Ad Widget

Collapse

Problem with zabbix_agentd 3.0.31 on Debian 9

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Celso Annes
    Junior Member
    • Dec 2020
    • 15
    #1

    Problem with zabbix_agentd 3.0.31 on Debian 9

    I was using zabbix_agentd 3.0.28 after updating to zabbix_agentd 3.0.31 i find out some triggers stoped working.

    I saw that some changes occurred:
    Was...
    Code:
    /etc/zabbix/zabbix_agentd.d
    Now
    Code:
    /etc/zabbix/zabbix_agentd.conf.d/
    the logs have changed as well:
    Was:
    Code:
    /var/log/zabbix/zabbix_agentd.log
    Now:
    Code:
    /var/log/zabbix-agent/zabbix_agentd.log
    My zabbix_agentd.conf was:
    Code:
    PidFile=/var/run/zabbix/zabbix_agentd.pid
LogFile=/var/log/zabbix/zabbix_agentd.log
LogFileSize=100
EnableRemoteCommands=1
LogRemoteCommands=1
Server=100.220.254.1
AllowRoot=1
Include=/etc/zabbix/zabbix_agentd.d/
    I had to update to match the new configuration of the folders:

    Code:
    PidFile=/var/run/zabbix/zabbix_agentd.pid
LogFile=/var/log/zabbix-agent/zabbix_agentd.log
LogFileSize=100
EnableRemoteCommands=1
LogRemoteCommands=1
Server=100.220.254.1
AllowRoot=1
Include=/etc/zabbix/zabbix_agentd.conf.d/*.conf
    I have agents running on both versions, 3.0.28 and 3.0.31, the ones that are running on version 3.0.31 some triggers are not working properly.
    Here is one that is not working on version 3.0.31 but works fine on 3.0.28.
    Code:
    {viabat:system.run[/sbin/iptables-save | grep "INPUT DROP" | wc -l].last()}=0 or {viabat:proc.num[,,,fail2ban\-server].last()}=0 or {viabat:system.run[/sbin/iptables-save | grep -i "f2b-ASTERISK" | wc -l].last()}=0 or {viabat:system.run[/sbin/iptables-save | grep -i "f2b-ssh" | wc -l].last()}=0

    Looking into zabbix_agentd.log i see that the commands are being running but the return change according to the version:

    zabbix_agentd 3.0.28
    Code:
    21881:20201202:120144.809 EXECUTE_STR() command:'/sbin/iptables-save | grep "INPUT DROP" | wc -l' len:1 cmd_result:'[COLOR=#27ae60][B]1[/B][/COLOR]'
21881:20201202:120144.809 Sending back [[COLOR=#16a085][B]1[/B][/COLOR]]
    On version 3.0.28 is returning 1 (ONE).

    zabbix_agentd 3.0.31
    Code:
    18670:20201202:120059.957 EXECUTE_STR() command:'/sbin/iptables-save | grep "INPUT DROP" | wc -l' len:1 cmd_result:'[COLOR=#c0392b][B]0[/B][/COLOR]'
18670:20201202:120059.957 Sending back [[COLOR=#c0392b][B]0[/B][/COLOR]]
    On version 3.0.31 is returning 0 (ZERO).

    If i run the commands directly on terminal, I have the followed return:
    Code:
    # /sbin/iptables-save | grep "INPUT DROP" | wc -l
1

# /sbin/iptables-save | grep -i "f2b-ASTERISK" | wc -l

3
# /sbin/iptables-save | grep -i "f2b-ssh" | wc -l
3
    Based on the return of the commands on the terminal, that are greater than zero, the Zabbix should not up an alert, but its upping an alert like the result is like zero.

    I have no idea why it is returning zero.

    Anyone know what is happening, what can be done to solve this problem?

    Thanks.
    Last edited by Celso Annes; 03-12-2020, 14:44.
    Tags: None
    • Celso Annes
      Junior Member
      • Dec 2020
      • 15
      #2
      I managed to solve it!
      The problem is that the newer version zabbix_agentd 3.0.31 no longer runs as a root user, now when installed or updated it runs with the zabbix user, so it cannot run commands that need privileged permissions.

      I solved the problem with this official documentation: https://www.zabbix.com/documentation..._agent_as_root

        Comment

        Previous template Next
        Working...