File: //etc/zabbix/zabbix_agentd.conf
#
# Ansible managed
#
# this is a config file for zabbix agent
# to get more information about zabbix, visit http://www.zabbix.com
############ general parameters #################
### option: pidfile
# name of pid file.
#
PidFile=/var/run/zabbix/zabbix_agentd.pid
### Option: LogType
# Specifies where log messages are written to:
# system - syslog
# file - file specified with LogFile parameter
# console - standard output
#
# Mandatory: no
# Default:
LogType=file
### option: logfile
# name of log file.
# if not set, syslog is used.
#
LogFile=/var/log/zabbix/zabbix_agentd.log
### option: logfilesize
# maximum size of log file in mb.
# 0 - disable automatic log rotation.
#
LogFileSize=100
### option: debuglevel
# specifies debug level
# 0 - no debug
# 1 - critical information
# 2 - error information
# 3 - warnings
# 4 - for debugging (produces lots of information)
#
DebugLevel=3
### option: sourceip
# source ip address for outgoing connections.
#
SourceIP=10.225.122.241
### option: enableremotecommands
# whether remote commands from zabbix server are allowed.
# 0 - not allowed
# 1 - allowed
#
EnableRemoteCommands=1
### option: logremotecommands
# enable logging of executed shell commands as warnings.
# 0 - disabled
# 1 - enabled
#
LogRemoteCommands=0
##### passive checks related
### option: server
# list of comma delimited ip addresses (or hostnames) of zabbix servers.
# incoming connections will be accepted only from the hosts listed here.
# no spaces allowed.
# if ipv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally.
#
# mandatory: yes
# default:
# server=
Server=zabbix-proxy.dreamhost.com,zabbix.dreamhost.com,10.5.22.0/23,10.9.4.0/23,10.10.10.10,66.33.200.4,208.113.156.25
### option: listenport
# agent will listen on this port for connections from the server.
#
ListenPort=10050
### option: listenip
# list of comma delimited ip addresses that the agent should listen on.
# first ip address is sent to zabbix server if connecting to it to retrieve list of active checks.
#
ListenIP=10.225.122.241
### option: startagents
# number of pre-forked instances of zabbix_agentd that process passive checks.
# if set to 0, disables passive checks and the agent will not listen on any tcp port.
#
StartAgents=3
##### active checks related
### option: serveractive
# list of comma delimited ip:port (or hostname:port) pairs of zabbix servers for active checks.
# if port is not specified, default port is used.
# ipv6 addresses must be enclosed in square brackets if port for that host is specified.
# if port is not specified, square brackets for ipv6 addresses are optional.
# if this parameter is not specified, active checks are disabled.
# example: serveractive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1]
#
ServerActive=zabbix-proxy.dreamhost.com
### option: hostname
# unique, case sensitive hostname.
# required for active checks and must match hostname as configured on the server.
# value is acquired from hostnameitem if undefined.
#
Hostname=sled20179
### option: hostnameitem
# item used for generating hostname if it is undefined.
# ignored if hostname is defined.
#
### option: hostmetadata
# optional parameter that defines host metadata.
# host metadata is used at host auto-registration process.
# an agent will issue an error and not start if the value is over limit of 255 characters.
# if not defined, value will be acquired from hostmetadataitem.
#
HostMetadata=:customer_host:
### option: hostmetadataitem
# optional parameter that defines an item used for getting host metadata.
# host metadata is used at host auto-registration process.
# during an auto-registration request an agent will log a warning message if
# the value returned by specified item is over limit of 255 characters.
# this option is only used when hostmetadata is not defined.
#
### Option: AllowKey
# Optional parameter that defines AllowKey
# Allow execution of those item keys that match a pattern.
# Key pattern is a wildcard expression that supports "*" character to match any number of any characters.
# Multiple key matching rules may be defined in combination with DenyKey.
# The parameters are processed one by one according to their appearance order.
### Option: DenyKey
# Deny execution of items keys matching pattern.
# Multiple keys matching rules may be defined in combination with AllowKey.
# Key pattern is wildcard expression, which support "*" character to match any number of any characters in certain position. It might be used in both key name and key arguments.
