Zabbix Integration Guide

Zabbix is a mature and effortless enterprise-class open source monitoring solution for network monitoring and application monitoring of millions of metrics. Integrate AlertOps’ alert management platform with Zabbix to receive and respond to critical alerts through email, SMS, push notification, and phone alerts. AlertOps ensures that alerts received from Zabbix always reach the correct, available team member by utilizing escalation policies and on-call schedules.

Configuration

  1. From the main menu, click on Integrations and then select Inbound Integrations from the sub menu.
  2. Select API tab
  3. Select the 'ADD API INTEGRATION' button.
  4. You should now be on the API Integration Detail page. Select Zabbix from the pre-built Integration Templates.
  5. Enter a name for the integration. Select an escalation rule to determine the integration's escalation policy. And, enter the names of recipient group(s) and recipient user(s). Click 'SAVE.' Then, click 'COPY URL' to copy the URL endpoint to be used in the Zabbix configuration.

In Zabbix:

1) Navigate to Media Types in Zabbix.

zabbix media type

2) Create a Webhook Media Type for AlertOps. Enter all the parameters provided in the image below. In value for the field "endpoint" enter your Integration URL copied from AlertOps.

3) Within the Script field, please copy and paste the below code:

try {


var params = JSON.parse(value),
req = new CurlHttpRequest(),
body = {},
resp = '';

if (typeof params.HTTPProxy === 'string' && params.HTTPProxy.trim() !== '') {
req.SetProxy(params.HTTPProxy);
}

req.AddHeader('Content-Type: application/json');

body.Event_Id = params.eventid;
body.Trigger_Name= params.Trigger_Name;
body.Trigger_Status= params.Trigger_Status;
body.Severity= params.severity;
body.Event_date= params.eventdate;
body.Event_time= params.eventtime;
body.Trigger_description= params.triggerdesc;
body.Event_OpData= params.eventopdata;
body.Event_tags= params.eventtags;
body.Host_Name= params.hostname;
body.Host_IP= params.hostip;
body.source_url = params.url+ '/tr_events.php?triggerid=' + params.triggerid + '&eventid=' + params.eventid;

Zabbix.Log(4, '[AlertOps Webhook] Sending request:' + JSON.stringify(body));
resp = req.Post(params.endpoint,
JSON.stringify(body)
);
Zabbix.Log(4, '[AlertOps Webhook] Receiving response:' + resp);

if (req.Status() != 200) {
throw 'Unknown error.';
}

return 'OK';
}
catch (error) {
Zabbix.Log(3, '[AlertOps Webhook] Notification failed : ' + error);
throw 'AlertOps notification failed : ' + error;
}

4) Next we'll create a User and User Group for AlertOps and add the AlertOps media type

Navigate to the User Groups Tab and Create The AlertOps Notification Group:

Provide the Necessary Permissions to the required hosts on which to send a message to AlertOps.

Create a User Labeled AlertOps and add it to your created user group:

4) Finally we will Create an action that will execute whenever the matching conditions of a trigger occur.

Under Configuration, navigate to Actions and Create an Action Labeled AlertOps:

On the Actions page, add at least one condition upon which this action will execute. In this example, we have a Trigger severity greater than or equal to the level of "Warning".

Once you've modified your conditions and updated your action, move to the operations tab.

Here, we have operations for when a problem is created versus upon recovery and any subsequent updates. Within the operation itself, configure your Operation Type to be "Send Message" and select the user group we just created for the "Send to User Groups" field. Finally, within the "Send only to" field, select the AlertOps media type you just created.

**Repeat those for the Recovery Operations and if necessary you can configure the action to execute on updates to the problem as well**

Alert Triggering Information

AlertOps will automatically create an incident when a new alert is received from Zabbix with an IncidentStatus status of “PROBLEM.”

If an alert with status “PROBLEM” matches an existing Open Alert, AlertOps will recognize the new alert as a duplicate and ignore the alert. The alert will be recorded in the Inbound Messages table as “Mapped Appended.”

AlertOps will automatically close the same incident when an alert with an IncidentStatus status “OK” is received.

Testing and Troubleshooting

Click here to read about Web API Testing and Troubleshooting. 

Did this answer your question?