Zabbix

Introduction

Zabbix is an open source monitoring solution for network servers, devices, services and other IT resources. The integration makes it possible to receive alerts from Zabbix.

Verified integration version

Zabbix 5.0.0

Important

Older Zabbix versions with Agent dependency do not work when upgraded to Zabbix 4.4.3. Reconfigure the upgraded Zabbix 4.4.3 as described in this document.

Installation and Configuration

The following installation and configuration steps enable Zabbix integration.

Step 1: Install the integration

Select a client from the All Clients list.
Go to Setup > Integrations > Integrations.
From Available Integrations, select Monitoring > Zabbix.
Click Install.

Step 2: Configure the integration

From the API tab, provide the following information:
- Authentication: Copy the Tenant Id, Token, and Webhook URL for configuration. These settings are used to create an HTTP Request template.
- Map Attributes: Third-party mapping information as described below.
From the Monitoring of Integration tab, click Assign Templates.
From Audit Logs, set up audit log criteria and timeframe.

Configure the map attributes

Attributes can be modified at any time.

Select the required OpsRamp property from the drop-down menu.
Click Add Mapping Attributes to map attributes for the specific alert property.
Click + to define the mappings.
From Create Alert Mappings on Status, define:
- mappings
- parsing conditions
- default values
Click Save.

The following tables shows attribute mappings:

Mapping Attributes
Third-Party Entity	OpsRamp Entity	Third-Party Property	OpsRamp Property	Third-Party Property Value	OpsRamp Property Value
Alert	Alert	State	alert.currentState	Information	Info
				Warning	Warning
				High	Critical
				OK	OK
Alert	Alert	Metric	alert.serviceName
Alert	Alert	Description	alert.description
Alert	Alert	Host_Name	alert.deviceName
Alert	Alert	IP	alert.resource.ipAddress
Alert	Alert	EventID	alert.extAlertId
Alert	Alert	Subject	alert.subject

Zabbix configuration

The following steps describe how to configuring media types and actions.

Step 1: Configure media types

Log into Zabbix Admin UI.
Go to Administration, Media Type and click Create Media Type. Media Type screen appears.
Enter the following required details and click Add.
- Name: Any name for media type (For example, OpsRamp Alert Webhook)
- Type: Webhook
- Parameters: Provide the parameters:
Click Add. The Media Type is added.

Parameter descriptions

The following table provides parameter descriptions for configuring media types.

Parameter Descriptions
Name	Value
Subject	{ALERT:SUBJECT}
Message	{ALERT:MESSAGE}
OpsRampURL	webhook URL copied from OpsRamp (For example: `https://{yourdomain}:/integrations/alertsWebhook/client_1/alerts?vtoken={token}`
HTTPProxy	(Optional, needed when zabbix is configured for a proxy network) `http://{proxy IP}:{port}`

Script

The following is a script for posting alert data to OpsRamp:

try {
Zabbix.Log(4, 'opsramp webhook script value=' + value);var result = {
'tags': {
'endpoint': 'opsramp'
}
},
params = JSON.parse(value),
req = new CurlHttpRequest(),
alertPayload = {},
resp;postAlertToOpsRamp();/**
* Function to post alert data to OpsRamp
*/
function postAlertToOpsRamp() {
req.AddHeader('Content-Type: application/json');
req.AddHeader('Accept: application/json');
if (typeof params.HTTPProxy !== 'undefined' && params.HTTPProxy !== '') {
req.SetProxy(params.HTTPProxy);
}
var res = req.Post(params.OpsRampURL,prepareOpsRampAlertPayload());
res = JSON.parse(res);
}/**
* Function to prepare required OpsRamp alert payload to send
*/
function prepareOpsRampAlertPayload() {
alertPayload.Subject = params.Subject;
var msg = params.Message;
var msgLines = msg.split('\r\n');
for (var i = 0; i < msgLines.length; i++) {
var field = msgLines[i].split(':');
alertPayload[field[0]] = field[1];
}alertPayload.State = alertPayload['Status'];
if(alertPayload['Status'] == 'PROBLEM') {
if(alertPayload['Trigger_Severity'] == 'Information' || alertPayload['Trigger_Severity'] == 'Not classified') {
alertPayload.State='Information';
} else if(alertPayload['Trigger_Severity'] == 'Average' || alertPayload['Trigger_Severity'] == 'Warning') {
alertPayload.State='Warning';
} else if(alertPayload['Trigger_Severity'] == 'High' || alertPayload['Trigger_Severity'] == 'Disaster') {
alertPayload.State='High';
}
} else if (alertPayload['Status'] == 'OK') {
alertPayload.State = 'OK';
}return JSON.stringify(alertPayload);
}return "OK";
} catch (error) {
Zabbix.Log(4, 'OPSRAMP issue creation failed json : ' + JSON.stringify({"fields": fields}));
Zabbix.Log(4, 'OPSRAMP issue creation failed : ' + error);
result = {};
}

return JSON.stringify(result);

Step 2: Configure actions

Go to Configuration > Actions and click Create action.
Zabbix Integration
For the Action tab, enter the following information:
- Name: Enter any name (For example, OpsRamp Alert Webhook Action)
- Conditions: Leave default
- New Condition: Leave default
- Enabled: Select the checkbox
For the Operations tab, enter the following information:
- Default operation setup duration: Leave default value (For example, 1h)
- Default subject: Problem: {EVENT.NAME}
- Default message: Description:{TRIGGER.NAME} Status:{TRIGGER.STATUS} Host_Name:{HOSTNAME} IP:{IPADDRESS} EventID:{EVENT.ID} Trigger_Severity:{TRIGGER.SEVERITY} Event_Severity:{EVENT.SEVERITY} Metric:{ITEM.KEY} Date:{EVENT.DATE} Time:{EVENT.TIME} Item_Name:{ITEM.NAME}
- Pause operations for suppressed problems:** Leave default value
- Operations: Click New and enter the following:
  - Steps: Leave default value
  - Step duration: Leave default value
  - Operation Type: Select Send message
  - Send to User groups: Select user group to notify.
  - Send to Users: Select user to notify.
  - Send only to: Select the media type created (For this example, OpsRamp Alert WebhooK)
  - Default message: Leave default
  - Conditions: Leave default
  - Click Add to save.
For the Recovery operations tab, enter the following information:
- Default subject: Resolved: {EVENT.NAME}
- Default message: ResolvedTime: {EVENT.RECOVERY.TIME} Description:{EVENT.NAME} Status:{TRIGGER.STATUS} Host_Name:{HOSTNAME} IP:{IPADDRESS} EventID:{EVENT.ID} Trigger_Severity:{TRIGGER.SEVERITY} Event_Severity:{EVENT.SEVERITY} Acknowledged: {EVENT.ACK.STATUS} Metric:{ITEM.KEY} Date:{EVENT.DATE} Time:{EVENT.TIME} Item_Name:{ITEM.NAME}
- Operations: Click New and enter the following:
  - Operation type: Select Notify all involved
  - Default message:Select the checkbox
  - Click Add to save.
For the Update operations tab, enter the following information:
- Default subject: Updated problem:: {EVENT.NAME}
- Default message: Problem updated at:{EVENT.UPDATE.ACTION} Problem name:{EVENT.UPDATE.DATE} {EVENT.UPDATE.TIME}.{EVENT.UPDATE.MESSAGE} Host_Name:{HOSTNAME} IP:{IPADDRESS} Description:{EVENT.NAME} Trigger_Severity:{TRIGGER.SEVERITY} Event_Severity:{EVENT.SEVERITY} Metric:{ITEM.KEY} EventID:{EVENT.ID} Current_Status{EVENT.STATUS} Acknowledged: {EVENT.ACK.STATUS} Item_Name:{ITEM.NAME}
- Operations: Click New and enter the following details:
  - Operation Type: Select Send message
  - Default media type: Select the media type created (For this example, OpsRamp Alert WebhooK)
  - Default message: Select checkbox.
Click Add. Actions details are added.

Sample Payload

{
"Subject": "Problem: vsftpd service is down on zabbix-agent",
"Description": "vsftpd service is down on zabbix-agent ",
"Status": "PROBLEM",
"Host_Name": "zabbix",
"IP": "159.65.159.89",
"EventID": "3387",
"Trigger_Severity": "Disaster",
"Event_Severity": "Disaster",
"Metric": "proc.num\[vsftpd\]",
"Date": "2020.01.17",
"Time": "10",
"Name": "vsftpd",
"State": "High"
}

Next steps

To view alerts:

From the workspace drop-down options, navigate to Alerts and search using Zabbix as the Source name. This displays related alerts.
Click Alert ID to view.