Distributed monitoring system Zabbix uses SNMP and JMX channels to collect data

In the previous article, we learned about the passive, active and web monitoring related topics of Zabbix. Please refer to https://www.jb51.net/article/200679.htm for review. Today, let's learn about the topic of Zabbix using SNMP and JMX channels to collect data.

1. Introduction to SNMP protocol

SNMP is the abbreviation of "Simple Network Management Protocol" in English. It means "Simple Network Management Protocol" in Chinese. SNMP is a simple network management protocol. It belongs to the application layer protocol of the TCP/IP five-layer protocol and is a protocol for network management. SNMP is mainly used for the management of network devices. The basic idea of ​​SNMP is to define a unified interface and protocol for different types of devices, devices produced by different manufacturers, and devices of different models, so that administrators can use a unified appearance to manage these network devices that need to be managed. Through the network, administrators can manage devices located in different physical spaces, thereby greatly improving the efficiency of network management and simplifying the work of network administrators. The SNMP protocol is an application layer protocol of the TCP/IP protocol cluster. It was formulated in 1988 and adopted by the Internet Architecture Board (IAB) as a short-term network management solution. Due to the simplicity of SNMP, it has been vigorously developed in the Internet era. In 1992, the SNMPv2 version was released to enhance the security and functions of SNMPv1. There are currently three versions of the SNMP protocol: SNMP v1, SNMP v2c and SNMP v3. The specific differences are as follows:

SNMP v1 uses community name authentication. The community name is used to define the relationship between the SNMP NMS and the SNMP Agent. If the community name carried in the SNMP message is not recognized by the device, the message will be discarded. The community name plays a role similar to a password to limit the access of the SNMP NMS to the SNMP Agent.

SNMP v2c also uses community name authentication. It is compatible with SNMP v1 while expanding the functions of SNMP v1. It provides more operation types (GetBulk and InformRequest), supports more data types (Counter64, etc.), provides richer error codes, and can distinguish errors more finely.

SNMP v3 provides an authentication mechanism based on the User-Based Security Model (USM). Users can set authentication and encryption functions. Authentication is used to verify the legitimacy of the message sender to prevent access by illegal users. Encryption is used to encrypt the transmission messages between the NMS and the Agent to prevent eavesdropping. By combining authentication and encryption functions, higher security can be provided for the communication between the SNMP NMS and the SNMP Agent.

2. SNMP working mechanism

SNMP working mechanism SNMP network elements are divided into two types: NMS and Agent. NMS (Network Management Station) is a workstation that runs the SNMP client program and can provide a very friendly human-computer interaction interface to facilitate network administrators to complete most network management tasks. Agent is a process residing on the device, responsible for receiving and processing request messages from the NMS. In some emergency situations, such as when the interface status changes, the Agent will also proactively notify the NMS. NMS is the manager of the SNMP network, and Agent is the managed device of the SNMP network. The NMS and Agent exchange management information through the SNMP protocol.

3. SNMP data interaction

In order to exchange information, the SNMP management process and the agent process previously defined five types of messages:

Get-request operation: retrieves one or more parameter values ​​from the proxy process.

get-next-request operation: retrieves the next parameter value of one or more parameters from the proxy process.

set-request operation: Set one or more parameter values ​​of the agent process.

Get-response operation: returns one or more parameter values. This operation is issued by the agent process.

Trap operation: The agent process actively sends a message to notify the management process that something has happened.

SNMP data interaction diagram

4. SNMP Organizational Structure

A complete SNMP system mainly includes the following aspects: SNMP message protocol. SMI (Structure of Management Information), a set of common structures and representation symbols. Management Information Base (MIB): The management information base contains all the parameters that can be queried and modified for all agent processes. OID (Object Identifiers), an OID is a unique key-value pair used to identify specific information (object identifier) ​​of a specific device, such as port information, device name, etc.

5. SNMP MIB

The so-called (MIB) management information base is a collection of information contained in all agent processes and can be queried and set by the management process. MIB is based on an object identifier tree. An object identifier is a sequence of integers separated by ".". These integers form a tree structure, similar to the DNS or Unix file system. MIB is divided into several groups, such as system, interfaces, at (address translation), and ip groups. The iso.org.dod.internet.private.enterprises (1.3.6.1.4.1) identifier is reserved for manufacturer customization. For example, Huawei's is 1.3.6.1.4.1.2011 and H3C's is 1.3.6.1.4.1.25506.

