Documentation

1 Manual structure
2 What is Zabbix
3 Zabbix features
4 Zabbix overview
5 What's new in Zabbix 5.0.0
6 What's new in Zabbix 5.0.1
7 What's new in Zabbix 5.0.2
8 What's new in Zabbix 5.0.3
9 What's new in Zabbix 5.0.4
10 What's new in Zabbix 5.0.5
11 What's new in Zabbix 5.0.6
12 What's new in Zabbix 5.0.7
13 What's new in Zabbix 5.0.8
14 What's new in Zabbix 5.0.9
15 What's new in Zabbix 5.0.10
15 What's new in Zabbix 5.0.11
16 What's new in Zabbix 5.0.12
17 What's new in Zabbix 5.0.13
18 What's new in Zabbix 5.0.14
19 What's new in Zabbix 5.0.15
20 What's new in Zabbix 5.0.16
21 What's new in Zabbix 5.0.17
22 What's new in Zabbix 5.0.18
23 What's new in Zabbix 5.0.19
24 What's new in Zabbix 5.0.20
25 What's new in Zabbix 5.0.21
26 What's new in Zabbix 5.0.22
27 What's new in Zabbix 5.0.23
28 What's new in Zabbix 5.0.24
29 What's new in Zabbix 5.0.25
30 What's new in Zabbix 5.0.26
31 What's new in Zabbix 5.0.27
32 What's new in Zabbix 5.0.28
33 What's new in Zabbix 5.0.29
34 What's new in Zabbix 5.0.30
35 What's new in Zabbix 5.0.31
36 What's new in Zabbix 5.0.32
37 What's new in Zabbix 5.0.33
38 What's new in Zabbix 5.0.34
39 What's new in Zabbix 5.0.35
40 What's new in Zabbix 5.0.36
41 What's new in Zabbix 5.0.37
42 What's new in Zabbix 5.0.38
43 What's new in Zabbix 5.0.39
44 What's new in Zabbix 5.0.40
45 What's new in Zabbix 5.0.41
46 What's new in Zabbix 5.0.42
47 What's new in Zabbix 5.0.43
48 What's new in Zabbix 5.0.44
49 What's new in Zabbix 5.0.45
2. Definitions
1 Server
2 Agent
3 Agent 2
4 Proxy
1 Setup from sources
2 Setup from RHEL/CentOS packages
3 Setup from Debian/Ubuntu packages
6 Sender
7 Get
8 JS
1 Getting Zabbix
Best practices for secure Zabbix setup
Building Zabbix agent 2 on Windows
Building Zabbix agent on macOS
Building Zabbix agent on Windows
1 Red Hat Enterprise Linux/CentOS
2 Debian/Ubuntu/Raspbian
3 SUSE Linux Enterprise Server
4 Windows agent installation from MSI
5 Mac OS agent installation from PKG
Installation with OpenShift
Updating to PHP 7.3 packages
2 Debian/Ubuntu frontend installation
1 Red Hat Enterprise Linux/CentOS
2 Debian/Ubuntu
Upgrade from sources
1 Compilation issues
9 Template changes
10 Upgrade notes for 5.0.0
11 Upgrade notes for 5.0.1
12 Upgrade notes for 5.0.2
13 Upgrade notes for 5.0.3
14 Upgrade notes for 5.0.4
15 Upgrade notes for 5.0.5
16 Upgrade notes for 5.0.6
17 Upgrade notes for 5.0.7
18 Upgrade notes for 5.0.8
19 Upgrade notes for 5.0.9
20 Upgrade notes for 5.0.10
21 Upgrade notes for 5.0.11
22 Upgrade notes for 5.0.12
23 Upgrade notes for 5.0.13
24 Upgrade notes for 5.0.14
25 Upgrade notes for 5.0.15
26 Upgrade notes for 5.0.16
27 Upgrade notes for 5.0.17
28 Upgrade notes for 5.0.18
29 Upgrade notes for 5.0.19
30 Upgrade notes for 5.0.20
31 Upgrade notes for 5.0.21
32 Upgrade notes for 5.0.22
33 Upgrade notes for 5.0.23
34 Upgrade notes for 5.0.24
35 Upgrade notes for 5.0.25
36 Upgrade notes for 5.0.26
37 Upgrade notes for 5.0.27
38 Upgrade notes for 5.0.28
39 Upgrade notes for 5.0.29
40 Upgrade notes for 5.0.30
41 Upgrade notes for 5.0.31
42 Upgrade notes for 5.0.32
43 Upgrade notes for 5.0.33
44 Upgrade notes for 5.0.34
45 Upgrade notes for 5.0.35
46 Upgrade notes for 5.0.36
47 Upgrade notes for 5.0.37
48 Upgrade notes for 5.0.38
49 Upgrade notes for 5.0.39
