server:zabbix

Zabbix

Zabbix ist ein Monitoringsystem das auf Agents basiert. Besonders die von Haus aus enthaltenen Graphen und Templates mit Autodiscovery von z.B. mountpoints sind von Vorteil.

Komponenten:

  • agent / agent2
  • server
  • webinterface

Begriffe:

  • items
  • trigger
  • key
  • application

Menustruktur der Weboberfläche:

  • Monitoring
    • Dashboard
    • Problems
    • Hosts
    • Overview
    • Latest data
    • Screens
    • Maps
    • Discovery
    • Services
  • Inventory
    • Overview
    • Hosts
  • Reports
    • System information
    • Triggers top 100
    • Audit
    • Actions Log
    • Notifications
  • Configuration
    • Host groups
    • Templates
    • Hosts
    • Maintenance (periods)
    • Event Correlation
    • Discovery (rules)
    • Services
  • Administration
    • General
    • Proxies
    • Authentication (Internes Verzeichnis, HTTP basic auth, LDAP, SAML)
    • User groups
    • User
    • Media types
    • Scripts
    • Queue (overview)
  • Support
  • Share
  • Help
  • User settings
  • Sign out

Zabbix unterstützt IPv6. Wenn die Verbindungen mit DNS-Namen benutzt werden brauch nichts weiter eingestellt werden.

Zu Beachten im Dualstack-Betrieb:

  • wenn ListenIP angegeben ist werden nur die angegebenen IPs gebunden. 0.0.0.0 heißt IPv4 only! Die Direktive kann entfernt werden.
  • checks werden dann nur auf v6 gemacht (v4 only-Adressen weiterhin geprüft). Eine mögliche Lösung wäre macros auf dem Host (z.B {$IPV4} und {$IPV6} ) und diese statt

Installation

Für die Installation kann auf Automatisierung zurückgegriffen werden:

bis dato 1) unterstützt die collection noch keine Version 5.0, dies scheint jedoch eine triviale Anpassung zu sein:

  • Datei ~/.ansible/collections/ansible_collections/community/zabbix/roles/zabbix_agent/vars/zabbix.yml durch diese zabbix.yml ersetzen

Ansible Rollen (keine Weiterentwicklung, siehe Ansible 2.10 and Project Restructuring)

Siehe Anleitung auf zabbix.com, z.B. für Debian10+Apache+MySQL.

Für 32bit gibt es keine Pakete mehr:

deb-src [arch=amd64] http://repo.zabbix.com/zabbix/5.0/ubuntu/ focal main
deb [arch=amd64] http://repo.zabbix.com/zabbix/5.0/ubuntu/ focal main
apt install zabbix-agent
systemctl stop zabbix-agent.service
# check if still running:
lsof -i -n | grep zab
 
mv /etc/zabbix/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.conf.dist

Neue Config: /etc/zabbix/zabbix_agentd.conf

# my Zabbix config
PidFile=/var/run/zabbix/zabbix_agentd.pid
LogFile=/var/log/zabbix/zabbix_agentd.log
# size of Logfile in MB, Range: 0-1024; 0 means "disable automatic log rotation"
LogFileSize=10
# Source IP address for outgoing connections
# SourceIP=
EnableRemoteCommands=1
ListenPort=10050
# Unique, case sensitive hostname.
# Required for active checks and must match hostname as configured on the server.
# Value is acquired from HostnameItem (default: HostnameItem=system.hostname) if undefined: 
Hostname=MY.HOSTNAME.DOMAIN.TLD
Server=1.2.3.4/32
ServerActive=1.2.3.4/32
Include=/etc/zabbix/zabbix_agentd.d
systemctl start zabbix-agent.service
systemctl enable zabbix-agent.service

Der zabbix-agent2:

Es besteht keine upgradezwang, der alte agent wird weiterentwickelt.

  1. Konfiguration anpassen „C:\Program Files\Zabbix\config\zabbix-agentd.conf“
  2. Dienst einrichten (cmd.exe) – hierbei beachten, daß die Bindestriche Unterstriche sein müssen (zabbix_agentd)C:\Program Files\Zabbix\win<32|64>/zabbix-agentd -c „C:\Program Files\Zabbix\config\zabbix-agentd.conf“ -i
  3. Dienst starten:
    1. Server-Manager→ Konfiguration→ Dienste Zabbix Agent
    2. →Starten

Unter CentOS ist standardmäßig die Firewall aktiv, folgende Ports/Befehle:

# server/webinterface:
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
# server/proxy:
firewall-cmd --zone=public --add-port=10051/tcp --permanent
# agent:
firewall-cmd --zone=public --add-port=10050/tcp --permanent
firewall-cmd --reload

Wenn keine Verbindung zum Server zustande kommt kann auch selinux das „Problem“ sein:

Status prüfen: sestatus

Im enforcing-modus fehlen u.U. Fähigkeiten:

getsebool -a|grep zabbix Ausgabe:

httpd_can_connect_zabbix --> off
zabbix_can_network --> off

…auf on setzen: setsebool -P httpd_can_connect_zabbix on setsebool -P zabbix_can_network on

Alle Befehle ohne Passwort erlauben (nicht empfohlen):

zabbix ALL=NOPASSWD: ALL

Ausgewählte Befehle erlauben:

zabbix ALL=NOPASSWD: /etc/init.d/apache restart

Konfiguration

PHP-Konfiguration_

date.timezone = Europe/Berlin
max_execution_time = 300

Der Installationsassistent findet sich unter http://SERVER.TLD/zabbix/

Konfigurationsdatei (/usr/share/zabbix/conf/zabbix.conf.php; bei CentOS /etc/zabbix/web/zabbix.conf.php):

<?php
global $DB_TYPE, $DB_SERVER, $DB_PORT, $DB_DATABASE, $DB_USER, $DB_PASSWORD, $IMAGE_FORMAT_DEFAULT;
 
$DB_TYPE	= "MYSQL";
$DB_SERVER	= "localhost";
$DB_PORT	= "0";
$DB_DATABASE	= "zabbix";
$DB_USER	= "zabbix";
$DB_PASSWORD	= "Passwort";
 
$IMAGE_FORMAT_DEFAULT	= IMAGE_FORMAT_PNG;
?>

Am Ende der Installation ist der Login mit „Admin“ und Passwort „zabbix“ möglich.

Größe der Datenbank „zabbix“:

 SELECT table_schema "zabbix", SUM(data_length + index_length)/1024/1024 "DВ size in MB" FROM information_schema.TABLES GROUP BY table_schema;

Größe der zabbix Tabellen:

USE
SELECT
  TABLE_NAME AS `Table`,
  ROUND((DATA_LENGTH + INDEX_LENGTH) / 1024 / 1024) AS `Size (MB)`
FROM
  information_schema.TABLES
WHERE
  TABLE_SCHEMA = "zabbix"
ORDER BY
  (DATA_LENGTH + INDEX_LENGTH)
DESC;

Seit Zabbix 6.0 kann das audit log größer werden (u.a. werden discovery-aktionen von Benutzer SYSTEM geloggt):

  • Administration → General → Audit log ( https:$ZABBIX_SERVER/zabbix/zabbix.phpaction=audit.settings.edit ): ==== housekeeping ==== Administration → General → Housekeeping ( https:$ZABBIX_SERVER/zabbix/zabbix.php?action=housekeeping.edit )
    • Override item history period: 30, … 90d ?
    • …?

zabbix housekeeper laufen lassen (manuell):

zabbix_server -c /etc/zabbix/zabbix_server.conf -R housekeeper_execute

manuelles clean-up der Datenbank (vorher BACKUP!):

-- intervals in days
SET @history_interval = 30;
SET @trends_interval = 90;
 
DELETE FROM alerts WHERE (UNIX_TIMESTAMP(NOW()) - clock) > (@history_interval * 24 * 60 * 60);
DELETE FROM acknowledges WHERE (UNIX_TIMESTAMP(NOW()) - clock) > (@history_interval * 24 * 60 * 60);
DELETE FROM events WHERE (UNIX_TIMESTAMP(NOW()) - clock) > (@history_interval * 24 * 60 * 60);
 
