[ipfire-2.x.git] / config / zabbix_agentd / zabbix_agentd.conf

# This is a configuration file for Zabbix agent daemon (Unix)
# To get more information about Zabbix, visit http://www.zabbix.com

############ GENERAL PARAMETERS #################

### Option: PidFile
#	Name of PID file.
#
# Mandatory: no
# Default:
# PidFile=/tmp/zabbix_agentd.pid

PidFile=/var/run/zabbix/zabbix_agentd.pid

### Option: LogType
#	Specifies where log messages are written to:
#		system  - syslog
#		file    - file specified with LogFile parameter
#		console - standard output
#
# Mandatory: no
# Default:
# LogType=file

### Option: LogFile
#	Log file name for LogType 'file' parameter.
#
# Mandatory: yes, if LogType is set to file, otherwise no
# Default:
# LogFile=

LogFile=/var/log/zabbix/zabbix_agentd.log

### Option: LogFileSize
#	Maximum size of log file in MB.
#	0 - disable automatic log rotation.
#
# Mandatory: no
# Range: 0-1024
# Default:
# LogFileSize=1

LogFileSize=0

### Option: DebugLevel
#	Specifies debug level:
#	0 - basic information about starting and stopping of Zabbix processes
#	1 - critical information
#	2 - error information
#	3 - warnings
#	4 - for debugging (produces lots of information)
#	5 - extended debugging (produces even more information)
#
# Mandatory: no
# Range: 0-5
# Default:
# DebugLevel=3

### Option: SourceIP
#	Source IP address for outgoing connections.
#
# Mandatory: no
# Default:
# SourceIP=

### Option: AllowKey
#	Allow execution of item keys matching pattern.
#	Multiple keys matching rules may be defined in combination with DenyKey.
#	Key pattern is wildcard expression, which support "*" character to match any number of any characters in certain position. It might be used in both key name and key arguments.
#	Parameters are processed one by one according their appearance order.
#	If no AllowKey or DenyKey rules defined, all keys are allowed.
#
# Mandatory: no

### Option: DenyKey
#	Deny execution of items keys matching pattern.
#	Multiple keys matching rules may be defined in combination with AllowKey.
#	Key pattern is wildcard expression, which support "*" character to match any number of any characters in certain position. It might be used in both key name and key arguments.
#	Parameters are processed one by one according their appearance order.
#	If no AllowKey or DenyKey rules defined, all keys are allowed.
#       Unless another system.run[*] rule is specified DenyKey=system.run[*] is added by default.
#
# Mandatory: no
# Default:
# DenyKey=system.run[*]

### Option: EnableRemoteCommands - Deprecated, use AllowKey=system.run[*] or DenyKey=system.run[*] instead
#	Internal alias for AllowKey/DenyKey parameters depending on value:
#	0 - DenyKey=system.run[*]
#	1 - AllowKey=system.run[*]
#
# Mandatory: no

### Option: LogRemoteCommands
#	Enable logging of executed shell commands as warnings.
#	0 - disabled
#	1 - enabled
#
# Mandatory: no
# Default:
# LogRemoteCommands=0

##### Passive checks related

### Option: Server
#	List of comma delimited IP addresses, optionally in CIDR notation, or DNS names of Zabbix servers and Zabbix proxies.
#	Incoming connections will be accepted only from the hosts listed here.
#	If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally
#	and '::/0' will allow any IPv4 or IPv6 address.
#	'0.0.0.0/0' can be used to allow any IPv4 address.
#	Example: Server=127.0.0.1,192.168.1.0/24,::1,2001:db8::/32,zabbix.example.com
#
# Mandatory: yes, if StartAgents is not explicitly set to 0
# Default:
# Server=

Server=127.0.0.1

### Option: ListenPort
#	Agent will listen on this port for connections from the server.
#
# Mandatory: no
# Range: 1024-32767
# Default:
# ListenPort=10050

### Option: ListenIP
#	List of comma delimited IP addresses that the agent should listen on.
#	First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks.
#
# Mandatory: no
# Default:
# ListenIP=0.0.0.0

### Option: StartAgents
#	Number of pre-forked instances of zabbix_agentd that process passive checks.
#	If set to 0, disables passive checks and the agent will not listen on any TCP port.
#
# Mandatory: no
# Range: 0-100
# Default:
# StartAgents=3

