7 Monitor network traffic using active checks

Introduction

This page walks you through the steps required to start basic monitoring of your network traffic with Zabbix using active checks.

Who this guide is for

This guide is designed for new Zabbix users and contains the minimum set of steps required to enable basic monitoring of your network traffic using active checks. If you are looking for deep customization options or require more advanced configuration, see the Configuration section of Zabbix manual.

Prerequisites

Before proceeding with this guide, you need to download and install Zabbix server, Zabbix frontend and Zabbix agent according to the instructions for your OS. As a starting point, the Installation from packages, followed by the Web interface installation, would be the advised solution. Note that you should install Zabbix agent on the machine that requires traffic monitoring. This can be either the same host where Zabbix server is installed or a different host.

This guide will provide the instructions on configuring the network traffic monitoring of eth0 interface on a separate machine named Remote host.

Configure Zabbix for monitoring

Zabbix agent can collect metrics in active or passive mode (simultaneously). See Passive and active agent checks for more info. In this guide, monitoring by means of active checks will be described.

Configuring Zabbix agent

1. Open the agent configuration file on the machine where the agent is installed (by default, the path is /usr/local/etc/zabbix_agentd.conf):

sudo vi /usr/local/etc/zabbix_agentd.conf

2. Add the IP address or DNS name of your Zabbix server to the ServerActive parameter. For example:

ServerActive=192.0.2.22

3. Define the Hostname parameter - it must match the host name defined in Zabbix frontend. In our example, it is:

Hostname=Remote host

4. Restart Zabbix agent:

systemctl restart zabbix-agent
Zabbix frontend

1. Log into Zabbix frontend.

2. Create a host in Zabbix web interface, specifying the IP address or DNS name of the machine on which the agent is installed.

Make sure the field Host name matches the Hostname parameter defined in the agent configuration file.

Create items

Follow the instructions on creating an item to add the items for traffic monitoring, namely:

A simple setup for the incoming traffic monitoring item with an active check would look as follows:

To make the collected data suitable for practical use, you can set some preprocessing steps when creating the items. In the given case, those can be multiplication by 8 (to convert bytes to bits) and presentation as change per second.

View collected data

Congratulations! At this point, Zabbix is already monitoring your network traffic.

To view collected metrics, open the Monitoring → Hosts menu section and click on the Latest data in the row of the host.

You will see the traffic data.

See also:

  • View graphs - how to display the collected data as graphs.
  • Configure triggers - how to set up triggers to detect abnormal network traffic.
  • Set up problem alerts - how to set up notifications about problem situations.
  • Problem escalations - how to create multi-step alert scenarios (e.g., first send message to the system administrator, then, if a problem is not resolved in 45 minutes, send message to the data center manager).
  • Problem acknowledgment - how to indicate that the problem is known, make comments on resolving it, suppress or close the problem.
  • Monitor Linux with Zabbix agent - how to start basic monitoring of the most important items by linking a pre-configured template.