One place for hosting & domains

      Monitor

      How to Find, Monitor, and Beat Your Competition


      Affiliate Disclosure: DreamHost maintains relationships with some of our recommended partners, so if you click through a link and purchase, we may receive a commission. We only recommend solutions we believe in.

      Everyone wants to get ahead of their competition. But there’s far more to love about monitoring the competition than just the satisfaction of beating them in the search results.

      In short, you can learn a lot from your competitors.

      What they’re doing right. What they’re doing wrong. Or simply, what they’re doing.

      And you can use all this information to your advantage, especially as a small business owner.

      But first, you need to find out who your competitors are (or check that those you think you’re competing against, are actually your competition).

      In this post, we’ll walk you through how to identify who your competitors are, the tools and tactics you can use to track them, and the opportunities for you to use that information to beat them.

      Ready to take your website to the next level? Let’s dive in!

      Search Engine Optimization Made Easy

      We take the guesswork (and actual work) out of growing your website traffic with SEO.

      How to Identify Your Competitors

      Your obvious go-to is Google. Just search for your most important keywords, and see who’s ranking for them.

      Bear in mind, however, that depending on the size of your brand and the Domain Authority of your site, those at the top of the search results aren’t necessarily your “realistic” competitors. You can still analyze them and learn from them, but your focus should be on companies you share a (more or less) level playing field with.

      For that, you might have to step off the first page of Google’s search results. You might also have to look up some slightly less competitive search terms.

      Businesses with a local presence have another thing to consider.

      Your closest competitors are those that are not only close to you in terms of the products they offer but geographically, too.

      Discovering them, thankfully, is easy. Just adapt your search terms to include the location (or locations) of your premises.

      Other ways to uncover your competitors are included in some of the tools we’ll talk about below, so stick with us to learn about some of the best tools for finding and monitoring your competitors’ marketing activities.

      But first, let’s talk about …

      The Tactics You Can Use to Monitor Your Competition

      Wondering how to monitor your competitors? And how you can get started with competitor analysis? We can help!

      There are countless ways you can track your competitors and what they’re up to — for example, the strategies they’re employing, the keywords they’re targeting, and the results they’re getting.

      Just looking at their site (specifically their title tags) should give you a good idea of the keywords they’re targeting. Tools like SEMrush, Sistrix, and others listed below can be used to view some of the keywords they’re ranking for. You can also use the FATRANK Chrome extension to instantly discover where a site ranks for any given keyword.

      In addition, you can look at their current links and monitor their sites for new links. Pay particular attention to industry-relevant links, and links to content they’ve created (you may well be able to target those links too.)

      Another tactic for monitoring your competitors involves researching and analyzing their most shared content.

      • Why’s this content getting shared?
      • Who’s sharing it and where?
      • And how can you create something similar (but better) to try and replicate their results?

      Just simple things like checking in on their social activity, reading their blog content, monitoring their brand name with Google Alerts, and signing up (and paying attention to) their mailing list can give you valuable insights into your competitors’ tactics and the quality and strength of their marketing strategy.

      Tools to Track Your Competitors’ Ads

      What Runs Where

      What Runs Where is designed solely for competitive analysis of the paid ads market.

      In short, it removes the guesswork and reduces the time you spend testing, so you can start pushing out more effective ads faster.

      Sistrix

      Sistrix covers most of what you need in a digital marketing tool. Included in that is a nifty little feature that brings up heaps of data for any site — perfect for sites you want to keep an eye on.

      All you need to do is login and head to the More section. From there, you can click Ads and access the dashboard.

      The Sistrix search bar and menus.

      Next, populate the search bar at the top with the domain you want to look at, and you’ll be presented with all the data Sistrix has on that domain.

      Example of Sistrix data on a domain.

      You can see:

      • Their paid keywords
      • Their profile
      • Their display URLs
      • The word count of their ads
      • The display position
      • The strength of the competition
      • Their top ad copy
      • The history of their paid keywords
      • Their best keywords

      You can even see and look at the banner ads they are using.

      Handy, huh?

      Example of walmart.com banner ads found through Sistrix.

      SEMrush

      SEMrush has been in the digital marketing space for years, and if you want the most bang for your buck, it’s a good bet as your go-to SEO tool.

      Their competitive research for ads kicks butt and is invaluable when it comes to spying on your competition.

      SEMrush

      Navigate to the Advertising Research section, and you’ll get a wealth of data, including:

      • Number of keywords
      • Estimated traffic for the competitor
      • The estimated traffic cost

      Example of Advertising Research data from SEMrush.

      Changes over time can also be viewed in simple — but super helpful — graphs.

      Graphs showing change over time.

      In addition to this, you can view position changes, competitors, ad copy, ad history, pages, and subdomains.

      Pay special attention to the Competitors tab. It’s extremely useful.

      For one, you’ll get a cool looking competitive positions map.

      You’ll also get a list of all potential competitors and their data. In the example below, we can see that Walmart has over 15,000 competitors in its ads market.

      SEMrush list of Walmart competitors.

      The amount of data you can collect on your competitors from SEMrush is — in short — amazing. Trying to collate this data by hand would take weeks or months, but in SEMrush, you can grab it with the click of a button.

      If this sounds like something you’re interested in, we’ve worked out a free trial with SEMrush for our readers, so you can see if the tool is a good fit for your site without a long-term commitment!

      Spyfu

      Founded in 2002 and originally called Googspy, Spyfu is one of the original players in the ad monitoring tool space.

      While Spyfu has since evolved into a more complete marketing tool, its ad competitive intelligence alone makes it worth investing in.

      To access it, head over to the PPC Research tab and enter the name of the domain you want to research.

      From there, you get a nice clean dashboard that includes a lot of data. You’ll see:

      • Monthly paid keywords
      • Estimated monthly PPC clicks
      • Estimated monthly PPC budget
      • Overall market research
      • How long Spyfu has been collecting the domain’s ads
      • Buy recommendations
      • Worst performing keywords

      This can also be exported to a handy PDF.

      If you want more, click on the Competitors tab in the main menu. Spyfu will then pull the data for the sites it believes are competing for ads for that domain.

      Spyfu data on sites competing for ads.

      If you believe Spyfu’s picked the wrong competitors or you have a particular competitor in mind, you can add a custom domain.

      Creating a custom domain comparison on Spyfu.

      The tool also lets you graph PPC keywords, paid clicks, and ad budgets over time. Handy.

      Walmart.com monthly PPC overview on Spyfu.

      Another powerful feature in Spyfu is Kombat.

      The name might sound a bit intimidating, but don’t let that put you off. It essentially lets you compare the keyword universe of three domains to see which ads are competing and which ads are exclusive to a particular competitor.

      This will help you spot where your competitors are outdoing you because you don’t currently have ads in those areas.

      Example of shared paid keywords on Spyfu.

      Beyond this, Spyfu can help you supercharge your PPC research and account with other features like Keyword Groups, PPC keywords, Ad History, Ad Advisor, and Adwords Templates.

      Backlinks

      If you’ve been working in Digital Marketing for a few weeks or even a few days, you likely understand the importance of links. They’re pretty much the heart of SEO and still today remain one of the biggest ranking factors.

      But how do you find out who’s linking to you, and more specifically, who’s linking to your competitors?

      Here are a few tools to help.

      Ahrefs

      Ahrefs was a bit of a latecomer to the backlink research tool market, but it quickly established itself as one of the big players thanks to its massive index of links and ultra-smooth interface.

      Once logged in, head over to the Site Explorer section.

      From there, just pop in your own domain or the domain of a competitor.

      Ahrefs “Site Explorer” search function.

      Ahrefs will start doing its magic and pull in data points for the domain, including:

      • Ahrefs rank
      • Number of backlinks
      • Number of referring domains
      • The number of keywords it ranks for
      • Organic traffic
      • Traffic value
      • Crawled pages
      • A breakdown of the kind of sites linking to the page
      • Referring pages, IPs, and subnets
      • New and lost referring domains
      • New and lost backlinks
      • The distribution of links by country
      • How the links are distributed across Ahrefs URL rating

      That’s a whole lot of data!

      Everything is exportable to Excel, so you can easily chop and change the data and focus specifically on what you want to dig into.

      One of Ahrefs’ best features for competitor research is their Link Intersection Tool.

      Simply add in your own website and a handful of your competitors’ sites.

      Ahrefs Link Intersect tool.

      Click Show Link Opportunities. Go and make a cup of coffee. And wait for the magic to happen.

      Link Opportunities search results for walmart.com.

      When you return, you’ll find a list of backlinks that your competitors have and you don’t. You can then target some of the strongest sites from the list yourself.

      List of competitors’ backlinks on Ahrefs.

      Link Explorer

      Founded in 2004 by Rand Fishkin, Moz is arguably one of the best-known SEO tools in the market.

      Until a few years ago, their link index was, let’s say, a little underwhelming. That changed when they launched a brand new version of Link Explorer. It blew the old version out of the water and regained Moz its position as a legitimate competitor in the backlink analysis market.

      Moz ‘live link index by the numbers’.

      So how do you use it?

      From the PRO option in the main navigation, you need to locate the Link Explorer. As with other tools, you then need to put in your website (or a competitors’ site) to grab the data.

      Link Explorer competitor search function.

      You should then see a dashboard that looks like this:

      Link Explorer example of overview data.

      Like with the other tools listed above, you’ll get a wealth of data, including:

      • Domain Authority
      • Linking domains
      • Inbound links
      • Ranking keywords
      • Discovered and lost linking domains
      • Domain authority, page authority, and linking domains over time
      • Nofollow and follow over internal and external links
      • Top follower links to the site
      • Top pages on the site
      • Top anchor text for the site
      • Linking domains by DA

      Moz also has a couple of features that can help you compare your site to your competitors’.

      Look on the left-hand side of the navigation and you will see an option called Compare Link Profiles. Click it.

      Next, drop your competitors into the boxes provided.

      “Compare Link Profiles” data on Link Explorer

      Click Analyze, and grab a twinkie while you wait.

      If you’re looking at the root level data you will see:

      • Domain Authority
      • Spam Score
      • Total links
      • Internal followed links
      • External followed links
      • Internal nofollow links
      • External nofollow links
      • Total linking domains
      • Followed linking domains

      The results will look a bit like this, and in no way should we be surprised that Amazon has ALL THE LINKS!

      Example backlink data analysis report.

      This is also super useful if you’re looking at exact pages on your site and similar pages on a competitor’s site. Links could be the reason your really awesome page doesn’t rank as well as a competitor’s not so awesome page.

      You can also compare Domain Authority, Page Authority, and Linking Domains over time.

      Example of metrics over time data.

      Majestic SEO

      Majestic is the grandfather of all backlink tools. It’s probably been around since before the Internet was invented. Heck, they even sent a 3D model of the Internet into space.

      Much maligned for its poor UX, Majestic more than makes up for that with its data.

      Dropping your URL (or a competitor’s URL) into the search box will give you data on:

      • Trust Flow
      • Topical Trust Flow
      • Link Profile
      • Citation Flow
      • External backlinks
      • Referring domains
      • Referring IPs
      • Referring subnets
      • Link Context
      • Crawled and indexed URLs
      • Types of backlinks
      • Incoming languages and site languages
      • Link density of inbound links
      • Backlink history
      • Anchor text

      And so much more.

      You also get some (not so pretty) data visualizations.

      Example of data visualization on Majestic SEO.Example of data visualization on Majestic SEO.

      If you want to do a more competitive analysis, then head over to the Related Sites tab and Majestic will give you a breakdown of all the sites it thinks are related to your own. You can then look at who you believe to be your closest competitors and analyze their Link Trust Flow and Citation Flow.

      Super useful. And so much data that it will keep you busy for ages.

      Example of competitive data from Majestic SEO.

      Majestic also has a pretty cool Compare feature (you can compare one site to yours in the Lite version of the tool, and up to five in the Pro version.)

      Simply pop your domain into the search box and then click the compare button.

      Add a competitor into the second URL box.

      Click the search button, and you’ll get backlink comparison data that covers:

      • Target type
      • Title tag
      • Primary Topical Trust Flow
      • Trust Flow
      • Citation Flow
      • Majestic Million (the top million sites in Majestic’s index)
      • Referring domains
      • Referring IP addresses
      • External backlinks
      • Indexed URLs
      • Average total outlinks per page

      That’s a lot of data (which is exportable by the way) for you to dig through. Happy analyzing.

      Content

      We all know about the importance of great content. Google’s been telling us to create “great content” for years. So how can you spy on your competitor’s content? How can you see what’s working for them and what isn’t? There are many great tools for doing this, but here are two of the most powerful.

      BuzzSumo

      Buzzsumo was one of the first content analyzing tools to enter the market, launching back in 2012. It has become so ubiquitous in the space that many other tools base theirs around the features and functionality of Buzzsumo. We’re not sure how Buzzsumo feels about this, but imitation is the sincerest form of flattery!

      Buzzsumo’s handiest competitor content analysis feature is the Content Web Analyzer. You fill this in the content section of the navigation.

      Simply drop in a topic that you and your competitors are likely to cover, and let the tool do its magic.

      It will return results like this:

      BuzzSumo’s example data from its Content Web Analyzer.

      As you can see, it locates the top-performing content for that topic and gives you the following metrics:

      • Facebook engagements
      • Twitter shares
      • Pinterest shares
      • Reddit engagements
      • Number of links
      • Evergreen score
      • Total engagement

      You can also dig deeper to find out where on the web this type of content is most popular, its word count, and what sort of content gains the most traction for a given topic.

      During this, you’ll identify some of your competitors’ most successful content. If you want to learn more about it, Buzzsumo will let you search by domain.

      This is extremely useful for uncovering the strategies they’ve used and to what success.

      Ahrefs Content Explorer

      Ahrefs initially launched as a tool for analyzing websites’ link profiles. Over the years, they’ve added more and more tools to their suite. One of those tools doesn’t get talked about as much — which is a shame because it’s awesome.

      Want to try it out?

      Log in and head over to the Content Explorer section.

      As with Buzzsumo, you just enter the topic you’re looking to analyze and pop it into the box.

      BuzzSumo topic analyzer in Content Explorer.

      You’ll then see a dashboard that brings back loads of data.

      • The title of the content
      • The author
      • Word count
      • Twitter shares
      • Facebook shares
      • Pinterest shares
      • Domain rank
      • Referring domains
      • Organic traffic
      • Traffic value

      Example data visualizations in the Ahrefs Content Explorer.

      If you’re looking to discover new competitors, then head over to the Websites tab and you’ll see a list of 100 domains with the top-performing content for that topic.

      If you know the domain of a competitor, you can also search for their site specifically.

      And you’ll get to see their top-performing content.

      That should keep you busy for some time.

      Keywords

      Solid keyword research is the foundation of any successful SEO campaign — but where’s the best place to find keywords — and more importantly, your competitors’ keywords? Here are some of the most powerful keyword research tools and some of their features.

      iSpionage

      This is a comprehensive competitor analysis tool that will help you uncover your competitors’ most profitable (paid) keywords, as well as their most successful ad copy and landing pages.

      In other words, iSpionage offers deep insights into what’s working best for your competitors in the digital ad space, so you can go one step further and get two steps ahead of them.

      Sistrix

      Head over to Sistrix’s SEO tab and pop in a keyword that you want to rank for. Sistrix will then search its index and return data, including:

      • Competition
      • Search volume
      • Global search volume
      • Similar keywords
      • Related keywords
      • SERP features
      • Top ranking domains

      The top-ranking domains will help you surface some of your competitors in the search results.

      SEMrush

      SEMrush works in a similar way. Simply dropping your keyword into the search function of the Keyword Explorer section brings back all the metrics you might expect, such as:

      • Volume
      • Keyword difficulty
      • Global volume
      • Trends
      • Related keywords, variations, and questions

      Keyword overview example data on SEMrush.

      Dig a little further and you’ll see the actual search results for that keyword. You’ll also be able to find competitors to analyze.

      Example of SERP analysis on SEMRush.

      Want to find keywords that your competition ranks for, but you don’t?

      Head over to the Keyword Gap tool and pop in your domain and the domains of your competitors.

      SEMrush Keyword Gap tool.

      In only a few seconds, you’ll have data relating to keyword opportunities for your site, as well as an overlap that shows which keywords the domains have in common, and which are unique to each site.

      You can even see where your site ranks for a given keyword and where your competitors are outranking you.

      Become a Digital Marketing Expert

      Whether you want to monitor your competitors’ website, start a YouTube channel, or set up a Facebook ad, we can help! Subscribe to our monthly digest so you never miss an article.

      Bonus Tools To Add To Your Arsenal

      Unfortunately, no one tool covers everything you need when discovering and analyzing the competition.

      With that in mind, here are a few bonus tools to check out too. 

      • Website Review from WooRank. A free website and SEO checker.
      • Ubersuggest. The free version of Ubersuggest brings together metrics that you would see in a site like SEMrush.
      • Answerthepublic. A free or paid tool that helps you unearth the questions your target market is asking.
      • Screaming Frog. A desktop crawler that can help you establish the SEO tactics your competition is using. This tool can also be used to discover broken links on your own site.
      • Sitebulb. Another desktop crawler that offers insight into how the competition has set up its website. You can then benchmark, pinpoint, and prioritize your SEO efforts in the areas where your competitors are not doing so well.
      • Feedly. A handy tool that enables you to monitor all your competitors’ content in one place.
      • Monitorbacklinks. A tool dedicated entirely to monitoring your own and your competitors’ keywords and backlinks.
      • Website Grader. Primarily a tool for figuring out how to improve your site, it can also be used to grade your competition.
      • Social Mention. A real-time social media and analysis tool that will help you unearth even more of your online competitors.

      Another Great Tool? DreamHost SEO Services

      Now that you have a bevy of tools to track your competition, it’s time to dive in. Whether you want to monitor ads, backlinks, content, or keywords, you now have your arsenal to get informed and get ahead.

      If this is all a little too much to take in and you’d rather leave the nitty-gritty to someone else, why not talk to us about our SEO services? You’ll get your own SEO team, new content every month, regular on-site optimization, and much more — all from just $399 a month.



      Source link

      How To Install and Configure Zabbix to Securely Monitor Remote Servers on Ubuntu 20.04


      Not using Ubuntu 20.04?


      Choose a different version or distribution.

      The author selected the Computer History Museum to receive a donation as part of the Write for DOnations program.

      Introduction

      Zabbix is open-source monitoring software for networks and applications. It offers real-time monitoring of thousands of metrics collected from servers, virtual machines, network devices, and web applications. These metrics can help you determine the current health of your IT infrastructure and detect problems with hardware or software components before customers complain. Useful information is stored in a database so you can analyze data over time and improve the quality of provided services or plan upgrades of your equipment.

      Zabbix uses several options for collecting metrics, including agentless monitoring of user services and client-server architecture. To collect server metrics, it uses a small agent on the monitored client to gather data and send it to the Zabbix server. Zabbix supports encrypted communication between the server and connected clients, so your data is protected while it travels over insecure networks.

      The Zabbix server stores its data in a relational database powered by MySQL or PostgreSQL. You can also store historical data in NoSQL databases like Elasticsearch and TimescaleDB. Zabbix provides a web interface so you can view data and configure system settings.

      In this tutorial, you will configure Zabbix on two Ubuntu 20.04 machines. One will be configured as the Zabbix server, and the other as a client that you’ll monitor. The Zabbix server will use a MySQL database to record monitoring data and use Nginx to serve the web interface.

      Prerequisites

      To follow this tutorial, you will need:

      • Two Ubuntu 20.04 servers set up by following the Initial Server Setup Guide for Ubuntu 20.04, including a non-root user with sudo privileges and a firewall configured with ufw. On one server, you will install Zabbix; this tutorial will refer to this as the Zabbix server. It will monitor your second server; this second server will be referred to as the second Ubuntu server.

      • The server that will run the Zabbix server needs Nginx, MySQL, and PHP installed. Follow Steps 1–3 of our Ubuntu 20.04 LEMP Stack guide to configure those on your Zabbix server.

      • A registered domain name. This tutorial will use your_domain throughout. You can purchase a domain name from Namecheap, get one for free with Freenom, or use the domain registrar of your choice.

      • Both of the following DNS records set up for your Zabbix server. If you are using DigitalOcean, please see our DNS documentation for details on how to add them.

        • An A record with your_domain pointing to your Zabbix server’s public IP address.
        • An A record with www.your_domain pointing to your Zabbix server’s public IP address.

      Additionally, because the Zabbix Server is used to access valuable information about your infrastructure that you would not want unauthorized users to access, it’s important that you keep your server secure by installing a TLS/SSL certificate. This is optional but strongly encouraged. If you would like to secure your server, follow the Let’s Encrypt on Ubuntu 20.04 guide after Step 3 of this tutorial.

      Step 1 — Installing the Zabbix Server

      First, you need to install Zabbix on the server where you installed MySQL, Nginx, and PHP. Log in to this machine as your non-root user:

      • ssh sammy@zabbix_server_ip_address

      Zabbix is available in Ubuntu’s package manager, but it’s outdated, so use the official Zabbix repository to install the latest stable version. Download and install the repository configuration package:

      • wget https://repo.zabbix.com/zabbix/5.0/ubuntu/pool/main/z/zabbix-release/zabbix-release_5.0-1+focal_all.deb
      • sudo dpkg -i zabbix-release_5.0-1+focal_all.deb

      You will see the following output:

      Output

      Selecting previously unselected package zabbix-release. (Reading database ... 64058 files and directories currently installed.) Preparing to unpack zabbix-release_5.0-1+focal_all.deb ... Unpacking zabbix-release (1:5.0-1+focal) ... Setting up zabbix-release (1:5.0-1+focal) ...

      Update the package index so the new repository is included:

      Then install the Zabbix server and web frontend with MySQL database support:

      • sudo apt install zabbix-server-mysql zabbix-frontend-php

      Also, install the Zabbix agent, which will let you collect data about the Zabbix server status itself.

      • sudo apt install zabbix-agent

      Before you can use Zabbix, you have to set up a database to hold the data that the Zabbix server will collect from its agents. You can do this in the next step.

      Step 2 — Configuring the MySQL Database for Zabbix

      You need to create a new MySQL database and populate it with some basic information in order to make it suitable for Zabbix. You’ll also create a specific user for this database so Zabbix isn’t logging in to MySQL with the root account.

      Log in to MySQL as the root user:

      Create the Zabbix database with UTF-8 character support:

      • create database zabbix character set utf8 collate utf8_bin;

      Then create a user that the Zabbix server will use, give it access to the new database, and set the password for the user:

      • create user zabbix@localhost identified by 'your_zabbix_mysql_password';
      • grant all privileges on zabbix.* to zabbix@localhost;

      That takes care of the user and the database. Exit out of the database console.

      Next you have to import the initial schema and data. The Zabbix installation provided you with a file that sets this up.

      Run the following command to set up the schema and import the data into the zabbix database. Use zcat since the data in the file is compressed:

      • zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -p zabbix

      Enter the password for the zabbix MySQL user that you configured when prompted.

      This command may take a minute or two to execute. If you see the error ERROR 1045 (28000): Access denied for userzabbix@'localhost' (using password: YES) then make sure you used the right password for the zabbix user.

      In order for the Zabbix server to use this database, you need to set the database password in the Zabbix server configuration file. Open the configuration file in your preferred text editor. This tutorial will use nano:

      • sudo nano /etc/zabbix/zabbix_server.conf

      Look for the following section of the file:

      /etc/zabbix/zabbix_server.conf

      ...
      ### Option: DBPassword                           
      #       Database password. Ignored for SQLite.   
      #       Comment this line if no password is used.
      #                                                
      # Mandatory: no                                  
      # Default:                                       
      # DBPassword=
      ...
      

      These comments in the file explain how to connect to the database. You need to set the DBPassword value in the file to the password for your database user. Add this line after those comments to configure the database:

      /etc/zabbix/zabbix_server.conf

      ...
      DBPassword=your_zabbix_mysql_password
      ...
      

      Save and close zabbix_server.conf by pressing CTRL+X, followed by Y and then ENTER if you’re using nano.

      You’ve now configured the Zabbix server to connect to the database. Next, you will configure the Nginx web server to serve the Zabbix frontend.

      Step 3 — Configuring Nginx for Zabbix

      To configure Nginx automatically, install the automatic configuration package:

      • sudo apt install zabbix-nginx-conf

      As a result, you will get the configuration file /etc/zabbix/nginx.conf, as well as a link to it in the Nginx configuration directory /etc/nginx/conf.d/zabbix.conf.

      Next, you need to make changes to this file. Open the configuration file:

      • sudo nano /etc/zabbix/nginx.conf

      The file contains an automatically generated Nginx server block configuration. It contains two lines that determine the server name and what port it is listening on:

      /etc/zabbix/nginx.conf

      server {
      #        listen          80;
      #        server_name     example.com;
      ...
      

      Uncomment the two lines, and replace example.com with your domain name. Your settings will look like this:

      /etc/zabbix/nginx.conf

      server {
              listen          80;
              server_name     your_domain;
      ...
      

      Save and close the file. Next, test to make sure that there are no syntax errors in any of your Nginx files and reload the configuration:

      • sudo nginx -t
      • sudo nginx -s reload

      Now that Nginx is set up to serve the Zabbix frontend, you will make some modifications to your PHP setup in order for the Zabbix web interface to work properly.

      Note: As mentioned in the Prerequisites section, it is recommended that you enable SSL/TLS on your server. If you would like to do this, follow our Ubuntu 20.04 Let’s Encrypt tutorial before you move on to Step 4 to obtain a free SSL certificate for Nginx. This process will automatically detect your Zabbix server block and configure it for HTTPS. After obtaining your SSL/TLS certificates, you can come back and complete this tutorial.

      Step 4 — Configuring PHP for Zabbix

      The Zabbix web interface is written in PHP and requires some special PHP server settings. The Zabbix installation process created a PHP-FPM configuration file that contains these settings. It is located in the directory /etc/zabbix and is loaded automatically by PHP-FPM. You need to make a small change to this file, so open it up with the following:

      • sudo nano /etc/zabbix/php-fpm.conf

      The file contains PHP settings that meet the necessary requirements for the Zabbix web interface. However, the timezone setting is commented out by default. To make sure that Zabbix uses the correct time, you need to set the appropriate timezone:

      /etc/zabbix/php-fpm.conf

      ...
      php_value[max_execution_time] = 300
      php_value[memory_limit] = 128M
      php_value[post_max_size] = 16M
      php_value[upload_max_filesize] = 2M
      php_value[max_input_time] = 300
      php_value[max_input_vars] = 10000
      ; php_value[date.timezone] = Europe/Riga
      

      Uncomment the timezone line highlighted in the preceding code block and change it to your timezone. You can use this list of supported time zones to find the right one for you. Then save and close the file.

      Now restart PHP-FPM to apply these new settings:

      • sudo systemctl restart php7.4-fpm.service

      You can now start the Zabbix server:

      • sudo systemctl start zabbix-server

      Then check whether the Zabbix server is running properly:

      • sudo systemctl status zabbix-server

      You will see the following status:

      Output

      ● zabbix-server.service - Zabbix Server Loaded: loaded (/lib/systemd/system/zabbix-server.service; disabled; vendor preset: enabled) Active: active (running) since Fri 2020-06-12 05:59:32 UTC; 36s ago Process: 27026 ExecStart=/usr/sbin/zabbix_server -c $CONFFILE (code=exited, status=0/SUCCESS) ...

      Finally, enable the server to start at boot time:

      • sudo systemctl enable zabbix-server

      The server is set up and connected to the database. Next, set up the web frontend.

      Step 5 — Configuring Settings for the Zabbix Web Interface

      The web interface lets you see reports and add hosts that you want to monitor, but it needs some initial setup before you can use it. Launch your browser and go to the address http://zabbix_server_name or https://zabbix_server_name if you set up Let’s Encrypt. On the first screen, you will see a welcome message. Click Next step to continue.

      On the next screen, you will see the table that lists all of the prerequisites to run Zabbix.

      Prerequisites

      All of the values in this table must be OK, so verify that they are. Be sure to scroll down and look at all of the prerequisites. Once you’ve verified that everything is ready to go, click Next step to proceed.

      The next screen asks for database connection information.

      DB Connection

      You told the Zabbix server about your database, but the Zabbix web interface also needs access to the database to manage hosts and read data. Therefore enter the MySQL credentials you configured in Step 2. Click Next step to proceed.

      On the next screen, you can leave the options at their default values.

      Zabbix Server Details

      The Name is optional; it is used in the web interface to distinguish one server from another in case you have several monitoring servers. Click Next step to proceed.

      The next screen will show the pre-installation summary so you can confirm everything is correct.

      Summary

      Click Next step to proceed to the final screen.

      The web interface setup is now complete. This process creates the configuration file /usr/share/zabbix/conf/zabbix.conf.php, which you could back up and use in the future. Click Finish to proceed to the login screen. The default user is Admin and the password is zabbix.

      Before you log in, set up the Zabbix agent on your second Ubuntu server.

      Step 6 — Installing and Configuring the Zabbix Agent

      Now you need to configure the agent software that will send monitoring data to the Zabbix server.

      Log in to the second Ubuntu server:

      • ssh sammy@second_ubuntu_server_ip_address

      Just like on the Zabbix server, run the following commands to install the repository configuration package:

      • wget https://repo.zabbix.com/zabbix/5.0/ubuntu/pool/main/z/zabbix-release/zabbix-release_5.0-1+focal_all.deb
      • sudo dpkg -i zabbix-release_5.0-1+focal_all.deb

      Next, update the package index:

      Then install the Zabbix agent:

      • sudo apt install zabbix-agent

      While Zabbix supports certificate-based encryption, setting up a certificate authority is beyond the scope of this tutorial. But you can use pre-shared keys (PSK) to secure the connection between the server and agent.

      First, generate a PSK:

      • sudo sh -c "openssl rand -hex 32 > /etc/zabbix/zabbix_agentd.psk"

      Show the key by using cat so you can copy it somewhere:

      • cat /etc/zabbix/zabbix_agentd.psk

      The key will look something like this:

      Output

      75ad6cb5e17d244ac8c00c96a1b074d0550b8e7b15d0ab3cde60cd79af280fca

      Save this for later; you will need it to configure the host.

