]>
Commit | Line | Data |
---|---|---|
06fc6170 AK |
1 | # This is a configuration file for Zabbix agent daemon (Unix) |
2 | # To get more information about Zabbix, visit http://www.zabbix.com | |
3 | ||
4 | ############ GENERAL PARAMETERS ################# | |
5 | ||
6 | ### Option: PidFile | |
7 | # Name of PID file. | |
8 | # | |
9 | # Mandatory: no | |
10 | # Default: | |
11 | # PidFile=/tmp/zabbix_agentd.pid | |
12 | ||
13 | PidFile=/var/run/zabbix/zabbix_agentd.pid | |
14 | ||
15 | ### Option: LogType | |
16 | # Specifies where log messages are written to: | |
17 | # system - syslog | |
18 | # file - file specified with LogFile parameter | |
19 | # console - standard output | |
20 | # | |
21 | # Mandatory: no | |
22 | # Default: | |
23 | # LogType=file | |
24 | ||
25 | ### Option: LogFile | |
26 | # Log file name for LogType 'file' parameter. | |
27 | # | |
28 | # Mandatory: yes, if LogType is set to file, otherwise no | |
29 | # Default: | |
30 | # LogFile= | |
31 | ||
32 | LogFile=/var/log/zabbix/zabbix_agentd.log | |
33 | ||
34 | ### Option: LogFileSize | |
35 | # Maximum size of log file in MB. | |
36 | # 0 - disable automatic log rotation. | |
37 | # | |
38 | # Mandatory: no | |
39 | # Range: 0-1024 | |
40 | # Default: | |
41 | # LogFileSize=1 | |
42 | ||
43 | LogFileSize=0 | |
44 | ||
45 | ### Option: DebugLevel | |
46 | # Specifies debug level: | |
47 | # 0 - basic information about starting and stopping of Zabbix processes | |
48 | # 1 - critical information | |
49 | # 2 - error information | |
50 | # 3 - warnings | |
51 | # 4 - for debugging (produces lots of information) | |
52 | # 5 - extended debugging (produces even more information) | |
53 | # | |
54 | # Mandatory: no | |
55 | # Range: 0-5 | |
56 | # Default: | |
57 | # DebugLevel=3 | |
58 | ||
59 | ### Option: SourceIP | |
60 | # Source IP address for outgoing connections. | |
61 | # | |
62 | # Mandatory: no | |
63 | # Default: | |
64 | # SourceIP= | |
65 | ||
9497d862 RR |
66 | ### Option: AllowKey |
67 | # Allow execution of item keys matching pattern. | |
68 | # Multiple keys matching rules may be defined in combination with DenyKey. | |
69 | # Key pattern is wildcard expression, which support "*" character to match any number of any characters in certain position. It might be used in both key name and key arguments. | |
70 | # Parameters are processed one by one according their appearance order. | |
71 | # If no AllowKey or DenyKey rules defined, all keys are allowed. | |
72 | # | |
73 | # Mandatory: no | |
74 | ||
75 | ### Option: DenyKey | |
76 | # Deny execution of items keys matching pattern. | |
77 | # Multiple keys matching rules may be defined in combination with AllowKey. | |
78 | # Key pattern is wildcard expression, which support "*" character to match any number of any characters in certain position. It might be used in both key name and key arguments. | |
79 | # Parameters are processed one by one according their appearance order. | |
80 | # If no AllowKey or DenyKey rules defined, all keys are allowed. | |
81 | # Unless another system.run[*] rule is specified DenyKey=system.run[*] is added by default. | |
06fc6170 AK |
82 | # |
83 | # Mandatory: no | |
84 | # Default: | |
9497d862 RR |
85 | # DenyKey=system.run[*] |
86 | ||
87 | ### Option: EnableRemoteCommands - Deprecated, use AllowKey=system.run[*] or DenyKey=system.run[*] instead | |
88 | # Internal alias for AllowKey/DenyKey parameters depending on value: | |
89 | # 0 - DenyKey=system.run[*] | |
90 | # 1 - AllowKey=system.run[*] | |
91 | # | |
92 | # Mandatory: no | |
06fc6170 AK |
93 | |
94 | ### Option: LogRemoteCommands | |
95 | # Enable logging of executed shell commands as warnings. | |
96 | # 0 - disabled | |
97 | # 1 - enabled | |
98 | # | |
99 | # Mandatory: no | |
100 | # Default: | |
101 | # LogRemoteCommands=0 | |
102 | ||
103 | ##### Passive checks related | |
104 | ||
105 | ### Option: Server | |
106 | # List of comma delimited IP addresses, optionally in CIDR notation, or DNS names of Zabbix servers and Zabbix proxies. | |
