Get pending windows updates status on ZABBIX using custom LLD (Low Level Discovery) and PowerShell

Just recently I got some time, and was rethinking the solution of reading windows updates.

At the beginning I thought I will use PowerShell to get update list and later use dependent items to parse the script output, but this wouldn’t be so nice, as I would need to manually work on parsing the file on the zabbix side, create items etc. + so far zabbix does not offer (I work on 3.4, at the time being 4.0 available) LLD on dependent items.

Well, why not use current LLD to read them?

You can do it – I will show you how.

Continue reading “Get pending windows updates status on ZABBIX using custom LLD (Low Level Discovery) and PowerShell” →

Advertisements

Low Level Discovery (LLD) for PostgreSQL on ZABBIX using ODBC.

How about ZABBIX PostgreSQL monitoring with LLD without custom addons installed on the server or milions of very heavy userparameter? 🙂

I’ve been searching for some way to monitor PostgreSQL database, all the solution I’ve found were based either on some custom addon:

https://share.zabbix.com/databases/db_postgresql/postgresql-monitoring-for-zabbix

http://cavaliercoder.com/libzbxpgsql/

Or had tooooonnns of userparameters that were just killing the server:

https://share.zabbix.com/databases/db_postgresql/template-postgresql

Well I though there is a better way, and you know what? I think there is.

Continue reading “Low Level Discovery (LLD) for PostgreSQL on ZABBIX using ODBC.” →

Multiple node graphs on ZABBIX dashboards using Grafana.

Just recently ZABBIX 4.0 came out, so I thought we will finally get ability to display values from multiole hosts on one graph – unfortunately not. BUT! There s a way to have it directly in ZABBIX dashboards – using Grafana.

Continue reading “Multiple node graphs on ZABBIX dashboards using Grafana.” →

“Encrypting” the password field in web scenario authentication in ZABBIX.

We are just moving some of our monitoring to ZABBIX (old love never dies), and I was wondering if it is possible to somehow hide passwords – for me it was a huge security breach as I would like to grant access for someone to configuration – but I do not want that person to see the passwords for the accounts I have configured.

So I started to search the Internet and found that thread:

https://www.zabbix.com/forum/zabbix-help/48246-encrypt-the-password-in-web-monitoring

Continue reading ““Encrypting” the password field in web scenario authentication in ZABBIX.” →

ZABBIX – listing permissions

Today one of our security officer asked me to retrieve a list of users and permissions from our zabbix systems.

The problem occured while I was trying to associate users’ groups to hosts’ groups. There is in fact one subsite “permissions” under “Administration” -> “Users” after clicking on particular group link. But you cannot copy any information from there. Additionally if you have many groups that would be tidious task.

Instead of that I decided to retrieve the permissions from the database: here is the working sql command:

SELECT r.permission as "Permissions", g.name as "User Group", z.name as "Host Group" FROM zabbix.rights as r
join zabbix.usrgrp as g
on r.groupid = g.usrgrpid
join zabbix.groups as z
on z.groupid = r.id

2 in the “permission” column means “read” access, 3 means “read/write” permissions.

IBM Tivoli Storage Manager (TSM) – monitoring DB backup state with ZABBIX.

Hi Guys,

If you would like to monitor your TSM server with ZABBIX for ex., here are some useful selects to TSM database. Below are user parameters that has to be put in zabbix_agentd.conf:

UserParameter=Scratch,%systemroot%\system32\WindowsPowerShell\v1.0\powershell.exe /nologo “C:\zabbix\TsmInformation.ps1 1”
UserParameter=Buffhit,%systemroot%\system32\WindowsPowerShell\v1.0\powershell.exe /nologo “C:\zabbix\TsmInformation.ps1 2”
UserParameter=FreeSpaceDb,%systemroot%\system32\WindowsPowerShell\v1.0\powershell.exe /nologo “C:\zabbix\TsmInformation.ps1 3”
UserParameter=FreeSpaceLog,%systemroot%\system32\WindowsPowerShell\v1.0\powershell.exe /nologo “C:\zabbix\TsmInformation.ps1 4”
UserParameter=SchedulesMissed,%systemroot%\system32\WindowsPowerShell\v1.0\powershell.exe /nologo “C:\zabbix\TsmInformation.ps1 5”
UserParameter=SchedulesFailed,%systemroot%\system32\WindowsPowerShell\v1.0\powershell.exe /nologo “C:\zabbix\TsmInformation.ps1 6”
UserParameter=PathsOffline,%systemroot%\system32\WindowsPowerShell\v1.0\powershell.exe /nologo “C:\zabbix\TsmInformation.ps1 7”
UserParameter=HighSGTUtilization,%systemroot%\system32\WindowsPowerShell\v1.0\powershell.exe /nologo “C:\zabbix\TsmInformation.ps1 8”
UserParameter=RwErrors,%systemroot%\system32\WindowsPowerShell\v1.0\powershell.exe /nologo “C:\zabbix\TsmInformation.ps1 9”
UserParameter=UnVolumes,%systemroot%\system32\WindowsPowerShell\v1.0\powershell.exe /nologo “C:\zabbix\TsmInformation.ps1 10”
UserParameter=UnHosts,%systemroot%\system32\WindowsPowerShell\v1.0\powershell.exe /nologo “C:\zabbix\TsmInformation.ps1 11”
UserParameter=Scratch_BCKP,%systemroot%\system32\WindowsPowerShell\v1.0\powershell.exe /nologo “C:\zabbix\TsmInformation.ps1 12”
UserParameter=Scratch_OFF,%systemroot%\system32\WindowsPowerShell\v1.0\powershell.exe /nologo “C:\zabbix\TsmInformation.ps1 13”
UserParameter=TsmBackupStatus,%systemroot%\system32\WindowsPowerShell\v1.0\powershell.exe /nologo “C:\zabbix\TsmInformation.ps1 14”

