Zabbix integration
Zabbix is an open source Monitoring software for monitoring your networks, servers, and other infrastructure components. BitNinja finally has integration for this amazing tool. So you can connect your BitNinja agents to Zabbix and have every monitoring in one place.
This is available in BitNinja version 2.38.9 and newer.
Setting up the integration
-
In the
/etc/bitninja/System/config.ini
file, you need to set up the following parameters.[statistics] ; Allows the user specified by "allowedUser" to access statistics enableIntegration = 1 allowedUser = 'zabbix'
-
Restart BitNinja on the server so the changes take effect. Issue the command:
service bitninja restart
-
Save the following script to any location on the server as
bitninja-metrics.py
.
#!/usr/bin/env python
import json
import os
cmd = "/usr/sbin/bitninjacli --stats --minify"
stream = os.popen("sudo " + cmd)
result = stream.readlines()
firstLine = result[0]
startIndex = firstLine.find('{')
if startIndex >= 0:
print(firstLine[startIndex::].replace("\n", ""))
-
Add the script as a user parameter at the recommended path.
/etc/zabbix/zabbix_agentd.d/userparameter_bitninja.conf
UserParameter=bitninja.metrics,<path_to_script>/bitninja-metrics.py
-
Restart the Zabbix agent with
service zabbix-agent restart
Alternatively, you can also use this command:
zabbix_agentd -R userparameter_reload
This latter will reload the user parameters in runtime.
Test the parameter with the following command:
zabbix_agentd -t bitninja.metrics -c /etc/zabbix/zabbix_agentd.conf
Example for a valid output:
bitninja.metrics [t|{"ipsetSizes":{"heimdall-greylist":755777,"heimdall-blacklist":53886,"heimdall-blacklist-net":0,"heimdall-essentiallist":14207,"heimdall-whitelist-net":10083904,"heimdall-user-blacklist":2,"heimdall-user-whitelist":26,"heimdall-user-blacklist-net":56320,"heimdall-user-whitelist-net":0,"bitninja-local-incident":2,"heimdall6-greylist":0,"heimdall6-blacklist":0,"heimdall6-blacklist-net":0,"heimdall6-essentiallist":0,"heimdall6-whitelist-net":0,"heimdall6-user-blacklist":0,"heimdall6-user-whitelist":0,"heimdall6-user-blacklist-net":0,"heimdall6-user-whitelist-net":0,"bitninja6-local-incident":0},"incidents":null,"quarantineDirSizeMbs":"1"}]
-
If that's done, then our work on the BitNinja server is done, and we have to move on to the Zabbix server.
The user parameter needs to be added to the server as well. In-detail guide on Zabbix' documentation page.
- Go to Configuration → Hosts
- Click on Items in the row of the host
- Click on Create an item
There is also an option to use a template.
- Go to Configuration → Templates
- Click on Import
- Click on Choose file