文章目录

展开

邮件告警(5.0)

添加报警媒介类型

image-20230816154314719

image-20230816154951156

image-20230816155101363

image-20230816155117522

image-20230816155223622

image-20230816160336183

创建用户

image-20230816160604565

image-20230816160742714

image-20230816162124880

image-20230816163633217

image-20230816162210609

添加动作

image-20230816161159407

image-20230816161248614

image-20230816161408301

image-20230816161441559

image-20230816161600702

image-20230816161629198

image-20230816161650229

验证(之前设置了登录>=3个用户报警)

image-20230816163349324

image-20230816163411670

image-20230816163514818

image-20230816163531564

邮件告警(3.0)

添加报警媒介类型

image-20230816200947843

image-20230816201047564

添加用户

image-20230816201212301

image-20230816201244803

image-20230816201300812

image-20230816201322507

image-20230816201348198

添加动作

image-20230816201418474

image-20230816201432009

image-20230816201452283

image-20230816201605741

image-20230816201619946

image-20230816201646837

image-20230816201705336

image-20230816201727555

image-20230816201736813

验证

image-20230816203548418

image-20230816203601137

image-20230816203622265

image-20230816203638416

优化告警信息(5.0)

## 故障主题
故障{TRIGGER.STATUS},服务器:{HOSTNAME1}发生: {TRIGGER.NAME}故障!

## 发送故障消息
告警地址:{HOST.IP}

告警主机:{HOSTNAME1}

告警时间:{EVENT.DATE} {EVENT.TIME}

告警等级:{TRIGGER.SEVERITY}

告警信息: {TRIGGER.NAME}

告警项目:{TRIGGER.KEY1}

问题详情:{ITEM.NAME}:{ITEM.VALUE}

当前状态:{TRIGGER.STATUS}:{ITEM.VALUE1}

事件ID:{EVENT.ID}

## 恢复主题
恢复{TRIGGER.STATUS}, 服务器:{HOSTNAME1}: {TRIGGER.NAME}已恢复!
## 发送恢复消息
告警地址:{HOST.IP}

告警主机:{HOSTNAME1}

告警时间:{EVENT.DATE} {EVENT.TIME}

告警等级:{TRIGGER.SEVERITY}

告警信息: {TRIGGER.NAME}

告警项目:{TRIGGER.KEY1}

问题详情:{ITEM.NAME}:{ITEM.VALUE}

当前状态:{TRIGGER.STATUS}:{ITEM.VALUE1}

事件ID:{EVENT.ID}

image-20230816171726292

image-20230816171749656

image-20230816171934559

image-20230816172115752

image-20230816172136570

测试

image-20230816172210041

image-20230816172243815

image-20230816172427704

image-20230816172446121

优化告警信息(3.0)

修改动作

## 故障主题
故障{TRIGGER.STATUS},服务器:{HOSTNAME1}发生: {TRIGGER.NAME}故障!

## 发送故障消息
告警地址:{HOST.IP}

告警主机:{HOSTNAME1}

告警时间:{EVENT.DATE} {EVENT.TIME}

告警等级:{TRIGGER.SEVERITY}

告警信息: {TRIGGER.NAME}

告警项目:{TRIGGER.KEY1}

问题详情:{ITEM.NAME}:{ITEM.VALUE}

当前状态:{TRIGGER.STATUS}:{ITEM.VALUE1}

事件ID:{EVENT.ID}

## 恢复主题
恢复{TRIGGER.STATUS}, 服务器:{HOSTNAME1}: {TRIGGER.NAME}已恢复!
## 发送恢复消息
告警地址:{HOST.IP}

告警主机:{HOSTNAME1}

告警时间:{EVENT.DATE} {EVENT.TIME}

告警等级:{TRIGGER.SEVERITY}

告警信息: {TRIGGER.NAME}

告警项目:{TRIGGER.KEY1}

问题详情:{ITEM.NAME}:{ITEM.VALUE}

当前状态:{TRIGGER.STATUS}:{ITEM.VALUE1}

事件ID:{EVENT.ID}

image-20230816204107605

image-20230816204127988

image-20230816204153191

验证

image-20230816203935208

image-20230816203951107

image-20230816204010440

image-20230816204023909

HTML邮件告警(5.0)

