Monitoring VE from Zabbix doesn't work.

PoalVas

New Member
Apr 1, 2022
4
0
1
Hi, recently I'm trying PROXMOX last release on VMWare and i want to test with Zabbix. So i have installed 2VM : 1)PROXMOX VE and 2) Zabbix Server . I tried to configurate both Zabbix-Agent and SNMPD but in both cases no data out (port 161 and 10050) from proxmox (monitored through wireshark on router). So if anyone help me to solve this problem i appreciate it (obviously) . Any working guide is ok but any guide tried since today not work. Thank you.
 
Hi @Dunuin , i do not tried PVE because i dont know how to use. Now I have tried to redo the installation again and the error does not give it anymore and is active.



In any case the agent does not seem to be generating data on port 11050. Proxmox firewall disabled like as default. Here below the file in which I have only changed the server IP (Server=192.168.10.22). Did I forget something maybe?

Code:
# This is a configuration file for Zabbix agent daemon (Unix)
# To get more information about Zabbix, visit http://www.zabbix.com

############ GENERAL PARAMETERS #################

### Option: PidFile
#    Name of PID file.
#
# Mandatory: no
# Default:
# PidFile=/tmp/zabbix_agentd.pid

PidFile=/run/zabbix/zabbix_agentd.pid

### Option: LogType
#    Specifies where log messages are written to:
#        system  - syslog
#        file    - file specified with LogFile parameter
#        console - standard output
#
# Mandatory: no
# Default:
# LogType=file

### Option: LogFile
#    Log file name for LogType 'file' parameter.
#
# Mandatory: yes, if LogType is set to file, otherwise no
# Default:
# LogFile=

LogFile=/var/log/zabbix-agent/zabbix_agentd.log

### Option: LogFileSize
#    Maximum size of log file in MB.
#    0 - disable automatic log rotation.
#
# Mandatory: no
# Range: 0-1024
# Default:
# LogFileSize=1

LogFileSize=0

### Option: DebugLevel
#    Specifies debug level:
#    0 - basic information about starting and stopping of Zabbix processes
#    1 - critical information
#    2 - error information
#    3 - warnings
#    4 - for debugging (produces lots of information)
#    5 - extended debugging (produces even more information)
#
# Mandatory: no
# Range: 0-5
# Default:
# DebugLevel=3

### Option: SourceIP
#    Source IP address for outgoing connections.
#
# Mandatory: no
# Default:
# SourceIP=

### Option: AllowKey
#    Allow execution of item keys matching pattern.
#    Multiple keys matching rules may be defined in combination with DenyKey.
#    Key pattern is wildcard expression, which support "*" character to match any number of any characters in certain position. It might be used in both key name and key arguments.
#    Parameters are processed one by one according their appearance order.
#    If no AllowKey or DenyKey rules defined, all keys are allowed.
#
# Mandatory: no

### Option: DenyKey
#    Deny execution of items keys matching pattern.
#    Multiple keys matching rules may be defined in combination with AllowKey.
#    Key pattern is wildcard expression, which support "*" character to match any number of any characters in certain position. It might be used in both key name and key arguments.
#    Parameters are processed one by one according their appearance order.
#    If no AllowKey or DenyKey rules defined, all keys are allowed.
#       Unless another system.run[*] rule is specified DenyKey=system.run[*] is added by default.
#
# Mandatory: no
# Default:
# DenyKey=system.run[*]

### Option: EnableRemoteCommands - Deprecated, use AllowKey=system.run[*] or DenyKey=system.run[*] instead
#    Internal alias for AllowKey/DenyKey parameters depending on value:
#    0 - DenyKey=system.run[*]
#    1 - AllowKey=system.run[*]
#
# Mandatory: no

### Option: LogRemoteCommands
#    Enable logging of executed shell commands as warnings.
#    0 - disabled
#    1 - enabled
#
# Mandatory: no
# Default:
# LogRemoteCommands=0

##### Passive checks related

### Option: Server
#    List of comma delimited IP addresses, optionally in CIDR notation, or DNS names of Zabbix servers and Zabbix proxies.
#    Incoming connections will be accepted only from the hosts listed here.
#    If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally
#    and '::/0' will allow any IPv4 or IPv6 address.
#    '0.0.0.0/0' can be used to allow any IPv4 address.
#    Example: Server=127.0.0.1,192.168.1.0/24,::1,2001:db8::/32,zabbix.example.com
#
# Mandatory: yes, if StartAgents is not explicitly set to 0
# Default:
# Server=

Server=192.168.10.22

### Option: ListenPort
#    Agent will listen on this port for connections from the server.
#
# Mandatory: no
# Range: 1024-32767
# Default:
# ListenPort=10050

