Introduction

This article introduces the Monitoring application called Zabbix.

Monitoring

Monitoring is the process of keep tracking of system resources.

Monitoring is the process of observing and checking the progress or quality of something over a period of time; keep under systematic review.^[1] Monitoring cannot be achieved without logging. That is the reason integrated solutions combine the two processes. Monitoring is used to:

Check performance
Detect if something worth noticing happened
Prevent something to happen
Detect whether a system is under attack and that is the most important part for the cyber security

Zabbix Monitoring system

Zabbix is an Open Source, high-level enterprise software designed to monitor and keep track of networks, servers and applications in real time. Build in a server-client model, Zabbix can collect different type of data than are used to create historical graphics and output performance or load trends of the monitored targets.

Monitoring is made of three components:

Software	Version	Comments
Apache	1.3.12 or later
PHP	5.0 or later
PHP modules: php-gd	GD 2.0 or later	PHP GD module must support PNG images.
PHP TrueType support		with-ttf
PHP bc support		php-bcmath, --enable-bcmath
PHP XML support		php-xml or php5-dom, if provided as a separate package by the distributor
PHP session support		php-session, if provided as a separate package by the distributor
PHP socket support		php-net-socket, --enable-sockets. Required for user script support.
PHP multibyte support		php-mbstring, --enable-mbstring
IBM DB2 ibm_db2		Required if IBM DB2 is used as Zabbix back end database.
MySQL php-mysql	3.22 or later	Required if MySQL is used as Zabbix back end database.
Oracle oci8		Required if Oracle is used as Zabbix back-end database.
PostgreSQL php-pgsql	7.0.2 or later if Zabbix < 1.8.9, 7.4 or later if Zabbix >= 1.8.9	Required if PostgreSQL is used as Zabbix back-end database. Consider using PostgreSQL 8.x or later for much better performance. It is suggested to use at least PostgreSQL 8.3, performance which introduced much better VACUUM.
SQLite php-sqlite3	3.3.5 or later	Required if SQLite is used as Zabbix back-end database.

The main advantages of Zabbix

Open-source
Customized Dashboards
Ease of Use
Monitor everything
Network Security
Performance
Agentless Monitoring
Hardware Monitoring

Why monitoring is important for cyber security

First thing is important for the cyber security professional is the CIA (Confidentiality, Integrity and Availability)What is CIA, and to get to the standards we need to implement the tools that provides the security for our data and servers that hosting the data.
Second system administrator need tools to react when something happened to the server, so system administrator need real time checks to make sure that everything is working in order.
Third Monitoring tools alerts should be readable for the administrator and fast, when something happened to the server or the service the monitoring tool should send the alerts in the exact time to give the administrator the time to fix it.
Fourth the attacks and threats which is more difficult to the system administrator to figure out what is going in the server, and the monitoring tools should has the detection solution for the common attacks.
Fifth the debugging, when system have error the monitor tool should have a readable debugging..

Setting up Zabbix

In the following tutorial, Ubuntu 16.04 64-bit distribution will be used LTS.

Prerequisites

Ubuntu Linux machine, sudo access and some Linux beginner skills are needed. [[|thumb|300px| Zabbix monitoring system]]

This tutorial describes the commands and configuration to make the services work together Zabbix.

It is important to have the latest package lists to update them to get info on the newest versions of packages and their dependencies. So we need to run the following command to update them:

Command sudo apt update sudo apt upgrade

Installing the prerequisites

The server has the ability to check standard networking services (HTTP, FTP, SMTP, IMAP etc) without the need to install extra software on the monitored hosts.

Begin with the commands: sudo apt install mysql-server

wget http://repo.zabbix.com/zabbix/3.2/ubuntu/pool/main/z/zabbix-release/zabbix-release_3.2-1+xenial_all.deb

dpkg -i zabbix-release_3.2-1+xenial_all.deb

apt-get update

apt-get install zabbix-server-mysql zabbix-frontend-php zabbix-agent zabbix-get zabbix-sender snmp snmpd snmp-mibs-downloader php7.0-bcmath php7.0-xml php7.0-mbstring

mysql -u root -p your password

create database zabbix character set utf8 collate utf8_bin;

grant all privileges on zabbix.* to zabbix@localhost identified by 'zabbix';

exit;

cd /usr/share/doc/zabbix-server-mysql/

zcat create.sql.gz | mysql -u root -p zabbix

mysql -u root -p your password

show databases;

use zabbix;

show tables;

exit;

cd /etc/zabbix/

And copy evenhandler directory to the nagios directory:

timedatectl list-timezones Or timedatectl

nano apache.conf

nano zabbix_server.conf

service apache2 restart

service zabbix-server restart

cd nagios-plugins-2.1.2/

service zabbis-server status

ifconfig

Open your web browser and YOURIPADDRESS/zabbix

Summary

Zabbix is an open source application for monitoring a system. Zabbix has been widely used because of the ease of configuration. Zabbix also in support by various plugins. Look here for more information zabbix-main-documentation.