Skip to main content

Zabbix integration

Zabbix is an open source Monitoring software for monitoring your networks, servers, and other infrastructure components. BitNinja finally has integration for this amazing tool. So you can connect your BitNinja agents to Zabbix and have every monitoring in one place.

note

This is available in BitNinja version 2.38.9 and newer.

Setting up the integration

  1. In the /etc/bitninja/System/config.ini file, you need to set up the following parameters.

    [statistics] ; Allows the user specified by "allowedUser" to access statistics enableIntegration = 1 allowedUser = 'zabbix'

  2. Restart BitNinja on the server so the changes take effect. Issue the command: service bitninja restart

  3. Save the following script to any location on the server as bitninja-metrics.py.

#!/usr/bin/env python

import json
import os

cmd = "/usr/sbin/bitninjacli --stats --minify"

stream = os.popen("sudo " + cmd)
result = stream.readlines()
firstLine = result[0]
startIndex = firstLine.find('{')
if startIndex >= 0:
        print(firstLine[startIndex::].replace("\n", ""))

  1. Add the script as a user parameter at the recommended path. /etc/zabbix/zabbix_agentd.d/userparameter_bitninja.conf

    UserParameter=bitninja.metrics,<path_to_script>/bitninja-metrics.py

  2. Restart the Zabbix agent with service zabbix-agent restart

    Alternatively, you can also use this command: zabbix_agentd -R userparameter_reload This latter will reload the user parameters in runtime.

Test the parameter with the following command:

zabbix_agentd -t bitninja.metrics -c /etc/zabbix/zabbix_agentd.conf

Example for a valid output:

        bitninja.metrics                              [t|{"ipsetSizes":{"heimdall-greylist":755777,"heimdall-blacklist":53886,"heimdall-blacklist-net":0,"heimdall-essentiallist":14207,"heimdall-whitelist-net":10083904,"heimdall-user-blacklist":2,"heimdall-user-whitelist":26,"heimdall-user-blacklist-net":56320,"heimdall-user-whitelist-net":0,"bitninja-local-incident":2,"heimdall6-greylist":0,"heimdall6-blacklist":0,"heimdall6-blacklist-net":0,"heimdall6-essentiallist":0,"heimdall6-whitelist-net":0,"heimdall6-user-blacklist":0,"heimdall6-user-whitelist":0,"heimdall6-user-blacklist-net":0,"heimdall6-user-whitelist-net":0,"bitninja6-local-incident":0},"incidents":null,"quarantineDirSizeMbs":"1"}]

  1. If that's done, then our work on the BitNinja server is done, and we have to move on to the Zabbix server.

    The user parameter needs to be added to the server as well. In-detail guide on Zabbix' documentation page.

    • Go to Configuration → Hosts
    • Click on Items in the row of the host
    • Click on Create an item

    There is also an option to use a template.

    • Go to Configuration → Templates
    • Click on Import
    • Click on Choose file

    Yaml template file for Zabbix download.