This script solution is targeted for zabbix 2.0 and active agents for windows
Description
Starting with zabbix 2.0 we are now allowed to execute administrative/map scripts on the monitored hosts right from the web frontend. Very powerful feature that allows you to restart a server remotely with only 2 clicks in the web page. The only problem is that this cannot be used with active agents - agents behind a NAT/Firewall that cannot be contacted directly by the zabbix server and, instead, connect themselves to the zabbix server.
What I needed was a solution to bypass this limitation for active agents. The solution consists of the following: a template, an action, a bash script for zabbix server, two vbs scripts for the monitored hosts.
The workflow is as follows:
Usage
Download the archive, extract the XML template file, import it into the frontend and link the hosts to it. Create a new action "Remote clear" with the following parameters (yes, the operation commands has 2 double quotes at the end):
Extract make_remote.sh script to /etc/zabbix path on the zabbix server and give the zabbix user rx permissions on it. Run the following commands to create the /var/www/html/remote directory and give the zabbix user permissions to write there (I assume apache is already owner for everything in /var/www/html).
If your apache root is somewhere else, just replace in the above code and edit the make_remote.sh script to modify the following line:
Copy all vbs scripts on the monitored hosts and configure the following lines in your zabbix_agentd.conf file, replacing ServerActive with you actual zabbix server IP:Port, Hostname with the host name, as it is in the zabbix frontend (case sensitive) and the path in the UserParameter with your zabbix agent installation path, restart the agent.
Administrative/map scripts configured in the frontend must follow the following guideline:
Instead of running on the zabbix agent, they must be configured to run on the server and the actual command must be between the double quotes.
So for a command to run script.vbs parameter1 the actual command in the script must be ./etc/zabbix/make_remote.sh {HOSTNAME} "script.vbs parameter1"
Gotchas
This setup was designed to execute remotely only vbs scripts and not cmd commands like net start dns. The zabbix_rmt_remote.vbs script which will execute the given command will launch the script passed to it using cscript.exe, no need to specify it in your command. Also, all scripts must be in the zabbix agent installation path.
The zabbix_rmt_do.vbs script is included as an example of actions that can be performed remotely and includes the ability to restart the zabbix agent, restart or poweroff the server, start all services that are set to start automatically but are stopped. To use it, create a script in the frontend for and assign each one a command from below:
The make_remote.sh script is called when you execute a script from the frontend and saves the command between the quotes in the /var/www/html/remote/{HOSTNAME} file, overwriting the contents.
After the agent processes the command it uses zabbix_sender to send the executed command (eg. "zabbix_rmt_do.vbs restart_server") to the RMT Remote clear item for the host and set the RMT Remote clear request trigger to "PROBLEM", which executes the "Remote clear" action, running the make_remote.sh script again to clear the contents of the file.
After 3 seconds, the agent uses zabbix_sender again to send "" and clear the trigger.
Upon startup, zabbix agent receives a request to poll the RMT Remote start item and thus starts the zabbix_rmt_remote.vbs script. The script first checks that there is no other instance of itself running and, if none are found, it proceeds to do the following:
Launches zabbix_vbs_logger.vbs with some parameters that tells it to re-execute zabbix_rmt_remote.vbs, attach to the output stream and save everything in the zabbix_rmt_remote.log file.
The logger is launched using wmiprvse.exe, escaping the job object of the zabbix agent. This means that when the initial zabbix_rmt_remote.vbs terminates, the logger survives (it would normally be terminated as part of the job object). This means that it also survives if the zabbix agent is stopped and crashes.
If you have any issues importing this template, please upgrade to zabbix 2.0.1 and php 5.3 or higher.
Update 1
A new item has been added, capturing the output of the executed remote command. When zabbix server receives the output it now sends an alert containing both the executed command (eg. zabbix_rmt_do.vbs restart_server) and the output of the executed command (eg. Restarting server..). For these to show up in the alert make sure you include the following macros in the alert message:
Executed command: {ITEM.LASTVALUE}
Executed command output: {ITEM.LASTVALUE2}
After the agent processes the command it now sends the executed command (eg. "zabbix_rmt_do.vbs restart_server") to the RMT Remote clear item and sends "" to clear the trigger.
Update 2
Increased administrative script timeout to 5 minutes. Previously any administrative/map script was killed if running of more than 3 seconds.
Fixed a bug causing remote commands without parameters to not get executed. Previously only command with at least one parameter got executed (eg. zabbix_remote_do.vbs param1)
Description
Starting with zabbix 2.0 we are now allowed to execute administrative/map scripts on the monitored hosts right from the web frontend. Very powerful feature that allows you to restart a server remotely with only 2 clicks in the web page. The only problem is that this cannot be used with active agents - agents behind a NAT/Firewall that cannot be contacted directly by the zabbix server and, instead, connect themselves to the zabbix server.
- [1] You access the frontend and run the script
- [2] The zabbix server attempts to connect directly to the host and execute the script
- [3] Connection fails, the monitored host is behind NAT
What I needed was a solution to bypass this limitation for active agents. The solution consists of the following: a template, an action, a bash script for zabbix server, two vbs scripts for the monitored hosts.
