Ad Widget

**kernbug** · 20-06-2018, 12:29

Originally posted by kasik

Hello everyone,

I have problem with monitoring log file on windows. For first testing i just need some basic log file monitoring without any filters, so i tried to use log[C:\test.log], item is not unsupported or any other error but it doesn't get any value. and i set up log at agent to 4 so i can see more info, but i don't see anything about this item. Can anyone help please? There is screenshot:

Hello

Specify search string in the item parameter, here is the example: https://www.zabbix.com/documentation...ypes/log_items

Code:

log[C:\super.log,search_string]

**kasik** · 21-06-2018, 07:00

Originally posted by kernbug

Hello

Specify search string in the item parameter, here is the example: https://www.zabbix.com/documentation...ypes/log_items

Code:

log[C:\super.log,search_string]

so i tried "*", "test" as search string and it still gives no data. :/ file have 7 rows where is word "test" so i don't know what i'm doing wrong :/

**kernbug** · 21-06-2018, 07:33

Originally posted by kasik

so i tried "*", "test" as search string and it still gives no data. :/ file have 7 rows where is word "test" so i don't know what i'm doing wrong :/

Hi

Please, check 'hostname' and 'ServerActive' parameter in the Zabbix Agent conf.

**kasik** · 21-06-2018, 07:52

Originally posted by kernbug

Hi

Please, check 'hostname' and 'ServerActive' parameter in the Zabbix Agent conf.

Well hostname is okey because i have passive checks working. ServerActive is same as Server but it gives me:

Code:

active check configuration update from [192.168.10.191:10051] started to fail (cannot connect to [[192.168.10.191]:10051]: (null))

how can i fix this? Should i add interface to host or change ListenPort to 10051?

**kernbug** · 21-06-2018, 08:04

Originally posted by kasik

Well hostname is okey because i have passive checks working. ServerActive is same as Server but it gives me:

Code:

active check configuration update from [192.168.10.191:10051] started to fail (cannot connect to [[192.168.10.191]:10051]: (null))

how can i fix this? Should i add interface to host or change ListenPort to 10051?

Hm, firewall/acl on the server?

To check port is opened:
nc -vz 192.168.10.191 10051

**kasik** · 21-06-2018, 08:16

Originally posted by kernbug

Hm, firewall/acl on the server?

To check port is opened:
nc -vz 192.168.10.191 10051

I tried nc but on that server is no such program system is centos, so i tried netstat -tulpn and here is result:

**kernbug** · 21-06-2018, 09:14

Originally posted by kasik

I tried nc but on that server is no such program system is centos, so i tried netstat -tulpn and here is result:

Hm, not the result I expected, my mistake.

Execute on Zabbix Server:
iptables -L -x -v -n --line-numbers
ip a

**kasik** · 21-06-2018, 09:19

Originally posted by kernbug

Hm, not the result I expected, my mistake.

Execute on Zabbix Server:
iptables -L -x -v -n --line-numbers
ip a

Code:

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
num      pkts      bytes target     prot opt in     out     source               destination
1    983951813 80813554476 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
2    15874672 1029547740 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0
3    36318870 4433741516 INPUT_direct  all  --  *      *       0.0.0.0/0            0.0.0.0/0
4    36318870 4433741516 INPUT_ZONES_SOURCE  all  --  *      *       0.0.0.0/0            0.0.0.0/0
5    36318870 4433741516 INPUT_ZONES  all  --  *      *       0.0.0.0/0            0.0.0.0/0
6         857    50226 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID
7    35475537 4389836942 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num      pkts      bytes target     prot opt in     out     source               destination
1           0        0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
2           0        0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0
3           0        0 FORWARD_direct  all  --  *      *       0.0.0.0/0            0.0.0.0/0
4           0        0 FORWARD_IN_ZONES_SOURCE  all  --  *      *       0.0.0.0/0            0.0.0.0/0
5           0        0 FORWARD_IN_ZONES  all  --  *      *       0.0.0.0/0            0.0.0.0/0
6           0        0 FORWARD_OUT_ZONES_SOURCE  all  --  *      *       0.0.0.0/0            0.0.0.0/0
7           0        0 FORWARD_OUT_ZONES  all  --  *      *       0.0.0.0/0            0.0.0.0/0
8           0        0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID
9           0        0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 1275244913 packets, 101723673328 bytes)
num      pkts      bytes target     prot opt in     out     source               destination
1    1275244913 101723673328 OUTPUT_direct  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain FORWARD_IN_ZONES (1 references)
num      pkts      bytes target     prot opt in     out     source               destination
1           0        0 FWDI_public  all  --  eno16777984 *       0.0.0.0/0            0.0.0.0/0           [goto]
2           0        0 FWDI_public  all  --  +      *       0.0.0.0/0            0.0.0.0/0           [goto]

