To configure a network discovery rule used by Zabbix to discover hosts and services:
Parameter | Description |
---|---|
Name | Unique name of the rule. For example, "Local network". |
Discovery by proxy | What performs discovery: no proxy - Zabbix server is doing discovery <proxy name> - this proxy performs discovery |
IP range | The range of IP addresses for discovery. It may have the following formats: Single IP: 192.168.1.33 Range of IP addresses: 192.168.1-10.1-255. The range is limited by the total number of covered addresses (less than 64K). IP mask: 192.168.4.0/24 supported IP masks: /16 - /30 for IPv4 addresses /112 - /128 for IPv6 addresses List: 192.168.1.1-255, 192.168.2.1-100, 192.168.2.200, 192.168.4.0/24 Since Zabbix 3.0.0 this field supports spaces, tabulation and multiple lines. |
Update interval | This parameter defines how often Zabbix will execute the rule. The interval is measured after the execution of previous discovery instance ends so there is no overlap. Time suffixes are supported, e.g. 30s, 1m, 2h, 1d, since Zabbix 3.4.0. User macros are supported, since Zabbix 3.4.0. Note that if a user macro is used and its value is changed (e.g. 1w → 1h), the next check will be executed according to the previous value (far in the future with the example values). |
Checks | Zabbix will use this list of checks for discovery. Supported checks: SSH, LDAP, SMTP, FTP, HTTP, HTTPS, POP, NNTP, IMAP, TCP, Telnet, Zabbix agent, SNMPv1 agent, SNMPv2 agent, SNMPv3 agent, ICMP ping. A protocol-based discovery uses the net.tcp.service[] functionality to test each host, except for SNMP which queries an SNMP OID. Zabbix agent is tested by querying an item in unencrypted mode. Please see agent items for more details. The 'Ports' parameter may be one of following: Single port: 22 Range of ports: 22-45 List: 22-45,55,60-70 |
Device uniqueness criteria | Uniqueness criteria may be: IP address - no processing of multiple single-IP devices. If a device with the same IP already exists it will be considered already discovered and a new host will not be added. Type of discovery check - either SNMP or Zabbix agent check. |
Enabled | With the check-box marked the rule is active and will be executed by Zabbix server. If unmarked, the rule is not active. It won't be executed. |
Since Zabbix 2.2.0 the hosts discovered by different proxies are always treated as different hosts. While this allows to perform discovery on matching IP ranges used by different subnets, changing proxy for an already monitored subnet is complicated because the proxy changes must be also applied to all discovered hosts. For example the steps to replace proxy in a discovery rule:
In this example we would like to set up network discovery for the local network having an IP range of 192.168.1.1-192.168.1.254.
In our scenario we want to:
Defining a network discovery rule for our IP range.
Zabbix will try to discover hosts in the IP range of 192.168.1.1-192.168.1.254 by connecting to Zabbix agents and getting the value from system.uname key. The value received from the agent can be used to apply different actions for different operating systems. For example, link Windows servers to Template OS Windows, Linux servers to Template OS Linux.
The rule will be executed every 10 minutes (600 seconds).
When this rule is added, Zabbix will automatically start the discovery and generating discovery-based events for further processing.
Defining an action for adding the discovered Linux servers to the respective group/template.
The action will be activated if:
The action will execute the following operations:
Defining an action for adding the discovered Windows servers to the respective group/template.
Defining an action for removing lost servers.
A server will be removed if "Zabbix agent" service is 'down' for more than 24 hours (86400 seconds).