For Zabbix monitoring of UNIX logfiles with the log
items, it is crucial that the host in question can utilize active checks. This generally means that:
The Agent must be configured with ServerActive=
and the hostname of the zabbix server or proxy that you are using with this host.
The Zabbix-server configured hostname matches the FQDN or system hostname of the target (monitored) host.
Or if that is not the case, that the agent be configured with HOSTNAME=
and the corresponding Zabbix-server configured hostname.
As pointed out by others, the agent (running as the Zabbix user) must have access to the log file, su zabbix -c "tail -1 logfile"
is a good way to test this. If the zabbix account is disabled, use runuser -u zabbix tail -1 logfile
. (replace logfile
with the file to be monitored).
When you restart the agent, check its logfile for any error messages such as
no active checks on server [127.0.0.1:10051]: host [Zabbix server] not found
This indicates a misconfiguration of the type above.
If on the server you see "NOT SUPPORTED" for this item, it might be a problem with file permissions.
If you still don't see your messages, it's possible that there are too many messages being sent. By default, Zabbix will send only 100 or so per second, and it will only "catch up" every 30 seconds (see your item).
You have configured you trigger to look only at the last item (regexp(...,#1)
). I think this is correct, but normally, you just omit the ,#1
.
EDIT: Replaced sudo
with runuser
. See comments
thank you for your response, i changed the regex to result to eq 1. i don't have zabbix executable in my monitored host. what do i do ? – ufk – 2015-08-23T06:23:31.130
You will not have "zabbix" executable on your host. "su - zabbix -c …" is just command to help you check if zabbix agent has the permission to read the file. – Vladimir – 2015-08-23T08:09:38.533
ahh oops you are right. anyways i checked and zabbix user have access to that log file. – ufk – 2015-08-25T08:55:20.273
Well, than check if your log monitor item is not in unsupported state. – Vladimir – 2015-08-25T10:19:57.393
su - zabbix -c "tail $YOUR-FILE"
does not work for user without shell. You could userunuser -u zabbix tail $YOUR-FILE
for this. – user3132194 – 2018-10-10T11:49:46.863