更新内容:
1)、增加了对windows主机的tcp连接状态的监控
2)、修改linux主机的监控配置,使linux与windwos主机能够使用相同的模板
tcp的连接状态对于监控服务器,尤其是Web服务器来说至关重要。
zabbix自带的监控模板中没有对tcp连接状态的监控,要监控tcp的连接状态需要配置自定义key进行监控。
1、Linux配置
1)、在zabbix agent安装目录下的zabbix_agentd.d目录下添加一个.conf配置文件,这里是通过执行脚本获取的数据,所以需指定脚本的路径
[root@localhost ~]# cat /etc/zabbix/zabbix_agentd.d/userparameter_tcp.conf UserParameter=tcp[*],ss -ant state $(echo $1 |tr '_' '-') |sed '1d' |wc -l
2)、重启zabbix agent服务
[root@localhost ~]# service zabbix-agent restart
Shutting down Zabbix agent: [ OK ]
Starting Zabbix agent: [ OK ]
2、windows配置
1)、在zabbix_agentd.win.conf配置文件的最后一行添加自定义key(请确保自定义key没有被禁用)
UserParameter=tcp[*],netstat -anp tcp |find /i /c "$1"
2)、重启zabbix agent服务
运行cmd,输入以下命令重启服务
net stop "Zabbix Agent" net start "Zabbix Agent"
监控项配置
监控示意图
TCP状态zabbix监控模板下载 ( 另存成xml文档,再导入到zabbix中去 ):
<?xml version="1.0" encoding="UTF-8"?> <zabbix_export> <version>3.2</version> <date>2017-05-09T09:52:27Z</date> <groups> <group> <name>Templates</name> </group> </groups> <templates> <template> <template>Template TCP Status</template> <name>Template TCP Status</name> <description/> <groups> <group> <name>Templates</name> </group> </groups> <applications> <application> <name>TCP Status</name> </application> </applications> <items> <item> <name>TCP closed</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp[closed]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> <logtimefmt/> </item> <item> <name>TCP close_wait</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp[close_wait]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> <logtimefmt/> </item> <item> <name>TCP closing</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp[closing]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> <logtimefmt/> </item> <item> <name>TCP established</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp[established]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> <logtimefmt/> </item> <item> <name>TCP fin_wait_1</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp[fin_wait_1]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> <logtimefmt/> </item> <item> <name>TCP fin_wait_2</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp[fin_wait_2]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> <logtimefmt/> </item> <item> <name>TCP last_ack</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp[last_ack]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> <logtimefmt/> </item> <item> <name>TCP listening</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp[listening]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> <logtimefmt/> </item> <item> <name>TCP syn_recv</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp[syn_recv]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> <logtimefmt/> </item> <item> <name>TCP syn_sent</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp[syn_sent]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> <logtimefmt/> </item> <item> <name>TCP time_wait</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp[time_wait]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> <logtimefmt/> </item> </items> <discovery_rules/> <httptests/> <macros/> <templates/> <screens/> </template> </templates> <graphs> <graph> <name>TCP Status</name> <width>900</width> <height>200</height> <yaxismin>0.0000</yaxismin> <yaxismax>100.0000</yaxismax> <show_work_period>1</show_work_period> <show_triggers>1</show_triggers> <type>0</type> <show_legend>1</show_legend> <show_3d>0</show_3d> <percent_left>0.0000</percent_left> <percent_right>0.0000</percent_right> <ymin_type_1>0</ymin_type_1> <ymax_type_1>0</ymax_type_1> <ymin_item_1>0</ymin_item_1> <ymax_item_1>0</ymax_item_1> <graph_items> <graph_item> <sortorder>0</sortorder> <drawtype>0</drawtype> <color>1A7C11</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Status</host> <key>tcp[established]</key> </item> </graph_item> <graph_item> <sortorder>1</sortorder> <drawtype>0</drawtype> <color>F63100</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Status</host> <key>tcp[fin_wait_1]</key> </item> </graph_item> <graph_item> <sortorder>2</sortorder> <drawtype>0</drawtype> <color>2774A4</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Status</host> <key>tcp[fin_wait_2]</key> </item> </graph_item> <graph_item> <sortorder>3</sortorder> <drawtype>0</drawtype> <color>A54F10</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Status</host> <key>tcp[last_ack]</key> </item> </graph_item> <graph_item> <sortorder>4</sortorder> <drawtype>0</drawtype> <color>FC6EA3</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Status</host> <key>tcp[listening]</key> </item> </graph_item> <graph_item> <sortorder>5</sortorder> <drawtype>0</drawtype> <color>6C59DC</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Status</host> <key>tcp[syn_recv]</key> </item> </graph_item> <graph_item> <sortorder>6</sortorder> <drawtype>0</drawtype> <color>AC8C14</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Status</host> <key>tcp[time_wait]</key> </item> </graph_item> <graph_item> <sortorder>7</sortorder> <drawtype>0</drawtype> <color>611F27</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Status</host> <key>tcp[closed]</key> </item> </graph_item> <graph_item> <sortorder>8</sortorder> <drawtype>0</drawtype> <color>F230E0</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Status</host> <key>tcp[close_wait]</key> </item> </graph_item> <graph_item> <sortorder>9</sortorder> <drawtype>0</drawtype> <color>5CCD18</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Status</host> <key>tcp[closing]</key> </item> </graph_item> <graph_item> <sortorder>10</sortorder> <drawtype>0</drawtype> <color>BB2A02</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Status</host> <key>tcp[syn_sent]</key> </item> </graph_item> </graph_items> </graph> </graphs> </zabbix_export>