Skip to content

vizion8-dan/pfsense-zabbix-template

 
 

Repository files navigation

Buy Me A Coffee

pfSense Zabbix Template

This is a pfSense active template for Zabbix, based on Standard Agent and a php script using pfSense functions library for monitoring specific data.

Tested with pfSense 2.4.x and Zabbix 4.0

What it does

Template pfSense Active

  • Network interface Discovery and Monitoring with User Assigned Names
  • Gateway Discovery and Monitoring (Gateway Status/RTT)
  • OpenVPN Server Discovery and Monitoring (Server Status/Tunnel Status)
  • OpenVPN Clients Discovery and Monitoring (Client Status/Tunnel Status)
  • CARP Monitoring (Global CARP State)
  • Basic Service Discovery and Monitoring (Service Status)
  • pfSense Version/Update Available

Template pfSense Active: OpenVPN Server User Auth

  • Discovery of OpenVPN Clients connected to OpenVPN Servers in user auth mode
  • Monitoring of Client Parameters (Bytes sent/received, Connection Time...)

Configuration

First copy the file pfsense_zbx.php to your pfsense box (e.g. to /root/scripts).

For example, from pfSense shell:

mkdir /root/scripts
curl -o /root/scripts/pfsense_zbx.php https://raw.githubusercontent.com/rbicelli/pfsense-zabbix-template/master/pfsense_zbx.php

Then install package "Zabbix Agent 4" on your pfSense Box

In Advanced Features-> User Parameters

AllowRoot=1
UserParameter=pfsense.states.max,grep "limit states" /tmp/rules.limits | cut -f4 -d ' '
UserParameter=pfsense.states.current,grep "current entries" /tmp/pfctl_si_out | tr -s ' ' | cut -f4 -d ' '
UserParameter=pfsense.mbuf.current,netstat -m | grep "mbuf clusters" | cut -f1 -d ' ' | cut -d '/' -f1
UserParameter=pfsense.mbuf.cache,netstat -m | grep "mbuf clusters" | cut -f1 -d ' ' | cut -d '/' -f2
UserParameter=pfsense.mbuf.max,netstat -m | grep "mbuf clusters" | cut -f1 -d ' ' | cut -d '/' -f4
UserParameter=pfsense.discovery[*],/usr/local/bin/php /root/scripts/pfsense_zbx.php discovery $1
UserParameter=pfsense.value[*],/usr/local/bin/php /root/scripts/pfsense_zbx.php $1 $2 $3

Please note that AllowRoot=1 option is required in order to execute correctly OpenVPN checks and others.

Also increase the Timeout value at least to 5, otherwise some checks will fail.

Then import xml templates in Zabbix and add your pfSense hosts.

If you are running a redundant CARP setup you should adjust the macro {#EXPECTED_CARP_STATUS} to a value representing what is CARP expected status on monitored box.

Possible values are:

  • 0: Disabled
  • 1: Master
  • 2: Backup

This is useful when monitoring services which could stay stopped on CARP Backup Member.

Credits

Keenton Zabbix Template for Zabbix Agent freeBSD part.

About

Zabbix Template for pfSense

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • PHP 100.0%