107 | # Incoming connections will be accepted only from the hosts listed here. | |
108 | # If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally | |
109 | # and '::/0' will allow any IPv4 or IPv6 address. | |
110 | # '0.0.0.0/0' can be used to allow any IPv4 address. | |
111 | # Example: Server=127.0.0.1,192.168.1.0/24,::1,2001:db8::/32,zabbix.example.com | |
112 | # | |
113 | # Mandatory: yes, if StartAgents is not explicitly set to 0 | |
114 | # Default: | |
115 | # Server= | |
116 | ||
117 | Server=127.0.0.1 | |
118 | ||
119 | ### Option: ListenPort | |
120 | # Agent will listen on this port for connections from the server. | |
121 | # | |
122 | # Mandatory: no | |
123 | # Range: 1024-32767 | |
124 | # Default: | |
125 | # ListenPort=10050 | |
126 | ||
127 | ### Option: ListenIP | |
128 | # List of comma delimited IP addresses that the agent should listen on. | |
129 | # First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks. | |
130 | # | |
131 | # Mandatory: no | |
132 | # Default: | |
133 | # ListenIP=0.0.0.0 | |
134 | ||
135 | ### Option: StartAgents | |
136 | # Number of pre-forked instances of zabbix_agentd that process passive checks. | |
137 | # If set to 0, disables passive checks and the agent will not listen on any TCP port. | |
138 | # | |
139 | # Mandatory: no | |
140 | # Range: 0-100 | |
141 | # Default: | |
142 | # StartAgents=3 | |
143 | ||
144 | ##### Active checks related | |
145 | ||
146 | ### Option: ServerActive | |
147 | # List of comma delimited IP:port (or DNS name:port) pairs of Zabbix servers and Zabbix proxies for active checks. | |
148 | # If port is not specified, default port is used. | |
149 | # IPv6 addresses must be enclosed in square brackets if port for that host is specified. | |
150 | # If port is not specified, square brackets for IPv6 addresses are optional. | |
151 | # If this parameter is not specified, active checks are disabled. | |
152 | # Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1] | |
153 | # | |
154 | # Mandatory: no | |
155 | # Default: | |
156 | # ServerActive= | |
157 | ||
158 | ServerActive=127.0.0.1 | |
159 | ||
160 | ### Option: Hostname | |
161 | # Unique, case sensitive hostname. | |
162 | # Required for active checks and must match hostname as configured on the server. | |
163 | # Value is acquired from HostnameItem if undefined. | |
164 | # | |
165 | # Mandatory: no | |
166 | # Default: | |
167 | # Hostname= | |
168 | ||
169 | ### Option: HostnameItem | |
170 | # Item used for generating Hostname if it is undefined. Ignored if Hostname is defined. | |
171 | # Does not support UserParameters or aliases. | |
172 | # | |
173 | # Mandatory: no | |
174 | # Default: | |
175 | # HostnameItem=system.hostname | |
176 | ||
177 | ### Option: HostMetadata | |
178 | # Optional parameter that defines host metadata. | |
179 | # Host metadata is used at host auto-registration process. | |
180 | # An agent will issue an error and not start if the value is over limit of 255 characters. | |
181 | # If not defined, value will be acquired from HostMetadataItem. | |
182 | # | |
183 | # Mandatory: no | |
184 | # Range: 0-255 characters | |
185 | # Default: | |
186 | # HostMetadata= | |
187 | ||
188 | ### Option: HostMetadataItem | |
189 | # Optional parameter that defines an item used for getting host metadata. | |
190 | # Host metadata is used at host auto-registration process. | |
191 | # During an auto-registration request an agent will log a warning message if | |
192 | # the value returned by specified item is over limit of 255 characters. | |
193 | # This option is only used when HostMetadata is not defined. | |
194 | # | |
195 | # Mandatory: no | |
196 | # Default: | |
197 | # HostMetadataItem= | |
198 | ||
9497d862 RR |
199 | ### Option: HostInterface |
200 | # Optional parameter that defines host interface. | |
201 | # Host interface is used at host auto-registration process. | |
