Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[Snort-users] Zabbix for Snort performance monitoring

286 views
Skip to first unread message

Anshuman Anil Deshmukh

unread,
Oct 10, 2013, 8:00:58 AM10/10/13
to

Hi,

 

I have implemented the setup of monitoring the snort received / dropped packets configuration using zabbix which was discussed by Mike on this link-http://seclists.org/snort/2010/q3/641

 

After configuring the said parameters, Zabbix is showing that it not supported by the agent. I am using zabbix version 1.8.17

 

Other details of my setup as below and some other details

-    I have installed snort version 2.9.5 GRE (Build 103) on CentOS 6.4 (final)

-    Zabbix server, agent and snort running on same server because it is a test setup

-    Database used is MYSQL version 14.14 Distrib 5.1.69, for redhat-linux-gnu (x86_64) using readline 5.

-    I am able to login to zabbix console and it is able to show me all other realtime data for the configured services

-    This is my test setup. Somehow I missed to install the latest version of Zabbix.

-     

I am assuming that this is not version specific issue and hence there is no need to upgrade zabbbix. I am desperately looking to check this functionality.

 

Please let me know in case any other details are needed and would appreciate getting help to resolve this issue.

 

Thanks.

 

Anshuman


"Legal Disclaimer: This electronic message and all contents contain information from Cybage Software Private Limited which may be privileged, confidential, or otherwise protected from disclosure. The information is intended to be for the addressee(s) only. If you are not an addressee, any disclosure, copy, distribution, or use of the contents of this message is strictly prohibited. If you have received this electronic message in error please notify the sender by reply e-mail to and destroy the original message and all copies. Cybage has taken every reasonable precaution to minimize the risk of malicious content in the mail, but is not liable for any damage you may sustain as a result of any malicious content in this e-mail. You should carry out your own malicious content checks before opening the e-mail or attachment." www.cybage.com

Anshuman Anil Deshmukh

unread,
Oct 10, 2013, 8:46:11 AM10/10/13
to

Thanks Eric for responding so quickly. Here are the details.

 

Zabbix Agent (daemon) v1.8.17 (revision 37338) (26 July 2013)

Compilation time: Aug  4 2013 16:44:16

 

If at all this issue needs an upgrade, will upgrading just the zabbix agent resolve my issue? As said initially, this is my test setup and hence not willing to upgrade the entire thing. I will definitely take care of installing the latest version when installing it for the production.

 

Thanks.

 

-Anshuman

 

 

From: Eric G [mailto:er...@nixwizard.net]
Sent: Thursday, October 10, 2013 6:00 PM
To: Anshuman Anil Deshmukh
Cc: Snort Users
Subject: Re: [Snort-users] Zabbix for Snort performance monitoring

 

On Oct 10, 2013 8:02 AM, "Anshuman Anil Deshmukh" <ansh...@cybage.com> wrote:
>
> -    This is my test setup. Somehow I missed to install the latest version of Zabbix.
>

Anshuman right off the bat I would suggest you upgrade to the zabbix20 packages that are in the CentOS EPEL repository. 2.0 adds a lot of features and has been quite stable for me on several production servers. The addition of dynamic items alone makes it worth it in my opinion.

That said, what version is your agent? There should be an agent version item that is polled from your Zabbix server if you look in "Latest data" under the monitoring tab on your Zabbix server web interface.

Different agent versions support different item queries

--
Eric
http://www.linkedin.com/in/ericgearhart

Eric G

unread,
Oct 10, 2013, 8:29:57 AM10/10/13
to
0 new messages