Posts

SNMP OID: Full Insight

-
 SNMP uses OIDs to uniquely identify pieces of data (like CPU usage, interface status, etc.). Standard OIDs (defined by IETF) are common across all devices , e.g.: 1.3.6.1.2.1.1.1.0 → sysDescr (system description) 1.3.6.1.2.1.2.2.1.10 → ifInOctets (interface input bytes) Vendor-specific OIDs: For example: Vendor Enterprise OID Base Example Cisco 1.3.6.1.4.1.9 1.3.6.1.4.1.9.1.516 (Cisco 2960 model) Juniper 1.3.6.1.4.1.2636 Juniper-specific OIDs HP 1.3.6.1.4.1.11 HP printer/router OIDs Fortinet 1.3.6.1.4.1.12356 FortiGate device OIDs Part 1: Standard SNMP OID – .1.3.6.1.2.1.1.1.0 This is used for system description , and it works on all SNMP-supported devices (routers, switches, servers, etc.). Let’s break this path: 🔹 .1 → iso International Organization for Standardization This is the root of the SNMP OID tree. Every OID begins from here. 🔹 .3 → org Organization This level is used for organizations that are registered under ISO. 🔹 .6 → dod Depart...
Post a Comment
Read more

Zabbix API calls

-
To check API version  Option 1: As per Zabbix doc curl --request POST \          --url 'http://34.42.61.202/zabbix/api_jsonrpc.php' \          --header 'Content-Type: application/json-rpc' \          --data '{"jsonrpc":"2.0","method":"apiinfo.version","params":{},"id":1}' Option 2:  curl -X POST \   -H "Content-Type: application/json" \   -d '{"jsonrpc":"2.0","method":"apiinfo.version","params":{},"id":1}' \   http://34.42.61.202/zabbix/api_jsonrpc.php ----------------------------------------------------------------------------------------------------------------------------- To authenticate the user Option 1: As per Zabbix doc curl --request POST \   --url 'http://34.42.61.202/zabbix/api_jsonrpc.php' \   --header 'Content-Type: application/json-rpc' \   --data '{"jsonrpc":"2.0","me...
Post a Comment
Read more

Zabbix built-in HA Vs Pacemaker/corosync

-
 Built-in HA in Zabbix Since Zabbix 7.0, Zabbix Server has built-in high availability (HA) support. This means: You can run multiple Zabbix server nodes. Only one is active at a time. The others are standby and can take over if the active one fails. Failover is handled internally by Zabbix, using database coordination (it stores node status in the DB). So why Pacemaker and Corosync then? You don’t need Pacemaker + Corosync for the Zabbix Server itself anymore if you’re using built-in HA. However, there are still scenarios where Pacemaker/Corosync may be useful: When to Use Pacemaker/Corosync Database Failover: Zabbix’s built-in HA does not handle database HA. Pacemaker/Corosync can manage MySQL/MariaDB/PostgreSQL clusters with automatic failover.        2. Frontend High Availability: Zabbix frontend (Apache/Nginx + PHP) does not have built-in HA. You can use Pacemaker/Corosync (or HAProxy/Keepalived) to manage failover of frontend nodes and virtual IPs.   ...
Post a Comment
Read more

Zabbix in built HA Setup: 2 core, frontend, DB

-
 On Frontend Server Step1: Add the Zabbix repo rpm -Uvh https://repo.zabbix.com/zabbix/7.0/rhel/8/x86_64/zabbix-release-latest-7.0.el8.noarch.rpm dnf clean all Step2:    Switch DNF module version for PHP dnf module switch-to php:8.2 Step3:   Install frontend, agent dnf install zabbix-web-mysql zabbix-apache-conf zabbix-selinux-policy zabbix-agent Step4: Go to the pat /etc/zabbix/web/zabbix.conf.php,  if it is not there then copy from where it is cp /usr/share/zabbix/conf/zabbix.conf.php.example /etc/zabbix/web/zabbix.conf.php If /etc/zabbix/web/ doesn’t exist, create it first: mkdir -p /etc/zabbix/web/ cp /usr/share/zabbix/conf/zabbix.conf.php.example /etc/zabbix/web/zabbix.conf.php Step5: Open it now  vi /etc/zabbix/web/zabbix.conf.php Add the following lines DB['TYPE']                             = 'MYSQL'; $DB['SERVER']                ...
Post a Comment
Read more

Parameters: Command Execution Via Zabbix

-
AllowKey=system.run[*]---> Allows system.run[] to execute commands via item -----> High risk if unrestricted commands are allowed AllowRoot=1 -----> Allows Zabbix to execute commands as root EnableRemoteCommands=1---->Allows Zabbix server to run commands on agent----->High risk if unauthorized commands are sent
Post a Comment
Read more

Public key/ private key

-
How to make the ssh connection on remote server from Ansible server Step1: Generate key ssh-keygen -t rsa -b 4096 Step2: Go to the path cd /root/.ssh ls authorized_keys id_rsa id_rsa.pub known_hosts Where id_rsa ----> private key (Used to login on the remote server without password)       id_rsa.pub ---->public key Note: If someone gets access to this file (id_rsa), they can log in to any server where the matching public key is stored! Step3: Copy the public key cat id_rsa.pub Step4: Paste the public key on remote server vi ~/.ssh/authorized_keys or vi /root/.ssh/authorized_keys Step5: Now we can login on remote server From Private key: ssh -i ~/.ssh/id_rsa user@remote-server From Public key:  Note: In case of ansible ansible-playbook playbook.yml --private-key ~/.ssh/id_rsa Note: In file /etc/ssh/sshd_config, below parameter should be enable: PubkeyAuthentication yes   PermitRootLogin yes   AuthorizedKeysFile .ssh/authorized_keys  Passwor...
Post a Comment
Read more

Zabbix installation: Distribution setup

-
  On Zabbix core server: Step1:   Install Zabbix repository rpm -Uvh https://repo.zabbix.com/zabbix/6.0/rhel/8/x86_64/zabbix-release-latest-6.0.el8.noarch.rpm dnf clean all Step2: Install Zabbix server, frontend, agent dnf install zabbix-server-mysql zabbix-web-mysql zabbix-apache-conf zabbix-selinux-policy zabbix-agent Step3:   Configure the database for Zabbix server Edit file /etc/zabbix/zabbix_server.conf DBHost= DBserver_ip DBName= DBUser= DBPassword= DBPort=3306 Step4:  Start Zabbix server and agent processes systemctl restart zabbix-server zabbix-agent httpd php-fpm systemctl enable zabbix-server zabbix-agent httpd php-fpm On Zabbix Database Server: Step1:   Install Zabbix repository rpm -Uvh https://repo.zabbix.com/zabbix/6.0/rhel/8/x86_64/zabbix-release-latest-6.0.el8.noarch.rpm dnf clean all Step2: Install the sql script, zabbix agent  dnf install zabbix-sql-scripts zabbix-selinux-policy zabbix-agent Step3: Install the mysql server yum install my...
Post a Comment
Read more