      Now edit the Zabbix agent settings to set up its secure connection to the Zabbix server. Open the agent configuration file in your text editor:

      • sudo nano /etc/zabbix/zabbix_agentd.conf

      Each setting within this file is documented via informative comments throughout the file, but you only need to edit some of them.

      First you have to edit the IP address of the Zabbix server. Find the following section:

      /etc/zabbix/zabbix_agentd.conf

      ...
      ### Option: Server
      #       List of comma delimited IP addresses, optionally in CIDR notation, or DNS names of Zabbix servers and Zabbix proxies.
      #       Incoming connections will be accepted only from the hosts listed here.
      #       If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally
      #       and '::/0' will allow any IPv4 or IPv6 address.
      #       '0.0.0.0/0' can be used to allow any IPv4 address.
      #       Example: Server=127.0.0.1,192.168.1.0/24,::1,2001:db8::/32,zabbix.example.com
      #
      # Mandatory: yes, if StartAgents is not explicitly set to 0
      # Default:
      # Server=
      
      Server=127.0.0.1
      ...
      

      Change the default value to the IP of your Zabbix server:

      /etc/zabbix/zabbix_agentd.conf

      ...
      Server=zabbix_server_ip_address
      ...
      

      By default, Zabbix server connects to the agent. But for some checks (for example, monitoring the logs), a reverse connection is required. For correct operation, you need to specify the Zabbix server address and a unique host name.

      Find the section that configures the active checks and change the default values:

      /etc/zabbix/zabbix_agentd.conf

      ...
      ##### Active checks related
      
      ### Option: ServerActive
      #       List of comma delimited IP:port (or DNS name:port) pairs of Zabbix servers and Zabbix proxies for active checks.
      #       If port is not specified, default port is used.
      #       IPv6 addresses must be enclosed in square brackets if port for that host is specified.
      #       If port is not specified, square brackets for IPv6 addresses are optional.
      #       If this parameter is not specified, active checks are disabled.
      #       Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1]
      #
      # Mandatory: no
      # Default:
      # ServerActive=
      
      ServerActive=zabbix_server_ip_address
      
      ### Option: Hostname
      #       Unique, case sensitive hostname.
      #       Required for active checks and must match hostname as configured on the server.
      #       Value is acquired from HostnameItem if undefined.
      #
      # Mandatory: no
      # Default:
      # Hostname=
      
      Hostname=Second Ubuntu Server
      ...
      

      Next, find the section that configures the secure connection to the Zabbix server and enable pre-shared key support. Find the TLSConnect section, which looks like this:

      /etc/zabbix/zabbix_agentd.conf

      ...
      ### Option: TLSConnect
      #       How the agent should connect to server or proxy. Used for active checks.
      #       Only one value can be specified:
      #               unencrypted - connect without encryption
      #               psk         - connect using TLS and a pre-shared key
      #               cert        - connect using TLS and a certificate
      #
      # Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
      # Default:
      # TLSConnect=unencrypted
      ...
      

      Then add this line to configure pre-shared key support:

      /etc/zabbix/zabbix_agentd.conf

      ...
      TLSConnect=psk
      ...
      

      Next, locate the TLSAccept section, which looks like this:

      /etc/zabbix/zabbix_agentd.conf

      ...
      ### Option: TLSAccept
      #       What incoming connections to accept.
      #       Multiple values can be specified, separated by comma:
      #               unencrypted - accept connections without encryption
      #               psk         - accept connections secured with TLS and a pre-shared key
      #               cert        - accept connections secured with TLS and a certificate
      #
      # Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
      # Default:
      # TLSAccept=unencrypted
      ...
      

      Configure incoming connections to support pre-shared keys by adding this line:

      /etc/zabbix/zabbix_agentd.conf

      ...
      TLSAccept=psk
      ...
      

      Next, find the TLSPSKIdentity section, which looks like this:

      /etc/zabbix/zabbix_agentd.conf

      ...
      ### Option: TLSPSKIdentity
      #       Unique, case sensitive string used to identify the pre-shared key.
      #
      # Mandatory: no
      # Default:
      # TLSPSKIdentity=
      ...
      

      Choose a unique name to identify your pre-shared key by adding this line:

      /etc/zabbix/zabbix_agentd.conf

      ...
      TLSPSKIdentity=PSK 001
      ...
      

      You’ll use this as the PSK ID when you add your host through the Zabbix web interface.

      Then set the option that points to your previously created pre-shared key. Locate the TLSPSKFile option:

      /etc/zabbix/zabbix_agentd.conf

      ...
      ### Option: TLSPSKFile
      #       Full pathname of a file containing the pre-shared key.
      #
      # Mandatory: no
      # Default:
      # TLSPSKFile=
      ...
      

      Add this line to point the Zabbix agent to your PSK file you created:

      /etc/zabbix/zabbix_agentd.conf

      ...
      TLSPSKFile=/etc/zabbix/zabbix_agentd.psk
      ...
      

      Save and close the file. Now you can restart the Zabbix agent and set it to start at boot time:

      • sudo systemctl restart zabbix-agent
      • sudo systemctl enable zabbix-agent

      For good measure, check that the Zabbix agent is running properly:

      • sudo systemctl status zabbix-agent

      You will see the following status, indicating the agent is running:

      Output

      ● zabbix-agent.service - Zabbix Agent Loaded: loaded (/lib/systemd/system/zabbix-agent.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2020-06-12 08:19:54 UTC; 25s ago ...

      The agent will listen on port 10050 for connections from the server. Configure UFW to allow connections to this port:

      You can learn more about UFW in How To Set Up a Firewall with UFW on Ubuntu 20.04.

      Your agent is now ready to send data to the Zabbix server. But in order to use it, you have to link to it from the server’s web console. In the next step, you will complete the configuration.

      Step 7 — Adding the New Host to the Zabbix Server

      Installing an agent on a server you want to monitor is only half of the process. Each host you want to monitor needs to be registered on the Zabbix server, which you can do through the web interface.

      Log in to the Zabbix Server web interface by navigating to the address http://zabbix_server_name or https://zabbix_server_name:

      The Zabbix login screen

      When you have logged in, click on Configuration and then Hosts in the left navigation bar. Then click the Create host button in the top right corner of the screen. This will open the host configuration page.

      Creating a host

      Adjust the Host name and IP address to reflect the host name and IP address of your second Ubuntu server, then add the host to a group. You can select an existing group, for example Linux servers, or create your own group. The host can be in multiple groups. To do this, enter the name of an existing or new group in the Groups field and select the desired value from the proposed list.

      Before adding the group, click the Templates tab.

      Adding a template to the host

      Type Template OS Linux by Zabbix agent in the Search field and then select it from the list to add this template to the host.

      Next, navigate to the Encryption tab. Select PSK for both Connections to host and Connections from host. Then set PSK identity to PSK 001, which is the value of the TLSPSKIdentity setting of the Zabbix agent you configured previously. Then set PSK value to the key you generated for the Zabbix agent. It’s the one stored in the file /etc/zabbix/zabbix_agentd.psk on the agent machine.

      Setting up the encryption

      Finally, click the Add button at the bottom of the form to create the host.

      You will see your new host in the list. Wait for a minute and reload the page to see green labels indicating that everything is working fine and the connection is encrypted.

      Zabbix shows your new host

      If you have additional servers you need to monitor, log in to each host, install the Zabbix agent, generate a PSK, configure the agent, and add the host to the web interface following the same steps you followed to add your first host.