### Option: ListenIP
#    List of comma delimited IP addresses that the agent should listen on.
#    First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks.
#
# Mandatory: no
# Default:
# ListenIP=0.0.0.0

### Option: StartAgents
#    Number of pre-forked instances of zabbix_agentd that process passive checks.
#    If set to 0, disables passive checks and the agent will not listen on any TCP port.
#
# Mandatory: no
# Range: 0-100
# Default:
# StartAgents=3

##### Active checks related

### Option: ServerActive
#    List of comma delimited IP:port (or DNS name:port) pairs of Zabbix servers and Zabbix proxies for active checks.
#    If port is not specified, default port is used.
#    IPv6 addresses must be enclosed in square brackets if port for that host is specified.
#    If port is not specified, square brackets for IPv6 addresses are optional.
#    If this parameter is not specified, active checks are disabled.
#    Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1]
#
# Mandatory: no
# Default:
# ServerActive=

ServerActive=127.0.0.1

### Option: Hostname
#    Unique, case sensitive hostname.
#    Required for active checks and must match hostname as configured on the server.
#    Value is acquired from HostnameItem if undefined.
#
# Mandatory: no
# Default:
# Hostname=


### Option: HostnameItem
#    Item used for generating Hostname if it is undefined. Ignored if Hostname is defined.
#    Does not support UserParameters or aliases.
#
# Mandatory: no
# Default:
# HostnameItem=system.hostname

### Option: HostMetadata
#    Optional parameter that defines host metadata.
#    Host metadata is used at host auto-registration process.
#    An agent will issue an error and not start if the value is over limit of 255 characters.
#    If not defined, value will be acquired from HostMetadataItem.
#
# Mandatory: no
# Range: 0-255 characters
# Default:
# HostMetadata=

### Option: HostMetadataItem
#    Optional parameter that defines an item used for getting host metadata.
#    Host metadata is used at host auto-registration process.
#    During an auto-registration request an agent will log a warning message if
#    the value returned by specified item is over limit of 255 characters.
#    This option is only used when HostMetadata is not defined.
#
# Mandatory: no
# Default:
# HostMetadataItem=

### Option: HostInterface
#    Optional parameter that defines host interface.
#    Host interface is used at host auto-registration process.
#    An agent will issue an error and not start if the value is over limit of 255 characters.
#    If not defined, value will be acquired from HostInterfaceItem.
#
# Mandatory: no
# Range: 0-255 characters
# Default:
# HostInterface=

### Option: HostInterfaceItem
#    Optional parameter that defines an item used for getting host interface.
#    Host interface is used at host auto-registration process.
#    During an auto-registration request an agent will log a warning message if
#    the value returned by specified item is over limit of 255 characters.
#    This option is only used when HostInterface is not defined.
#
# Mandatory: no
# Default:
# HostInterfaceItem=

### Option: RefreshActiveChecks
#    How often list of active checks is refreshed, in seconds.
#
# Mandatory: no
# Range: 60-3600
# Default:
# RefreshActiveChecks=120

### Option: BufferSend
#    Do not keep data longer than N seconds in buffer.
#
# Mandatory: no
# Range: 1-3600
# Default:
# BufferSend=5

### Option: BufferSize
#    Maximum number of values in a memory buffer. The agent will send
#    all collected data to Zabbix Server or Proxy if the buffer is full.
#
# Mandatory: no
# Range: 2-65535
# Default:
# BufferSize=100

### Option: MaxLinesPerSecond
#    Maximum number of new lines the agent will send per second to Zabbix Server
#    or Proxy processing 'log' and 'logrt' active checks.
#    The provided value will be overridden by the parameter 'maxlines',
#    provided in 'log' or 'logrt' item keys.
#
# Mandatory: no
# Range: 1-1000
# Default:
# MaxLinesPerSecond=20

############ ADVANCED PARAMETERS #################

### Option: Alias
#    Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one.
#    Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed.
#    Different Alias keys may reference the same item key.
#    For example, to retrieve the ID of user 'zabbix':
#    Alias=zabbix.userid:vfs.file.regexp[/etc/passwd,^zabbix:.:([0-9]+),,,,\1]
#    Now shorthand key zabbix.userid may be used to retrieve data.
#    Aliases can be used in HostMetadataItem but not in HostnameItem parameters.
#
# Mandatory: no
# Range:
# Default:

### Option: Timeout
#    Spend no more than Timeout seconds on processing
#
# Mandatory: no
# Range: 1-30
# Default:
# Timeout=3