## 故障主题
故障{TRIGGER.STATUS},服务器:{HOSTNAME1}发生: {TRIGGER.NAME}故障!
## 发送故障消息代码
<head>
    <style type="text/css">
        body{
            background:url('https://seopic.699pic.com/photo/40007/7490.jpg_wh1200.jpg');
        }
    </style>
</head>
<body>
    <img src="https://www.wodeyumengouwo.com/wp-content/uploads/2023/08/zabbix_gaojin-280x300.jpg" alt="">
    <style type="text/css">
        table .guzhang {color: red;}
    </style>
    <table border="3"  bordercolor="black" cellspacing="0px" cellpadding="4px" width="500px">
        <tr class="guzhang" bgcolor="#0C1B3D" ><th colspan=2>
            {TRIGGER.STATUS} 故障!!!故障!!! 
            <div>&#128514; &#128514; &#128514;</div>
        </tr>
        <tr >
            <td bgcolor="#F9B602" width="20%">告警主机</td>
            <td bgcolor="#F9B602">{HOSTNAME1}</td>
        </tr>
        <tr >
            <td bgcolor="#F9B602">告警别名</td>
            <td bgcolor="#F9B602">{HOST.NAME} </td>
        <tr >
        <tr >
            <td bgcolor="#F9B602">告警地址</td>
            <td bgcolor="#F9B602">{HOST.IP}</td>
        </tr>
        <tr>
            <td bgcolor="#F9B602">告警时间</td>
            <td bgcolor="#F9B602">{EVENT.DATE} {EVENT.TIME}</td>
        </tr>

        <tr>
            <td bgcolor="#F9B602">告警等级</td>
            <td bgcolor="#F9B602">{TRIGGER.SEVERITY}</td>
        </tr>

        <tr>
            <td bgcolor="#F9B602">告警信息</td>
            <td bgcolor="#F9B602">{TRIGGER.NAME}</td>
        </tr>

        <tr>
            <td bgcolor="#F9B602">告警项目</td>
            <td bgcolor="#F9B602">{TRIGGER.KEY1}</td>
        </tr>
        <tr >
            <td class='guzhang2' bgcolor="#FF3333">问题详情</td>
            <td class='guzhang3' bgcolor="#FF3333">{ITEM.NAME}: {ITEM.VALUE} &#128520; &#128520; &#128520;</td>
        </tr>
        <tr>
            <td bgcolor="#F9B602">当前状态</td>
            <td bgcolor="#F9B602">{TRIGGER.STATUS}: {ITEM.VALUE1}</td>
        </tr>
        <tr>
            <td bgcolor="#F9B602">事件ID</td>
            <td bgcolor="#F9B602">{EVENT.ID}</td>
        </tr>
    </table>
</body>

## 恢复主题
恢复{TRIGGER.STATUS}, 服务器:{HOSTNAME1}: {TRIGGER.NAME}已恢复!
## 发生恢复故障消息代码
<head>
    <style type="text/css">
        table .guzhang {
            color: red;
        }
        body{
            background:url('https://seopic.699pic.com/photo/40007/7490.jpg_wh1200.jpg');
        }
    </style>
</head>
<body>
<img src="https://www.wodeyumengouwo.com/wp-content/uploads/2023/08/zabbix_huifu-289x300.jpg" alt="">
    <table border="1"  bordercolor="black" cellspacing="0px" cellpadding="4px" width="500px">
        <tr bgcolor="#49c208"><th colspan=2>
        {TRIGGER.STATUS} 哈哈哈哈哈哈,好了 
        <div>&#128512; &#128512; &#128512;</div>
        </tr>

