zabbix-api https://blog.csdn.net/weixin_36485376/article/details/89603642

zabbix6.0安装组件

  • docker (略)
  • timescaledb 时序数据库
  • zabbix_server
  • zabbix-web-nginx

一、postgres(TimescaleDB)

mkdir /data/zabbix/timescaledb -p && cd /data/zabbix/timescaledb

cat > start.sh << 'EOF'
#!/bin/bash
docker rm -f timescaledb
cd `dirname $0`

docker run -d \
--name timescaledb  \
--restart always \
-p 5432:5432 \
-v /etc/localtime:/etc/localtime:ro \
-v `pwd`/data:/var/lib/postgresql/data:rw \
-e POSTGRES_USER=zabbix \
-e POSTGRES_PASSWORD=Timescaledb@2022 \
-e POSTGRES_DB=zabbix \
-e ENABLE_TIMESCALEDB=true \
timescale/timescaledb:2.7.0-pg14
EOF

bash start.sh

timescaledb 内存和CPU优化

docker exec -it  timescaledb bash
timescaledb-tune --memory="2GB" --cpus=2 --yes  --quiet

Using postgresql.conf at this path:
/var/lib/postgresql/data/postgresql.conf

Writing backup to:
/tmp/timescaledb_tune.backup202304071240

Recommendations based on 2.00 GB of available memory and 2 CPUs for PostgreSQL 13
success: all settings tuned, no changes needed
Saving changes to: /var/lib/postgresql/data/postgresql.conf

二、zabbix_server

mkdir /data/zabbix/zabbix_server -p && cd /data/zabbix/zabbix_server

cat > start.sh << 'EOF'
#!/bin/bash
docker rm -f zabbix_server

cd `dirname $0`

docker run -d \
--name zabbix_server \
--restart always \
--net host \
--add-host=timescaledb:192.168.11.101 \
-v /etc/localtime:/etc/localtime:ro \
-v `pwd`/data/alertscripts:/usr/lib/zabbix/alertscripts:ro \
-v `pwd`/data/externalscripts:/usr/lib/zabbix/externalscripts:ro \
-v `pwd`/data/export:/var/lib/zabbix/export:rw \
-v `pwd`/data/modules:/var/lib/zabbix/modules:ro \
-v `pwd`/data/enc:/var/lib/zabbix/enc:ro \
-v `pwd`/data/ssh_keys:/var/lib/zabbix/ssh_keys:ro \
-v `pwd`/data/mibs:/var/lib/zabbix/mibs:ro \
-v `pwd`/data/snmptraps:/var/lib/zabbix/snmptraps:ro \
-e ENABLE_TIMESCALEDB=true \
-e DB_SERVER_HOST=timescaledb \
-e POSTGRES_USER=zabbix \
-e POSTGRES_PASSWORD=Timescaledb@2022 \
-e POSTGRES_DB=zabbix \
-e ZBX_JAVAGATEWAY_ENABLE=true \
-e ZBX_STARTJAVAPOLLERS=5 \
-e ZBX_ENABLE_SNMP_TRAPS=true \
-e ZBX_TIMEOUT=30 \
zabbix/zabbix-server-pgsql:6.0-alpine-latest
EOF

bash start.sh

三、zabbix_nginx

mkdir /data/zabbix/nginx -p  && cd /data/zabbix/nginx

cat > start.sh << 'EOF'
#!/bin/bash
docker rm -f zabbix_nginx
cd `dirname $0`

docker run -d \
--name zabbix_nginx \
--restart always \
-p 8080:8080 \
-p 443:443 \
--add-host=timescaledb:192.168.11.101 \
--add-host=zabbix-server:192.168.11.101 \
-v /etc/localtime:/etc/localtime:ro \
-v `pwd`/data/ssl:/etc/ssl/nginx:ro \
-v `pwd`/data/modules/:/usr/share/zabbix/modules/:ro \
-e ZBX_SERVER_HOST=zabbix-server \
-e DB_SERVER_HOST=timescaledb \
-e POSTGRES_USER=zabbix \
-e POSTGRES_PASSWORD=Timescaledb@2022 \
-e POSTGRES_DB=zabbix \
zabbix/zabbix-web-nginx-pgsql:6.0-alpine-latest
EOF

