Open source products can mirror more expensive technology with some ingenuity
December 01, 2015

Open source products can mirror more expensive technology with some ingenuity

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Zabbix

Zabbix is a preferred option for our organization based on its open-source nature and versatile functionality. The Zabbix sender and trap features allow us to set up adhoc alerts based on specific criteria, such as log grepping for error frequency. We also use Logstash in tandem with Zabbix to generate alerts based on Logstash queries.
  • Zabbix is capable of true customization. I personally recommend starting with a narrow scope, and broadening Zabbix to monitor more granular activities. Doing a bulk discovery and mass deploying alerts will cause a lot of false positives which are not actionable initially, so it can be a struggle to sift through the noise and find the alerts you really want to act on.
  • Zabbix is easy to deploy, and has a robust feature set.
  • Zabbix is easy to link up to services like PagerDuty, which are beneficial for on-call engineers.
  • Zabbix could benefit from integrating with Logstash in a more formalized way. Utilizing these two open-source services compares to the much more expensive Splunk.
  • I think it's important to deploy Zabbix to core systems first, then build more granular monitoring as false alarms are minimized. If you mass deploy Zabbix to all servers with very granular alert thresholds, you will have a hard time sifting through all the noise to get to the actionable alerts you really wanted to see.
  • Zabbix has helped our NOC team become the center for service configuration management. The mantra has become "if it is not monitored, it does not exist."
  • Zabbix has helped train our NOC team to be responsive, and understand the threat levels of varying alerts.
  • Zabbix is robust. Often times you might turn on the Zabbix agent and immediately get alerted to high disk usage when certain processes are running, or a low % of disk volume is available. Having this feedback in real time is crucial for maintaining dozens of servers per sysAdmin.
I have had feedback that Splunk is a more out-of-the-box solution. With some fine tuning, it is possible to get the same robust functionality from a Logstash and Zabbix integration. The setup is more taxing, but you avoid paying the costly Splunk fees. So it all really depends on the organizations goals and how they currently invest in monitoring.
Amazon Elastic Compute Cloud (EC2), CallFire, Zendesk
Zabbix is best suited for companies keeping the open-source mindset. If you're on a budget and want a robust and customizable monitoring system, Zabbix is a winner. Using Zabbix in tandem with Logstash (also open-source) and PagerDuty (nominal monthly fee) can open the potential and real-time alerting capability which will help responsiveness of network operations center (NOC) team members.