202 | # An agent will issue an error and not start if the value is over limit of 255 characters. | |
203 | # If not defined, value will be acquired from HostInterfaceItem. | |
204 | # | |
205 | # Mandatory: no | |
206 | # Range: 0-255 characters | |
207 | # Default: | |
208 | # HostInterface= | |
209 | ||
210 | ### Option: HostInterfaceItem | |
211 | # Optional parameter that defines an item used for getting host interface. | |
212 | # Host interface is used at host auto-registration process. | |
213 | # During an auto-registration request an agent will log a warning message if | |
214 | # the value returned by specified item is over limit of 255 characters. | |
215 | # This option is only used when HostInterface is not defined. | |
216 | # | |
217 | # Mandatory: no | |
218 | # Default: | |
219 | # HostInterfaceItem= | |
220 | ||
06fc6170 AK |
221 | ### Option: RefreshActiveChecks |
222 | # How often list of active checks is refreshed, in seconds. | |
223 | # | |
224 | # Mandatory: no | |
225 | # Range: 60-3600 | |
226 | # Default: | |
227 | # RefreshActiveChecks=120 | |
228 | ||
229 | ### Option: BufferSend | |
230 | # Do not keep data longer than N seconds in buffer. | |
231 | # | |
232 | # Mandatory: no | |
233 | # Range: 1-3600 | |
234 | # Default: | |
235 | # BufferSend=5 | |
236 | ||
237 | ### Option: BufferSize | |
238 | # Maximum number of values in a memory buffer. The agent will send | |
239 | # all collected data to Zabbix Server or Proxy if the buffer is full. | |
240 | # | |
241 | # Mandatory: no | |
242 | # Range: 2-65535 | |
243 | # Default: | |
244 | # BufferSize=100 | |
245 | ||
246 | ### Option: MaxLinesPerSecond | |
247 | # Maximum number of new lines the agent will send per second to Zabbix Server | |
248 | # or Proxy processing 'log' and 'logrt' active checks. | |
249 | # The provided value will be overridden by the parameter 'maxlines', | |
250 | # provided in 'log' or 'logrt' item keys. | |
251 | # | |
252 | # Mandatory: no | |
253 | # Range: 1-1000 | |
254 | # Default: | |
255 | # MaxLinesPerSecond=20 | |
256 | ||
257 | ############ ADVANCED PARAMETERS ################# | |
258 | ||
259 | ### Option: Alias | |
260 | # Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one. | |
261 | # Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed. | |
262 | # Different Alias keys may reference the same item key. | |
263 | # For example, to retrieve the ID of user 'zabbix': | |
264 | # Alias=zabbix.userid:vfs.file.regexp[/etc/passwd,^zabbix:.:([0-9]+),,,,\1] | |
265 | # Now shorthand key zabbix.userid may be used to retrieve data. | |
266 | # Aliases can be used in HostMetadataItem but not in HostnameItem parameters. | |
267 | # | |
268 | # Mandatory: no | |
269 | # Range: | |
270 | # Default: | |
271 | ||
272 | ### Option: Timeout | |
273 | # Spend no more than Timeout seconds on processing | |
274 | # | |
275 | # Mandatory: no | |
276 | # Range: 1-30 | |
277 | # Default: | |
278 | # Timeout=3 | |
279 | ||
280 | ### Option: AllowRoot | |
281 | # Allow the agent to run as 'root'. If disabled and the agent is started by 'root', the agent | |
282 | # will try to switch to the user specified by the User configuration option instead. | |
283 | # Has no effect if started under a regular user. | |
284 | # 0 - do not allow | |
285 | # 1 - allow | |
286 | # | |
287 | # Mandatory: no | |
288 | # Default: | |
289 | # AllowRoot=0 | |
290 | ||
291 | ### Option: User | |
292 | # Drop privileges to a specific, existing user on the system. | |
293 | # Only has effect if run as 'root' and AllowRoot is disabled. | |
294 | # | |
295 | # Mandatory: no | |
296 | # Default: | |
297 | # User=zabbix | |
298 | ||
299 | ### Option: Include | |
300 | # You may include individual files or all files in a directory in the configuration file. | |
301 | # Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time. | |
302 | # | |
303 | # Mandatory: no | |
304 | # Default: | |
305 | # Include= | |
306 | ||
307 | Include=/etc/zabbix_agentd/zabbix_agentd.d/*.conf | |
308 | ||
06fc6170 AK |
309 | ####### USER-DEFINED MONITORED PARAMETERS ####### |
310 | ||
311 | ### Option: UnsafeUserParameters | |
312 | # Allow all characters to be passed in arguments to user-defined parameters. | |
313 | # The following characters are not allowed: | |
314 | # \ ' " ` * ? [ ] { } ~ $ ! & ; ( ) < > | # @ | |
315 | # Additionally, newline characters are not allowed. | |
316 | # 0 - do not allow | |
317 | # 1 - allow | |
318 | # | |
319 | # Mandatory: no | |
320 | # Range: 0-1 | |
321 | # Default: | |
322 | # UnsafeUserParameters=0 | |
323 | ||
324 | ### Option: UserParameter | |
325 | # User-defined parameter to monitor. There can be several user-defined parameters. | |
326 | # Format: UserParameter=<key>,<shell command> | |
327 | # See 'zabbix_agentd' directory for examples. | |
328 | # | |
329 | # Mandatory: no | |
330 | # Default: | |
331 | # UserParameter= | |
332 | ||
333 | ####### LOADABLE MODULES ####### | |
334 | ||
335 | ### Option: LoadModulePath | |
336 | # Full path to location of agent modules. | |
337 | # Default depends on compilation options. | |
338 | # To see the default path run command "zabbix_agentd --help". | |
339 | # | |
340 | # Mandatory: no | |
341 | # Default: | |
9497d862 | 342 | # LoadModulePath=${libdir}/modules |
06fc6170 AK |
343 | |
344 | LoadModulePath=/usr/lib/zabbix | |
345 | ||
346 | ### Option: LoadModule | |
347 | # Module to load at agent startup. Modules are used to extend functionality of the agent. | |
62f98a58 AK |
348 | # Formats: |
349 | # LoadModule=<module.so> | |
350 | # LoadModule=<path/module.so> | |
351 | # LoadModule=</abs_path/module.so> | |
352 | # Either the module must be located in directory specified by LoadModulePath or the path must precede the module name. | |
353 | # If the preceding path is absolute (starts with '/') then LoadModulePath is ignored. | |
06fc6170 AK |
354 | # It is allowed to include multiple LoadModule parameters. |
355 | # | |
356 | # Mandatory: no | |
357 | # Default: | |
358 | # LoadModule= | |
359 | ||
360 | ####### TLS-RELATED PARAMETERS ####### | |
361 | ||
362 | ### Option: TLSConnect | |
363 | # How the agent should connect to server or proxy. Used for active checks. | |
364 | # Only one value can be specified: | |
365 | # unencrypted - connect without encryption | |
366 | # psk - connect using TLS and a pre-shared key | |
367 | # cert - connect using TLS and a certificate | |
368 | # | |
369 | # Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection) | |
370 | # Default: | |
371 | # TLSConnect=unencrypted | |
372 | ||
373 | ### Option: TLSAccept | |
374 | # What incoming connections to accept. | |
375 | # Multiple values can be specified, separated by comma: | |
376 | # unencrypted - accept connections without encryption | |
377 | # psk - accept connections secured with TLS and a pre-shared key | |
378 | # cert - accept connections secured with TLS and a certificate | |
379 | # | |
380 | # Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection) | |
381 | # Default: | |
382 | # TLSAccept=unencrypted | |
383 | ||
384 | ### Option: TLSCAFile | |
385 | # Full pathname of a file containing the top-level CA(s) certificates for | |
386 | # peer certificate verification. | |
387 | # | |
388 | # Mandatory: no | |
389 | # Default: | |
390 | # TLSCAFile= | |
391 | ||
392 | ### Option: TLSCRLFile | |
393 | # Full pathname of a file containing revoked certificates. | |
394 | # | |
395 | # Mandatory: no | |
396 | # Default: | |
397 | # TLSCRLFile= | |
398 | ||
399 | ### Option: TLSServerCertIssuer | |
9497d862 | 400 | # Allowed server certificate issuer. |
06fc6170 AK |
401 | # |
402 | # Mandatory: no | |
403 | # Default: | |
404 | # TLSServerCertIssuer= | |
405 | ||
406 | ### Option: TLSServerCertSubject | |
9497d862 | 407 | # Allowed server certificate subject. |
06fc6170 AK |
408 | # |
409 | # Mandatory: no | |
410 | # Default: | |
411 | # TLSServerCertSubject= | |
412 | ||
413 | ### Option: TLSCertFile | |
414 | # Full pathname of a file containing the agent certificate or certificate chain. | |
415 | # | |
416 | # Mandatory: no | |
417 | # Default: | |
418 | # TLSCertFile= | |
419 | ||
420 | ### Option: TLSKeyFile | |
421 | # Full pathname of a file containing the agent private key. | |
422 | # | |
423 | # Mandatory: no | |
424 | # Default: | |
425 | # TLSKeyFile= | |
426 | ||
427 | ### Option: TLSPSKIdentity | |
428 | # Unique, case sensitive string used to identify the pre-shared key. | |
429 | # | |
430 | # Mandatory: no | |
431 | # Default: | |
432 | # TLSPSKIdentity= | |
433 | ||
434 | ### Option: TLSPSKFile | |
435 | # Full pathname of a file containing the pre-shared key. | |
436 | # | |
437 | # Mandatory: no | |
438 | # Default: | |
439 | # TLSPSKFile= | |
9497d862 RR |
440 | |
441 | ####### For advanced users - TLS ciphersuite selection criteria ####### | |
442 | ||
443 | ### Option: TLSCipherCert13 | |
444 | # Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3. | |
445 | # Override the default ciphersuite selection criteria for certificate-based encryption. | |
446 | # | |
447 | # Mandatory: no | |
448 | # Default: | |
449 | # TLSCipherCert13= | |
450 | ||
451 | ### Option: TLSCipherCert | |
452 | # GnuTLS priority string or OpenSSL (TLS 1.2) cipher string. | |
453 | # Override the default ciphersuite selection criteria for certificate-based encryption. | |
454 | # Example for GnuTLS: | |
455 | # NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509 | |
456 | # Example for OpenSSL: | |
457 | # EECDH+aRSA+AES128:RSA+aRSA+AES128 | |
458 | # | |
459 | # Mandatory: no | |
460 | # Default: | |
461 | # TLSCipherCert= | |
462 | ||
463 | ### Option: TLSCipherPSK13 | |
464 | # Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3. | |
465 | # Override the default ciphersuite selection criteria for PSK-based encryption. | |
466 | # Example: | |
467 | # TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256 | |
468 | # | |
469 | # Mandatory: no | |
470 | # Default: | |
471 | # TLSCipherPSK13= | |
472 | ||
473 | ### Option: TLSCipherPSK | |
474 | # GnuTLS priority string or OpenSSL (TLS 1.2) cipher string. | |
475 | # Override the default ciphersuite selection criteria for PSK-based encryption. | |
476 | # Example for GnuTLS: | |
477 | # NONE:+VERS-TLS1.2:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL | |
478 | # Example for OpenSSL: | |
479 | # kECDHEPSK+AES128:kPSK+AES128 | |
480 | # | |
481 | # Mandatory: no | |
482 | # Default: | |
483 | # TLSCipherPSK= | |
484 | ||
485 | ### Option: TLSCipherAll13 | |
486 | # Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3. | |
487 | # Override the default ciphersuite selection criteria for certificate- and PSK-based encryption. | |
488 | # Example: | |
489 | # TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256 | |
490 | # | |
491 | # Mandatory: no | |
492 | # Default: | |
493 | # TLSCipherAll13= | |
494 | ||
495 | ### Option: TLSCipherAll | |
496 | # GnuTLS priority string or OpenSSL (TLS 1.2) cipher string. | |
497 | # Override the default ciphersuite selection criteria for certificate- and PSK-based encryption. | |
498 | # Example for GnuTLS: | |
499 | # NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509 | |
500 | # Example for OpenSSL: | |
501 | # EECDH+aRSA+AES128:RSA+aRSA+AES128:kECDHEPSK+AES128:kPSK+AES128 | |
502 | # | |
503 | # Mandatory: no | |
504 | # Default: | |
505 | # TLSCipherAll= | |
506 | ||
507 | ####### For advanced users - TCP-related fine-tuning parameters ####### | |
508 | ||
509 | ## Option: ListenBacklog | |
510 | # The maximum number of pending connections in the queue. This parameter is passed to | |
511 | # listen() function as argument 'backlog' (see "man listen"). | |
512 | # | |
513 | # Mandatory: no | |
514 | # Range: 0 - INT_MAX (depends on system, too large values may be silently truncated to implementation-specified maximum) | |
515 | # Default: SOMAXCONN (hard-coded constant, depends on system) | |
516 | # ListenBacklog= |