##### Active checks related

### Option: ServerActive
#	List of comma delimited IP:port (or DNS name:port) pairs of Zabbix servers and Zabbix proxies for active checks.
#	If port is not specified, default port is used.
#	IPv6 addresses must be enclosed in square brackets if port for that host is specified.
#	If port is not specified, square brackets for IPv6 addresses are optional.
#	If this parameter is not specified, active checks are disabled.
#	Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1]
#
# Mandatory: no
# Default:
# ServerActive=

ServerActive=127.0.0.1

### Option: Hostname
#	Unique, case sensitive hostname.
#	Required for active checks and must match hostname as configured on the server.
#	Value is acquired from HostnameItem if undefined.
#
# Mandatory: no
# Default:
# Hostname=

### Option: HostnameItem
#	Item used for generating Hostname if it is undefined. Ignored if Hostname is defined.
#	Does not support UserParameters or aliases.
#
# Mandatory: no
# Default:
# HostnameItem=system.hostname

### Option: HostMetadata
#	Optional parameter that defines host metadata.
#	Host metadata is used at host auto-registration process.
#	An agent will issue an error and not start if the value is over limit of 255 characters.
#	If not defined, value will be acquired from HostMetadataItem.
#
# Mandatory: no
# Range: 0-255 characters
# Default:
# HostMetadata=

### Option: HostMetadataItem
#	Optional parameter that defines an item used for getting host metadata.
#	Host metadata is used at host auto-registration process.
#	During an auto-registration request an agent will log a warning message if
#	the value returned by specified item is over limit of 255 characters.
#	This option is only used when HostMetadata is not defined.
#
# Mandatory: no
# Default:
# HostMetadataItem=

### Option: HostInterface
#	Optional parameter that defines host interface.
#	Host interface is used at host auto-registration process.
#	An agent will issue an error and not start if the value is over limit of 255 characters.
#	If not defined, value will be acquired from HostInterfaceItem.
#
# Mandatory: no
# Range: 0-255 characters
# Default:
# HostInterface=

### Option: HostInterfaceItem
#	Optional parameter that defines an item used for getting host interface.
#	Host interface is used at host auto-registration process.
#	During an auto-registration request an agent will log a warning message if
#	the value returned by specified item is over limit of 255 characters.
#	This option is only used when HostInterface is not defined.
#
# Mandatory: no
# Default:
# HostInterfaceItem=

### Option: RefreshActiveChecks
#	How often list of active checks is refreshed, in seconds.
#
# Mandatory: no
# Range: 60-3600
# Default:
# RefreshActiveChecks=120

### Option: BufferSend
#	Do not keep data longer than N seconds in buffer.
#
# Mandatory: no
# Range: 1-3600
# Default:
# BufferSend=5

### Option: BufferSize
#	Maximum number of values in a memory buffer. The agent will send
#	all collected data to Zabbix Server or Proxy if the buffer is full.
#
# Mandatory: no
# Range: 2-65535
# Default:
# BufferSize=100

### Option: MaxLinesPerSecond
#	Maximum number of new lines the agent will send per second to Zabbix Server
#	or Proxy processing 'log' and 'logrt' active checks.
#	The provided value will be overridden by the parameter 'maxlines',
#	provided in 'log' or 'logrt' item keys.
#
# Mandatory: no
# Range: 1-1000
# Default:
# MaxLinesPerSecond=20

############ ADVANCED PARAMETERS #################

### Option: Alias
#	Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one.
#	Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed.
#	Different Alias keys may reference the same item key.
#	For example, to retrieve the ID of user 'zabbix':
#	Alias=zabbix.userid:vfs.file.regexp[/etc/passwd,^zabbix:.:([0-9]+),,,,\1]
#	Now shorthand key zabbix.userid may be used to retrieve data.
#	Aliases can be used in HostMetadataItem but not in HostnameItem parameters.
#
# Mandatory: no
# Range:
# Default:

### Option: Timeout
#	Spend no more than Timeout seconds on processing
#
# Mandatory: no
# Range: 1-30
# Default:
# Timeout=3

### Option: AllowRoot
#	Allow the agent to run as 'root'. If disabled and the agent is started by 'root', the agent
#	will try to switch to the user specified by the User configuration option instead.
#	Has no effect if started under a regular user.
#	0 - do not allow
#	1 - allow
#
# Mandatory: no
# Default:
# AllowRoot=0

### Option: User
#	Drop privileges to a specific, existing user on the system.
#	Only has effect if run as 'root' and AllowRoot is disabled.
#
# Mandatory: no
# Default:
# User=zabbix

### Option: Include
#	You may include individual files or all files in a directory in the configuration file.
#	Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time.
#
# Mandatory: no
# Default:
# Include=

Include=/etc/zabbix_agentd/zabbix_agentd.d/*.conf

####### USER-DEFINED MONITORED PARAMETERS #######

### Option: UnsafeUserParameters
#	Allow all characters to be passed in arguments to user-defined parameters.
#	The following characters are not allowed:
#	\ ' " ` * ? [ ] { } ~ $ ! & ; ( ) < > | # @
#	Additionally, newline characters are not allowed.
#	0 - do not allow
#	1 - allow
#
# Mandatory: no
# Range: 0-1
# Default:
# UnsafeUserParameters=0

### Option: UserParameter
#	User-defined parameter to monitor. There can be several user-defined parameters.
#	Format: UserParameter=<key>,<shell command>
#	See 'zabbix_agentd' directory for examples.
#
# Mandatory: no
# Default:
# UserParameter=

####### LOADABLE MODULES #######

### Option: LoadModulePath
#	Full path to location of agent modules.
#	Default depends on compilation options.
#	To see the default path run command "zabbix_agentd --help".
#
# Mandatory: no
# Default:
# LoadModulePath=${libdir}/modules

LoadModulePath=/usr/lib/zabbix

### Option: LoadModule
#	Module to load at agent startup. Modules are used to extend functionality of the agent.
#	Formats:
#		LoadModule=<module.so>
#		LoadModule=<path/module.so>
#		LoadModule=</abs_path/module.so>
#	Either the module must be located in directory specified by LoadModulePath or the path must precede the module name.
#	If the preceding path is absolute (starts with '/') then LoadModulePath is ignored.
#	It is allowed to include multiple LoadModule parameters.
#
# Mandatory: no
# Default:
# LoadModule=

####### TLS-RELATED PARAMETERS #######

### Option: TLSConnect
#	How the agent should connect to server or proxy. Used for active checks.
#	Only one value can be specified:
#		unencrypted - connect without encryption
#		psk         - connect using TLS and a pre-shared key
#		cert        - connect using TLS and a certificate
#
# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
# Default:
# TLSConnect=unencrypted

### Option: TLSAccept
#	What incoming connections to accept.
#	Multiple values can be specified, separated by comma:
#		unencrypted - accept connections without encryption
#		psk         - accept connections secured with TLS and a pre-shared key
#		cert        - accept connections secured with TLS and a certificate
#
# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
# Default:
# TLSAccept=unencrypted

### Option: TLSCAFile
#	Full pathname of a file containing the top-level CA(s) certificates for
#	peer certificate verification.
#
# Mandatory: no
# Default:
# TLSCAFile=

### Option: TLSCRLFile
#	Full pathname of a file containing revoked certificates.
#
# Mandatory: no
# Default:
# TLSCRLFile=

### Option: TLSServerCertIssuer
#		Allowed server certificate issuer.
#
# Mandatory: no
# Default:
# TLSServerCertIssuer=

### Option: TLSServerCertSubject
#		Allowed server certificate subject.
#
# Mandatory: no
# Default:
# TLSServerCertSubject=

### Option: TLSCertFile
#	Full pathname of a file containing the agent certificate or certificate chain.
#
# Mandatory: no
# Default:
# TLSCertFile=

### Option: TLSKeyFile
#	Full pathname of a file containing the agent private key.
#
# Mandatory: no
# Default:
# TLSKeyFile=

### Option: TLSPSKIdentity
#	Unique, case sensitive string used to identify the pre-shared key.
#
# Mandatory: no
# Default:
# TLSPSKIdentity=

### Option: TLSPSKFile
#	Full pathname of a file containing the pre-shared key.
#
# Mandatory: no
# Default:
# TLSPSKFile=

####### For advanced users - TLS ciphersuite selection criteria #######

### Option: TLSCipherCert13
#	Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.
#	Override the default ciphersuite selection criteria for certificate-based encryption.
#
# Mandatory: no
# Default:
# TLSCipherCert13=

### Option: TLSCipherCert
#	GnuTLS priority string or OpenSSL (TLS 1.2) cipher string.
#	Override the default ciphersuite selection criteria for certificate-based encryption.
#	Example for GnuTLS:
#		NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509
#	Example for OpenSSL:
#		EECDH+aRSA+AES128:RSA+aRSA+AES128
#
# Mandatory: no
# Default:
# TLSCipherCert=

### Option: TLSCipherPSK13
#	Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.
#	Override the default ciphersuite selection criteria for PSK-based encryption.
#	Example:
#		TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
#
# Mandatory: no
# Default:
# TLSCipherPSK13=

### Option: TLSCipherPSK
#	GnuTLS priority string or OpenSSL (TLS 1.2) cipher string.
#	Override the default ciphersuite selection criteria for PSK-based encryption.
#	Example for GnuTLS:
#		NONE:+VERS-TLS1.2:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL
#	Example for OpenSSL:
#		kECDHEPSK+AES128:kPSK+AES128
#
# Mandatory: no
# Default:
# TLSCipherPSK=

### Option: TLSCipherAll13
#	Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.
#	Override the default ciphersuite selection criteria for certificate- and PSK-based encryption.
#	Example:
#		TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
#
# Mandatory: no
# Default:
# TLSCipherAll13=

### Option: TLSCipherAll
#	GnuTLS priority string or OpenSSL (TLS 1.2) cipher string.
#	Override the default ciphersuite selection criteria for certificate- and PSK-based encryption.
#	Example for GnuTLS:
#		NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509
#	Example for OpenSSL:
#		EECDH+aRSA+AES128:RSA+aRSA+AES128:kECDHEPSK+AES128:kPSK+AES128
#
# Mandatory: no
# Default:
# TLSCipherAll=

