Alarm Configuration
The need for alarm
Why should alarm?
What is the principle ZABBIX alerts?
Each zabbix trigger is identified by a unique trigger id, the time trigger condition is satisfied, zabbix generate events, such as CPU utilization for five minutes more than 90% is a condition that can define a trigger based on this condition. CPU usage data monitored item is called an item in terms of zabbix. Zabbix monitoring a large number of item, such as CPU, disk, network bandwidth, ping status, availability of web services, etc.
Trigger has cut only two states: OK and PROBLEM, OK represents the normal state, PROBLEM indicates a problem, beyond the predetermined threshold value, the trigger when the state changes, an event happened. Problem entered the state of the flip-flop is a zabbix problem
Event to a corresponding one of the action is called action, an action is a result of its operation, such as sending alarm information, remote operation, etc.
Alarm mode
ZABBIX alarm in the following ways:
-
e-mail
-
script
-
SMS
-
Jabber
-
This is mainly to explain the e-mail alerts and alarms micro letter (script warning)
# Detect whether mailx software has been installed, if the installation is skipped, the installation does not install mailx [root @ zabbix ~] # RPM -qa | grep mailx && echo " mailx already installed " || yum install mailx - the y- configuration mailx service, my alarm mail Tencent mail [root @ zabbix ~] # vim / etc / Mail.rc # set the alarm zabbix Outbox, configuration smtp domain the sET from = = mailbox name smtp smtp.exmail.qq.com # zabbix alarm Outbox login user name and password sET SMTP -auth-user mailbox name = smtp-auth-password = mail password # Outbox will alert zabbix set to automatically log in sET SMTP -auth = login [zabbix the root @ ~] # echo "the Test " | mail -s " zabbix " Inbox // test whether the normal e-mail to send a message, if you can show that you would normally send mail configuration no problem, you can continue to the next step
My alarm media type configuration is as follows
Name: Email
Type: E-mail
SMTP server: smtp.exmail.qq.com
SMTP server port: 465
SMTP the HELO: exmail.qq.com.cn
Configure the alarm message recipients
Configuration actions
Zabbix clones carrying action, and then edit
Fault alarm: {TRIGGER.NAME}
trap host: {HOST.NAME}
alert time: {EVENT.DATE} {EVENT.TIME}
Alarm Level: {TRIGGER.SEVERITY}
alarm information: {TRIGGER.NAME}
Alarm items: {TRIGGER .KEY}
problem details: {iTEM.NAME}: {ITEM.VALUE}
current status: {TRIGGER.STATUS}: {ITEM.VALUE1}
Configuring the recovery operation and configuration procedure is the same as
告警主机:{HOST.NAME}
主机IP地址:{HOST.IP}
恢复时间:{EVENT.RECOVERY.DATE} {EVENT.RECOVERY.TIME}
告警等级:{TRIGGER.SEVERITY}
告警信息:{TRIGGER.NAME}
告警项目:{TRIGGER.KEY}
问题详情:{ITEM.NAME}:{ITEM.VALUE}
当前状态:{TRIGGER.STATUS}:{ITEM.VALUE1}
测试邮件告警
修改触发器的触发条件,即可完成测试
企业微信告警
企业微信web端配置
注册企业微信账号或使用公司的企业微信账号,并创建应用
主要流程如下:
1.创建微信用户成员。
2.创建应用,这是关键,企业微信创建的应用ID为1000002
3.创建应用管理组,添加组成员(也就是设置哪些用户可以接收到报警的通知信息)。
4.创建成功后需要获取到以下信息:CropID 和Secret 当然还包括创建的用户信息。
申请企业微信,创建对应的组成员这些就不介绍了,按照注册向导创建即可,主要写下创建应用获取应用Secret 和CorpID
企业微信配置
创建应用并获取Agentld和Secret
获取Agentld和secert
获取部门ID
#ZABBIX脚本配置 #找到放置告警脚本的目录 [root@zabbix ~]# find / -name alertscripts /usr/lib/zabbix/alertscripts #进入目录配置脚本 [root@zabbix ~]# cd /usr/lib/zabbix/alertscripts [root@zabbix alertscripts]# vim weixin.sh #!/bin/bash # @Date: 2019-09-26 21:05:59 # @Author: zhangcheng (3359957053@qq.com) # @Description: 微信告警脚本 ##################################### #填写企业ID CropID='wx9ac8f9478320ea89 ' #应用的secret,下面的GURL和PURL 地址无需变动 Secret='qUwDxMnL73w0VAR807O0X57KAaI7GJ4YP_RFau5quEI' GURL="https://qyapi.weixin.qq.com/cgi-bin/gettoken?corpid=$CropID&corpsecret=$Secret" Gtoken=$(/usr/bin/curl -s -G $GURL | awk -F\" '{print $10}') PURL="https://qyapi.weixin.qq.com/cgi-bin/message/send?access_token=$Gtoken" function body() { #这里是创建的应用ID local int AppID=1000002 #接收消息用户,系统传参 local UserID=$1 #接收消息的部门ID local PartyID=2 local Msg=$(echo "$@" | cut -d" " -f3-) printf '{\n' printf '\t"touser": "'"$UserID"\"",\n" printf '\t"toparty": "'"$PartyID"\"",\n" printf '\t"msgtype": "text",\n' printf '\t"agentid": "'" $AppID "\"",\n" printf '\t"text": {\n' printf '\t\t"content": "'"$Msg"\""\n" printf '\t},\n' printf '\t"safe":"0"\n' printf '}\n' } /usr/bin/curl --data-ascii "$(body $1 $2 $3)" $PURL #脚本权限配置 [root@zabbix alertscripts]# chown zabbix.zabbix weixin.sh [root@zabbix alertscripts]# chmod -v +x weixin.sh
web端配置
这里的设置和邮件告警的步骤基本相同了,创建【动作】、【示警媒介】、【接收消息的用户】
脚本传参: {ALERT.SENDTO} {ALERT.SUBJECT} {ALERT.MESSAGE}
用户这里添加需要增加用户的示警媒介【管理】-【用户】-选择对应的用户-【示警媒介】添加的收件人 则为企业微信中的账号
配置action
告警动作
服务器:{HOST.NAME}出现故障!\n
主机:{HOSTNAME1}\n
IP地址:{HOST.IP}\n
时间:{EVENT.DATE} {EVENT.TIME}\n
等级:{TRIGGER.SEVERITY}\n
信息: {TRIGGER.NAME}\n
项目:{TRIGGER.KEY1}\n
详情:{ITEM.NAME}:{ITEM.VALUE}\n
状态:{TRIGGER.STATUS}:{ITEM.VALUE1}\n
事件ID:{EVENT.ID}\n
注意:恢复信息中 时间:{EVENT.DATE} {EVENT.TIME}\n 要修改为 时间:{EVENT.RECOVERY.DATE} {EVENT.RECOVERY.TIME}\n 否则不能获取到正确的恢复时间。
测试告警,和邮件告警一样