Chain FORWARD_IN_ZONES_SOURCE (1 references)
num      pkts      bytes target     prot opt in     out     source               destination

Chain FORWARD_OUT_ZONES (1 references)
num      pkts      bytes target     prot opt in     out     source               destination
1           0        0 FWDO_public  all  --  *      eno16777984  0.0.0.0/0            0.0.0.0/0           [goto]
2           0        0 FWDO_public  all  --  *      +       0.0.0.0/0            0.0.0.0/0           [goto]

Chain FORWARD_OUT_ZONES_SOURCE (1 references)
num      pkts      bytes target     prot opt in     out     source               destination

Chain FORWARD_direct (1 references)
num      pkts      bytes target     prot opt in     out     source               destination

Chain FWDI_public (2 references)
num      pkts      bytes target     prot opt in     out     source               destination
1           0        0 FWDI_public_log  all  --  *      *       0.0.0.0/0            0.0.0.0/0
2           0        0 FWDI_public_deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0
3           0        0 FWDI_public_allow  all  --  *      *       0.0.0.0/0            0.0.0.0/0
4           0        0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0

Chain FWDI_public_allow (1 references)
num      pkts      bytes target     prot opt in     out     source               destination

Chain FWDI_public_deny (1 references)
num      pkts      bytes target     prot opt in     out     source               destination

Chain FWDI_public_log (1 references)
num      pkts      bytes target     prot opt in     out     source               destination

Chain FWDO_public (2 references)
num      pkts      bytes target     prot opt in     out     source               destination
1           0        0 FWDO_public_log  all  --  *      *       0.0.0.0/0            0.0.0.0/0
2           0        0 FWDO_public_deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0
3           0        0 FWDO_public_allow  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain FWDO_public_allow (1 references)
num      pkts      bytes target     prot opt in     out     source               destination

Chain FWDO_public_deny (1 references)
num      pkts      bytes target     prot opt in     out     source               destination

Chain FWDO_public_log (1 references)
num      pkts      bytes target     prot opt in     out     source               destination

Chain INPUT_ZONES (1 references)
num      pkts      bytes target     prot opt in     out     source               destination
1    36318870 4433741516 IN_public  all  --  eno16777984 *       0.0.0.0/0            0.0.0.0/0           [goto]
2           0        0 IN_public  all  --  +      *       0.0.0.0/0            0.0.0.0/0           [goto]

Chain INPUT_ZONES_SOURCE (1 references)
num      pkts      bytes target     prot opt in     out     source               destination

Chain INPUT_direct (1 references)
num      pkts      bytes target     prot opt in     out     source               destination

Chain IN_public (2 references)
num      pkts      bytes target     prot opt in     out     source               destination
1    36318870 4433741516 IN_public_log  all  --  *      *       0.0.0.0/0            0.0.0.0/0
2    36318870 4433741516 IN_public_deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0
3    36318870 4433741516 IN_public_allow  all  --  *      *       0.0.0.0/0            0.0.0.0/0
4         399    58680 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0

Chain IN_public_allow (1 references)
num      pkts      bytes target     prot opt in     out     source               destination
1      840634 43712952 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80 ctstate NEW
2        1443    82716 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:22 ctstate NEW
3           0        0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:443 ctstate NEW

Chain IN_public_deny (1 references)
num      pkts      bytes target     prot opt in     out     source               destination

Chain IN_public_log (1 references)
num      pkts      bytes target     prot opt in     out     source               destination

Chain OUTPUT_direct (1 references)
num      pkts      bytes target     prot opt in     out     source               destination
[xxxxx@zabbix2 ~]$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eno16777984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:50:56:9f:6c:de brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.191/24 brd 192.168.10.255 scope global eno16777984
       valid_lft forever preferred_lft forever
    inet6 fe80::250:56ff:fe9f:6cde/64 scope link
       valid_lft forever preferred_lft forever

**kernbug** · 21-06-2018, 09:56

Execute:

Code:

iptables -I IN_public_allow 4 -p tcp --dport 10051 -j ACCEPT

After this check from Windows machine:

Code:

telnet 192.168.10.191 10051

**kasik** · 21-06-2018, 10:00

Originally posted by kernbug

Execute:

Code:

iptables -I IN_public_allow 4 -p tcp --dport 10051 -j ACCEPT

After this check from Windows machine:

Code:

telnet 192.168.10.191 10051

You are BEST! Thanks, it solved problem :-)

**kernbug** · 21-06-2018, 10:05

Originally posted by kasik

You are BEST! Thanks, it solved problem :-)

Don't forget to make persistent changes of your firewall on Zabbix Server!

Ad Widget

Zabbix[3.4] log[ ] - Windows

Zabbix[3.4] log[ ] - Windows

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment