Posts tagged ‘配置’

CentOS7中,利用rsyslog搭建日志服务器(采集syslog日志),并使用loganalyzer实现日志图形化管理

Rsyslog是一个syslogd的多线程增强版,在syslog的基础上扩展了很多其他功能,如数据库支持(MySQL, PostgreSQL、Oracle等)、日志内容筛选、定义日志格式模板等。除了默认的udp协议外,rsyslog还支持tcp协议来接收日志。

交换机、路由器、防火墙、上网行为管理等设备都支持syslog日志标准输出,网络中如有日志审计设备,即可将日志输出至日志审计设备中,实现日志记录,等保中网内设备日志的记录也是最基本的要求。

若没有专用日志审计设备,可通过相关日志管理软件实现,本文将介绍通过Linux自带的Rsyslog来记录外部日志,并通过loganalyzer实现日志图形化管理。

一、在CentOS7(1804)中配置Rsyslog

1、安装 CentOS

在虚拟化平台中完成CentOS操作系统的安装,准备存放日志的/或/var目录空间相对配置大些,用于存放日志。

2、关闭防火墙

通过systemctl status firewalld.service命令查看防火墙正在运行,如下图:

[root@localhost ~]# systemctl status firewalld.service
鈼[0m firewalld.service – firewalld – dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2019-09-13 22:43:44 CST; 16h ago
     Docs: man:firewalld(1)
  Main PID: 802 (firewalld)
    Tasks: 2
   CGroup: /system.slice/firewalld.service
           鈹斺攢802 /usr/bin/python -Es /usr/sbin/firewalld –nofork –nopid

Sep 13 22:43:42 localhost.localdomain systemd[1]: Starting firewalld – dynami…
Sep 13 22:43:44 localhost.localdomain systemd[1]: Started firewalld – dynamic…
Hint: Some lines were ellipsized, use -l to show in full.
[root@localhost ~]#

rsyslog01

通过命令关闭防火墙,并禁用关机启用防火墙:

[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# systemctl status firewalld.service
鈼firewalld.service – firewalld – dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: inactive (dead) since Sat 2019-09-14 15:20:48 CST; 6s ago
     Docs: man:firewalld(1)
  Process: 802 ExecStart=/usr/sbin/firewalld –nofork –nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
  Main PID: 802 (code=exited, status=0/SUCCESS)

Sep 13 22:43:42 localhost.localdomain systemd[1]: Starting firewalld – dynamic firew….
Sep 13 22:43:44 localhost.localdomain systemd[1]: Started firewalld – dynamic firewa….
Sep 14 15:20:46 localhost.localdomain systemd[1]: Stopping firewalld – dynamic firew….
Sep 14 15:20:48 localhost.localdomain systemd[1]: Stopped firewalld – dynamic firewa….
Hint: Some lines were ellipsized, use -l to show in full.
[root@localhost ~]# systemctl disable firewalld.service
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]#

如上,通过systemctl stop firewalld.service关闭防火墙功能,通过systemctl disable firewalld.service关闭自启动模式。

3、关闭SELINUX

执行如下命令,将SELINUX关闭。

[root@localhost ~]# sed -i ‘s#SELINUX=enforcing#SELINUX=disabled#g’ /etc/selinux/config
[root@localhost ~]# more /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing – SELinux security policy is enforced.
#     permissive – SELinux prints warnings instead of enforcing.
#     disabled – No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
#     targeted – Targeted processes are protected,
#     minimum – Modification of targeted policy. Only selected processes are protected.
#     mls – Multi Level Security protection.
SELINUXTYPE=targeted

[root@localhost ~]# reboot

完成 后reboot重启服务器。

4、配置并启动Rsyslog

rsyslog一般是预先就安装于linux系统的发行版上的,使用如下命令检查下是否已安装Rsyslog:

[root@localhost ~]# rpm -qa | grep rsyslog
rsyslog-8.24.0-16.el7.x86_64
[root@localhost ~]# rsyslogd -v
rsyslogd 8.24.0, compiled with:
        PLATFORM:                               x86_64-redhat-linux-gnu
        PLATFORM (lsb_release -d):
        FEATURE_REGEXP:                         Yes
        GSSAPI Kerberos 5 support:              Yes
        FEATURE_DEBUG (debug build, slow code): No
         32bit Atomic operations supported:      Yes
        64bit Atomic operations supported:      Yes
        memory allocator:                       system default
        Runtime Instrumentation (slow code):    No
        uuid support:                           Yes
        Number of Bits in RainerScript integers: 64

See http://www.rsyslog.com for more information.
[root@localhost ~]#

如上显示默认已安装rsyslog。

rsyslog后台进程默认不能接受外部信息的,但可以通过配置它的配置文件/etc/rsyslog.conf来使之接受外部日志信息,使其变成一台日志管理服务器。使用vi命令配置/etc/rsyslog.conf文件:

[root@localhost ~]# vi /etc/rsyslog.conf

将四个#字符去除,原为:

# Provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514

# Provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514

去除后变为:

# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

# Provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514

并在最后添加如下内容(目前如下日志文件名称的写法是第天会生成一个log日志文件,若希望一直是一个日志文件,则可以将年月日变量去除,修改为syslog_%FROMHOST-IP%.log即可):

$template RemoteLogs,”/var/log/syslog/%HOSTNAME%/syslog_%$YEAR%-%$MONTH%-%$DAY%_%FROMHOST-IP%.log”
*.* ?RemoteLogs
& ~
fromhost-ip, !isequal, “127.0.0.1”
?Remote
& ~

完成后wq!保存退出。

重启rsyslog进程,并加入开机启动:

[root@localhost ~]# systemctl restart rsyslog
[root@localhost ~]# systemctl enable rsyslog
[root@localhost ~]#

然后查看rsyslog进程是否在运行,514端口是否在侦听:

[root@localhost ~]# systemctl status rsyslog
鈼[0m rsyslog.service – System Logging Service
    Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2019-09-14 21:57:02 CST; 16s ago
     Docs: man:rsyslogd(8)
           http://www.rsyslog.com/doc/
  Main PID: 5651 (rsyslogd)
   CGroup: /system.slice/rsyslog.service
           鈹斺攢5651 /usr/sbin/rsyslogd -n

Sep 14 21:57:02 localhost.localdomain rsyslogd[5651]: error during parsing file /etc…]
Sep 14 21:57:02 localhost.localdomain rsyslogd[5651]: action ‘isequal,’ treated as ‘…]
Sep 14 21:57:02 localhost.localdomain rsyslogd[5651]: error during parsing file /etc…]
Sep 14 21:57:02 localhost.localdomain rsyslogd[5651]: error during parsing file /etc…]
Sep 14 21:57:02 localhost.localdomain rsyslogd[5651]: action ‘127’ treated as ‘:omus…]
Sep 14 21:57:02 localhost.localdomain rsyslogd[5651]: error during parsing file /etc…]
Sep 14 21:57:02 localhost.localdomain rsyslogd[5651]:  Could not find template 1 ‘Re…]
Sep 14 21:57:02 localhost.localdomain rsyslogd[5651]: error during parsing file /etc…]
Sep 14 21:57:02 localhost.localdomain rsyslogd[5651]: warning: ~ action is deprecate…]
Sep 14 21:57:02 localhost.localdomain rsyslogd[5651]: error during config processing…]
Hint: Some lines were ellipsized, use -l to show in full.
[root@localhost ~]# netstat -antup | grep 514
tcp        0      0 0.0.0.0:514             0.0.0.0:*               LISTEN      5651/rsyslogd      
tcp6       0      0 :::514                  :::*                    LISTEN      5651/rsyslogd      
udp        0      0 0.0.0.0:514             0.0.0.0:*                           5651/rsyslogd      
udp6       0      0 :::514                  :::*                                5651/rsyslogd      
[root@localhost ~]#

至此rsyslog配置结束,接着配置一台华为5720交换机,配置成将syslog日志传输至本服务器上(192.168.10.209):

[center-s5700]info-center enable
[center-s5700]info-center loghost 192.168.10.209

完成后进入日志服务器的/var/log/syslog目录,生成了一个center-5700的文件夹,进入后,有一个syslog_2019-09-14_192.168.10.253.log日志文件,如下:

rsyslog02

[root@localhost xxx-center-s5700]# cd ..
[root@localhost syslog]# ls
xxx-center-s5700  localhost
[root@localhost syslog]#
[root@localhost syslog]# cd xxx-center-s5700/
[root@localhost xxx-center-s5700]# ls
syslog_2019-09-14_192.168.10.253.log
[root@localhost xxx-center-s5700]# ^C
[root@localhost xxx-center-s5700]#

如上,说明日志文件已经生成,使用more syslog_2019-09-14_192.168.10.253.log查看日志内容

[root@localhost xxx-center-s5700]# more syslog_2019-09-14_192.168.10.253.log
Nov  6 03:17:11 xxx-center-s5700 %%01SHELL/5/CMDRECORD(s)[0]: Recorded command infor
mation. (Task=VT0, Ip=192.168.10.66, VpnName=, User=**, AuthenticationMethod=”Password”,
  Command=”info-center loghost 192.168.10.209″)
Nov  6 03:17:12 xxx-center-s5700 DS/4/DATASYNC_CFGCHANGE: OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 1, the change loo
p count is 0, and the maximum number of records is 4095.
Nov  6 03:17:55 xxx-center-s5700 %%01SHELL/5/CMDRECORD(s)[1]: Recorded command infor
mation. (Task=VT0, Ip=192.168.10.66, VpnName=, User=**, AuthenticationMethod=”Password”,
  Command=”quit”)
Nov  6 03:17:56 xxx-center-s5700 %%01SHELL/5/CMDRECORD(s)[2]: Recorded command infor
mation. (Task=VT0, Ip=192.168.10.66, VpnName=, User=**, AuthenticationMethod=”Password”,
  Command=”quit”)
Nov  6 03:17:56 xxx-center-s5700 %%01SHELL/5/LOGOUT(s)[3]: The user succeeded in log
ging out of VTY0. (UserType=Telnet, UserName=, Ip=192.168.10.66, VpnName=)
Nov  6 03:17:56 xxx-center-s5700 %%01SHELL/5/CMDRECORD(s)[4]: Recorded command infor
mation. (Task=VT0, Ip=**, VpnName=, User=**, AuthenticationMethod=”Null”, Command=”undo
debugging all”)
Nov  6 03:18:03 xxx-center-s5700 %%01SHELL/5/LOGIN(s)[5]: The user succeeded in logg
ing in to VTY0. (UserType=Telnet, UserName=, AuthenticationMethod=”Password”, Ip=192.168
.10.66, VpnName=)
Nov  6 03:18:04 xxx-center-s5700 %%01SHELL/5/CMDRECORD(s)[6]: Recorded command infor
mation. (Task=VT0, Ip=192.168.10.66, VpnName=, User=**, AuthenticationMethod=”Password”,
  Command=”system-view”)

说明5700交换机日志可以传输至日志服务器上,至此rsyslog配置完成。

但目前只能通过文件的方式来查看日志的内容,不能直观的查看,故下面将介绍结合使用loganalyzer来实现图形化的管理。

二、安装及配置loganalyzer

loganalyzer是一款日志分析工具,配合rsyslog使用,rsyslog用于搜集日志,loganalyzer根据rsyslog搜集到的数据进行分析与图形化展示,并能生成相应报表等功能。

1、安装mariadb(mysql)、httpd(apache)、php

利用yum安装LAMP运行环境,包括mysql、php、httpd等,如下:

[root@localhost /]# yum -y install httpd mariadb-server mariadb php php-mysql mysql-devel
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
  * base: mirrors.163.com
  * extras: mirrors.huaweicloud.com
  * updates: mirrors.163.com
base                                                             | 3.6 kB  00:00:00    
extras                                                           | 3.4 kB  00:00:00    
updates                                                          | 3.4 kB  00:00:00  

…………………………………..

Installed:
  httpd.x86_64 0:2.4.6-89.el7.centos.1          mariadb.x86_64 1:5.5.60-1.el7_5       
  mariadb-devel.x86_64 1:5.5.60-1.el7_5         php.x86_64 0:5.4.16-46.el7            
  php-mysql.x86_64 0:5.4.16-46.el7            

Dependency Installed:
  apr.x86_64 0:1.4.8-3.el7_4.1                apr-util.x86_64 0:1.5.2-6.el7           
  httpd-tools.x86_64 0:2.4.6-89.el7.centos.1  keyutils-libs-devel.x86_64 0:1.5.8-3.el7
  krb5-devel.x86_64 0:1.15.1-37.el7_6         libcom_err-devel.x86_64 0:1.42.9-13.el7 
  libkadm5.x86_64 0:1.15.1-37.el7_6           libselinux-devel.x86_64 0:2.5-14.1.el7  
  libsepol-devel.x86_64 0:2.5-10.el7          libverto-devel.x86_64 0:0.2.5-4.el7     
  libzip.x86_64 0:0.10.1-8.el7                mailcap.noarch 0:2.1.41-2.el7           
  openssl-devel.x86_64 1:1.0.2k-16.el7_6.1    pcre-devel.x86_64 0:8.32-17.el7         
  php-cli.x86_64 0:5.4.16-46.el7              php-common.x86_64 0:5.4.16-46.el7       
  php-pdo.x86_64 0:5.4.16-46.el7              zlib-devel.x86_64 0:1.2.7-18.el7        

Dependency Updated:
  e2fsprogs.x86_64 0:1.42.9-13.el7           e2fsprogs-libs.x86_64 0:1.42.9-13.el7     
  krb5-libs.x86_64 0:1.15.1-37.el7_6         libcom_err.x86_64 0:1.42.9-13.el7         
  libselinux.x86_64 0:2.5-14.1.el7           libselinux-python.x86_64 0:2.5-14.1.el7   
  libselinux-utils.x86_64 0:2.5-14.1.el7     libsepol.x86_64 0:2.5-10.el7              
  libss.x86_64 0:1.42.9-13.el7               mariadb-libs.x86_64 1:5.5.60-1.el7_5      
  openssl.x86_64 1:1.0.2k-16.el7_6.1         openssl-libs.x86_64 1:1.0.2k-16.el7_6.1   
  zlib.x86_64 0:1.2.7-18.el7               

Complete!
[root@localhost /]#

如下,完成安装。启动apache和mysql:

[root@localhost ~]# systemctl start httpd
[root@localhost ~]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@localhost ~]# systemctl start mariadb.service
[root@localhost ~]# systemctl enable mariadb.service
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
[root@localhost ~]#

使用如下命令查看服务是否启动:

[root@localhost rsyslog-8.24.0]# ss -naplt | grep httpd
LISTEN     0      128         :::80                      :::*                   users:((“httpd”,pid=12789,fd=4),(“httpd”,pid=12788,fd=4),(“httpd”,pid=12787,fd=4),(“httpd”,pid=2433,fd=4),(“httpd”,pid=2432,fd=4),(“httpd”,pid=2431,fd=4),(“httpd”,pid=2430,fd=4),(“httpd”,pid=2429,fd=4),(“httpd”,pid=2426,fd=4))
[root@localhost rsyslog-8.24.0]# ss -naplt | grep mysqld
LISTEN     0      50           *:3306                     *:*                   users:((“mysqld”,pid=12580,fd=13))
[root@localhost rsyslog-8.24.0]#

2、测试PHP

进入html目录,新建index.php文件,如下

[root@localhost www]# cd html     
[root@localhost html]# vi index.php

      在index.php文件中写入如下内容:

<?php
    phpinfo()
?>

      保存退出。
浏览器打开服务器地址http://192.168.10.209,出现如下界面,PHP则运行正常。

rsyslog03

3、安装rsyslog连接数据库模块插件,并导入rsyslog自带的sql脚本

安装rsyslog日志软件连接mysql插件:

[root@localhost ~]# yum -y install rsyslog-mysql

完成安装后,开始导入脚本,首先设置mariadb的root帐号密码,密码为syslog123,如下:

[root@localhost rsyslog-8.24.0]# mysqladmin -u root password syslog123
[root@localhost rsyslog-8.24.0]#

然后进入/usr/share/doc/rsyslog-8.24.0目录,执行mysql-createDB.sql脚本,如下:

[root@localhost rsyslog-8.24.0]#
[root@localhost rsyslog-8.24.0]# pwd
/usr/share/doc/rsyslog-8.24.0
[root@localhost rsyslog-8.24.0]# ls
AUTHORS  ChangeLog  COPYING  COPYING.ASL20  COPYING.LESSER  mysql-createDB.sql
[root@localhost rsyslog-8.24.0]# mysql -u root -p < mysql-createDB.sql
Enter password:
[root@localhost rsyslog-8.24.0]#
[root@localhost rsyslog-8.24.0]#
[root@localhost rsyslog-8.24.0]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 8
Server version: 5.5.60-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.

