Setting up sending email notifications in Zabbix on CentOS 7
It seems to be not the newest task. And articles in Google cart and a small cart. But for some reason, it took me almost a week for all the experiments and trampling on every possible rake.
So, the task: CentOS 7 server, LEMP package installed, Zabbix 2.4.6 server installed. It is necessary to configure sending notifications to admins by mail.
Disclaimer - CentOS was put on the method of "sex and again sex" - minimal installations. In view of this, some “due out of the box” packages do not work, because no one has delivered them yet.
After smoking a number of manuals, it became clear that in order to send mail, we need, at a minimum, a mail strip that can use SMTP with authorization and a script for Zabbix.
')
As an e-mail client, we use ssmtp.
Then in /etc/ssmtp/ssmtp.conf
Then there was an attempt to set ssmtp as a substitute for sendmail and use the mail command (mailx package) to send mail, but the letters, although they came, were not readable (the text did not come in the text field, but as a binary attachment).
As a result, had to put mutt, as a replacement for mail.
See where we have the zabbix user's home directory:
Then we create the mutt settings file in the zabbix home directory.
Now you need to write a script to send mail and put it in / usr / lib / zabbix / alertscripts. Let the script name be: send_mail.sh:
Now setting up the zabbix itself. In the Web interface: Administration - Alert Methods - Email
Checking the zabbix config (/etc/zabbix/zabbix_server.conf)
Restart zabbix server:
And so, if we, in violation of all the guidelines, have disabled SELinux, everything works and alerts go.
However, with SELinux enabled, there were no letters and no . We proceed to the training of SELinux. To speed up further configuration, it is convenient to start some kind of trigger, to which we can easily and often change the state (I didn’t bother and used the server reboot from zabbix, because I haven’t had any other loads on this virtual machine yet). To perform the SELinux setup, you will need only 4 steps, but they will have to be repeated as many times as required in your system (it took me 5 or 6 iterations).
For personal "convenience", I collected the allowing rules not into one file of the SELinux module, but into a separate file for each iteration, so that you could take a closer look at their contents. Therefore, the module name was used according to the ZabSeModuleN scheme, where N at the end of the file name is the iteration number, the result is a group of files ZabSeModule1.te, ZabSeModule1.mod, ZabSeModule1.pp, ZabSeModule2.te, ZabSeModule2.mod, ZabSeModule2.pp, etc. .
• ausearch -m avc -ts today
If the output is different from - perform the steps below.
• cat /var/log/audit/audit.log | audit2allow -m ZabSeModuleN> ZabSeModuleN.te
• checkmodule -M -m -o ZabSeModuleN.mod ZabSeModuleN.te
• semodule_package -o ZabSeModuleN.pp -m ZabSeModuleN.mod
• semodule -i ZabSeModuleN.pp
• rm /var/log/audit/audit.log
• reboot
Reboot only method to trigger the trigger "Zabbix server restarted"
For lovers of the order - after receiving a complete list of SELinux rules, they can be assembled into one .te file, and, removing previous modules from the system, create and install one new one.
Based on the result of alerts from Zabbix, they walk regularly and with pleasure.
In the process of setting up, articles were honestly used:
Lissyar - 'Problem Solving' or 'Linux Tinkering - 2' (c) Fomalhaut
Denis Volkov - Setting SELinux Security Policies
NetSkills - Zabbix. Video lesson number 4. Set up email alerts. Part 2 (zabbix gmail)
So, the task: CentOS 7 server, LEMP package installed, Zabbix 2.4.6 server installed. It is necessary to configure sending notifications to admins by mail.
Disclaimer - CentOS was put on the method of "sex and again sex" - minimal installations. In view of this, some “due out of the box” packages do not work, because no one has delivered them yet.
After smoking a number of manuals, it became clear that in order to send mail, we need, at a minimum, a mail strip that can use SMTP with authorization and a script for Zabbix.