50 Upgrade notes for 5.0.40
51 Upgrade notes for 5.0.41
52 Upgrade notes for 5.0.42
53 Upgrade notes for 5.0.43
54 Upgrade notes for 5.0.44
1 Login and configuring user
2 New host
3 New item
4 New trigger
5 Receiving problem notification
6 New template
6. Zabbix appliance
1 Configuring a host
2 Inventory
3 Mass update
1 Item key format
2 Custom intervals
1 Usage examples
2 Preprocessing details
Escaping special characters from LLD macro values in JSONPath
Additional JavaScript objects
5 CSV to JSON preprocessing
Windows-specific item keys
Zabbix agent 2
1 Dynamic indexes
2 Special OIDs
3 MIB files
3 SNMP traps
4 IPMI checks
1 VMware monitoring item keys
6 Log file monitoring
7 Calculated items
8 Internal checks
9 SSH checks
10 Telnet checks
11 External checks
12 Aggregate checks
13 Trapper items
14 JMX monitoring
1 Recommended UnixODBC settings for MySQL
2 Recommended UnixODBC settings for PostgreSQL
3 Recommended UnixODBC settings for Oracle
4 Recommended UnixODBC settings for MSSQL
16 Dependent items
17 HTTP agent
18 Prometheus checks
4 History and trends
1 Extending Zabbix agents
6 Loadable modules
7 Windows performance counters
8 Mass update
9 Value mapping
10 Applications
11 Queue
12 Value cache
13 Execute now
14 Plugins
15 Restricting agent checks
1 Configuring a trigger
2 Trigger expression
3 Trigger dependencies
4 Trigger severity
5 Customizing trigger severities
6 Mass update
7 Predictive trigger functions
1 Trigger event generation
2 Other event sources
3 Manual closing of problems
Event tags
2 Global event correlation
1 Simple graphs
2 Custom graphs
3 Ad-hoc graphs
4 Aggregation in graphs
1 Configuring a network map
2 Host group elements
3 Link indicators
1 Screen elements
4 Slide shows
5 Host screens
6 Dashboard
1 Configuring a template
2 Linking/unlinking
3 Nesting
4 Mass update
HTTP template operation
IPMI template operation
JMX template operation
ODBC template operation
Standardized templates for network devices
Zabbix agent 2 template operation
Zabbix agent template operation
1 E-mail
2 SMS
3 Custom alertscripts
Webhook script examples
1 Conditions
1 Sending message
2 Remote commands
3 Additional operations
4 Using macros in messages
3 Recovery operations
4 Update operations
5 Escalations
3 Receiving notification on unsupported items
1 Macro functions
2 User macros
3 User macros with context
4 Low-level discovery macros
1 Configuring a user
2 Permissions
3 User groups
8. Service monitoring
1 Web monitoring items
2 Real-life scenario
1 Virtual machine discovery key fields
11. Maintenance
12. Regular expressions
13. Problem acknowledgment
1 Host groups
2 Templates
3 Hosts
4 Network maps
5 Screens
6 Media types
1 Configuring a network discovery rule
2 Active agent autoregistration
1 Discovery of mounted filesystems
2 Discovery of network interfaces
3 Discovery of CPUs and CPU cores
4 Discovery of SNMP OIDs
5 Discovery of JMX objects
6 Discovery of IPMI sensors
7 Discovery of systemd services
8 Discovery of Windows services
9 Discovery of Windows performance counter instances
10 Discovery using WMI queries
11 Discovery using ODBC SQL queries
12 Discovery using Prometheus data
13 Discovery of block devices
14 Discovery of host interfaces in Zabbix
Notes on low-level discovery
1 Proxies
1 Using certificates