# Parameters are processed one by one according their appearance order.
# If no AllowKey or DenyKey rules defined, all keys are allowed.
# Unless another system.run[*] rule is specified DenyKey=system.run[*] is added by default.
#
# Mandatory: no
# Default:
# DenyKey=system.run[*]
### option: refreshactivechecks
# how often list of active checks is refreshed, in seconds.
#
RefreshActiveChecks=120
### option: buffersend
# do not keep data longer than n seconds in buffer.
#
BufferSend=5
### option: buffersize
# maximum number of values in a memory buffer. the agent will send
# all collected data to zabbix server or proxy if the buffer is full.
#
BufferSize=100
### option: maxlinespersecond
# maximum number of new lines the agent will send per second to zabbix server
# or proxy processing 'log' and 'logrt' active checks.
# the provided value will be overridden by the parameter 'maxlines',
# provided in 'log' or 'logrt' item keys.
#
MaxLinesPerSecond=100
############ advanced parameters #################
### option: alias
# sets an alias for parameter. it can be useful to substitute long and complex parameter name with a smaller and simpler one.
#
### option: timeout
# spend no more than timeout seconds on processing
#
Timeout=15
### option: allowroot
# allow the agent to run as 'root'. if disabled and the agent is started by 'root', the agent
# will try to switch to user 'zabbix' instead. has no effect if started under a regular user.
# 0 - do not allow
# 1 - allow
#
AllowRoot=0
### Option: User
# Drop privileges to a specific, existing user on the system.
# Only has effect if run as 'root' and AllowRoot is disabled.
#
# Mandatory: no
# Default:
### option: include
# you may include individual files or all files in a directory in the configuration file.
# installing zabbix will create include directory in /usr/local/etc, unless modified during the compile time.
#
Include=/etc/zabbix/zabbix_agentd.d
####### user-defined monitored parameters #######
### option: unsafeuserparameters
# allow all characters to be passed in arguments to user-defined parameters.
# 0 - do not allow
# 1 - allow
#
UnsafeUserParameters=0
### option: userparameter
# user-defined parameter to monitor. there can be several user-defined parameters.
# format: userparameter=<key>,<shell command>
# note that shell command must not return empty string or eol only.
# see 'zabbix_agentd' directory for examples.
#
# mandatory: no
# default:
# userparameter=
# disabled. an configuration file should be placed on directory: /etc/zabbix/zabbix_agentd.d
####### LOADABLE MODULES #######
### Option: LoadModulePath
# Full path to location of agent modules.
# Default depends on compilation options.
#
LoadModulePath=${libdir}/modules
### Option: LoadModule
# Module to load at agent startup. Modules are used to extend functionality of the agent.
# Format: LoadModule=<module.so>
# The modules must be located in directory specified by LoadModulePath.
# It is allowed to include multiple LoadModule parameters.
#
####### TLS-RELATED PARAMETERS #######
### Option: TLSConnect
# How the agent should connect to server or proxy. Used for active checks.
# Only one value can be specified:
# unencrypted - connect without encryption
# psk - connect using TLS and a pre-shared key
# cert - connect using TLS and a certificate
#
# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
# Default:
# TLSConnect=unencrypted
### Option: TLSAccept
# What incoming connections to accept.
# Multiple values can be specified, separated by comma:
# unencrypted - accept connections without encryption
# psk - accept connections secured with TLS and a pre-shared key
# cert - accept connections secured with TLS and a certificate
#
# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
# Default:
# TLSAccept=unencrypted
### Option: TLSCAFile
# Full pathname of a file containing the top-level CA(s) certificates for
# peer certificate verification.
#
# Mandatory: no
# Default:
# TLSCAFile=
### Option: TLSCRLFile
# Full pathname of a file containing revoked certificates.
#
# Mandatory: no
# Default:
# TLSCRLFile=
### Option: TLSServerCertIssuer
# Allowed server certificate issuer.
#
# Mandatory: no
# Default:
# TLSServerCertIssuer=
### Option: TLSServerCertSubject
# Allowed server certificate subject.
#
# Mandatory: no
# Default:
# TLSServerCertSubject=
### Option: TLSCertFile
# Full pathname of a file containing the agent certificate or certificate chain.
#
# Mandatory: no
# Default:
# TLSCertFile=
### Option: TLSKeyFile
# Full pathname of a file containing the agent private key.
#
# Mandatory: no
# Default:
# TLSKeyFile=
### Option: TLSPSKIdentity
# Unique, case sensitive string used to identify the pre-shared key.
#
# Mandatory: no
# Default:
# TLSPSKIdentity=
### Option: TLSPSKFile
# Full pathname of a file containing the pre-shared key.
#
# Mandatory: no
# Default:
# TLSPSKFile=
####### For advanced users - TCP-related fine-tuning parameters #######
## Option: ListenBacklog
# The maximum number of pending connections in the queue. This parameter is passed to
# listen() function as argument 'backlog' (see "man listen").
#
# Mandatory: no
# Range: 0 - INT_MAX (depends on system, too large values may be silently truncated to implementation-specified maximum)