Ad Widget

Collapse

Zabbix Monitor Centos Log

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • radu990
    Junior Member
    • Oct 2017
    • 16
    #1

    Zabbix Monitor Centos Log

    Hi,

    I'm trying to monitor the Centos 7 log [/var/log/messages] from my zabbix server and created a item for this.

    However, I received the below error in the agent log:

    Cannot open file "/var/log/messages": [13] Permission denied

    I understand the problem is in the access to the log file, as only root/admins have access to log files. Had the same problem on Ubuntu, and solved it with adding the zabbix user to admin group

    sudo usermod -aG adm zabbix

    Same command doesn't help/work on Centos. Any help/ideas on how to grant permission to zabbix user to access logs?
    http://www.pixhost.org/show/154/55167560_clipboard.png


    Thank you
    Last edited by radu990; 27-10-2017, 14:43.
    Tags: centos 7, log file monitoring, permission denied
    • kaspars.mednis
      Senior Member
      Zabbix Certified Trainer
      Zabbix Certified SpecialistZabbix Certified Professional
      • Oct 2017
      • 349
      #2
      The default permissions on messages log file allows only root:root

      Code:
      -rw-------.  1 root   root   531934 okt 25 02:52 messages
      In that case easy and fast way to solve this:

      Code:
      chgrp zabbix /var/log/messages
chmod g+r messages
      Basically this will allow anyone in the zabbix group read the log file. zabbix is the only user here by default.

      The only problem is logrotate, which will remove this logfile and create new with default permissions.

      so you must specify in logrotate conf options for /var/log/messages, otherwise after some time the log will be rotated and new logfile will be created without zabbix read permissions

      add this option for messages:
      Code:
      create 0640 root zabbix
      Regards,
      Kaspars

        Comment

        • radu990
          Junior Member
          • Oct 2017
          • 16
          #3
          Originally posted by kaspars.mednis
          The only problem is logrotate, which will remove this logfile and create new with default permissions.

          so you must specify in logrotate conf options for /var/log/messages, otherwise after some time the log will be rotated and new logfile will be created without zabbix read permissions

          add this option for messages:
          Code:
          create 0640 root zabbix
          Regards,
          Kaspars
          First of all, thank you very much. Everything works ok now.
          One more additional question regarding logrotate conf. Do you mean to add in /etc/logrotate.conf in the create new log files section the root and zabbix users and 640 access rights? Did I understood you correctly?

          http://www.pixhost.org/show/156/55180536_screenshot-2017-10-27-001.png


          Thank you once again

            Comment

            • kaspars.mednis
              Senior Member
              Zabbix Certified Trainer
              Zabbix Certified SpecialistZabbix Certified Professional
              • Oct 2017
              • 349
              #4
              Your configuration will change the default configuration for ALL rotated logfiles with
              Code:
              create 0640 root zabbix
              On Centos 7 if you want to change it just for system files -

              in /etc/logrotate.d/ is file named syslog

              originally it looks like
              Code:
              /var/log/cron
/var/log/maillog
/var/log/messages
/var/log/secure
/var/log/spooler
{
    missingok
    sharedscripts
    postrotate
	/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true
    endscript
}
              just add
              Code:
              create 0640 root zabbix
              somewhere between brackets.

              this config will be effective only on log files listed above.
              Then you can remove it from global config

              Regards,
              Kaspars

                Comment

                • radu990
                  Junior Member
                  • Oct 2017
                  • 16
                  #5
                  Thank you very much once again!

                    Comment

                    • MalySzaryCzlowiek
                      Junior Member
                      • Jan 2018
                      • 4
                      #6
                      Hi i have same problem with permissions. I tried this way:
                      Originally posted by kaspars.mednis
                      In that case easy and fast way to solve this:

                      Code:
                      chgrp zabbix /var/log/messages
chmod g+r messages
                      But changed path to mine (/var/log/klienci/zabbixcl/logi) and still nothing, permissions denied. All works fine when i change to chmod 777, but i know this is not safe way to solve this. Any idea what to do with this? Thanks.

                        Comment

                        Previous template Next
                        Working...