bash start.sh

四、zabbix_java_gateway

mkdir /data/zabbix/zabbix_java_gateway -p  && cd /data/zabbix/zabbix_java_gateway

cat > start.sh << 'EOF'
#!/bin/bash
docker rm -f zabbix_java_gateway

cd `dirname $0`

docker run -d \
--name zabbix_java_gateway \
--restart always \
--add-host=zabbix-server:192.168.11.101 \
-p 10052:10052 \
-v /etc/localtime:/etc/localtime:ro \
zabbix/zabbix-java-gateway:6.0-alpine-latest
EOF

bash start.sh

五、zabbix_snmptraps

mkdir /data/zabbix/zabbix_snmptraps -p  && cd /data/zabbix/zabbix_snmptraps

cat > start.sh << 'EOF'
#!/bin/bash
docker rm -f zabbix_snmptraps

cd `dirname $0`

docker run -d \
--name zabbix_snmptraps \
--restart always \
--add-host=zabbix-server:192.168.11.101 \
-p "162:1162/udp" \
-v /etc/localtime:/etc/localtime:ro \
-v /data/zabbix_server/data/snmptraps:/var/lib/zabbix/snmptraps:rw \
zabbix/zabbix-snmptraps:6.0-alpine-latest
EOF

bash start.sh

六、zabbix_web_service

mkdir /data/zabbix/zabbix_web_service -p  && cd /data/zabbix/zabbix_web_service

cat > start.sh << 'EOF'
#!/bin/bash
docker rm -f zabbix_web_service

cd `dirname $0`

docker run -d \
--name zabbix_web_service \
--restart always \
-p 10053:10053 \
--cap-add=SYS_ADMIN \
--add-host=zabbix-server:192.168.11.101 \
-v /etc/localtime:/etc/localtime:ro \
-e ZBX_LISTENPORT=10053 \
-e ZBX_ALLOWEDIP=zabbix-server \
zabbix/zabbix-web-service:6.0-alpine-latest
EOF

#ZBX_ALLOWEDIP有多个值时用“逗号”隔开

bash start.sh

七、zabbix_agent2
方法一 rpm安装

#下载zabbix-agent2
wget --no-check-certificate  https://repo.zabbix.com/zabbix/6.0/rhel/7/x86_64/zabbix-agent2-6.0.5-1.el7.x86_64.rpm 
wget --no-check-certificate  https://repo.zabbix.com/zabbix/6.0/rhel/7/x86_64/zabbix-get-6.0.5-1.el7.x86_64.rpm
wget --no-check-certificate  https://repo.zabbix.com/zabbix/6.0/rhel/7/x86_64/zabbix-sender-6.0.5-1.el7.x86_64.rpm

rpm -ivh *.rpm

cat > /etc/zabbix/zabbix_agent2.conf << 'EOF'
PidFile=/var/run/zabbix/zabbix_agent2.pid
LogFile=/var/log/zabbix/zabbix_agent2.log
LogFileSize=0
Server=192.168.11.101
ServerActive=192.168.11.101:10051
Hostname=192.168.11.101
Include=/etc/zabbix/zabbix_agent2.d/*.conf
ControlSocket=/tmp/agent.sock
EOF
systemctl enable zabbix-agent2
systemctl start zabbix-agent2
systemctl status zabbix-agent2

