Host group --> Host --> Application --> Item --> Trigger (OK-->PROBLEM, trigger event) --> Action(Conditon+Operation(Send Message,Remote Command))

Send Message:

Media:

Email、SMS、Jabber、Script、EZ Texting

给出具体实现:

User groups --> User (Media)

示例中:node2.smoke.com -- Traffic --> Inboud traffic, Outbound traffic --> trigger (inboud)

Zabbix常用术语:

Item Key

Escalation

Template

Web Scennario

Zabbix服务器进程:

housekeeper,alter,discoverer,httppoller,Poller,Pinger,db_config_syncer,timer,escaltor

Item key:

命名要求:只能使用字母、数字、下划线、点号、连接符

接受参数:system.cpu.load[<cpu>,<mode>], net.if.inboud[if,<mode>]

  注意:每个key背后都应该有一个命令或脚本来负责实现数据收集,此命令或脚本可调用传递给key的参数,调用方式为$1, $2,...

    官方文档:https://www.zabbix.com/documentation/2.0/manual/config/items/itemtypes/zabbix_agent

  在zabbix中定义item时调用某key,还需要额外定义数据采集频率、历史数据的保存时长等;

Trigger:

触发器表达式:{<Server>:<key>.<funcation>(<parameter>)}<operator><constant>

  {node2.smoke.com:net.if.in[eth0,bytes].last(#1)}> 1200

  <funcation>:评估采集到的数据是否在合理范围内时所使用的函数,其评估过程可以根据采集到的数据、当前时间或其他因素;

    avg, count, change, date, dayofweek, dayofmonth, delta, diff, iregexp, regexp, last, max, min, nodata, now, str, strlen, sum

      regexp:检查最近一次采样的数据是否能够被指定的模式所匹配,1表示匹配,0表示不匹配;

      now:返回自Unix元年此刺客经历的秒数;

      prev:倒数第二个采样值;

      str:从最后一次的采样中查找此处指定的子串;

      strlen:

  <parameter>:

    >, <, =, #(不等于)

    /, =, -, +

    &, |

Action:

message

condition

event:

trigger

discover:

Service up, Service Down, Host up, Host Down, Service Discovered, Service Lost, Host Discovered, Host Lost

auto_registration

lld

operation

send message

Media Type

Email, SMS, Jabber, Script, EZ Texting

User

remote command

(1) 给zabbix定义sudo规则:

zabbix ALL=(ALL) ALL
(2) 不支持active模式的agent;

(3) 不支持代理模式;

(4) 命令长度不得超过255个字符;

(5) 可以使用宏

(6) zabbix-server仅执行命令,而不关心命令是否执行成功;

前提:zabbix-agent要配置为支持执行远程命令;

EnableRemoteCommands=1

注意:

(1) 如果用到以其他用户身份执行命令的虎,那么命令本身要以sudo方式运行;

sudo /etc/rc.d/init.d/httpd/ restart

(2)在各agent上的sudoers文件,要注释入如下行:

#Defaults requiretty

Script:Alert Script

放置特定目录中:AlertScriptsPath=/usr/lib/zabbix/alertscripts

zabbix_server.conf配置文件中的参数;

脚本中可使用$1,$2,$3来调用action中的邮寄的收件人,Default Subject, Default Message;

注意:新放入此目录中的脚本,只有重启zabbix-server才能被使用;

 

点击Monitoring -- Events,Group选择test group,Host选择node2,Source选择Trigger;

通过脚本发送邮件:

node1:zabbix-server

[root@node1 ~]# mail
Heirloom Mail version 12.4 7/29/08.  Type ? for help.
"/var/spool/mail/root": 4 messages 2 new 4 unread
 U  1 zabbix@node1.smoke.c  Mon Jul  1 11:07  29/908   "OK: Inboud traffic warning"
 U  2 zabbix@node1.smoke.c  Mon Jul  1 11:09  29/918   "PROBLEM: Inboud traffic warning"
>N  3 zabbix@node1.smoke.c  Tue Jul  2 20:49  28/908   "PROBLEM: Inboud traffic warning"
 N  4 zabbix@node1.smoke.c  Tue Jul  2 20:50  28/898   "OK: Inboud traffic warning"
[root@node1 ~]# grep "Alert" /etc/zabbix/zabbix_server.conf
### Option: AlertScriptsPath
# AlertScriptsPath=${datadir}/zabbix/alertscripts
AlertScriptsPath=/usr/lib/zabbix/alertscripts
[root@node1 ~]# vim /usr/lib/zabbix/alertscripts/alerttest.sh
#!/bin/bash
to="$1"
subject="$2"
body="$3"

echo "$body" | mail -s "$subject" "$to"
[root@node1 ~]# chmod +x /usr/lib/zabbix/alertscripts/alerttest.sh

点击Administration -- Media types -- Create media types,填写完成点击Add;

点击Administration -- Users,点击test用户,点击Media菜单,添加完成点击Updte;

点击Configuration -- Hosts,点击node2上面的Triggers修改触发值,让触发Event事件;

点击Monitoring -- Events,Group选择test group,Host选择node2,Source选择Trigger,查看事件,邮件发送成功;

node1:zabbix-server

[root@node1 ~]# mail
Heirloom Mail version 12.4 7/29/08.  Type ? for help.
"/var/spool/mail/root": 5 messages 1 new 4 unread
 U  1 zabbix@node1.smoke.c  Mon Jul  1 11:07  29/908   "OK: Inboud traffic warning"
    2 zabbix@node1.smoke.c  Mon Jul  1 11:09  29/919   "PROBLEM: Inboud traffic warning"
 U  3 zabbix@node1.smoke.c  Tue Jul  2 20:49  29/918   "PROBLEM: Inboud traffic warning"
 U  4 zabbix@node1.smoke.c  Tue Jul  2 20:50  29/908   "OK: Inboud traffic warning"
>N  5 zabbix@node1.smoke.c  Wed Jul  3 21:00  28/908   "PROBLEM: Inboud traffic warning"
&
& exit

在remote host执行命令:

node2:linux-agent

[root@node2 ~]# grep "Enable" /etc/zabbix/zabbix_agentd.conf
### Option: EnableRemoteCommands
# EnableRemoteCommands=0
#       Enable logging of executed shell commands as warnings.
[root@node2 ~]# vim /etc/zabbix/zabbix_agentd.conf
EnableRemoteCommands=1
LogRemoteCommands=1
[root@node2 ~]# service zabbix-agent restart
[root@node2 ~]# visudo
## Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL
zabbix          ALL=(ALL)       NOPASSWD: ALL
#Defaults    requiretty
[root@node2 ~]# yum -y install httpd
[root@node2 ~]# service httpd start

点击Configuration -- Hosts的node2上面点击Applications -- Create application,填写完成点击Add;

点击Configuration -- Hosts,在node2主机上点击Graphs -- Create graph,点击Graph菜单,填写完成点击Add;

点击Preview菜单;

点击Configuration -- Hosts在啊node2主机点击Triggers -- Create trigger,点击Trigger菜单,填写完成点击Add;

node2:linux-agent

[root@node2 ~]# service httpd stop
[root@node2 ~]# service httpd start

点击Monitoring -- Event,Group选择test group,Host选择node2,Source选择Trigger;

点击Configuration -- Actions -- Create action,点击Action菜单,

点击Conditions菜单,

点击Operations菜单,填写完成点击Add;

node2:linux-agent

[root@node2 ~]# service httpd stop

点击Monitoring -- Event,Group选择test group,Host选择node2,Source选择Trigger;

node2:linux-agent

[root@node2 ~]# service httpd status
httpd (pid  21206) is running...