Improve writing

ckuelker · May 26, 2023 · adfa363 · adfa363
1 parent a2cf403
commit adfa363
Showing 1 changed file with 104 additions and 100 deletions.
diff --git a/DevOps/Monitoring/zabbix.md b/DevOps/Monitoring/zabbix.md
@@ -1,8 +1,8 @@
 ---
 title: Zabbix
 author: Christian Külker
-date: 2022-06-07 
-version: 0.1.3
+date: 2023-05-26
+version: 0.1.4
 type: doc
 disclaimer: True
 toc: True
@@ -29,9 +29,9 @@ with a PHP front end. Features are:
 - sending alerts via e-mail, SMS and Jabber
 - data stored in a relational database
 
-[Zabbix] ships with an API for developers that provides access to almost all
-functions in [Zabbix]. It supports a two-way integration with most other
-software. The API can be used to integrate [Zabbix] functions into third-party
+[Zabbix] ships with a developer API that provides access to almost all of the
+functionality in [Zabbix]. It supports two-way integration with most other
+software. The API can be used to integrate [Zabbix] functions into third party
 software.
 
 ## Debian Packages
@@ -58,13 +58,13 @@ A `zabbix` client is called __agent__ in `zabbix` lingo.
 
 ## Installing Zabbix on Debian 10 Buster
 
-The following instructions will try to be as generic as possible. This guide
-will show how to install and configure the latest release (4.0.4) of [Zabbix]
-Server on Debian 10 with a MySQL (MariaDB) database, PHP for the front end and
-Apache Web Server 2 as the web interface. This is not the latest release that
-would run on Debian 10 Buster. Since this is the official version for Debian 10
-Buster, updates will be available. However it is possible to install newer
-versions on Debian 10 Buster from the [Zabbix] web site.
+The following instructions will try to be as general as possible. This guide
+will show you how to install and configure the latest release (4.0.4) of the
+[Zabbix] server on Debian 10 with a MySQL (MariaDB) database, PHP for the
+frontend and Apache Web Server 2 for the web interface. This is not the latest
+release that would run on Debian 10 Buster. Since this is the official release
+for Debian 10 Buster, updates will be available. However, it is possible to
+install newer versions on Debian 10 Buster from the [Zabbix] website.
 
 ### Zabbix 4.0.4 Server
 
@@ -74,7 +74,7 @@ Install the [Zabbix] server with MySQL (MariaDB) support.
 aptitude install zabbix-server-mysql
 ```
 
-Secure the database server (if not already done). The questions are
+Back up the database server (if not already done). These questions are
 self-explanatory.
 
 ```bash
@@ -92,9 +92,9 @@ FLUSH PRIVILEGES;
 quit
 ```
 
-Unfortunately the table definition of `host_inventory` has to be changed for
-the table to fit into the mariadb 10.3 dynamic table format.  (see
-[row-size-too-large] for details)
+Unfortunately, the table definition of `host_inventory` needs to be changed to
+fit the mariadb 10.3 dynamic table format.  (see [row-size-too-large] for
+details).
 
 Add the following two lines at the beginning of:
 `/usr/share/zabbix-server-mysql/schema.sql.gz`
@@ -104,8 +104,9 @@ SET GLOBAL innodb_default_row_format='dynamic';
 SET SESSION innodb_strict_mode=ON;
 ```
 
-And at about line 1280 change all `varchar()` definition within the table
-`host_inventory` with numbers smaller than 256 to 256 like so `varchar(256)`.
+And at about line 1280, change all `varchar()` definitions within the
+`host_inventory` table with numbers less than 256 to 256 like this
+`varchar(256)`.
 
 
 Populate the database
@@ -130,8 +131,8 @@ echo "DBUser=zabbix" >> /etc/zabbix/zabbix_server.conf
 echo "DBPassword=CHANGE_ME" >> /etc/zabbix/zabbix_server.conf
 ```
 
-In case you use a firewall you have to open port `tcp/10051`. There is also the
-service `zabbix-server` for `firewalld`.
+If you are using a firewall, you will need to open port `tcp/10051`. There is
+also the service `zabbix-server` for `firewalld`.
 
 ### Zabbix 4.0.4 Front End
 
@@ -142,8 +143,8 @@ Remember to specify a PHP date.timezone in
 
 #### Securing Zabbix 4.0.4 PHP Front End
 
-To restrict the directories allowed to be read by your [Zabbix] PHP front end,
-setting a PHP `open_basedir` directive is suggested.
+To restrict the directories that are allowed to be read by your [Zabbix] PHP
+frontend, setting a PHP `open_basedir` directive is suggested.
 
 Put this example in your
 `/etc/apache2/conf-available/zabbix-frontend-php.conf`, near the other
@@ -156,15 +157,15 @@ php_admin_value open_basedir /usr/share/zabbix/:/var/lib/zabbix:/etc/zabbix:\
 
 ### Setting Better Default Passwords
 
-A one line command to set the `Admin` password.
+A one-line command to set the `admin` password.
 
