Auto-registration metadata

When a Zabbix agent connects to the server, it sends its hostname. But it may additionally send some custom string to the server. What exactly it sends is controlled by a configuration parameter called HostMetadata in the agent daemon configuration file. This could be used to define which type the host is—database or application. Alternatively, it could list individual services running on a host. As we can match against received metadata in the auto-registration action, we could list all the running services, delimited with pipes. In the action conditions, we could look for |MySQL| and link the new host to the appropriate templates.

Metadata is still limited to 255 characters.

Controlling the metadata parameter directly in the configuration file is possible, but it could be cumbersome. There's a way to make an agent dynamically obtain that value. Instead of HostMetadata, we would define HostMetadataItem and specify an item key. We could use one of the built-in item keys or configure a user parameter and run a script. Note that we can also use the system.run item key here and specify any command directly in the HostMetadataItem parameter, even if remote commands are not enabled—as it is not arriving from the network, it is not considered to be a remote command. For example, the following is a valid HostMetadataItem line:

HostMetadataItem=system.run[rpm -qa mariadb]

If the mariadb package is present on an RPM-based system, the agent would send that in the metadata; we could match it in the action conditions and link that host to the MariaDB/MySQL template.

There's also another use case for this parameter. You might have noticed that as long as there's an auto-registration action, somebody could maliciously or accidentally create lots and lots of hosts, potentially slowing down Zabbix significantly. There is no secret challenge mechanism to prevent that, but we can use metadata here. Action conditions could check for a specific secret string to be included in the metadata—if it's there, create the host. If not, send an email for somebody to investigate. Note that the key can't be too long, as the 255-character length limit still applies.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset