0, bond0, ppp0 etc...)<br />
**'''net.if.in.internal''': Equivalent to net.if.in[ethX,bytes], but is independent of your internal interface name (eth0, bond0, br0 etc...)<br />
**'''net.if.out.internal''': Equivalent to net.if.out[ethX,bytes]<br />
**'''net.if.in.external''': Equivalent to net.if.in[ethX,bytes], but is independent of your external interface name (eth0, eth1, ppp0 etc...)<br />
**'''net.if.out.external''': Equivalent to net.if.out[ethX,bytes]<br />
<br />
{{Note box|Since version 0.1-38 of smeserver-zabbix-agent, the keys to retrieve UPS informations has changed. You now have to select the name of your UPS on the server side. The default name for an UPS in SME is '''UPS'''}}<br />
<br />
*UPS status:<br />
**'''ups.load[UPS]''': Current load (in %) of your UPS<br />
**'''ups.battery.charge[UPS]''': Current charge (in %) of the battery<br />
**'''ups.status[UPS]''': Current status of the UPS (OL, OB, OL CHRG etc...)<br />
**'''ups.model[UPS]''': Model of the UPS<br />
<br />
*Raid Array Monitoring:<br />
**'''raid.sw.status''': Current status of your software Raid (all array)<br />
**'''raid.mega.status''': Current status of your mega raid based raid array (for example, the perc5/6(i) are megaraid based). Requires additional MegaCLI package available from here: [http://www.lsi.com/storage_home/products_home/internal_raid/megaraid_sas/]<br />
<br />
==== Proxy ====<br />
<br />
Zabbix proxy is a lightweight daemon. It will act as a server for agents, will cache locally (in a mysql database) the information, and send it to the server it belongs to. This is useful to monitor networks elements behind a firewall.<br />
<br />
===== Installation SME9=====<br />
first enable the needed repo: Firewall service <br />
{{:Fws}}<br />
<br />
signal-event yum-modify<br />
to install Zabbix proxy, just use yum:<br />
yum --enablerepo=smecontribs,fws install smeserver-zabbix-proxy<br />
<br />
===== DB Parameters =====<br />
*'''DbName''': the name of the database used by the proxy. The default is zabbixproxydb<br />
*'''DbPassword''': the password to access the database<br />
*'''DbUser''': the user to access the database<br />
*'''Servers''': List of servers (separated by commas) to which send the informations<br />
*'''TCPPort''': TCP port on which the proxy listen. Clients will connect on the proxy as if it's a Zabbix server. The default is 10051<br />
*'''access''': (private|public) If you want to open zabbix-proxy on the external interface. If you set this to public, you should use the AllowHosts key to limit the access<br />
*'''status''': (enabled|disabled) Should the service be started automatically<br />
<br />
=== Monitoring SME servers ===<br />
<br />
If you want to monitor SME Servers with zabbix, you'll first need to install the agent as explained earlier, then configure the agent to accept connection from your server. For example, to monitor you local server (the one running zabbix-server):<br />
<br />
db configuration setprop zabbix-agent Servers localhost active disabled passive enabled<br />
signal-event zabbix-agent-update<br />
<br />
{{Note box|After installation, the agent is configured for active checks only. Here, we disable the active checks, and enable the passive ones.}}<br />
<br />
Then, just add a host in Zabbix, pointing to localhost.<br />
<br />
Now you can start adding items (type agent (active or passive depending on the mode you use on the agent)) to this new host.<br />
<br />
If you want to monitor SME Servers on the Internet and use passive mode, the server will initiate connections to the agent. You'll need to port-forward the port if you run in serveronly mode (the default is port 10050 TCP), or to open this port in the firewall if runing in server&gateway mode:<br />
<br />
db configuration setprop zabbix-agent Servers w.x.y.z active disabled passive enabled access public AllowHosts w.x.y.z<br />
signal-event zabbix-agent-update<br />
<br />
{{Warning box|If you use active checks, you need to name the host in zabbix server hostname.domainname.tld (check the file /etc/zabbix/zabbix_agentd.conf, the directive Hostname). If you don't do that, checks won't work}}<br />
<br />
You can download [http://repo.firewall-services.com/misc/monitoring/templates_zabbix.zip here] an archive with some XML exports of the templates I use to monitor my servers. Just extract the archive, and import the templates you want in Zabbix (using the Import/Export menu of zabbix configuration)<br />
<br />
Each XML file represent a template in Zabbix<br />
<br />
*'''Template_SME''' is the main template. It'll add a lot of items for global system monitoring, triggers if load is too high, lack of free memory, httpd is down, passwd has changed etc... and also some graphs like CPU usage, memory, disk space, network usage etc... This templates requires the '''Template_icmp''' and '''Template_app_MySQL''' template<br />
<br />
*'''Template_SME_coovaChilli''' will add tun0 statistics (useful if you use [[CoovaChilli]] contrib). It'll also create a graph for tun0 stats<br />
<br />
*'''Template_SME_softRaid''' will add items and triggers for software raid monitoring. If you link a SME Server with this template, you'll be warned if one of the raid array is degraded or rebuilding<br />
<br />
*'''Template_SME_megaRaid''' will do the same but for MegaRaid based cards. It also requires the MegaCli utility from [http://www.lsi.com/storage_home/products_home/internal_raid/megaraid_sas/ LSI] website<br />
<br />
*'''Template_SME_nutUPS''': Will add items and triggers to be warned if your UPS is on battery, or overloaded.<br />
<br />
*'''Template_icmp''': will configure two items to check if the server is alive, and measure the latency. It also provides latency graphs and some triggers (if latency is too high, if host is down since more than 5min and if hosts is down for more than 1 hour)<br />
<br />
=== Bugs ===<br />
Please raise bugs under the SME-Contribs section in [http://bugs.contribs.org/enter_bug.cgi bugzilla]<br />
and select the smeserver-zabbix component or use on of this link:<br />
====smeserver-zabbix-proxy====<br />
new bug for {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-zabbix-proxy|title=proxy}}<br />
{{#bugzilla:columns=id,product,version,status,summary |sort=id|order=desc |component=smeserver-zabbix-zabbix-proxy|noresultsmessage="No open bugs found."}}<br />
<br />
====smeserver-zabbix-agent====<br />
new bug for {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-zabbix-agent|title=agent}}<br />
{{#bugzilla:columns=id,product,version,status,summary |sort=id|order=desc |component=smeserver-zabbix-agent|noresultsmessage="No open bugs found."}}<br />
<br />
====smeserver-zabbix-server====<br />
new bug for {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-zabbix-server|title=server}}<br />
{{#bugzilla:columns=id,product,version,status,summary |sort=id|order=desc |component=smeserver-zabbix-server|noresultsmessage="No open bugs found."}}<br />
<br />
<br />
<br />
----<br />
[[Category:Contrib]]</div>Morpheushttps://wiki.koozali.org/index.php?title=Nagios&diff=33644Nagios2017-06-29T02:35:27Z<p>Morpheus: </p>
<hr />
<div>{{Languages}}<br />
{{Needs review}}<br />
{{Note box|msg=Suggest looking at Zabbix which works for SME9.*}}<br />
{{Note box|msg=This contrib was only applied and used on fresh SME (server only mode) install. Conflicts with other installed packages were not examined. The author strongly recommend to install this monitoring system on a dedicated server. It is entirely possible to run it on a virtualized system, which monitors the host itself. In this case you should set up a second Nagios server (acting as a watchdog) on an independent hardware (physically or virtualized) to monitor the main Nagios system}}<br />
