Posts Taged network-monitoring

Home Posts Tagged "Network Monitoring"
Zabbix 8.0 Alpha1 Is Here: A First Look at the Future of Monitoring
By Dimitri Bellini20 November, 2025Blog

Zabbix 8.0 Alpha1 Is Here: A First Look at the Future of Monitoring

Good morning, everyone! Dimitri Bellini here, back with another episode on Quadrata, my channel dedicated to the world of open source and IT. This week, we’re diving into something I know many of you have been eagerly anticipating: the first alpha release of Zabbix 8.0!

This is a major Long-Term Support (LTS) release, and the roadmap is packed with exciting features that promise to reshape how we approach monitoring and observability. So, let’s explore what’s new, what’s coming, and what you can already get your hands on.

The Vision for Zabbix 8.0: A Focus on Observability

Before we get into the specifics of the alpha, it’s worth looking at the grand vision for Zabbix 8.0. The development is heavily focused on expanding into the realm of full-fledged observability. This means more than just collecting metrics; it’s about gaining deeper insights into our systems.

Key areas of development include:

  • OpenTelemetry and Log Ingestion: A huge step forward will be the native handling of OpenTelemetry data and enhanced log ingestion. This requires a robust backend, and Zabbix is exploring solutions like ClickHouse or OpenSearch to manage the massive amount of JSON-structured data that comes with it.

  • Event Correlation: A feature I’m personally very excited about is the advanced event correlation engine. This will be a game-changer for reducing message entropy and alert noise, allowing us to pinpoint root causes more effectively.

  • Enhanced Network Monitoring: We’re also seeing a big push in network monitoring, with support for data streaming via NetFlow and sFlow, tying directly into the broader observability goals.

What’s New in the First Alpha Release?

While the full vision will unfold over the coming months, the first alpha already delivers some fantastic quality-of-life improvements and new functionalities. Here are the highlights that stood out to me.

Finally! Inherited Tags in Latest Data

This is a big one. For a long time, the “Latest Data” page has been a source of frustration because it didn’t inherit tags from templates. If you’ve been in the Zabbix world for a while, you know that since the removal of “Applications,” filtering data for a specific component, like MySQL, became a bit of a chore. The community has been vocal about this, and I’m thrilled to say Zabbix has listened. Now, tags from your templates are visible directly in the Latest Data view, making it incredibly easy to filter and segregate items from the OS versus a specific application.

Streamlined SAML Authentication

For anyone working in an enterprise environment, managing SAML certificates could be a bit “rustic.” You had to manually place certificate files into the server’s file system. Zabbix 8.0 introduces a much more professional solution: you can now upload and manage SAML certificates directly through the web interface under Administration -> Authentication. This is a small but significant change that simplifies setup, reduces errors, and makes the whole process much cleaner.

New and Improved Templates

Zabbix continues to deliver excellent out-of-the-box templates. This release brings new additions for networking gear from Aruba, Cisco, StormShield, and Vyatta. Furthermore, the Proxmox template has received a much-needed overhaul. With the recent shifts in the virtualization landscape (looking at you, VMware), many are turning to Proxmox, and it’s great to see Zabbix providing a more modern, robust template for it. There are also improvements to the MySQL template, specifically around replication monitoring, and native monitoring support for Ceph storage, which is heavily used in Proxmox environments.

A Fresh Coat of Paint: New Font and UI Tweaks

Zabbix has moved on from the trusty Arial font to a new, more refined typeface. While the difference is subtle, it gives the interface a slightly more modern and elegant feel. You might not notice it at first glance, but it’s part of a continuous effort to improve the user experience.

New Visualization Power: The Scatterplot Widget

Version 8.0 introduces a brand-new dashboard widget: the scatterplot. This might not be for every use case, but it’s incredibly powerful for visualizing the relationship between two different metrics across multiple hosts. For example, you could plot the signal-to-noise ratio for dozens of access points, allowing you to instantly identify outliers and potential issues. It’s a fantastic tool for spotting correlations and anomalies that would be lost in a standard time-series graph.

Under the Hood Improvements

There are also some important changes that improve stability and performance, particularly in large-scale environments:

  • Improved Event Cleanup: When a trigger is deleted, the associated events are now cleaned up immediately, rather than waiting for the housekeeper process.

  • Smarter Proxy Throttling: The logic for how proxies send data to the server when the history cache is under pressure has been revised. This helps prevent data storms from proxies overwhelming the Zabbix server and avoids getting stuck in loops, which could happen in large installations with heavy log monitoring.