        <tr >
            <td bgcolor="lightgreen" width="20%">恢复主机</td>
            <td bgcolor="yellow">{HOSTNAME1}</td>
        </tr>
        <tr>
            <td bgcolor="lightgreen">恢复别名</td>
            <td bgcolor="yellow">{HOST.NAME} </td>
        <tr >
            <td bgcolor="lightgreen">恢复地址</td>
            <td bgcolor="yellow">{HOST.IP}</td>
        </tr>
        <tr>
            <td bgcolor="lightgreen">恢复时间</td>
            <td bgcolor="yellow">{EVENT.DATE} {EVENT.RECOVERY.TIME}</td>
        </tr>

        <tr>
            <td bgcolor="lightgreen">恢复等级</td>
            <td bgcolor="yellow">{TRIGGER.SEVERITY}</td>
        </tr>

        <tr>
            <td bgcolor="lightgreen">恢复信息</td>
            <td bgcolor="yellow">{TRIGGER.NAME}</td>
        </tr>

        <tr>
            <td bgcolor="lightgreen">恢复项目</td>
            <td bgcolor="yellow">{TRIGGER.KEY1}</td>
        </tr>
        <tr >
            <td bgcolor="#49c208">恢复详情</td>
            <td bgcolor="#49c208">{ITEM.NAME}: {ITEM.VALUE} &#9889; &#9889; &#9889;</td>
        </tr>
        <tr>
            <td bgcolor="lightgreen">当前状态</td>
            <td bgcolor="yellow">{TRIGGER.STATUS}: {ITEM.VALUE1}</td>
        </tr>
        <tr>
            <td bgcolor="lightgreen">事件ID</td>
            <td bgcolor="yellow">{EVENT.ID}</td>
        </tr>
    </table>
</body>

添加报警媒介类型

image-20230816163841463

image-20230816164101653

添加用户

image-20230816164325189

image-20230816164339210

image-20230816164413906

image-20230816164425324

添加动作

image-20230816164531773

image-20230816164619332

image-20230816164709815

image-20230816164733648

image-20230816165750875

image-20230816165216018

image-20230816165841575

image-20230816165859362

验证

image-20230816170221497

image-20230816170352213

image-20230816170438080

image-20230816170520199

多条件触发器(5.0)

## 监控mem跟swap
## 修改配置文件
[root@web01 ~]# vim /etc/zabbix/zabbix_agentd.d/nc.conf
UserParameter=mem.state,free -m|awk '/^Mem/{print $NF*100/$2}'
UserParameter=swap.state,free -m|awk '/^Swap/{print $NF*100/$2}'

## 重启
[root@web01 ~]# systemctl restart zabbix-agent.service 

## 验证
[root@zabbix ~]# zabbix_get -s 172.16.1.7 -k mem.state
61.7284
[root@zabbix ~]# zabbix_get -s 172.16.1.7 -k swap.state
100

添加men监控项

image-20230816182056616

image-20230816182107906

image-20230816182157342

添加swap监控项

image-20230816182259630

image-20230816182606418

image-20230816182705713

添加多条件触发器

image-20230816182743682

image-20230816182815729

image-20230816182857311

image-20230816182915601

image-20230816183000626

image-20230816183011005

image-20230816183030694

image-20230816183046434

image-20230816183112163

image-20230816183124835

image-20230816183141411

image-20230816183205377

image-20230816183217272

image-20230816183232339

测试

[root@web01 ~]# dd < /dev/zero > /dev/null bs=1600M count=1024

image-20230816193205931

image-20230816193320968

常用触发器条件表达式

and #并且 
or #或者
last() #比对最新的值
avg() #平均值
diff() #比对上一次文件的内容
nodata() #收不不到数据进行报警nodata(5m)
(5m) #表示最近5分钟得到值
(#5) #表示最近5次得到的值

多条件触发器(3.0)

## 监控mem跟swap
## 修改配置文件
[root@web02 ~]# vim /etc/zabbix/zabbix_agentd.d/nc.conf
UserParameter=mem.state,free -m|awk '/^Mem/{print $NF*100/$2}'
UserParameter=swap.state,free -m|awk '/^Swap/{print $NF*100/$2}'

## 重启
[root@web02 ~]# systemctl restart zabbix-agent.service 

## 验证
[root@zabbix-server02 ~]# zabbix_get -s 172.16.1.8 -k mem.state
72.5309
[root@zabbix-server02 ~]# zabbix_get -s 172.16.1.8 -k swap.state
100

添加men监控项

image-20230816210819260

添加swap监控项

image-20230816210827308

image-20230816211010546

image-20230816211048879

image-20230816211153107

添加多条件触发器

image-20230816211409686

image-20230816211423733

image-20230816211455593

image-20230816211512009

image-20230816211559807

image-20230816211826740

image-20230816211840115

image-20230816211903729

image-20230816212006094

image-20230816212019316

image-20230816212029739

image-20230816212047015

image-20230816212118335

image-20230816212201975

验证

  • 测试
[root@web02 ~]# dd < /dev/zero > /dev/null bs=1600M count=1024

image-20230816212322686

image-20230816212542012

image-20230816212438487

image-20230816212648413

image-20230816212338668

image-20230816212559542

zabbix自愈模式(5.0)

添加ssh监控项

image-20230816194023602

image-20230816194034254

image-20230816194143308

添加ssh触发器

image-20230816194234754

image-20230816194243937

image-20230816194321598

image-20230816194347869

image-20230816194357427

image-20230816194415070

创建自愈动作

image-20230816194515190

image-20230816194654158

image-20230816194716332

image-20230816194734951

image-20230816194800825

image-20230816194839919

image-20230816195002664

image-20230816195040881

## 修改配置文件 允许执行远程命令
[root@web01 ~]# vim /etc/zabbix/zabbix_agentd.conf
EnableRemoteCommands=1     //随便加加进去就行

# 客户端zabbix用户要sudo提权
[root@web01 ~]# visudo
%zabbix ALL=(ALL) NOPASSWD:ALL

# 客户端zabbix用户要/bin/bash登录
[root@web01 ~]# usermod zabbix -s /bin/bash

# 3.测试
[root@web01 ~]# su - zabbix -c 'sudo ls -l /'
su: warning: cannot change directory to /var/lib/zabbix: No such file or directory
total 20
lrwxrwxrwx.   1 root root    7 Apr 11 16:18 bin -> usr/bin
dr-xr-xr-x.   5 root root 4096 Apr 11 16:23 boot
drwxr-xr-x   19 root root 3200 Aug 16 19:34 dev
drwxr-xr-x.  79 root root 8192 Aug 16 19:56 etc
drwxr-xr-x.   3 root root   16 Aug 14 21:10 home
lrwxrwxrwx.   1 root root    7 Apr 11 16:18 lib -> usr/lib
lrwxrwxrwx.   1 root root    9 Apr 11 16:18 lib64 -> usr/lib64
drwxr-xr-x.   2 root root    6 Apr 11  2018 media
drwxr-xr-x.   2 root root    6 Apr 11  2018 mnt
drwxr-xr-x.   2 root root    6 Apr 11  2018 opt
dr-xr-xr-x  118 root root    0 Aug 16 19:34 proc
dr-xr-x---.   3 root root  213 Aug 16 19:52 root
drwxr-xr-x   24 root root  600 Aug 16 19:34 run
lrwxrwxrwx.   1 root root    8 Apr 11 16:18 sbin -> usr/sbin
drwxr-xr-x.   2 root root    6 Apr 11  2018 srv
dr-xr-xr-x   13 root root    0 Aug 16 19:34 sys
drwxrwxrwt.  14 root root 4096 Aug 16 19:35 tmp
drwxr-xr-x.  13 root root  155 Apr 11 16:18 usr
drwxr-xr-x.  19 root root  267 Apr 11 16:42 var

## 停止sshd服务
[root@web01 ~]# systemctl stop sshd.service 

image-20230816195840781

image-20230816195933627

image-20230816200003342

image-20230816200033306

## 验证一下
[root@web01 ~]# netstat -lntup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      5340/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      959/master          
tcp        0      0 0.0.0.0:10050           0.0.0.0:*               LISTEN      5162/zabbix_agentd  
tcp6       0      0 :::22                   :::*                    LISTEN      5340/sshd           
tcp6       0      0 :::3000                 :::*                    LISTEN      805/grafana         
tcp6       0      0 ::1:25                  :::*                    LISTEN      959/master          
tcp6       0      0 :::10050                :::*                    LISTEN      5162/zabbix_agentd  

zabbix自愈模式(3.0)

添加ssh监控项

image-20230816212908407

image-20230816212919316

image-20230816213048684

添加ssh触发器

image-20230816213144936

image-20230816213223277

image-20230816213259735

image-20230816213323801

创建自愈动作

image-20230816213429741

image-20230816213449032

image-20230816213522247

image-20230816213609533

image-20230816213911947

image-20230816213932964

image-20230816213941740

## 修改配置文件 允许执行远程命令
[root@web02 ~]# vim /etc/zabbix/zabbix_agentd.conf
EnableRemoteCommands=1     //随便加加进去就行

# 客户端zabbix用户要sudo提权
[root@web02 ~]# visudo
%zabbix ALL=(ALL) NOPASSWD:ALL

# 客户端zabbix用户要/bin/bash登录
[root@web02 ~]# usermod zabbix -s /bin/bash

# 3.测试
[root@web02 ~]# su - zabbix -c 'sudo ls -l /'
su: warning: cannot change directory to /var/lib/zabbix: No such file or directory
total 16
lrwxrwxrwx.   1 root root    7 Apr 11 16:18 bin -> usr/bin
dr-xr-xr-x.   5 root root 4096 Apr 11 16:23 boot
drwxr-xr-x   19 root root 3200 Aug 16 08:36 dev
drwxr-xr-x.  75 root root 8192 Aug 16 21:41 etc
drwxr-xr-x.   2 root root    6 Apr 11  2018 home
lrwxrwxrwx.   1 root root    7 Apr 11 16:18 lib -> usr/lib
lrwxrwxrwx.   1 root root    9 Apr 11 16:18 lib64 -> usr/lib64
drwxr-xr-x.   2 root root    6 Apr 11  2018 media
drwxr-xr-x.   2 root root    6 Apr 11  2018 mnt
drwxr-xr-x.   2 root root    6 Apr 11  2018 opt
dr-xr-xr-x  116 root root    0 Aug 16 08:36 proc
dr-xr-x---.   3 root root  163 Aug 16 21:40 root
drwxr-xr-x   23 root root  580 Aug 16 08:36 run
lrwxrwxrwx.   1 root root    8 Apr 11 16:18 sbin -> usr/sbin
drwxr-xr-x.   2 root root    6 Apr 11  2018 srv
dr-xr-xr-x   13 root root    0 Aug 16 08:36 sys
drwxrwxrwt.  10 root root  195 Aug 16 09:42 tmp
drwxr-xr-x.  13 root root  155 Apr 11 16:18 usr
drwxr-xr-x.  19 root root  267 Apr 11 16:42 var

## 重启服务
[root@web02 ~]# systemctl restart zabbix-agent.service

## 停止sshd服务
[root@web02 ~]# systemctl stop sshd.service 

image-20230816215547774

image-20230816215706885

image-20230816215605474

image-20230816215628420

## 验证
[root@web02 ~]# netstat -lntup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      46683/sshd          
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      994/master          
tcp        0      0 0.0.0.0:10050           0.0.0.0:*               LISTEN      46239/zabbix_agentd 
tcp6       0      0 :::22                   :::*                    LISTEN      46683/sshd          
tcp6       0      0 ::1:25                  :::*                    LISTEN      994/master          
tcp6       0      0 :::10050                :::*                    LISTEN      46239/zabbix_agentd