{{Note box|msg=This contrib does not work on SME8b6 as documented here, there are a few changes needed to the repository info and also the yum commands, also a change needs to be made to the location of the nagios.pid file in order for it run successfully after installation. There is an outstanding bug [[bugzilla:5539]] which contains the necessary information.}}<br />
=== Maintainer ===<br />
Michael Weinberger<br />
<br />
<br />
=== Introduction ===<br />
Nagios is a host and service monitor designed to inform you of network problems before your clients, end-users or managers do. [http://www.nagios.org/about/ Read more...]<br />
<br />
<br />
This [[Nagios]] contrib installs Nagios Version 3 and was tested on fresh installed SME Server 7.3<br />
It provides all packages needed to setup a SME Server as a central Nagios monitoring server including the graphical performance data analyser [http://www.pnp4nagios.org/start PNP4Nagios].<br />
(Applied this how-to on a fresh SME Server 7.4, works)<br />
<br />
{| cellpadding=10<br />
| [[Image:Nagios-screenshot-8.png]] || [[Image:Nagios-PNP-Screenshot.gif]] <br />
|-<br />
| Statusmap screenshot of a sample Nagios configuration || PNP Screenshot ''(Source: www.pnp4nagios.org)''<br />
|}<br />
<br />
<br />
These packages are provided by the contrib. All other dependend packages will be installed via yum from the Centos and DAG repostitories. <br />
<br />
{| style='white-space:nowrap' border="1" cellpadding="3" cellspacing=0<br />
! Package !! Version !! Build date !! Purpose<br />
|-<br />
| smeserver-nagios || 2.0.0-1 || 17 Nov 2008 || Integrates Nagios service into the SME Server<br />
|-<br />
| smeserver-nagios-nrpe || 2.0.0-1 || 17 Nov 2008 || Integrates NRPE service into the SME Server<br />
|-<br />
| smeserver-nagios-nsca || 2.0.0-1 || 17 Nov 2008 || Integrates NSCA service into the SME Server (needed in a Distributed Installation)<br />
|-<br />
| smeserver-nagios-plugins-mysql || 2.0.0-1 || 18 Nov 2008 || Plugin that checks the mysqld service on a SME Server<br />
|-<br />
| smeserver-nagios-backup || 2.0.0-1 || 17 Nov 2008 || Nagios backup integration. Includes Nagios configuration and status data into the SME standard backup<br />
|-<br />
| nagios-plugins-temptrax || 2.0.1-1 || 18 Nov 2008 || Plugins for the Sensatronics Ethernet Temperature Devices E4/E16/F<br />
|-<br />
| nagios-plugins-esx3i || 1.0.3-0 || 16 Nov 2008 || Plugins to monitor ESXi servers that support the "Common Information Model (CIM)" protocol like Dell PowerEdge 29xx. [http://cars.lostroncos.org/2008/03/07/updated-esx-3i-scripts-for-nagios/ Read more...] <br />
|-<br />
| perl-Nagios-Plugin || 0.17-1 || 19 Oct 2007 || A family of perl modules to streamline writing Nagios plugins<br />
|-<br />
| nagios-of-plugins || 0.9.4-1 || 08 Jul 2007 || Additional plugins written by [http://www.openfusion.com.au/labs/nagios/ Gavin Carr of Open Fusion]<br />
|-<br />
| nagios-plugins-generic || 1.0.0 || 01 Nov 2007 || A generic plugin. [http://www.my-plugin.de/wiki/doku.php/projects:check_generic:start Read more...]<br />
|-<br />
| nagios-nuvola-1.0.3.tar.gz || 1.0.3 || 28 Oct 2007 || Nuvola GUI theme<br />
|- <br />
| nagios-icons-nx-1.0.0.tar.gz || 1.0.0 || 04 Nov 2007 || Additional useful icons, including the SME logo<br />
<br />
|}<br />
<br />
=== Download ===<br />
Download the packages and files from http://mirror.contribs.org/smeserver/contribs/michaelw/sme7/Nagios3/packages/ manually or run the the script [http://mirror.contribs.org/smeserver/contribs/michaelw/sme7/Nagios3/packages/wgetall wgetall] to download all in one go.<br />
bash < wgetall<br />
<br />
=== Installation ===<br />
<br />
{{Note box|If you have the Nagios 2 contrib installed, follow the update instructions below}}<br />
<br />
==== Configure the dag repositoy ====<br />
You need to activate the [[Dag]] reposity before installing this contrib.<br /><br />
<br />
see [[dag|dag repository]] <br /><br />
<br />
==== Installation of a central Nagios server ====<br />
Intstalling the packages<br />
/usr/bin/yum --enablerepo=dag install \<br />
nagios-plugins-setuid \<br />
perl-Config-Tiny<br />
<br />
/usr/bin/yum --enablerepo=dag localinstall \<br />
smeserver-nagios-*.noarch.rpm \<br />
pnp-*.i386.rpm \<br />
smeserver-nagios-backup-*.noarch.rpm \<br />
perl-Nagios-Plugin-*.noarch.rpm \<br />
smeserver-nagios-plugins-mysql-*.noarch.rpm \<br />
nagios-plugins-generic-*.noarch.rpm \<br />
nagios-of-plugins-*.noarch.rpm \<br />
nagios-plugins-temptrax-*.el4.rf.i386.rpm \<br />
nagios-plugins-esx3i-*.el4.noarch.rpm<br />
Use the configuration files from the smeserver-nagios package as a starting point. This provides a working configuration.<br />
/bin/cp -ba /etc/nagios/nagios.cfg-smeserver /etc/nagios/nagios.cfg<br />
/bin/cp -ba /etc/nagios/cgi.cfg-smeserver /etc/nagios/cgi.cfg<br />
Configuring global access with password required<br />
config set nagios service Name Nagios PublicAccess global-pw<br />
expand-template /etc/httpd/conf/httpd.conf<br />
service httpd-e-smith restart<br />
service nagios restart<br />
Test the installation by pointing your browser to ''<nowiki>https://IPADDRESS/nagios/</nowiki>''<br />
<br />
Browser login in as admin.<br />
After 10 minutes the performance data graphes are available. Click on on the 'star' icon next to the service name to view the graphes on a new page.<br />
<br />
===== Install the VMware ESXi Server CIM Hardware Monitoring (optional) =====<br />
If you plan to monitor an ESx3i server with CIM compliant hardware, you can configure the ESXi plugin<br />
/usr/bin/yum --enable=dag install openssl-devel perl-XML-SAX<br />
Download and install the [http://www.vmware.com/support/developer/viperltoolkit/ VMware Infrastructure (VI) Perl Toolkit]<br />
<br />
Ignore this warning:<br />
''The following Perl modules were found on the system but may be too old to work<br />
with VIPerl:<br />
URI<br />
XML::NamespaceSupport''<br />
<br />
It does not affect the proper function of the nagios plugins.<br />
<br />
To get some configuration hints run <br />
rpm -qi nagios-plugins-esx3i<br />
<br />
===== Install the Nuvola theme (optional) =====<br />
The Nuvola theme provides a nice and modern GUI. The screenshot above was made with the Nuvola theme installed.<br />
cd /usr/share/nagios<br />
rm -rf config.js images index.html main.html side side.html stylesheets<br />
cd -<br />
tar --strip-path=1 -C /usr/share/nagios -xzf nagios-nuvola-*.tar.gz<br />
chmod a+r -R /usr/share/nagios<br />
Empty your browser cache and reload the Nagios page.<br />
<br />
===== Integrate Ajaxterm in the Nuvola theme Home menu (optional) =====<br />
Install the [[Ajaxterm]] contrib and run<br />
patch -p0 /usr/share/nagios/side/dtree_data.js < dtree_data.js.patch<br />
Empty your browser cache and reload the Nagios page.<br />
<br />
===== Install additional logo icons (optional) =====<br />
This installs a set of icons, including the SME server logo. The logos can be used in the ''hostextinfo{}'' sections. A preview of the logos can be found [http://wiki.contribs.org/images/d/d0/Nagios-logos.jpg here].<br />
<br />
tar --strip-path 1 -C /usr/share/nagios/images/logos -xzf nagios-icons-nx-*.tar.gz<br />
chown nagios.root /usr/share/nagios/images/logos/*<br />
chmod 644 /usr/share/nagios/images/logos/*<br />
<br />
==== Hints ====<br />
* Place all your configuration files in /etc/nagios/ in the sub-directories templates, host, services, etc.<br />
<br />
* Do not change the default pathes of log files, rrd files, etc.. The ''smeserver-nagios-backup'' RPM requires these settings to work properly.<br />
* Nagios 3 runs host checks that provides performance data. Add this action_url option to each host definiton:<br />
action_url /nagios/pnp/index.php?host=$HOSTNAME$<br />
* Add this action_url option to service checks with performance data output<br />
