Monitoring Linux ISG in Zabbix

Today I wanted to monitor Linux ISG sessions in Zabbix.

By entering the command on one of the servers:

/opt/ISG/bin/ISG.pl show_count

Saw the following:

Approved sessions count: 2021
Unapproved sessions count: 2

The Zabbix agent on the server has already been installed, so it opened its configuration file (in the nano editor, the Ctrl+X keys for the exit, and y/n for saving or canceling the changes):

nano /etc/zabbix/zabbix_agentd.conf

Invented and added the following code:

UserParameter=isg.approved, /opt/ISG/bin/ISG.pl show_count | grep "Approved sessions count:" | awk '{print $4}'
UserParameter=isg.unapproved, /opt/ISG/bin/ISG.pl show_count | grep "Unapproved sessions count:" | awk '{print $4}'

We will allow Zabbix agent to work as root with the user specifying:

AllowRoot=1

Restart the Zabbix agent to apply the changes:

sudo /etc/init.d/zabbix-agent restart

On the Zabbix server, create an ISG template, add the data elements to it, specifying the type – Zabbix agent, and the keys: isg.approved, isg.unapproved.
Create graphics for the created data items.

Apply the template to the desired nodes of the network.

Done.

Monitoring Postfix in Zabbix

First, configure the Zabbix agent.

Create a file (in the nano editor, press Ctrl+X to exit, and y/n to save or discard changes):

nano /etc/zabbix/zabbix_agentd.d/userparameter_postfix.conf

Add to it:

UserParameter=postfix.maildrop, find /var/spool/postfix/maildrop -type f | wc -l
UserParameter=postfix.deferred, find /var/spool/postfix/deferred -type f | wc -l
UserParameter=postfix.incoming, find /var/spool/postfix/incoming -type f | wc -l
UserParameter=postfix.active, find /var/spool/postfix/active -type f | wc -l
UserParameter=postfix.queue, mailq | grep -v "Mail queue is empty" | grep -c '^[0-9A-Z]'

Alternatively, you can simply add the lines above to the Zabbix agent configuration file.

Also open the Zabbix agent configuration file:

nano /etc/zabbix/zabbix_agentd.conf

We will allow Zabbix agent to work as root with the user specifying:

AllowRoot=1

Restart the Zabbix agent to apply the changes:

sudo /etc/init.d/zabbix-agent restart

Now go to the Zabbix server.
Create a Postfix template, add data items to it, specifying the type – Zabbix agent, and the keys: postfix.maildrop, postfix.deferred, postfix.incoming, postfix.active, postfix.queue.
Create graphics for the created data items.

You can also create a data item that counts the number of Postfix processes by specifying the type – Zabbix agent, and the key:

proc.num[,postfix]

Also create a trigger that tells when processes 0.

Download the ready template here – Zabbix шаблон для Postfix

IPTables rules for MySQL

If iptables locks all incoming connections (INPUT DROP) and to add external access to MySQL, you need to add rules:

iptables -A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT

To access only a particular network, for example 10.0.0.0/24:

iptables -A INPUT -s 10.0.0.0/24 -p tcp -m tcp --dport 3306 -j ACCEPT

To remove a rule, we’ll specify the same command, replacing -A with -D, for example:

iptables -D INPUT -p tcp -m tcp --dport 3306 -j ACCEPT

To view the list of rules, use the command:

sudo iptables -nvL

I note that in order to open external access, you also need to comment out the line “bind-address = 127.0.0.1” in the my.cnf configuration file.

If by default INPUT ACCEPT, we first specify which IPs are allowed access, and only the last rule is blocked by all the others:

/sbin/iptables -A INPUT -s 127.0.0.1 -p tcp --destination-port 3306 -j ACCEPT
/sbin/iptables -A INPUT -s 192.168.1.5 -p tcp --destination-port 3306 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 3306 -j DROP

For example, using nmap, you can check locally and externally whether the access is filtered:

nmap -p 3306 localhost
nmap -p 3306 192.168.1.5

See also:
Configuring IPTables
Other my articles about MySQL

Diagnostics HDD using smartmontools

smartmontools – (S.M.A.R.T. Monitoring Tools) console utility for diagnosing the status of hard drives supporting S.M.A.R.T. technology.
smartmontools has two utilities, smartctl for monitoring S.M.A.R.T. and a smartd background process that automatically polls devices and records errors.

Installation in Linux Ubuntu/Debian:

sudo apt-get install smartmontools

Help about the utility:

smartctl -h

Examples:
Verification of the support of S.M.A.R.T. and SCT ERC:

smartctl -i -d sat /dev/sda
sudo smartctl -a /dev/sda  | grep SCT

Full information about HDD:

smartctl --all /dev/sda

HDD status evaluation:

smartctl -H /dev/sda

HDD error log:

smartctl -l error /dev/sda

Drive integrity test:

smartctl --test long /dev/sda

See also:
Description of SMART attributes
Linux disk test for errors and broken sectors

The solution to the error “md: kicking non-fresh sda1 from array”

There was once a case, one disk dropped out of the raid and when the server was loaded in the logs a message was displayed:

md: kicking non-fresh sda1 from array

Since the disk was not in the raid, the data on it was outdated.
First of all, we’ll check the disk for errors, for example, as I wrote in the article below, and try to determine why he was excluded from the raid.

In my case, the disk was completely working, so looking at the information about the raid:

cat /proc/mdstat
mdadm --detail /dev/md0

Returned it back to the raid:

mdadm /dev/md0 -a /dev/sda1

After some time, the data was synchronized to disk and the error did not appear any more.

See also:
Diagnostics HDD using smartmontools
mdadm – utility for managing software RAID arrays
How to fix the problem with mdadm disks