Documentation

This is the documentation page for an unsupported version of Zabbix.
Is this not what you were looking for? Switch to the current version or choose one from the drop-down menu.
1 Manual structure
2 What is Zabbix
3 Zabbix features
4 Zabbix overview
5 What's new in Zabbix 2.2.0
6 What's new in Zabbix 2.2.1
7 What's new in Zabbix 2.2.2
8 What's new in Zabbix 2.2.3
9 What's new in Zabbix 2.2.4
10 What's new in Zabbix 2.2.5
11 What's new in Zabbix 2.2.6
12 What's new in Zabbix 2.2.7
13 What's new in Zabbix 2.2.8
14 What's new in Zabbix 2.2.9
15 What's new in Zabbix 2.2.10
16 What's new in Zabbix 2.2.11
17 What's new in Zabbix 2.2.12
18 What's new in Zabbix 2.2.13
19 What's new in Zabbix 2.2.15
20 What's new in Zabbix 2.2.16
21 What's new in Zabbix 2.2.17
22 What's new in Zabbix 2.2.18
23 What's new in Zabbix 2.2.19
24 What's new in Zabbix 2.2.20
25 What's new in Zabbix 2.2.21
26 What's new in Zabbix 2.2.22
27 What's new in Zabbix 2.2.23
28 What's new in Zabbix 2.2.24
1 Zabbix definitions
2 Server
3 Agent
4 Proxy
5 Java gateway
6 Sender
7 Get
1 Getting Zabbix
Best practices for secure Zabbix setup
3 Installation from packages
4 Installation from sources
5 Upgrade procedure
6 Known issues
7 Template changes
8 Upgrade notes for 2.2.0
9 Upgrade notes for 2.2.1
10 Upgrade notes for 2.2.2
11 Upgrade notes for 2.2.3
12 Upgrade notes for 2.2.4
13 Upgrade notes for 2.2.5
14 Upgrade notes for 2.2.6
15 Upgrade notes for 2.2.7
16 Upgrade notes for 2.2.8
17 Upgrade notes for 2.2.9
18 Upgrade notes for 2.2.10
19 Upgrade notes for 2.2.11
20 Upgrade notes for 2.2.12
21 Upgrade notes for 2.2.13
22 Upgrade notes for 2.2.14
23 Upgrade notes for 2.2.15
24 Upgrade notes for 2.2.16
25 Upgrade notes for 2.2.17
26 Upgrade notes for 2.2.18
27 Upgrade notes for 2.2.19
28 Upgrade notes for 2.2.20
29 Upgrade notes for 2.2.21
30 Upgrade notes for 2.2.22
31 Upgrade notes for 2.2.23
1 Login and configuring user
2 New host
3 New item
4 New trigger
5 Receiving problem notification
6 New template
5. Zabbix appliance
1 Configuring a host
2 Inventory
3 Mass update
1 Item key format
Windows-specific item keys
1 Dynamic indexes
2 Special OIDs
3 SNMP traps
4 IPMI checks
1 VMware monitoring item keys
6 Log file monitoring
7 Calculated items
8 Internal checks
9 SSH checks
10 Telnet checks
11 External checks
12 Aggregate checks
13 Trapper items
14 JMX monitoring
15 ODBC monitoring
3 History and trends
1 Extending Zabbix agents
5 Loadable modules
6 Windows performance counters
7 Mass update
8 Value mapping
9 Applications
10 Queue
11 Value cache
1 Configuring a trigger
2 Trigger expression
3 Trigger dependencies
4 Trigger severity
5 Customising trigger severities
6 Unit symbols
7 Mass update
1 Event sources
1 Simple graphs
2 Custom graphs
1 Configuring a network map
2 Host group elements
3 Link indicators
3 Screens
4 Slide shows
1 Configuring a template
2 Linking/unlinking
3 Nesting
1 E-mail
2 SMS
3 Jabber
4 Ez Texting
5 Custom alertscripts
1 Sending message
2 Remote commands
3 Additional operations
4 Using macros in messages
2 Conditions
3 Escalations
3 Receiving notification on unsupported items
1 User macros
1 Configuring a user
2 Permissions
3 User groups
7. IT services
1 Web monitoring items
2 Real life scenario
Virtual machine discovery key fields
10. Maintenance
11. Regular expressions
12. Event acknowledgement
Groups
Hosts
Configuring a network discovery rule
2 Active agent auto-registration
3 Low-level discovery
1 Proxies
2 Nodes
1 Dashboard
2 Overview
3 Web
4 Latest data
5 Triggers
6 Events
7 Graphs
8 Screens
9 Maps
10 Discovery
11 IT services
1 Overview
2 Hosts
1 Status of Zabbix
2 Availability report
3 Triggers top 100
4 Bar reports
1 Host groups
2 Templates
1 Applications
2 Items
3 Triggers
4 Graphs
5 Discovery rules
6 Web scenarios
4 Maintenance
5 Actions
6 Screens
7 Slide shows
8 Maps
9 Discovery
10 IT services
1 General
2 DM
3 Authentication
4 Users
5 Media types
6 Scripts
7 Audit
8 Queue
9 Notifications
10 Installation
1 Global notifications
2 Sound in browsers
3 Global search
4 Frontend maintenance mode
5 Page parameters
6 Definitions
7 Creating your own theme
8 Debug mode
> Action object
action.create
action.delete
action.exists
action.get
action.update
> Alert object
alert.get
apiinfo.version
> Application object
application.create
application.delete
application.exists
application.get
application.massadd
application.update
configuration.export
configuration.import
> Discovered host object
dhost.exists
dhost.get
> Discovered service object
dservice.exists
dservice.get
> Discovery check object
dcheck.get
> Discovery rule object
drule.create
drule.delete
drule.exists
drule.get
drule.isreadable
drule.iswritable
drule.update
> Event object
event.acknowledge
event.get
> Graph object
graph.create
graph.delete
graph.exists
graph.get
graph.getobjects
graph.update
> Graph item object
graphitem.get
> Graph prototype object
graphprototype.create
graphprototype.delete
graphprototype.exists
graphprototype.get
graphprototype.getobjects
graphprototype.update
> History object
history.get
> Host object
host.create
host.delete
host.exists
