How does the Zabbix monitoring system work?
Any company that wants to succeed in today’s market needs a strong infrastructure, well-established network connections, and powerful servers to handle multiple users or transactions. But can you imagine the situation when one server, service, or application suddenly crashes due to overload? How would an outage like this impact your business, customers, services, etc.?
This kind of failure will increase your company’s costs and affect productivity and service quality, damaging your brand’s reputation in the market. That’s why checking the condition of your infrastructure and servers is a part of every administrator’s responsibilities.
We need to know the condition of all the devices we use in our daily work. This primarily includes the functioning of servers, applications, and specific services and the accuracy of the applications and production environments being developed.
So, when the question arises of how you can keep your servers problem-free and secure the operation of your business, the answer is server monitoring.
Table of Contents
What does server monitoring mean in practice?
- Server monitoring means constantly scanning available servers on the network and detecting any failures associated with them.
- Monitoring is a preventive measure that detects any failure before it causes serious problems in the network system.
- It covers a wide range of activities, including monitoring the performance of applications, web services, network devices, IT infrastructure, etc.
There are many monitoring tools on the market today, but Zabbix is the unofficial leader in its field. In this article, we’ll discuss how the tool operates and how we use it in our daily work.
Zabbix – What is it, and what is it used for?
Zabbix is a full-scale network and system monitoring tool that combines several functions into a single web-based console. It can be configured to monitor and collect data from a wide range of servers and network devices and provides service and performance monitoring for each site.
We often use Zabbix when we want to monitor the resources of our servers and don’t have time to go through the logs – like when we’re operating numerous servers and want to make sure that everything is working properly. In this situation, Zabbix will do the monitoring and inform us in case of a problem, allowing us to configure multiple communication paths. Zabbix informs us, for example, if a particular “end-point” is not working or running out of disk space, or if the CPU is overloaded. Zabbix automatically sends us all information that might affect the quality of the application’s performance.
The Zabbix monitoring system – what does the architecture look like?
Zabbix consists of several main software components. Their responsibilities are outlined below.
- Zabbix server
The Zabbix server is the central component to which agents report information and statistics on availability and integrity. The server is the central repository where all configuration, statistical and operational data is stored.
- Database storage
All configuration information and data collected by Zabbix is stored in a database.
- Web interface
A web interface is provided to allow easy access to Zabbix from any location or platform. The interface is part of the Zabbix server and generally runs on the same physical machine as the server.
- Zabbix proxy
The proxy acts as a proxy and can collect performance and availability data on behalf of the Zabbix server. This is an optional part of a Zabbix deployment, but it can be very beneficial to spread the load of a single Zabbix server.
- Zabbix agent
A Zabbix agent is a special program that enables communication with the master server. It actively monitors local resources and applications and reports the collected data to the Zabbix server.
Zabbix can monitor thousands of data from servers, virtual machines, applications, and network devices in real-time. This allows it to detect problems before they catch users’ attention.
What does the data flow look like?
- The Zabbix agent collects the data we are interested in, for example, current CPU usage, RAM, data flow over the network, database load, and efficiency of individual services (e.g., HTTP, SSH, FTP).
- It then sends the collected information to the main server, formulating it into clear and easy-to-read tables or charts.
- The data is kept in relational databases (MySQL, Oracle or PostgreSQL) and can be accessed via an intuitive web interface.
The Zabbix agent supports both passive (polling) and active (trapping) querying. Zabbix can perform checks on an interval basis, but it is also possible to schedule specific hours for item polling.
Passive (polling) checks:
- The Zabbix server (or proxy) requests a value from the Zabbix agent
- The agent processes the request and returns the value to the Zabbix server (or proxy)
Active controls (catching):
- The Zabbix agent requests a list of active checks from the Zabbix server (or proxy)
- The agent periodically sends the results
Since version 3.0, Zabbix supports encrypted communication between the server and agents, so we are guaranteed that all data is safe during the “journey.”
Command center preview
Are you familiar with the security guards in some stores who sit, bored, in front of a monitor with CCTV images? You can implement a similar solution to monitor your company’s hardware and software. It’s very easy to generate the appropriate charts or reports, and this way, you have constant control over the working status of all your servers and services and can see what’s going on in real-time.
Zabbix can support the monitoring of Windows text and event logs. It also has native support for Windows Management Instrumentation (WMI), increasing the ability to easily obtain and monitor real-time system information and performance metrics from Windows servers and workstations. These are just some of the services it can perform, thanks to being a flexible tool that adapts to applications.
Zabbix’s other functionalities include monitoring things like:
- Load on processors, network cards, and memory
- Amount of space on hard drives
- Network protocols
- Validity of SSL certificates on websites
- The temperature of components
- Correct execution of SQL queries.
Alert system
Zabbix will inform us of a failure in many ways. One of the most popular is sending the information by e-mail; you can also set up SMS sending. This very convenient and effective solution allows you to find out about the problem and respond to it quickly. In our development teams, notifications are set up so that both email and the Slack application channel inform us about unusual situations related to the server.
In addition, at Studio Software, we’ve programmed our system so that an alarm goes off in case of critical problems. That’s because we literally connected an Arduino microcontroller to the API (which Zabbix offers). The whole thing regularly queries Zabbix to see if our network is working correctly, and if something starts to go wrong with any of the servers, the Arduino sets off a siren, and we immediately know about the problem. Fortunately, this happens very rarely due to proper configuration, something which we’ll give more information about below 🙂
Zabbix configuration – or prioritization
Zabbix can be configured according to your own needs and preferences. Although every problem, even the smallest, is important in some way, they are subject to a specific hierarchy. Thanks to the triggers we have set in Zabbix, the tool will notify us of a problem in a manner appropriate to its importance.
An example: During configuration, we set Zabbix to view less than 20% of free disk space as a problem of average severity. If the disk space is less than 10%, then the problem is high severity. The system reacts accordingly based on the chosen triggers. If we have agreed that an average problem doesn’t require an immediate response, then we can set Zabbix to send us a warning email, which will reach us at a convenient time so that we aren’t unnecessarily bothered with it. It’s better to know about catastrophic news immediately, so for high-severity problems, we can have Zabbix choose SMS as a form of contact or, as we mentioned above, turn on the emergency siren.
In Zabbix, you determine the priority level for an alarm or group of alarms and set it to the corresponding notifications. If you want to receive notifications only about critical situations, this is how you set the priority. Engineers responsible for technical aspects of the project generally receive notifications of a lower category, so they can fix smaller issues quickly. On the other hand, significant failures are resolved by the DevOps department.
Summary
It can be said with confidence that Zabbix is one of the best security monitoring applications. It is an open-source tool for various IT components, including networks, servers, virtual machines, and cloud services. Furthermore, it takes reliable care of network infrastructure security. Monitoring with Zabbix as a solution protects savings and operational compliance. With faster debugging, you can prevent loss of revenue due to a severe error or performance issue affecting your commercial services.
Contact us if you would like the monitoring support you need for your servers, network, cloud infrastructure, logs, databases, or application performance! Our DevOps engineers will be happy to answer your questions and provide you with the information you need.