2 Using pre-shared keys
1 Connection type or permission problems
2 Certificate problems
3 PSK problems
1 Menu
1 Dashboard widgets
2 Problems
1 Graphs
2 Web scenarios
4 Overview
5 Latest data
6 Screens
7 Maps
8 Discovery
9 Services
1 Overview
2 Hosts
1 System information
2 Availability report
3 Triggers top 100
4 Audit
5 Action log
6 Notifications
1 Host groups
2 Templates
1 Applications
2 Items
3 Triggers
4 Graphs
5 Discovery rules
6 Web scenarios
4 Maintenance
5 Actions
6 Event correlation
7 Discovery
8 Services
1 General
2 Proxies
3 Authentication
4 User groups
5 Users
6 Media types
7 Scripts
8 Queue
1 Global notifications
2 Sound in browsers
4 Global search
5 Frontend maintenance mode
6 Page parameters
7 Definitions
8 Creating your own theme
9 Debug mode
10 Cookies used by Zabbix
> Action object
action.create
action.delete
action.get
action.update
> Alert object
alert.get
apiinfo.version
> Application object
application.create
application.delete
application.get
application.massadd
application.update
> Audit log object
auditlog.get
> Autoregistration object
autoregistration.get
autoregistration.update
configuration.export
configuration.import
> Correlation object
correlation.create
correlation.delete
correlation.get
correlation.update
> Dashboard object
dashboard.create
dashboard.delete
dashboard.get
dashboard.update
> Discovered host object
dhost.get
> Discovered service object
dservice.get
> Discovery check object
dcheck.get
> Discovery rule object
drule.create
drule.delete
drule.get
drule.update
> Event object
event.acknowledge
event.get
> Graph object
graph.create
graph.delete
graph.get
graph.update
> Graph item object
graphitem.get
> Graph prototype object
graphprototype.create
graphprototype.delete
graphprototype.get
graphprototype.update
> History object
history.get
> Host object
host.create
host.delete
host.get
host.massadd
host.massremove
host.massupdate
host.update
> Host group object
hostgroup.create
hostgroup.delete
hostgroup.get
hostgroup.massadd
hostgroup.massremove
hostgroup.massupdate
hostgroup.update
> Host interface object
hostinterface.create
hostinterface.delete
hostinterface.get
hostinterface.massadd
hostinterface.massremove
hostinterface.replacehostinterfaces
hostinterface.update
> Host prototype object
hostprototype.create
hostprototype.delete
hostprototype.get
hostprototype.update
> Icon map object
iconmap.create
iconmap.delete
iconmap.get
iconmap.update
> Image object
image.create
image.delete
image.get
image.update
> Item object
item.create
item.delete
item.get
item.update
> Item prototype object
itemprototype.create
itemprototype.delete
itemprototype.get
itemprototype.update
> LLD rule object
discoveryrule.copy
discoveryrule.create
discoveryrule.delete
discoveryrule.get
discoveryrule.update
> Maintenance object
maintenance.create
maintenance.delete
maintenance.get
maintenance.update
> Map object
map.create
map.delete
map.get
map.update
> Media type object
mediatype.create
mediatype.delete
mediatype.get
mediatype.update
> Problem object
problem.get
> Proxy object
proxy.create
proxy.delete
proxy.get
proxy.update
> Screen object
screen.create
screen.delete
screen.get
screen.update
> Screen item object
screenitem.create
screenitem.delete
screenitem.get
screenitem.update
screenitem.updatebyposition
