ZabbixからSlackに通知を送る

Standard

関連かんれんリソース:
https://github.com/ericoc/zabbix-slack-alertscript
を使います。基本的きほんてきにはこちらのreadme通りに設定せっていします。

Slack側の設定
https://yemaosheng.slack.com/services/new/incoming-webhook
からincoming web hookを作成さくせいし、”Webhook URL”を確認かくにんしておきます。

テストURL:

curl -X POST --data-urlencode 'payload={"channel": "#alert", "username": "webhookbot", "text": "This is posted to #alert and comes from a bot named webhookbot.", "icon_emoji": ":ghost:"}' https://hooks.slack.com/services/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

Percona Monitoring Plugins for Zabbix3

Standard
#Install
apt-get install percona-zabbix-templates
cp /var/lib/zabbix/percona/templates/userparameter_percona_mysql.conf /etc/zabbix/zabbix_agentd.conf.d/
#Configure 
vi /var/lib/zabbix/percona/scripts/ss_get_mysql_stats.php
...
$mysql_user = 'uid';
$mysql_pass = 'pwd';
...
#Test
/var/lib/zabbix/percona/scripts/get_mysql_stats_wrapper.sh gg

zbx_percona_mysql_template

AWS Cloudwatch query script for Zabbix

Standard
#!/usr/bin/python
import boto.ec2.cloudwatch
import sys
import datetime
 
try:
    metName = sys.argv[1]
    funcName = sys.argv[2]
    dimSpace = sys.argv[3]
    region = sys.argv[4]
    accessKey = sys.argv[5]
    secretKey = sys.argv[6]
 
except:
    print "Usage: GetFromCloudwatch.py MetricName Function Dimension Region AWS_ACCESS_KEY AWS_SECRET_ACCESS_KEY"
    print "Example: GetFromCloudwatch.py FreeableMemory Average \"CacheClusterId=ElsticCacheName\" us-east-1 ACCESS_KEY SECRET_ACCESS_KEY"
    print "         GetFromCloudwatch.py CPUUtilization Average \"DBInstanceIdentifier=RDSName\" us-east-1 ACCESS_KEY SECRET_ACCESS_KEY"
    print "         GetFromCloudwatch.py ApproximateNumberOfMessagesVisible Average \"QueueName=SQSName\" us-east-1 ACCESS_KEY SECRET_ACCESS_KEY"
    sys.exit(1)
 
dim = {}
firstSplit = dimSpace.split(',')
for word in firstSplit:
    secondSplit = word.split('=')
    dim[secondSplit[0]] = secondSplit[1]
 
regions = boto.ec2.cloudwatch.regions()
 
reg = ''
for r in regions:
    if region == r.name:
        reg = r
 
c = boto.ec2.cloudwatch.CloudWatchConnection(aws_access_key_id=accessKey, aws_secret_access_key=secretKey, region=reg)
metrics = c.list_metrics(dimensions=dim)
 
end = datetime.datetime.utcnow()
start = end - datetime.timedelta(minutes=15)
 
dataPoints = [];
for met in metrics:
    if met.name == metName:
        dataPoints = met.query(start, end, funcName)
 
if len(dataPoints) > 0:
    max = datetime.datetime.utcnow() - datetime.timedelta(hours=1)
    index = 0
    for i in range(0,len(dataPoints)):
        if max < dataPoints[i][u'Timestamp']:
            max = dataPoints[i][u'Timestamp']
            index = i
    for key in dataPoints[index].keys():
        if funcName in key:
            value = dataPoints[index][key]
    print value
else:
    print 'Error! No response from Amazon.'
    sys.exit(2)

SMS and phone call from Zabbix using Twilio

Standard


vim /etc/zabbix/alert.d/zabbix-alert-sms-twilio.sh

#!/usr/bin/python
import sys
from twilio.rest import TwilioRestClient
 
# Your Account Sid and Auth Token from twilio.com/user/account
account_sid = "AC0axxxxxxxxxxxxxxxxxxxx296ae"
auth_token  = "93e4xxxxxxxxxxxxxxxxxxx63e9"
client = TwilioRestClient(account_sid, auth_token)
 
message = client.messages.create(body=sys.argv[2],
    to=sys.argv[1],
    from_="+16572338xx8") # Replace with your Twilio number
print message.sid

vim /etc/zabbix/alert.d/zabbix-alert-call-twilio.sh

#!/usr/bin/python
import sys
import urllib
from twilio.rest import TwilioRestClient
 
# Your Account Sid and Auth Token from twilio.com/user/account
account_sid = "AC0axxxxxxxxxxxxxxxxxxxx296ae"
auth_token  = "93e4xxxxxxxxxxxxxxxxxxx63e9"
client = TwilioRestClient(account_sid, auth_token)
 
TwiML="http://yemaosheng.com/getTwiML.php?say="+urllib.quote(sys.argv[2])
 
call = client.calls.create(to=sys.argv[1],
    from_="+16572338xx8",
    url=TwiML)
print call.sid

vim /var/www/html/getTwiML.php

<?xml version="1.0" encoding="UTF-8"?>
<Response>
    <Say voice="woman"><?php echo htmlspecialchars($_GET['say']); ?></Say>
    <Hangup/>
</Response>

日志监控

Standard

环境:
srv1: 172.28.201.51
srv2: 172.28.201.52
srv3: 172.28.201.53

Rsyslog安装

[yemaosheng@srv1]# yum -y install rsyslog
[yemaosheng@srv2]# yum -y install rsyslog
[yemaosheng@srv3]# yum -y install rsyslog
 
[yemaosheng@srv1]# vi /etc/rsyslog.conf
#--------add----------
#UDP
$modLoad imudp
$UDPServerRun 514
 
#TCP
#modLoad imtcp
#$InputTCPServerRun 514
 
if $fromhost-ip startswith '172.28.201.52' then /var/log/172.28.201.52.log
& ~
if $fromhost-ip startswith '172.28.201.53' then /var/log/172.28.201.53.log
& ~
*.* /var/log/syslog.log
 
[yemaosheng@srv2]# vi /etc/rsyslog.conf
#--------add----------
#UDP
*.* @172.28.201.51:514
 
#TCP
#*.* @@172.28.201.51:514

Zabbix安装配置
安装过程详见官网手册:http://www.zabbix.com/documentation/2.0/manual/installation/install
注:
1.安装后进入界面如遇“Zabbix server is running”提示,关闭selinux即可。
2.Zabbix的界面中默认将Zabbix Server本身的监控项Disable了,要打开的话请到”Configuration”->”Hosts”->”Status”

Splunk配置
Splunk是一款商业软件,每天日志小于500MB是可以免费使用。
作为商业软件,其安装和配置做得非常方便,详见官网手册:http://docs.splunk.com/Documentation/Splunk/latest/Installation/InstallonLinux

(日志接收配置)
(为特定的PHP报错设置报警)