The workflow is as follows:
- [1] You access the frontend and run the script
- [2] Zabbix server runs the bash script locally and saves the command to be send to the monitored host in the path: /var/www/html/remote/{HOSTNAME}
- [3] Zabbix agent linked to the RMT Remote template already started the zabbix_rmt_remote.vbs script during the first poll of the RMT Remote start item.
- [4] The vbs script launches another instance of itself in a special mode, to remain resident after the polling is done and to log all output to a file (details below), and exits.
- [5] The resident vbs script polls the zabbix server via http every 10 seconds to see if there is any queued command for it to execute.
- [6] If there is a command, the script executes it and uses zabbix_sender to send a value for the RMT Remote clear item, instructing it to clear the queue for this host.
Usage
Download the archive, extract the XML template file, import it into the frontend and link the hosts to it. Create a new action "Remote clear" with the following parameters (yes, the operation commands has 2 double quotes at the end):
Code:
Conditions: (Trigger value = "PROBLEM") AND (Trigger = "RMT Remote:RMT Remote clear request")
Operations: Remote command, (Target = Current host), (Type = Custom script), (Execute on = Zabbix server)
Operation commands: ./etc/zabbix/make_remote.sh {HOSTNAME} ""
Code:
chmod 775 /etc/zabbix/make_remote.sh mkdir /var/www/html/remote chown -R :zabbix /var/www/html/remote chmod -R 775 /var/www/html/remote
Code:
# apache root wwwroot="/var/www/html"
Code:
ServerActive=zabbix.company.com:10051 StartAgents=1 Hostname=HOSTNAME UnsafeUserParameters=1 #remote UserParameter = remote,cscript "C:\Program Files\Zabbix agent\zabbix_rmt_remote.vbs" //Nologo
Instead of running on the zabbix agent, they must be configured to run on the server and the actual command must be between the double quotes.
So for a command to run script.vbs parameter1 the actual command in the script must be ./etc/zabbix/make_remote.sh {HOSTNAME} "script.vbs parameter1"
Code:
Type = Script
Execute on = Zabbix server
Commands = ./etc/zabbix/make_remote.sh {HOSTNAME} "script.vbs [parameter1] [parameter2]"
Required host permissions = Write
This setup was designed to execute remotely only vbs scripts and not cmd commands like net start dns. The zabbix_rmt_remote.vbs script which will execute the given command will launch the script passed to it using cscript.exe, no need to specify it in your command. Also, all scripts must be in the zabbix agent installation path.
The zabbix_rmt_do.vbs script is included as an example of actions that can be performed remotely and includes the ability to restart the zabbix agent, restart or poweroff the server, start all services that are set to start automatically but are stopped. To use it, create a script in the frontend for and assign each one a command from below:
Code:
#Poweroff:
./etc/zabbix/make_remote.sh {HOSTNAME} "zabbix_rmt_do.vbs poweroff_server"
#Restart:
./etc/zabbix/make_remote.sh {HOSTNAME} "zabbix_rmt_do.vbs restart_server"
#Restart zabbix agent:
./etc/zabbix/make_remote.sh {HOSTNAME} "zabbix_rmt_do.vbs restart_zabbix"
#Start auto services:
./etc/zabbix/make_remote.sh {HOSTNAME} "zabbix_rmt_do.vbs start_services"
After the agent processes the command it uses zabbix_sender to send the executed command (eg. "zabbix_rmt_do.vbs restart_server") to the RMT Remote clear item for the host and set the RMT Remote clear request trigger to "PROBLEM", which executes the "Remote clear" action, running the make_remote.sh script again to clear the contents of the file.
After 3 seconds, the agent uses zabbix_sender again to send "" and clear the trigger.
Upon startup, zabbix agent receives a request to poll the RMT Remote start item and thus starts the zabbix_rmt_remote.vbs script. The script first checks that there is no other instance of itself running and, if none are found, it proceeds to do the following:
Launches zabbix_vbs_logger.vbs with some parameters that tells it to re-execute zabbix_rmt_remote.vbs, attach to the output stream and save everything in the zabbix_rmt_remote.log file.
The logger is launched using wmiprvse.exe, escaping the job object of the zabbix agent. This means that when the initial zabbix_rmt_remote.vbs terminates, the logger survives (it would normally be terminated as part of the job object). This means that it also survives if the zabbix agent is stopped and crashes.
If you have any issues importing this template, please upgrade to zabbix 2.0.1 and php 5.3 or higher.
Update 1
A new item has been added, capturing the output of the executed remote command. When zabbix server receives the output it now sends an alert containing both the executed command (eg. zabbix_rmt_do.vbs restart_server) and the output of the executed command (eg. Restarting server..). For these to show up in the alert make sure you include the following macros in the alert message:
Executed command: {ITEM.LASTVALUE}
Executed command output: {ITEM.LASTVALUE2}
After the agent processes the command it now sends the executed command (eg. "zabbix_rmt_do.vbs restart_server") to the RMT Remote clear item and sends "" to clear the trigger.
Update 2
Increased administrative script timeout to 5 minutes. Previously any administrative/map script was killed if running of more than 3 seconds.
Fixed a bug causing remote commands without parameters to not get executed. Previously only command with at least one parameter got executed (eg. zabbix_remote_do.vbs param1)
Comment