Book Image

Zabbix 6 IT Infrastructure Monitoring Cookbook - Second Edition

By : Nathan Liefting, Brian van Baekel
Book Image

Zabbix 6 IT Infrastructure Monitoring Cookbook - Second Edition

By: Nathan Liefting, Brian van Baekel

Overview of this book

This updated second edition of the Zabbix 6 IT Infrastructure Monitoring Cookbook brings you new recipes, updated with Zabbix 6 functionality. You'll learn how to set up Zabbix with built-in high availability, use the improved Business Service Monitoring, set up automatic reporting, and create advanced triggers. Zabbix offers useful insights into your infrastructure performance and issues and enables you to enhance your monitoring setup with its powerful features. This book covers hands-on, easy-to-follow recipes for using Zabbix 6 to monitor effectively the performance of devices and applications over the network. You'll start by working your way through the installation and most prominent features of Zabbix and make the right design choices for building a scalable and easily manageable environment. This Zabbix book contains recipes for building items and triggers for different types of monitoring, building templates, and using Zabbix proxies. Next, you'll use the Zabbix API for customization and manage your Zabbix server and database efficiently. Finally, you'll find quick solutions to the common and not-so-common problems that you may encounter in your Zabbix monitoring work. By the end of this book, you'll be able to use Zabbix for all your monitoring needs and build a solid Zabbix setup by leveraging its key functionalities.

Related Content you might be interested in

Current Title:

Small book image
Zabbix 6 IT Infrastructure Monitoring Cookbook - Second Edition
Nathan Liefting | Brian van Baekel
Mar, 2022 | 506 pages
Small book image
Zabbix 4 Network Monitoring,
Rihards Olups | Patrik Uytterhoeven
Jan, 2019 | 798 pages
Table of Contents (15 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Share Your Thoughts
1
Chapter 1: Installing Zabbix and Getting Started Using the Frontend
Chapter 1: Installing Zabbix and Getting Started Using the Frontend
Technical requirements
Installing the Zabbix server
Setting up the Zabbix frontend
Enabling Zabbix server high availability
Using the Zabbix frontend
Navigating the frontend
Free Chapter
2
Chapter 2: Getting Things Ready with Zabbix User Management
Chapter 2: Getting Things Ready with Zabbix User Management
Technical requirements
Creating user groups
Using the new Zabbix user roles
Creating your first users
Advanced user authentication with SAML
3
Chapter 3: Setting Up Zabbix Monitoring
Chapter 3: Setting Up Zabbix Monitoring
Technical requirements
Setting up Zabbix agent 2 monitoring
Working with SNMP monitoring
Creating Zabbix simple checks and the Zabbix trapper
Working with calculated and dependent items
Creating external checks
Setting up JMX monitoring
Setting up database monitoring
Setting up HTTP agent monitoring
Using Zabbix preprocessing to alter item values
4
Chapter 4: Working with Triggers and Alerts
Chapter 4: Working with Triggers and Alerts
Technical requirements
Setting up triggers
Setting up advanced triggers
Setting up alerts
Keeping alerts effective
Customizing alerts
5
Chapter 5: Building Your Own Structured Templates
Chapter 5: Building Your Own Structured Templates
Technical requirements
Creating your Zabbix template
Setting up template-level tags
Creating template items
Creating template triggers
Setting up different kinds of macros
Using LLD on templates
Nesting Zabbix templates
6
Chapter 6: Visualizing Data, Inventory, and Reporting
Chapter 6: Visualizing Data, Inventory, and Reporting
Technical requirements
Creating graphs to access visual data
Creating maps to keep an eye on infrastructure
Creating dashboards to get the right overview
Setting up Zabbix inventory
Using the new Zabbix Geomap widget
Working through Zabbix reporting
Setting up scheduled PDF reports
Setting up improved business service monitoring
7
Chapter 7: Using Discovery for Automatic Creation
Chapter 7: Using Discovery for Automatic Creation
Technical requirements
Setting up Zabbix agent discovery
Setting up Zabbix SNMP discovery
Working with active agent autoregistration
Using the new Windows performance counter discovery
Discovering JMX objects
8
Chapter 8: Setting Up Zabbix Proxies
Chapter 8: Setting Up Zabbix Proxies
Technical requirements
Setting up a Zabbix proxy
Working with passive Zabbix proxies
Working with active Zabbix proxies
Monitoring hosts with Zabbix proxy
Using discovery with Zabbix proxies
Monitoring your Zabbix proxies
9
Chapter 9: Integrating Zabbix with External Services
Chapter 9: Integrating Zabbix with External Services
Technical requirements
Setting up Slack alerting with Zabbix
Setting up Microsoft Teams alerting with Zabbix
Using Telegram bots with Zabbix
Integrating Atlassian Opsgenie with Zabbix
10
Chapter 10: Extending Zabbix Functionality with Custom Scripts and the Zabbix API
Chapter 10: Extending Zabbix Functionality with Custom Scripts and the Zabbix API
Technical requirements
Setting up and managing API tokens
Using the Zabbix API for extending functionality
Building a jumphost using the Zabbix API and Python
Creating maintenance periods as a Zabbix user
Enabling and disabling a host from Zabbix maps
11
Chapter 11: Maintaining Your Zabbix Setup
Chapter 11: Maintaining Your Zabbix Setup
Technical requirements
Setting Zabbix maintenance periods
Backing up your Zabbix setup
Optionally upgrading the Zabbix backend from PHP 7.2 to PHP 7.4
Upgrading a Zabbix database from older MariaDB versions to MariaDB 10.6
Upgrading your Zabbix setup
Maintaining Zabbix performance over time
12
Chapter 12: Advanced Zabbix Database Management
Chapter 12: Advanced Zabbix Database Management
Technical requirements
Setting up MySQL partitioning for your Zabbix database
Using the PostgreSQL TimescaleDB functionality
Securing your Zabbix MySQL database
13
Chapter 13: Bringing Zabbix to the Cloud with Zabbix Cloud Integration
Chapter 13: Bringing Zabbix to the Cloud with Zabbix Cloud Integration
Technical requirements
Setting up AWS monitoring
Setting up Microsoft Azure monitoring
Building your Zabbix Docker monitoring
Why subscribe?
14
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

Advanced user authentication with SAML

In this recipe, we will use SAML authentication, a widely used form of authentication in the IT world. We'll be using this as a form of managing passwords for our Zabbix users. Please note that if you've worked with Zabbix before and you've configured LDAP, SAML, like LDAP, allows user authentication with passwords. You still have to create users with their permissions.

Getting ready

To get started with SAML authentication, we will need our configured Zabbix server from the previous recipe. It's important that we have all the configured users from the previous recipe. We will also need something to authenticate with SAML. We will be using Azure Active Directory (AD) SAML.

Make sure to set up users in your (Azure) AD before continuing with this recipe. You can use your existing AD users for authentication, so you can use this recipe with your existing AD setup.

We will be using the s_network user as an example:

Figure 2.24 – The Azure Users and groups window

Figure 2.24 – The Azure Users and groups window

These are our user details:

Figure 2.25 – The Azure user details window

Figure 2.25 – The Azure user details window

To set up SAML, retrieve your SAML settings from your AD or another SAML provider. To work with Zabbix, we will need the following:

  • IdP entity ID
  • SSO service URL
  • SLO service URL
  • Username attribute
  • SP entity ID
  • SP name ID format

How to do it…

Now that we have our Azure AD ready, let's see how we can configure SAML using our setup:

  1. Let's navigate to the following URL: portal.azure.com.
  2. After logging in, navigate to Azure AD and click on Enterprise Applications.
  3. Now click on + New Application to create our new application. At the next window, click on Create your own application:
Figure 2.26 – The Azure enterprise application creation page

Figure 2.26 – The Azure enterprise application creation page

  1. In the next window, name your new application Zabbix and click on the blue Create button:
Figure 2.27 – The Azure enterprise new application page

Figure 2.27 – The Azure enterprise new application page

  1. Select your new application from the list and click on Assign Users and Groups to add the correct users. In our case, this will be s_network:
Figure 2.28 – The Azure enterprise application Users and Groups page

Figure 2.28 – The Azure enterprise application Users and Groups page

  1. Click on Select and then Assign.
  2. Now let's move on to the SAML settings by clicking on Single sign-on in the sidebar.
  3. Now click on SAML on the page shown in the following screenshot and continue:
Figure 2.29 – The Azure enterprise application SAML option

Figure 2.29 – The Azure enterprise application SAML option

  1. Now at 1, we can add the following information, where the black marks are our Zabbix server URL:
Figure 2.30 – The Azure SAML setting 1

Figure 2.30 – The Azure SAML setting 1

  1. At 2, fill out the following:
Figure 2.31 – The Azure SAML setting 2

Figure 2.31 – The Azure SAML setting 2

  1. Number 3 will be automatically filled. Click on Download for Certificate (Base64):
Figure 2.32 – The Azure SAML setting 3

Figure 2.32 – The Azure SAML setting 3

  1. Log in to the Zabbix server CLI and create a new file with the following command:
    vim /usr/share/zabbix/conf/certs/idp.cert
  2. Paste the contents from the downloaded file in Step 11 here and save the file.
  3. Now back at Azure for 4, we will get the following information:
Figure 2.33 – The Azure SAML setting 4

Figure 2.33 – The Azure SAML setting 4

  1. At the Zabbix frontend, go to the Administration | Authentication | SAML settings page and fill in the following information and click on Update:
Figure 2.34 – The Zabbix SAML settings

Figure 2.34 – The Zabbix SAML settings

  1. Navigate to Administration | Users and change the s_network user to include the used Azure domain, for example:
Figure 2.35 – The Zabbix edit user screen for our SAML setup

Figure 2.35 – The Zabbix edit user screen for our SAML setup

  1. After following these steps, it should now be possible to log in with your user configured in Zabbix and use the password set in Azure AD for this:
Figure 2.36 – The Zabbix login window

Figure 2.36 – The Zabbix login window

How it works…

Zabbix advanced user authentication is used to centralize password management. While we are not able to actually assign user groups and permissions to users via this setup, we can use it for password management.

This way, we can make sure it is easier for users to keep their passwords centralized in medium to big office environments:

Figure 2.37 – Zabbix SAML authentication diagram

Figure 2.37 – Zabbix SAML authentication diagram

Zabbix communicates with our Azure AD SAML component when we click the Sign in button. The user is then authenticated against your Azure AD user and a confirmation is sent back to the Zabbix server. Congratulations, you are now logged in to your Zabbix server!

There's more…

We can do this kind of authentication not only with SAML but also with HTTP and LDAP. This way, you can choose the right form of advanced authentication for your organization.

Check out the Zabbix documentation for more information on the different forms of authentication:

https://www.zabbix.com/documentation/current/en/manual/web_interface/frontend_sections/administration/authentication

It's also possible to work with an identity provider such as Okta, OneLogin, or any other. Meaning your options aren't limited to Azure AD, as long as it supports SAML you can use it to authenticate against your Zabbix server.

Previous Section
End of Chapter 2
Next Chapter