')
As an e-mail client, we use ssmtp.
yum install ssmtp Then in /etc/ssmtp/ssmtp.conf
root=mailbox@mail.server # zabbixa mailhub=smtp.mail.server # TLS, ":465" rewriteDomain=mail.server AuthUser=mail_username AuthPass=mail_password FromLineOverride=YES #UseTLS=YES # TLS Then there was an attempt to set ssmtp as a substitute for sendmail and use the mail command (mailx package) to send mail, but the letters, although they came, were not readable (the text did not come in the text field, but as a binary attachment).
As a result, had to put mutt, as a replacement for mail.
yum install mutt See where we have the zabbix user's home directory:
getent passwd zabbix zabbix:x:997:996:Zabbix Monitoring System:/var/lib/zabbix:/bin/bash Then we create the mutt settings file in the zabbix home directory.
touch /var/lib/zabbix/.muttrc echo set from="mailbox@mail.server" >> /var/lib/zabbix/.muttrc set realname ="My Zabbix Monitoring" >> /var/lib/zabbix/.muttrc set sendmail="/usr/sbin/ssmtp" >> /var/lib/zabbix/.muttrc set charset="utf-8" >> /var/lib/zabbix/.muttrc set copy=no >> /var/lib/zabbix/.muttrc chown zabbix:zabbix /var/lib/zabbix/.muttrc Now you need to write a script to send mail and put it in / usr / lib / zabbix / alertscripts. Let the script name be: send_mail.sh:
#!/bin/bash to=$1 subject=$2 body=$3 echo `date`" mail sended to:" $to >> /var/log/zabmail.log # echo `date`" mail subj:" $subject >> /var/log/zabmail.log # echo `date`" mail text:" $body >> /var/log/zabmail.log # echo $body | mutt -s "$subject" "$to" Now setting up the zabbix itself. In the Web interface: Administration - Alert Methods - Email
Type: Script
Script name: send_mail.sh
Activated: Yes (cheked)
Checking the zabbix config (/etc/zabbix/zabbix_server.conf)
AlertScriptsPath=/usr/lib/zabbix/alertscripts Restart zabbix server:
service zabbix-server restart And so, if we, in violation of all the guidelines, have disabled SELinux, everything works and alerts go.
However, with SELinux enabled, there were no letters and no . We proceed to the training of SELinux. To speed up further configuration, it is convenient to start some kind of trigger, to which we can easily and often change the state (I didn’t bother and used the server reboot from zabbix, because I haven’t had any other loads on this virtual machine yet). To perform the SELinux setup, you will need only 4 steps, but they will have to be repeated as many times as required in your system (it took me 5 or 6 iterations).
For personal "convenience", I collected the allowing rules not into one file of the SELinux module, but into a separate file for each iteration, so that you could take a closer look at their contents. Therefore, the module name was used according to the ZabSeModuleN scheme, where N at the end of the file name is the iteration number, the result is a group of files ZabSeModule1.te, ZabSeModule1.mod, ZabSeModule1.pp, ZabSeModule2.te, ZabSeModule2.mod, ZabSeModule2.pp, etc. .
• ausearch -m avc -ts today
If the output is different from - perform the steps below.
• cat /var/log/audit/audit.log | audit2allow -m ZabSeModuleN> ZabSeModuleN.te
• checkmodule -M -m -o ZabSeModuleN.mod ZabSeModuleN.te
• semodule_package -o ZabSeModuleN.pp -m ZabSeModuleN.mod
• semodule -i ZabSeModuleN.pp
• rm /var/log/audit/audit.log
• reboot
Reboot only method to trigger the trigger "Zabbix server restarted"
For lovers of the order - after receiving a complete list of SELinux rules, they can be assembled into one .te file, and, removing previous modules from the system, create and install one new one.
Based on the result of alerts from Zabbix, they walk regularly and with pleasure.
In the process of setting up, articles were honestly used:
Lissyar - 'Problem Solving' or 'Linux Tinkering - 2' (c) Fomalhaut
Denis Volkov - Setting SELinux Security Policies
NetSkills - Zabbix. Video lesson number 4. Set up email alerts. Part 2 (zabbix gmail)
Source: https://habr.com/ru/post/267523/
All Articles