action_url /nagios/pnp/index.php?host=$HOSTNAME$&srv=$SERVICEDESC$<br />
* You can permit other users to access Nagios. Add them separated by a comma to the lines<br />
authorized_for_system_information=admin<br />
authorized_for_system_commands=admin<br />
authorized_for_configuration_information=admin<br />
authorized_for_all_hosts=admin<br />
authorized_for_all_host_commands=admin<br />
authorized_for_all_services=admin<br />
authorized_for_all_service_commands=admin<br />
* It is a good idea to make your Nagios server as independent as possible from the infrastructure it monitors, i.e., use a dedicated hardware, network, mail- and pager system, firewall and internet connection if possible. <br />
* Consider to setup a second Nagios somewhere on your network, which monitors your central Nagios server. Then you need to install the NRPE also on the central server.<br />
<br />
==== Update from Nagios 2 to Nagios 3 ====<br />
Before installing this contrib based on Nagios 3, remove all packages of the previous Nagios 2 installation<br />
service nagios stop<br />
service nagiosgrapher stop<br />
<br />
/usr/bin/yum erase \<br />
nagios-plugins-esx3i \<br />
nagios-nrpe \<br />
nagios-plugins-temptrax \<br />
nagios-plugins \<br />
nagios-of-plugins \<br />
nagios-plugins-generic \<br />
nagios smeserver-nagios-nrpe \<br />
smeserver-nagios \<br />
smeserver-nagios-plugins-mysql \<br />
nagios-plugins-nrpe \<br />
nagios-plugins-setuid \<br />
smeserver-nagiosgrapher \<br />
smeserver-nagios-backup<br />
Remove all NagiosGrapher rrd data. It is not possible to tranfer the existing NagiosGrapher data to PNP. <br />
rm -rf /var/lib/nagios/*<br />
Backup your Nagios configuration data<br />
cp -a /etc/nagios /etc/nagios.v2<br />
Delete Nagios configuration data<br />
rm -rf /etc/nagios <br />
Move the retention data to the new Nagios 3 loaction<br />
mkdir -p /var/nagios/<br />
mv /var/log/nagios/retention.dat /var/nagios/<br />
<br />
'''Now install this contrib following the instructions in chapter 'Installation'<br />
'''<br />
service nagios stop<br />
Delete the default configuration files<br />
cd /etc/nagios<br />
rm -rf commands/default.cfg \<br />
objects \<br />
contacts/contacts.cfg \<br />
hostgroups/default.cfg \<br />
hosts/localhost.cfg \<br />
servicegroups/default.cfg \<br />
services/localhost.cfg \<br />
templates/default.cfg \<br />
timeperiods/default.cfg<br />
<br />
Copy your saved configuration files to /etc/nagios. When you place them into the pre-defined directories contacts, services, hostgroups, templates, commands, hosts, servicegroups, and timeperiods you don't need to adjust nagios.cfg.<br />
<br />
Review your config files and do the following<br />
* add <tt>'''use host-pnp'''</tt> to your generic host definition to add an action url for PNP to all hosts.<br />
* for all services that output performance data add <tt>'''action_url /nagios/pnp/index.php?host=$HOSTNAME$&srv=$SERVICEDESC$'''</tt> to your service template definitions<br />
* move all options from <tt>'''hostextinfo'''</tt> definition (except <tt>'''host_name'''</tt> and <tt>'''action_url'''</tt>) to <tt>'''host'''</tt> definition. Delete the <tt>'''hostextinfo'''</tt> definition.<br />
* do the same for <tt>'''serviceextinfo'''</tt> definitons<br />
<br />
When done check your config<br />
nagios -v /etc/nagios/nagios.cfg<br />
and finally start the service<br />
service nagios start<br />
<br />
==== Backup and Restore ====<br />
With the smeserver-nagios-backup RPM installed all Nagios and PNP configuration data, status data and archives are included in the SME Server standard backup. In the pre-backup event those data are copied to the <tt>/home/e-smith/db/nagios/</tt> directory. As the nagios service is stopped during copying it is recommended to configure Nagios to save its scheduling info (next check time) for hosts and services in a file and use this at startup. Otherwise Nagios would re-schedule all checks spreaded over the timeframe defined by <tt>max_service_check_spread</tt> and <tt>max_host_check_spread</tt> (default 30 min). As a result you would have gaps in checking and visible gaps in the PNP graphes.<br />
<br />
in <tt>/etc/nagios/nagios.cfg</tt> set:<br />
retain_state_information=1<br />
state_retention_file=/var/nagios/retention.dat<br />
use_retained_program_state=1<br />
use_retained_scheduling_info=1<br />
<br />
When doing a restore, the data from <tt>/home/e-smith/db/nagios/</tt> are copied back to their original locations in the bootstrap-console-save event.<br />
<br />
=== Uninstall ===<br />
This removes the installed Nagios packages.<br />
service nagios stop<br />
<br />
rpm -e \<br />
nagios-of-plugins \<br />
nagios-plugins-esx3i \<br />
nagios-plugins-generic \<br />
nagios-plugins-temptrax \<br />
perl-Nagios-Plugin \<br />
pnp \<br />
smeserver-nagios \<br />
smeserver-nagios-backup \<br />
smeserver-nagios-nrpe \<br />
smeserver-nagios-nsca \<br />
smeserver-nagios-plugins-mysql \<br />
nagios-plugins-setuid \<br />
perl-Config-Tiny<br />
<br />
Remvove the dependencies if not needed by other contribs<br />
rpm -e \<br />
fping \<br />
gd \<br />
libart_lgpl \<br />
libmcrypt \<br />
nagios \<br />
nagios-nrpe \<br />
nagios-nsca \<br />
nagios-nsca-client \<br />
nagios-plugins \<br />
nagios-plugins-nrpe \<br />
perl-Class-Accessor \<br />
perl-Crypt-DES \<br />
perl-Math-Calc-Units \<br />
perl-Net-SNMP \<br />
perl-Params-Validate \<br />
perl-rrdtool \<br />
rrdtool \<br />
xinetd <br />
Ignore the warnings about non-existing user nagios and group nagios.<br />
expand-template /etc/httpd/conf/httpd.conf<br />
service httpd-e-smith restart<br />
<br />
=== References ===<br />
* Nagios NRPE Contrib: [[Nagios NRPE]]<br />
* Nagios NSCA Contrib: [[Nagios NSCA]]<br />
* Nagios: http://www.nagios.org/<br />
* perl-Nagios-Plugin: http://members.financial.com/~cmr/rpmforge/perl-Nagios-Plugin/<br />
* nagios-of-plugins: http://www.nagiosexchange.org/Plugin_Packages.52.0.html?&tx_netnagext_pi1%5Bp_view%5D=323<br />
* Nuvola theme: http://www.nagiosexchange.org/Image_Packs.75.0.html?&tx_netnagext_pi1%5Bp_view%5D=252&tx_netnagext_pi1%5Bpage%5D=10%3A10<br />
* Temptrax Plugin: http://www.nagiosexchange.org/cgi-bin/page.cgi?g=1716.html<br />
* Nagios books: ''"Nagios : system and network monitoring / Wolfgang Barth / ISBN 1-59327-070-4"'', ''"Building a Monitoring Infrastructure with Nagios / David Josephsen / ISBN 0-13-223693-1"''<br />
* Nagios in a German Computer Magazine: http://www.heise.de/netze/artikel/81238<br />
* PNP4Nagios: http://www.pnp4nagios.org/pnp/start<br />
----<br />
[[Category: Contrib]]<br />
[[Category: Webapps]]<br />
[[Category: Administration:Monitoring]]</div>Morpheushttps://wiki.koozali.org/index.php?title=Nagios&diff=33643Nagios2017-06-29T02:34:24Z<p>Morpheus: </p>
<hr />
<div>{{Languages}}<br />
{{Needs review}}<br />
{{Suggest looking at Zabbix which works for SME9.*}}<br />
{{Note box|This contrib was only applied and used on fresh SME (server only mode) install. Conflicts with other installed packages were not examined. The author strongly recommend to install this monitoring system on a dedicated server. It is entirely possible to run it on a virtualized system, which monitors the host itself. In this case you should set up a second Nagios server (acting as a watchdog) on an independent hardware (physically or virtualized) to monitor the main Nagios system}}<br />
{{Note box|msg=This contrib does not work on SME8b6 as documented here, there are a few changes needed to the repository info and also the yum commands, also a change needs to be made to the location of the nagios.pid file in order for it run successfully after installation. There is an outstanding bug [[bugzilla:5539]] which contains the necessary information.}}<br />
=== Maintainer ===<br />
