See also: Compilation issues.
zabbix_proxy on MySQL versions 8.0.0-8.0.17 fails with the following "access denied" error:
[Z3001] connection to database 'zabbix' failed: [1227] Access denied; you need (at least one of) the SUPER, SYSTEM_VARIABLES_ADMIN or SESSION_VARIABLES_ADMIN privilege(s) for this operation
That is due to MySQL 8.0.0 starting to enforce special permissions for setting session variables. However, in 8.0.18 this behavior was removed: As of MySQL 8.0.18, setting the session value of this system variable is no longer a restricted operation.
The workaround is based on granting additional privileges to the zabbix
user:
For MySQL versions 8.0.14 - 8.0.17:
For MySQL versions 8.0.0 - 8.0.13:
It has been observed that it is impossible to install a specific frontend version by running, e.g.:
As a workaround to this issue, if you wish to install a specific frontend version, specify version for all components, e.g.:
yum install zabbix-web-mysql-scl-5.0.0 zabbix-apache-conf-scl-5.0.0 zabbix-web-5.0.0 zabbix-web-deps-scl-5.0.0
When installing Zabbix from Red Hat Enterprise Linux packages on Red Hat Universal Base Image environments, ensure access to required repositories and dependencies. Zabbix packages depend on libOpenIPMI.so
and libOpenIPMIposix.so
libraries, which are not provided by any package in the default package manager repositories enabled on UBI systems and will result in installation failures.
The libOpenIPMI.so
and libOpenIPMIposix.so
libraries are available in the OpenIPMI-libs
package, which is provided by the redhat-#-for-<arch>-appstream-rpms
repository. Access to this repository is curated by subscriptions, which, in the case of UBI environments, get propagated by mounting repository configuration and secrets directories of the RHEL host into the container file-system namespace.
For more information, see ZBX-24291.
When upgrading Zabbix on Red Hat Enterprise Linux/CentOS, you may encounter an expired signing key issue for packages on Zabbix repository. When a signing key expires, attempts to verify package signatures will result in an error indicating that the certificate or key is no longer valid. For example:
error: Verifying a signature using certificate D9AA84C2B617479C6E4FCF4D19F2475308EFA7DD (Zabbix LLC (Jul 2022) <[email protected]>):
1. Certificiate 19F2475308EFA7DD invalid: certificate is not alive
because: The primary key is not live
because: Expired on 2024-07-04T11:41:23Z
2. Key 19F2475308EFA7DD invalid: key is not alive
because: The primary key is not live
because: Expired on 2024-07-04T11:41:23Z
To resolve such issues, manually reinstall the latest zabbix-release
package for your specific variant of RHEL/CentOS (replace the link below with the correct one from Zabbix repository).
For example, on RHEL/CentOS 8, run:
Then, update the repository information:
For more information, see ZBX-24761.
Database connection encryption is not supported on RHEL/CentOS 7, because these systems ship with packages that are too old:
PostgreSQL versions 9.6-12 use too much memory when updating tables with a large number of partitions (see problem report). This issue manifests itself when Zabbix updates trends on systems with TimescaleDB if trends are split into relatively small (e.g. 1 day) chunks. This leads to hundreds of chunks present in the trends tables with default housekeeping settings - the condition where PostgreSQL is likely to run out of memory.
The issue has been resolved since Zabbix 5.0.1 for new installations with TimescaleDB, but if TimescaleDB was set up with Zabbix before that, please see ZBX-16347 for the migration notes.
This issue manifests when TimescaleDB 2.5.0 is used. It has been resolved since TimescaleDB 2.5.1.
For more information, please see TimescaleDB Issue #3773.
Upgrading Zabbix may fail if database tables were created with older DB versions (MySQL versions prior to 5.7 or MariaDB versions prior to 10.2.2), because in those versions the default row format is compact.
This can be fixed by changing the row format to dynamic. See also ZBX-17690 (MariaDB) and ZBX-20165 (MySQL).
Database TLS connection is not supported with the 'verify_ca' option for the DBTLSConnect parameter if MariaDB is used.
When running under high load, and with more than one LLD worker involved, it is possible to run into a deadlock caused by an InnoDB error related to the row-locking strategy (see upstream bug). The error has been fixed in MySQL since 8.0.29, but not in MariaDB. For more details, see ZBX-21506.
Events may not get correlated correctly if the time interval between the first and second event is very small, i.e. half a second and less.
PostgreSQL 11 and earlier versions only support floating point value range of approximately -1.34E-154 to 1.34E+154.
