net.tcp.listen[443] reported as 'Unsupported item key' by server, but tests from host
Hi,
I'm using Zabbix 6.0.19 on the server, proxy and agent.
We have a server which is hosted on a VPS on the internet.
We have a proxy which hosted on the perimeter to one of our networks.
I want to monitor a host to check if a webserver which is running on port 443 is up as it's fallen over a few times recently.
The host in question has a proxy between itself and the proxy. The firewall allows 10050/tcp through but not 443 (and I'm not allowed to make that change by policy). As a result can't use net.tcp.service[https], which would test is HTTPS is up from the proxy (according to the docs 5 Simple checks (zabbix.com) states.... Note that Zabbix agent is not needed for simple checks. Zabbix server/proxy is responsible for the processing of simple checks (making external connections, etc).)
So, I thought I'd try using net.tcp.listen[443], which would mean the agent would check if something is bound to 443.. however this is reporting as Unsupported item key on the server.
I added the net.tcp.listen[10050] item for testing only as I occurred to be it could be a permission based problem issue due to 443 a privileged port (i.e., less than 1024). That item also comes back as Unsupported item key.
If I do a zabbix_agentd -t net.tcp.listen[443] while su'd to zabbix user on the host it comes back as expected (ie, a 1 for up). If I do a zabbix_get -s 10.0.5.222 -k net.tcp.listen[443] from the proxy it also comes back as expected.
I've run out of ideas as to why this item is reporting as Unsupported item key on the server.
Anyone else have any suggestions?
Thanks
Steve
I'm using Zabbix 6.0.19 on the server, proxy and agent.
We have a server which is hosted on a VPS on the internet.
We have a proxy which hosted on the perimeter to one of our networks.
I want to monitor a host to check if a webserver which is running on port 443 is up as it's fallen over a few times recently.
The host in question has a proxy between itself and the proxy. The firewall allows 10050/tcp through but not 443 (and I'm not allowed to make that change by policy). As a result can't use net.tcp.service[https], which would test is HTTPS is up from the proxy (according to the docs 5 Simple checks (zabbix.com) states.... Note that Zabbix agent is not needed for simple checks. Zabbix server/proxy is responsible for the processing of simple checks (making external connections, etc).)
So, I thought I'd try using net.tcp.listen[443], which would mean the agent would check if something is bound to 443.. however this is reporting as Unsupported item key on the server.
I added the net.tcp.listen[10050] item for testing only as I occurred to be it could be a permission based problem issue due to 443 a privileged port (i.e., less than 1024). That item also comes back as Unsupported item key.
If I do a zabbix_agentd -t net.tcp.listen[443] while su'd to zabbix user on the host it comes back as expected (ie, a 1 for up). If I do a zabbix_get -s 10.0.5.222 -k net.tcp.listen[443] from the proxy it also comes back as expected.
Anyone else have any suggestions?
Thanks
Steve
Comment