DELETE FROM history WHERE (UNIX_TIMESTAMP(NOW()) - clock) > (@history_interval * 24 * 60 * 60);
DELETE FROM history_uint WHERE (UNIX_TIMESTAMP(NOW()) - clock) > (@history_interval * 24 * 60 * 60);
DELETE FROM history_str WHERE (UNIX_TIMESTAMP(NOW()) - clock) > (@history_interval * 24 * 60 * 60);
DELETE FROM history_text WHERE (UNIX_TIMESTAMP(NOW()) - clock) > (@history_interval * 24 * 60 * 60);
DELETE FROM history_log WHERE (UNIX_TIMESTAMP(NOW()) - clock) > (@history_interval * 24 * 60 * 60);
 
DELETE FROM trends WHERE (UNIX_TIMESTAMP(NOW()) - clock) > (@trends_interval * 24 * 60 * 60);
DELETE FROM trends_uint WHERE (UNIX_TIMESTAMP(NOW()) - clock) > (@trends_interval * 24 * 60 * 60); 

Zabbix meldet wenn bestimmt Poller ausgelastet sind (viele Proxies, viele System nicht erreichbar etc.)

StartPollers=100
# für passive proxies:
StartProxyPollers=5
StartHTTPPollers=5

Anschließend könnte mysql in Bedrängnis geraten weil Zabbix zu viele Datenbankverbindungen anfordert (in dermy.cnf):

[mysqld]
max_connections = 500

https://www.zabbix.com/de/integrations/telegram

Es wird benutzt:

Vorgehensweise:

  1. Bot bei Telegram anlegen
    1. dazu im Client mit BotFather eine neue Konversation starten, der Befehl ist: /newbot
    2. es führt ein Assistent durch die Einrichtung: man muss einen Benutzernamen eingeben der auf „bot“ endet
    3. …und bekommt am Ende einen token für die HTTP API (z.B. 124226418:BCF9EoD6k11O5qNDfhBL0ofneQ4OfIux5Fo)
  2. Skript ablegen in /usr/lib/zabbix/alertscripts
    #!/bin/sh
    # to must be $chat_id or "@username":
    to=$1 
    subject=$2
    body=$3
     
    botID="124226418:BCF9EoD6k10O5qNDfhBL0ofneQ4OfIux5Fo"
     
    curl -X POST --retry 5 --retry-delay 0 --retry-max-time 60 --data-urlencode "chat_id=$1" --data-urlencode "text=$2 $3" "https://api.telegram.org/$botID/sendMessage?disable_web_page_preview=true"
    if [ $? -ne 0 ]; then
            exit 1
    fi
  3. Im Monitoring-System: Administration → Media-types → Create Media Type
    1. Name: Telegram
    2. Type: Skript
    3. Script name: $Dateiname (ohne Pfad!)
    4. Script parameters:
      1. {ALERT.SENDTO}
      2. {ALERT.SUBJECT}
      3. {ALERT.MESSAGE}
    5. Options entsprechend ausfüllen
  4. Im Monitoring-System: Administration → Users → $Benutzername → Media → Add
    1. Type: Telegram
    2. Send to: $Benutzername (aus Telegram) oder die $ChatID
# noch nötig?
# apt install libunixsocket-java default-jre --no-install-recommends
# auf aktuelle Version ändern:
export VERSION=0.11.7
wget https://github.com/AsamK/signal-cli/releases/download/v"${VERSION}"/signal-cli-"${VERSION}"-Linux.tar.gz
sudo tar xf signal-cli-"${VERSION}"-Linux.tar.gz -C /opt
sudo ln -sf /opt/signal-cli-"${VERSION}"/bin/signal-cli /usr/local/bin/
 
# (besser in /etc/sudoers.d):
nano /etc/sudoers
zabbix  ALL=(root) NOPASSWD: /opt/signal-cli-0.11.7/bin/signal-cli
cd /var/lib/zabbix/
 
