Duration: 3 days (24 hours total)
Focus: Scaling, distributed monitoring, performance tuning, automation, advanced triggers, custom scripts, API usage, HA, security hardening, and deep database analytics.
Day 1 – Scaling & Distributed Architecture
Chapter 1 – Advanced Architecture
What changes when Zabbix grows. Internal queues, pollers, internal processes, buffer handling, heavy mode, unreachable checks, data flow under load.
Chapter 2 – Proxies Deep Dive
Passive vs active proxy behavior, caching logic, DB writing mechanics, proxy performance tuning, troubleshooting delayed data.
Chapter 3 – High Availability (HA)
Corosync/Pacemaker patterns, Zabbix server + DB HA, shared storage, virtual IP failover, avoiding split-brain conditions.
Chapter 4 – Database Optimization
MySQL/PostgreSQL tuning: buffer pools, query_cache, WAL settings, partitioning history tables, purging strategy, optimizing slow queries.
Chapter 5 – Caching & Internal Processes
Value cache, configuration cache, prestored IDs, trend functions, queue size interpretation, handling overloaded pollers/trappers.
Day 2 – Advanced Monitoring Logic & Automation
Chapter 6 – Advanced Items
Low-level discovery (LLD) for filesystems, network interfaces, services. Complex preprocessing pipelines (regex, JSONPath, XML, JS).
Chapter 7 – Advanced Triggers
Trigger functions, multiple item dependencies, recovery expressions, event correlation, symmetric and asymmetric conditions, maintenance-aware logic.
Chapter 8 – Actions & Escalations
Complex multi-step escalations, conditional branching, throttling, maintenance windows, tagging-based routing.
Chapter 9 – Scripts, External Checks & UserParameters
Custom shell/Python scripts, execution environments, safe paths, performance constraints, data validation.
Chapter 10 – Web Monitoring
HTTP probes, content checks, form login, session cookies, error patterns, multi-step scenarios with authentication.
Chapter 11 – API Automation
Creating hosts, mass operations, templating, provisioning, integrations with GitLab/Ansible/CI pipelines. Token security best practices.
Day 3 – Security, Hardening, Alerting, and Deep Troubleshooting
Chapter 12 – Security Hardening
Frontend/IP restrictions, DB credential minimization, encryption between proxies and agents, secret rotation, log sanitization.
Chapter 13 – Alert Channels
Webhook automation, custom JSON payloads, Slack/Teams/Telegram integration, error handling for failed sends.
Chapter 14 – Performance Auditing
Analyzing internal queues, process busy percentages, housekeeping optimization, database slow logs, poller starvation diagnosis.
Chapter 15 – Distributed Monitoring
Remote sites, firewalled networks, VPN, proxies in chained topology, multi-proxy routing issues.
Chapter 16 – Log Collection & Parsing
Centralizing logs, preprocessing pipelines, structured log parsing, binary log monitoring.
Chapter 17 – Disaster Recovery & Backup
Full + partial backups (configuration, database, history), snapshot strategy, restore procedures, Zabbix server rebuild logic.
Chapter 18 – Troubleshooting Workshop
Real-world patterns: unreachable hosts, corrupted proxy DB, poller overload, mass delays, configuration sync issues, missing LLD.