host.get
host.getobjects
host.isreadable
host.iswritable
host.massadd
host.massremove
host.massupdate
host.update
> Host group object
hostgroup.create
hostgroup.delete
hostgroup.exists
hostgroup.get
hostgroup.getobjects
hostgroup.isreadable
hostgroup.iswritable
hostgroup.massadd
hostgroup.massremove
hostgroup.massupdate
hostgroup.update
> Host interface object
hostinterface.create
hostinterface.delete
hostinterface.exists
hostinterface.get
hostinterface.massadd
hostinterface.massremove
hostinterface.replacehostinterfaces
hostinterface.update
> Host prototype object
hostprototype.create
hostprototype.delete
hostprototype.get
hostprototype.isreadable
hostprototype.iswritable
hostprototype.update
> Icon map object
iconmap.create
iconmap.delete
iconmap.get
iconmap.isreadable
iconmap.iswritable
iconmap.update
> Image object
image.create
image.delete
image.exists
image.get
image.getobjects
image.update
> Item object
item.create
item.delete
item.exists
item.get
item.getobjects
item.isreadable
item.iswritable
item.update
> Item prototype object
itemprototype.create
itemprototype.delete
itemprototype.exists
itemprototype.get
itemprototype.isreadable
itemprototype.iswritable
itemprototype.update
> IT Service object
service.adddependencies
service.addtimes
service.create
service.delete
service.deletedependencies
service.deletetimes
service.get
service.getsla
service.isreadable
service.iswritable
service.update
> LLD rule object
discoveryrule.copy
discoveryrule.create
discoveryrule.delete
discoveryrule.exists
discoveryrule.get
discoveryrule.isreadable
discoveryrule.iswritable
discoveryrule.update
> Maintenance object
maintenance.create
maintenance.delete
maintenance.exists
maintenance.get
maintenance.update
> Map object
map.create
map.delete
map.exists
map.get
map.getobjects
map.isreadable
map.iswritable
map.update
> Media object
usermedia.get
> Media type object
mediatype.create
mediatype.delete
mediatype.get
mediatype.update
> Proxy object
proxy.create
proxy.delete
proxy.get
proxy.isreadable
proxy.iswritable
proxy.update
> Screen object
screen.create
screen.delete
screen.exists
screen.get
screen.update
> Screen item object
screenitem.create
screenitem.delete
screenitem.get
screenitem.isreadable
screenitem.iswritable
screenitem.update
screenitem.updatebyposition
> Script object
script.create
script.delete
script.execute
script.get
script.getscriptsbyhosts
script.update
> Template object
template.create
template.delete
template.exists
template.get
template.getobjects
template.isreadable
template.iswritable
template.massadd
template.massremove
template.massupdate
template.update
> Template screen object
templatescreen.copy
templatescreen.create
templatescreen.delete
templatescreen.exists
templatescreen.get
templatescreen.isreadable
templatescreen.iswritable
templatescreen.update
> Template screen item object
templatescreenitem.get
> Trigger object
trigger.adddependencies
trigger.create
trigger.delete
trigger.deletedependencies
trigger.exists
trigger.get
trigger.getobjects
trigger.isreadable
trigger.iswritable
trigger.update
> Trigger prototype object
triggerprototype.create
triggerprototype.delete
triggerprototype.get
triggerprototype.update
> User object
user.addmedia
user.authenticate
user.checkAuthentication
user.create
user.delete
user.deletemedia
user.get
user.isreadable
user.iswritable
user.login
user.logout
user.update
user.updatemedia
user.updateprofile
> User group object
usergroup.create
usergroup.delete
usergroup.exists
usergroup.get
usergroup.getobjects
usergroup.isreadable
usergroup.iswritable
usergroup.massadd
usergroup.massupdate
usergroup.update
> User macro object
usermacro.create
usermacro.createglobal
usermacro.delete
usermacro.deleteglobal
usermacro.get
usermacro.update
usermacro.updateglobal
> Web scenario object
httptest.create
httptest.delete
httptest.get
httptest.isreadable
httptest.iswritable
httptest.update
webcheck.create
webcheck.delete
webcheck.get
webcheck.isreadable
webcheck.iswritable
webcheck.update
Appendix 1. Reference commentary
Appendix 2. Changes from 2.0 to 2.2
Zabbix API changes in 2.2
1 Frequently asked questions / Troubleshooting
1 Database creation scripts
2 Zabbix agent on Microsoft Windows
3 Troubleshooting installation issues
1 Zabbix server
2 Zabbix proxy
3 Zabbix agent (UNIX)
4 Zabbix agent (Windows)
5 Zabbix Java gateway
6 Archive: Zabbix agent (UNIX, Inetd version)
7 Special notes on "Include" parameter
1 Zabbix sender protocol
2 Zabbix agent protocol
3 Header and data length
1 Items supported by platform
2 vm.memory.size parameters
3 Passive and active agent checks
4 Trapper items
5 Encoding of returned values
6 Large file support
7 Sensor
8 Implementation details of net.tcp.service checks
9 Unreachable/unavailable host settings
1 Supported trigger functions
1 Macros supported by location
8 Setting time periods
9 Command execution
10 Recipes for monitoring
11 Performance tuning
12 Version compatibility
13 Database error handling
14 Zabbix sender dynamic link library for Windows
15 Other issues
zabbix_agentd
zabbix_get
zabbix_proxy
zabbix_sender
zabbix_server