Some commonly used OIDs in Centos

6. Enable SNMP on Linux

[root@node05 ~]# yum install -y net-snmp

Tip: The above installation is to install the snmp agent, running on the monitored end;

Install the snmp client tool

[root@node05 ~]# yum install -y net-snmp-utils

Configure snmp to allow clients in certain communities to obtain data, and what permissions are given to snmp to allow access to certain data

Tip: The above configuration means that first, the community name public is mapped to a security name notConfigUser; secondly, the security name notConfigUser is mapped to the group name notConfigGroup, and the security modes v1 and v2c are added to the group, which means that as long as the members in this group are compatible with the security modes of both versions v1 and v2c; thirdly, a view is created, named systemview, and the oids of those leaf nodes or subtrees are allowed to be added to this view; finally, any user in the notConfigGroup group is authorized to have read-only permission to systemview in any security mode, without write permission, and without exception; in simple terms, the above configuration means that any user in the public community will be identified as a user in notConfigGroup, and the users in the corresponding group have the subtree read-only permission authorized by systemview; it should be noted here that the subtree is the identifier (oid) of the data object we want to obtain; we only need to modify the corresponding systemview to authorize which subtrees or leaf nodes it has; authorizing a subtree means that all leaf nodes or subtrees under the subtree can be accessed, and authorizing a leaf node means that only the corresponding leaf node can be seen accurately;

Example: Authorize the systemview view to have 1 minute of operating system CPU load data

Tip: Just add the corresponding OID of the CPU 1 minute load to the systemview view;

Start snmpd

[root@node05 ~]# systemctl start snmpd.service
[root@node05 ~]# ss -unl
State Recv-Q Send-Q Local Address:Port Peer Address:Port  
UNCONN 0 0 *:161 *:*   
UNCONN 0 0 127.0.0.1:323 *:*   
UNCONN 0 0 ::1:323 :::*   
[root@node05 ~]#

Tip: Please make sure that UDP port 161 is listening normally;

Verification: Use the snmpget tool to obtain the CPU load data for 1 minute on node05

[root@node05 ~]# snmpget -c public -v 2c node05 .1.3.6.1.4.1.2021.10.1.3.1
UCD-SNMP-MIB::laLoad.1 = STRING: 0.00
[root@node05 ~]# uptime
 20:57:49 up 35 min, 1 user, load average: 0.00, 0.02, 0.05
[root@node05 ~]#

Tip: You can see that the data obtained by snmpget tool is the same as the data obtained by uptime command. You can use oid to specify the data to be obtained, or you can use mib to obtain it.

[root@node05 ~]# snmpget -c public -v 2c node05 UCD-SNMP-MIB::laLoad.1
UCD-SNMP-MIB::laLoad.1 = STRING: 0.00
[root@node05 ~]#

Use the snmpwalk tool to obtain all data under non-leaf nodes

First, authorize snmp to see the corresponding subtree

Tip: The content in the red box above indicates that systemview contains the subtree .1.3.6.1.2.1.25, which means that all subtrees and leaf nodes under it can be seen;

Restart snmpd

[root@node05 ~]# systemctl restart snmpd.service
[root@node05 ~]# ss -unl
State Recv-Q Send-Q Local Address:Port Peer Address:Port  
UNCONN 0 0 *:161 *:*   
UNCONN 0 0 127.0.0.1:323 *:*   
UNCONN 0 0 ::1:323 :::*   
[root@node05 ~]#

