Documentation

1 Perguntas frequentes / Solução de problemas
1 Scripts de criação de banco
2 Repairing Zabbix database character set and collation
2 Zabbix Agent no Microsoft Windows
1 MySQL encryption configuration
2 PostgreSQL encryption configuration
4 TimescaleDB setup
5 Elasticsearch setup
6 Real-time export of events, item values, trends
7 Distribution-specific notes on setting up Nginx for Zabbix
8 Running agent as root
10 SAML setup with Okta
11 Additional frontend languages
1 Zabbix Server
2 Zabbix Proxy
3 Zabbix Agent (UNIX)
4 Zabbix Agent (Windows)
4 Zabbix agent 2 (UNIX)
5 Zabbix Java gateway
6 Zabbix agent 2 (Windows)
7 Observações sobre o parâmetro "Include"
1 Itens suportados por plataforma
2 parâmetros vm.memory.size
3 Verificações passivas e ativas
4 Codificação dos valores retornados
4 Trapper items
5 Minimum permission level for Windows agent items
5 Suporte a grandes arquivos
6 Definições de host inalcançável/inacessível
7 Sensores
8 Observações sobre o parâmetro memtype em itens proc.mem
9 Observações sobre seleção de processos nos itens proc.mem e proc.num
10 Detalhes de implementação das verificações net.tcp.service ed net.udp.service
13 Remote monitoring of Zabbix stats
14 Configuring Kerberos with Zabbix
1 Server-proxy data exchange protocol
2 Zabbix agent protocol
3 Zabbix agent 2 protocol
3 Zabbix sender protocol
4 Header
4 Zabbix agent 2 plugin protocol
5 Real-time export protocol
1 Funções de trigger suportadas
1 Macros suportadas por localização
2 User macros supported by location
7 Definindo períodos de tempo
8 Execução de comandos
8 Unit symbols
11 Compatibilidade entre versões
12 Gerenciamento de erros de banco de dados
13 Biblioteca dinâmica Zabbix sender para Windows
14 Python library for Zabbix API
16 Issues with SELinux
17 Other issues
18 Agent vs agent 2 comparison
1 Estrutura do manual
2 O que é o Zabbix
3 Funcionalidades do Zabbix
4 Visão geral
5 What's new in Zabbix 5.0.0
6 What's new in Zabbix 5.0.1
7 What's new in Zabbix 5.0.2
8 What's new in Zabbix 5.0.3
9 What's new in Zabbix 5.0.4
10 What's new in Zabbix 5.0.5
11 What's new in Zabbix 5.0.6
12 What's new in Zabbix 5.0.7
13 What's new in Zabbix 5.0.8
14 What's new in Zabbix 5.0.9
15 What's new in Zabbix 5.0.10
15 What's new in Zabbix 5.0.11
16 What's new in Zabbix 5.0.12
17 What's new in Zabbix 5.0.13
18 What's new in Zabbix 5.0.14
19 What's new in Zabbix 5.0.15
20 What's new in Zabbix 5.0.16
21 What's new in Zabbix 5.0.17
22 What's new in Zabbix 5.0.18
23 What's new in Zabbix 5.0.19
24 What's new in Zabbix 5.0.20
25 What's new in Zabbix 5.0.21
26 What's new in Zabbix 5.0.22
27 What's new in Zabbix 5.0.23
28 What's new in Zabbix 5.0.24
29 What's new in Zabbix 5.0.25
30 What's new in Zabbix 5.0.26
31 What's new in Zabbix 5.0.27
32 What's new in Zabbix 5.0.28
33 What's new in Zabbix 5.0.29
34 What's new in Zabbix 5.0.30
35 What's new in Zabbix 5.0.31
36 What's new in Zabbix 5.0.32
37 What's new in Zabbix 5.0.33
38 What's new in Zabbix 5.0.34
39 What's new in Zabbix 5.0.35
40 What's new in Zabbix 5.0.36
41 What's new in Zabbix 5.0.37
42 What's new in Zabbix 5.0.38
43 What's new in Zabbix 5.0.39
44 What's new in Zabbix 5.0.40
45 What's new in Zabbix 5.0.41
46 What's new in Zabbix 5.0.42
47 What's new in Zabbix 5.0.43
2 Servidor
3 Agent 2
3 Agente
4 Proxy
1 Setup from sources
2 Setup from RHEL/CentOS packages
3 Setup from Debian/Ubuntu packages
6 Sender
7 Get
8 JS
2. Definitions
1 Obtendo o Zabbix
Best practices for secure Zabbix setup
1 Red Hat Enterprise Linux/CentOS
2 Debian/Ubuntu/Raspbian
3 SUSE Linux Enterprise Server
4 Windows agent installation from MSI
5 Mac OS agent installation from PKG
Building Zabbix agent 2 on Windows
Building Zabbix agent on macOS
Building Zabbix agent on Windows
Installation with OpenShift
1 Red Hat Enterprise Linux/CentOS
2 Debian/Ubuntu
Upgrade from sources
1 Compilation issues
Updating to PHP 7.3 packages
2 Debian/Ubuntu frontend installation
7 Modificações nos Templates
10 Upgrade notes for 5.0.0
11 Upgrade notes for 5.0.1
12 Upgrade notes for 5.0.2
13 Upgrade notes for 5.0.3
14 Upgrade notes for 5.0.4
15 Upgrade notes for 5.0.5
16 Upgrade notes for 5.0.6
17 Upgrade notes for 5.0.7
18 Upgrade notes for 5.0.8
19 Upgrade notes for 5.0.9
20 Upgrade notes for 5.0.10
21 Upgrade notes for 5.0.11
22 Upgrade notes for 5.0.12
23 Upgrade notes for 5.0.13
24 Upgrade notes for 5.0.14
25 Upgrade notes for 5.0.15
26 Upgrade notes for 5.0.16
27 Upgrade notes for 5.0.17
28 Upgrade notes for 5.0.18
29 Upgrade notes for 5.0.19
30 Upgrade notes for 5.0.20
31 Upgrade notes for 5.0.21
32 Upgrade notes for 5.0.22
33 Upgrade notes for 5.0.23
34 Upgrade notes for 5.0.24
35 Upgrade notes for 5.0.25
36 Upgrade notes for 5.0.26
37 Upgrade notes for 5.0.27
38 Upgrade notes for 5.0.28
39 Upgrade notes for 5.0.29
40 Upgrade notes for 5.0.30
41 Upgrade notes for 5.0.31
42 Upgrade notes for 5.0.32
43 Upgrade notes for 5.0.33
44 Upgrade notes for 5.0.34
45 Upgrade notes for 5.0.35
46 Upgrade notes for 5.0.36
47 Upgrade notes for 5.0.37
48 Upgrade notes for 5.0.38
49 Upgrade notes for 5.0.39
50 Upgrade notes for 5.0.40
51 Upgrade notes for 5.0.41
52 Upgrade notes for 5.0.42
1 Autenticando e configurando o usuário
2 Novo Host
3 Novo item
4 Nova trigger
5 Recebendo notificações de problemas
6 Novo template
1 Configurando um host
2 Inventário
3 Atualização em massa
1 Chave do item
2 Intervalos personalizados
1 Usage examples
2 Preprocessing details
Escaping special characters from LLD macro values in JSONPath
Additional JavaScript objects
5 CSV to JSON preprocessing
Chaves específicas para Windows
Zabbix agent 2
1 Índices dinâmicos
2 OIDs especiais
3 MIB files
3 Traps SNMP
4 Verificações IPMI
1 Chaves de monitoração VMware
6 Monitoramento de arquivos de Log
7 Itens calculados
8 Verificações internas
9 Verificações SSH
10 Agente Telnet (Verificações por Telnet)
11 Verificações externas
12 Verificações agregadas
13 Zabbix Trapper
14 Agente JMX (Monitoração JMX)
1 Recommended UnixODBC settings for MySQL
2 Recommended UnixODBC settings for PostgreSQL
3 Recommended UnixODBC settings for Oracle
4 Recommended UnixODBC settings for MSSQL
16 Dependent items
17 HTTP agent
18 Prometheus checks
3 Histórico e médias
1 Estendendo os Agentes Zabbix
5 Módulos carregáveis
6 Contadores de performance Windows
7 Atualização em massa
8 Mapeamento de valores
9 Aplicações
10 Fila
11 Cache de valores
13 Execute now
14 Plugins
15 Restricting agent checks
1 Configuração de trigger
2 Expressões de Trigger
3 Dependências entre triggers
4 Severidade das Triggers
5 Customizando as severidades de trigger
7 Atualização em massa
8 Triggers - Funções preditivas
1 Origens dos eventos
1 Trigger event generation
3 Manual closing of problems
Event tags
2 Global event correlation
1 Configurando um template
2 Associando/Desassociando
3 Aninhamento
4 Mass update
1 Simple graphs
2 Custom graphs
3 Ad-hoc graphs
4 Aggregation in graphs
1 Configuring a network map
2 Host group elements
3 Link indicators
1 Screen elements
4 Slide shows
5 Host screens
6 Dashboard
1 E-mail
2 SMS
Webhook script examples
5 Scripts de alerta
1 Enviando mensagem
2 Comandos remotos
3 Operações adicionais
4 Usando macros em mensagens
2 Condições
3 Escalonamento
3 Recovery operations
4 Update operations
3 Recebendo notificações sobre itens não suportados
1 Macro functions
2 User macros
3 User macros with context
4 Low-level discovery macros
HTTP template operation
IPMI template operation
JMX template operation
ODBC template operation
Standardized templates for network devices
Zabbix agent 2 template operation
Zabbix agent template operation
1 Configurando um usuário
2 Permissões
3 Grupos de usuários
6. Zabbix appliance
7. Serviços de TI
1 Itens de monitoração web
2 Cenário real de monitoração web
1 Campos chave para descoberta de máquinas virtuais
10. Manutenção
11. Expressões regulares
12. Reconhecimento de eventos
2 Templates
4 Network maps
5 Screens
6 Media types
Grupos
Hosts
Configurando uma regra de descoberta de rede
2 Autorregistro do agente ativo
1 Discovery of mounted filesystems
2 Discovery of network interfaces
3 Discovery of CPUs and CPU cores
4 Discovery of SNMP OIDs
5 Discovery of JMX objects
6 Discovery of IPMI sensors
7 Discovery of systemd services
8 Discovery of Windows services
9 Discovery of Windows performance counter instances
10 Discovery using WMI queries
11 Discovery using ODBC SQL queries
12 Discovery using Prometheus data
13 Discovery of block devices
14 Discovery of host interfaces in Zabbix
Notas sobre o processo criação de aplicações a partir de LLD
Proxies
1 Using certificates
2 Using pre-shared keys
1 Connection type or permission problems
2 Certificate problems
3 PSK problems
1 Definições
1 Menu
2 Modo de manutenção da interface web
1 Notificações globais
2 Sons em browsers
4 Criando seu próprio tema
1 Dashboard widgets
2 Problems
2 Visão geral
1 Graphs
2 Web scenarios
4 Dados recentes
8 Telas
9 Mapas
10 Descoberta
11 Serviços de TI
1 Visão geral
2 Hosts
1 Status do Zabbix
2 Relatório de disponibilidade
3 Top 100 de triggers
4 Auditoria
5 Log de ações
6 Notificações
1 Host groups
2 Templates
1 Aplicações
2 Itens
3 Triggers
4 Gráficos
5 Descoberta (LLD)
6 Cenários Web
4 Períodos de manutenção
5 Ações
6 Event correlation
8 Descoberta
9 Serviços de TI
1 Geral
2 Proxies
3 Autenticação
4 User groups
5 Usuários
6 Tipos de mídia
7 Scripts
8 Fila
6 Pesquisa global
7 Parâmetros de página
9 Debug mode
10 Cookies used by Zabbix
> Action object
action.create
action.delete
action.get
action.update
> Alert object
alert.get
apiinfo.version
> Application object
application.create
application.delete
application.get
application.massadd
application.update
> Audit log object
auditlog.get
> Autoregistration object
autoregistration.get
autoregistration.update
configuration.export
configuration.import
> Correlation object
correlation.create
correlation.delete
correlation.get
correlation.update
> Dashboard object
dashboard.create
dashboard.delete
dashboard.get
dashboard.update
> Discovered host object
dhost.get
> Discovered service object
dservice.get
> Discovery check object
dcheck.get
> Discovery rule object
drule.create
drule.delete
drule.get
drule.update
> Event object
event.acknowledge
event.get
> Graph object
graph.create
graph.delete
graph.get
graph.update
> Graph item object
graphitem.get
> Graph prototype object
graphprototype.create
graphprototype.delete
graphprototype.get
graphprototype.update
> History object
history.get
> Host object
host.create
host.delete
host.get
host.massadd
host.massremove
host.massupdate
host.update
> Host group object
hostgroup.create
hostgroup.delete
hostgroup.get
hostgroup.massadd
hostgroup.massremove
hostgroup.massupdate
hostgroup.update
> Host interface object
hostinterface.create
hostinterface.delete
hostinterface.get
hostinterface.massadd
hostinterface.massremove
hostinterface.replacehostinterfaces
hostinterface.update
> Host prototype object
hostprototype.create
hostprototype.delete
hostprototype.get
hostprototype.update
> Icon map object
iconmap.create
iconmap.delete
iconmap.get
iconmap.update
> Image object
image.create
image.delete
image.get
image.update
> Item object
item.create
item.delete
item.get
item.update
> Item prototype object
itemprototype.create
itemprototype.delete
itemprototype.get
itemprototype.update
> LLD rule object
discoveryrule.copy
discoveryrule.create
discoveryrule.delete
discoveryrule.get
discoveryrule.update
> Maintenance object
maintenance.create
maintenance.delete
maintenance.get
maintenance.update
> Map object
map.create
map.delete
map.get
map.update
> Media type object
mediatype.create
mediatype.delete
mediatype.get
mediatype.update
> Problem object
problem.get
> Proxy object
proxy.create
proxy.delete
proxy.get
proxy.update
> Screen object
screen.create
screen.delete
screen.get
screen.update
> Screen item object
screenitem.create
screenitem.delete
screenitem.get
screenitem.update
screenitem.updatebyposition
> Script object
script.create
script.delete
script.execute
script.get
script.getscriptsbyhosts
script.update
> Service object
service.adddependencies
service.addtimes
service.create
service.delete
service.deletedependencies
service.deletetimes
service.get
service.getsla
service.update
> Task object
task.create
task.get
> Template object
template.create
template.delete
template.get
template.massadd
template.massremove
template.massupdate
template.update
> Template screen object
templatescreen.copy
templatescreen.create
templatescreen.delete
templatescreen.get
templatescreen.update
> Template screen item object
templatescreenitem.get
> Trend object
trend.get
> Trigger object
trigger.adddependencies
trigger.create
trigger.delete
trigger.deletedependencies
trigger.get
trigger.update
> Trigger prototype object
triggerprototype.create
triggerprototype.delete
triggerprototype.get
triggerprototype.update
> User object
user.checkAuthentication
user.create
user.delete
user.get
user.login
user.logout
user.update
> User group object
usergroup.create
usergroup.delete
usergroup.get
usergroup.update
> User macro object
usermacro.create
usermacro.createglobal
usermacro.delete
usermacro.deleteglobal
usermacro.get
usermacro.update
usermacro.updateglobal
> Value map object
valuemap.create
valuemap.delete
valuemap.get
valuemap.update
> Web scenario object
httptest.create
httptest.delete
httptest.get
httptest.update
Appendix 1. Reference commentary
Appendix 2. Changes from 4.4 to 5.0
Zabbix API changes in 5.0
20. Modules
zabbix_agent2
zabbix_agentd
zabbix_get
zabbix_js
zabbix_proxy
zabbix_sender
zabbix_server