 ```bash
 PW=`/usr/bin/pwgen -y -N 1 $((8 + RANDOM % 12 ))|/usr/bin/perl -pe 'chomp'`;\
 echo "$PW";\
 echo "update users set passwd=md5('$PW') where alias='Admin';"|mysql zabbix
 ```
 
-A one line command to set the `guest` password.
+A one-line command to set the `guest` password.
 
 ```bash
 PW=`/usr/bin/pwgen -y -N 1 $((8 + RANDOM % 12 ))|/usr/bin/perl -pe 'chomp'`;\
@@ -174,26 +175,26 @@ echo "update users set passwd=md5('$PW') where alias='guest';"|mysql zabbix
 
 ## Zabbix 4.0.4 Client
 
-The client in the [Zabbix] world is called `agent`. Installation is straight
-forward.
+The client in the [Zabbix] world is called an `agent`. Installation is
+straightforward.
 
 ```bash
 aptitude install zabbix-agent
 ```
 
-Under Debian 10 Buster is the [Zabbix] client configured to use a [Zabbix]
-server on `localhost`. Of course this is seldom the case. To use a different
-server, add server IP to the entries of `Server` and `ServerActive` parameters
-inside the client configuration `/etc/zabbix/zabbix_agentd.conf`.
+On Debian 10 Buster, the [Zabbix] client is configured to use a [Zabbix] server
+on `localhost`. Of course, this is rarely the case. To use a different server,
+add the server IP to the entries of the `Server` and `ServerActive` parameters
+in the client configuration `/etc/zabbix/zabbix_agentd.conf`.
 
-In case you use a firewall you have to open port `tcp/10050`. There is also the
-service `zabbix-agent` for `firewalld`.
+If you are using a firewall, you will need to open port `tcp/10050`. There is
+also the service `zabbix-agent` for `firewalld`.
 
-There are different ways to add a client to the [Zabbix] server. One method is
-to log into the web front end and select 'Configuration', 'Hosts' and  press
-the blue button `Create host` in the upper right corner. Add a template via
-'Configuration' -> 'Host' -> click on host name under name column ->
-'Templates' (of that host).
+There are several ways to add a client to the [Zabbix] server. One method is to
+log into the web frontend, select 'Configuration', 'Hosts' and press the blue
+'Create Host' button in the top right corner. Add a template via
+'Configuration' -> 'Host' -> click on the host name in the name column ->
+'Templates' (of this host).
 
 ## Links
 
@@ -203,80 +204,83 @@ the blue button `Create host` in the upper right corner. Add a template via
 
 ## Critique Zabbix 4.0.4
 
-While the installation of [Zabbix] is easy and straight forward and a lot of
-data can be collected easily with templates and nice graphs can be made
-visible, [Zabbix] 4.0.4 (and likely others) suffers from architecture
-deficits, probably resulting from the very flexible data model.
-
-- Automatic setup of Zabbix server templates differs from other servers
-- Host groups do not allow to apply automatic template assignments
-- Template assignments have to be done on a per host basis
-- Not working/supported templates distributed (MySQL)
-- Not working/supported templates can be chosen
-- When chosen a not supported template [Zabbix] will not complain
-- Working data queries are not always displayed, but only problems: seeing no
-  problems, do not mean that there is no problem, as some [Zabbix] problems are
-  discarded silently: this is a no go for a monitoring system (this forbids to
-  use [Zabbix] as the only monitoring system for an installation)
-- No easy default graph setup. All graphs have to be chosen for each host
-- No default dashboard/ overview over working services/data collection
-- Encryption not default setup
-- Discovered hosts can not be added via web interface
-- Maps are not updated automatically (and not added/updated from database)
-- Difficult to add templates/ data queries (for inexperienced people)
-- Number of unsupported items are displayed in dashboard, but no link and
-  difficult to understand which item is not supported
-- When adding a template to a host, not a button like "update" (as displayed
-  under the form) but the link "add" inside the form has to be clicked: this
-  breaks usability and is not intuitive. A button would be preferable.
-- Naming of boxes are not intuitive: box 1 "Linked templates" and box 2 "Link
-  new template". Changing box 2 will update box 1. A different design with only
-  1 box would be better. Also the "add" link works as a **button** that do not
-  add something, but link a template. How confusing can it be?
-- Some hosts added to host groups are shown in the inventory, but others are
-  not. This points to the fact that some concepts are not understandable via
-  the web interface and that some data dependency concepts are implicit and can
-  only be understood via a manual
-- Most functions of the web interface have no default query, but need a manual
-  query. While this clearly has the advantage of flexibility, junior admins
-  would probably do not know what to query in the first place.
-- Default query of Audit Report says 'no data'
-- Default query of Action log Report says 'no data'
-- No host specific reports
-- When clicking a top level tab like "Monitoring" the sub level tab is updated,
-  but not the page content and a second click on the sub level tab has to be
-  performed. This is clearly a bug
+While the installation of [Zabbix] is simple and straightforward, and a lot of
+data can be easily collected with templates and nice graphs can be made
+visible, [Zabbix] 4.0.4 (and probably others) suffers from architectural
+shortcomings, probably resulting from the very flexible data model.
+
+- Automatic setup of Zabbix server templates differs from other servers.
+- Host groups don't allow automatic template assignments to be applied.
+- Template assignments must be done on a per-host basis.
+- Unsupported or non-working templates are distributed (MySQL).
+- Unsupported or non-working templates can be selected.
+- When an unsupported template is chosen, Zabbix doesn't issue a complaint.
+- Working data queries aren't always displayed, only problems are. Not seeing
+  problems doesn't mean there aren't any, as some Zabbix issues are silently
+  ignored. This is unacceptable for a monitoring system, making Zabbix
+  unsuitable as the sole monitoring system for an installation.
+- There's no simple default graph setup. All graphs must be chosen for each host.
+- There's no default dashboard or overview of working services/data collection.
+- Encryption isn't set up by default.
+- Discovered hosts can't be added via the web interface.
+- Maps aren't updated automatically and aren't added/updated from the database.
+- It's difficult to add templates or data queries (especially for inexperienced
+   people).
+- The number of unsupported items is displayed on the dashboard, but there's no
+  link and it's hard to understand which item is unsupported.
+- When adding a template to a host, the "add" link inside the form should be
+  clicked, not an "update" button (as displayed under the form). This disrupts
+  usability and isn't intuitive. A button would be more preferable.
+- The naming of boxes isn't intuitive: Box 1 is "Linked templates" and Box 2 is
+  "Link new template". Changing Box 2 will update Box 1. A different design
+  with only one box would be better. Additionally, the "add" link acts as a
+  __button__ that doesn't add something, but links a template. This can be 
+  confusing.
+- Some hosts added to host groups are shown in the inventory, but others
+  aren't. This suggests that some concepts can't be understood via the web
+  interface and that some data dependency concepts are implicit and can only be
+  understood through a manual.
+- Most functions of the web interface don't have a default query, but require a
+  manual query. While this provides flexibility, junior admins may not know
+  what to query initially.
+- The default query for the Audit Report indicates 'no data'.
+- The default query for the Action Log Report indicates 'no data'.
+- There are no host-specific reports.
+- When clicking a top-level tab like "Monitoring", the sub-level tab updates,
+  but not the page content. A second click on the sub-level tab must be
+  performed. This is clearly a bug.
 - ...
 