Get the system process list

[root@node05 ~]# snmpwalk -c public -v 2c node05 .1.3.6.1.2.1.25.4.2.1.2
HOST-RESOURCES-MIB::hrSWRunName.1 = STRING: "systemd"
HOST-RESOURCES-MIB::hrSWRunName.2 = STRING: "kthreadd"
HOST-RESOURCES-MIB::hrSWRunName.3 = STRING: "ksoftirqd/0"
HOST-RESOURCES-MIB::hrSWRunName.5 = STRING: "kworker/0:0H"
HOST-RESOURCES-MIB::hrSWRunName.7 = STRING: "migration/0"
HOST-RESOURCES-MIB::hrSWRunName.8 = STRING: "rcu_bh"
HOST-RESOURCES-MIB::hrSWRunName.9 = STRING: "rcu_sched"
HOST-RESOURCES-MIB::hrSWRunName.10 = STRING: "watchdog/0"
HOST-RESOURCES-MIB::hrSWRunName.11 = STRING: "watchdog/1"
HOST-RESOURCES-MIB::hrSWRunName.12 = STRING: "migration/1"
HOST-RESOURCES-MIB::hrSWRunName.13 = STRING: "ksoftirqd/1"
HOST-RESOURCES-MIB::hrSWRunName.14 = STRING: "kworker/1:0"
HOST-RESOURCES-MIB::hrSWRunName.15 = STRING: "kworker/1:0H"
HOST-RESOURCES-MIB::hrSWRunName.17 = STRING: "kdevtmpfs"
HOST-RESOURCES-MIB::hrSWRunName.18 = STRING: "netns"
HOST-RESOURCES-MIB::hrSWRunName.19 = STRING: "khungtaskd"
HOST-RESOURCES-MIB::hrSWRunName.20 = STRING: "writeback"
HOST-RESOURCES-MIB::hrSWRunName.21 = STRING: "kintegrityd"
HOST-RESOURCES-MIB::hrSWRunName.22 = STRING: "bioset"
HOST-RESOURCES-MIB::hrSWRunName.23 = STRING: "kblockd"
HOST-RESOURCES-MIB::hrSWRunName.24 = STRING: "md"
HOST-RESOURCES-MIB::hrSWRunName.25 = STRING: "kworker/0:1"
HOST-RESOURCES-MIB::hrSWRunName.30 = STRING: "kswapd0"
HOST-RESOURCES-MIB::hrSWRunName.31 = STRING: "ksmd"
HOST-RESOURCES-MIB::hrSWRunName.32 = STRING: "khugepaged"
HOST-RESOURCES-MIB::hrSWRunName.33 = STRING: "crypto"
HOST-RESOURCES-MIB::hrSWRunName.41 = STRING: "kthrotld"
HOST-RESOURCES-MIB::hrSWRunName.42 = STRING: "kworker/u256:1"
HOST-RESOURCES-MIB::hrSWRunName.43 = STRING: "kmpath_rdacd"
HOST-RESOURCES-MIB::hrSWRunName.44 = STRING: "kworker/1:1"
HOST-RESOURCES-MIB::hrSWRunName.45 = STRING: "kpsmoused"
HOST-RESOURCES-MIB::hrSWRunName.47 = STRING: "ipv6_addrconf"
HOST-RESOURCES-MIB::hrSWRunName.66 = STRING: "deferwq"
HOST-RESOURCES-MIB::hrSWRunName.98 = STRING: "kauditd"
HOST-RESOURCES-MIB::hrSWRunName.265 = STRING: "kworker/1:2"
HOST-RESOURCES-MIB::hrSWRunName.282 = STRING: "ata_sff"
HOST-RESOURCES-MIB::hrSWRunName.283 = STRING: "scsi_eh_0"
HOST-RESOURCES-MIB::hrSWRunName.284 = STRING: "scsi_tmf_0"
HOST-RESOURCES-MIB::hrSWRunName.285 = STRING: "scsi_eh_1"
HOST-RESOURCES-MIB::hrSWRunName.286 = STRING: "scsi_tmf_1"
HOST-RESOURCES-MIB::hrSWRunName.289 = STRING: "mpt_poll_0"
HOST-RESOURCES-MIB::hrSWRunName.290 = STRING: "mpt/0"
HOST-RESOURCES-MIB::hrSWRunName.298 = STRING: "scsi_eh_2"
HOST-RESOURCES-MIB::hrSWRunName.299 = STRING: "scsi_tmf_2"
HOST-RESOURCES-MIB::hrSWRunName.300 = STRING: "ttm_swap"
HOST-RESOURCES-MIB::hrSWRunName.375 = STRING: "kdmflush"
HOST-RESOURCES-MIB::hrSWRunName.376 = STRING: "bioset"
HOST-RESOURCES-MIB::hrSWRunName.387 = STRING: "kdmflush"
HOST-RESOURCES-MIB::hrSWRunName.388 = STRING: "bioset"
HOST-RESOURCES-MIB::hrSWRunName.401 = STRING: "bioset"
HOST-RESOURCES-MIB::hrSWRunName.402 = STRING: "xfsalloc"
HOST-RESOURCES-MIB::hrSWRunName.403 = STRING: "xfs_mru_cache"
HOST-RESOURCES-MIB::hrSWRunName.404 = STRING: "xfs-buf/dm-0"
HOST-RESOURCES-MIB::hrSWRunName.405 = STRING: "xfs-data/dm-0"
