Zabbix

Describes how to setup an integration to ingest Zabbix monitoring events.

Leave Feedback

Introduction

Zabbix is an open source monitoring solution for network servers, devices, services and other IT resources. The OpsRamp integration allows OpsRamp to accept alerts from Zabbix.

Zabbix Version verified integration: Zabbix 4.4.3

OpsRamp configuration

Configuration involves the following:

  1. Installing the integration.
  2. Configuring the integration.

Step 1: Install the integration

To install:

  1. From All Clients, select a client.
  2. Go to Setup > Integrations > Integrations.
  3. From Available Integrations, select Monitoring > Zabbix.
  4. Click Install.

Step 2: Configure the integration

To configure the integration:

  1. From the API tab, provide the following:
    • Authentication: Copy Tenant Id, Token and Webhook URL for configuration. These settings are used for creating a HTTP Request template.
    • Map Attributes: Provide the mapping information for the third-party.
  2. From the Monitoring of Integration tab, click Assign Templates.
  3. From the Audit Logs, set up audit log criteria and time frame.

Configuring the map attributes

To configure the mapping attributes:

  1. Select the required OpsRamp property from the drop-down.
  2. Click Add Mapping Attributes to map attributes for the specific OpsRamp alert property.
  3. Click + to define the mappings.
  4. From Create Alert Mappings on Status, define the mappings, parsing conditions, and default values, and Save.

The following tables shows attribute mappings.

Mapping Attributes
Third-Party EntityOpsRamp EntityThird-Party PropertyOpsRamp PropertyThird-Party Property ValueOpsRamp Property Value
ProblemAlertStatealert.currentStateInformationInfo
WarningWarning
HighCritical
OKOK
ProblemAlertMetricalert.serviceName
ProblemAlertDescriptionalert.description
ProblemAlertIPalert.deviceName
ProblemAlertEventIDalert.extAlertId
ProblemAlertSubjectalert.subject

 

Zabbix configuration

Configuration involves:

  1. Configuring media types.
  2. Configuring actions.

Step 1: Configure media types

To configure Media Types in Zabbix:

  1. Log into Zabbix Admin UI.
  2. Go to Administration, Media Type and click Create Media Type. Media Type screen appears.
  3. Enter the following required details and click Add.
    • Name: Any name for media type (For example, OpsRamp Alert Webhook)
    • Type: Webhook
    • Parameters: Provide the parameters:
  4. Click Add. The Media Type is added.

Parameter descriptions

The following table provides parameter descriptions for configuring media types.

Parameter Descriptions
NameValue
Subject{ALERT:SUBJECT}
Message{ALERT:MESSAGE}
OpsRampURLwebhook URL copied from OpsRamp (For example: `https://{yourdomain}:/integrations/alertsWebhook/client_1/alerts?vtoken={token}`

Script

The following is a script for posting alert data to OpsRamp:

try {
Zabbix.Log(4, 'opsramp webhook script value=' + value);var result = {
'tags': {
'endpoint': 'opsramp'
}
},
params = JSON.parse(value),
req = new CurlHttpRequest(),
alertPayload = {},
resp;postAlertToOpsRamp();/**
* Function to post alert data to OpsRamp
*/
function postAlertToOpsRamp() {
req.AddHeader('Content-Type: application/json');
req.AddHeader('Accept: application/json');
var res = req.Post(params.OpsRampURL,prepareOpsRampAlertPayload());
res = JSON.parse(res);
}/**
* Function to prepare required OpsRamp alert payload to send
*/
function prepareOpsRampAlertPayload() {
alertPayload.Subject = params.Subject;
var msg = params.Message;
var msgLines = msg.split('\r\n');
for (var i = 0; i < msgLines.length; i++) {
var field = msgLines[i].split(':');
alertPayload[field[0]] = field[1];
}alertPayload.State = alertPayload['Status'];
if(alertPayload['Status'] == 'PROBLEM') {
if(alertPayload['Trigger_Severity'] == 'Information' || alertPayload['Trigger_Severity'] == 'Not classified') {
alertPayload.State='Information';
} else if(alertPayload['Trigger_Severity'] == 'Average' || alertPayload['Trigger_Severity'] == 'Warning') {
alertPayload.State='Warning';
} else if(alertPayload['Trigger_Severity'] == 'High' || alertPayload['Trigger_Severity'] == 'Disaster') {
alertPayload.State='High';
}
} else if (alertPayload['Status'] == 'OK') {
alertPayload.State = 'OK';
}return JSON.stringify(alertPayload);
}return "OK";
} catch (error) {
Zabbix.Log(4, 'OPSRAMP issue creation failed json : ' + JSON.stringify({"fields": fields}));
Zabbix.Log(4, 'OPSRAMP issue creation failed : ' + error);
result = {};
}

return JSON.stringify(result);