### Option: AllowRoot
#    Allow the agent to run as 'root'. If disabled and the agent is started by 'root', the agent
#    will try to switch to the user specified by the User configuration option instead.
#    Has no effect if started under a regular user.
#    0 - do not allow
#    1 - allow
#
# Mandatory: no
# Default:
# AllowRoot=0

### Option: User
#    Drop privileges to a specific, existing user on the system.
#    Only has effect if run as 'root' and AllowRoot is disabled.
#
# Mandatory: no
# Default:
# User=zabbix

### Option: Include
#    You may include individual files or all files in a directory in the configuration file.
#    Installing Zabbix will create include directory in /etc/zabbix, unless modified during the compile time.
#
# Mandatory: no
# Default:
# Include=

# Include=/etc/zabbix/zabbix_agentd.userparams.conf
# Include=/etc/zabbix/zabbix_agentd.conf.d/
Include=/etc/zabbix/zabbix_agentd.conf.d/*.conf

####### USER-DEFINED MONITORED PARAMETERS #######

### Option: UnsafeUserParameters
#    Allow all characters to be passed in arguments to user-defined parameters.
#    The following characters are not allowed:
#    \ ' " ` * ? [ ] { } ~ $ ! & ; ( ) < > | # @
#    Additionally, newline characters are not allowed.
#    0 - do not allow
#    1 - allow
#
# Mandatory: no
# Range: 0-1
# Default:
# UnsafeUserParameters=0

### Option: UserParameter
#    User-defined parameter to monitor. There can be several user-defined parameters.
#    Format: UserParameter=<key>,<shell command>
#    See 'zabbix_agentd' directory for examples.
#
# Mandatory: no
# Default:
# UserParameter=

####### LOADABLE MODULES #######

### Option: LoadModulePath
#    Full path to location of agent modules.
#    Default depends on compilation options.
#    To see the default path run command "zabbix_agentd --help".
#
# Mandatory: no
# Default:
# LoadModulePath=${libdir}/modules

### Option: LoadModule
#    Module to load at agent startup. Modules are used to extend functionality of the agent.
#    Formats:
#        LoadModule=<module.so>
#        LoadModule=<path/module.so>
#        LoadModule=</abs_path/module.so>
#    Either the module must be located in directory specified by LoadModulePath or the path must precede the module name.
#    If the preceding path is absolute (starts with '/') then LoadModulePath is ignored.
#    It is allowed to include multiple LoadModule parameters.
#
# Mandatory: no
# Default:
# LoadModule=

####### TLS-RELATED PARAMETERS #######

### Option: TLSConnect
#    How the agent should connect to server or proxy. Used for active checks.
#    Only one value can be specified:
#        unencrypted - connect without encryption
#        psk         - connect using TLS and a pre-shared key
#        cert        - connect using TLS and a certificate
#
# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
# Default:
# TLSConnect=unencrypted

### Option: TLSAccept
#    What incoming connections to accept.
#    Multiple values can be specified, separated by comma:
#        unencrypted - accept connections without encryption
#        psk         - accept connections secured with TLS and a pre-shared key
#        cert        - accept connections secured with TLS and a certificate
#
# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
# Default:
# TLSAccept=unencrypted

### Option: TLSCAFile
#    Full pathname of a file containing the top-level CA(s) certificates for
#    peer certificate verification.
#
# Mandatory: no
# Default:
# TLSCAFile=

### Option: TLSCRLFile
#    Full pathname of a file containing revoked certificates.
#
# Mandatory: no
# Default:
# TLSCRLFile=

### Option: TLSServerCertIssuer
#        Allowed server certificate issuer.
#
# Mandatory: no
# Default:
# TLSServerCertIssuer=

### Option: TLSServerCertSubject
#        Allowed server certificate subject.
#
# Mandatory: no
# Default:
# TLSServerCertSubject=

### Option: TLSCertFile
#    Full pathname of a file containing the agent certificate or certificate chain.
#
# Mandatory: no
# Default:
# TLSCertFile=

### Option: TLSKeyFile
#    Full pathname of a file containing the agent private key.
#
# Mandatory: no
# Default:
# TLSKeyFile=

### Option: TLSPSKIdentity
#    Unique, case sensitive string used to identify the pre-shared key.
#
# Mandatory: no
# Default:
# TLSPSKIdentity=

### Option: TLSPSKFile
#    Full pathname of a file containing the pre-shared key.
#
# Mandatory: no
# Default:
# TLSPSKFile=

####### For advanced users - TLS ciphersuite selection criteria #######

### Option: TLSCipherCert13
#    Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.
#    Override the default ciphersuite selection criteria for certificate-based encryption.
#
# Mandatory: no
# Default:
# TLSCipherCert13=