HOST-RESOURCES-MIB::hrSWRunName.406 = STRING: "xfs-conv/dm-0"
HOST-RESOURCES-MIB::hrSWRunName.407 = STRING: "xfs-cil/dm-0"
HOST-RESOURCES-MIB::hrSWRunName.408 = STRING: "xfs-reclaim/dm-"
HOST-RESOURCES-MIB::hrSWRunName.409 = STRING: "xfs-log/dm-0"
HOST-RESOURCES-MIB::hrSWRunName.410 = STRING: "xfs-eofblocks/d"
HOST-RESOURCES-MIB::hrSWRunName.411 = STRING: "xfsaild/dm-0"
HOST-RESOURCES-MIB::hrSWRunName.467 = STRING: "kworker/1:1H"
HOST-RESOURCES-MIB::hrSWRunName.468 = STRING: "kworker/0:1H"
HOST-RESOURCES-MIB::hrSWRunName.482 = STRING: "systemd-journal"
HOST-RESOURCES-MIB::hrSWRunName.506 = STRING: "lvmetad"
HOST-RESOURCES-MIB::hrSWRunName.511 = STRING: "systemd-udevd"
HOST-RESOURCES-MIB::hrSWRunName.544 = STRING: "xfs-buf/sda1"
HOST-RESOURCES-MIB::hrSWRunName.545 = STRING: "xfs-data/sda1"
HOST-RESOURCES-MIB::hrSWRunName.546 = STRING: "xfs-conv/sda1"
HOST-RESOURCES-MIB::hrSWRunName.547 = STRING: "xfs-cil/sda1"
HOST-RESOURCES-MIB::hrSWRunName.548 = STRING: "xfs-reclaim/sda"
HOST-RESOURCES-MIB::hrSWRunName.549 = STRING: "xfs-log/sda1"
HOST-RESOURCES-MIB::hrSWRunName.550 = STRING: "xfs-eofblocks/s"
HOST-RESOURCES-MIB::hrSWRunName.551 = STRING: "xfsaild/sda1"
HOST-RESOURCES-MIB::hrSWRunName.554 = STRING: "nfit"
HOST-RESOURCES-MIB::hrSWRunName.598 = STRING: "kworker/u257:0"
HOST-RESOURCES-MIB::hrSWRunName.599 = STRING: "hci0"
HOST-RESOURCES-MIB::hrSWRunName.600 = STRING: "hci0"
HOST-RESOURCES-MIB::hrSWRunName.602 = STRING: "kworker/u257:2"
HOST-RESOURCES-MIB::hrSWRunName.624 = STRING: "auditd"
HOST-RESOURCES-MIB::hrSWRunName.648 = STRING: "rsyslogd"
HOST-RESOURCES-MIB::hrSWRunName.649 = STRING: "systemd-logind"
HOST-RESOURCES-MIB::hrSWRunName.650 = STRING: "polkitd"
HOST-RESOURCES-MIB::hrSWRunName.651 = STRING: "dbus-daemon"
HOST-RESOURCES-MIB::hrSWRunName.653 = STRING: "chronyd"
HOST-RESOURCES-MIB::hrSWRunName.660 = STRING: "NetworkManager"
HOST-RESOURCES-MIB::hrSWRunName.662 = STRING: "irqbalance"
HOST-RESOURCES-MIB::hrSWRunName.669 = STRING: "crond"
HOST-RESOURCES-MIB::hrSWRunName.674 = STRING: "agetty"
HOST-RESOURCES-MIB::hrSWRunName.877 = STRING: "tuned"
HOST-RESOURCES-MIB::hrSWRunName.976 = STRING: "sshd"
HOST-RESOURCES-MIB::hrSWRunName.1029 = STRING: "zabbix_agentd"
HOST-RESOURCES-MIB::hrSWRunName.1030 = STRING: "zabbix_agentd"
HOST-RESOURCES-MIB::hrSWRunName.1031 = STRING: "zabbix_agentd"
HOST-RESOURCES-MIB::hrSWRunName.1032 = STRING: "zabbix_agentd"
HOST-RESOURCES-MIB::hrSWRunName.1033 = STRING: "zabbix_agentd"
HOST-RESOURCES-MIB::hrSWRunName.1034 = STRING: "zabbix_agentd"
HOST-RESOURCES-MIB::hrSWRunName.1074 = STRING: "master"
HOST-RESOURCES-MIB::hrSWRunName.1075 = STRING: "pickup"
HOST-RESOURCES-MIB::hrSWRunName.1076 = STRING: "qmgr"
HOST-RESOURCES-MIB::hrSWRunName.1240 = STRING: "sshd"
HOST-RESOURCES-MIB::hrSWRunName.1242 = STRING: "bash"
HOST-RESOURCES-MIB::hrSWRunName.1333 = STRING: "kworker/u256:2"
HOST-RESOURCES-MIB::hrSWRunName.1666 = STRING: "kworker/0:0"
HOST-RESOURCES-MIB::hrSWRunName.1732 = STRING: "anacron"
HOST-RESOURCES-MIB::hrSWRunName.1883 = STRING: "kworker/0:2"
HOST-RESOURCES-MIB::hrSWRunName.1960 = STRING: "snmpd"
HOST-RESOURCES-MIB::hrSWRunName.1970 = STRING: "snmpwalk"
[root@node05 ~]#