方法二 docker

mkdir /data/zabbix/zabbix_agent2/conf -p && cd /data/zabbix/zabbix_agent2

cat > /data/zabbix/zabbix_agent2/conf/zabbix_agent2.conf << 'EOF'
PidFile=/var/run/zabbix/zabbix_agent2.pid
LogFile=/var/log/zabbix/zabbix_agent2.log
LogFileSize=0
Server=192.168.11.101
ServerActive=192.168.11.101:10051
Hostname=192.168.11.101
Include=/etc/zabbix/zabbix_agent2.d/*.conf
ControlSocket=/tmp/agent.sock
EOF

cat > start.sh << 'EOF'
#!/bin/bash
docker rm -f zabbix_agent2

cd `dirname $0`

docker run -d \
--name zabbix_agent2 \
--restart always \
--net host \
--privileged \
-v /etc/localtime:/etc/localtime:ro \
-v `pwd`/conf/zabbix_agentd.d:/etc/zabbix/zabbix_agentd.d:ro \
-v `pwd`/conf/zabbix_agent2.conf:/etc/zabbix/zabbix_agent2.conf \
zabbix/zabbix-agent2:6.0-centos-latest
EOF

bash start.sh

方法三 二进制部置zabbix-agent2

#提取zabbix-agent2二进制文件
groupadd zabbix
useradd zabbix -g zabbix
#安装依赖pcre2
yum install pcre2 -y
wget --no-check-certificate  https://repo.zabbix.com/zabbix/6.0/rhel/7/x86_64/zabbix-agent2-6.0.5-1.el7.x86_64.rpm 
wget --no-check-certificate  https://repo.zabbix.com/zabbix/6.0/rhel/7/x86_64/zabbix-get-6.0.5-1.el7.x86_64.rpm
wget --no-check-certificate  https://repo.zabbix.com/zabbix/6.0/rhel/7/x86_64/zabbix-sender-6.0.5-1.el7.x86_64.rpm

rpm2cpio https://repo.zabbix.com/zabbix/6.0/rhel/7/x86_64/zabbix-agent2-6.0.5-1.el7.x86_64.rpm |cpio -idv ./usr/sbin/zabbix_agent2

mkdir -p /data/zabbix_agent2/{sbin,log,zabbix_agent2.d}
mv  ./usr/sbin/zabbix_agent2 /data/zabbix_agent2/sbin/

chown-R zabbix.zabbix /data/zabbix_agent2

cat > /etc/systemd/system/zabbix-agent2.service << 'EOF'
[Unit]
Description=Zabbix Agent 2
After=syslog.target
After=network.target

[Service]
Environment="CONFFILE=/data/zabbix_agent2/zabbix_agent2.conf"
EnvironmentFile=-/etc/sysconfig/zabbix-agent2
Type=simple
Restart=on-failure
PIDFile=/data/zabbix_agent2/zabbix_agent2.pid
KillMode=control-group
ExecStart=/data/zabbix_agent2/sbin/zabbix_agent2 -c $CONFFILE
ExecStop=/bin/kill -SIGTERM $MAINPID
RestartSec=10s
User=zabbix
Group=zabbix

[Install]
WantedBy=multi-user.target
EOF

cat > /data/zabbix_agent2/zabbix_agent2.conf << 'EOF'
PidFile=/data/zabbix_agent2/zabbix_agent2.pid
LogFile=/data/zabbix_agent2/log/zabbix_agent2.log
LogFileSize=0
Server=192.168.11.100
ServerActive=192.168.11.100:10051
Hostname=192.168.11.100
Include=/data/zabbix_agent2/zabbix_agent2.d/*.conf
ControlSocket=/tmp/agent.sock
EOF 

systemctl daemon-reload
systemctl enable zabbix-agent2
systemctl start zabbix-agent2
systemctl status zabbix-agent2

八、使用Node_exporter作为zabbix的客户端

mkdir /data/node_exporter/ -p
cat >/data/node_exporter/start.sh<< 'EOF'
docker run -d \
--name node_exporter \
--restart=always \
--pid="host" \
--net=host \
-v "/proc:/host/proc:ro" \
-v "/sys:/host/sys:ro" \
-v "/:/rootfs:ro" \
-v /etc/localtime:/etc/localtime:ro \
prom/node-exporter \
--path.procfs=/host/proc \
--path.rootfs=/rootfs \
--path.sysfs=/host/sys \
--collector.filesystem.ignored-mount-points='^/(sys|proc|dev|host|etc)($$|/)'
EOF
bash /data/node_exporter/start.sh