What’s Next? Alpha 2 and the Road to Release

The journey to Zabbix 8.0 LTS, expected around mid-2026, is just beginning. Work is already underway for Alpha 2, which is slated to introduce the JSON item type and the ClickHouse backend support—foundational pieces for the observability features we discussed. These additions will be critical for handling streaming data from OpenTelemetry and other sources, truly pushing Zabbix into the next era of monitoring.

I am incredibly excited to see these features develop and to test how they transform our ability to monitor complex, application-centric environments.

What Are You Most Excited About?

That’s a wrap for my first look at Zabbix 8.0 Alpha! From my perspective, the moves toward observability and better event correlation are the most exciting developments. But I want to hear from you!

What features are you most looking forward to? Is it the OpenTelemetry integration, the advanced event correlation, or perhaps the network topology improvements? Let me know in the comments below!

And if you’re not already part of our community, I invite you to join the conversation.

Thanks for tuning in. A big greeting from me, Dimitri, and I’ll see you next week. Bye everyone!

Read More

0

Mastering SNMP in Zabbix: A Deep Dive into Modern Monitoring Techniques
By Dimitri Bellini29 May, 2025Blog

Mastering SNMP in Zabbix: A Deep Dive into Modern Monitoring Techniques

Good morning, everyone! It’s Dimitri Bellini, and welcome back to my channel, Quadrata, where we explore the fascinating world of open source and IT. This week, I’m revisiting a topic that frequently comes up in my work: SNMP monitoring with Zabbix. There have been some significant updates in recent Zabbix versions, especially regarding how SNMP is handled, so I wanted to share a recap and dive into these new features.

If you enjoy this content, don’t forget to subscribe to the channel or give this video a thumbs up. Your support means a lot!

What Exactly is SNMP? A Quick Refresher

SNMP stands for Simple Network Management Protocol. It’s an internet standard protocol designed for collecting and organizing information about managed devices on IP networks. Think printers, switches, routers, servers, and even more specialized hardware. Essentially, it allows us to query these devices for valuable operational data.

Why Bother with SNMP?

You might wonder why we still rely on such an “old” protocol. The answer is simple:

  • Ubiquity: Almost every network-enabled device supports SNMP out of the box.

  • Simplicity (in concept): It provides a standardized way to access a wealth of internal device information without needing custom agents for every device type.

SNMP Fundamentals You Need to Know

Before diving into Zabbix specifics, let’s cover some SNMP basics:

  • Protocol Type: SNMP primarily uses UDP. This means it’s connectionless, which can sometimes make testing connectivity (like with Telnet for TCP) a bit tricky.

  • Components:

    • Manager: This is the entity that requests information. In our case, it’s the Zabbix Server or Zabbix Proxy.

    • Agent: This is the software running on the managed device that listens for requests from the manager and sends back the requested data.

  • Versions:

    • SNMPv1: The original, very basic.

    • SNMPv2c: The most commonly used version. It introduced improvements like the “GetBulk” operation and enhanced error handling. “c” stands for community-based.

    • SNMPv3: Offers significant security enhancements, including encryption and authentication. It’s more complex to configure but essential for secure environments.

  • Key Operations:

    • GET: Retrieves the value of a specific OID (Object Identifier).

    • GETNEXT: Retrieves the value of the OID following the one specified – useful for “walking” a MIB tree.

    • SET: (Rarely used in Zabbix for monitoring) Allows modification of a device’s configuration parameter via SNMP.

    • GETBULK: (Available in SNMPv2c and v3) Allows the manager to request a large block of data with a single request, making it much more efficient than multiple GET or GETNEXT requests. This is key for modern Zabbix performance!

The `GETBULK` operation is particularly important. Imagine querying a switch with 100 interfaces, and for each interface, you want 10 metrics. Without bulk requests, Zabbix would make 1000 individual requests. This can flood the device and cause its SNMP process to consume excessive CPU, especially on devices with less powerful processors. `GETBULK` significantly reduces this overhead.

Understanding OIDs and MIBs

You’ll constantly hear about OIDs and MIBs when working with SNMP.

  • OID (Object Identifier): This is a unique, numeric address that identifies a specific piece of information on a managed device. It’s like a path in a hierarchical tree structure. For example, an OID might point to a specific network interface’s operational status or its traffic counter.

  • MIB (Management Information Base): A MIB is essentially a database or a “dictionary” that describes the OIDs available on a device. It maps human-readable names (like `ifDescr` for interface description) to their numeric OID counterparts and provides information about the data type, access rights (read-only, read-write), and meaning of the data. MIBs can be standard (e.g., IF-MIB for network interfaces, common across vendors) or vendor-specific.

To navigate and understand MIBs and OIDs, I highly recommend using a MIB browser. A great free tool is the iReasoning MIB Browser. It’s a Java application that you can download and run without extensive installation. You can load MIB files (often downloadable from vendor websites or found via Google) into it, visually explore the OID tree, see the numeric OID for a human-readable name, and get descriptions of what each OID represents.

For example, in a MIB browser, you might find that `ifOperStatus` (interface operational status) returns an integer. The MIB will tell you that `1` means “up,” `2` means “down,” `3` means “testing,” etc. This information is crucial for creating value mappings in Zabbix to display human-friendly statuses.

SNMP Monitoring in Zabbix: The Evolution

Zabbix has supported SNMP for a long time, but the way we implement it has evolved, especially with recent versions.

The “Classic” Approach (Pre-Zabbix 6.4)

Traditionally, SNMP monitoring in Zabbix involved:

  • SNMP Agent Items: You’d create an item of type “SNMP agent” and provide the specific numeric OID (or its textual representation if the MIB was installed on the Zabbix server/proxy) in the “SNMP OID” field.

  • Discovery Rules: For discovering multiple instances (like network interfaces), you’d use a discovery rule, again specifying OIDs. The key would often look like `discovery[{#SNMPVALUE},oid1,{#IFDESCR},oid2,…]`. Each OID would populate a Low-Level Discovery (LLD) macro.

Limitations of the Classic Approach:

  • No True Bulk Requests: Even if “Use bulk requests” was checked in the host interface settings, it was more of an optimization for multiple *items* rather than fetching multiple OID values for a *single* item or discovery rule efficiently. Each OID in a discovery rule often meant a separate query.

  • Synchronous Polling: Each SNMP check would typically occupy a poller process until it completed.

  • Potential Device Overload: As mentioned earlier, many individual requests could strain the monitored device.

The Modern Approach with Zabbix 6.4+

Zabbix 6.4 brought a significant game-changer with new SNMP item types:

  • `snmp.get[OID]`: For fetching a single OID value.

  • `snmp.walk[OID1,OID2,…]`: This is the star of the show! It allows you to “walk” one or more OID branches and retrieve all underlying data in a single operation. The output is a large text block containing all the fetched OID-value pairs.

Key Benefits of the snmp ‘walk’ Approach:

  • True Bulk SNMP Requests: The snmp ‘walk’ item inherently uses bulk SNMP operations (for SNMPv2c and v3), making data collection much more efficient.

  • Asynchronous Polling Support: These new item types work with Zabbix’s asynchronous polling capabilities, meaning a poller can initiate many requests without waiting for each one to complete, freeing up pollers for other tasks.

  • Reduced Load on Monitored Devices: Fewer, more efficient requests mean less stress on your network devices.

  • Master/Dependent Item Architecture: The snmp ‘walk’ item is typically used as a “master item.” It collects a large chunk of data once. Then, multiple “dependent items” (including discovery rules and item prototypes) parse the required information from this master item’s output without making additional SNMP requests.

Implementing the Modern SNMP Approach in Zabbix

Let’s break down how to set this up:

1. Configure the SNMP Interface on the Host

In Zabbix, when configuring a host for SNMP monitoring:

  • Add an SNMP interface.

  • Specify the IP address or DNS name.

  • Choose the SNMP version (v1, v2, or v3). For v2c, you’ll need the Community string (e.g., “public” or whatever your devices are configured with). For v3, you’ll configure security name, levels, protocols, and passphrases.

  • Max repetitions: This setting (default is often 10) applies to snmp ‘walk’ items and controls how many “repeats” are requested in a single SNMP GETBULK PDU. It influences how much data is retrieved per underlying bulk request.

  • Use combined requests: This is the *old* “Use bulk requests” checkbox. When using the new snmp ‘walk’ items, this is generally not needed and can sometimes interfere. I usually recommend unchecking it if you’re fully embracing the snmp ‘walk’ methodology. The snmp ‘walk’ item itself handles the efficient bulk retrieval.

2. Create the Master snmp ‘walk’ Item

This item will fetch all the data you need for a set of related metrics or a discovery process.

  • Type: SNMP agent

  • Key: `snmp.walk[oid.branch.1, oid.branch.2, …]`

    Example: `snmp.walk[IF-MIB::ifDescr, IF-MIB::ifOperStatus, IF-MIB::ifAdminStatus]` or using numeric OIDs.

  • Type of information: Text (as it returns a large block of text).

  • Set an appropriate update interval.

This item will collect data like:



IF-MIB::ifDescr.1 = STRING: lo

IF-MIB::ifDescr.2 = STRING: eth0

IF-MIB::ifOperStatus.1 = INTEGER: up(1)

IF-MIB::ifOperStatus.2 = INTEGER: down(2)

...and so on for all OIDs specified in the key.

3. Create a Discovery Rule (Dependent on the Master Item)

If you need to discover multiple instances (e.g., network interfaces, storage volumes):

  • Type: Dependent item

  • Master item: Select the snmp ‘walk’ master item created above.