Configure Zabbix Web to use the SNMP channel to collect data on node05 and link the Template OS Linux SNMPv2 template

Link Template

Check the host list to see if the SNMP channel corresponding to node05 turns green?

Add snmp item

Tips: Find the item on the corresponding host in the host list, then click Create Item, fill in the item name, and select SNMP v2 agent; the key here is just an identification, try not to repeat the existing built-in key and custom key; the most important thing is to fill in the SNMP listening IP address and port of the corresponding host, as well as the OID or MIB and community name of the data to be collected; the community name can be written as a macro, and the default is {$SNMP_COMMUNITY}, whose value is public; calling the corresponding macro is also possible;

Let's check whether the item we defined has collected data?

The above is the configuration and demonstration of Zabbix using snmp channel to collect data; next, let's talk about Zabbix using jmx channel to monitor Java program

jmx is the abbreviation of Java Management Extensions, which can realize flexible development of seamlessly integrated system, network and service management applications across platforms. Use the jmx channel on zabbix to collect relevant indicator data of the corresponding java program. First of all, zabbix does not natively support jmx, it relies on the zabbix-java-gateway service; secondly, the jmx function must be turned on for the java program running on the monitored host; zabbix-java-gateway can be understood as the proxy service of zabbix jmx, which is responsible for delegating zabbix server to it to collect data using the jmx channel and sending the collected data to zabbix server; so if you want to use the jmx channel to collect data, first we have to install and start the zabbix java gateway service, then configure the zabbix server, tell the zabbix server the java gateway service address and port; finally, turn on jmx on the corresponding monitored end;

Install Zabbix Java Gateway

[root@node04 ~]# yum install -y zabbix-java-gateway

Tip: This service can be installed on the zabbix server, on a separate server, or on the monitored end; in short, the zabbix server can communicate with it normally;

Configure Zabbix Java Gateway

[root@node04 ~]# grep -Ei "^[az]" /etc/zabbix/zabbix_java_gateway.conf
LISTEN_IP="0.0.0.0"
LISTEN_PORT=10052
PID_FILE="/var/run/zabbix/zabbix_java.pid"
START_POLLERS=5
TIMEOUT=3
[root@node04 ~]#

Tip: The above is the default configuration of Java Gateway. You can keep the default configuration. If you feel that the poller of Java Gateway is missing, you can change it.