Various Zabbix processes may randomly crash on startup on the NetBSD versions 8.X and 9.X. That is due to the too small default stack size (4MB), which must be increased by running:
For more information, please see the related problem report: ZBX-18275.
IPMI checks will not work with the standard OpenIPMI library package on Debian prior to 9 (stretch) and Ubuntu prior to 16.04 (xenial). To fix that, recompile OpenIPMI library with OpenSSL enabled as discussed in ZBX-6139.
Some Linux distributions like Debian, Ubuntu do not support encrypted private keys (with passphrase) if the libssh2 library is installed from packages. Please see ZBX-4850 for more details.
When using libssh 0.9.x on CentOS 8 with OpenSSH 8 SSH checks may occasionally report "Cannot read data from SSH server". This is caused by a libssh issue (more detailed report). The error is expected to have been fixed by a stable libssh 0.9.5 release. See also ZBX-17756 for details.
Using the pipe "|" in the SSH script may lead to a "Cannot read data from SSH server" error. In this case it is recommended to upgrade the libssh library version. See also ZBX-21337 for details.
MySQL unixODBC driver should not be used with Zabbix server or Zabbix proxy compiled against MariaDB connector library and vice versa, if possible it is also better to avoid using the same connector as the driver due to an upstream bug. Suggested setup:
PostgreSQL, SQLite or Oracle connector → MariaDB or MySQL unixODBC driver MariaDB connector → MariaDB unixODBC driver MySQL connector → MySQL unixODBC driver
See ZBX-7665 for more information and available workarounds.
XML data queried from Microsoft SQL Server may get truncated in various ways on Linux and UNIX systems.
It has been observed that using ODBC checks for monitoring Oracle databases using various versions of Oracle Instant Client for Linux causes Zabbix server to crash. See also: ZBX-18402, ZBX-20803.
If using FreeTDS UnixODBC driver, you need to prepend a 'SET NOCOUNT ON' statement to an SQL query (for example, SET NOCOUNT ON DECLARE @strsql NVARCHAR(max) SET @strsql = ....
). Otherwise, database monitor item in Zabbix will fail to retrieve the information with an error "SQL query returned empty result".
See ZBX-19917 for more information.
The request method parameter, used only in HTTP checks, may be incorrectly set to '1', a non-default value for all items as a result of upgrade from a pre-4.0 Zabbix version. For details on how to fix this situation, see ZBX-19308.
Zabbix server leaks memory on CentOS 6, CentOS 7 and possibly other related Linux distributions due to an upstream bug when "SSL verify peer" is enabled in web scenarios or HTTP agent. Please see ZBX-10486 for more information and available workarounds.
There is a bug in fping versions earlier than v3.10 that mishandles duplicate echo replay packets. This may cause unexpected results for icmpping
, icmppingloss
, icmppingsec
items. It is recommended to use the latest version of fping. Please see ZBX-11726 for more details.
When containers are running in rootless mode or in a specific-restrictions environment, you may face errors related to fping execution when performing ICMP checks, such as fping: Operation not permitted
or all packets to all resources lost.
To fix this problem add --cap-add=net_raw
to "docker run" or "podman run" commands.
Additionally fping execution in non-root environments may require sysctl modification, i.e.:
where "1995" is the zabbix GID. For more details, see ZBX-22833.
If the OpenBSD operating system is used, a use-after-free bug in the Net-SNMP library up to the 5.7.3 version can cause a crash of Zabbix server if the SourceIP parameter is set in the Zabbix server configuration file. As a workaround, please do not set the SourceIP parameter. The same problem applies also for Linux, but it does not cause Zabbix server to stop working. A local patch for the net-snmp package on OpenBSD was applied and will be released with OpenBSD 6.3.
Spikes in SNMP data have been observed that may be related to certain physical factors like voltage spikes in the mains. See ZBX-14318 more details.
The "net-snmp-perl" package, needed for SNMP traps, has been removed in RHEL/CentOS 8.0-8.2; re-added in RHEL 8.3.
So if you are using RHEL 8.0-8.2, the best solution is to upgrade to RHEL 8.3; if you are using CentOS 8.0-8.2, you may wait for CentOS 8.3 or use a package from EPEL.
Please also see ZBX-17192 for more information.
Instances of a Zabbix server alerter process crash have been encountered in Centos/RHEL 7. Please see ZBX-10461 for details.
It has been observed that frontend locales may flip without apparent logic, i. e. some pages (or parts of pages) are displayed in one language while other pages (or parts of pages) in a different language. Typically the problem may appear when there are several users, some of whom use one locale, while others use another.
A known workaround to this is to disable multithreading in PHP and Apache.