  • Preprocessing Steps: This is where the magic happens!

    • Add a preprocessing step: SNMP walk to JSON.

      • Parameters: This is where you define your LLD macros and map them to the OIDs from the snmp ‘walk’ output.


        
{#IFDESCR} => IF-MIB::ifDescr
        
{#IFOPERSTATUS} => IF-MIB::ifOperStatus
        
{#IFADMINSTATUS} => IF-MIB::ifAdminStatus
        
// or using numeric OIDs:
        
{#IFDESCR} => .1.3.6.1.2.1.2.2.1.2
        
{#IFOPERSTATUS} => .1.3.6.1.2.1.2.2.1.8

      • This step transforms the flat text output of snmp ‘walk’ into a JSON structure that Zabbix LLD can understand. It uses the SNMP index (the number after the last dot in the OID, e.g., `.1`, `.2`) to group related values for each discovered instance. Zabbix automatically makes `{#SNMPINDEX}` available.

The `SNMP walk to JSON` preprocessor will generate JSON like this, which LLD uses to create items based on your prototypes:



[

    { "{#SNMPINDEX}":"1", "{#IFDESCR}":"lo", "{#IFOPERSTATUS}":"1", ... },

    { "{#SNMPINDEX}":"2", "{#IFDESCR}":"eth0", "{#IFOPERSTATUS}":"2", ... }

]

4. Create Item Prototypes (Dependent on the Master Item)

Within your discovery rule, you’ll create item prototypes:

  • Type: Dependent item

  • Master item: Select the same snmp ‘walk’ master item.

  • Key: Give it a unique key, often incorporating LLD macros, e.g., `if.operstatus.[{#IFDESCR}]`

  • Preprocessing Steps:

    • Add a preprocessing step: SNMP walk value.

      • Parameters: Specify the OID whose value you want to extract for this specific item prototype, using `{#SNMPINDEX}` to get the value for the correct discovered instance.


        
IF-MIB::ifOperStatus.{#SNMPINDEX}
        
// or numeric:
        
.1.3.6.1.2.1.2.2.1.8.{#SNMPINDEX}

    • Add other necessary preprocessing steps (e.g., “Change per second,” “Multiply by 8” for bits to Bytes/sec, custom scripts, value mapping).

For static items (not discovered) that should also use the data from the snmp ‘walk’ master item, you’d create them as dependent items directly under the host, also using the “SNMP walk value” preprocessor, but you’d specify the full OID including the static index (e.g., `IF-MIB::ifOperStatus.1` if you always want the status of the interface with SNMP index 1).

Practical Tips & Troubleshooting

  • Use `snmpwalk` Command-Line Tool: Before configuring in Zabbix, test your OIDs and community strings from your Zabbix server or proxy using the `snmpwalk` command (part of `net-snmp-utils` or similar packages on Linux).

    Example: `snmpwalk -v2c -c public your_device_ip IF-MIB::interfaces`

    Use the `-On` option (`snmpwalk -v2c -c public -On your_device_ip .1.3.6.1.2.1.2`) to see numeric OIDs, which can be very helpful.

  • Check Zabbix Server/Proxy Logs: If things aren’t working, the logs are your best friend. Increase debug levels if necessary.

  • Consult Zabbix Documentation: The official documentation is a valuable resource for item key syntax and preprocessing options.

  • Test Preprocessing Steps: Zabbix allows you to test your preprocessing steps. For dependent items, you can copy the output of the master item and paste it as input for testing the dependent item’s preprocessing. This is invaluable for debugging `SNMP walk to JSON` and `SNMP walk value`.

Wrapping Up

The introduction of snmp ‘walk’ and the refined approach to SNMP in Zabbix 6.4+ is a massive improvement. It leads to more efficient polling, less load on your monitored devices, and a more streamlined configuration once you grasp the master/dependent item concept with preprocessing.

While it might seem a bit complex initially, especially the preprocessing steps, the benefits in performance and scalability are well worth the learning curve. Many of the newer official Zabbix templates are already being converted to use this snmp ‘walk’ method, but always check, as some older ones might still use the classic approach.

That’s all for today! I hope this deep dive into modern SNMP monitoring with Zabbix has been helpful. I got a bit long, but there was a lot to cover!

What are your experiences with SNMP in Zabbix? Have you tried the new snmp ‘walk’ items? Let me know in the comments below!

Don’t forget to check out my YouTube channel for more content:

Quadrata on YouTube

And join the Zabbix Italia community on Telegram:

ZabbixItalia Telegram Channel

See you next week, perhaps talking about something other than Zabbix for a change! Bye everyone, from Dimitri Bellini.

Read More

0