### Option: TLSCipherCert
#    GnuTLS priority string or OpenSSL (TLS 1.2) cipher string.
#    Override the default ciphersuite selection criteria for certificate-based encryption.
#    Example for GnuTLS:
#        NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509
#    Example for OpenSSL:
#        EECDH+aRSA+AES128:RSA+aRSA+AES128
#
# Mandatory: no
# Default:
# TLSCipherCert=

### Option: TLSCipherPSK13
#    Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.
#    Override the default ciphersuite selection criteria for PSK-based encryption.
#    Example:
#        TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
#
# Mandatory: no
# Default:
# TLSCipherPSK13=

### Option: TLSCipherPSK
#    GnuTLS priority string or OpenSSL (TLS 1.2) cipher string.
#    Override the default ciphersuite selection criteria for PSK-based encryption.
#    Example for GnuTLS:
#        NONE:+VERS-TLS1.2:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL
#    Example for OpenSSL:
#        kECDHEPSK+AES128:kPSK+AES128
#
# Mandatory: no
# Default:
# TLSCipherPSK=

### Option: TLSCipherAll13
#    Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.
#    Override the default ciphersuite selection criteria for certificate- and PSK-based encryption.
#    Example:
#        TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
#
# Mandatory: no
# Default:
# TLSCipherAll13=

### Option: TLSCipherAll
#    GnuTLS priority string or OpenSSL (TLS 1.2) cipher string.
#    Override the default ciphersuite selection criteria for certificate- and PSK-based encryption.
#    Example for GnuTLS:
#        NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509
#    Example for OpenSSL:
#        EECDH+aRSA+AES128:RSA+aRSA+AES128:kECDHEPSK+AES128:kPSK+AES128
#
# Mandatory: no
# Default:
# TLSCipherAll=
 
Last edited:
And this is the log :

Code:
 1835:20220401:220431.952 Starting Zabbix Agent [pve]. Zabbix 5.0.8 (revision d3c78f993a).
  1835:20220401:220431.952 **** Enabled features ****
  1835:20220401:220431.952 IPv6 support:          YES
  1835:20220401:220431.952 TLS support:           YES
  1835:20220401:220431.952 **************************
  1835:20220401:220431.952 using configuration file: /etc/zabbix/zabbix_agentd.conf
  1835:20220401:220431.953 agent #0 started [main process]
  1837:20220401:220431.953 agent #1 started [collector]
  1839:20220401:220431.954 agent #2 started [listener #1]
  1840:20220401:220431.954 agent #3 started [listener #2]
  1841:20220401:220431.954 agent #4 started [listener #3]
  1842:20220401:220431.955 agent #5 started [active checks #1]
  1842:20220401:220431.955 active check configuration update from [127.0.0.1:10051] started to fail (cannot connect to [[127.0.0.1]:10051]: [111] Connection refused)
  1835:20220401:221153.513 Got signal [signal:15(SIGTERM),sender_pid:1,sender_uid:0,reason:0]. Exiting ...
  1835:20220401:221153.517 Zabbix Agent stopped. Zabbix 5.0.8 (revision d3c78f993a).
   785:20220401:221217.933 Starting Zabbix Agent [pve]. Zabbix 5.0.8 (revision d3c78f993a).
   785:20220401:221217.933 **** Enabled features ****
   785:20220401:221217.933 IPv6 support:          YES
   785:20220401:221217.935 TLS support:           YES
   785:20220401:221217.935 **************************
   785:20220401:221217.935 using configuration file: /etc/zabbix/zabbix_agentd.conf
   785:20220401:221217.945 agent #0 started [main process]
   805:20220401:221217.945 agent #1 started [collector]
   806:20220401:221217.946 agent #2 started [listener #1]
   807:20220401:221217.946 agent #3 started [listener #2]
   809:20220401:221217.946 agent #5 started [active checks #1]
   809:20220401:221217.947 active check configuration update from [127.0.0.1:10051] started to fail (cannot connect to [[127.0.0.1]:10051]: [111] Connection refused)
   808:20220401:221217.948 agent #4 started [listener #3]
 
You only set the Passive server so the zabbix agent won't send data to your zabbix server but the zabbix server will poll data from the zabbix agent. For that to work you need to add your hosts (which run the zabbix-agents) to your zabbix server, add a template to that host that uses the passive zabbix agent ("zabbix agent active" templates won't work because you didn't set that up at your client) and make sure you use the same Hostname ("#Hostname=" in the agents config file) in both the zabbix server and zabbix client or the client won't accept the polling of the zabbix server.
 
Solved! :The problem was to incorrect template. I downloaded specific template for proxmox and seem ok. Thanks.
 
Last edited:

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!