Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    zabbix active checks not working

    Scheduled Pinned Locked Moved
    General pfSense Questions
    2
    4
    924
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      michmoor LAYER 8 Rebel Alliance
      last edited by

      Hi,
      For a while, i have been using Zabbix passive checks (server-to-client polling) but i need to enable Zabbix active checks now for log monitoring within the Zabbix console.
      I have set up Active checks all around my servers so i know how to get it working (not much to it really).
      I am noticing that Active Checks doesn't work on 23.05.01. I do not see any state on port 10051 opened which is what you need for this type of monitoring.

      Has anyone set this up successfully?

      Firewall: NetGate,Palo Alto-VM,Juniper SRX
      Routing: Juniper, Arista, Cisco
      Switching: Juniper, Arista, Cisco
      Wireless: Unifi, Aruba IAP
      JNCIP,CCNP Enterprise

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Which Zabbix agent are you using? How is it configured?

        M 1 Reply Last reply Reply Quote 0
        • M
          michmoor LAYER 8 Rebel Alliance @stephenw10
          last edited by

          @stephenw10
          Hey Stephen. Im using version 6.
          I found out what was going on when i found the zabbix.log file. That problem is solved.

          I noticed that the zabbix agent is unable to read a Suricata file due to the following message

           26371:20231019:201303.138 active check "log[/var/log/suricata/suricata_ix332521/alerts.log,"ET"]" is not supported: Cannot obtain information for file "/var/log/suricata/suricata_ix332521/alerts.log": [13] Permission denied

          The first step i took was to add the Zabbix user to the wheel group. That doesn't seem to work

          grep '^wheel' /etc/group
wheel:*:0:root,zabbix

          The second thing i did was changed the perms of the alert.log file and still im getting a permission denied error

          -rwxrwxr--  1 root  wheel    15K Oct 19 20:15 alerts.log

          Dont worry i will undo these changes :)
          Is there anything about pfsense that will deny any users to perform root functions? I noticed theres no visudo command as well which is what i use on my Linux servers to allow the zabbix agent to read files.

          Firewall: NetGate,Palo Alto-VM,Juniper SRX
          Routing: Juniper, Arista, Cisco
          Switching: Juniper, Arista, Cisco
          Wireless: Unifi, Aruba IAP
          JNCIP,CCNP Enterprise

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            You'd have to use the sudo package to add commands to the Zabbix user to allow that if you need it. I don't think I've ever had to do that.

            1 Reply Last reply Reply Quote 1
            • First post
              Last post