Michael Weinberger<br />
<br />
<br />
=== Introduction ===<br />
Nagios is a host and service monitor designed to inform you of network problems before your clients, end-users or managers do. [http://www.nagios.org/about/ Read more...]<br />
<br />
<br />
This [[Nagios]] contrib installs Nagios Version 3 and was tested on fresh installed SME Server 7.3<br />
It provides all packages needed to setup a SME Server as a central Nagios monitoring server including the graphical performance data analyser [http://www.pnp4nagios.org/start PNP4Nagios].<br />
(Applied this how-to on a fresh SME Server 7.4, works)<br />
<br />
{| cellpadding=10<br />
| [[Image:Nagios-screenshot-8.png]] || [[Image:Nagios-PNP-Screenshot.gif]] <br />
|-<br />
| Statusmap screenshot of a sample Nagios configuration || PNP Screenshot ''(Source: www.pnp4nagios.org)''<br />
|}<br />
<br />
<br />
These packages are provided by the contrib. All other dependend packages will be installed via yum from the Centos and DAG repostitories. <br />
<br />
{| style='white-space:nowrap' border="1" cellpadding="3" cellspacing=0<br />
! Package !! Version !! Build date !! Purpose<br />
|-<br />
| smeserver-nagios || 2.0.0-1 || 17 Nov 2008 || Integrates Nagios service into the SME Server<br />
|-<br />
| smeserver-nagios-nrpe || 2.0.0-1 || 17 Nov 2008 || Integrates NRPE service into the SME Server<br />
|-<br />
| smeserver-nagios-nsca || 2.0.0-1 || 17 Nov 2008 || Integrates NSCA service into the SME Server (needed in a Distributed Installation)<br />
|-<br />
| smeserver-nagios-plugins-mysql || 2.0.0-1 || 18 Nov 2008 || Plugin that checks the mysqld service on a SME Server<br />
|-<br />
| smeserver-nagios-backup || 2.0.0-1 || 17 Nov 2008 || Nagios backup integration. Includes Nagios configuration and status data into the SME standard backup<br />
|-<br />
| nagios-plugins-temptrax || 2.0.1-1 || 18 Nov 2008 || Plugins for the Sensatronics Ethernet Temperature Devices E4/E16/F<br />
|-<br />
| nagios-plugins-esx3i || 1.0.3-0 || 16 Nov 2008 || Plugins to monitor ESXi servers that support the "Common Information Model (CIM)" protocol like Dell PowerEdge 29xx. [http://cars.lostroncos.org/2008/03/07/updated-esx-3i-scripts-for-nagios/ Read more...] <br />
|-<br />
| perl-Nagios-Plugin || 0.17-1 || 19 Oct 2007 || A family of perl modules to streamline writing Nagios plugins<br />
|-<br />
| nagios-of-plugins || 0.9.4-1 || 08 Jul 2007 || Additional plugins written by [http://www.openfusion.com.au/labs/nagios/ Gavin Carr of Open Fusion]<br />
|-<br />
| nagios-plugins-generic || 1.0.0 || 01 Nov 2007 || A generic plugin. [http://www.my-plugin.de/wiki/doku.php/projects:check_generic:start Read more...]<br />
|-<br />
| nagios-nuvola-1.0.3.tar.gz || 1.0.3 || 28 Oct 2007 || Nuvola GUI theme<br />
|- <br />
| nagios-icons-nx-1.0.0.tar.gz || 1.0.0 || 04 Nov 2007 || Additional useful icons, including the SME logo<br />
<br />
|}<br />
<br />
=== Download ===<br />
Download the packages and files from http://mirror.contribs.org/smeserver/contribs/michaelw/sme7/Nagios3/packages/ manually or run the the script [http://mirror.contribs.org/smeserver/contribs/michaelw/sme7/Nagios3/packages/wgetall wgetall] to download all in one go.<br />
bash < wgetall<br />
<br />
=== Installation ===<br />
<br />
{{Note box|If you have the Nagios 2 contrib installed, follow the update instructions below}}<br />
<br />
==== Configure the dag repositoy ====<br />
You need to activate the [[Dag]] reposity before installing this contrib.<br /><br />
<br />
see [[dag|dag repository]] <br /><br />
<br />
==== Installation of a central Nagios server ====<br />
Intstalling the packages<br />
/usr/bin/yum --enablerepo=dag install \<br />
nagios-plugins-setuid \<br />
perl-Config-Tiny<br />
<br />
/usr/bin/yum --enablerepo=dag localinstall \<br />
smeserver-nagios-*.noarch.rpm \<br />
pnp-*.i386.rpm \<br />
smeserver-nagios-backup-*.noarch.rpm \<br />
perl-Nagios-Plugin-*.noarch.rpm \<br />
smeserver-nagios-plugins-mysql-*.noarch.rpm \<br />
nagios-plugins-generic-*.noarch.rpm \<br />
nagios-of-plugins-*.noarch.rpm \<br />
nagios-plugins-temptrax-*.el4.rf.i386.rpm \<br />
nagios-plugins-esx3i-*.el4.noarch.rpm<br />
Use the configuration files from the smeserver-nagios package as a starting point. This provides a working configuration.<br />
/bin/cp -ba /etc/nagios/nagios.cfg-smeserver /etc/nagios/nagios.cfg<br />
/bin/cp -ba /etc/nagios/cgi.cfg-smeserver /etc/nagios/cgi.cfg<br />
Configuring global access with password required<br />
config set nagios service Name Nagios PublicAccess global-pw<br />
expand-template /etc/httpd/conf/httpd.conf<br />
service httpd-e-smith restart<br />
service nagios restart<br />
Test the installation by pointing your browser to ''<nowiki>https://IPADDRESS/nagios/</nowiki>''<br />
<br />
Browser login in as admin.<br />
After 10 minutes the performance data graphes are available. Click on on the 'star' icon next to the service name to view the graphes on a new page.<br />
<br />
===== Install the VMware ESXi Server CIM Hardware Monitoring (optional) =====<br />
If you plan to monitor an ESx3i server with CIM compliant hardware, you can configure the ESXi plugin<br />
/usr/bin/yum --enable=dag install openssl-devel perl-XML-SAX<br />
Download and install the [http://www.vmware.com/support/developer/viperltoolkit/ VMware Infrastructure (VI) Perl Toolkit]<br />
<br />
Ignore this warning:<br />
''The following Perl modules were found on the system but may be too old to work<br />
with VIPerl:<br />
URI<br />
XML::NamespaceSupport''<br />
<br />
It does not affect the proper function of the nagios plugins.<br />
<br />
To get some configuration hints run <br />
rpm -qi nagios-plugins-esx3i<br />
<br />
===== Install the Nuvola theme (optional) =====<br />
The Nuvola theme provides a nice and modern GUI. The screenshot above was made with the Nuvola theme installed.<br />
cd /usr/share/nagios<br />
rm -rf config.js images index.html main.html side side.html stylesheets<br />
cd -<br />
tar --strip-path=1 -C /usr/share/nagios -xzf nagios-nuvola-*.tar.gz<br />
chmod a+r -R /usr/share/nagios<br />
Empty your browser cache and reload the Nagios page.<br />
<br />
===== Integrate Ajaxterm in the Nuvola theme Home menu (optional) =====<br />
Install the [[Ajaxterm]] contrib and run<br />
patch -p0 /usr/share/nagios/side/dtree_data.js < dtree_data.js.patch<br />
Empty your browser cache and reload the Nagios page.<br />
<br />
===== Install additional logo icons (optional) =====<br />
This installs a set of icons, including the SME server logo. The logos can be used in the ''hostextinfo{}'' sections. A preview of the logos can be found [http://wiki.contribs.org/images/d/d0/Nagios-logos.jpg here].<br />
<br />
tar --strip-path 1 -C /usr/share/nagios/images/logos -xzf nagios-icons-nx-*.tar.gz<br />
chown nagios.root /usr/share/nagios/images/logos/*<br />
chmod 644 /usr/share/nagios/images/logos/*<br />
<br />
==== Hints ====<br />
* Place all your configuration files in /etc/nagios/ in the sub-directories templates, host, services, etc.<br />
<br />
* Do not change the default pathes of log files, rrd files, etc.. The ''smeserver-nagios-backup'' RPM requires these settings to work properly.<br />
* Nagios 3 runs host checks that provides performance data. Add this action_url option to each host definiton:<br />
action_url /nagios/pnp/index.php?host=$HOSTNAME$<br />
* Add this action_url option to service checks with performance data output<br />
action_url /nagios/pnp/index.php?host=$HOSTNAME$&srv=$SERVICEDESC$<br />
* You can permit other users to access Nagios. Add them separated by a comma to the lines<br />
authorized_for_system_information=admin<br />
authorized_for_system_commands=admin<br />
authorized_for_configuration_information=admin<br />
authorized_for_all_hosts=admin<br />
