I've been using Zabbix to do some monitoring of our remote websites across an internet connection, and I've noticed that you can definitely get a lot of false positives, especially if you're checking often. If you think about it; most internet connections have about 2-3% packet loss. If you're checking once a minute, this means you're pretty much bound to get false positives every few hours or so.
This is the solution I implemented, using the wonderful trigger language that Zabbix supports:
Make your triggers check not only the current value, but also the previous value stored as well. Here is a sample trigger:
({website.com:http,80.last(0)}<1)&({website.com:ht tp,80.prev(0)}<1)
The only side effect of doing this is that the Zabbix server now has to fail on two checks of the service, instead of just one, meaning if you're checking every minute, you won't know it's down until 2 minutes later. This is a small price to pay for an uninterrupted nights sleep...
Let me know if this works for you, or if you have any other cool triggers that you'd like to share.
This is the solution I implemented, using the wonderful trigger language that Zabbix supports:
Make your triggers check not only the current value, but also the previous value stored as well. Here is a sample trigger:
({website.com:http,80.last(0)}<1)&({website.com:ht tp,80.prev(0)}<1)
The only side effect of doing this is that the Zabbix server now has to fail on two checks of the service, instead of just one, meaning if you're checking every minute, you won't know it's down until 2 minutes later. This is a small price to pay for an uninterrupted nights sleep...
Let me know if this works for you, or if you have any other cool triggers that you'd like to share.
Comment