在这里插入图片描述

九、grafana与zabbix集成

mkdir /data/zabbix/grafana/data -p
chown 472 /data/zabbix/grafana/data
#启动脚本
cat > /data/zabbix/grafana/start.sh << 'EOF'
docker rm -f zabbix_grafana
cd `dirname $0`

docker run -d \
--name zabbix_grafana \
--restart=always \
--user 472 \
-p 3000:3000 \
-e "GF_SECURITY_ADMIN_PASSWORD=Grafana@2O22" \
-e "GF_INSTALL_PLUGINS=grafana-clock-panel,grafana-simple-json-datasource,grafana-piechart-panel,alexanderzobnin-zabbix-app" \
-v `pwd`/data:/var/lib/grafana  \
-v /etc/localtime:/etc/localtime:ro \
grafana/grafana:8.5.6 
EOF


bash /data/zabbix/grafana/start.sh

URL: http://192.168.11.101:8080/api_jsonrpc.php
在这里插入图片描述

grafana 图表
grafana_id: 5363
在这里插入图片描述

grafana_id: 5456
在这里插入图片描述

自定义图
在这里插入图片描述

在这里插入图片描述

十一、 企业微信告警
配置警报媒介类型
1、管理–>警报媒介类型–>新建wx_webhook
(脚本的三个参数都是zabbix内置变量,分别为:报警收件人:{ALERT.SENDTO}、报警标题:{ALERT.SUBJECT}、报警内容:{ALERT.MESSAGE})

名称:  qiwei_robot
类型:脚本
脚本名称:wx_webhook.py
脚本参数
参数	:
    名称                值
     Message        {ALERT.MESSAGE}
    Subject            {ALERT.SUBJECT}
    To                    {ALERT.SENDTO}
    Token              2fe963bf-7a37-4ab4-90d1-55569ff533e3   #	群聊机器人webhook地址的key