authorized_for_all_host_commands=admin<br />
authorized_for_all_services=admin<br />
authorized_for_all_service_commands=admin<br />
* It is a good idea to make your Nagios server as independent as possible from the infrastructure it monitors, i.e., use a dedicated hardware, network, mail- and pager system, firewall and internet connection if possible. <br />
* Consider to setup a second Nagios somewhere on your network, which monitors your central Nagios server. Then you need to install the NRPE also on the central server.<br />
<br />
==== Update from Nagios 2 to Nagios 3 ====<br />
Before installing this contrib based on Nagios 3, remove all packages of the previous Nagios 2 installation<br />
service nagios stop<br />
service nagiosgrapher stop<br />
<br />
/usr/bin/yum erase \<br />
nagios-plugins-esx3i \<br />
nagios-nrpe \<br />
nagios-plugins-temptrax \<br />
nagios-plugins \<br />
nagios-of-plugins \<br />
nagios-plugins-generic \<br />
nagios smeserver-nagios-nrpe \<br />
smeserver-nagios \<br />
smeserver-nagios-plugins-mysql \<br />
nagios-plugins-nrpe \<br />
nagios-plugins-setuid \<br />
smeserver-nagiosgrapher \<br />
smeserver-nagios-backup<br />
Remove all NagiosGrapher rrd data. It is not possible to tranfer the existing NagiosGrapher data to PNP. <br />
rm -rf /var/lib/nagios/*<br />
Backup your Nagios configuration data<br />
cp -a /etc/nagios /etc/nagios.v2<br />
Delete Nagios configuration data<br />
rm -rf /etc/nagios <br />
Move the retention data to the new Nagios 3 loaction<br />
mkdir -p /var/nagios/<br />
mv /var/log/nagios/retention.dat /var/nagios/<br />
<br />
'''Now install this contrib following the instructions in chapter 'Installation'<br />
'''<br />
service nagios stop<br />
Delete the default configuration files<br />
cd /etc/nagios<br />
rm -rf commands/default.cfg \<br />
objects \<br />
contacts/contacts.cfg \<br />
hostgroups/default.cfg \<br />
hosts/localhost.cfg \<br />
servicegroups/default.cfg \<br />
services/localhost.cfg \<br />
templates/default.cfg \<br />
timeperiods/default.cfg<br />
<br />
Copy your saved configuration files to /etc/nagios. When you place them into the pre-defined directories contacts, services, hostgroups, templates, commands, hosts, servicegroups, and timeperiods you don't need to adjust nagios.cfg.<br />
<br />
Review your config files and do the following<br />
* add <tt>'''use host-pnp'''</tt> to your generic host definition to add an action url for PNP to all hosts.<br />
* for all services that output performance data add <tt>'''action_url /nagios/pnp/index.php?host=$HOSTNAME$&srv=$SERVICEDESC$'''</tt> to your service template definitions<br />
* move all options from <tt>'''hostextinfo'''</tt> definition (except <tt>'''host_name'''</tt> and <tt>'''action_url'''</tt>) to <tt>'''host'''</tt> definition. Delete the <tt>'''hostextinfo'''</tt> definition.<br />
* do the same for <tt>'''serviceextinfo'''</tt> definitons<br />
<br />
When done check your config<br />
nagios -v /etc/nagios/nagios.cfg<br />
and finally start the service<br />
service nagios start<br />
<br />
==== Backup and Restore ====<br />
With the smeserver-nagios-backup RPM installed all Nagios and PNP configuration data, status data and archives are included in the SME Server standard backup. In the pre-backup event those data are copied to the <tt>/home/e-smith/db/nagios/</tt> directory. As the nagios service is stopped during copying it is recommended to configure Nagios to save its scheduling info (next check time) for hosts and services in a file and use this at startup. Otherwise Nagios would re-schedule all checks spreaded over the timeframe defined by <tt>max_service_check_spread</tt> and <tt>max_host_check_spread</tt> (default 30 min). As a result you would have gaps in checking and visible gaps in the PNP graphes.<br />
<br />
in <tt>/etc/nagios/nagios.cfg</tt> set:<br />
retain_state_information=1<br />
state_retention_file=/var/nagios/retention.dat<br />
use_retained_program_state=1<br />
use_retained_scheduling_info=1<br />
<br />
When doing a restore, the data from <tt>/home/e-smith/db/nagios/</tt> are copied back to their original locations in the bootstrap-console-save event.<br />
<br />
=== Uninstall ===<br />
This removes the installed Nagios packages.<br />
service nagios stop<br />
<br />
rpm -e \<br />
nagios-of-plugins \<br />
nagios-plugins-esx3i \<br />
nagios-plugins-generic \<br />
nagios-plugins-temptrax \<br />
perl-Nagios-Plugin \<br />
pnp \<br />
smeserver-nagios \<br />
smeserver-nagios-backup \<br />
smeserver-nagios-nrpe \<br />
smeserver-nagios-nsca \<br />
smeserver-nagios-plugins-mysql \<br />
nagios-plugins-setuid \<br />
perl-Config-Tiny<br />
<br />
Remvove the dependencies if not needed by other contribs<br />
rpm -e \<br />
fping \<br />
gd \<br />
libart_lgpl \<br />
libmcrypt \<br />
nagios \<br />
nagios-nrpe \<br />
nagios-nsca \<br />
nagios-nsca-client \<br />
nagios-plugins \<br />
nagios-plugins-nrpe \<br />
perl-Class-Accessor \<br />
perl-Crypt-DES \<br />
perl-Math-Calc-Units \<br />
perl-Net-SNMP \<br />
perl-Params-Validate \<br />
perl-rrdtool \<br />
rrdtool \<br />
xinetd <br />
Ignore the warnings about non-existing user nagios and group nagios.<br />
expand-template /etc/httpd/conf/httpd.conf<br />
service httpd-e-smith restart<br />
<br />
=== References ===<br />
* Nagios NRPE Contrib: [[Nagios NRPE]]<br />
* Nagios NSCA Contrib: [[Nagios NSCA]]<br />
* Nagios: http://www.nagios.org/<br />
* perl-Nagios-Plugin: http://members.financial.com/~cmr/rpmforge/perl-Nagios-Plugin/<br />
* nagios-of-plugins: http://www.nagiosexchange.org/Plugin_Packages.52.0.html?&tx_netnagext_pi1%5Bp_view%5D=323<br />
* Nuvola theme: http://www.nagiosexchange.org/Image_Packs.75.0.html?&tx_netnagext_pi1%5Bp_view%5D=252&tx_netnagext_pi1%5Bpage%5D=10%3A10<br />
* Temptrax Plugin: http://www.nagiosexchange.org/cgi-bin/page.cgi?g=1716.html<br />
* Nagios books: ''"Nagios : system and network monitoring / Wolfgang Barth / ISBN 1-59327-070-4"'', ''"Building a Monitoring Infrastructure with Nagios / David Josephsen / ISBN 0-13-223693-1"''<br />
* Nagios in a German Computer Magazine: http://www.heise.de/netze/artikel/81238<br />
* PNP4Nagios: http://www.pnp4nagios.org/pnp/start<br />
----<br />
[[Category: Contrib]]<br />
[[Category: Webapps]]<br />
[[Category: Administration:Monitoring]]</div>Morpheushttps://wiki.koozali.org/index.php?title=Zabbix&diff=33642Zabbix2017-06-29T02:31:17Z<p>Morpheus: /* Components */</p>
<hr />
<div>{{Languages|Zabbix}}<br />
<br />
{{Incomplete}}<br />
<br />
<br />
===Maintainer===<br />
[mailto:daniel@firewall-services.com[[User:VIP-ire|Daniel B.]]] from [http://www.firewall-services.com Firewall Services]<br />
=== Description ===<br />
<br />
[http://www.zabbix.com Zabbix] offers advanced monitoring, alerting and visualisation features today which are missing in other monitoring systems, even some of the best commercial ones:<br />
<br />
=== Features ===<br />
<br />
Here are some of the features provided by Zabbix:<br />
<br />
*Distributed monitoring<br />
** Centralized configuration<br />
** Centralized access to all data<br />
** Up-to 1000 of nodes<br />
** Unlimited number of proxies<br />
<br />
*Scalability<br />
** Tested with 10,000 monitored devices and servers<br />
** Tested with 100,000 availability and performance checks<br />
** Processing of thousands of availability and performance checks per second<br />
<br />
*Real-time monitoring<br />
** Performance monitoring<br />
** Availability monitoring<br />
** Integrity monitoring<br />
** Flexible notification conditions<br />
** Alerting users (Email, SMS, Jabber)<br />
** Logging<br />
<br />
*Visualisation<br />
** User-defined views and slide shows<br />
** Mapping<br />
** Graphing (including pie charts)<br />
** Zooming<br />
<br />