# Absender: 4930123456
# Empfänger: 4930987654321
 
# ohne --voice wird eine sms geschickt:
sudo -u zabbix signal-cli -u +4930123456 register --voice
# Verifzierungscode: 123-456
sudo -u zabbix signal-cli -u +4930123456 verify 123-456
sudo -u zabbix signal-cli -u +4930123456 send -m "Hello this is test message " +4930987654321

grep -i AlertScriptsPath /etc/zabbix/zabbix_server.conf # AlertScriptsPath=/usr/lib/zabbix/alertscripts

nano /usr/lib/zabbix/alertscripts/signal.sh

#!/bin/bash
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
 
number="+4930123456"
 
sanitize() {
        echo "$1" | sed -e 's,&,#,g'
}
 
# This is for shamsi date with Jcal you can replace jdate with date 
DATE_EXEC="$(jdate "+%Y.%m.%d % on %T")"
 
A=$(sanitize "$2")
B=$(sanitize "$3")
C=$(sanitize "$1")
 
TEXT="$A
$B
Sent: $DATE_EXEC"
 
echo "$TEXT" | grep -q 'Zabbix agent was unreachable'
if [ "$?" == "0" ]; then
        echo "MAIN($DATE_EXEC):$C 'Zabbix agent was unreachable' Bypass" >> /tmp/signal.log
        exit
fi
 
echo "$TEXT" | /usr/local/bin/signal-cli -u "$number" send $C
 
echo "MAIN:$C $TEXT" >> /tmp/signal.log

chmod +x /usr/lib/zabbix/alertscripts/signal.sh

Welche Lokales angezeigt werden legt einseits der Translation status fest (muss mindestens 75% übersetzt sein):

/usr/share/zabbix/include/locales.inc.php :

function getLocales() {
	return [
		'en_GB' => ['name' => _('English (en_GB)'),	'display' => true],
		'en_US' => ['name' => _('English (en_US)'),	'display' => true],
		'bg_BG' => ['name' => _('Bulgarian (bg_BG)'),	'display' => false],
		'ca_ES' => ['name' => _('Catalan (ca_ES)'),	'display' => false],
		'zh_CN' => ['name' => _('Chinese (zh_CN)'),	'display' => false],
		'zh_TW' => ['name' => _('Chinese (zh_TW)'),	'display' => false],
		'cs_CZ' => ['name' => _('Czech (cs_CZ)'),	'display' => false],
		'nl_NL' => ['name' => _('Dutch (nl_NL)'),	'display' => false],
		'fi_FI' => ['name' => _('Finnish (fi_FI)'),	'display' => false],
		'fr_FR' => ['name' => _('French (fr_FR)'),	'display' => true],
		'ka_GE' => ['name' => _('Georgian (ka_GE)'),	'display' => false],
		'de_DE' => ['name' => _('German (de_DE)'),	'display' => true],
		'el_GR' => ['name' => _('Greek (el_GR)'),	'display' => false],
		'he_IL' => ['name' => _('Hebrew (he_IL)'),	'display' => false],
		'hu_HU' => ['name' => _('Hungarian (hu_HU)'),	'display' => false],
		'id_ID' => ['name' => _('Indonesian (id_ID)'),	'display' => false],
		'it_IT' => ['name' => _('Italian (it_IT)'),	'display' => true],
		'ko_KR' => ['name' => _('Korean (ko_KR)'),	'display' => false],
		'ja_JP' => ['name' => _('Japanese (ja_JP)'),	'display' => false],
		'lv_LV' => ['name' => _('Latvian (lv_LV)'),	'display' => false],
		'lt_LT' => ['name' => _('Lithuanian (lt_LT)'),	'display' => false],
		'nb_NO' => ['name' => _('Norwegian (nb_NO)'),	'display' => false],
		'fa_IR' => ['name' => _('Persian (fa_IR)'),	'display' => false],
		'pl_PL' => ['name' => _('Polish (pl_PL)'),	'display' => false],
		'pt_BR' => ['name' => _('Portuguese (pt_BR)'),	'display' => false],
		'pt_PT' => ['name' => _('Portuguese (pt_PT)'),	'display' => false],
		'ro_RO' => ['name' => _('Romanian (ro_RO)'),	'display' => false],
		'ru_RU' => ['name' => _('Russian (ru_RU)'),	'display' => false],
		'sk_SK' => ['name' => _('Slovak (sk_SK)'),	'display' => false],
		'es_ES' => ['name' => _('Spanish (es_ES)'),	'display' => true],
		'sv_SE' => ['name' => _('Swedish (sv_SE)'),	'display' => false],
		'tr_TR' => ['name' => _('Turkish (tr_TR)'),	'display' => false],
		'uk_UA' => ['name' => _('Ukrainian (uk_UA)'),	'display' => false],
		'vi_VN' => ['name' => _('Vietnamese (vi_VN)'),	'display' => false]
	];
}