> Script object
script.create
script.delete
script.execute
script.get
script.getscriptsbyhosts
script.update
> Service object
service.adddependencies
service.addtimes
service.create
service.delete
service.deletedependencies
service.deletetimes
service.get
service.getsla
service.update
> Task object
task.create
task.get
> Template object
template.create
template.delete
template.get
template.massadd
template.massremove
template.massupdate
template.update
> Template screen object
templatescreen.copy
templatescreen.create
templatescreen.delete
templatescreen.get
templatescreen.update
> Template screen item object
templatescreenitem.get
> Trend object
trend.get
> Trigger object
trigger.adddependencies
trigger.create
trigger.delete
trigger.deletedependencies
trigger.get
trigger.update
> Trigger prototype object
triggerprototype.create
triggerprototype.delete
triggerprototype.get
triggerprototype.update
> User object
user.checkAuthentication
user.create
user.delete
user.get
user.login
user.logout
user.update
> User group object
usergroup.create
usergroup.delete
usergroup.get
usergroup.update
> User macro object
usermacro.create
usermacro.createglobal
usermacro.delete
usermacro.deleteglobal
usermacro.get
usermacro.update
usermacro.updateglobal
> Value map object
valuemap.create
valuemap.delete
valuemap.get
valuemap.update
> Web scenario object
httptest.create
httptest.delete
httptest.get
httptest.update
Appendix 1. Reference commentary
Appendix 2. Changes from 4.4 to 5.0
Zabbix API changes in 5.0
20. Modules
1 Frequently asked questions / Troubleshooting
1 Database creation
2 Repairing Zabbix database character set and collation
1 MySQL encryption configuration
2 PostgreSQL encryption configuration
4 TimescaleDB setup
5 Elasticsearch setup
6 Real-time export of events, item values, trends
7 Distribution-specific notes on setting up Nginx for Zabbix
8 Running agent as root
9 Zabbix agent on Microsoft Windows
10 SAML setup with Okta
11 Additional frontend languages
1 Zabbix server
2 Zabbix proxy
3 Zabbix agent (UNIX)
4 Zabbix agent 2 (UNIX)
5 Zabbix agent (Windows)
6 Zabbix agent 2 (Windows)
7 Zabbix Java gateway
8 Inclusion
1 Server-proxy data exchange protocol
2 Zabbix agent protocol
3 Zabbix agent 2 protocol
4 Zabbix agent 2 plugin protocol
5 Zabbix sender protocol
6 Header
7 Real-time export protocol
1 Items supported by platform
2 vm.memory.size parameters
3 Passive and active agent checks
4 Trapper items
5 Minimum permission level for Windows agent items
6 Encoding of returned values
7 Large file support
8 Sensor
9 Notes on memtype parameter in proc.mem items
10 Notes on selecting processes in proc.mem and proc.num items
11 Implementation details of net.tcp.service and net.udp.service checks
12 Unreachable/unavailable host settings
13 Remote monitoring of Zabbix stats
14 Configuring Kerberos with Zabbix
1 Supported trigger functions
1 Supported macros
2 User macros supported by location
8 Unit symbols
9 Time period syntax
10 Command execution
11 Version compatibility
12 Database error handling
13 Zabbix sender dynamic link library for Windows
14 Python library for Zabbix API
15 Issues with SELinux
16 Other issues
17 Agent vs agent 2 comparison
zabbix_agent2
zabbix_agentd
zabbix_get
zabbix_js
zabbix_proxy
zabbix_sender
zabbix_server