The problem is related to how setting the locale works in PHP: locale information is maintained per process, not per thread. So in a multi-thread environment, when there are several projects run by same Apache process, it is possible that the locale gets changed in another thread and that changes how data can be processed in the Zabbix thread.
For more information, please see related problem reports:
bcdiv
function of BC Math functions)If "opcache" is enabled in the PHP 7.3 configuration, Zabbix frontend may show a blank screen when loaded for the first time. This is a registered PHP bug. To work around this, please set the "opcache.optimization_level" parameter to 0x7FFFBFDF
in the PHP configuration (php.ini file).
Changes to Daylight Saving Time (DST) result in irregularities when displaying X axis labels (date duplication, date missing, etc.).
When using sum aggregation in a graph for period that is less than one hour, graphs display incorrect (multiplied) values when data come from trends.
For some frontend languages (e.g., Japanese), local fonts can cause text overlapping in graph legend. To avoid this, use version 2.3.0 (or later) of PHP GD extension.
log[]
and logrt[]
items repeatedly reread log file from the beginning if file system is 100% full and the log file is being appended (see ZBX-10884 for more information).
Slow database queries have been observed in the cases listed below.
If SVG graphs are used in Zabbix dashboards, Zabbix frontend may generate non-optimized API queries when checking user permissions to hosts and items. This is happening because such searches support wildcards and case-insensitive name matching.
To improve performance of SQL statements, manually apply the patch index_host_and_item_name_upper_field.sql provided in Zabbix 5.0.31 and newer.
For MySQL, run:
For PostgreSQL, run:
For Oracle, run:
Creation of deterministic triggers should be enabled for the time of patch application. On MySQL and MariaDB, this requires GLOBAL log_bin_trust_function_creators = 1
to be set if binary logging is enabled and there is no superuser privileges and log_bin_trust_function_creators = 1
is not set in MySQL configuration file. To set the variable using MySQL console, run:
Once the patch has been successfully applied, log_bin_trust_function_creators
can be disabled:
Triggers are also created for PostgreSQL and Oracle database.
Zabbix server generates slow SELECT
queries in case of non-existing values for items. This issue is known to occur in MySQL 5.6/5.7 versions (for an extended discussion, see ZBX-10652), and, in specific cases, may also occur in later MySQL versions. A workaround to this is disabling the index_condition_pushdown
or prefer_ordering_index
optimizer in MySQL. Note, however, that this workaround may not fix all issues related to slow queries.
Zabbix 5.0 installations with MySQL 5.X and 8.0.19 might run a slow query when retrieving problem/event information from the database. In particular, this affects the Problems by severity widget, event.get
and problem.get
API methods. To improve performance of SQL statements, apply the patch provided in ZBX-18080 (available for Zabbix 5.0.4 and newer).
A large number of open user sessions can be created when using custom scripts with the user.login
method without a following user.logout
.
When opening a link to Zabbix frontend page that contains filter settings, including the time selector, the filter is automatically saved in the database for the user, replacing the previously saved filter and/or time selector settings for that page. These settings remain active until the user manually updates or resets them.
Due to a net-snmp bug, IPv6 address may not be correctly displayed when using SNMPv3 in SNMP traps. For more details and a possible workaround, see ZBX-14541.
Failed login attempt message will display only the first 39 characters of a stored IP address as that's the character limit in the database field. That means that IPv6 IP addresses longer than 39 characters will be shown incompletely.
Non-existing DNS entries in a Server
parameter of Zabbix agent configuration file (zabbix_agentd.conf) may increase Zabbix agent response time on Windows. This happens because Windows DNS caching daemon doesn't cache negative responses for IPv4 addresses. However, for IPv6 addresses negative responses are cached, so a possible workaround to this is disabling IPv4 on the host.
Frontend setup wizard cannot save configuration file on SUSE with NGINX + php-fpm. This is caused by a setting in /usr/lib/systemd/system/php-fpm.service unit, which prevents Zabbix from writing to /etc. (introduced in PHP 7.4).
There are two workaround options available:
If Zabbix is used with MySQL installation on Azure, an unclear error message [9002] Some errors occurred may appear in Zabbix logs. This generic error text is sent to Zabbix server or proxy by the database. To get more information about the cause of the error, check Azure logs.
As global variables are shared across different webhook calls, the following code will result in the tag value counter gradually increasing:
try
{
aa = aa + 1;
}
catch(e)
{
aa = 0;
}
result = {
'tags': {
'endpoint': aa
}
};
return JSON.stringify(result);
Using local variables instead of global ones is recommended to make sure that each script operates on its own data and that there are no collisions between simultaneous calls.