*Fast Problem Resolution<br />
** Send alerts via email, cell phone, SMS or audio alerts<br />
** Execute remote commands<br />
<br />
*Assuring SLA<br />
** Hierarchical IT Services<br />
** Real-time SLA reporting<br />
<br />
*Reporting and trending<br />
** Easy integration of 3rd party tools<br />
** Analysis of yearly/monthly/daily statistics<br />
** SLA reports<br />
<br />
*XML data import/export<br />
** Easy sharing of templates<br />
<br />
*Auto discovery<br />
** Discovery by IP range, services and SNMP<br />
** Automatic monitoring of discovered devices<br />
<br />
*WEB monitoring<br />
** WEB performance and availability monitoring<br />
** Flexible scenarios<br />
** Support of POST and GET methods<br />
<br />
*Flexibility<br />
** Support of IPv4 and IPv6<br />
** Easily extendable native agents<br />
** Any notifications methods<br />
** Runs on any platform<br />
<br />
*Pro-active monitoring<br />
** Automatic execution of remote commands<br />
** Automatic IPMI commands<br />
<br />
*Aggregate monitoring<br />
** Monitoring of a group of hosts as a single host<br />
<br />
*Agentless monitoring<br />
** Monitoring of remote services (FTP, SSH, HTTP, other)<br />
** Support of SNMP v1,2,3<br />
** Support of IPMI<br />
** SNMP traps<br />
<br />
*High performance agents<br />
** All platforms supported (UNIX, Windows, Novell)<br />
** Memory utilisation<br />
** Network utilisation<br />
** Disk I/O<br />
** Disk space availability<br />
** File checksums<br />
** Monitoring of log files<br />
** And more...<br />
<br />
*Security<br />
** Flexible user permissions<br />
** Authentication by IP address<br />
** Protection against brute force attacks<br />
<br />
*Escalations and notifications<br />
** Repeated notifications<br />
** Unlimited escalations<br />
** Recovery messages<br />
** Be notified while problem is not resolved<br />
<br />
*Management functions<br />
** Ping, traceroute to a host<br />
** Any other functions<br />
<br />
*Dashboard<br />
** Personalized dashboard<br />
** Favourite resources<br />
** High level view<br />
<br />
*Agent-based monitoring<br />
** Native agent for any platform<br />
** Immune to connection problems<br />
<br />
*Open Source Solution<br />
** No license driven limitations<br />
** Access to source code<br />
** Open to code audit<br />
<br />
*Easy Administration<br />
** Very fast learning curve<br />
** All data is stored in a database (Oracle, MySQL, PostgreSQL, SQLite)<br />
** Centralised configuration and storage of information<br />
<br />
*and more...<br />
<br />
=== Full documentation ===<br />
<br />
A complete documentation is available as a PDF file here http://www.zabbix.com/documentation.php<br />
You'll also find some useful informations on the official [http://www.zabbix.com/wiki/doku.php wiki] of the project and the [http://www.zabbix.com/forum/ forum].<br />
<br />
{{Note box|This wiki page is not a complete guide for Zabbix, but just a starting point to run it on your SME Server using this contrib.<br />
For a complete documentation, please refer to the project documentation: http://www.zabbix.com/documentation.php}}<br />
<br />
=== Versions ===<br />
Here are informations about the latest release of each component:<br />
{{ #smeversion: smeserver-zabbix-server }}<br />
{{ #smeversion: zabbix-server }}<br />
{{ #smeversion: smeserver-zabbix-agent }}<br />
{{ #smeversion: zabbix-agent }}<br />
{{ #smeversion: smeserver-zabbix-proxy }}<br />
{{ #smeversion: zabbix-proxy }}<br />
<br />
<br />
<br />
<br />
=== Requirements ===<br />
*SME Server 7.X (9.X or higher for zabbix-server)<br />
*php>=5.4 for zabbix server only, hence you will need to first install smeserver-php-scl on SME9 and set php54 or higher as default php version<br />
<br />
=== Components ===<br />
<br />
Zabbix is composed of four major components:<br />
*The server (the main part). The server will store and analyse the different data, send alerts, etc...<br />
*The web interface (which is automatically installed with the server with this contrib).<br />
*The agent, which gathers informations on the different hosts you monitor.<br />
*The proxy, which is an optional part, can be used to collect performance and availability data locally, and send it to the server.<br />
<br />
==== Server ====<br />
<br />
The server is the core component of Zabbix software. It uses one database (MySQL in this contrib) to store configuration, performance and integrity information. The server can check network services with simple check (ICMP, TCP etc...) for agent-less monitoring, it can monitor network devices using SNMP and is also the central component to which agent report information (agent can work in active, passive, or both mode). The server will also analyse all the information and send alerts depending on very flexible triggers.<br />
<br />
===== Installation on SME9=====<br />
First enable the needed repo: Firewall service and REMI <br />
{{:Fws}}<br />
{{:Remi-safe}}<br />
<br />
signal-event yum-modify<br />
<br />
to install Zabbix server, just use yum:<br />
yum --enablerepo=smecontribs,fws,remi-safe install smeserver-zabbix-server<br />
<br />
then go to your server-manager to set php5.4 or higher as default php for your SME, or you will not be able to access to zabbix web gui, or just issue the following<br />
config setprop php54 PhpModule enabled #replace here with php55 or php56 if you have other needs<br />
signal-event php-update<br />
<br />
then you will have to either tweak the default configuration as explain in next step or just issue :<br />
signal-event zabbix-server-update<br />
<br />
then go to your web interface : https://yourserveradress/zabbix<br />
<br />
===== DB Parameters =====<br />
<br />
Here's the list of available DB parameters for zabbix-server service on SME:<br />
*'''DbName''': The name of the database where everything is stored. Default is 'zabbixdb'<br />
*'''DbPassword''': The password of the database. A random password is generated during the installation<br />
*'''DbUser''': The user name to access the database. Default is zabbixuser<br />
*'''JabberAccount''': Account used to send jabber notification<br />
*'''JabberServer''': Jabber server to use to send notifications<br />
*'''JabberPassword''': Password for the account (for "JabberAccount")<br />
*'''JabberTLS''': (enabled|disabled) Does your Jabber server requires TLS security<br />
{{Note box|The different Jabber settings above are not for the built-in jabber notification function (because I couldn't get it working as my server requires TLS and the built-in features do not support it). But I've included a external script using sendxmpp to send the notification. You should have a media called 'xmpp' in zabbix administration. }} <br />
<br />
*'''NodeID''': The node ID of your server. If you don't use distributed monitoring (just one central Zabbix server), you should let this to 0<br />
*'''TCPPort''': Port used for agent<->server (and proxy<->server) communication. The default is 10051<br />
*'''TimeZone''': It's very important for zabbix to know your time zone (PHP TimeZone setting). Unfortunately, SME do not set it. You can specify your time zone. This setting will only affect Zabbix<br />
*'''WebAccess''': (local|public|disabled) From where you'll be able to access the web interface. You can set it to disabled if you want to disable the web interface (for example, if your server is a node of a distributed environment)<br />
*'''access''': (public|local) From where zabbix port will be available (controlled by TCPPort). You should restrict the access to a list of host with the AllowHosts key if you set public here.<br />
*'''status''': Should the service be started automatically ?<br />
<br />
<br />
<br />