…aber auch die Lokales die im System vorhanden sind. Bei Debian/Ubuntu lässt sich das zu festlegen (die obigen Codes z.B. „de_DE“ müssen in der UTF8-Variante vorhanden sein):

dpkg-reconfigure locales

Möchte man keine CA für die Absicherung der Kommunikation zwischen Server und dem Agent einsetzen, so sind alternativ pre-shared keys (PSK) möglich. Siehe auch: Using pre-shared keys.

# 32Byte / 256 Bit-Zufallszeichenkette erzeugen:
openssl rand -hex 32 > /etc/zabbix/zabbix.psk
chmod 600 /etc/zabbix/zabbix.psk
chown zabbix.zabbix /etc/zabbix/zabbix.psk

Den Inhalt von /etc/zabbix/zabbix.psk auf dem Server/Proxy eintragen (Karteikarte encryption, Methode umstellen!):

/etc/zabbix/zabbix_agentd.conf:

TLSConnect=psk
TLSAccept=psk
TLSPSKFile=/etc/zabbix/zabbix.psk
TLSPSKIdentity=$SERVERNAME_oder_anderer_String
systemctl restart zabbix-agent.service
Noch eine letzte Warnung zu duplizierten Identitäten: Es darf wirklich immer nur eine eindeutige Kombination von Identity (Benutzernamen) und Passwort geben. Wird die Identity nochmal irgendwo mit einem anderen Passwort verwendet, dann werden die Daten nicht an den Server/Proxy übertragen obwohl der agent-ping noch funktioniert. Hinweis aus der Doku: „It is a user responsibility to ensure that there are no two PSKs with the same identity string but different values. Failing to do so may lead to unpredictable disruptions of communication between Zabbix components using PSKs with this PSK identity string“.

Die Ansible-Rolle aus den collections hat eine Funktion 2) die psks zufällig zu erzeugen.

zabbix_get -I $IP  -s $IP -k "system.cpu.load[all,avg1]" --tls-connect=psk --tls-psk-identity="$IDENTITY" --tls-psk-file=/etc/zabbix/zabbix.psk

Beispiel: key „zfs.fileset.discovery“:

su -c 'zabbix_agentd -t zfs.fileset.discovery' -s /bin/bash zabbix

Templates

Anpassungen:

Es gibt System die haben keinen Swap-Speicher, dort kommt die Meldung „Lack of free swap space on $HOST“. Ich möchte diesen Trigger nur sehen wenn Swap da ist:

{Template OS Linux:system.swap.size[,free].last()}<50 and {Template OS Linux:system.swap.size[,total].last()}>0

