Tuesday, February 13, 2018

how to install and configure zabbix agent on linux ?

Zabbix Agent is required to install on all remote systems needs to monitor through Zabbix server. The Zabbix Agent collects resource utilization and applications data on the client system and provides such information to Zabbix server on their requests.
There are two types of checks can be configured between Zabbix Server and Client.
  • Passive check Zabbix Agent only sent data to server on their request.
  • Active check – Zabbix Agent sends data periodically to Server.
After installing zabbix server on your server, this article will help you to install zabbix agent on Ubuntu 16.04 LTS, 14.04 LTS, and Debian 9/8 systems. After completing this below steps go to next article add host in zabbix server.
Step 1 – Enable Apt Repository
Zabbix apt repositories are available on Zabbix official website. Add the repository to install required packages for Zabbix agent using the following command. For the older version of Ubuntu 12.04 LTS can download and install Zabbix agent version 2.2.
On Ubuntu systems & Debian
In RHEL system
wget
Step 2 – Install Zabbix Agent
As you have successfully added Zabbix apt repositories in your system let’s use the following command to install Zabbix agent using the following command
On Ubuntu & Debian based systems
sudo apt-get update
sudo apt-get install zabbix-agent
In RHEL Based Systems.
rpm -Uvh  zabbix-agent-3.4.0-1.el7.x86_64.rpm
Step 3 – Edit Zabbix Agent Configuration
After installing completed of Zabbix aget. Edit zabbix agent configuration file /etc/zabbix/zabbix_agentd.conf and update Zabbix server ip
#Server=[zabbix server ip]
#Hostname=[Hostname of client system ]

Server=
192.168.101.25
ServerActive=192.168.101.25
Hostname=linuxforfreshers.com
Where
Server=IP of Zabbix Server
ServerActive=IP of Zabbix Server
Hostname=use the hostname of the node where the agent runs
Step 4 – Adding port 10050 to firewall
If your system is behind a firewall then you need to open 10050/tcp port on the system in order to reach through Zabbix server.
For Debian based systems, including Ubuntu, you can use ufw tool to open the port and on RHEL 7 you can use Firewalld utility to manage the firewall rules as the below examples:
On Debian based systems
sudo ufw allow 10050/tcp
On RHEL/CENTOS 7 systems
sudo firewall-cmd --add-port=10050/tcp --permanent
For older distributions such as centOS/Rhel 6 or unmanaged firewalls through specific utilities use the powerful iptables command to open ports:
iptables -A INPUT -p tcp -m tcp --dport 10050 -j ACCEPT
Step 5 – Restarting Zabbix Agent
After adding Zabbix server IP in the configuration file, now restart agent service using below command.
sudo service zabbix-agent restart
Troubleshooting
Finally, in order to test if you can reach Zabbix Agent from Zabbix Server, use Telnet command from Zabbix server machine to the IP addresses of the machines that run the agents, as illustrated below (don’t worry about the thrown error from agents):
telnet zabbix_agent_IP 10050
[ram@zabbixserver]$ telnet 192.168.101.26 10050
Trying 192.168.101.26...
Connected to 192.168.101.26 (192.168.101.26).
Escape character is '^]'.
ZBXD)ZBX_NOTSUPPORTEDInvalid item key format.Connection closed by foreign host







Saturday, February 10, 2018

How to test if your zabbix server receive data from zabbix client or not?



you have installed zabbix agent on your server. Process zabbix client is up and running but does zabbix server start to receive data from it?

Simplest way to this is to connect to your zabbix server and initiate zabbix_get command! With this command can get to see data from zabbix client.

 zabbix_get - Zabbix get utility.

Syntax:

ram@zabbixserver:~$  zabbix_get -s IP_ZABBIX_CLIENT -k ZABBIX_ITEM


Where  -s, --host <host name or IP>
              Specify host name or IP address of a host.

             -k, --key <item key>
              Specify key of item to retrieve value for.

Test the connection between zabbix_server to client.

ram@zabbixserver:~$ zabbix_get -s 192.168.101.26 -k agent.ping
1

If u get output 1 means connection is ok and data is received from 192.168.101.26

ram@zabbixserver:~$ zabbix_get -s 192.168.101.26 -k agent.ping

zabbix_get [31561]: Get value error: cannot connect to [[192.168.101.26 ]:10050]: [111] Connection refused

server 192.168.101.26 but zabbix agent is not installed, not running or firewall is blocking or network problem !!