      The Zabbix server is now monitoring your second Ubuntu server. Now, set up email notifications to be notified about problems.

      Step 8 — Configuring Email Notifications

      Zabbix automatically supports many types of notifications: email, OTRS, Slack, Telegram, SMS, etc. You can see the full list of integrations at the Zabbix website.

      As an example, this tutorial will configure notifications for the Email media type.

      Click on Administration, and then Media types in the left navigation bar. You will see the list of all media types. There are two preconfigured options for emails: for the plain text notification and for the HTML notifications. In this tutorial you will use plain text notification. Click on Email.

      Adjust the SMTP options according to the settings provided by your email service. This tutorial uses Gmail’s SMTP capabilities to set up email notifications; if you would like more information about setting this up, see How To Use Google’s SMTP Server.


      Note: If you use 2-Step Verification with Gmail, you need to generate an App Password for Zabbix. You’ll only have to enter an App password once during setup. You will find instructions on how to generate this password in the Google Help Center.

      If you are using Gmail, type in smtp.gmail.com for the SMTP server field, 465 for the SMTP server port field, gmail.com for SMTP helo, and your email for SMTP email. Then choose SSL/TLS for Connection security and Username and password for Authentication. Enter your Gmail address as the Username, and the App Password you generated from your Google account as the Password.

      Setting up email media type

      On the Message templates tab you can see the list of predefined messages for various types of notifications. Finally, click the Update button at the bottom of the form to update the email parameters.

      Now you can test sending notifications. To do this, click the Test underlined link in the corresponding line.

      You will see a pop-up window. Enter your email address in the Send to field and click the Test button. You will see a message about the successful sending and you will receive a test message.

      Testing email

      Close the pop-up by clicking the Cancel button.

      Now, create a new user. Click on Administration, and then Users in the left navigation bar. You will see the list of users. Then click the Create user button in the top right corner of the screen. This will open the user configuration page:

      Creating a user

      Enter the new username in the Alias field and set up a new password. Next, add the user to the administrator’s group. Type Zabbix administrators in the Groups field and select it from the proposed list.

      Once you’ve added the group, click the Media tab and click on the Add underlined link (not the Add button below it). You will see a pop-up window.

      Adding an email

      Select the Email option from the Type drop down. Enter your email address in the Send to field. You can leave the rest of the options at the default values. Click the Add button at the bottom to submit.

      Now navigate to the Permissions tab. Select Zabbix Super Admin from the User type drop-down menu.

      Finally, click the Add button at the bottom of the form to create the user.

      Note: Using the default password is not safe. In order to change the password of the built-in user Admin click on the alias in the list of users. Then click Change password, enter a new password, and confirm the changes by clicking Update button.

      Now you need to enable notifications. Click on the Configuration tab and then Actions in the left navigation bar. You will see a pre-configured action, which is responsible for sending notifications to all Zabbix administrators. You can review and change the settings by clicking on its name. For the purposes of this tutorial, use the default parameters. To enable the action, click on the red Disabled link in the Status column.

      Now you are ready to receive alerts. In the next step, you will generate one to test your notification setup.

      Step 9 — Generating a Test Alert

      In this step, you will generate a test alert to ensure everything is connected. By default, Zabbix keeps track of the amount of free disk space on your server. It automatically detects all disk mounts and adds the corresponding checks. This discovery is executed every hour, so you need to wait a while for the notification to be triggered.

      Create a temporary file that’s large enough to trigger Zabbix’s file system usage alert. To do this, log in to your second Ubuntu server if you’re not already connected:

      • ssh sammy@second_ubuntu_server_ip_address

      Next, determine how much free space you have on the server. You can use the df command to find out:

      The command df will report the disk space usage of your file system, and the -h will make the output human-readable. You’ll see output like the following:

      Output

      Filesystem Size Used Avail Use% Mounted on /dev/vda1 78G 1.4G 77G 2% /

      In this case, the free space is 77G. Your free space may differ.

      Use the fallocate command, which allows you to pre-allocate or de-allocate space to a file, to create a file that takes up more than 80% of the available disk space. This will be enough to trigger the alert:

      • fallocate -l 70G /tmp/temp.img

      After around an hour, Zabbix will trigger an alert about the amount of free disk space and will run the action you configured, sending the notification message. You can check your inbox for the message from the Zabbix server. You will see a message like:

      Problem started at 09:49:08 on 2020.06.12
      Problem name: /: Disk space is low (used > 80%)
      Host: Second Ubuntu Server
      Severity: Warning
      Operational data: Space used: 71.34 GB of 77.36 GB (92.23 %)
      Original problem ID: 106
      

      You can also navigate to the Monitoring tab and then Dashboard to see the notification and its details.

      Main dashboard

      Now that you know the alerts are working, delete the temporary file you created so you can reclaim your disk space:

      After a minute Zabbix will send the recovery message and the alert will disappear from the main dashboard.

      Conclusion

      In this tutorial, you learned how to set up a simple and secure monitoring solution that will help you monitor the state of your servers. It can now warn you of problems, and you have the opportunity to analyze the processes occurring in your IT infrastructure.

      To learn more about setting up monitoring infrastructure, check out our Monitoring topic page.



      Source link

      How To Monitor Server Health with Checkmk on Ubuntu 18.04


      The author selected the Open Internet/Free Speech Fund to receive a donation as part of the Write for DOnations program.

      Introduction

      As a systems administrator, it’s a best practice to know the current state of your infrastructure and services. Ideally, you want to notice failing disks or application downtimes before your users do. Monitoring tools like Checkmk can help administrators detect these issues and maintain healthy servers.

      Generally, monitoring software can track your servers’ hardware, uptime, and service statuses, and it can raise alerts when something goes wrong. In a very basic scenario, a monitoring system would alert you if any services go down. In a more robust one, the notifications would come shortly after any suspicious signs arose, such as increased memory usage or an abnormal amount of TCP connections.

      There are many monitoring solutions available offering varying degrees of complexity and feature sets, both free and commercial. In many cases, the installation, configuration, and management of these tools is difficult and time-consuming.

      Checkmk, however, is a monitoring solution that is both robust and simpler to install. It is a self-contained software bundle that combines Nagios (a popular and open-source alerting service) with add-ons for gathering, monitoring, and graphing data. It also comes with Checkmk’s web interface — a comprehensive tool that addresses many of Nagios’s shortcomings. It offers a user-friendly dashboard, a full-featured notification system, and a repository of easy-to-install monitoring agents for many Linux distributions. If it weren’t for Checkmk’s web interface, we would have to use different views for different tasks and it wouldn’t be possible to configure all these features without resorting to extensive file modifications.

      In this guide we will set up Checkmk on an Ubuntu 18.04 server and monitor two separate hosts. We will monitor the Ubuntu server itself as well as a separate CentOS 7 server, but we could use the same approach to add any number of additional hosts to our monitoring configuration.

      Prerequisites

      • One Ubuntu 18.04 server with a regular, non-root user with sudo privileges. You can learn how to prepare your server by following this initial server setup tutorial.
      • One CentOS 7 server with a regular, non-root user with sudo privileges. To prepare this server you can follow this initial server setup tutorial.

      Step 1 — Installing Checkmk on Ubuntu

      In order to use our monitoring site, we first must install Checkmk on the Ubuntu server. This will give us all the tools we need. Checkmk provides official ready-to-use Ubuntu package files that we can use to install the software bundle.

      First, let’s update the packages list so that we have the most recent version of the repository listings:

      To browse the packages we can go to the package listing site. Ubuntu 18.04, among others, can be selected in the page menu.

