ListenPort=10051
SourceIP=172.17.100.72
LogFile=/var/log/zabbix/zabbix_server.log
LogFileSize=0
PidFile=/var/run/zabbix/zabbix_server.pid
DBHost=localhost
DBName=zabbix
DBUser=zabbix
DBPassword=zabbix234092234234234234
DBSocket=/var/lib/mysql/mysql.sock
StartPollers=5
StartIPMIPollers=2
StartTrappers=5
StartPingers=1
StartDiscoverers=3
StartTimers=1
VMwareCacheSize=8M
SNMPTrapperFile=/var/log/snmptt/snmptt.log
AlertScriptsPath=/usr/lib/zabbix/alertscripts
ExternalScripts=/usr/lib/zabbix/externalscripts

PidFile=/var/run/zabbix/zabbix_agentd.pid
LogFile=/var/log/zabbix/zabbix_agentd.log
LogFileSize=0
DebugLevel=1
Server=172.17.100.72
ServerActive=127.0.0.1
Hostname=Zabbix server
Include=/etc/zabbix/zabbix_agentd.d/

@version:3.2
options {
        flush_lines (0);
        time_reopen (10);
        log_fifo_size (1000);
        long_hostnames (off);
        use_dns (no);
        use_fqdn (no);
        create_dirs (no);
        keep_hostname (yes);
};
source s_sys {
        file ("/proc/kmsg" program_override("kernel: "));
        unix-stream ("/dev/log");
        internal();
};
destination d_cons { file("/dev/console"); };
destination d_mesg { file("/var/log/messages"); };
destination d_auth { file("/var/log/secure"); };
destination d_mail { file("/var/log/maillog" flush_lines(10)); };
destination d_spol { file("/var/log/spooler"); };
destination d_boot { file("/var/log/boot.log"); };
destination d_cron { file("/var/log/cron"); };
destination d_kern { file("/var/log/kern"); };
destination d_mlal { usertty("*"); };
filter f_kernel     { facility(kern); };
filter f_default    { level(info..emerg) and
                        not (facility(mail)
                        or facility(authpriv)
                        or facility(cron)); };
filter f_auth       { facility(authpriv); };
filter f_mail       { facility(mail); };
filter f_emergency  { level(emerg); };
filter f_news       { facility(uucp) or
                        (facility(news)
                        and level(crit..emerg)); };
filter f_boot   { facility(local7); };
filter f_cron   { facility(cron); };
log { source(s_sys); filter(f_kernel); destination(d_kern); };
log { source(s_sys); filter(f_default); destination(d_mesg); };
log { source(s_sys); filter(f_auth); destination(d_auth); };
log { source(s_sys); filter(f_mail); destination(d_mail); };
log { source(s_sys); filter(f_emergency); destination(d_mlal); };
log { source(s_sys); filter(f_news); destination(d_spol); };
log { source(s_sys); filter(f_boot); destination(d_boot); };
log { source(s_sys); filter(f_cron); destination(d_cron); };
source s_netcisco {
udp(ip(0.0.0.0) port(514));
};
filter f_netcisco {host("172.17.2.139")
or host ("172.17.3.1")
or host ("172.17.3.2")
};
destination df_netcisco {
file("/var/log/hosts/$HOST-$LEVEL.log");
};
log{ source (s_netcisco);
filter (f_netcisco);
destination (df_netcisco);
};

Jan 17 17:46:59 172.17.2.139 %AAA-I-CONNECT: User CLI session for user i.ramer over ssh , source 172.17.100.176 destination  172.17.2.139 ACCEPTED
Jan 17 17:57:02 172.17.2.139 %AAA-I-DISCONNECT: User CLI session for user i.ramer over ssh , source 172.17.100.176 destination  172.17.2.139  TERMINATED. The Telnet/SSH session may stll be connected.