Ad Widget

**LenR** · 01-05-2018, 21:04

Does the zabbix agent have read permission to the file? Check the item on the host config to see if there are errors.

**modogo2000** · 01-05-2018, 21:16

The file is in 777 for the test and in the configuration I have no error . I add a print screen of the result trigger

Attached Files

**aigars.kadikis** · 03-05-2018, 09:12

Hi, modogo2000,

What OS you have?
What zabbix_agentd.log says?
Does the "Host name" in zabbix server match 1:1 with the "Hostname=" in zabbix_agentd.conf?

Regards,

**modogo2000** · 03-05-2018, 14:27

Hello,

I'm using centos 7 , i Have no error message or something usefull in the log.

I check and yes the hostname is the sane .

Best regards

**aigars.kadikis** · 03-05-2018, 14:46

There is security module in CentOS called SELinux which by default is pretty much on. You can see the status with command:

Code:

getenforce

Temporary disable it with:

Code:

setenforce 0

Then repeat your scenario.

Also it would be interesting if you could share output from:

Code:

grep denied /var/log/audit/audit.log | sed "s/^.*denied /denied/g;s/ pid=[0-9]\+ \| ino=[0-9]\+//g;s/ name=.*scontext=\| path=.*scontext=/ /g" | sort | uniq

Looking forward to hear from you.

**modogo2000** · 03-05-2018, 15:08

Thank you for your time.

Selinux is disbled and nothing is denied

[root@uco-lab-4 zabbix]# getenforce
Disabled
[root@uco-lab-4 zabbix]# grep denied /var/log/audit/audit.log | sed "s/^.*denied /denied/g;s/ pid=[0-9]\+ \| ino=[0-9]\+//g;s/ name=.*scontext=\| path=.*scontext=/ /g" | sort | uniq
[root@uco-lab-4 zabbix]#

The log I tried to analys is in /tmp

-rwxrwxrwx 1 root root 5 Apr 30 13:37 test.log
[root@uco-lab-4 tmp]#

**aigars.kadikis** · 03-05-2018, 15:26

Originally posted by modogo2000

Thank you for your time.

Selinux is disbled and nothing is denied

[root@uco-lab-4 zabbix]# getenforce
Disabled
[root@uco-lab-4 zabbix]# grep denied /var/log/audit/audit.log | sed "s/^.*denied /denied/g;s/ pid=[0-9]\+ \| ino=[0-9]\+//g;s/ name=.*scontext=\| path=.*scontext=/ /g" | sort | uniq
[root@uco-lab-4 zabbix]#

The log I tried to analys is in /tmp

-rwxrwxrwx 1 root root 5 Apr 30 13:37 test.log
[root@uco-lab-4 tmp]#

Please try to change log owner it:

Code:

chown zabbix:zabbix /tmp/test.log

Repeat your scenario

**modogo2000** · 03-05-2018, 15:59

I try and I will let you know

**modogo2000** · 03-05-2018, 17:45

I made the change but still the same. I put the log of the agent in debug level 5 . is there a key or something I can search on the log.

I add a print to show that the other check are working.

Attached Files

**modogo2000** · 03-05-2018, 18:07

To be sure I tried on an other server same issue

**aigars.kadikis** · 07-05-2018, 08:23

Originally posted by modogo2000

To be sure I tried on an other server same issue

Ok, I can see that Host name is oco-lab-4. I hope this is real host name (not Visiable name) and it realy match the value in "Hostname=" on zabbix_agentd.conf where you are querying the log file. Please share your full zabbix_agentd.conf file

Code:

grep -v "^$\|^#" /etc/zabbix/zabbix_agentd.conf

Also please show the screenshot of host configuration.

Install nmap utility on agent side:

Code:

yum install nmap -y

Test if you can send active item from agent to server:

Code:

nmap -p 10051 zabbixservername.or.ip.address

Check in log:

Code:

grep "cannot" /var/log/zabbix/zabbix_agentd.log

Regards,

**modogo2000** · 07-05-2018, 21:03

Hello,

This is my agent config :

LogFile=/var/log/zabbix/zabbix_agentd.log
LogFileSize=0
DebugLevel=5
Server=10.100.242.177
ServerActive=10.100.242.177
Hostname=uco-lab-4
Hostname=Zabbix server
Include=/etc/zabbix/zabbix_agentd.d/*.conf

The result the commad nmap is :

[root@uco-lab-4 jmanset]# nmap -p 10051 10.100.242.177

Starting Nmap 6.40 ( http://nmap.org ) at 2018-05-07 18:59 GMT
Nmap scan report for uco-lab-1-2. (10.100.242.177)
Host is up (0.00046s latency).
PORT STATE SERVICE
10051/tcp open unknown
MAC Address: FA:20:3E:6F:39:B2 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.04 seconds

There is nothing usefull in the log

Best regards

**aigars.kadikis** · 08-05-2018, 09:02

Ok, Thank you for providing such precise and useful info.
You have two 'Hostname=' entries in zabbix_agentd.conf. Try to leave only 'Hostname=uco-lab-4', (delete 'Hostname=Zabbix server'), restart agent and then look how it goes.

Regards,

**modogo2000** · 08-05-2018, 20:12

Hello

A big thank you for your help . It's working now. The issue was the 2 hostnames .

Ad Widget

zabbix 3.4 Log file monitoring

zabbix 3.4 Log file monitoring

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment