Monitoring Proxmox VE using Zabbix Agent

Last Updated on January 1, 2023 by Thiago Crepaldi

From previous posts, we have deployed Zabbix Server on a Proxmox container. We also hardened the installation through Let’s Encrypt certificates for the web frontend and TLS encryption for the communication between Server and Agents/Proxies, after all, although encrypted Zabbix Server <-> Agent/Proxy communication with PSK or SSL certificates 🙂

In this post I will cover how to monitor a Proxmox Virtual Environment (PVE) using Zabbix Agent template. Templates are great because they already pack a bunch of monitoring items, actions, triggers, etc that we would have to add one by one otherwise. Using template is smart because when we need to make changes, we just do it in the template and all hosts that use them will see the new settings. On a manual setup, you would have to make the change in each host, one by one…

This post assumes you already installed and configured your Zabbix Agent, but if you didn’t, refer to How to install and configure Zabbix agent and resume from here when you are done.

Configuring Proxmox VE

In order to allow the Zabbix Server to monitor Proxmox VE, we need to create an user, a Token ID and set some permissions to them.

After logging in to your Proxmox VE, navigate to Server View >> Datacenter followed by submenu Permissions >> User and click on Add

• User name: zabbix
• Realm: Linux PAM
• Group: empty
• Expire: never
• Enabled: checked
• First Name: be creative
• Last Name: keep creative
• E-mail: less creative, maybe an actual valid email for a possible notification
• Comment: be creative
• Key ID: leave empty

Click on Add to create the user. Next go to Permissions >> API Tokens and click on Add:

• User: Select the just created user
• Token ID: Identifier name without space and special characters (e.g. ZabbixMonitoring01)
• Privilege separation: checked
• Expire: never
• Comments: be creative

Create the Token by clicking Add. Once you do that, a dialog will be shown with Token ID and Secret. Take note of them because they won’t be shown again!

Lastly, let’s create some permissions binding the user and token created to actual resources on the Proxmox by clicking on Permissions submenu followed by Add >> API Token permission:

• Path: /
• API Token: Select the token just created
• Role: PVEAuditor
• Propagate: checked

Click on Add to complete, and create a new permission again:

• Path: /nodes/<your_proxmox_node>
• API Token: Select the token just created
• Role: PVEAuditor
• Propagate: checked

Click on Add to complete, and create a new permission again:

• Path: /vms
• API Token: Select the token just created
• Role: PVEAuditor
• Propagate: checked

Click on Add to complete.

Configuring Zabbix Server through Web UI

Go to Configuration >> Hosts and select your agent with Proxmox VE running. When the configuration dialog open, the Host tab should be the default one. Look for the Templates section. In the text box, type “Proxmox” and select the “Proxmox VE by HTTP” in the search result. This will link the template to your agent.

The last step is setting the Proxmox API token information in the plugin so that it can connect to the server and fetch metadata. Click on Macros tab. We will need to add 2 macros related to credentials. Click on Add and fill in the new row as follow:

• Macro: {$PVE.TOKEN.ID}
• Value: Type your Token ID
• Description: A helpful description or leave it empty

Click on Add again

• Macro: {$PVE.TOKEN.SECRET}
• Value: Type your Token password
• Description: A helpful description or leave it empty

That is it, let’s try it. Go to Monitoring >> Latest data. In the filter section, type the name of your Proxmox server in the Hosts box, Proxmox in the Name box and finally hit Apply. A list of items should be displayed for it, such as Proxmox: API service status, etc

That is it, have fun!