Configure Zabbix to send email notifications on CentOS 7
It seems that the task is not the newest. And articles in google carts and a small cart. But for some reason it took me almost a week to do all the experiments and trampling on all kinds of rakes.
So, the task: the CentOS 7 server, the LEMP kit is installed, the Zabbix 2.4.6 server is installed. It is necessary to configure sending notifications to administrators by mail.
Disclaimer - CentOS was set according to the “sex and again sex” method - minimal installations. In view of this, some “must be out of the box” packages do not work, because no one has delivered them yet.
After smoking a number of manuals, it became clear that to send mail we need, at a minimum, a mail pad capable of SMTP with authorization and a script for Zabbix.
We use ssmtp as the mail client.
Then in /etc/ssmtp/ssmtp.conf
Then there was an attempt to set ssmtp as a substitute for sendmail and use the mail command (mailx package) to send mail, but the letters, although they arrived, were not readable (the text did not come in the text field, but as a binary attachment).
In the end, mutt had to be installed as a replacement for mail.
See where we have the zabbix user home directory:
Then create mutt settings file in zabbix home directory
Now you need to write a script to send mail and put it in / usr / lib / zabbix / alertscripts. Let the script name be: send_mail.sh:
Now setting up zabbix itself. In the Web interface: Administration - Alert methods - Email
Checking the zabbix config (/etc/zabbix/zabbix_server.conf)
Restart the zabbix server:
And now, if we, in violation of all guidelines, turned off SELinux, everything works for us and alerts go.
However, with SELinux turned on, there were no and no letters . We pass to training SELinux. To speed up further configuration, it’s convenient to start some kind of trigger that we can easily and often change state of (I did not bother and used server reboot with zabbix, because I had no other loads on this virtual machine yet). It takes only 4 steps to complete the SELinux setup, but they will have to be repeated as many times as needed on your system (it took me 5 or 6 iterations).
For personal “convenience”, I did not collect allowing rules into one SELinux module file, but into a separate file for each iteration, so that later I could carefully examine their contents. Therefore, the module name was used according to the ZabSeModuleN scheme, where N at the end of the file name is the iteration number, as a result, we get the group of files ZabSeModule1.te, ZabSeModule1.mod, ZabSeModule1.pp, ZabSeModule2.te, ZabSeModule2.mod, ZabSeModule2.pp, etc. .
• ausearch -m avc -ts today
If the output is different, follow the steps below.
• cat /var/log/audit/audit.log | audit2allow -m ZabSeModuleN> ZabSeModuleN.te
• checkmodule -M -m -o ZabSeModuleN.mod ZabSeModuleN.te
• semodule_package -o ZabSeModuleN.pp -m ZabSeModuleN.mod
• semodule -i ZabSeModule
• rm /var/log/audit/audit.log
• reboot
Reboot is only a method to trigger the “Zabbix server restarted” trigger
For lovers of order - after receiving a complete list of SELinux rules, they can be collected into a single .te file, and by deleting from the system previous modules, create and install one new one.
According to the result of alerts from Zabbix go regularly and with pleasure.
The following articles were honestly used in the configuration process:
Lissyara - 'Problem Solving' or 'Tinkering in Linux - 2' (c) Fomalhaut
Denis Volkov - Configuring SELinux NetSkills - Zabbix Security
Policies. Video lesson number 4. Set up email alerts. Part 2 (zabbix gmail)
So, the task: the CentOS 7 server, the LEMP kit is installed, the Zabbix 2.4.6 server is installed. It is necessary to configure sending notifications to administrators by mail.
Disclaimer - CentOS was set according to the “sex and again sex” method - minimal installations. In view of this, some “must be out of the box” packages do not work, because no one has delivered them yet.
After smoking a number of manuals, it became clear that to send mail we need, at a minimum, a mail pad capable of SMTP with authorization and a script for Zabbix.
