Monitoring nf_conntrack in Zabbix

I fixed an error on one server once, read my article about it How to fix the error “nf_conntrack: table full, dropping package”
And there was an idea to control nf_conntrack in Zabbix.

View the current value and the maximum can be commands:

cat /proc/sys/net/netfilter/nf_conntrack_count
cat /proc/sys/net/netfilter/nf_conntrack_max
cat /sys/module/nf_conntrack/parameters/hashsize

Opened the configuration file Zabbix agent in a text editor:

nano /etc/zabbix/zabbix_agentd.conf

And he added a couple of lines at the end:

UserParameter=nf_conntrack_count,cat /proc/sys/net/netfilter/nf_conntrack_count
UserParameter=nf_conntrack_max,cat /proc/sys/net/netfilter/nf_conntrack_max
UserParameter=hashsize,cat /sys/module/nf_conntrack/parameters/hashsize

Restart the Zabbix agent to apply the changes:

sudo /etc/init.d/zabbix-agent restart

Now you can create a template on the Zabbix server (for example, with the name “TemplateName”), create the data elements in it: nf_conntrack_count and nf_conntrack_max.
Create a graph for the created data items.
You can create a trigger such as an expression (it will work when the current value of nf_conntrack exceeds 3100000):

{TemplateName:nf_conntrack_count.last(0)}>3100000

Apply the template to the desired nodes of the network.

Done.

Leave a comment

Leave a Reply

Discover more from IT Blog

Subscribe now to keep reading and get access to the full archive.

Continue reading