Like many other people here, I've been having some issues with false triggers, logged as Interrupted System Call in the server log. Note that the false triggers always clear by the next check.
Initially I was using a trigger based only on icmpping, triggering when 3 consecutive failures occurred. This caused seemingly random but quite frequent failures on boxes I know were fine. I then confirmed there was no issues with the connections by logging my own permanent ping checks to these boxes. When Zabbix fired triggers, there were no missed pings in my logs.
After reading many posts relating to this or similar, I created my triggers based on two values instead of just one (as per Alexei's suggestion). i.e.
(icmpping.max(#3)<1) & (agent.ping.nodata(90)=1)
This has helped to greatly reduce the false triggers but unfortunately not all of the devices monitored have the agent installed on them.
For the devices I monitor snmp data, I set up the trigger like:
(icmpping.max(#3)<1) & (ifAdminStatus1.nodata(90)=1) however it does not seem to have reduced the false triggers as much as the boxes with the agent running.
Does the function nodata actually work with snmp checks or is it limited only to the agent? The manual indicates it is only for the agent but as no error occurred when I created the trigger I was not sure.
Also, I think it would be great if, for those who have had similar problems to what I've mentioned above, could share their solution to getting triggers more accurately represented to indicate host availability.
What is the best solution for devices that have not agent and have no snmp data? i.e. only using simple checks?
Thanks for any advice suggestions or thoughts.
Initially I was using a trigger based only on icmpping, triggering when 3 consecutive failures occurred. This caused seemingly random but quite frequent failures on boxes I know were fine. I then confirmed there was no issues with the connections by logging my own permanent ping checks to these boxes. When Zabbix fired triggers, there were no missed pings in my logs.
After reading many posts relating to this or similar, I created my triggers based on two values instead of just one (as per Alexei's suggestion). i.e.
(icmpping.max(#3)<1) & (agent.ping.nodata(90)=1)
This has helped to greatly reduce the false triggers but unfortunately not all of the devices monitored have the agent installed on them.
For the devices I monitor snmp data, I set up the trigger like:
(icmpping.max(#3)<1) & (ifAdminStatus1.nodata(90)=1) however it does not seem to have reduced the false triggers as much as the boxes with the agent running.
Does the function nodata actually work with snmp checks or is it limited only to the agent? The manual indicates it is only for the agent but as no error occurred when I created the trigger I was not sure.
Also, I think it would be great if, for those who have had similar problems to what I've mentioned above, could share their solution to getting triggers more accurately represented to indicate host availability.
What is the best solution for devices that have not agent and have no snmp data? i.e. only using simple checks?
Thanks for any advice suggestions or thoughts.