And here is a powershell script that retrieves those pieces of information:

param($select)

switch ($select)
{
1 {$select = "select count(*) as Scratch from libvolumes where status='Scratch'"}
2 {$select = "select buff_hit_ratio from db"}
3 {$select = "select cast((free_space_mb/1024) as decimal(8,2)) from db"}
4 {$select = "select free_space_mb/1024 from log"}
5 {$select = "select count(*) from events where status='Missed'"}
6 {$select = "select count(*) from events where status='Failed'"}
7 {$select = "select count(*) from paths where NOT online='YES'"}
8 {$select = "select count(*) from stgpools where pct_utilized>95"}
9 {$select = "select count(*) from volumes where read_errors>0 or write_errors>0"}
10 {$select = "select count(*) from volumes where access='UNAVAILABLE'"}
11 {$select = "select count(*) from nodes where node_name NOT IN (select node_name from associations)"}
12 {$select = "select count(*) as Scratch from libvolumes where status='Scratch' and library_name='TS3310_BCKP'"}
13 {$select = "select count(*) as Scratch from libvolumes where status='Scratch' and library_name='TS3310_OFF'"}
14 {$select = "select last_backup_date from DB"}
default {"BRAK PARAMETRÓW"}
}

$a = (& C:\Progra~1\Tivoli\TSM\baclient\dsmadmc.exe -optfile=C:\Progra~1\Tivoli\TSM\baclient\dsm.opt -id=Admin -pa=<PUT_HERE_YOUR_TSM_PASSWORD> -display=list -dataonly=yes "$select")
$b = $a | Select-Object -first 1
$c = $b.split(":")
$d = $c[1].Substring(1)
#$d = $d.replace(".",",")
if ( $d -match " ") {
$e = $d.split(" ")
$f = $e[0].Substring(0)
$d = Get-Date
$data = (get-date).ToString("yyyy-MM-dd")
$data2 = (get-date).AddDays(-1).ToString("yyyy-MM-dd")
if (($f -eq $data) -or (($f -eq $data2) -and ($d.Hour -lt "10")) ){
"BACKUP UP TO DATE"
} else { $f }
} else { $d }

Powershell / ZABBIX – Gathering information about processes, that has the same name, by PID.

The first post will be about my last issue. My colleague from work wanted me to monitor memory utilization by each oracle processes – and connect them to the appropriate service. ZABBIX let us to monitor procesess, but the problem is, as far as I know, we can monitor them by name, not by the PID, and everything will be all right if those processes haven’t got the same name “oracle.exe”…

So from that point I knew I should use the “UserParamater” to get them. Additional issue, and very obvious, is that those PIDs are changing with every OS reboot. The solution is a script in powershell that you can run after each reboot, for ex. in “task scheduler”. It will create/update *.vbs scripts that are responsible for gathering the data about the memory utilization, of course zabbix_agentd.conf has to contain lines like:

UserParameter=GetMemoryVCS02DB,%systemroot%\system32\cscript.exe /nologo c:\zabbix\OracleServiceVCS02DB.vbs

to refer to those scripts. Script is very simple and looks like this:

$services = (gwmi WIn32_Service | where {$_.name -match "OracleService"})

foreach ($service in $services) {
$f = $service.name + ".vbs"
$p = $service.ProcessID
If ($f) {Clear-Content $f}
out-file -filepath $f -append -inputobject 'Set objWMI = GetObject("winmgmts:\\.\root\cimv2")'
out-file -filepath $f -append -inputobject "Set colObjects = objWMI.ExecQuery(`"SELECT * FROM Win32_Process WHERE ProcessID =`'$p`'`")"
out-file -filepath $f -append -inputobject 'For Each Item in colObjects'
out-file -filepath $f -append -inputobject 'wScript.Echo Item.WorkingSetSize'
out-file -filepath $f -append -inputobject 'Next'

}