What I wanted:
Zabbix should send me mail when string "ERROR" is seen in log file.
Approach:
We create a Item which monitors log files (looks for "ERROR" string at specified interval).
We then create a Trigger on this Item. Trigger creates and event.
In the end, we tell what Zabbix should do once the trigger is triggered (or event is created). In my case, I needed an email.
Steps:
- Specify ServerActive=<Zabbix_server_ip>:<server_port> in conf file if you have Zabbix 2.0. For Zabbix 1.8, this parameter is not needed. (Default server port is 10051). Start Zabbix Agent (steps).
- Create a template. Create an Item to monitor log file in that template.
Zabbix should send me mail when string "ERROR" is seen in log file.
Approach:
We create a Item which monitors log files (looks for "ERROR" string at specified interval).
We then create a Trigger on this Item. Trigger creates and event.
In the end, we tell what Zabbix should do once the trigger is triggered (or event is created). In my case, I needed an email.
Steps:
- Specify ServerActive=<Zabbix_server_ip>:<server_port> in conf file if you have Zabbix 2.0. For Zabbix 1.8, this parameter is not needed. (Default server port is 10051). Start Zabbix Agent (steps).
- Create a template. Create an Item to monitor log file in that template.
Key = log[/var/log/error_file,ERROR,,1] and type of information = Log and
Type = Zabbix Agent Active
- Create a Trigger for this Item
Type = Zabbix Agent Active
- Create a Trigger for this Item
Expression = {testtemplate:log[/var/log/error_file,ERROR,,1].str(ERROR)}=1
PS: I want to Zabbix to look for "ERROR" string. You can use any value here(E.g: OutOfMemoryError).
- Create an action for this tirgger:
PS: You can add more conditions like Host = hostname etc.
- I have specified Send message to Group "Zabbix administrators" in my action. By default, "Zabbix administrators" group has only one user Admin added in it.
Goto Administration -- > Users. Look for "Zabbix administrators" group
Click on User Admin and add a valid media i.e. email address where you want your alerts to come.
- Now go to Administation --> Media Type and add your mail server details.
Whenever "Error" word is seen is log file, Log Item catches it and trigger is triggered. Trigger's action is set to send an email to "Zabbix administrators" group where we provided valid email address.
I'm not sure whether both of the following should be specified
ReplyDeleteServerActive=xx:yy and
Server=xx
Server=xx is required for passive UserParameters
ServerActive=xx:yy is required by Zabbix Agent(Active) to work. Zabbix Agent(Active) is used for monitoring log files.
Not sure what to specify if i want to monitor both....passive UserParameters and active log file monitoring.
http://www.zabbix.com/forum/showthread.php?p=105467#post105467
Thank you for sharing. Condition Monitoring Services monitors a certain aspect of the condition of a piece of machinery, such that a significant change is indicative of a developing failure.
ReplyDelete