Start Zabbix Java Gateway

[root@node04 ~]# systemctl start zabbix-java-gateway.service
[root@node04 ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port  
LISTEN 0 128 *:6379 *:*   
LISTEN 0 128 *:80 *:*   
LISTEN 0 128 *:22 *:*   
LISTEN 0 100 127.0.0.1:25 *:*   
LISTEN 0 128 *:10050 *:*   
LISTEN 0 128 :::80 :::*   
LISTEN 0 128 :::22 :::*   
LISTEN 0 100 ::1:25 :::*   
LISTEN 0 50 :::10052 :::*   
[root@node04 ~]#

Tip: By default, Java Gateway listens on port 10052. Please make sure that the port is listening after startup.

Configure Zabbix server

Tip: Find the configuration of Java gateway in the zabbix server configuration file, configure the IP address, port, number of pollers started and timeout of Java gateway;

Restart zabbix server

[root@node03 ~]# systemctl restart zabbix-server.service
[root@node03 ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port  
LISTEN 0 128 *:22 *:*   
LISTEN 0 100 127.0.0.1:25 *:*   
LISTEN 0 128 *:10050 *:*   
LISTEN 0 128 *:10051 *:*   
LISTEN 0 128 :::22 :::*   
LISTEN 0 100 ::1:25 :::*   
LISTEN 0 128 :::10051 :::*   
[root@node03 ~]#

Tip: Please make sure that the zabbix server can be started normally and the corresponding port can be in the listening state normally;

Install tomcat service on node05

[root@node05 ~]# yum install -y tomcat-admin-webapps tomcat-webapps tomcat-docs-webapp tomcat

Enable jmx function of tomcat

Complete configuration file content

[root@node05 ~]# grep -Ei "^[az]" /etc/tomcat/tomcat.conf
TOMCAT_CFG_LOADED="1"
TOMCATS_BASE="/var/lib/tomcats/"
JAVA_HOME="/usr/lib/jvm/jre"
CATALINA_HOME="/usr/share/tomcat"
CATALINA_TMPDIR="/var/cache/tomcat/temp"
CATALINA_OPTS="-Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=12345 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Djava.rmi.server.hostname=192.168.0.45"
JAVA_OPTS="-Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory"
SECURITY_MANAGER="false"
[root@node05 ~]

Start tomcat

[root@node05 ~]# systemctl start tomcat
[root@node05 ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port  
LISTEN 0 128 *:80 *:*   
LISTEN 0 128 *:22 *:*   
LISTEN 0 100 127.0.0.1:25 *:*   
LISTEN 0 128 *:10050 *:*   
LISTEN 0 128 127.0.0.1:199 *:*   
LISTEN 0 100 :::8080 :::*   
LISTEN 0 128 :::80 :::*   
LISTEN 0 128 :::22 :::*   
LISTEN 0 50 :::12345 :::*   
LISTEN 0 100 ::1:25 :::*   
LISTEN 0 128 :::10050 :::*   
LISTEN 0 1 ::ffff:127.0.0.1:8005 :::*   
LISTEN 0 50 :::44229 :::*   
LISTEN 0 50 :::35589 :::*   
LISTEN 0 100 :::8009 :::*   
[root@node05 ~]#

Tip: Please make sure that the corresponding ports are in the listening state. The port we just specified for jmx is 12345, and the default port used in zabbix is ​​also 12345, so the two ports can be consistent;

Add node05 on zabbix web and specify the use of jmx interface to collect data

Link Template

Check whether the jmx channel on node05 turns green?

Check whether the monitoring item data on the corresponding template is collected?

Tip: You can see that the template we linked has collected data for many monitoring items, which means there is no problem in configuring jmx to collect data. It should be noted that not all monitoring items can collect data even if we link the template.

This is the end of this article about the distributed monitoring system Zabbix using SNMP and JMX channels to collect data. For more related Zabbix distributed monitoring system content, please search 123WORDPRESS.COM's previous articles or continue to browse the following related articles. I hope everyone will support 123WORDPRESS.COM in the future!