      Now download the package:

      • wget https://checkmk.com/support/1.6.0p8/check-mk-raw-1.6.0p8_0.bionic_amd64.deb

      Then install the newly downloaded package:

      • sudo apt install -y ./check-mk-raw-1.6.0p8_0.bionic_amd64.deb

      This command will install the Checkmk package along with all necessary dependencies, including the Apache web server that is used to provide web access to the monitoring interface.

      After the installation completes, we now can access the omd command. Try it out:

      This omd command will output the following:

      Output

      Usage (called as root): omd help Show general help . . . General Options: -V <version> set specific version, useful in combination with update/create omd COMMAND -h, --help show available options of COMMAND

      The omd command can manage all Checkmk instances on our server. It can start and stop all the monitoring services at once, and we will use it to create our Checkmk instance. First, however, we have to update our firewall settings to allow outside access to the default web ports.

      Step 2 — Adjusting the Firewall Settings

      Before we’ll be able to work with Checkmk, it’s necessary to allow outside access to the web server in the firewall configuration. Assuming that you followed the firewall configuration steps in the prerequisites, you’ll have a UFW firewall set up to restrict access to your server.

      During installation, Apache registers itself with UFW to provide an easy way to enable or disable access to Apache through the firewall.

      To allow access to Apache, use the following command:

      Now verify the changes:

      You’ll see that Apache is listed among the allowed services:

      Output

      Status: active To Action From -- ------ ---- OpenSSH ALLOW Anywhere Apache ALLOW Anywhere OpenSSH (v6) ALLOW Anywhere (v6) Apache (v6) ALLOW Anywhere (v6)

      This will allow us to access the Checkmk web interface.

      In the next step, we’ll create the first Checkmk monitoring instance.

      Step 3 — Creating a Checkmk Monitoring Instance

      Checkmk uses the concept of instances, or individual installations, to isolate multiple Checkmk copies on a server. In most cases, only one copy of Checkmk is enough and that’s how we will configure the software in this guide.

      First we must give our new instance a name, and we will use monitoring throughout this text. To create the instance, type:

      • sudo omd create monitoring

      The omd tool will set up everything for us automatically. The command output will look similar to the following:

      Output

      Adding /opt/omd/sites/monitoring/tmp to /etc/fstab. Creating temporary filesystem /omd/sites/monitoring/tmp...OK Restarting Apache...OK Created new site monitoring with version 1.6.0p8.cre. The site can be started with omd start monitoring. The default web UI is available at http://your_ubuntu_server/monitoring/ The admin user for the web applications is cmkadmin with password: your-default-password (It can be changed with 'htpasswd -m ~/etc/htpasswd cmkadmin' as site user.) Please do a su - monitoring for administration of this site.

      In this output the URL address, default username, and password for accessing our monitoring interface are highlighted. The instance is now created, but it still needs to be started. To start the instance, type:

      • sudo omd start monitoring

      Now all the necessary tools and services will be started at once. At the end we we’ll see an output verifying that all our services have started successfully:

      Output

      Starting mkeventd...OK Starting rrdcached...OK Starting npcd...OK Starting nagios...OK Starting apache...OK Initializing Crontab...OK

      The instance is up and running.

      To access the Checkmk instance, open http://your_ubuntu_server_ip/monitoring/ in the web browser. You will be prompted for a password. Use the default credentials printed beforehand on the screen; we will change these defaults later on.

      The Checkmk screen opens with a dashboard, which shows all our services and server statuses in lists, and it uses practical graphs resembling the Earth. Straight after installation these are empty, but we will shortly make it display statuses for our services and systems.

      Blank Checkmk dashboard

      In the next step, we will change the default password to secure the site using this interface.

      Step 4 — Changing Your Administrative Password

      During installation, Checkmk generates a random password for the cmkadmin administrative user. This password is meant to be changed upon installation, and as such it is often short and not very secure. We can change this via the web interface.

      First, open the Users page from the WATO – Configuration menu on the left. The list will show all users that currently have access to the Checkmk site. On a fresh installation it will list only two users. The first one, automation, is intended for use with automated tools; the second is the cmkadmin user we used to log in to the site.

      List of Checkmk users

      Click on the pencil icon next to the cmkadmin user to change its details, including the password.

      Edit form for Checkmk admin user

      Update the password, add an admin email, and make any other desired changes.

      After saving the changes we will be asked to log in again using our new credentials. Do so and return to the dashboard, where there is one more thing we must do to fully apply our new configuration.

      Once again open the Users page from the WATO – Configuration menu on the left. The orange button in the top left corner labeled as 1 Change tells us that we have made some changes to the configuration of Checkmk, and that we need to save and activate them. This will happen every time we change the configuration of our monitoring system, not only after editing a user’s credentials. To save and activate pending changes we have to click on this button and agree to activate the listed changes using the Activate affected option on the following screen.

      List of Checkmk users after modifications
      Activate configuration changes confirmation screen
      Successfully activated configuration changes

      After activating the changes the new user’s data is written to the configuration files and it will be used by all the system’s components. Checkmk automatically takes care of notifying individual monitoring system components, reloading them when necessary, and managing all the needed configuration files.

      The Checkmk installation is now ready for use. In the next step, we will add the first host to our monitoring system.

      Step 5 — Monitoring the First Host

      We are now ready to monitor the first host. To accomplish this, we will first install check-mk-agent on the Ubuntu server. Then, we’ll restrict access to the monitoring data using xinetd.

      The components installed with Checkmk are responsible for receiving, storing, and presenting monitoring information. They do not provide the information itself.

      To gather the actual data, we will use Checkmk agent. Designed specifically for the job, Checkmk agent is capable of monitoring all vital system components at once and reporting that information back to the Checkmk instance.

      Installing the agent

      The first host we will monitor will be your_ubuntu_server—the server on which we have installed the Checkmk instance itself.

      To begin, we must install the Checkmk agent. Packages for all major distributions, including Ubuntu, are available directly from the web interface. Open the Monitoring Agents page from the WATO – Configuration menu on the left. You will see the available agent downloads with the most popular packages under the first section labeled Packaged agents.

      List of available packaged monitoring agents

      The package check-mk-agent_1.6.0p8-1_all.deb is the one suited for Debian based distributions, including Ubuntu. Copy the download link for that package from the web browser and use that address to download the package.

      • wget http://your_ubuntu_server_ip/monitoring/check_mk/agents/check-mk-agent_1.6.0p8-1_all.deb

      After downloading, install the package:

      • apt install -y ./check-mk-agent_1.6.0p8-1_all.deb

      Now verify that the agent has been successfully installed:

      The command will output a very long text that looks like gibberish but combines all vital information about the system in one place.

      Output

      <<<check_mk>>> Version: 1.6.0p8 AgentOS: linux . . . ["monitoring"] <<<job>>> <<<local>>>

      It is the output from this command that Checkmk uses to gather status data from monitored hosts. Now, we’ll restrict access to the monitoring data with xinetd.

      Restricting Access to Monitoring Data Using xinetd

      By default, the data from check_mk_agent is served using xinetd, a mechanism that outputs data on a certain network port upon accessing it. This means that we can access the check_mk_agent by using telnet to port 6556 (the default port for Checkmk) from any other computer on the internet unless our firewall configuration disallows it.

      It is not a good security policy to publish vital information about servers to anyone on the internet. We should allow only hosts that run Checkmk and are under our supervision to access this data, so that only our monitoring system can gather it.

      If you have followed the initial server setup tutorial including the steps about setting up a firewall, then access to Checkmk agent is by default blocked. It is, however, a good practice to enforce these access restrictions directly in the service configuration and not rely only on the firewall to guard it.