Once you have everything configured like you want, just issue<br />
signal-event zabbix-server-update<br />
<br />
to expand the templates and restart the needed services.<br />
<br />
===== Web Interface =====<br />
<br />
The main web interface is available (if not disabled with the key WebAccess) on https://server.domain.tld/zabbix.<br />
The default user is '''admin''', with password '''zabbix''' (you should change this password ASAP)<br />
<br />
Here are some screenshots of what you can get with zabbix<br />
[[File:Zabbix_graph_cpu.png|768px|thumb|center|CPU Usage Graph]]<br />
[[File:Zabbix_graph_mem.png|768px|thumb|center|Memory Usage Graph]]<br />
[[File:Zabbix_graph_network.png|768px|thumb|center|Network Usage Graph]]<br />
{{Note box|You can select a period on any graph. With this great feature, you can easily zoom on a period of time to analyse things with hight precision}}<br />
[[File:Zabbix_graph_mail_in.png|768px|thumb|center|Incoming mails statistics]]<br />
[[File:Zabbix_screen.png|768px|thumb|center|Screen]]<br />
{{Note box|You can display as many graphs as you want in one screen, automatically refresh it, change it (display network graphs of hosts 1 during 2minutes, then display hardware graphs of hosts2 for 3 minutes etc...)}}<br />
[[File:Zabbix_overview.png|768px|thumb|center|Triggers overview]]<br />
[[File:Zabbix_map.png|768px|thumb|center|Hosts Map]]<br />
{{Note box|this is a very simple map, you can make it look nicer}}<br />
<br />
<br />
For more screenshots, visit the project website [http://www.zabbix.com/screenshots.php here]<br />
<br />
==== Agent ====<br />
<br />
Zabbix agent is a very small daemon which will gather information about the host being monitored, and report it to one or several server(s) (or proxy(s)).<br />
Agents can run in active or passive mode (or both):<br />
*In active mode, the agent will make outgoing connection to the server (port 10051 by default).<br />
*In passive mode, the server will connect to the agent (on port 10050 by default). <br />
<br />
Please read Chap. 2.3.4.ZABBIX Agent page 39 and Chap. 3.3.ZABBIX Agent (UNIX, standalone daemon) of the manual for more information on Zabbix agent.<br />
<br />
===== Installation SME9 =====<br />
first enable the needed repo: Firewall service <br />
{{:Fws}}<br />
<br />
signal-event yum-modify<br />
<br />
to install Zabbix agent, just use yum:<br />
yum --enablerepo=smecontribs,fws install smeserver-zabbix-agent<br />
<br />
<br />
This package will download at least the following dependencies:<br />
*zabbix (very small package with just common directories used by all zabbix components)<br />
*zabbix-agent (the agent)<br />
*smeserver-remoteuseraccess: this contrib is needed because it provides needed templates metadata for /etc/sudoers.<br />
<br />
===== DB parameters =====<br />
<br />
Here's the list of available DB parameters for zabbix-agent service on SME:<br />
*'''RemoteCommands''': (enabled|disabled). If you want to enable remote commands on zabbix agent (you should read the zabbix documentation). Please, be aware that there're security implications if you enable it. The default is disabled<br />
*'''ServerPort''': port to contact the server when running in active mode. Default to 10051<br />
*'''Servers''': List of servers (or proxy), separated by commas, to which send informations. The first one may be used for active checks, the others are only for passive mode<br />
*'''TCPPort''': TCP port on which the agent will listen if passive mode is enabled<br />
*'''access''': (public|private) If you want to open the agent on the public interface (only useful if passive is enabled). If you set this to 'public' you should use the AllowHosts key to limit the access<br />
*'''active''': (enabled|disabled) Do you want to enabled the active mode<br />
*'''passive''': (enabled|disabled) Do you want to enable the passive mode<br />
*'''status''': (enabled|disabled) Should the service be automatically started<br />
<br />
<br />
<br />
Once you have everything configured like you want, just issue<br />
signal-event zabbix-agent-update<br />
<br />
to expand the templates and restart the needed services.<br />
<br />
===== Remote client with encryption =====<br />
on the client do:<br />
openssl rand -hex 32 > /etc/zabbix/zabbix_agentd.psk<br />
chown :zabbix /etc/zabbix/zabbix_agentd.psk<br />
chmod 640 /etc/zabbix/zabbix_agentd.psk<br />
signal-event zabbix-agent-update<br />
cat /etc/zabbix/zabbix_agentd.psk<br />
<br />
you might also need a public access there:<br />
config setprop zabbix-agent Servers IP1,IP2 access public active disabled passive enabled AllowHosts IP1,IP2<br />
signal-event zabbix-agent-update<br />
<br />
On the Zabbix server interface for this client select : <br />
# Connections to host: psk <br />
# Connections from host: psk<br />
# PSK identity: domain.name-agent<br />
# psk: [paste here the output of cat /etc/zabbix/zabbix_agentd.psk]<br />
<br />
===== Additional checks =====<br />
<br />
Even if Zabbix agent is great and support natively a lot of checks, some were missing for my use, so I've added some UserParameters entries in the configuration file. For each of this check, you should add a new item with the name of the check as the key.<br />
Configuring the corresponding checks on the server can be quite long. You can have a look at the [http://sme.firewall-services.com/downloads/zabbix/zabbix_SME.zip templates] I use to monitor SME Servers. This archive contains some templates/items/graphs/triggers in XML format (exported from Zabbix). You can use the Import/Export functionality of Zabbix (Manual Chap. 8.XML IMPORT AND EXPORT page 154) to import it on your server.<br />
<br />
You can also have a look at the configuration file /etc/zabbix/zabbix_agentd.conf to see the commands used to return the corresponding values. You'll also find for each UserParameter information on how to create the corresponding item on the server.<br />
<br />
Please, read chapter 4.11.User Parameters page 119 of the manual to have more information on how UserParameters work.<br />
<br />
*External IP:<br />
**'''ip.external''': Return the real external IP address.<br />
<br />
*Incoming mails statistics:<br />
<br />
{{Note box|Since version 0.1-28 of smeserver-zabbix-agent, the keys to retrieve emails statistics has changed. The value retrieved here are for the last 10 Minutes (the statistics are updated with a cronjob every 10 minutes), so you should configured these items to be refreshed every 600 seconds}}<br />
<br />
**'''mail.in[dnsbl]''': number of emails rejected by DNSBL<br />
**'''mail.in[rhsbl]''': number of emails rejected by RHSBL<br />
**'''mail.in[clamav]''': number of emails rejected by CLAMAV<br />
**'''mail.in[check_earlytalker]''': number of emails rejected by EARLYTALKER<br />
**'''mail.in[check_basicheaders]''': number of emails rejected by BASICHEADERS<br />
**'''mail.in[check_goodrcptto]''': number of emails rejected by GOODRCPTTO<br />
**'''mail.in[check_spamhelo]''': number of emails rejected by SPAMHELO<br />
**'''mail.in[total_denied]''': sum of rejected emails (sum of the above checks)<br />
**'''mail.in[spam_denied]''': number of emails rejected by SPAMASSASSIN<br />
**'''mail.in[other_denied]''': number of emails rejected by others checks<br />
**'''mail.in[spam_queued]''': number of emails queued but marked as spam by SPAMASSASSIN<br />
**'''mail.in[queued]''': number of emails queued (HAM)<br />
**'''mail.in[total]''': number of emails received (accept + denied)<br />
<br />
*Outgoing mails statistics:<br />
**'''mail.out[total]''': sum of outgoing emails<br />
**'''mail.out[success]''': number of successful transmitted emails<br />
**'''mail.out[deferral]''': number of deferred emails<br />
**'''mail.out[failure]''': number of failures<br />
<br />
*Memory/Swap usage:<br />
