For those who have struggled with collecting data with Zabbix, getting no results when everything appears correctly configured... For example:
A. When attempting to perform network device discovery as part of the Linux OS template, but never seeing network devices populate.
B. When writing external scripts, and seeing them execute, but never getting values back from stdin.
C. You get the idea...
It may be that your issues are related to selinux. Especially with the release of CentOS 6.3 (and presumably other more recent derivatives), the selinux policy has been updated ... read that as, "made more challenging."
Using Zabbix 2.2, I have seen a number of selinux-related issues under CentOS 6.5 in particular. Therefore, as a stop-gap measure, in order to prevent others having to go through the same pain, I have created a script to:
1. Parse through /var/log/audit/audit.log for entries related to zabbix_agentd, and grab the relevant bits into a policy file.
2. Parse that policy file.
3. Compile that policy file.
4. Import that policy file into the system, to allow zabbix_agentd to perform those actions that selinux had previously been preventing.
The attached script is the workhorse (and requires root privileges), but the general process is as follows:
-- Login to the server that is having issues with the zabbix_agentd.
-- Make sure that "policycoreutils" (CentOS...your package name may vary) is installed,
-- in order to provide the file audit2allow.
-- Note: for RPM-based systems, execute "yum provides \*/audit2allow" (without the quotes)
-- to find which package provides the file audit2allow...
-- Download the attached update_selinux.txt file.
-- Rename the attach file to update_selinux.
-- Create the selinux directory in home directory and change to directory:
mkdir ~/selinux
cd ~/selinux
-- Copy the update_selinux file into the ~/selinux directory.
-- Execute the following command to make the file executable:
chmod +x update_selinux
-- Grab portion of audit.log file and look for "zabbix_agentd"
tail -n 2000 -f /var/log/audit/audit.log | grep zabbix_agentd
-- If you see any entries, then perform the following:
./update_selinux
-- Wait long enough for whatever process you need to work.
-- (e.g. wait for Zabbix to generate new audit log messages)
-- Go back to the "tail" step above...and repeat.
-- Execute the ./update_selinux step after the tail, if you find more
-- (new) audit.log messages related to zabbix_agentd.
-- Enjoy!
A. When attempting to perform network device discovery as part of the Linux OS template, but never seeing network devices populate.
B. When writing external scripts, and seeing them execute, but never getting values back from stdin.
C. You get the idea...
It may be that your issues are related to selinux. Especially with the release of CentOS 6.3 (and presumably other more recent derivatives), the selinux policy has been updated ... read that as, "made more challenging."
Using Zabbix 2.2, I have seen a number of selinux-related issues under CentOS 6.5 in particular. Therefore, as a stop-gap measure, in order to prevent others having to go through the same pain, I have created a script to:
1. Parse through /var/log/audit/audit.log for entries related to zabbix_agentd, and grab the relevant bits into a policy file.
2. Parse that policy file.
3. Compile that policy file.
4. Import that policy file into the system, to allow zabbix_agentd to perform those actions that selinux had previously been preventing.
The attached script is the workhorse (and requires root privileges), but the general process is as follows:
-- Login to the server that is having issues with the zabbix_agentd.
-- Make sure that "policycoreutils" (CentOS...your package name may vary) is installed,
-- in order to provide the file audit2allow.
-- Note: for RPM-based systems, execute "yum provides \*/audit2allow" (without the quotes)
-- to find which package provides the file audit2allow...
-- Download the attached update_selinux.txt file.
-- Rename the attach file to update_selinux.
-- Create the selinux directory in home directory and change to directory:
mkdir ~/selinux
cd ~/selinux
-- Copy the update_selinux file into the ~/selinux directory.
-- Execute the following command to make the file executable:
chmod +x update_selinux
-- Grab portion of audit.log file and look for "zabbix_agentd"
tail -n 2000 -f /var/log/audit/audit.log | grep zabbix_agentd
-- If you see any entries, then perform the following:
./update_selinux
-- Wait long enough for whatever process you need to work.
-- (e.g. wait for Zabbix to generate new audit log messages)
-- Go back to the "tail" step above...and repeat.
-- Execute the ./update_selinux step after the tail, if you find more
-- (new) audit.log messages related to zabbix_agentd.
-- Enjoy!
Comment