脚本:( zabbix5.4可用)
```python
var Wechat = {
    token: null,
    to: null,
    message: null,
    parse_mode: null,
 
    sendMessage: function() {
        var params = {
            msgtype: "markdown",
            chat_id: Wechat.to,
            markdown: {
                content:Wechat.message
            },
            disable_web_page_preview: true,
            disable_notification: false
        },
        data,
        response,
        request = new CurlHttpRequest(),
        url = 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=' + Wechat.token;
 
        if (Wechat.parse_mode !== null) {
            params['parse_mode'] = Wechat.parse_mode;
        }
 
        request.AddHeader('Content-Type: application/json');
        data = JSON.stringify(params);
 
        // Remove replace() function if you want to see the exposed token in the log file.
        Zabbix.Log(4, '[Wechat Webhook] URL: ' + url.replace(Wechat.token, '<TOKEN>'));
        Zabbix.Log(4, '[Wechat Webhook] params: ' + data);
        response = request.Post(url, data);
        Zabbix.Log(4, '[Wechat Webhook] HTTP code: ' + request.Status());
        Zabbix.Log(4, '[Wechat Webhook] response: ' + response);
 
        try {
            response = JSON.parse(response);
        }
        catch (error) {
            response = null;
            Zabbix.Log(4, '[Wechat Webhook] response parse error');
        }
 
        if (request.Status() !== 200 ||  response.errcode !== 0 || response.errmsg !== 'ok') {
            if (typeof response.errmsg === 'string') {
                throw response.errmsg;
            }
            else {
                throw 'Unknown error. Check debug log for more information.'
            }
        }
    }
}
 
try {
    var params = JSON.parse(value);
 
    if (typeof params.Token === 'undefined') {
        throw 'Incorrect value is given for parameter "Token": parameter is missing';
    }
 
    Wechat.token = params.Token;
 
    if (['Markdown', 'HTML', 'MarkdownV2'].indexOf(params.ParseMode) !== -1) {
        Wechat.parse_mode = params.ParseMode;
    }
 
    Wechat.to = params.To;
    Wechat.message = params.Subject + '\n' + params.Message;
    Wechat.sendMessage();
 
    return 'OK';
}
catch (error) {
    Zabbix.Log(4, '[Wechat Webhook] notification failed: ' + error);
    throw 'Sending failed: ' + error + '.';
}

脚本:( zabbix6.2可用) 主要是CurlHttpRequest变更为HttpRequest引起

var Wechat = {
    token: null,
    to: null,
    message: null,
    parse_mode: null,
 
    sendMessage: function() {
        var params = {
            msgtype: "markdown",
            chat_id: Wechat.to,
            markdown: {
                content:Wechat.message
            },
            disable_web_page_preview: true,
            disable_notification: false
        },
        data,
        response,
        request = new HttpRequest(),
        url = 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=' + Wechat.token;
 
        if (Wechat.parse_mode !== null) {
            params['parse_mode'] = Wechat.parse_mode;
        }
 
        request.addHeader('Content-Type: application/json');
        data = JSON.stringify(params);
 
        // Remove replace() function if you want to see the exposed token in the log file.
        Zabbix.log(4, '[Wechat Webhook] URL: ' + url.replace(Wechat.token, '<TOKEN>'));
        Zabbix.log(4, '[Wechat Webhook] params: ' + data);