3 Zabbix agent (UNIX)

Overview

This section lists parameters supported in a Zabbix agent configuration file (zabbix_agentd.conf). Note that:

  • The default values reflect daemon defaults, not the values in the shipped configuration files;
  • Zabbix supports configuration files only in UTF-8 encoding without BOM;
  • Comments starting with "#" are only supported in the beginning of the line.

Parameters

Parameter Mandatory Range Default Description
Alias no Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one.
Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed.
Different Alias keys may reference the same item key.
Aliases can be used in HostMetadataItem but not in HostnameItem parameters.

Examples:

1. Retrieving the ID of user 'zabbix'.
Alias=zabbix.userid:vfs.file.regexp[/etc/passwd,"^zabbix:.:([0-9]+)",,,,\1]
Now shorthand key zabbix.userid may be used to retrieve data.

2. Getting CPU utilization with default and custom parameters.
Alias=cpu.util:system.cpu.util
Alias=cpu.util[*]:system.cpu.util[*]
This allows use cpu.util key to get CPU utilization percentage with default parameters as well as use cpu.util[all, idle, avg15] to get specific data about CPU utilization.

3. Running multiple low-level discovery rules processing the same discovery items.
Alias=vfs.fs.discovery[*]:vfs.fs.discovery
Now it is possible to set up several discovery rules using vfs.fs.discovery with different parameters for each rule, e.g., vfs.fs.discovery[foo], vfs.fs.discovery[bar], etc.
AllowKey no Allow execution of those item keys that match a pattern. Key pattern is a wildcard expression that supports "*" character to match any number of any characters.
Multiple key matching rules may be defined in combination with DenyKey. The parameters are processed one by one according to their appearance order.
This parameter is supported since Zabbix 5.0.0.
See also: Restricting agent checks.
AllowRoot no 0 Allow the agent to run as 'root'. If disabled and the agent is started by 'root', the agent will try to switch to user 'zabbix' instead. Has no effect if started under a regular user.
0 - do not allow
1 - allow
BufferSend no 1-3600 5 Do not keep data longer than N seconds in buffer.
BufferSize no 2-65535 100 Maximum number of values in a memory buffer. The agent will send
all collected data to Zabbix server or proxy if the buffer is full.
DebugLevel no 0-5 3 Specifies debug level:
0 - basic information about starting and stopping of Zabbix processes
1 - critical information
2 - error information
3 - warnings
4 - for debugging (produces lots of information)
5 - extended debugging (produces even more information)
DenyKey no Deny execution of those item keys that match a pattern. Key pattern is a wildcard expression that supports "*" character to match any number of any characters.
Multiple key matching rules may be defined in combination with AllowKey. The parameters are processed one by one according to their appearance order.
This parameter is supported since Zabbix 5.0.0.
See also: Restricting agent checks.
EnableRemoteCommands no 0 Whether remote commands from Zabbix server are allowed. Since Zabbix 5.0.2, this parameter is deprecated, use AllowKey=system.run[*] or DenyKey=system.run[*] instead
It is internal alias for AllowKey/DenyKey parameters depending on value: 0 - DenyKey=system.run[*]
1 - AllowKey=system.run[*]
HostInterface no 0-255 characters Optional parameter that defines host interface.
Host interface is used at host autoregistration process.
An agent will issue an error and not start if the value is over the limit of 255 characters.
If not defined, value will be acquired from HostInterfaceItem.
Supported since Zabbix 4.4.0.
HostInterfaceItem no Optional parameter that defines an item used for getting host interface.
Host interface is used at host autoregistration process.
During an autoregistration request an agent will log a warning message if the value returned by specified item is over limit of 255 characters.
The system.run[] item is supported regardless of AllowKey/DenyKey values.
This option is only used when HostInterface is not defined.
Supported since Zabbix 4.4.0.
HostMetadata no 0-255 characters Optional parameter that defines host metadata. Host metadata is used only at host autoregistration process (active agent).
If not defined, the value will be acquired from HostMetadataItem.
An agent will issue an error and not start if the specified value is over the limit or a non-UTF-8 string.
This option is supported in version 2.2.0 and higher.
HostMetadataItem no Optional parameter that defines a Zabbix agent item used for getting host metadata. This option is only used when HostMetadata is not defined.
Supports UserParameters and aliases. Supports system.run[] regardless of AllowKey/DenyKey values.
HostMetadataItem value is retrieved on each autoregistration attempt and is used only at host autoregistration process (active agent).
During an autoregistration request an agent will log a warning message if the value returned by the specified item is over the limit of 255 characters.
The value returned by the item must be a UTF-8 string otherwise it will be ignored.
This option is supported in version 2.2.0 and higher.
