Install Zabbix 4 on Ubuntu 18.04

Zabbix 4 is out, so I decided to take it for a spin. In this tutorial, we will go through the installation process of Zabbix 4 on a brand new Ubuntu 18.04 installation

Prepare the system

Login to your Ubuntu server, and sudo to root. Zabbix depends on a number of other components, like apache, php and mysql or postgres database. In this tutorial we will install the mysql version of Zabbix, using MariaDB as database.

Lets start with the basics, following a clean installation of Ubuntu 18.04 server, go ahead and run apt update, upgrade and install apache along with the php components required for zabbix. At the time of writing, the php version installed is 7.2. If a different version is installed you might need to adjust some of the commands accordingly. However please note that this tutorial assumes PHP 7.2. Installing other versions might lead to errors or failures which are not covered here.

#apt update 
#apt -y upgrade
#apt install -y apache2
#apt-get -y install php php-pear php-cgi php-common libapache2-mod-php php-mbstring php-net-socket php-gd php-xml-util php-mysql php-gettext php-bcmath

Next enable the PHP CGI Module

# sudo  a2enconf php7.2-cgi

The above command should return

Enabling conf php7.2-cgi.
To activate the new configuration, you need to run:
systemctl reload apache2

If it doesn’t, check which php version was installed using php -v

#php -v
PHP 7.2.10-0ubuntu0.18.04.1 (cli) (built: Sep 13 2018 13:45:02) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies with Zend OPcache v7.2.10-0ubuntu0.18.04.1, Copyright (c) 1999-2018, by Zend Technologies

Depending on the version installed, run a2enconf phpx.x-cgi. Next adjust the timezone in your php.ini file. Remember to adjust the 7.2 in the path if you installed a different version. We will use sed in this case to change the timezone in /etc/php/7.2/apache2/php.ini.

#sed -i "s/^;date.timezone =$/date.timezone = \"Europe\/Berlin\"/" /etc/php/7.2/apache2/php.ini

It is always good practice to secure the apache web server, especially if this machine will be accessible over the web. Let’s set the ServerTokens to Prod and ServerSignature to Off.

#sed -i "s/^ServerTokens OS$/ServerTokens Prod/" /etc/apache2/conf-enabled/security.conf

#sed -i "s/^ServerSignature On$/ServerSignature Off/" /etc/apache2/conf-enabled/security.conf

The above commands will limit the amount of information the apache web server will divulge about itself.

Open /etc/apache2/apache2.conf using vi or your editor of choice and add the line


adjusting accordingly. Restart the apache server to ensure we have no configuration errors so far.

#systemctl restart apache2

If apache reports any errors, run the command journalctl -xe for clues about what went wrong. It is also always a good idea to backup any configuration files you touch before you edit them, in case you need to roll back.

Secure the system

If you intend to use the machine on the web, I highly recommend you install ufw, and add ports 80, 433, 22, 10050 and 10051 to the allowed ports.

#ufw allow http
#ufw allow https
#ufw allow ssh
#ufw enable
#ufw allow proto tcp from any to any port 10050,10051

Install MariaDB Server

Next we will install the MariaDB server

#apt-get install mariadb-server

This might take a while, when its done, run mysql_secure_installation, and set a secure root password, remove anonymous users, remove remote root access, and remove the test database.

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on…
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
… Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] Y
… Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y
… Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y
Dropping test database…
… Success!
Removing privileges on test database…
… Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y
… Success!
Cleaning up…
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!

Once this is done, the next step is to create a database user for zabbix, with a secure password. Make sure your strong password does not include ” as a character, since this will cause confusion in the export command.

#export db_pass="A STRONG PASSWORD HERE" 
#mysql -uroot -p <<MYSQL_SCRIPT create database zabbix; grant all privileges on zabbix.* to zabbix@'localhost' identified by '${db_pass}'; FLUSH PRIVILEGES; MYSQL_SCRIPT

The database will ask you for a password. Use the root password you set in the mysql_secure_installation

Install Zabbix 4

We will start by adding the appropriate zabbix repo


#dpkg -i zabbix-release_4.0-2+bionic_all.deb

Next run sudo apt update, and install zabbix 4 server with MySQL extensions

#apt update
#apt -y install zabbix-server-mysql zabbix-frontend-php zabbix-agent

Setup Database Shema

The next step is create the database schema for zabbix. Import /usr/share/doc/zabbix-server-mysql/create.sql.gz to the database we created previously.

#zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql -uzabbix -p zabbix

Enter the strong password you created for the zabbix mysql user when prompted. This operation can take a few seconds depending on the machine the server is running on, so please be patient. You might also get the following error :

ERROR 1071 (42000) at line 165: Specified key was too long; max key length is 767 bytes

If you do follow these steps

  • open the mysql client using user root
#mysql -uroot -p
  • Enter the root mysql password when prompted.
  • At the mysql prompt drop the database we created earlier, and re-create it with the extra parameters using
  • DROP DATABASE IF EXISTS zabbix; #This will delete the database
  • CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci; #This will create the database with a default character set utf8 and a default collate of utf8_general_ci
MariaDB [(none)]> DROP DATABASE IF EXISTS zabbix;
Query OK, 11 rows affected (0.34 sec)

MariaDB [(none)]> CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
Query OK, 1 row affected (0.00 sec)

Exit the mysql client, and re-run the zcat command

#zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql -uzabbix -p zabbix

Enter the zabbix sql user password when prompted, and allow a couple of minutes for the command to run. The script is a long one, so it might take a while to run especially on slower machines.

Configure the Zabbix Server

Open the configuration file /etc/zabbix/zabbix_server.conf using your favourite editor, and edit the following lines :

DBPassword=The password you set for the sql zabbix user

Save your changes, restart and enable the zabbix server

#systemctl restart zabbix-server
#systemctl enable zabbix-server

Open the file /etc/apache2/conf-enabled/zabbix.conf find the line php_value date.timezone, uncomment it, if it is commented, and edit it accordingly.

Next configure the zabbix agent on the local machine (/etc/zabbix/zabbix_agentd.conf)

vim /etc/zabbix/zabbix_agentd.conf

Locate the line containing Hostname=Zabbix Server and change it accordingly. Save your changes and restart the apache2 server

Initial Zabbix server setup

We are nearly done !!

Go to “http://(Zabbix Server hostname or Zabbix Server IP address)/zabbix/”  to begin Zabbix initial setup.

Use the Username: Admin, Password: zabbix. Username and Password are case sensitive. Admin starts with a capital “A”.

Follow the setup screens :

[metaslider id=1368 cssclass=” alignnormal”]

And that’s it. The next thing to do is change the default Admin password, and then proceed to add hosts accordingly.

Hope you found this tutorial useful. Drop me a line if I have left out anything, or you encounter any issues… Happy monitoring 🙂

Leave a reply:

Your email address will not be published.

Site Footer