        response = request.post(url, data);
        Zabbix.log(4, '[Wechat Webhook] HTTP code: ' + request.getStatus());
        Zabbix.log(4, '[Wechat Webhook] response: ' + response);
 
        try {
            response = JSON.parse(response);
        }
        catch (error) {
            response = null;
            Zabbix.log(4, '[Wechat Webhook] response parse error');
        }
 
        if (request.getStatus() !== 200 ||  response.errcode !== 0 || response.errmsg !== 'ok') {
            if (typeof response.errmsg === 'string') {
                throw response.errmsg;
            }
            else {
                throw 'Unknown error. Check debug log for more information.'
            }
        }
    }
}
 
try {
    var params = JSON.parse(value);
 
    if (typeof params.Token === 'undefined') {
        throw 'Incorrect value is given for parameter "Token": parameter is missing';
    }
 
    Wechat.token = params.Token;
 
    if (['Markdown', 'HTML', 'MarkdownV2'].indexOf(params.ParseMode) !== -1) {
        Wechat.parse_mode = params.ParseMode;
    }
 
    Wechat.to = params.To;
    Wechat.message = params.Subject + '\n' + params.Message;
    Wechat.sendMessage();
 
    return 'OK';
}
catch (error) {
    Zabbix.log(4, '[Wechat Webhook] notification failed: ' + error);
    throw 'Sending failed: ' + error + '.';
}

在这里插入图片描述

2、配置Message templates
报警媒介类型–>Message type

问题模板

message type:  问题
主题:告警通知

消息: 
当前状态:<font color="warning">{TRIGGER.STATUS}</font>
告警IP:{HOST.IP}
所属群组:{TRIGGER.HOSTGROUP.NAME}
告警等级:<font color="warning">{TRIGGER.SEVERITY}</font>
告警信息:{TRIGGER.NAME}
当前详情:{ITEM.NAME}  <font color="warning">{ITEM.VALUE}</font>
告警时间:{EVENT.DATE} {EVENT.TIME}

问题恢复模板

message type:  promeble recovery
主题:恢复通知

消息: 
当前状态:<font color="info">{TRIGGER.STATUS}</font>
告警IP:{HOST.IP}
所属群组:{TRIGGER.HOSTGROUP.NAME}
告警信息:{TRIGGER.NAME}
当前详情:{ITEM.NAME}  <font color="info">{ITEM.VALUE}</font>
恢复时间:{EVENT.RECOVERY.DATE} {EVENT.RECOVERY.TIME}
持续时间:{EVENT.AGE}

二、设置action,使警报生效
配置–>动作–>trigger actions–>创建动作
1、动作–>名称:wx_webhook
条件:触发器示警度 大于等于 警告
2、操作–>

         默认操作步骤持续时间:  1h
         操作
           步骤:  1 - 3 	            #以持续时间为间隔发送3次,条件为没有确认
           步骤持续时间:    60s         #60秒内不重复发送告警	
           发送消息给用户: Admin 
           发送消息给用户群组: Zabbix administrators
           仅送到:wx_webhook
           条件: Event is not acknowledged

在这里插入图片描述
在这里插入图片描述

三、对用户配置告警策略
管理–>用户–>Admin(选择用户)–>报警媒介–>添加
类型:wx_webhook (自定义名称)
收件人: 通信员 (随便)
当启用时: 1-7,00:00-24:00 (默认就好)

在这里插入图片描述

4、验证
在这里插入图片描述

在这里插入图片描述

十二、使用elasticsearch存放历史数据
https://blog.csdn.net/peyte1/article/details/84941560

十三、zabbix监控tcp scoket 状态

tcp_status脚本

cat > /etc/zabbix/zabbix_agent2.d/tcp_status.sh << 'EOF'
#!/bin/bash
#用ss生成scoket的状态文件,
tcp_check_interval(){
      INTERVAL_TIME=$1
      timestamp=`date +%s`
      filepath=/dev/shm/tcp_conn.txt
      if [ ! -f $filepath ];then
        touch $filepath
      fi
      if [ -f $filepath ];then
        filetimestamp=`stat -c %Y $filepath`
        timecha=$[$timestamp - $filetimestamp]
        if [ $timecha -gt $INTERVAL_TIME ];then
          ss -ant| awk 'NR>1 {++s[$1]} END {for(k in s) print k,s[k]}' > /dev/shm/tcp_conn.txt
        fi
      fi
    echo $INTERVAL_TIME
}

#读取scoket的状态文件
tcp_conn_status(){
    TCP_STAT=$1
    TCP_NUM=$(grep "$TCP_STAT" /dev/shm/tcp_conn.txt|cut -d ' ' -f2)