####### For advanced users - TCP-related fine-tuning parameters #######

## Option: ListenBacklog
#       The maximum number of pending connections in the queue. This parameter is passed to
#       listen() function as argument 'backlog' (see "man listen").
#
# Mandatory: no
# Range: 0 - INT_MAX (depends on system, too large values may be silently truncated to implementation-specified maximum)
# Default: SOMAXCONN (hard-coded constant, depends on system)
# ListenBacklog=
Commit	Line	Data
06fc6170 AK	1	# This is a configuration file for Zabbix agent daemon (Unix)
	2	# To get more information about Zabbix, visit http://www.zabbix.com
	3
	4	############ GENERAL PARAMETERS #################
	5
	6	### Option: PidFile
	7	# Name of PID file.
	8	#
	9	# Mandatory: no
	10	# Default:
	11	# PidFile=/tmp/zabbix_agentd.pid
	12
	13	PidFile=/var/run/zabbix/zabbix_agentd.pid
	14
	15	### Option: LogType
	16	# Specifies where log messages are written to:
	17	# system - syslog
	18	# file - file specified with LogFile parameter
	19	# console - standard output
	20	#
	21	# Mandatory: no
	22	# Default:
	23	# LogType=file
	24
	25	### Option: LogFile
	26	# Log file name for LogType 'file' parameter.
	27	#
	28	# Mandatory: yes, if LogType is set to file, otherwise no
	29	# Default:
	30	# LogFile=
	31
	32	LogFile=/var/log/zabbix/zabbix_agentd.log
	33
	34	### Option: LogFileSize
	35	# Maximum size of log file in MB.
	36	# 0 - disable automatic log rotation.
	37	#
	38	# Mandatory: no
	39	# Range: 0-1024
	40	# Default:
	41	# LogFileSize=1
	42
	43	LogFileSize=0
	44
	45	### Option: DebugLevel
	46	# Specifies debug level:
	47	# 0 - basic information about starting and stopping of Zabbix processes
	48	# 1 - critical information
	49	# 2 - error information
	50	# 3 - warnings
	51	# 4 - for debugging (produces lots of information)
	52	# 5 - extended debugging (produces even more information)
	53	#
	54	# Mandatory: no
	55	# Range: 0-5
	56	# Default:
	57	# DebugLevel=3
	58
	59	### Option: SourceIP
	60	# Source IP address for outgoing connections.
	61	#
	62	# Mandatory: no
	63	# Default:
	64	# SourceIP=
65
9497d862 RR	66	### Option: AllowKey
	67	# Allow execution of item keys matching pattern.
	68	# Multiple keys matching rules may be defined in combination with DenyKey.
	69	# Key pattern is wildcard expression, which support "*" character to match any number of any characters in certain position. It might be used in both key name and key arguments.
	70	# Parameters are processed one by one according their appearance order.
	71	# If no AllowKey or DenyKey rules defined, all keys are allowed.
	72	#
	73	# Mandatory: no
	74
	75	### Option: DenyKey
	76	# Deny execution of items keys matching pattern.
	77	# Multiple keys matching rules may be defined in combination with AllowKey.
	78	# Key pattern is wildcard expression, which support "*" character to match any number of any characters in certain position. It might be used in both key name and key arguments.
	79	# Parameters are processed one by one according their appearance order.
	80	# If no AllowKey or DenyKey rules defined, all keys are allowed.
	81	# Unless another system.run[] rule is specified DenyKey=system.run[] is added by default.
06fc6170 AK	82	#
	83	# Mandatory: no
	84	# Default:
9497d862 RR	85	# DenyKey=system.run[*]
	86
	87	### Option: EnableRemoteCommands - Deprecated, use AllowKey=system.run[] or DenyKey=system.run[] instead
	88	# Internal alias for AllowKey/DenyKey parameters depending on value:
	89	# 0 - DenyKey=system.run[*]
	90	# 1 - AllowKey=system.run[*]
	91	#
	92	# Mandatory: no
06fc6170 AK	93
	94	### Option: LogRemoteCommands
	95	# Enable logging of executed shell commands as warnings.
	96	# 0 - disabled
	97	# 1 - enabled
	98	#
	99	# Mandatory: no
	100	# Default:
	101	# LogRemoteCommands=0
	102
	103	##### Passive checks related
	104
	105	### Option: Server
	106	# List of comma delimited IP addresses, optionally in CIDR notation, or DNS names of Zabbix servers and Zabbix proxies.
	107	# Incoming connections will be accepted only from the hosts listed here.
	108	# If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally
	109	# and '::/0' will allow any IPv4 or IPv6 address.
	110	# '0.0.0.0/0' can be used to allow any IPv4 address.
	111	# Example: Server=127.0.0.1,192.168.1.0/24,::1,2001:db8::/32,zabbix.example.com
	112	#
	113	# Mandatory: yes, if StartAgents is not explicitly set to 0
	114	# Default:
	115	# Server=
	116
	117	Server=127.0.0.1
	118
	119	### Option: ListenPort
	120	# Agent will listen on this port for connections from the server.
	121	#
	122	# Mandatory: no
	123	# Range: 1024-32767
	124	# Default:
	125	# ListenPort=10050
	126
	127	### Option: ListenIP
	128	# List of comma delimited IP addresses that the agent should listen on.
	129	# First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks.
	130	#
	131	# Mandatory: no
	132	# Default:
	133	# ListenIP=0.0.0.0
	134
	135	### Option: StartAgents
	136	# Number of pre-forked instances of zabbix_agentd that process passive checks.
	137	# If set to 0, disables passive checks and the agent will not listen on any TCP port.
	138	#
	139	# Mandatory: no
	140	# Range: 0-100
	141	# Default:
	142	# StartAgents=3
	143
	144	##### Active checks related
	145
	146	### Option: ServerActive
	147	# List of comma delimited IP:port (or DNS name:port) pairs of Zabbix servers and Zabbix proxies for active checks.
	148	# If port is not specified, default port is used.
	149	# IPv6 addresses must be enclosed in square brackets if port for that host is specified.
	150	# If port is not specified, square brackets for IPv6 addresses are optional.
	151	# If this parameter is not specified, active checks are disabled.
	152	# Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1]
	153	#
	154	# Mandatory: no
	155	# Default:
	156	# ServerActive=
157
158	ServerActive=127.0.0.1
159
160	### Option: Hostname
161	# Unique, case sensitive hostname.
162	# Required for active checks and must match hostname as configured on the server.
163	# Value is acquired from HostnameItem if undefined.
164	#
165	# Mandatory: no
166	# Default:
167	# Hostname=
168
169	### Option: HostnameItem
170	# Item used for generating Hostname if it is undefined. Ignored if Hostname is defined.
171	# Does not support UserParameters or aliases.
172	#
173	# Mandatory: no
174	# Default:
175	# HostnameItem=system.hostname
176
177	### Option: HostMetadata
178	# Optional parameter that defines host metadata.
179	# Host metadata is used at host auto-registration process.
180	# An agent will issue an error and not start if the value is over limit of 255 characters.
181	# If not defined, value will be acquired from HostMetadataItem.
182	#
183	# Mandatory: no
184	# Range: 0-255 characters
185	# Default:
186	# HostMetadata=
187
188	### Option: HostMetadataItem
189	# Optional parameter that defines an item used for getting host metadata.
190	# Host metadata is used at host auto-registration process.
191	# During an auto-registration request an agent will log a warning message if
192	# the value returned by specified item is over limit of 255 characters.
193	# This option is only used when HostMetadata is not defined.
194	#
195	# Mandatory: no
196	# Default:
197	# HostMetadataItem=
198
9497d862 RR	199	### Option: HostInterface
	200	# Optional parameter that defines host interface.
	201	# Host interface is used at host auto-registration process.
	202	# An agent will issue an error and not start if the value is over limit of 255 characters.
	203	# If not defined, value will be acquired from HostInterfaceItem.
	204	#
	205	# Mandatory: no
	206	# Range: 0-255 characters
	207	# Default:
	208	# HostInterface=
	209
	210	### Option: HostInterfaceItem
	211	# Optional parameter that defines an item used for getting host interface.
	212	# Host interface is used at host auto-registration process.
	213	# During an auto-registration request an agent will log a warning message if
	214	# the value returned by specified item is over limit of 255 characters.
	215	# This option is only used when HostInterface is not defined.
	216	#
	217	# Mandatory: no
	218	# Default:
	219	# HostInterfaceItem=
	220
06fc6170 AK	221	### Option: RefreshActiveChecks
	222	# How often list of active checks is refreshed, in seconds.
	223	#
	224	# Mandatory: no
	225	# Range: 60-3600
	226	# Default:
	227	# RefreshActiveChecks=120
	228
	229	### Option: BufferSend
	230	# Do not keep data longer than N seconds in buffer.
	231	#
	232	# Mandatory: no
	233	# Range: 1-3600
	234	# Default:
	235	# BufferSend=5
	236
	237	### Option: BufferSize
	238	# Maximum number of values in a memory buffer. The agent will send
	239	# all collected data to Zabbix Server or Proxy if the buffer is full.
	240	#
	241	# Mandatory: no
	242	# Range: 2-65535
	243	# Default:
	244	# BufferSize=100
	245
	246	### Option: MaxLinesPerSecond
	247	# Maximum number of new lines the agent will send per second to Zabbix Server
	248	# or Proxy processing 'log' and 'logrt' active checks.
	249	# The provided value will be overridden by the parameter 'maxlines',
	250	# provided in 'log' or 'logrt' item keys.
	251	#
	252	# Mandatory: no
	253	# Range: 1-1000
	254	# Default:
	255	# MaxLinesPerSecond=20
	256
	257	############ ADVANCED PARAMETERS #################
	258
	259	### Option: Alias
	260	# Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one.
	261	# Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed.
	262	# Different Alias keys may reference the same item key.
	263	# For example, to retrieve the ID of user 'zabbix':
	264	# Alias=zabbix.userid:vfs.file.regexp[/etc/passwd,^zabbix:.:([0-9]+),,,,\1]
	265	# Now shorthand key zabbix.userid may be used to retrieve data.
	266	# Aliases can be used in HostMetadataItem but not in HostnameItem parameters.
	267	#
	268	# Mandatory: no
	269	# Range:
	270	# Default:
	271
	272	### Option: Timeout
	273	# Spend no more than Timeout seconds on processing
	274	#
	275	# Mandatory: no
	276	# Range: 1-30
	277	# Default:
	278	# Timeout=3
	279
	280	### Option: AllowRoot
	281	# Allow the agent to run as 'root'. If disabled and the agent is started by 'root', the agent
	282	# will try to switch to the user specified by the User configuration option instead.
	283	# Has no effect if started under a regular user.
	284	# 0 - do not allow
285	# 1 - allow
286	#
287	# Mandatory: no
288	# Default:
289	# AllowRoot=0
290
291	### Option: User
292	# Drop privileges to a specific, existing user on the system.
293	# Only has effect if run as 'root' and AllowRoot is disabled.
294	#
295	# Mandatory: no
296	# Default:
297	# User=zabbix
298
299	### Option: Include
300	# You may include individual files or all files in a directory in the configuration file.
301	# Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time.
302	#
303	# Mandatory: no
304	# Default:
305	# Include=
306
307	Include=/etc/zabbix_agentd/zabbix_agentd.d/*.conf
308
06fc6170 AK	309	####### USER-DEFINED MONITORED PARAMETERS #######
	310
	311	### Option: UnsafeUserParameters
	312	# Allow all characters to be passed in arguments to user-defined parameters.
	313	# The following characters are not allowed:
	314	# \ ' " ` * ? [ ] { } ~ $ ! & ; ( ) < > \| # @
	315	# Additionally, newline characters are not allowed.
	316	# 0 - do not allow
	317	# 1 - allow
	318	#
	319	# Mandatory: no
	320	# Range: 0-1
	321	# Default:
	322	# UnsafeUserParameters=0
	323
	324	### Option: UserParameter
	325	# User-defined parameter to monitor. There can be several user-defined parameters.
	326	# Format: UserParameter=<key>,<shell command>
	327	# See 'zabbix_agentd' directory for examples.
	328	#
	329	# Mandatory: no
	330	# Default:
	331	# UserParameter=
	332
	333	####### LOADABLE MODULES #######
	334
	335	### Option: LoadModulePath
	336	# Full path to location of agent modules.
	337	# Default depends on compilation options.
	338	# To see the default path run command "zabbix_agentd --help".
	339	#
	340	# Mandatory: no
	341	# Default:
9497d862	342	# LoadModulePath=${libdir}/modules
06fc6170 AK	343
	344	LoadModulePath=/usr/lib/zabbix
	345
	346	### Option: LoadModule
	347	# Module to load at agent startup. Modules are used to extend functionality of the agent.
62f98a58 AK	348	# Formats:
	349	# LoadModule=<module.so>
	350	# LoadModule=<path/module.so>
	351	# LoadModule=</abs_path/module.so>
	352	# Either the module must be located in directory specified by LoadModulePath or the path must precede the module name.
	353	# If the preceding path is absolute (starts with '/') then LoadModulePath is ignored.
06fc6170 AK	354	# It is allowed to include multiple LoadModule parameters.
	355	#
	356	# Mandatory: no
	357	# Default:
	358	# LoadModule=
	359
	360	####### TLS-RELATED PARAMETERS #######
	361
	362	### Option: TLSConnect
	363	# How the agent should connect to server or proxy. Used for active checks.
	364	# Only one value can be specified:
	365	# unencrypted - connect without encryption
	366	# psk - connect using TLS and a pre-shared key
	367	# cert - connect using TLS and a certificate
	368	#
	369	# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
	370	# Default:
	371	# TLSConnect=unencrypted
	372
	373	### Option: TLSAccept
	374	# What incoming connections to accept.
	375	# Multiple values can be specified, separated by comma:
	376	# unencrypted - accept connections without encryption
	377	# psk - accept connections secured with TLS and a pre-shared key
	378	# cert - accept connections secured with TLS and a certificate
	379	#
	380	# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
	381	# Default:
	382	# TLSAccept=unencrypted
	383
	384	### Option: TLSCAFile
	385	# Full pathname of a file containing the top-level CA(s) certificates for
	386	# peer certificate verification.
	387	#
	388	# Mandatory: no
	389	# Default:
	390	# TLSCAFile=
	391
	392	### Option: TLSCRLFile
	393	# Full pathname of a file containing revoked certificates.
	394	#
	395	# Mandatory: no
	396	# Default:
	397	# TLSCRLFile=
	398
	399	### Option: TLSServerCertIssuer
9497d862	400	# Allowed server certificate issuer.
06fc6170 AK	401	#
	402	# Mandatory: no
	403	# Default:
	404	# TLSServerCertIssuer=
	405
	406	### Option: TLSServerCertSubject
9497d862	407	# Allowed server certificate subject.
06fc6170 AK	408	#
	409	# Mandatory: no
	410	# Default:
	411	# TLSServerCertSubject=
	412
	413	### Option: TLSCertFile
	414	# Full pathname of a file containing the agent certificate or certificate chain.
	415	#
	416	# Mandatory: no
	417	# Default:
	418	# TLSCertFile=
	419
	420	### Option: TLSKeyFile
	421	# Full pathname of a file containing the agent private key.
	422	#
	423	# Mandatory: no
	424	# Default:
	425	# TLSKeyFile=
	426
	427	### Option: TLSPSKIdentity
	428	# Unique, case sensitive string used to identify the pre-shared key.
	429	#
	430	# Mandatory: no
	431	# Default:
	432	# TLSPSKIdentity=
	433
	434	### Option: TLSPSKFile
	435	# Full pathname of a file containing the pre-shared key.
	436	#
	437	# Mandatory: no
	438	# Default:
	439	# TLSPSKFile=
9497d862 RR	440
	441	####### For advanced users - TLS ciphersuite selection criteria #######
	442
	443	### Option: TLSCipherCert13
	444	# Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.
	445	# Override the default ciphersuite selection criteria for certificate-based encryption.
	446	#
	447	# Mandatory: no
	448	# Default:
	449	# TLSCipherCert13=
	450
	451	### Option: TLSCipherCert
	452	# GnuTLS priority string or OpenSSL (TLS 1.2) cipher string.
	453	# Override the default ciphersuite selection criteria for certificate-based encryption.
	454	# Example for GnuTLS:
	455	# NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509
	456	# Example for OpenSSL:
	457	# EECDH+aRSA+AES128:RSA+aRSA+AES128
	458	#
	459	# Mandatory: no
	460	# Default:
	461	# TLSCipherCert=
	462
	463	### Option: TLSCipherPSK13
	464	# Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.
	465	# Override the default ciphersuite selection criteria for PSK-based encryption.
	466	# Example:
	467	# TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
	468	#
	469	# Mandatory: no
	470	# Default:
	471	# TLSCipherPSK13=
	472
	473	### Option: TLSCipherPSK
	474	# GnuTLS priority string or OpenSSL (TLS 1.2) cipher string.
	475	# Override the default ciphersuite selection criteria for PSK-based encryption.
	476	# Example for GnuTLS:
	477	# NONE:+VERS-TLS1.2:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL
	478	# Example for OpenSSL:
	479	# kECDHEPSK+AES128:kPSK+AES128
	480	#
	481	# Mandatory: no
	482	# Default:
	483	# TLSCipherPSK=
	484
	485	### Option: TLSCipherAll13
	486	# Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.
	487	# Override the default ciphersuite selection criteria for certificate- and PSK-based encryption.
	488	# Example:
	489	# TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
	490	#
	491	# Mandatory: no
	492	# Default:
	493	# TLSCipherAll13=
	494
	495	### Option: TLSCipherAll
	496	# GnuTLS priority string or OpenSSL (TLS 1.2) cipher string.
	497	# Override the default ciphersuite selection criteria for certificate- and PSK-based encryption.
	498	# Example for GnuTLS:
	499	# NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509
	500	# Example for OpenSSL:
	501	# EECDH+aRSA+AES128:RSA+aRSA+AES128:kECDHEPSK+AES128:kPSK+AES128
	502	#
	503	# Mandatory: no
504	# Default:
505	# TLSCipherAll=
506
507	####### For advanced users - TCP-related fine-tuning parameters #######
508
509	## Option: ListenBacklog
510	# The maximum number of pending connections in the queue. This parameter is passed to
511	# listen() function as argument 'backlog' (see "man listen").
512	#
513	# Mandatory: no
514	# Range: 0 - INT_MAX (depends on system, too large values may be silently truncated to implementation-specified maximum)
515	# Default: SOMAXCONN (hard-coded constant, depends on system)
516	# ListenBacklog=