Zabbix的通知功能以及自定义脚本告警
本节内容:[*]Zabbix的通知功能
[*]定义接收告警的用户
[*]定义Action
[*]Zabbix自定义脚本发送报警邮件
一、Zabbix的通知功能
在配置好监控项和触发器之后,一旦正常工作中的某触发器状态发生改变,一般意味着有异常情况发生,此时通常需要采取一定的动作(action),如告警或者执行远程命令。 实现zabbix的通知功能,一般需要两个步骤:定义所需的“媒介”和配置一个”动作”。 媒介类型有:E-mail,SMS,Jabber和自定义的通知脚本。我这里就使用E-mail了。
1.定义媒介
登录zabbix web管理控制台,点击Administration—> Media types,可以看到有3个定义好了的媒介,不用这3个,点击右上角的”Create media type”。
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609134244200-2098865547.png
填写信息:
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609134333575-1337883202.png
二、定义接收告警的用户
1.创建用户组
(1)点击Administration—> User groups,点击右上角的Create user group。
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609134433247-598071276.png
(2)输入组名,点击Add。
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609134501887-1915122933.png
2.创建用户
(1)点击Administration—> Users,点击右上角的Create user。
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609134549387-1543372829.png
在User列填入个人信息:
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609134624575-1369161254.png
(2)点击Media,点击Add,选择媒介和接收邮件的时间等信息:
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609134653231-198396498.png
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609134712715-409997077.png
(3)点击Permissions,根据这个新添的用户给予合适的权限
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609134836418-2011615402.png
三、定义Action
点击Configuration—> Actions,点击右上角的Create action:
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609135247793-865144028.png
Action配置:
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609135427825-602890275.png
Conditions配置:
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609135501590-2077835740.png
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609135521887-1022626501.png
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609135547387-1030423687.png
四、Zabbix自定义脚本发送报警邮件
Zabbix发送报警邮件还可以采用自定义的脚本来发送。
1.Python脚本发邮件
(1)定义Media types
如下图,添加以下3个参数,分别对应sendEmail.sh脚本需要的3个参数:收件人地址、主题、详细内容。
{ALERT.SENDTO}
{ALERT.SUBJECT}
{ALERT.MESSAGE}
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609135746809-1742756988.png
【注意】: 很多人安装zabbix 3.0之后,写的脚本一直发信不成功,手动执行时可以的。那是因为zabbix3.0之后,可以自定义参数了。所以不写参数,它是不会传参数的。在2.x版本不存在这个问题,默认会传3个参数。脚本中可以使用$1, $2, $3来调用 action 中的 邮件的收件人, Default Subject, Default Message。
(2)定义Users的Media
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609135842465-1056380291.png
(3)python报警脚本
# cd /usr/local/zabbix-3.0.1/share/zabbix/alertscripts/
# vim zabbix_sendmail.py
https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gifhttps://images.cnblogs.com/OutliningIndicators/ExpandedBlockStart.gif
#!/usr/bin/python
#
coding:utf-8
import smtplib
from email.mime.text import MIMEText
import sys
# 邮箱服务器地址
mail_host = 'smtp.exmail.qq.com'
# 邮箱用户名
mail_user = '01115004@wisedu.com'
# 邮箱密码
mail_pass = 'zjk230640'
mail_postfix = 'wisedu.com'
def send_mail(to_list,subject,content):
me = mail_user+"<"+mail_user+"@"+mail_postfix+">"
msg = MIMEText(content)
msg['Subject'] = subject
msg['From'] = me
msg['to'] = to_list
try:
s = smtplib.SMTP()
s.connect(mail_host)
s.login(mail_user,mail_pass)
s.sendmail(me,to_list,msg.as_string())
s.close()
return True
except Exception,e:
print str(e)
return False
if __name__ == "__main__":
send_mail(sys.argv, sys.argv, sys.argv)
Python报警脚本 修改脚本权限:
# chmod +x zabbix_sendmail.py
#
chown -R zabbix.zabbix zabbix_sendmail.py
(4)修改zabbix_server配置
# vim /usr/local/zabbix-3.0.1/etc/zabbix_server.conf
添加如下配置:
### Option: AlertScriptsPath
AlertScriptsPath
=/usr/local/zabbix-3.0.1/share/zabbix/alertscripts
重启zabbix_server。
(5)配置Actions
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609140303559-533673773.png
【注意】:每触发一次Action,都会在Reports—>Action log看到记录:
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609140401247-1837408269.png
2.shell脚本发邮件
(1)先安装sendEmail
https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gifhttps://images.cnblogs.com/OutliningIndicators/ExpandedBlockStart.gif
# tar zxf sendEmail-v1.56.tar.gz
#
cp sendEmail-v1.56/sendEmail /usr/local/bin
安装sendEmail 将写好的脚本上传到/usr/local/zabbix-3.0.1/share/zabbix/alertscripts。这里为了业务需求,需要定制化发送邮件的内容,脚本内容如下:
https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gifhttps://images.cnblogs.com/OutliningIndicators/ExpandedBlockStart.gif
#!/bin/bash
###Description:This script is used to alarm.
###Written by: jkzhao
- jkzhao@wisedu.com
###History:
2016-08-10 Second>
###Modification: Please modify the variables host, user andpasswd.
# 获取默认的邮件接收者,邮件主题,邮件正文
to
=$1
subject
=$2
bodyOrgin
=$3
# 获取eventid
#eventid
=grep "event>
eventid=$(echo $bodyOrgin | grep "event>
echo "eventid:$eventid" > /tmp/test.txt
# shell调用存储过程,获取主键viewid,传入参数:eventid,输出:viewid
host
=172.16.9.112
user
=root
passwd=zabbix
database
=zabbix
viewid
=$(mysql -u${user} -p${passwd} -h${host} -D${database} -e "call generateAlertView($eventid,@result)" 2>/dev/null | awk 'NR>1')
echo "viewid:$viewid" >> /tmp/test.txt
group
=$(mysql -u${user} -p${passwd} -h${host} -D${database} -e "select alerts_view_group.group from alerts_view_group where viewid = $viewid" 2>/dev/null | awk 'NR>1')
echo "group:$group" >> /tmp/test.txt
body
=$bodyOrgin"; 影响业务: "$group
# 因为需要格式化发送邮件的内容,将拼接好的body信息写入文件中再做处理
echo $body | awk -F';' '{for(i=1;i<=NF;i++){print $i}}' > /tmp/messages.txt
# 将文件中出现的
^M删除掉
sed -i 's/\x0D//g' /tmp/messages.txt
# 删除以空格开头的行前面的空格
sed -i 's/^\s*//g' /tmp/messages.txt
# 由于zabbix无论是故障还是恢复都是要发邮件的,但是对于故障和恢复的邮件内容需要定制为不同的内容,因此需要先获取到是故障还是恢复
state
=$(echo $subject | awk -F: '{print $2}')
# 按照安心守护要求修改邮件正文内容
if [ $state == "PROBLEM" ]; then
sed -i 's/Trigger:/异常对象:/' /tmp/messages.txt
sed -i '/Trigger severity:/{h;d};/Item values:/{G}' /tmp/messages.txt
sed -i 's/Trigger severity:/异常等级:/' /tmp/messages.txt
sed -i 's/Item values:/异常原因:/' /tmp/messages.txt
sed -i '/Original event/d' /tmp/messages.txt
sed -i '/Trigger status:/d' /tmp/messages.txt
sed -i '$a发生时间: ' /tmp/messages.txt
sed -i "s/发生时间: /发生时间: $(date "+%Y-%m-%d %H:%M:%S")/" /tmp/messages.txt
# 把发生故障时的alertView插入alerts_view表
alertValue=$(grep "异常原因" /tmp/messages.txt | awk -F: 'BEGIN{ORS=""};{for(i=3;i<=NF;++i) {print $i}}')
echo "alertValue:$alertValue" >> /tmp/test.txt
mysql -u${user} -p${passwd} -h${host} -D${database} -e "UPDATE alerts_view set alertValue='${alertValue}' WHERE viewid = '${viewid}'" 2>/dev/null
sed -i 's/Warning/风险/' /tmp/messages.txt
sed -i 's/Disaster/宕机/' /tmp/messages.txt
else
sed -i 's/Trigger:/恢复对象:/' /tmp/messages.txt
sed -i 's/Item values:/恢复内容:/' /tmp/messages.txt
sed -i 's/影响业务/恢复业务/' /tmp/messages.txt
sed -i '/Original event/d' /tmp/messages.txt
sed -i '/Trigger status:/d' /tmp/messages.txt
sed -i '/Trigger severity:/d' /tmp/messages.txt
sed -i '$a发生时间: ' /tmp/messages.txt
sed -i "s/发生时间: /发生时间: $(date "+%Y-%m-%d %H:%M:%S")/" /tmp/messages.txt
fi
/usr/local/bin/sendEmail -f monitor@wisedu.com -t "$to" -s smtp.exmail.qq.com -u "$subject" -o message-content-type=text -o message-8 -o message-file=/tmp/messages.txt -xu monitor@wisedu.com -xp anxinshouhu@2015 2>>/tmp/22.log
shell脚本发送邮件 (2)添加Media types
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609140726231-1615383650.png
(3)给指定的用户添加Media
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609140759059-1464669271.png
(4)配置Actions,为了业务需求定制Default message
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609140827684-827438415.png
(5)邮件展示
故障邮件展示:
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609140911325-1468052989.png
故障恢复邮件展示:
https://images2015.cnblogs.com/blog/1132141/201706/1132141-20170609140930481-352081847.png
页:
[1]