From your zabbix server (or proxy) that monitors a host:

* install the nmap utility if not installed
* nmap -p 10050 <target dns or ip> (if ping is blocked, add -P0 flag)

If you get some value other than "open", you can't talk to the agent.

PORT STATE SERVICE
10050/tcp open unknown

This is just a first step, but it's on the critical path.

THanks for your quick response.


OK. It looks like ESET is blocking the port so I'll get that sorted out for my other servers before trying to troubleshoot them.
WIth my WSUS server, there is no ESET, so the results for nmap were:
Starting Nmap 7.01 ( https://nmap.org ) at 2019-11-04 09:02 +07
Nmap scan report for WSUS.domain.com (10.x.x.x)
Host is up (0.00017s latency).
PORT STATE SERVICE
10050/tcp open unknown
-------------------------------------------------------

I have checked the following items in the zabbix_agentd.conf file
Server= zabbix server IP address
ServerActive= zabbix server IP address
Hostname= hostname of the wsus server (not fqdn)

restarted the Zabbix agent. No change.

-----------------
I'm using active templates on the WSUS server.

I've now fixed the ESET port issue, so the relevant port is open on all my devices.

HI,
I am still not seeing the green ZBX icon or getting any alerts. Even though the port is open.
Please assist with the next troubleshooting step?

Hello,

On your firewall and antivirus you have open outbound or inbound ports?
Zabbix agent listen on port 10050 and Zabbix Server shall be able to access it to process passive checks.
If you want to use active checks then Zabbix Agent shall be able to access Zabbix Server on port 10051.

If you confirm that you can communicate on these ports between Zabbix Agent and Zabbix Server then please check logs for any error/warning messages.

I am testing with 2 machines. My personal laptop and the WSUS server.
I confirmed 10050,10051 in both directions by using nmap and psping (from sysinternals for any Windows users out there )

ZBX Server -> WSUS Server 10050 = Open
ZBX Server -> WSUS Server 10051 = Closed*
WSUS Server -> ZBX Server 10050 = Open
WSUS Server -> ZBX Server 10051 = Open

*Note that Windows Firewall is disabled. And there is no ESET AV on here. I disabled Windows Defender, but no change.

My laptop had a log file here C:\Program Files\Zabbix Agent\zabbix_agentd.log and it indicated that it was trying to reach 127.0.0.1

I checked the Zabbix conf file on each machine
C:\Program Files\Zabbix Agent\zabbix_agentd.conf
and it had the following values:
Server=ip address of Zabbix server
ServerActive=127.0.0.1
I changed ServerActive to the ip address of Zabbix server on each machine.
And restarted the Zabbix Agent service on each Windows server.
I restarted my WSUS server

I waited for Discovery.
No change to what's visible in the Configuration/Hosts

I can see that zabbix_agentd.exe is running as a Background process on the server.

Agent log file says:
2508:20191115:081302.325 failed to accept an incoming connection: from zabbix.ip.address: reading first byte from connection failed: [0x00002746] An existing connection was forcibly closed by the remote host.

I've also seen that in Reports/Availaibilty Report that there is now data coming through.
I've now checked all the other servers that I fixed, and there log files look good.

Yet, the ZBX icon is still not green for 6 out of 7 machines. And the dashboard itself is not showing that the hosts are there (see attached pic)

Are there any other ports that need to be opened to display the green port?





------------
Server log contents only have information about the switches, not the servers, which I haven't yet investigated as I'm focusing on servers first.

1064:20191110:062511.213 cannot stat SNMP trapper file "/var/log/snmptrap/snmptrap.log": [2] No such file or directory
1064:20191110:062611.220 cannot stat SNMP trapper file "/var/log/snmptrap/snmptrap.log": [2] No such file or directory
1064:20191110:062711.225 cannot stat SNMP trapper file "/var/log/snmptrap/snmptrap.log": [2] No such file or directory
1064:20191110:062811.231 cannot stat SNMP trapper file "/var/log/snmptrap/snmptrap.log": [2] No such file or directory
1064:20191110:062911.236 cannot stat SNMP trapper file "/var/log/snmptrap/snmptrap.log": [2] No such file or directory
1064:20191110:063011.241 cannot stat SNMP trapper file "/var/log/snmptrap/snmptrap.log": [2] No such file or directory
1057:20191110:063019.857 item "SW-16:.1.3.6.1.2.1.2.2.1.10.[60]" became not supported: No Such Instance currently exists at this OID
1056:20191110:063021.862 item "SG300-SFP01:.1.3.6.1.2.1.2.2.1.20.[67]" became not supported: No Such Instance currently exists at this OID
1054:20191110:063022.865 item "SG300-SFP01:.1.3.6.1.2.1.2.2.1.14.[100000]" became not supported: No Such Instance currently exists at this OID
1054:20191110:063022.865 item "SG300-SFP01:.1.3.6.1.2.1.2.2.1.10.[49]" became not supported: No Such Instance currently exists at this OID
1054:20191110:063022.865 item "SG300-SFP01:.1.3.6.1.2.1.2.2.1.14.[59]" became not supported: No Such Instance currently exists at this OID
1054:20191110:063022.865 item "SG300-SFP01:.1.3.6.1.2.1.2.2.1.20.[100031]" became not supported: No Such Instance currently exists at this OID
1054:20191110:063022.865 item "SG300-SFP01:.1.3.6.1.2.1.2.2.1.16.[58]" became not supported: No Such Instance currently exists at this OID
1054:20191110:063022.865 item "SG300-SFP01:.1.3.6.1.2.1.2.2.1.13.[100004]" became not supported: No Such Instance currently exists at this OID
1054:20191110:063022.865 item "SG300-SFP01:.1.3.6.1.2.1.2.2.1.16.[75]" became not supported: No Such Instance currently exists at this OID
1057:20191110:063023.867 item "SG300-SFP01:.1.3.6.1.2.1.2.2.1.10.[100007]" became not supported: No Such Instance currently exists at this OID
1057:20191110:063027.873 item "SW-15:.1.3.6.1.2.1.2.2.1.19.[1005]" became not supported: No Such Instance currently exists at this OID
1057:20191110:063027.873 item "SW-17:.1.3.6.1.2.1.2.2.1.14.[100031]" became not supported: No Such Instance currently exists at this OID
1055:20191110:063029.875 item "SW-17:.1.3.6.1.2.1.2.2.1.16.[1002]" became not supported: No Such Instance currently exists at this OID
1057:20191110:063042.888 item "SW-24:.1.3.6.1.2.1.2.2.1.19.[1001]" became not supported: No Such Instance currently exists at this OID
1057:20191110:063042.888 item "SW-24:.1.3.6.1.2.1.2.2.1.16.[100003]" became not supported: No Such Instance currently exists at this OID
1056:20191110:063045.891 item "SW-26:.1.3.6.1.2.1.2.2.1.14.[55]" became not supported: No Such Instance currently exists at this OID
1056:20191110:063045.891 item "SW-26:.1.3.6.1.2.1.2.2.1.20.[1002]" became not supported: No Such Instance currently exists at this OID
--------------------