    if [ -z $TCP_NUM ];then
       TCP_NUM=0
    fi
    echo $TCP_NUM
}

main(){
    case $1 in
        tcp_check_interval)
            tcp_check_interval $2;
            ;;
        tcp_status)
            tcp_conn_status $2;
            ;;
    esac
}

main $1 $2
EOF

cat > /etc/zabbix/zabbix_agent2.d/tcp_status.conf  << 'EOF'
UserParameter=tcp_status[*],/bin/bash /etc/zabbix/zabbix_agent2.d/tcp_status.sh $1 $2
EOF

配置模板
在这里插入图片描述
触发器
名称: ESTAB连接数超过告警值4w
严重性: 严重
问题表现形式: last(/gw_pro_tcp_status_jiankong/tcp_status[“tcp_status”,“ESTAB”])>40000
恢复表达式: last(/gw_pro_tcp_status_jiankong/tcp_status[“tcp_status”,“ESTAB”])<=40000
在这里插入图片描述

十四、web场景监控

1、配置–》》模板–》》创建模板–》》模板
在这里插入图片描述

模版名称: gw_healthcheck
可见的名称: 服务自检_healthcheck
群组:Templates

2、配置–》》模板–》》创建模板–》》宏
在这里插入图片描述

宏: {$SMARTGATE_PORT}
ֵ值: 80
描述: 网关服务器端口

配置–》》模板–》》gw_healthcheck(选择刚刚创建的模板)–》Web 场景–》创建Web场景–》场景
在这里插入图片描述

名称:gw_self_healthcheck
更新间隔:30s
尝试次数: 2
客户端: Zabbix

配置–》》模板–》》gw_healthcheck(选择刚刚创建的模板)–》Web 场景–》创建Web场景–》步骤–》添加
在这里插入图片描述

名称: gw_self_healthcheck
URL: http://{HOST.CONN}:{$SMARTGATE_PORT}/dail_healthcheck
超时:15s
要求的字串:返回成功
要求的状态码:200

触发器
在这里插入图片描述
表达式:count(/gw_healthcheck/web.test.rspcode[gw_self_healthcheck,gw_self_healthcheck],2m,“200”)<2 and last(/gw_healthcheck/web.test.rspcode[gw_self_healthcheck,gw_self_healthcheck])<>200

十五、zabbix LLD
参考:https://www.cnblogs.com/smail-bao/p/6043726.html --初级
https://blog.csdn.net/u013272009/article/details/90486079–高级

十六、zabbix基于ansible的自动化集成
https://github.com/smejdil/import-default-zabbix-templates --自动加载模板 (支持xml和json格式)

注意:ansible 使用python3版本

#安装依赖
yum install python3-pip git lrzsz -y
pip3 install zabbix-api

cd /tmp/
git clone https://github.com/smejdil/import-default-zabbix-templates
cd  import-default-zabbix-templates

#ansbile-galaxy只支持ansible 2.9以上版本

#ansible-galaxy collection install -r requirements.yml
#下载ansible-galaxy模块:https://galaxy.ansible.com/community/zabbix
#本地文件安装
#wget https://galaxy.ansible.com/download/community-zabbix-1.5.1.tar.gz
#ansible-galaxy collection install ./community-zabbix-1.5.1.tar.gz
ansible-galaxy collection install community.zabbix:1.5.1

export ZABBIX_USER=Admin    
export ZABBIX_PASSWORD=zabbix
export ZABBIX_VERISON="6.0.5"

mkdir /tmp/zabbix/templates/app/gateway -p  #把模板放到目录下,支持xml和json格式的模板

cd /tmp/
tar cvzf zabbix-templates-${ZABBIX_VERISON}.tar.gz zabbix/templates/
cd /tmp/import-default-zabbix-templates

vi /tmp/import-default-zabbix-templates/vars/vars.yml
#修改vars/vars.yml下的变量
server_url: http://192.168.11.101:8080     #修改此值为zabbix的真实IP
validate_certs: no

cd /tmp/import-default-zabbix-templates

bash -x import-zabbix-templates.sh

十七、zabbix_proxy
#zabbix_porxy与zabbix部署在不同的服务器上

mkdir /data/zabbix/zabbix_proxy -p && cd /data/zabbix/zabbix_proxy

cat > start.sh << 'EOF'
#!/bin/bash
docker rm -f zabbix_proxy

cd `dirname $0`

docker run -d \
--name zabbix_proxy \
--restart always \
-p 10061:10051 \
--add-host=zabbix-server:192.168.11.101 \
-v /etc/localtime:/etc/localtime:ro \
-v `pwd`/data/externalscripts:/usr/lib/zabbix/externalscripts:ro \
-v `pwd`/data/modules:/var/lib/zabbix/modules:ro \
-v `pwd`/data/enc:/var/lib/zabbix/enc:ro \
-v `pwd`/data/ssh_keys:/var/lib/zabbix/ssh_keys:ro \
-v `pwd`/data/mibs:/var/lib/zabbix/mibs:ro \
-v `pwd`/data/snmptraps:/var/lib/zabbix/snmptraps:rw \
-e ZBX_HOSTNAME=zabbix-proxy-sqlite3 \
-e ZBX_PROXYMODE=0 \
-e ZBX_SERVER_HOST=zabbix-server \