**'''vm.memory.size.used''': Actually used memory in bytes<br />
**'''vm.memory.size.pused''': Actually used memory in %<br />
**'''system.swap.size.used''': Actually used swap space in bytes<br />
<br />
*MySQL Information:<br />
**'''mysql.uptime''': uptime of mysql server in seconds<br />
**'''mysql.threads''': number of threads<br />
**'''mysql.questions''': number of queries since mysql has been started<br />
**'''mysql.slowqueries''': number of slow queries<br />
**'''mysql.qps''': average queries per seconds<br />
**'''mysql.size''': total space used by mysql databases<br />
<br />
*Network usage. These checks are useful if you want to monitor several SME Servers using one template (so same checks), but those servers use different interfaces configuration (eth0, eth1, br0, bond0, ppp0 etc...)<br />
**'''net.if.in.internal''': Equivalent to net.if.in[ethX,bytes], but is independent of your internal interface name (eth0, bond0, br0 etc...)<br />
**'''net.if.out.internal''': Equivalent to net.if.out[ethX,bytes]<br />
**'''net.if.in.external''': Equivalent to net.if.in[ethX,bytes], but is independent of your external interface name (eth0, eth1, ppp0 etc...)<br />
**'''net.if.out.external''': Equivalent to net.if.out[ethX,bytes]<br />
<br />
{{Note box|Since version 0.1-38 of smeserver-zabbix-agent, the keys to retrieve UPS informations has changed. You now have to select the name of your UPS on the server side. The default name for an UPS in SME is '''UPS'''}}<br />
<br />
*UPS status:<br />
**'''ups.load[UPS]''': Current load (in %) of your UPS<br />
**'''ups.battery.charge[UPS]''': Current charge (in %) of the battery<br />
**'''ups.status[UPS]''': Current status of the UPS (OL, OB, OL CHRG etc...)<br />
**'''ups.model[UPS]''': Model of the UPS<br />
<br />
*Raid Array Monitoring:<br />
**'''raid.sw.status''': Current status of your software Raid (all array)<br />
**'''raid.mega.status''': Current status of your mega raid based raid array (for example, the perc5/6(i) are megaraid based). Requires additional MegaCLI package available from here: [http://www.lsi.com/storage_home/products_home/internal_raid/megaraid_sas/]<br />
<br />
==== Proxy ====<br />
<br />
Zabbix proxy is a lightweight daemon. It will act as a server for agents, will cache locally (in a mysql database) the information, and send it to the server it belongs to. This is useful to monitor networks elements behind a firewall.<br />
<br />
===== Installation SME9=====<br />
first enable the needed repo: Firewall service <br />
{{:Fws}}<br />
<br />
signal-event yum-modify<br />
to install Zabbix proxy, just use yum:<br />
yum --enablerepo=smecontribs,fws install smeserver-zabbix-proxy<br />
<br />
===== DB Parameters =====<br />
*'''DbName''': the name of the database used by the proxy. The default is zabbixproxydb<br />
*'''DbPassword''': the password to access the database<br />
*'''DbUser''': the user to access the database<br />
*'''Servers''': List of servers (separated by commas) to which send the informations<br />
*'''TCPPort''': TCP port on which the proxy listen. Clients will connect on the proxy as if it's a Zabbix server. The default is 10051<br />
*'''access''': (private|public) If you want to open zabbix-proxy on the external interface. If you set this to public, you should use the AllowHosts key to limit the access<br />
*'''status''': (enabled|disabled) Should the service be started automatically<br />
<br />
=== Monitoring SME servers ===<br />
<br />
If you want to monitor SME Servers with zabbix, you'll first need to install the agent as explained earlier, then configure the agent to accept connection from your server. For example, to monitor you local server (the one running zabbix-server):<br />
<br />
db configuration setprop zabbix-agent Servers localhost active disabled passive enabled<br />
signal-event zabbix-agent-update<br />
<br />
{{Note box|After installation, the agent is configured for active checks only. Here, we disable the active checks, and enable the passive ones.}}<br />
<br />
Then, just add a host in Zabbix, pointing to localhost.<br />
<br />
Now you can start adding items (type agent (active or passive depending on the mode you use on the agent)) to this new host.<br />
<br />
If you want to monitor SME Servers on the Internet and use passive mode, the server will initiate connections to the agent. You'll need to port-forward the port if you run in serveronly mode (the default is port 10050 TCP), or to open this port in the firewall if runing in server&gateway mode:<br />
<br />
db configuration setprop zabbix-agent Servers w.x.y.z active disabled passive enabled access public AllowHosts w.x.y.z<br />
signal-event zabbix-agent-update<br />
<br />
{{Warning box|If you use active checks, you need to name the host in zabbix server hostname.domainname.tld (check the file /etc/zabbix/zabbix_agentd.conf, the directive Hostname). If you don't do that, checks won't work}}<br />
<br />
You can download [http://repo.firewall-services.com/misc/monitoring/templates_zabbix.zip here] an archive with some XML exports of the templates I use to monitor my servers. Just extract the archive, and import the templates you want in Zabbix (using the Import/Export menu of zabbix configuration)<br />
<br />
Each XML file represent a template in Zabbix<br />
<br />
*'''Template_SME''' is the main template. It'll add a lot of items for global system monitoring, triggers if load is too high, lack of free memory, httpd is down, passwd has changed etc... and also some graphs like CPU usage, memory, disk space, network usage etc... This templates requires the '''Template_icmp''' and '''Template_app_MySQL''' template<br />
<br />
*'''Template_SME_coovaChilli''' will add tun0 statistics (useful if you use [[CoovaChilli]] contrib). It'll also create a graph for tun0 stats<br />
<br />
*'''Template_SME_softRaid''' will add items and triggers for software raid monitoring. If you link a SME Server with this template, you'll be warned if one of the raid array is degraded or rebuilding<br />
<br />
*'''Template_SME_megaRaid''' will do the same but for MegaRaid based cards. It also requires the MegaCli utility from [http://www.lsi.com/storage_home/products_home/internal_raid/megaraid_sas/ LSI] website<br />
<br />
*'''Template_SME_nutUPS''': Will add items and triggers to be warned if your UPS is on battery, or overloaded.<br />
<br />
*'''Template_icmp''': will configure two items to check if the server is alive, and measure the latency. It also provides latency graphs and some triggers (if latency is too high, if host is down since more than 5min and if hosts is down for more than 1 hour)<br />
<br />
=== Bugs ===<br />
Please raise bugs under the SME-Contribs section in [http://bugs.contribs.org/enter_bug.cgi bugzilla]<br />
and select the smeserver-zabbix component or use on of this link:<br />
====smeserver-zabbix-proxy====<br />
new bug for {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-zabbix-proxy|title=proxy}}<br />
{{#bugzilla:columns=id,product,version,status,summary |sort=id|order=desc |component=smeserver-zabbix-zabbix-proxy|noresultsmessage="No open bugs found."}}<br />
<br />
====smeserver-zabbix-agent====<br />
new bug for {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-zabbix-agent|title=agent}}<br />
{{#bugzilla:columns=id,product,version,status,summary |sort=id|order=desc |component=smeserver-zabbix-agent|noresultsmessage="No open bugs found."}}<br />
<br />
====smeserver-zabbix-server====<br />
new bug for {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-zabbix-server|title=server}}<br />
{{#bugzilla:columns=id,product,version,status,summary |sort=id|order=desc |component=smeserver-zabbix-server|noresultsmessage="No open bugs found."}}<br />
<br />
<br />
<br />
----<br />
[[Category:Contrib]]</div>Morpheus