      To restrict access to the agent data, we have to edit the configuration file at /etc/xinetd.d/check_mk. Open the configuration file in your favorite editor. To use nano, type:

      • sudo nano /etc/xinetd.d/check_mk

      Locate this section:

      /etc/xinetd.d/check_mk

      . . .
      # configure the IP address(es) of your Nagios server here:
      #only_from      = 127.0.0.1 10.0.20.1 10.0.20.2
      . . .
      

      The only_from setting is responsible for restricting access to certain IP addresses. Because we are now working on monitoring the same server that Checkmk is running on, it is ok to allow only localhost to connect. Uncomment and update the configuration setting to:

      /etc/xinetd.d/check_mk

      . . .
      # configure the IP address(es) of your Nagios server here:
      only_from      = 127.0.0.1
      . . .
      

      Save and exit the file.

      The xinetd daemon has to be restarted for changes to take place. Do so now:

      • sudo systemctl restart xinetd

      Now our agent is up and running and restricted to accept only local connections. We can proceed to configure monitoring for that host using Checkmk.

      Configuring Host in Checkmk Web Interface

      First, to add a new host to monitor we have to go to the Hosts menu in the WATO – Configuration menu on the left. From here click Create new host. We will be asked for some information about the host.

      Creating a new host in Checkmk

      The Hostname is the familiar name that Checkmk will use for the monitoring. It may be a fully-qualified domain name, but it is not necessary. In this example, we will name the host monitoring, just like the name of the Checkmk instance itself. Because monitoring is not resolvable to our IP address, we also have to provide the IP address of our server. And since we are monitoring the local host, the IP will simply be 127.0.0.1. Check the IPv4 Address box to enable the manual IP input and enter the value in the text field.

      The default configuration of the Data Sources section relies on Checkmk agent to provide monitoring data, which is fine. The Networking Segment setting is used to denote hosts on remote networks, which are characterized by a higher expected latency that is not a sign of malfunction. Since this is a local host, the default setting is fine as well.

      To save the host and configure which services will be monitored, click the Save & go to services button.

      List of available services to monitor

      Checkmk will do an automatic inventory. That means it will gather the output from the agent and decipher it to know what kinds of services it can monitor. All available services for monitoring will be on the list, including CPU load, memory usage, and free space on disks.

      To enable monitoring of all discovered services, we have to click the Monitor button under the Undecided services (currently not monitored) section. This will refresh the page, but now all services will be listed under the Monitored services section, informing us that they are indeed being monitored.

      As was the case when changing our user password, these new changes must be saved and activated before they go live. Press the 2 changes button and accept the changes using the Activate affected button. After that, the host monitoring will be up and running.

      Now you are ready to work with your server data. Take a look at the main dashboard using the Overview/Main Overview menu item on the left.

      Working with Monitoring Data

      Now let’s take a look at the main dashboard using the Overview/Main Overview menu item on the left:

      Monitoring dashboard with all services healthy

      The Earth sphere is now fully green and the table says that one host is up with no problems. We can see the full host list, which now consists of a single host, in the Hosts/All hosts view (using the menu on the left).

      List of hosts with all services healthy

      There we will see how many services are in good health (shown in green), how many are failing, and how many are pending to be checked. After clicking on the hostname we will be able to see the list of all services with their full statuses and their Perf-O-Meters. Perf-O-Meter shows the performance of a single service relative to what Checkmk considers to be good health.

      Details of a host service status

      All services that return graphable data display a graph icon next to their name. We can use that icon to get access to graphs associated with the service. Since the host monitoring is fresh, there is almost nothing on the graphs—but after some time the graphs will provide valuable information on how our service performance changes over time.

      Graphs depicting CPU load on the server

      When any of these services fails or recovers, the information will be shown on the dashboard. For failing services a red error will be shown, and the problem will also be visible on the Earth graph.

      Dashboard with one host having problems

      After recovery, everything will be shown in green as working properly, but the event log on the right will contain information about past failures.

      Dashboard with one host recovered after problems

      Now that we have explored the dashboard a little, let’s add a second host to our monitoring instance.

      Step 6 — Monitoring a Second CentOS Host

      Monitoring gets really useful when you have multiple hosts. We will now add a second server to our Checkmk instance, this time running CentOS 7.

      As with our Ubuntu server, installing Checkmk agent is necessary to gather monitoring data on CentOS. This time, however, we will need an rpm package from the Monitoring Agents page in the web interface, called check-mk-agent-1.6.0p8-1.noarch.rpm.

      First, however, we must install xinetd, which by default is not available on the CentOS installation. Xinetd, we will remember, is a daemon that is responsible for making the monitoring data provided by check_mk_agent available over the network.

      On your CentOS server, first install xinetd:

      • sudo yum install -y xinetd

      Now we can download and install the monitoring agent package needed for our CentOS server:

      • sudo yum install -y http://your_ubuntu_server_ip/monitoring/check_mk/agents/check-mk-agent-1.6.0p8-1.noarch.rpm

      Just like before, we can verify that the agent is working properly by executing check_mk_agent:

      The output will be similar to that from the Ubuntu server. Now we will restrict access to the agent.

      Restricting Access

      This time we will not be monitoring a local host, so xinetd must allow connections coming from the Ubuntu server, where Checkmk is installed, to gather the data. To allow that, first open your configuration file:

      • sudo vi /etc/xinetd.d/check_mk

      Here you will see the configuration for your check_mk service, specifying how Checkmk agent can be accessed through the xinetd daemon. Find the following two commented lines:

      /etc/xinetd.d/check_mk

      . . .
      # configure the IP address(es) of your Nagios server here:
      #only_from      = 127.0.0.1 10.0.20.1 10.0.20.2
      . . .
      

      Now uncomment the second line and replace the local IP addresses with your_ubuntu_server_ip:

      /etc/xinetd.d/check_mk

      . . .
      # configure the IP address(es) of your Nagios server here:
      only_from      = your_ubuntu_server_ip
      . . .
      

      Save and exit the file by typing :x and then ENTER. Restart the xinetd service using:

      • sudo systemctl restart xinetd

      We can now proceed to configure Checkmk to monitor our CentOS 7 host.

      Configuring the New Host in Checkmk

      To add additional hosts to Checkmk, we use the Hosts menu just like before. This time we will name the host centos, configure its IP address, and choose WAN (high-latency) under the Networking Segment select box, since the host is on another network. If we skipped this and left it as local, Checkmk would soon alert us that the host is down, since it would expect it to respond to agent queries much quicker than is possible over the internet.

      Creating second host configuration screen

      Click Save & go to services, which will show services available for monitoring on the CentOS server. The list will be very similar to the one from the first host. Again, this time we also must click Monitor and then activate the changes using the orange button on the top left corner.

      After activating the changes, we can verify that the host is monitored on the All hosts page. Go there. Two hosts, monitoring and centos, will now be visible.

      List of hosts with two hosts being monitored

      You are now monitoring an Ubuntu server and a CentOS server with Checkmk. It is possible to monitor even more hosts. In fact, there is no upper limit other than server performance, which should not be a problem until your hosts number in the hundreds. Moreover, the procedure is the same for any other host. Checkmk agents in deb and rpm packages work on Ubuntu, CentOS, and the majority of other Linux distributions.

      Conclusion

      In this guide we set up two servers with two different Linux distributions: Ubuntu and CentOS. We then installed and configured Checkmk to monitor both servers, and explored Checkmk’s powerful web interface.

      Checkmk allows for the easy setup of a complete and versatile monitoring system, which packs all the hard work of manual configuration into an easy-to-use web interface full of options and features. With these tools it is possible to monitor multiple hosts; set up email, SMS, or push notifications for problems; set up additional checks for more services; monitor accessibility and performance, and so on.

      To learn more about Checkmk, make sure to visit the official documentation.



      Source link