Zabbix Upgrade

  1. Die oben aufgeführte Paketquelle in /etc/apt/sources.list.d/ wird angepasst.
  2. Pakete upgrade
  3. Anschließend muss der zabbix-server neu gestartet werden:
    systemctl restart zabbix-server
  4. der Neustart triggert das Datenbank-upgrade (zu verfolgen in /var/log/zabbix/zabbix_server.log)
     30934:20200605:135159.629 completed 100% of database upgrade
     30934:20200605:135159.629 database upgrade fully completed
    1. System-dashboard „Database history tables upgraded: No“
    2. Änderungen anwenden: https://git.zabbix.com/projects/ZBX/repos/zabbix/raw/database/mysql/double.sql
      ALTER TABLE trends
      	MODIFY value_min DOUBLE PRECISION DEFAULT '0.0000' NOT NULL,
      	MODIFY value_avg DOUBLE PRECISION DEFAULT '0.0000' NOT NULL,
      	MODIFY value_max DOUBLE PRECISION DEFAULT '0.0000' NOT NULL;
      ALTER TABLE history MODIFY VALUE DOUBLE PRECISION DEFAULT '0.0000' NOT NULL;
    3. mysql -u'zabbix' -p'$zabbixDBpass' zabbix -e "show create table history;"
    4. Alt:
      VALUE DOUBLE(16,4) NOT NULL DEFAULT '0.0000',
    5. Neu:
      VALUE DOUBLE NOT NULL DEFAULT '0',
    6. nano /etc/zabbix/web/zabbix.conf.php
      // db is upgrades to double precision
      // https://git.zabbix.com/projects/ZBX/repos/zabbix/raw/database/mysql/double.sql
      $DB['DOUBLE_IEEE754'] = 'true';
    7. das web interface von Version 5.0 brauch php 7.2, bei Debian Jessie ist aber nur 7.0 vorhanden. Entweder dist-upgrade oder deprecated-Paket holen http://repo.zabbix.com/zabbix/5.0/debian/pool/main/z/zabbix/

Fehler im serverlog:

Zabbix supports only "utf8_bin" collation. Database "zabbix" has default collation "utf8_general_ci"
ALTER DATABASE zabbix CHARACTER SET utf8 COLLATE utf8_bin;

Ergebnis:

SELECT DEFAULT_CHARACTER_SET_NAME, DEFAULT_COLLATION_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = 'zabbix';
+----------------------------+------------------------+
| DEFAULT_CHARACTER_SET_NAME | DEFAULT_COLLATION_NAME |
+----------------------------+------------------------+
| utf8                       | utf8_bin               |
+----------------------------+------------------------+

Änderung wenn Tabellen nicht utf8 als Standard-Character-set haben oder Collation *nicht* utf8_bin ist:

Liste von Tabellen erstellen (mit mysql-Batchmode ausführen um den Rahmen wegzubekommen: mysql -s -r):

SELECT CONCAT('ALTER TABLE ', tbl.TABLE_SCHEMA, '.', tbl.TABLE_NAME, ' CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;') FROM information_schema.TABLES tbl WHERE tbl.TABLE_SCHEMA= 'zabbix';

Ergebnis:

