This is a pfSense active template for Zabbix, based on Standard Agent and a php script using pfSense functions library for monitoring specific data.
Tested with pfSense 2.4.x and Zabbix 4.0
Template pfSense Active
- Network interface Discovery and Monitoring with User Assigned Names
- Gateway Discovery and Monitoring (Gateway Status/RTT)
- OpenVPN Server Discovery and Monitoring (Server Status/Tunnel Status)
- OpenVPN Clients Discovery and Monitoring (Client Status/Tunnel Status)
- CARP Monitoring (Global CARP State)
- Basic Service Discovery and Monitoring (Service Status)
- pfSense Version/Update Available
Template pfSense Active: OpenVPN Server User Auth
- Discovery of OpenVPN Clients connected to OpenVPN Servers in user auth mode
- Monitoring of Client Parameters (Bytes sent/received, Connection Time...)
First copy the file pfsense_zbx.php to your pfsense box (e.g. to /root/scripts).
For example, from pfSense shell:
mkdir /root/scripts
curl -o /root/scripts/pfsense_zbx.php https://raw.githubusercontent.com/rbicelli/pfsense-zabbix-template/master/pfsense_zbx.php
Then install package "Zabbix Agent 4" on your pfSense Box
In Advanced Features-> User Parameters
AllowRoot=1
UserParameter=pfsense.states.max,grep "limit states" /tmp/rules.limits | cut -f4 -d ' '
UserParameter=pfsense.states.current,grep "current entries" /tmp/pfctl_si_out | tr -s ' ' | cut -f4 -d ' '
UserParameter=pfsense.mbuf.current,netstat -m | grep "mbuf clusters" | cut -f1 -d ' ' | cut -d '/' -f1
UserParameter=pfsense.mbuf.cache,netstat -m | grep "mbuf clusters" | cut -f1 -d ' ' | cut -d '/' -f2
UserParameter=pfsense.mbuf.max,netstat -m | grep "mbuf clusters" | cut -f1 -d ' ' | cut -d '/' -f4
UserParameter=pfsense.discovery[*],/usr/local/bin/php /root/scripts/pfsense_zbx.php discovery $1
UserParameter=pfsense.value[*],/usr/local/bin/php /root/scripts/pfsense_zbx.php $1 $2 $3
Please note that AllowRoot=1 option is required in order to execute correctly OpenVPN checks and others.
Also increase the Timeout value at least to 5, otherwise some checks will fail.
Then import xml templates in Zabbix and add your pfSense hosts.
If you are running a redundant CARP setup you should adjust the macro {#EXPECTED_CARP_STATUS} to a value representing what is CARP expected status on monitored box.
Possible values are:
- 0: Disabled
- 1: Master
- 2: Backup
This is useful when monitoring services which could stay stopped on CARP Backup Member.
Keenton Zabbix Template for Zabbix Agent freeBSD part.