Step 3: Configure actions

To configure actions:

  1. Go to Configuration > Actions and click Create action.
    Zabbix Integration

    Zabbix Integration

  2. For the Action tab, provide the following:
    • Name: Enter any name (For example, OpsRamp Alert Webhook Action)
    • Conditions: Leave default
    • New Condition: Leave default
    • Enabled: Select the check box
  3. For the Operations tab, provide the following:
    • Default operation setup duration: Leave default value (For example, 1h)
    • Default subject: Problem: {EVENT.NAME}
    • Default message: Description:{TRIGGER.NAME} Status:{TRIGGER.STATUS} Host_Name:{HOSTNAME} IP:{IPADDRESS} EventID:{EVENT.ID} Trigger_Severity:{TRIGGER.SEVERITY} Event_Severity:{EVENT.SEVERITY} Metric:{ITEM.KEY} Date:{EVENT.DATE} Time:{EVENT.TIME} Item_Name:{ITEM.NAME}
    • Pause operations for suppressed problems:** Leave default value
    • Operations: Click New and enter the following:
      • Steps: Leave default value
      • Step duration: Leave default value
      • Operation Type: Select Send message
      • Send to User groups: Select user group to notify.
      • Send to Users: Select user to notify.
      • Send only to: Select the media type created (For this example, OpsRamp Alert WebhooK)
      • Default message: Leave default
      • Conditions: Leave default
      • Click Add to save.
  4. For the Recovery operations tab, provide the following:
    • Default subject: Resolved: {EVENT.NAME}
    • Default message: ResolvedTime: {EVENT.RECOVERY.TIME} Description:{EVENT.NAME} Status:{TRIGGER.STATUS} Host_Name:{HOSTNAME} IP:{IPADDRESS} EventID:{EVENT.ID} Trigger_Severity:{TRIGGER.SEVERITY} Event_Severity:{EVENT.SEVERITY} Acknowledged: {EVENT.ACK.STATUS} Metric:{ITEM.KEY} Date:{EVENT.DATE} Time:{EVENT.TIME} Item_Name:{ITEM.NAME}
    • Operations: Click New and enter the following:
      • Operation type: Select Notify all involved
      • Default message:Select the check box
      • Click Add to save.
  5. For the Update operations tab, provide the following:
    • Default subject: Updated problem:: {EVENT.NAME}
    • Default message: Problem updated at:{EVENT.UPDATE.ACTION} Problem name:{EVENT.UPDATE.DATE} {EVENT.UPDATE.TIME}.{EVENT.UPDATE.MESSAGE} Host_Name:{HOSTNAME} IP:{IPADDRESS} Description:{EVENT.NAME} Trigger_Severity:{TRIGGER.SEVERITY} Event_Severity:{EVENT.SEVERITY} Metric:{ITEM.KEY} EventID:{EVENT.ID} Current_Status{EVENT.STATUS} Acknowledged: {EVENT.ACK.STATUS} Item_Name:{ITEM.NAME}
    • Operations: Click New and enter the following details:
      • Operation Type: Select Send message
      • Default media type: Select the media type created (For this example, OpsRamp Alert WebhooK)
      • Default message: Select check box.
  6. Click Add. Actions details are added.

Sample Payload

{
"Subject": "Problem: vsftpd service is down on zabbix-agent",
"Description": "vsftpd service is down on zabbix-agent ",
"Status": "PROBLEM",
"Host_Name": "zabbix",
"IP": "159.65.159.89",
"EventID": "3387",
"Trigger_Severity": "Disaster",
"Event_Severity": "Disaster",
"Metric": "proc.num\[vsftpd\]",
"Date": "2020.01.17",
"Time": "10",
"Name": "vsftpd",
"State": "High"
}

 

What to do next

  • View alerts in OpsRamp
    1. From Workspace drop-down options at OpsRamp Console, navigate to Alerts and on the Alerts page, search with the Source name as Zabbix. Related alerts are displayed.
    2. Click on Alert ID to view.
Zabbix Integration

Zabbix Integration