-Therefore one get the impression that the web interface in its fresh installed
-form is not programmed with the vision in mind to monitor computer systems but
-to query a database in as many as possible ways.
+Therefore, one gets the impression that the web interface in its freshly
+installed form is not programmed with the vision of monitoring computer
+systems, but of querying a database in as many ways as possible.
 
 However, there are good preconfigured [Zabbix] instances that have a plethora
-of graphs, dash boards and other aggregated data points from which a system
-administrator can understand the situation (an not only the problems) of an
-installation/cluster. As a consequence, there is a huge added value, for a
-preconfigured [Zabbix] installation as some cluster administration stacks
+of graphs, dashboards and other aggregated data points from which a system
+administrator can understand the situation (and not just the problems) of an
+installation/cluster. As a result, there is a huge added value to a
+pre-configured [Zabbix] installation, such as some cluster management stacks
 provide.
 
-A word on [Zabbix] deployment. In case a preconfigured [Zabbix] server needs to
-be deployed to many sites or if it has to be set up for a certain hardware
-entity, like a rack or chassis (as a cluster entity for example), the [Zabbix]
-server configuration lies mostly in its database and not in from of
-configuration files. This means [Zabbix] has no separation of configuration and
-process data. Therefore, if the configuration was only performed via the web
-interface, the content of the database has to be duplicated and host
-values/process data would need to be removed from the database for new hardware
-entities. This also would make [Zabbix] updates very difficult. The solution or
-an easy solution to this problem is not known to me, but seems like a major
-problem. Other monitor systems like [Icinga2] or [Nagios] which are configured
-via files can easily be distributed/cloned via git, puppet or other means, as
-they separate process data from configuration data.
+A word about [Zabbix] deployment. If a pre-configured [Zabbix] server needs to
+be deployed to many sites, or if it needs to be set up for a specific hardware
+entity such as a rack or chassis (e.g. as a cluster entity), the [Zabbix]
+server configuration is mostly stored in its database and not in a set of
+configuration files. This means that [Zabbix] has no separation between
+configuration and process data. Therefore, if the configuration is done only
+through the web interface, the database content would have to be duplicated and
+host values/process data would have to be removed from the database for new
+hardware entities. This would also make [Zabbix] updates very difficult. I am
+not aware of a solution or a simple workaround for this problem, but it seems
+to be a major issue. Other monitoring systems like [Icinga2] or [Nagios] which
+are configured via files can be easily distributed/cloned via git, puppet or
+other means as they separate process data from configuration data.
 
 ## History
 
 | Version | Date       | Notes                                                |
 | ------- | ---------- | ---------------------------------------------------- |
+| 0.1.4   | 2023-05-26 | Improve writing                                      |
 | 0.1.3   | 2022-06-07 | Client explanation, shell->bash                      |
 | 0.1.2   | 2020-12-27 | Critique Zabbix 4.0.4                                |
 | 0.1.1   | 2020-12-18 | Add hint for client configuration                    |