Hostname no Set by HostnameItem Unique, case sensitive hostname.
Required for active checks and must match hostname as configured on the server.
Allowed characters: alphanumeric, '.', ' ', '_' and '-'.
Maximum length: 128
HostnameItem no system.hostname Optional parameter that defines a Zabbix agent item used for getting host name. This option is only used when Hostname is not defined.
Does not support UserParameters or aliases, but does support system.run[] regardless of AllowKey/DenyKey values.
This option is supported in version 1.8.6 and higher.
Include no You may include individual files or all files in a directory in the configuration file.
To only include relevant files in the specified directory, the asterisk wildcard character is supported for pattern matching. For example: /absolute/path/to/config/files/*.conf. Pattern matching is supported since Zabbix 2.4.0.
See special notes about limitations.
ListenBacklog no 0 - INT_MAX SOMAXCONN The maximum number of pending connections in the TCP queue.
Default value is a hard-coded constant, which depends on the system.
Maximum supported value depends on the system, too high values may be silently truncated to the 'implementation-specified maximum'.
ListenIP no 0.0.0.0 List of comma delimited IP addresses that the agent should listen on.
Multiple IP addresses are supported in version 1.8.3 and higher.
ListenPort no 1024-32767 10050 Agent will listen on this port for connections from the server.
LoadModule no Module to load at agent startup. Modules are used to extend functionality of the agent.
Formats:
LoadModule=<module.so>
LoadModule=<path/module.so>
LoadModule=</abs_path/module.so>
Either the module must be located in directory specified by LoadModulePath or the path must precede the module name. If the preceding path is absolute (starts with '/') then LoadModulePath is ignored.
It is allowed to include multiple LoadModule parameters.
LoadModulePath no Full path to location of agent modules.
Default depends on compilation options.
LogFile yes, if LogType is set to file, otherwise
no		 Name of log file.
LogFileSize no 0-1024 1 Maximum size of log file in MB.
0 - disable automatic log rotation.
Note: If the log file size limit is reached and file rotation fails, for whatever reason, the existing log file is truncated and started anew.
LogType no file Log output type:
file - write log to file specified by LogFile parameter,
system - write log to syslog,
console - write log to standard output.
This parameter is supported since Zabbix 3.0.0.
LogRemoteCommands no 0 Enable logging of executed shell commands as warnings.
0 - disabled
1 - enabled
Commands will be logged only if executed remotely. Log entries will not be created if system.run[] is launched locally by HostMetadataItem, HostInterfaceItem or HostnameItem parameters.
MaxLinesPerSecond no 1-1000 20 Maximum number of new lines the agent will send per second to Zabbix server or proxy when processing 'log' and 'eventlog' active checks.
The provided value will be overridden by the parameter 'maxlines',
provided in 'log' or 'eventlog' item key.
Note: Zabbix will process 10 times more new lines than set in MaxLinesPerSecond to seek the required string in log items.
PidFile no /tmp/zabbix_agentd.pid Name of PID file.
RefreshActiveChecks no 60-3600 120 How often list of active checks is refreshed, in seconds.
Note that after failing to refresh active checks the next refresh will be attempted after 60 seconds.
Server yes, if StartAgents is not explicitly set to 0 List of comma delimited IP addresses, optionally in CIDR notation, or DNS names of Zabbix servers and Zabbix proxies.
Incoming connections will be accepted only from the hosts listed here.
If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally and '::/0' will allow any IPv4 or IPv6 address.
'0.0.0.0/0' can be used to allow any IPv4 address.
Note that "IPv4-compatible IPv6 addresses" (0000::/96 prefix) are supported but deprecated by RFC4291.
Example: Server=127.0.0.1,192.168.1.0/24,::1,2001:db8::/32,zabbix.example.com
Spaces are allowed.
ServerActive no Zabbix server/proxy address to get active checks from.
Server/proxy address is IP address or DNS name and optional port separated by colon.
Multiple Zabbix servers and Zabbix proxies can be specified, separated by comma.
More than one Zabbix proxy should not be specified from each Zabbix server.
If Zabbix proxy is specified then Zabbix server for that proxy should not be specified.
Multiple comma-delimited addresses can be provided to use several independent Zabbix servers in parallel. Spaces are allowed.
If port is not specified, default port is used.
IPv6 addresses must be enclosed in square brackets if port for that host is specified.
If port is not specified, square brackets for IPv6 addresses are optional.
If this parameter is not specified, active checks are disabled.
Example: ServerActive=127.0.0.1:20051,zabbix.example.com,[::1]:30051,::1,[12fc::1].
SourceIP no Source IP address for:
- outgoing connections to Zabbix server or Zabbix proxy;
- making connections while executing some items (web.page.get, net.tcp.port, etc.)
StartAgents no 0-100 3 Number of pre-forked instances of zabbix_agentd that process passive checks.
If set to 0, disables passive checks and the agent will not listen on any TCP port.
The upper limit used to be 16 before version 1.8.5.
Timeout no 1-30 3 Spend no more than Timeout seconds on processing.
TLSAccept yes, if TLS certificate or PSK parameters are defined (even for unencrypted connection), otherwise no What incoming connections to accept. Used for a passive checks. Multiple values can be specified, separated by comma:
unencrypted - accept connections without encryption (default)
psk - accept connections with TLS and a pre-shared key (PSK)
cert - accept connections with TLS and a certificate
This parameter is supported since Zabbix 3.0.0.
TLSCAFile no Full pathname of a file containing the top-level CA(s) certificates for peer certificate verification, used for encrypted communications between Zabbix components.
This parameter is supported since Zabbix 3.0.0.
TLSCertFile no Full pathname of a file containing the agent certificate or certificate chain, used for encrypted communications with Zabbix components.
This parameter is supported since Zabbix 3.0.0.
TLSCipherAll no GnuTLS priority string or OpenSSL (TLS 1.2) cipher string. Override the default ciphersuite selection criteria for certificate- and PSK-based encryption.
Example: TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
This parameter is supported since Zabbix 4.4.7.
TLSCipherAll13 no Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3. Override the default ciphersuite selection criteria for certificate- and PSK-based encryption.
Example for GnuTLS: NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL::+SIGN-ALL:+CTYPE-X.509
Example for OpenSSL: EECDH+aRSA+AES128:RSA+aRSA+AES128:kECDHEPSK+AES128:kPSK+AES128
This parameter is supported since Zabbix 4.4.7.
TLSCipherCert no GnuTLS priority string or OpenSSL (TLS 1.2) cipher string. Override the default ciphersuite selection criteria for certificate-based encryption.
Example for GnuTLS: NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509
Example for OpenSSL: EECDH+aRSA+AES128:RSA+aRSA+AES128
This parameter is supported since Zabbix 4.4.7.
TLSCipherCert13 no Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3. Override the default ciphersuite selection criteria for certificate-based encryption.
This parameter is supported since Zabbix 4.4.7.
TLSCipherPSK no GnuTLS priority string or OpenSSL (TLS 1.2) cipher string. Override the default ciphersuite selection criteria for PSK-based encryption.
Example for GnuTLS: NONE:+VERS-TLS1.2:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL
Example for OpenSSL: kECDHEPSK+AES128:kPSK+AES128
This parameter is supported since Zabbix 4.4.7.
TLSCipherPSK13 no Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3. Override the default ciphersuite selection criteria for PSK-based encryption.
Example: TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
This parameter is supported since Zabbix 4.4.7.
TLSConnect yes, if TLS certificate or PSK parameters are defined (even for unencrypted connection), otherwise no How the agent should connect to Zabbix server or proxy. Used for active checks. Only one value can be specified:
unencrypted - connect without encryption (default)
psk - connect using TLS and a pre-shared key (PSK)
cert - connect using TLS and a certificate
This parameter is supported since Zabbix 3.0.0.
TLSCRLFile no Full pathname of a file containing revoked certificates. This parameter is used for encrypted communications with Zabbix components.
This parameter is supported since Zabbix 3.0.0.
TLSKeyFile no Full pathname of a file containing the agent private key used for encrypted communications with Zabbix components.
This parameter is supported since Zabbix 3.0.0.
TLSPSKFile no Full pathname of a file containing the agent pre-shared key used for encrypted communications with Zabbix components.
This parameter is supported since Zabbix 3.0.0.
TLSPSKIdentity no Pre-shared key identity string, used for encrypted communications with Zabbix server.
This parameter is supported since Zabbix 3.0.0.
TLSServerCertIssuer no Allowed server (proxy) certificate issuer.
This parameter is supported since Zabbix 3.0.0.
TLSServerCertSubject no Allowed server (proxy) certificate subject.
This parameter is supported since Zabbix 3.0.0.
UnsafeUserParameters no 0,1 0 Allow all characters to be passed in arguments to user-defined parameters.
0 - do not allow
1 - allow
The following characters are not allowed:
\ ' " ` * ? [ ] { } ~ $ ! & ; ( ) < > | # @
Additionally, newline characters are not allowed.
Supported since Zabbix 1.8.2.
User no zabbix Drop privileges to a specific, existing user on the system.
Only has effect if run as 'root' and AllowRoot is disabled.
This parameter is supported since Zabbix 2.4.0.
UserParameter no User-defined parameter to monitor. There can be several user-defined parameters.
Format: UserParameter=<key>,<shell command>
Note that shell command must not return empty string or EOL only.
Example: UserParameter=system.test,who|wc -l

See also

  1. Differences in the Zabbix agent configuration for active and passive checks starting from version 2.0.0
© 2001-2024 by Zabbix SIA. All rights reserved.
Except where otherwise noted, Zabbix Documentation is licensed under the following license
Trademark Policy