3 User groups

Overview

User groups allow to group users both for organizational purposes and for assigning permissions to data. Permissions to monitoring data of host groups are assigned to user groups, not individual users.

It may often make sense to separate what information is available for one group of users and what - for another. This can be accomplished by grouping users and then assigning varied permissions to host groups.

A user can belong to any amount of groups.

Configuration

To configure a user group:

  • Go to Administration → Users
  • Select User groups from the dropdown to the right
  • Click on Create group (or on the group name to edit an existing group)
  • Edit group attributes in the form

The User group tab contains general group attributes:

Parameter Description
Group name Unique group name.
Users The In group block contains a listing of the members of this group.
To add users to the group select them in the Other groups block and click on <<.
Frontend access How the users of the group are authenticated.
System default - use default authentication
Internal - use Zabbix authentication. Ignored if HTTP authentication is set
Disabled - access to Zabbix GUI is forbidden
Users status Status of group members:
Enabled - users are active
Disabled - users are disabled
Debug mode Mark this checkbox to activate debug mode for the users.

The Permissions tab allows you to specify user group access to host group (and thereby host) data:

Composing permissions Click on Add beneath the respective list to specify the host groups that the user group will have access to on the level of:
Read-write - read-write access to a host group
Read – read-only access to a host group
Deny – access to a host group denied
Calculated permissions Depending on the permissions set above, Calculated permissions will display all host groups and all hosts that the user group has access to on the level of:
Read-write - host groups with read-write access
Read - host groups with read-only access
Deny - host groups with access denied

Host access from several user groups

A user may belong to any number of user groups. These groups may have different access permissions to hosts.

Therefore, it is important to know what hosts an unprivileged user will be able to access as a result. For example, let us consider how access to host X (in Hostgroup 1) will be affected in various situations for a user who is in user groups A and B.

  • If Group A has only Read access to Hostgroup 1, but Group B Read-write access to Hostgroup 1, the user will get Read-write access to 'X'.

“Read-write” permissions have precedence over “Read” permissions starting with Zabbix 2.2.

  • In the same scenario as above, if 'X' is simultaneously also in Hostgroup 2 that is denied to Group A or B, access to 'X' will be unavailable, despite a Read-write access to Hostgroup 1.
  • If Group A has no permissions defined and Group B has a Read-write access to Hostgroup 1, the user will get Read-write access to 'X'.
  • If Group A has Deny access to Hostgroup 1 and Group B has a Read-write access to Hostgroup 1, the user will get access to 'X' denied.

Other details

  • An Admin level user with Read-write access to a host will not be able to link/unlink templates, if he has no access to the Templates group. With Read access to Templates group he will be able to link/unlink templates to the host, however, will not see any templates in the template list and will not be able to operate with templates in other places.
  • An Admin level user with Read access to a host will not see the host in the configuration section host list; however, the host triggers will be accessible in IT service configuration.
  • Any non-Zabbix Super Admin user (including 'guest') can see network maps as long as the map is empty or has only images. When hosts, host groups or triggers are added to the map, permissions are respected. The same applies to screens and slideshows as well. The users, regardless of permissions, will see any objects that are not directly or indirectly linked to hosts.
  • Zabbix server will not send notifications to users defined as action operation recipients if access to the concerned host is explicitly "denied" or if there are no rights defined to the host.
© 2001-2024 by Zabbix SIA. All rights reserved.
Except where otherwise noted, Zabbix Documentation is licensed under the following license
Trademark Policy