3 Secure connection to the database

Overview

It is possible to configure secure TLS connections to MySQL and PostgreSQL databases from:

  • Zabbix frontend
  • Zabbix server or proxy

See also: Known issues

Frontend configuration

Since Zabbix 5.0.5 TLS encryption parameter names have changed slightly: for better clarity the "Database" prefix has been added. In versions 5.0.0-5.0.4 parameters are named TLS encryption, TLS certificate file, etc.

A secure connection to the database can be configured during frontend installation:

  • Mark the Database TLS encryption checkbox in the Configure DB connection step to enable transport encryption.
  • Mark the Verify database certificate checkbox that appears when TLS encryption field is checked to enable encryption with certificates.

Since Zabbix 5.0.5:
For MySQL, the Database TLS encryption checkbox is disabled, if Database host is set to localhost, because connection that uses a socket file (on Unix) or shared memory (on Windows) cannot be encrypted.
For PostgreSQL, the TLS encryption checkbox is disabled, if the value of the Database host field begins with a slash or the field is empty.

The following parameters are available in the TLS encryption in certificates mode (since Zabbix 5.0.5 the parameters appear only if both checkboxes are marked):

Parameter Description
Database TLS CA file Specify the full path to a valid TLS certificate authority (CA) file.
Database TLS key file Specify the full path to a valid TLS key file.
Database TLS certificate file Specify the full path to a valid TLS certificate file.
Database host verification Mark this checkbox to activate host verification.
Disabled for MYSQL, because PHP MySQL library does not allow to skip the peer certificate validation step.
Database TLS cipher list Specify a custom list of valid ciphers. The format of the cipher list must conform to the OpenSSL standard.
Available for MySQL only.

TLS parameters must point to valid files. If they point to non-existent or invalid files, it will lead to the authorization error.
If certificate files are writable, the frontend generates a warning in the System information report that "TLS certificate files must be read-only." (displayed only if the PHP user is the owner of the certificate).

Certificates protected by passwords are not supported.

Use cases
Configuration Result
None (leave Database TLS encryption unmarked) Connection to the database without encryption.
1. Mark Database TLS encryption only Secure TLS connection to the database.
1. Mark Database TLS encryption
2. Specify TLS certificate authority file		 Secure TLS connection to the database;
Database server certificate is verified and verified that it is signed by a trusted center.
1. Mark Database TLS encryption
2. Specify TLS certificate authority file
3. Mark With host verification
4. Specify TLS cipher list (optional)		 Secure TLS connection to the database;
Database server certificate is checked by comparing the host name specified in the certificate with the name of the host to which it is connected;
It is verified that the certificate is signed by a trusted authority.
1. Mark Database TLS encryption
2. Specify TLS key file
3. Specify TLS certificate file
4. Specify TLS certificate authority file
5. Mark Database host verification (prior to 5.0.5: With host verification)
6. Specify TLS cipher list (optional)		 Secure TLS connections to the database are established with maximum security. The requirement for the client part to present their certificates is configured on the server side.

See also: Configuration examples for MySQL, Configuration examples for PostgreSQL.

Zabbix server/proxy configuration

Secure connections to the database can be configured with the respective parameters in the Zabbix server and/or proxy configuration file.

Configuration Result
None Connection to the database without encryption.
1. Set DBTLSConnect=required Server/proxy make a TLS connection to the database. An unencrypted connection is not allowed.
1. Set DBTLSConnect=verify_ca
2. Set DBTLSCAFile - specify the TLS certificate authority file		 Server/proxy make a TLS connection to the database after verifying the database certificate.
1. Set DBTLSConnect=verify_full
2. Set DBTLSCAFile - specify TLS certificate authority file		 Server/proxy make a TLS connection to the database after verifying the database certificate and the database host identity.
1. Set DBTLSCAFile - specify TLS certificate authority file
2. Set DBTLSCertFile - specify the client public key certificate file
3. Set DBTLSKeyFile - specify the client private key file		 Server/proxy provide a client certificate while connecting to the database.
1. Set DBTLSCipher - the list of encryption ciphers that the client permits for connections using TLS protocols up to TLS 1.2

or DBTLSCipher13 - the list of encryption ciphers that the client permits for connections using TLS 1.3 protocol		 (MySQL) TLS connection is made using a cipher from the provided list.
(PostgreSQL) Setting this option will be considered as an error.
© 2001-2024 by Zabbix SIA. All rights reserved.
Except where otherwise noted, Zabbix Documentation is licensed under the following license
Trademark Policy