We use ssmtp as the mail client.
yum install ssmtp
Then in /etc/ssmtp/ssmtp.conf
root=mailbox@mail.server #почтовый ящик zabbixa
mailhub=smtp.mail.server #Если нужен TLS, то указывает еще порт ":465"
rewriteDomain=mail.server
AuthUser=mail_username
AuthPass=mail_password
FromLineOverride=YES
#UseTLS=YES #если нужен TLS раскомментировать эту строку
Then there was an attempt to set ssmtp as a substitute for sendmail and use the mail command (mailx package) to send mail, but the letters, although they arrived, were not readable (the text did not come in the text field, but as a binary attachment).
In the end, mutt had to be installed as a replacement for mail.
yum install mutt
See where we have the zabbix user home directory:
getent passwd zabbix
zabbix:x:997:996:Zabbix Monitoring System:/var/lib/zabbix:/bin/bash
Then create mutt settings file in zabbix home directory
touch /var/lib/zabbix/.muttrc
echo set from="mailbox@mail.server" >> /var/lib/zabbix/.muttrc
set realname ="My Zabbix Monitoring" >> /var/lib/zabbix/.muttrc
set sendmail="/usr/sbin/ssmtp" >> /var/lib/zabbix/.muttrc
set charset="utf-8" >> /var/lib/zabbix/.muttrc
set copy=no >> /var/lib/zabbix/.muttrc
chown zabbix:zabbix /var/lib/zabbix/.muttrc
Now you need to write a script to send mail and put it in / usr / lib / zabbix / alertscripts. Let the script name be: send_mail.sh:
#!/bin/bash
to=$1
subject=$2
body=$3
echo `date`" mail sended to:" $to >> /var/log/zabmail.log #после завершения отладки закомментировать эти строки
echo `date`" mail subj:" $subject >> /var/log/zabmail.log #после завершения отладки закомментировать эти строки
echo `date`" mail text:" $body >> /var/log/zabmail.log #после завершения отладки закомментировать эти строки
echo $body | mutt -s "$subject" "$to"
Now setting up zabbix itself. In the Web interface: Administration - Alert methods - Email
Type: Script Script
name: send_mail.sh
Activated: Yes (cheked)
Checking the zabbix config (/etc/zabbix/zabbix_server.conf)
AlertScriptsPath=/usr/lib/zabbix/alertscripts
Restart the zabbix server:
service zabbix-server restart
And now, if we, in violation of all guidelines, turned off SELinux, everything works for us and alerts go.
However, with SELinux turned on, there were no and no letters . We pass to training SELinux. To speed up further configuration, it’s convenient to start some kind of trigger that we can easily and often change state of (I did not bother and used server reboot with zabbix, because I had no other loads on this virtual machine yet). It takes only 4 steps to complete the SELinux setup, but they will have to be repeated as many times as needed on your system (it took me 5 or 6 iterations).
For personal “convenience”, I did not collect allowing rules into one SELinux module file, but into a separate file for each iteration, so that later I could carefully examine their contents. Therefore, the module name was used according to the ZabSeModuleN scheme, where N at the end of the file name is the iteration number, as a result, we get the group of files ZabSeModule1.te, ZabSeModule1.mod, ZabSeModule1.pp, ZabSeModule2.te, ZabSeModule2.mod, ZabSeModule2.pp, etc. .
• ausearch -m avc -ts today
If the output is different, follow the steps below.
• cat /var/log/audit/audit.log | audit2allow -m ZabSeModuleN> ZabSeModuleN.te
• checkmodule -M -m -o ZabSeModuleN.mod ZabSeModuleN.te
• semodule_package -o ZabSeModuleN.pp -m ZabSeModuleN.mod
• semodule -i ZabSeModule
• rm /var/log/audit/audit.log
• reboot
Reboot is only a method to trigger the “Zabbix server restarted” trigger
For lovers of order - after receiving a complete list of SELinux rules, they can be collected into a single .te file, and by deleting from the system previous modules, create and install one new one.
According to the result of alerts from Zabbix go regularly and with pleasure.
The following articles were honestly used in the configuration process:
Lissyara - 'Problem Solving' or 'Tinkering in Linux - 2' (c) Fomalhaut
Denis Volkov - Configuring SELinux NetSkills - Zabbix Security
Policies. Video lesson number 4. Set up email alerts. Part 2 (zabbix gmail)