-e ZBX_SERVER_PORT=10051 \
-e ZBX_TIMEOUT=30 \
zabbix/zabbix-proxy-sqlite3:alpine-6.0-latest
EOF

bash start.sh

配置代理:
管理–》》agent代理程序–》》创建代理
在这里插入图片描述
agent代理程序名称:zabbix-proxy-sqlite3 #与zabbix_proxy的配置ZBX_HOSTNAME对应一致
在这里插入图片描述

十八、psk加密

#生成psk密码

openssl rand -hex 32  > /etc/zabbix/zabbix_agent2.d/zabbix.psk

#配置zabbix-agent2
vi /etc/zabbix/zabbix-agent2.conf

TLSConnect=psk
TLSAccept=psk
TLSPSKIdentity=PSK 001
TLSPSKFile=/etc/zabbix/zabbix_agent2.d/zabbix.psk

#配置服务器上的”主机加密项“
在这里插入图片描述
配置成功后会出现以下提示
在这里插入图片描述
十九、证书有效期监控
有多个域名监控,就建多个hosts
在这里插入图片描述
添加宏 {$CERT.WEBSITE.HOSTNAME} https://www.21cn.com
在这里插入图片描述
在这里插入图片描述

二十、钉钉告警(webhook)
参考: https://blog.csdn.net/lyace2010/article/details/124744970
zabbix(6.2)

var Ding = { 
    url: null, //带access_token的URL
    at_all: true, //是否@所有人
    title: null, //标题
    message: null, //消息内容
    user_info: null, //@的用户
    proxy: null,  //代理
    sendMessage: function(){ 
        // 提交数据
        var params = {
            msgtype: 'markdown',
            markdown: {
                title: Ding.title,
                text: Ding.message
            },
            at: {
                atMobiles: [
                    Ding.user_info,
                ],
                isAtAll: Ding.at_all
            }
        },
        data, //格式化后的提交数据
        response, //响应对象
        request = new HttpRequest(); //新建http请求
        
        if(Ding.proxy){ //判断代理
            request.setProxy(Ding.proxy);
        }
        request.addHeader('Content-Type: application/json; charset=UTF-8'); //添加http头

        // 格式化数据
        data = JSON.stringify(params);
        Zabbix.log(4, "url: " + Ding.url);
        Zabbix.log(4, "params: " + data);
        
        response = request.post(Ding.url, data); //发送请求
        Zabbix.log(4, "http code: " + request.getStatus());
        // 格式化响应
        try{
            response = JSON.parse(response);
        }catch(error){
            response = null;
        }
        // 判断http响应是否为200   钉钉服务器响应是否无错误
        if(request.getStatus() !== 200 || response.errcode !== 0){
            if(typeof response.errmsg === "string"){
                Zabbix.log(4, "error: " + JSON.stringify(response));
                throw JSON.stringify(response);
            }else{
                throw "unknown error.";
            }
        }
    },
};
try{
    var params = JSON.parse(value); //格式化脚本参数

    if(typeof params.URL === "undefined"){ //验证URL参数
        throw 'parameter "URL" is missing';
    }
    if(typeof params.To === "undefined"){ //验证To参数
        throw 'parameter "To" is missing';
    }
    if(typeof params.Message === "undefined"){  //验证Message参数
        throw 'parameter "Message" is missing';
    }
    if(typeof params.Subject === "undefined"){  //验证Subject参数
        throw 'parameter "Message" is missing';
    }
    
    // 验证All参数 判断是否@所有人
    if(params.All){
        Ding.at_all = true;
    }else{
        Ding.at_all = false;
    }
    // 验证代理 是否添加代理
    if(params.HTTPProxy){
        Ding.proxy = params.HTTPProxy;
    }
    // 参数赋值
    Ding.url = params.URL;
    Ding.message = params.Message;
    Ding.user_info = params.To;
    Ding.title = params.Subject;
    // 发送请求
    Ding.sendMessage(); 
    return "OK"; 
}catch(error){
    Zabbix.log(4, "sending failed: " + error);
    throw "sending failed: " + error + ".";
}
Logo

权威|前沿|技术|干货|国内首个API全生命周期开发者社区

更多推荐