MariaDB [(none)]> show databases;
+——————–+
| Database           |
+——————–+
| information_schema |
| Syslog             |
| mysql              |
| performance_schema |
| test               |
+——————–+
5 rows in set (0.00 sec)

MariaDB [(none)]> use syslog;
ERROR 1049 (42000): Unknown database ‘syslog’
MariaDB [(none)]> use Syslog;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
MariaDB [Syslog]> show tables;
+————————+
| Tables_in_Syslog       |
+————————+
| SystemEvents           |
| SystemEventsProperties |
+————————+
2 rows in set (0.00 sec)

MariaDB [Syslog]>

如上所示,导入后没有错误产生,查询有SystemEvents、SystemEventsProperties两张表,说明导入脚本成功。

4、创建数据库用户,并使支持rsyslog-mysql模块

库和表已经创建完成,开始创建一个数据库用户,能够写入syslog数据表中,进行如下操作:

MariaDB [Syslog]> grant all on Syslog.* to rsyslog@’localhost’ identified by ‘syslog123’;
Query OK, 0 rows affected (0.01 sec)

MariaDB [Syslog]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

MariaDB [Syslog]> exit
Bye
[root@localhost rsyslog-8.24.0]#

完成后,开始配置rsyslog.conf配置文件,使支持rsyslog-mysql模块:

[root@localhost rsyslog-8.24.0]# vi /etc/rsyslog.conf

将#$ModLoad immark  # provides –MARK– message capability语句的#号去除,并添加如下内容:

$Modload ommysql
*.* :ommysql:localhost,Syslog,rsyslog,syslog123

最终变成:

# rsyslog configuration file

# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html
# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html

#### MODULES ####

# The imjournal module bellow is now used as a message source instead of imuxsock.
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imjournal # provides access to the systemd journal
#$ModLoad imklog # reads kernel messages (the same are read from journald)
$ModLoad immark  # provides –MARK– message capability

# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

# Provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514

$Modload ommysql
*.* :ommysql:localhost,Syslog,rsyslog,syslog123

#### GLOBAL DIRECTIVES ####

rsyslog04

完成修改后,wq!保存退出,并重启rsyslog进程:

[root@localhost rsyslog-8.24.0]# systemctl restart rsyslog.service

5、安装并配置loganalyzer

从官网下载安装包,解压并复制至 /var/www/html目录下:

[root@localhost home]# wget http://download.adiscon.com/loganalyzer/loganalyzer-4.1.7.tar.gz
[root@localhost home]# tar -zxvf loganalyzer-4.1.7.tar.gz
[root@localhost home]# ls
aa  loganalyzer-4.1.7  loganalyzer-4.1.7.tar.gz
[root@localhost home]# cd loganalyzer-4.1.7/
[root@localhost loganalyzer-4.1.7]# ls
ChangeLog  contrib  COPYING  doc  INSTALL  src
[root@localhost loganalyzer-4.1.7]# cd src
[root@localhost src]# ls
admin               convert.php  favicon.ico  js                   search.php
asktheoracle.php    cron         images       lang                 statistics.php
BitstreamVeraFonts  css          include      login.php            templates
chartgenerator.php  details.php  index.php    reportgenerator.php  themes
classes             export.php   install.php  reports.php          userchange.php
[root@localhost src]# cd ..
[root@localhost loganalyzer-4.1.7]# ls
ChangeLog  contrib  COPYING  doc  INSTALL  src
[root@localhost loganalyzer-4.1.7]# cp -a ./src/* /var/www/html/
cp: overwrite 鈥var/www/html/index.php鈥 y
[root@localhost loganalyzer-4.1.7]# cp -a ./contrib/* /var/www/html/
[root@localhost loganalyzer-4.1.7]#
[root@localhost loganalyzer-4.1.7]#

完成后,打开浏览器,输入http://192.168.10.209,点击HERE开始安装:

rsyslog05

点击next开始下一步

rsyslog06

提供config.sh文件不存在,权限错误,如下图

rsyslog07

运行软件根目录下的configure.sh,如下:

[root@localhost loganalyzer-4.1.7]# cd /var/www/html/
[root@localhost html]# ls
admin               convert.php  images       login.php            templates
asktheoracle.php    cron         include      reportgenerator.php  themes
BitstreamVeraFonts  css          index.php    reports.php          userchange.php
chartgenerator.php  details.php  install.php  search.php
classes             export.php   js           secure.sh
configure.sh        favicon.ico  lang         statistics.php
[root@localhost html]# sh configure.sh
[root@localhost html]#

完成后,点击上图中的ReCheck按扭,错误清除,如下图,继续next进行下一步

rsyslog08

配置数据库,选择YES,数据库名称Syslog,用户名rsyslog,密码是刚才创建用户时的密码,如下图

rsyslog09

创建表

rsyslog10

检查SQL语句

rsyslog11

创建管理员用户

rsyslog12

通过如下创建一个测试日志文件:

[root@localhost log]# echo 1 > /var/log/syslogtest

syslog file中输入syslogtest,如下图:

rsyslog13

完成安装。

rsyslog14

在刚才的syslogtest中添加一些字符,首页即会产生相应显示,则说明loganalyzer运行正常。

rsyslog15

6、在loganalyzer中添加数据源

综上已经完成了loganalyzer的安装工作,下面开始添加数据源,之前在安装rsyslog时已经添加了两台交换机的日志,并已经在/var/log/syslog目录生成了相应的日志文件,如下图所示:

rsyslog16

点击首页的Login按扭,输入刚才创建的admin用户

rsyslog17

选择Admin Center,如下

rsyslog18

选择Sources,数据源,如下

rsyslog19

选择Add new Sources,添加新的数据源,如下

rsyslog20

如下图,完成日志添加的相应信息

rsyslog21

若出现不能添加的问题,如下

rsyslog22

则需要修改/var/log下相关日志文件的权限,设置为777,如下:

[root@localhost log]# chmod -R 777 syslog

完成后,列表中会增加一个huawei5720的条目,如下

rsyslog23

返回首页,右上角Select Source中选择刚才创建的huawei-5720数据源条目

rsyslog24

刷新后,即能看到5720交换机的相关日志信息,如下图。

rsyslog25

到此,rsyslog和LogAnalyzer安装结束,第一次使用和安装,文中难免有逻辑等错误,仅供参考。

参考文章:

1、https://www.linuxidc.com/Linux/2017-10/147693.htm

2、https://www.cnblogs.com/lsdb/articles/8072115.html

3、https://blog.csdn.net/xdnabl/article/details/51120873

4、https://www.cnblogs.com/zhaodahai/p/6824523.html

5、https://loganalyzer.adiscon.com/doc/install.html

6、https://blog.csdn.net/xdnabl/article/details/51120873

7、https://www.jianshu.com/p/0f6cb74a7280

在vSphere中手工降低虚拟机的版本(兼容性)

在高版本ESXi上运行的虚拟机vMotion至低版本的ESXi上时会出错,提示不兼容,需要降版本。

目前Esxi6.7的版本为14,Esxi6.5的虚拟机版本为13,如下图,需要手工将虚拟机版本号更改为13。

vmware14_01

打开存储的“数据存储浏览”,如下图

vmware14_03

找到需要降版本的虚拟机文件夹,这里为win2012R,如下图,选中win2012R2.vmx文件,点击下载至本地

vmware14_02

用记事本打开下载的文件,将virtualHW.version = “14”修改为virtualHW.version = “13”,如下图

vmware14_04

完成修改后再上载至原目录,覆盖原文件

vmware14_05

再次启动虚拟机,查看兼容性信息,版本已经修改为13

vmware14_06

现次vMotion,已经没有提示不兼容信息,成功迁移虚拟机。

Zabbix 4.0.2试用(九):在Linux主机中安装zabbix agent并添加该主机(RPM安装,适用于内网无互联网环境)

之前介绍的是用yum源方式安装,前提是主机需要与互联网相通,但有些需监控的客户机可能没有互联网,只有内网环境,就需要使用RPM安装方法,操作如下:

1、关闭防火墙和SELINUX

使用root用户登陆系统:

首先查看防火墙状态

[root@zabbix ~]# firewall-cmd –state
running
[root@zabbix ~]#

关闭firewall,并禁止防火墙开机启动,命令如下:

[root@zabbix ~]# systemctl stop firewalld.service
[root@zabbix ~]# systemctl disable firewalld.service

再次查看,防火墙已不在运行:

[root@zabbix ~]# firewall-cmd –state

安装之前还需将SELINUX关闭,运行如下命令编辑SELINUX配置文件:

[root@zabbix ~]# vi /etc/selinux/config

并将SELINUX=enforcing改成SELINUX=disable,如下:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing – SELinux security policy is enforced.
#     permissive – SELinux prints warnings instead of enforcing.
#     disabled – No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
#     targeted – Targeted processes are protected,
#     minimum – Modification of targeted policy. Only selected processes are protected.
#     mls – Multi Level Security protection.
SELINUXTYPE=targeted

修改完成后,重启机器,运行如下命令查看是否 SELINUX已关闭:

[root@zabbix ~]# getenforce

退回disable即为已关闭。

2、安装Zabbix Agent

由于此centos客户端没有互联网环境,故不能使用YUM等方式安装,将采用RPM安装包进行安装。

首先进入http://repo.zabbix.com,下载http://repo.zabbix.com/zabbix-official-repo.keyhttp://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-agent-4.0.1-1.el7.x86_64.rpm两个文件,然后开始安装:

首先导入repo:

[root@zabbixclient tmp]# rpm –import zabbix-official-repo.key

agentnew001

完成后,开始安装zabbix agent:

[root@zabbixclient tmp]# rpm -ivh zabbix-agent-4.0.1-1.el7.x86_64.rpm
warning: zabbix-agent-4.0.1-1.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID a14fe591: NOKEY
Preparing…                          ################################# [100%]
Updating / installing…
   1:zabbix-agent-4.0.1-1.el7         ################################# [100%]
[root@zabbixclient tmp]#

agentnew002

3、配置Zabbix Agent配置文件zabbix_agentd.conf

使用vi编辑器编辑配置文件,进入/etc/zabbix/目录,使用vi编辑器打开zabbix_agentd.conf

[root@zabbixclient tmp]# cd /etc/zabbix/
[root@zabbixclient zabbix]# ls
zabbix_agentd.conf  zabbix_agentd.d
[root@zabbixclient zabbix]# vi zabbix_agentd.conf

主要完成以下几项的修改:

EnableRemoteCommands=1       //来至zabbix服务器的远程命令是否允许被执行
Server=192.168.10.208             //zabbix server地址,用于被动模式,数据获取
ServerActive=192.168.10.208    //主动发送的zabbix server地址主动发送的zabbix server地址,用于主动模式,数据提交
Hostname=zabbix                     //和创建主机时的hostname一致
UnsafeUserParameters=1           //启用自定义key,zabbix监控mysql、tomcat等数据时需要自定义key

完成后保存退出。

3、启动Zabbix Agent服务

配置文件修改完成后,开始启动Agent程序,service zabbix-agent status用来查看启动状态,service zabbix-agent start用来启动服务,具体如下:

[root@zabbixclient zabbix]# service zabbix-agent status
Redirecting to /bin/systemctl status zabbix-agent.service
鈼zabbix-agent.service – Zabbix Agent
   Loaded: loaded (/usr/lib/systemd/system/zabbix-agent.service; disabled; vendor preset: disabled)
   Active: inactive (dead)
[root@zabbixclient zabbix]# service zabbix-agent start
Redirecting to /bin/systemctl start zabbix-agent.service
[root@zabbixclient zabbix]# service zabbix-agent status
Redirecting to /bin/systemctl status zabbix-agent.service
鈼[0m zabbix-agent.service – Zabbix Agent
   Loaded: loaded (/usr/lib/systemd/system/zabbix-agent.service; disabled; vendor preset: disabled)
   Active: active (running) since Sun 2019-03-24 19:58:25 CST; 6s ago
  Process: 20179 ExecStart=/usr/sbin/zabbix_agentd -c $CONFFILE (code=exited, status=0/SUCCESS)
  Main PID: 20182 (zabbix_agentd)
    Tasks: 6
   CGroup: /system.slice/zabbix-agent.service
            鈹溾攢20182 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf
           鈹溾攢20184 /usr/sbin/zabbix_agentd: collector [idle 1 sec]
           鈹溾攢20185 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection]
           鈹溾攢20186 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection]
            鈹溾攢20187 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection]
           鈹斺攢20188 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec]

Mar 24 19:58:25 zabbixclient systemd[1]: Starting Zabbix Agent…
Mar 24 19:58:25 zabbixclient systemd[1]: Started Zabbix Agent.
[root@zabbixclient zabbix]#

agentnew003

4、开机自启动Zabbix Agent服务

通过chkconfig zabbix-agent on命令来实现开机自动启动:

[root@zabbixclient zabbix]# chkconfig zabbix-agent on
Note: Forwarding request to ‘systemctl enable zabbix-agent.service’.
Created symlink from /etc/systemd/system/multi-user.target.wants/zabbix-agent.service to /usr/lib/systemd/system/zabbix-agent.service.
[root@zabbixclient zabbix]#

5、将主机添加至zabbix server平台

打开zabbix server主界面,选择“配置‘->”主机“,点击右上角的”创建“按扭,创建一台主机,如下图

agentinstall06

输入主机名称,群组选择系统默认的Server hardware,agent代理接口IP设置刚才安装agent的主机192.168.10.209,端口默认10050,如下图:

agentinstall07

再选择”模板“选项栏,链接指示器里选择”Template OS Linux“,点击添加,最后点击蓝底添加按扭,完成添加。

agentinstall08

完成后可以看到列表中已经有刚才不回的主机,过几分钟后,可用性一栏中的ZBX变绿即表示监控正常。

agentinstall09

Zabbix 4.0.2试用(八):在Windows2008R2和2012主机中安装zabbix agent并添加该主机

之前介绍了通过两种不同的安装方式来安装zabbix agent,以使服务器能被监控到,本次介绍在Windows下安装agent,以使能被监控,步骤如下:

1、关闭防火墙

若被监控的Windows主机启用了防火墙,需关闭防火墙,或者在防火中开放TCP和UDP的10050端口。

2、下载agent for windows软件

进入Zabbix Agents下载页面,选择Windows amd64架构的版本,如下:

zabbixwindows01

3、安装agent for windows软件(Windows 2008R2)

下载后,将安装包上心至被监控主机中,然后在C盘目录下新建文件夹zabbix_agent,再将安装包中的zabbix_agentd.exe和zabbix_agentd.win.conf文件复制到c:\zabbix_agent文件夹中,如下图

zabbixwindows02

开始编辑配置文件zabbix_agentd.win.conf,右键选择打开,选择使用记事本打开

zabbixwindows03

主要完成以下几项的修改:

EnableRemoteCommands=1          //来至zabbix服务器的远程命令是否允许被执行
Server=192.168.10.208                //zabbix server地址,用于被动模式,数据获取
ServerActive=192.168.10.208       //主动发送的zabbix server地址,用于主动模式,数据提交
Hostname=WIN-9UI6G0K748R      //和创建主机时的hostname一致
UnsafeUserParameters=1             //启用自定义key,zabbix监控mysql、tomcat等数据时需要自定义key

完成后保存退出。

开始安装,在命令行界面中以服务的形式安装 Zabbix Windows agent,如下:

c:\zabbix_agent>c:\zabbix_agent\zabbix_agentd.exe -c c:\zabbix_agent\zabbix_agentd.win.conf -i
zabbix_agentd.exe [4532]: service [Zabbix Agent] installed successfully
zabbix_agentd.exe [4532]: event source [Zabbix Agent] installed successfully

c:\zabbix_agent>

zabbixwindows04

进入WINDOWS服务界面,对Zabbix Agent进行编辑,点击“启动”按扭,启动类型为“自动”,如下图。

zabbixwindows05

4、安装agent for windows软件(Windows 2012)

WINDOWS 2012和2008R2的安装方法基本相同,先关闭防火墙或在防火中上打开TCP和R 10050端口,然后先将安装包中的zabbix_agentd.exe和zabbix_agentd.win.conf文件复制到c:\zabbix_agent文件夹中,如下图:

zabbixwindows08

开始编辑配置文件zabbix_agentd.win.conf,右键选择打开,选择使用记事本打开,主要完成以下几项的修改:

EnableRemoteCommands=1          //来至zabbix服务器的远程命令是否允许被执行
Server=192.168.10.208                //zabbix server地址,用于被动模式,数据获取
ServerActive=192.168.10.208       //主动发送的zabbix server地址,用于主动模式,数据提交
Hostname=WIN-9UI6G0K748R      //和创建主机时的hostname一致
UnsafeUserParameters=1             //启用自定义key,zabbix监控mysql、tomcat等数据时需要自定义key

完成后保存退出。

开始安装,在命令行界面中以服务的形式安装 Zabbix Windows agent,如下:

Microsoft Windows [版本 6.3.9600]
(c) 2013 Microsoft Corporation。保留所有权利。

C:\Users\Administrator>c:\zabbix_agent\zabbix_agentd.exe -c c:\zabbix_agent\zabbix_agentd.win.conf -i
zabbix_agentd.exe [3756]: service [Zabbix Agent] installed successfully
zabbix_agentd.exe [3756]: event source [Zabbix Agent] installed successfully

C:\Users\Administrator>

zabbixwindows09

安装、卸载、启动等参数说明:

c:\zabbix_agent\zabbix_agentd.exe -c c:\zabbix_agent\zabbix_agentd.win.conf -i
c:\zabbix_agent\zabbix_agentd.exe -c c:\zabbix_agent\zabbix_agentd.win.conf -s
c:\zabbix_agent\zabbix_agentd.exe -c c:\zabbix_agent\zabbix_agentd.win.conf -x
c:\zabbix_agent\zabbix_agentd.exe -c c:\zabbix_agent\zabbix_agentd.win.conf -d

-c:指定配置文件所有位置
-i:安装客户端
-s:启动客户端
-x:停止客户端
-d:卸载客户端

开始启动服务,和WIN2008R2一样,打开2012的服务窗口,在最后找到Zabbix Agent的服务名称,右键属性,启动类型选择“自动”,并点击“启动”按扭,如下:

zabbixwindows10

5、将主机添加至zabbix server平台

首先添加WIN2008R2的主机,打开zabbix server主界面,选择“配置‘->”主机“,点击右上角的”创建“按扭,创建一台主机,如下图

agentinstall06

输入主机名称和可见的名称,群组选择系统默认的Server hardware,agent代理接口IP设置刚才安装agent的主机192.168.10.210,端口默认10050,如下图:

zabbixwindows06

再选择”模板“选项栏,链接指示器里选择”Template OS Windows“,点击添加,最后点击蓝底添加按扭,完成添加。

zabbixwindows07

WIN2012的主机添加方法与2008R2的相同,添加后,等待5分钟左右,即可看到可用性一栏中的ZBX已经变绿,证明监控平台已经监控到两台WINDOWS主机,如下图。

zabbixwindows11

参考文章:https://www.zabbix.com/documentation/4.0/zh/manual/concepts/agent

Zabbix 4.0.2试用(七):在Linux主机中安装zabbix agent并添加该主机(yum源安装)

之前介绍的是下载源安装包,编译安装的方式来安装agent,本次将采用yum源方式安装,前提是主机需要与互联网相通,操作如下:

1、关闭防火墙和SELINUX

使用root用户登陆系统:

首先查看防火墙状态

[root@zabbix ~]# firewall-cmd –state
running
[root@zabbix ~]#

关闭firewall,并禁止防火墙开机启动,命令如下:

[root@zabbix ~]# systemctl stop firewalld.service
[root@zabbix ~]# systemctl disable firewalld.service

再次查看,防火墙已不在运行:

[root@zabbix ~]# firewall-cmd –state

安装之前还需将SELINUX关闭,运行如下命令编辑SELINUX配置文件:

[root@zabbix ~]# vi /etc/selinux/config

并将SELINUX=enforcing改成SELINUX=disable,如下:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing – SELinux security policy is enforced.
#     permissive – SELinux prints warnings instead of enforcing.
#     disabled – No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
#     targeted – Targeted processes are protected,
#     minimum – Modification of targeted policy. Only selected processes are protected.
#     mls – Multi Level Security protection.
SELINUXTYPE=targeted

修改完成后,重启机器,运行如下命令查看是否 SELINUX已关闭:

[root@zabbix ~]# getenforce

退回disable即为已关闭。

2、安装Zabbix Agent

首先需添加对应的yum repository:

进入zabbix官网文档,选择产品手册->安装->从二进制包安装->1 Red Hat Enterprise,

zabbixinstallx21

zabbixagentyum01

开始安装agent:

[root@localhost ~]# yum install zabbix-agent
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
  * base: centos.ustc.edu.cn
  * extras: centos.ustc.edu.cn
  * updates: mirrors.shu.edu.cn
base                                                                        | 3.6 kB  00:00:00    
extras                                                                      | 3.4 kB  00:00:00    
updates                                                                     | 3.4 kB  00:00:00    
zabbix                                                                      | 2.9 kB  00:00:00    
zabbix-non-supported                                                        |  951 B  00:00:00    
updates/7/x86_64/primary_db    FAILED                                         
http://mirrors.shu.edu.cn/centos/7.6.1810/updates/x86_64/repodata/384ed51dad1c96d9f80866dedacb6fd008516393c597a3da83afd33281356e1b-primary.sqlite.bz2: [Errno 14] curl#7 – “Failed connect to mirrors.shu.edu.cn:80; Connection refused”
Trying other mirror.
(1/5): extras/7/x86_64/primary_db                                           | 156 kB  00:00:00    
(2/5): base/7/x86_64/group_gz                                               | 166 kB  00:00:00    
(3/5): zabbix/x86_64/primary_db                                             |  26 kB  00:00:00    
(4/5): updates/7/x86_64/primary_db                                          | 1.3 MB  00:00:04    
(5/5): base/7/x86_64/primary_db                                             | 6.0 MB  00:00:10    
zabbix-non-supported/x86_64/primary                                         | 1.6 kB  00:00:00    
zabbix-non-supported                                                                           4/4
Resolving Dependencies
–> Running transaction check
—> Package zabbix-agent.x86_64 0:4.0.2-1.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================
  Package                   Arch                Version                   Repository           Size
===================================================================================================
Installing:
  zabbix-agent              x86_64              4.0.2-1.el7               zabbix              384 k

Transaction Summary
===================================================================================================
Install  1 Package

Total download size: 384 k
Installed size: 1.5 M
Is this ok [y/d/N]: y
Downloading packages:
warning: /var/cache/yum/x86_64/7/zabbix/packages/zabbix-agent-4.0.2-1.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID a14fe591: NOKEY
Public key for zabbix-agent-4.0.2-1.el7.x86_64.rpm is not installed
zabbix-agent-4.0.2-1.el7.x86_64.rpm                                         | 384 kB  00:00:01    
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591
Importing GPG key 0xA14FE591:
  Userid     : “Zabbix LLC <packager@zabbix.com>”
  Fingerprint: a184 8f53 52d0 22b9 471d 83d0 082a b56b a14f e591
  Package    : zabbix-release-4.0-1.el7.noarch (installed)
  From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591
Is this ok [y/N]: y
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Warning: RPMDB altered outside of yum.
  Installing : zabbix-agent-4.0.2-1.el7.x86_64                                                 1/1
  Verifying  : zabbix-agent-4.0.2-1.el7.x86_64                                                 1/1

Installed:
  zabbix-agent.x86_64 0:4.0.2-1.el7                                                              

Complete!
[root@localhost ~]#

3、配置Zabbix Agent

完成安装后,开始配置zabbix_agentd.conf配置文件:

[root@localhost ~]# vi /etc/zabbix/zabbix_agentd.conf

主要完成以下几项的修改:

EnableRemoteCommands=1       //来至zabbix服务器的远程命令是否允许被执行
Server=192.168.10.208             //zabbix server地址,用于被动模式,数据获取
ServerActive=192.168.10.208    //主动发送的zabbix server地址,用于主动模式,数据提交
Hostname=localhost                  //和创建主机时的hostname一致
UnsafeUserParameters=1           //启用自定义key,zabbix监控mysql、tomcat等数据时需要自定义key

完成后保存退出。

4、启动Zabbix Agent

配置文件修改后,开始启动服务:

启动服务:

[root@localhost ~]# systemctl start zabbix-agent.service

添加开机启动功能:

[root@localhost ~]# systemctl enable zabbix-agent.service
Created symlink from /etc/systemd/system/multi-user.target.wants/zabbix-agent.service to /usr/lib/systemd/system/zabbix-agent.service.

查看agent服务是否已启动:

[root@localhost ~]# ps -ef | grep zabbix
zabbix    2842     1  0 06:37 ?        00:00:00 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf
zabbix    2843  2842  0 06:37 ?        00:00:00 /usr/sbin/zabbix_agentd: collector [idle 1 sec]
zabbix    2844  2842  0 06:37 ?        00:00:00 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection]
zabbix    2845  2842  0 06:37 ?        00:00:00 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection]
zabbix    2846  2842  0 06:37 ?        00:00:00 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection]
zabbix    2847  2842  0 06:37 ?        00:00:00 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec]
root      2896  2435  0 06:38 pts/1    00:00:00 grep –color=auto zabbix
[root@localhost ~]#
[root@localhost ~]# ss -tnl | grep 10050
LISTEN     0      128          *:10050                    *:*                 
LISTEN     0      128         :::10050                   :::*                

如上,已发现agentd进程运行,并且10050端口已启动。

6、将主机添加至zabbix server平台

打开zabbix server主界面,选择“配置‘->”主机“,点击右上角的”创建“按扭,创建一台主机,如下图

agentinstall06

输入主机名称,群组选择系统默认的Server hardware,agent代理接口IP设置刚才安装agent的主机192.168.10.209,端口默认10050,如下图:

agentinstall07

再选择”模板“选项栏,链接指示器里选择”Template OS Linux“,点击添加,最后点击蓝底添加按扭,完成添加。

agentinstall08

完成后可以看到列表中已经有刚才不回的主机,过几分钟后,可用性一栏中的ZBX变绿即表示监控正常。

agentinstall09

Zabbix 4.0.2试用(六):监控图形中中文显示乱码的解决

Zabbix在显示监控数据图形时,默认的数值名称是显示乱码的,如下图:

zhongwen00

这是由于默认zabbix监控显示条中只有graphfont.ttf一种字体:

zhongwen01

需要添加一个能够显示中文的字体,以确保能够显示中文,步骤如下:

1、上传字体

将Windows操作系统中的“黑体”字体上传至zabbix的fonts文件夹中,先在控制面板的字体选项中找到黑体,复制到E盘或任意位置:

zhongwen02

再通过SecureFX将复制出来的黑体文件simhei.ttf复制到zabbix服务器端的/usr/share/zabbix/fonts文件夹中,如下图。

zhongwen03

再进入zabbix服务器端远程控制台,编辑字体配置文件defines.inc.php:

[root@zabbix fonts]# vi /usr/share/zabbix/include/defines.inc.php

使用/graphfont搜索原字体位置:

define(‘ZBX_GRAPH_FONT_NAME’,           ‘graphfont‘); // font file name

然后修改为新上传的simhei:

define(‘ZBX_GRAPH_FONT_NAME’,           ‘simhei‘); // font file name

zhongwen04

修改完成后保存退出。

再次刷新监控图形,已经可以正常显示中文,如下图。

zhongwen05

Zabbix 4.0.2试用(五):在Linux主机中安装zabbix agent并添加该主机(从源包安装)

在Zabbix Server中,监控服务器一般是通过Zabbix自带的agent或者snmp来实现,本次将在一台CentOS7的主机上从源包安装zabbix agent软件来实现监控,并添加至ZABBIX平台中,具体操作如下:

1、关闭防火墙及SELINUX

SSH远程登陆至主机,按之前的方法,将这台CentOS7的防火墙及selinux功能关闭。

2、下载安装包

进入zabbix官网下载页面

agentinstall01

下载得到zabbix-4.0.2.tar.gz安装包,上传至被监控的主机上,如下图。

agentinstall02

3、添加用户

创建zabbix群组和用户,用于agent:

[root@localhost ~]# groupadd zabbix
[root@localhost ~]# useradd -g zabbix -m zabbix

4、安装zabbix agent

通过SecureCRT登陆至主机上,首先安装依赖包:

[root@localhost ~]# yum install gcc pcre*

agentinstall03

完成安装后,将会安装以上软件,然后开始解压缩zabbix-4.0.2.tar.gz,并进入目录

[root@localhost ~]# tar -zxvf zabbix-4.0.2.tar.gz
[root@localhost ~]# cd zabbix-4.0.2/
[root@localhost zabbix-4.0.2]#

开始安装和编译:

[root@localhost zabbix-4.0.2]# ./configure –prefix=/usr/local/zabbix –enable-agent
[root@localhost zabbix-4.0.2]# make install

5、修改zabbix agent配置文件zabbix_agentd.conf

完成安装后,开始对zabbix_agentd.conf修改配置文件:

[root@localhost zabbix-4.0.2]# cd /usr/local/zabbix/etc
[root@localhost etc]# ls
zabbix_agentd.conf  zabbix_agentd.conf.d
[root@localhost etc]# vi zabbix_agentd.conf

主要完成以下几项的修改:

EnableRemoteCommands=1       //来至zabbix服务器的远程命令是否允许被执行
Server=192.168.10.208             //zabbix server地址,用于被动模式,数据获取
ServerActive=192.168.10.208    //主动发送的zabbix server地址主动发送的zabbix server地址,用于主动模式,数据提交
Hostname=zabbix                     //和创建主机时的hostname一致
UnsafeUserParameters=1           //启用自定义key,zabbix监控mysql、tomcat等数据时需要自定义key

完成后保存退出。

6、启动zabbix_agentd

只需运行zabbix_agentd即可:

[root@localhost sbin]# /usr/local/zabbix/sbin/zabbix_agentd

agentinstall04

重启服务操作:

[root@localhost sbin]# sudo killall zabbix_agentd
[root@localhost sbin]#
[root@localhost sbin]#
[root@localhost sbin]# ps -ef |grep zabbix
root     12873  2433  0 19:12 pts/1    00:00:00 grep –color=auto zabbix
[root@localhost sbin]#
[root@localhost sbin]# /usr/local/zabbix/sbin/zabbix_agentd
[root@localhost sbin]#
[root@localhost sbin]# ps -ef |grep zabbix
zabbix   12908     1  0 19:12 ?        00:00:00 /usr/local/zabbix/sbin/zabbix_agentd
zabbix   12909 12908  0 19:12 ?        00:00:00 /usr/local/zabbix/sbin/zabbix_agentd: collector [idle 1 sec]
zabbix   12910 12908  0 19:12 ?        00:00:00 /usr/local/zabbix/sbin/zabbix_agentd: listener #1 [waiting for connection]
zabbix   12911 12908  0 19:12 ?        00:00:00 /usr/local/zabbix/sbin/zabbix_agentd: listener #2 [waiting for connection]
zabbix   12912 12908  0 19:12 ?        00:00:00 /usr/local/zabbix/sbin/zabbix_agentd: listener #3 [waiting for connection]
zabbix   12913 12908  0 19:12 ?        00:00:00 /usr/local/zabbix/sbin/zabbix_agentd: active checks #1 [idle 1 sec]
root     12917  2433  0 19:13 pts/1    00:00:00 grep –color=auto zabbix
[root@localhost sbin]#

agentinstall05

7、将主机添加至zabbix server平台

打开zabbix server主界面,选择“配置‘->”主机“,点击右上角的”创建“按扭,创建一台主机,如下图

agentinstall06

输入主机名称,群组选择系统默认的Server hardware,agent代理接口IP设置刚才安装agent的主机192.168.10.209,端口默认10050,如下图:

agentinstall07

再选择”模板“选项栏,链接指示器里选择”Template OS Linux“,点击添加,最后点击蓝底添加按扭,完成添加。

agentinstall08

完成后可以看到列表中已经有刚才不回的主机,过几分钟后,可用性一栏中的ZBX变绿即表示监控正常。

agentinstall09

Zabbix 4.0.2试用(四):更改Admin用户的语言及密码

如上一节所示,安装完成默认语言为英文,如下图:

但Zabbix是支持中文界面的,只需设置完即可,具体如下,在主界面选择Administration –> Users:

选择用户Admin,鼠标左键点击Admin用户名,进入用户名设置界面

在Language语言栏中选择“Chinese(zh_CN)”,如下图所示:

完成后,再点击 Change password,修改登陆密码

输入新密码,如下:

完成后,点击Update按成,完成语言和密码的修改工作。

退出当前用户,重新使用刚才新修改的密码登陆系统,语言已变成中文。

Zabbix 4.0.2试用(三):安装Zabbix 4.0.2

完成上一步的CentOS7的安装后,开始安装Zabbix,具体步骤如下:

使用root用户登陆系统:

1、关闭防火墙

首先查看防火墙状态

[root@zabbix ~]# firewall-cmd –state
running
[root@zabbix ~]#

zabbixinstall

关闭firewall,并禁止防火墙开机启动,命令如下:

[root@zabbix ~]# systemctl stop firewalld.service
[root@zabbix ~]# systemctl disable firewalld.service

再次查看,防火墙已不在运行:

[root@zabbix ~]# firewall-cmd –state

zabbixinstall

2、关闭SELINUX

安装之前还需将SELINUX关闭,运行如下命令编辑SELINUX配置文件:

[root@zabbix ~]# vi /etc/selinux/config

并将SELINUX=enforcing改成SELINUX=disable,如下:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing – SELinux security policy is enforced.
#     permissive – SELinux prints warnings instead of enforcing.
#     disabled – No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
#     targeted – Targeted processes are protected,
#     minimum – Modification of targeted policy. Only selected processes are protected.
#     mls – Multi Level Security protection.
SELINUXTYPE=targeted

zabbixinstallx03

修改完成后,重启机器,运行如下命令查看是否 SELINUX已关闭:

[root@zabbix ~]# getenforce

退回disable即为已关闭,如下图。

zabbixinstallx04

3、安装LAMP环境

Zabbix前端为PHP,后端准备使用的数据库为MariaDB(与MYSQL兼容,mysql创始化带领团队创建),目前集合的环境有LAMP和LNMP,只是WEB应用使用Apache或Nginx的区别,本次准备采用LAMP来运行Zabbix,因为本机与互联网相通,故准备采用yum的方式来安装。

首先升级相关yum源中的软件至最新版,使用如下命令:

[root@zabbix ~]# yum -y update

开始对程序进行升级,如下图:

zabbixinstallx05

zabbixinstallx06

如上图,完成了yum源升级后,开始安装LAMP,运行如下命令:

[root@zabbix ~]# yum install -y httpd mariadb-server mariadb php php-mysql php-gd libjpeg* php-ldap php-odbc php-pear php-xml php-xmlrpc php-mhash

开始安装,如下图:

zabbixinstallx07

完成安装后,使用如下命令查看重要是否已安装:

[root@zabbix ~]# rpm -qa httpd php mariadb
httpd-2.4.6-88.el7.centos.x86_64
mariadb-5.5.60-1.el7_5.x86_64
php-5.4.16-46.el7.x86_64
[root@zabbix ~]#

如上,显示已安装了http、php和数据库mariadb。

4、配置LAMP环境

完成LAMP环境安装后,开始配置Apache和PHP,通过如下命令打开httpd.conf配置文件,修改ServerName和DirectoryIndex,将监听IP及端口修改为本机的IP及80端口,DirectoryIndex中加入index.php文件:

[root@zabbix ~]# vi /etc/httpd/conf/httpd.conf

由于本机的IP为10.208,则ServerName修改成:

ServerName 192.168.10.208:80

zabbixinstallx08

Zabbix默认页面为index.php,添加index.php进DirectoryIndex,如下:

<IfModule dir_module>
    DirectoryIndex index.html index.php
< /IfModule>

zabbixinstallx09

完成以上修改为保存退出。

再修改php.ini配置文件,设置时区为PRC,由于运维管理系统是记录设备运维日志等,需要查看设备出现问题时的时间,对时间的准确性有要求,故需修改:

[root@zabbix ~]# vi /etc/php.ini

使用/timezone搜索需要修改的位置,并修改为:

date.timezone = PRC

zabbixinstallx10

完成后保存退出。

5、启动LAMP环境

开始启动httpd和mariadb:

[root@zabbix ~]# systemctl start httpd
[root@zabbix ~]# systemctl start mariadb

设置开机启动服务:

[root@zabbix ~]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@zabbix ~]# systemctl enable mariadb
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
[root@zabbix ~]#

查看服务是否启动:

[root@zabbix ~]# ss -naplt | grep httpd
LISTEN     0      128         :::80                      :::*                   users:((“httpd”,pid=26988,fd=4),(“httpd”,pid=26987,fd=4),(“httpd”,pid=26986,fd=4),(“httpd”,pid=26985,fd=4),(“httpd”,pid=26984,fd=4),(“httpd”,pid=26980,fd=4))
[root@zabbix ~]# ss -naplt | grep mysqld
LISTEN     0      50           *:3306                     *:*                   users:((“mysqld”,pid=27272,fd=13))
[root@zabbix ~]#

查看httpd和mysqld已经启动,80和3306端口也已启动,如下图:

zabbixinstallx11

接着再测试php是否正常,新建一个PHP测试页:

[root@zabbix ~]# vi /var/www/html/index.php

输入:

<?php
phpinfo();
?>

zabbixinstallx12

保存退出,然后打开浏览器,输入http://192.168.10.208,显示PHP即为正常。

zabbixinstallx13

6、配置MariaDB数据库

设置数据库密码为zabbixroot:

[root@zabbix ~]# mysqladmin -u root password zabbixroot

验证密码是否正常:

[root@zabbix ~]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 5.5.60-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.

MariaDB [(none)]>

zabbixinstallx14

开始创建数据库,

MariaDB [(none)]> CREATE DATABASE zabbix character set utf8 collate utf8_bin;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> GRANT all ON zabbix.* TO ‘zabbix’@’zabbix’ IDENTIFIED BY ‘zabbix123’;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> quit
Bye
[root@zabbix ~]#

zabbixinstallx15

完成创建后,测试数据库是否能够连接,运行是否正常,将刚创建的php测试页的内容修改为:

<?php
$link=mysql_connect(‘192.168.10.208′,’zabbix’,’zabbix123′);
if($link) echo “<h1>Datebase Connect Success~~~~~</h1>”;
  else echo “Fail!!”;
mysql_close();
?>

设置本机的IP地址,并设置刚才创建的用户名和密码:

zabbixinstallx17

设置后保存退出,然后在浏览器中输入http://192.168.10.208,正常应该显示Datebase Connect Success~~~~~:

zabbixinstallx18

7、安装Zabbix 4.0.2

完成以上的设置后,即可以开始安装Zabbix,继续采用yum方式安装,首先安装相关依赖包:

[root@zabbix ~]# yum -y install net-snmp net-snmp-devel curl curl-devel libxml2 libxml2-devel libevent-devel.x86_64 javacc.noarch  javacc-javadoc.noarch javacc-maven-plugin.noarch javacc*

yum会自动下载安装包并完成安装,

Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
  * base: mirrors.cn99.com
  * extras: mirrors.aliyun.com
  * updates: mirrors.cn99.com
base                                                                          | 3.6 kB  00:00:00    
extras                                                                        | 3.4 kB  00:00:00    
updates                                                                       | 3.4 kB  00:00:00    
Package curl-7.29.0-51.el7.x86_64 already installed and latest version
Package libxml2-2.9.1-6.el7_2.3.x86_64 already installed and latest version
Resolving Dependencies
–> Running transaction check
—> Package javacc.noarch 0:5.0-10.el7 will be installed
—> Package javacc-demo.noarch 0:5.0-10.el7 will be installed
—> Package javacc-javadoc.noarch 0:5.0-10.el7 will be installed
—> Package javacc-manual.noarch 0:5.0-10.el7 will be installed
—> Package javacc-maven-plugin.noarch 0:2.6-17.el7 will be installed
–> Processing Dependency: mvn(org.codehaus.plexus:plexus-utils) for package: javacc-maven-plugin-2.6-17.el7.noarch
–> Processing Dependency: mvn(org.apache.maven:maven-project) for package: javacc-maven-plugin-2.6-17.el7.noarch
–> Processing Dependency: mvn(org.apache.maven:maven-plugin-api) for package: javacc-maven-plugin-2.6-17.el7.noarch
–> Processing Dependency: mvn(org.apache.maven:maven-model) for package: javacc-maven-plugin-2.6-17.el7.noarch
–> Processing Dependency: mvn(org.apache.maven.reporting:maven-reporting-impl) for package: javacc-maven-plugin-2.6-17.el7.noarch
–> Processing Dependency: mvn(org.apache.maven.reporting:maven-reporting-api) for package: javacc-maven-plugin-2.6-17.el7.noarch
–> Processing Dependency: mvn(org.apache.maven.doxia:doxia-site-renderer) for package: javacc-maven-plugin-2.6-17.el7.noarch
–> Processing Dependency: mvn(org.apache.maven.doxia:doxia-sink-api) for package: javacc-maven-plugin-2.6-17.el7.noarch
—> Package javacc-maven-plugin-javadoc.noarch 0:2.6-17.el7 will be installed
—> Package libcurl-devel.x86_64 0:7.29.0-51.el7 will be installed
—> Package libevent-devel.x86_64 0:2.0.21-4.el7 will be installed
—> Package libxml2-devel.x86_64 0:2.9.1-6.el7_2.3 will be installed
–> Processing Dependency: zlib-devel for package: libxml2-devel-2.9.1-6.el7_2.3.x86_64
–> Processing Dependency: xz-devel for package: libxml2-devel-2.9.1-6.el7_2.3.x86_64
—> Package net-snmp.x86_64 1:5.7.2-37.el7 will be installed
–> Processing Dependency: net-snmp-agent-libs = 1:5.7.2-37.el7 for package: 1:net-snmp-5.7.2-37.el7.x86_64
–> Processing Dependency: libnetsnmptrapd.so.31()(64bit) for package: 1:net-snmp-5.7.2-37.el7.x86_64
–> Processing Dependency: libnetsnmpmibs.so.31()(64bit) for package: 1:net-snmp-5.7.2-37.el7.x86_64
–> Processing Dependency: libnetsnmpagent.so.31()(64bit) for package: 1:net-snmp-5.7.2-37.el7.x86_64
—> Package net-snmp-devel.x86_64 1:5.7.2-37.el7 will be installed

zabbixinstallx19

再安装PHP组件包,用于支持zabbix:

[root@zabbix ~]# yum install php-bcmath php-mbstring –y

开始安装:

Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
  * base: mirrors.cn99.com
  * extras: mirrors.aliyun.com
  * updates: mirrors.cn99.com
Resolving Dependencies
–> Running transaction check
—> Package php-bcmath.x86_64 0:5.4.16-46.el7 will be installed
—> Package php-mbstring.x86_64 0:5.4.16-46.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

=====================================================================================================
  Package                   Arch                Version                       Repository         Size
=====================================================================================================
Installing:
  php-bcmath                x86_64              5.4.16-46.el7                 base               58 k
  php-mbstring              x86_64              5.4.16-46.el7                 base              505 k

Transaction Summary
=====================================================================================================
Install  2 Packages

zabbixinstallx20

完成后开始安装Zabbix,进入zabbix官网文档,选择产品手册->安装->从二进制包安装->1 Red Hat Enterprise,

[root@zabbix ~]# rpm -ivh http://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-release-4.0-1.el7.noarch.rpm
Retrieving http://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-release-4.0-1.el7.noarch.rpm
warning: /var/tmp/rpm-tmp.KHhpIz: Header V4 RSA/SHA512 Signature, key ID a14fe591: NOKEY
Preparing…                          ################################# [100%]
Updating / installing…
   1:zabbix-release-4.0-1.el7         ################################# [100%]
[root@zabbix ~]#

zabbixinstallx21

zabbix共有3个核心组件,server、proxy及web,本次只安装基于mysql数据库的server和web:

[root@zabbix ~]# yum install zabbix-server-mysql zabbix-web-mysql -y
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
  * base: mirrors.cn99.com
  * extras: mirrors.aliyun.com
  * updates: mirrors.cn99.com
zabbix                                                                        | 2.9 kB  00:00:00    
zabbix-non-supported                                                          |  951 B  00:00:00    
zabbix/x86_64/primary_db                                                      |  26 kB  00:00:01    
zabbix-non-supported/x86_64/primary                                           | 1.6 kB  00:00:00    
zabbix-non-supported                                                                             4/4
Resolving Dependencies
–> Running transaction check
—> Package zabbix-server-mysql.x86_64 0:4.0.2-1.el7 will be installed
–> Processing Dependency: fping for package: zabbix-server-mysql-4.0.2-1.el7.x86_64
–> Processing Dependency: libiksemel.so.3()(64bit) for package: zabbix-server-mysql-4.0.2-1.el7.x86_64
–> Processing Dependency: libOpenIPMIposix.so.0()(64bit) for package: zabbix-server-mysql-4.0.2-1.el7.x86_64
–> Processing Dependency: libOpenIPMI.so.0()(64bit) for package: zabbix-server-mysql-4.0.2-1.el7.x86_64
—> Package zabbix-web-mysql.noarch 0:4.0.2-1.el7 will be installed

zabbixinstallx22

8、导入数据并配置zabbix数据库

完成zabbix的安装后,之前在mariadb中创建的zabbix数据库中是没有数据的,需要将zabbix提供的模板表结构等数据导入zabbix数据库中,进行如下操作:

[root@zabbix ~]# zcat /usr/share/doc/zabbix-server-mysql-4.0.2/create.sql.gz | mysql -uzabbix -p -h 192.168.10.208 zabbix
Enter password:
[root@zabbix ~]#

zabbixinstallx23

输入之前zabbix用户的用户名,这里为zabbix123,输入后自动开始导入,等待10秒左右,未出现错误,则表示导入成功。

完成后开始配置zabbix server的配置文件,使配置文件中引用刚才创建的数据库,编辑/etc/zabbix/zabbix_server.conf文件:

[root@zabbix ~]# vi /etc/zabbix/zabbix_server.conf 

主要设置以下几项:

DBHost=zabbix
DBName=zabbix
DBUser=zabbix
DBPassword=zabbix123

zabbixinstallx26

9、修改zabbix配置文件时区及PHP参数设置

由于时间的重要性,需要将zabbix的时区也改成本地时区:

[root@zabbix ~]# vi /etc/httpd/conf.d/zabbix.conf

将php_value date.timezone 开关的#号去除,然后值修改为Asia/Shanghai,如下。

zabbixinstallx25

完成后保存退出即可。

10、启动zabbix服务并完成安装

以上操作完成后,可以启动zabbix server:

[root@zabbix ~]# systemctl enable zabbix-server
Created symlink from /etc/systemd/system/multi-user.target.wants/zabbix-server.service to /usr/lib/systemd/system/zabbix-server.service.
[root@zabbix ~]#
[root@zabbix ~]# systemctl start zabbix-server
[root@zabbix ~]#

完成后重启服务器,然后进入/var/log/zabbix,查看zabbix_server.log日志文件,未发现相关错误:

  5611:20181216:113337.714 Starting Zabbix Server. Zabbix 4.0.2 (revision 87228).
  5611:20181216:113337.715 ****** Enabled features ******
  5611:20181216:113337.715 SNMP monitoring:           YES
  5611:20181216:113337.716 IPMI monitoring:           YES
  5611:20181216:113337.716 Web monitoring:            YES
  5611:20181216:113337.716 VMware monitoring:         YES
  5611:20181216:113337.716 SMTP authentication:       YES
  5611:20181216:113337.716 Jabber notifications:      YES
  5611:20181216:113337.716 Ez Texting notifications:  YES
  5611:20181216:113337.716 ODBC:                      YES
  5611:20181216:113337.716 SSH2 support:              YES
  5611:20181216:113337.716 IPv6 support:              YES
  5611:20181216:113337.716 TLS support:               YES
  5611:20181216:113337.716 ******************************
  5611:20181216:113337.716 using configuration file: /etc/zabbix/zabbix_server.conf
  5611:20181216:113337.783 [Z3001] connection to database ‘zabbix’ failed: [2003] Can’t connect to My
SQL server on ‘zabbix’ (99)
  5611:20181216:113337.783 database is down: reconnecting in 10 seconds
  5611:20181216:113347.926 database connection re-established
  5611:20181216:113347.975 current database version (mandatory/optional): 04000000/04000003
  5611:20181216:113347.975 required mandatory version: 04000000
  5611:20181216:113348.294 server #0 started [main process]
  9274:20181216:113348.295 server #1 started [configuration syncer #1]
  9275:20181216:113348.297 server #2 started [alerter #1]
  9276:20181216:113348.297 server #3 started [alerter #2]
  9278:20181216:113348.301 server #5 started [housekeeper #1]
  9282:20181216:113348.302 server #8 started [discoverer #1]
  9285:20181216:113348.303 server #10 started [history syncer #2]
  9286:20181216:113348.304 server #11 started [history syncer #3]
  9283:20181216:113348.306 server #9 started [history syncer #1]
  9291:20181216:113348.308 server #16 started [task manager #1]
  9289:20181216:113348.311 server #14 started [proxy poller #1]
  9277:20181216:113348.315 server #4 started [alerter #3]
  9297:20181216:113348.316 server #22 started [unreachable poller #1]
  9292:20181216:113348.319 server #17 started [poller #1]
  9296:20181216:113348.322 server #21 started [poller #5]
  9287:20181216:113348.323 server #12 started [history syncer #4]
  9301:20181216:113348.324 server #25 started [trapper #3]
  9298:20181216:113348.324 server #23 started [trapper #1]
  9288:20181216:113348.326 server #13 started [escalator #1]
  9303:20181216:113348.329 server #27 started [trapper #5]
  9279:20181216:113348.330 server #6 started [timer #1]
  9295:20181216:113348.331 server #20 started [poller #4]
  9290:20181216:113348.332 server #15 started [self-monitoring #1]
  9280:20181216:113348.333 server #7 started [http poller #1]
  9293:20181216:113348.334 server #18 started [poller #2]
  9307:20181216:113348.335 server #30 started [preprocessing manager #1]
  9302:20181216:113348.336 server #26 started [trapper #4]
  9308:20181216:113348.337 server #31 started [preprocessing worker #1]
  9306:20181216:113348.337 server #29 started [alert manager #1]
  9309:20181216:113348.337 server #32 started [preprocessing worker #2]
  9294:20181216:113348.338 server #19 started [poller #3]
  9300:20181216:113348.339 server #24 started [trapper #2]
  9304:20181216:113348.344 server #28 started [icmp pinger #1]
  9310:20181216:113348.433 server #33 started [preprocessing worker #3]
[root@zabbix zabbix]#                   

开始完成安装,浏览器打开http://192.168.10.208/zabbix,主界面已显示,点击Next Step:

zabbixinstallx27

zabbixinstallx28

填入相应信息,端口为3306,用户名及密码为之前创建的信息,如下图

zabbixinstallx29

输入host,这里为zabbix,端口默认,名称自定义

zabbixinstallx30

最后确认信息是否正常:

zabbixinstallx31

zabbixinstallx32

完成后,显示登陆界面,输入默认信息:用户名Admin,密码zabbix,进入主界面。

zabbixinstallx33

zabbixinstallx34

至此,zabbix的安装完成,后期将是相关配置的工作。

参考文章:

1、https://www.zabbix.com/documentation/4.0/zh/manual/installation/install_from_packages/rhel_centos#red_hat_enterprise_linuxcentos

2、http://www.cnblogs.com/yaoyaojcy/p/9884130.html

3、https://www.cnblogs.com/itflycat/p/4284374.html

Zabbix 4.0.2试用(二):安装操作系统CentOS 7

准备Zabbix安装在Linux平台下,使用CentOS 7,具体安装步骤如下:

首先在虚拟化平台上建立一个虚机:

DVD驱动器中选择“数据存 ISO文件”,选择本ESXI主机上的CENTOS7 ISO镜像文件,并在“连接”上打钩,如下图所示:

完成新建后,打开虚拟机电源,进行CentOS7安装界面,

语言选择英文

开始设置一些安装参数,如下图

首先设置“DATE & TIME”设置,将时区设置成上海,如下图

在设置“SOFTWARE SELECTION”,设置为Server with GUI,如下图

在对“INSTALLATION DESTINATION”进行设置,默认的分区不太适合ZABBIX的运行,需要手工更改下,如下图,选择100G磁盘,再选择“I will configure partitioning”,如下图

默认/home分区空间分配很大,需要手工调小,将根/分区空间调大,因为安装ZABBIX时,软件的运行日志等都在/var目录下,需要更多的空间支持,如下图

最后,对“NETWORK & HOST NAME”进行设置,将host name设置为zabbix,将IP地址设置为你自己环境中的IP,本次为192.168.10.208/24,网关10.253,DNS:221.228.255.1,如下图所示:

完成设置后,下一步,开始安装,同时完成root密码的设置,如下图

完成安装后,重启机器,并完成最后的设置工作,最后点击FINISH CONFIGURATION按扭,重启完成安装。如下图

进入系统后,测试下到网关和互联网是否正常,安装ZABBIX时会用到互联网。