ALTER TABLE zabbix.acknowledges CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.alerts CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.application_discovery CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.application_prototype CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.application_template CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.applications CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.auditlog CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.auditlog_details CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.autoreg_host CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.conditions CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.config CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.config_autoreg_tls CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.corr_condition CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.corr_condition_group CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.corr_condition_tag CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.corr_condition_tagpair CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.corr_condition_tagvalue CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.corr_operation CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.correlation CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.dashboard CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.dashboard_user CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.dashboard_usrgrp CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.dbversion CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.dchecks CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.dhosts CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.drules CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.dservices CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.escalations CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.event_recovery CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.event_suppress CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.event_tag CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.events CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.expressions CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.functions CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.globalmacro CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.globalvars CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.graph_discovery CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.graph_theme CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.graphs CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.graphs_items CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.group_discovery CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.group_prototype CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.history CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.history_log CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.history_str CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.history_text CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.history_uint CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.host_discovery CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.host_inventory CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.host_tag CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.hostmacro CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.hosts CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.hosts_groups CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.hosts_templates CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.housekeeper CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.hstgrp CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.httpstep CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.httpstep_field CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.httpstepitem CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.httptest CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.httptest_field CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.httptestitem CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.icon_map CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.icon_mapping CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.ids CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.images CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.interface CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.interface_discovery CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.interface_snmp CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.item_application_prototype CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.item_condition CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.item_discovery CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.item_preproc CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.item_rtdata CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.items CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.items_applications CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.lld_macro_path CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.lld_override CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.lld_override_condition CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.lld_override_opdiscover CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.lld_override_operation CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.lld_override_ophistory CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.lld_override_opinventory CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.lld_override_opperiod CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.lld_override_opseverity CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.lld_override_opstatus CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.lld_override_optag CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.lld_override_optemplate CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.lld_override_optrends CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.maintenance_tag CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.maintenances CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.maintenances_groups CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.maintenances_hosts CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.maintenances_windows CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.mappings CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.media CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.media_type CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.media_type_message CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.media_type_param CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.module CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.opcommand CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.opcommand_grp CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.opcommand_hst CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.opconditions CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.operations CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.opgroup CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.opinventory CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.opmessage CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.opmessage_grp CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.opmessage_usr CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.optemplate CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.problem CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.problem_tag CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.profiles CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.proxy_autoreg_host CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.proxy_dhistory CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.proxy_history CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.regexps CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.rights CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.screen_user CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.screen_usrgrp CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.screens CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.screens_items CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.scripts CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.service_alarms CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.services CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.services_links CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.services_times CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.sessions CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.slides CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.slideshow_user CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.slideshow_usrgrp CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.slideshows CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.sysmap_element_trigger CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.sysmap_element_url CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.sysmap_shape CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.sysmap_url CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.sysmap_user CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.sysmap_usrgrp CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.sysmaps CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.sysmaps_elements CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.sysmaps_link_triggers CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.sysmaps_links CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.tag_filter CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.task CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.task_acknowledge CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.task_check_now CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.task_close_problem CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.task_data CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.task_remote_command CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.task_remote_command_result CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.task_result CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.timeperiods CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.trends CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.trends_uint CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.trigger_depends CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.trigger_discovery CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.trigger_tag CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.triggers CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.users CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.users_groups CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.usrgrp CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.valuemaps CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.widget CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
ALTER TABLE zabbix.widget_field CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;

Problembehebung

Verbindungsprobleme zum agent:

  • stimmt psk und secret überein?
  • IP und/oder DNS-Namen in Zabbix aktuell?

Startprobleme des agents:

  • Dateirechte ok?
    • /var/log/zabbix/zabbix_agentd.log
    • wenn userparameter-Dateien in /etc/zabbix/zabbix_agentd.d (Include-Verzeichnis) nicht lesbar sind, bricht der agent ohne Fehlermeldung ab - sieht man bei manuellem Start:
      sudo -u zabbix /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf

Fehler bei upgrade auf 6.0.11:

[Z3005] query failed: [1419] You do not have the SUPER privilege and binary logging is enabled (you *might* want to use the less safe log_bin_trust_function_creators variable) [create trigger hosts_name_upper_insert
before insert on hosts for each row
set new.name_upper=upper(new.name)]
$timestamp database upgrade failed

Lösung: log_bin_trust_function_creators auf 1 / True:

temporär:

SET global log_bin_trust_function_creators=1;

permanent: /etc/mysql/mysql.conf.d/mysqld.cnf (oder vergleichbarer Pfad bei mariadb):

log_bin_trust_function_creators = 1

Super-privilegien sind vermutlich nicht nötig:

SELECT Host,USER,Super_priv FROM mysql.user;
UPDATE mysql.user SET Super_Priv='Y' WHERE USER='zabbix_server' AND host='localhost';
systemctl stop zabbix-agent
usermod -d /var/lib/zabbix zabbix
systemctl start zabbix-agent

mit ansible ad-hoc-Kommando (Gruppe mysql_servers) auf Verzeichnis /var/lib/zabbix zabbix setzen (-m würde auch die Dateien verschieben):

ansible -i inventory -m shell -a "systemctl stop zabbix-agent" mysql_servers
ansible -i inventory -m shell -a "usermod -d /var/lib/zabbix zabbix" mysql_servers
ansible -i inventory -m shell -a "systemctl start zabbix-agent" mysql_servers

1)
11.07.2020
2)
zabbix_agent_tlspsk_auto: True