How to check agent version from zabbix server ?

Using zabbix_get command u can easily get agent version.


ram@zabbixserver:~$zabbix_get -s 192.168.101.26 -k agent.version
3.0.6

Get any information from client host without login to host server using zabbix_get command for example load average.

ram@zabbixserver:~$zabbix_get -s 192.168.101.26 -k "system.cpu.load[all,avg5]"
0.410000


Thursday, January 11, 2018

how long server has been up in linux using uptime command ?

Linux Server Uptime Command To Find Out How Long The System Has Been Running


Both Linux and Unix-like systems comes with various command to find out server uptime command. Under Linux file /proc/uptime has uptime information and file /var/run/utmp has information about who is currently logged on. However, information from /proc or utmp file is not directly readable by humans so you need to use the uptime command.
uptime - Tell how long the system has been running.

UNIX / Linux uptime command

Open a command-line terminal and then type the following commands:
#uptime
Sample outputs:
uptime
 12:04:44 up 8 days, 19:42,  3 users,  load average: 1.56, 2.56, 1.96
Note: The uptime command gives a one line display of the following information.
1). The current time
2). How long the system has been running
3). How many users are currently logged on
4). The system load averages for the past 1, 5, and 15 minutes

See uptime in pretty format pass the -p option to the uptime command

#uptime -p
Sample outputs:
uptime -p
up 1 week, 1 day, 19 hours, 47 minutes

See uptime in system up since, in yyyy-mm-dd MM:HH:SS format pass the -s option to the uptime command

#uptime -s
uptime -s
2017-12-27 16:22:09

How to Disable Ctrl-Alt-Delete in Ubuntu ?

Having a physical access to the keyboard can simply use the Ctrl+Alt+Delete key combination to reboot the server without having to logged on, But we can prevent the use of this key combination on a production server for an accidental reboots.
To disable the reboot action taken by pressing the Ctrl+Alt+Delete key combination,
Comment out the following line in the file /etc/init/control-alt-delete.conf
$ sudo vi /etc/init/control-alt-delete.conf
Or
$sudo gedit /etc/init/control-alt-delete.conf
Find line that read as follows:
exec shutdown -r now “Control-Alt-Delete pressed”
delete configuration line or comment out line by prefixing # symbol
#exec shutdown -r now "Control-Alt-Delete pressed"
Save and close the file.
But In 16.04
In the systemd world, Ctrl+Alt+Delete is handled by ctrl-alt-del.target
ctrl-alt-del.target systemd starts this target whenever Control+Alt+Del is pressed on the console. Usually, this should be aliased (symlinked) to reboot.target.

Disable Ctrl+Alt+Delete using following command

$systemctl mask ctrl-alt-del.target
$systemctl daemon-reload

Thursday, January 4, 2018

How to Find All Failed SSH login Attempts in Linux ?

Each attempt to login to SSH server is tracked and recorded into a log file by the rsyslog daemon in Linux. The most basic mechanism to list all failed SSH logins attempts in Linux is a combination of displaying and filtering the log files.
The most simple command to list all failed SSH logins is the one shown below.
#grep "Failed password" /var/log/auth.log
Sample output.
grep "Failed password" /var/log/auth.log
Sep 26 09:49:11 linuxforfreshers.com sshd[32138]: Failed password for ravi from 192.168.101.26 port 33325 ssh2
Oct  2 23:04:25 linuxforfreshers.com sshd[25028]: Failed password for root from 192.168.101.211 port 55800 ssh2
In order to display extra information about the failed SSH logins, issue the command as shown in the below example.
#egrep "Failed|Failure" /var/log/auth.log
In CentOS or RHEL, the failed SSH sessions are recorded in /var/log/secure file. Issue the above command against this log file to identify failed SSH logins.
#egrep "Failed|Failure" /var/log/secure
Sample output
Dec 29 16:11:01 localhost sshd[32526]: Failed password for root from 192.168.101.111 port 31729 ssh2
Dec 29 16:11:04 localhost sshd[32526]: Failed password for root from 58.218.198.264 port 31729 ssh2