设置报警策略
-
报警策略设置
根据上一章zabbix的配置,notify将接收的报警信息进行分析,设置报警策略- 报警级别 level
- 报警类别 category
- 报警地址 IP
- 报警内容 content
- 接收联系人 contact
需求
根据报警类别,设置报警发送策略为每小时发送五条,一小时内接收报警超过一百条,发送一次汇总信息:
#表信息 alerts 报警信息接收表 alerts_sender 发送到微信的报警信息表 #调用 外部函数 get_alert_sender_by_feature() 获取发送微信的报警表信息 get_alert_by_feature() 获取报警接收表信息 common.now() 获取当前时间并按格式化策略函数 verify_send2
def verify_send2(context, keyword, level, category): log.info("Verify_Send2: ==>> {0}".format(context)) category_sended = api.get_alert_sender_by_feature( context, category=category) log.info( "[%(sn)s] Filter by (%(keyword)s, %(category)s) Return Rows: %(num)s" % \ {"sn": 'verify_send2', "keyword": keyword, "category": category, "num": len(category_sended)}) if not category_sended: log.info("[%(sn)s] Alarm category is first, send it." % context) return {"send": True, "category_batch": False, "recovery": False} active_alert = filter(lambda x: not x.deleted and x.state, category_sended) nearest = sorted(active_alert, key=lambda x: x.created_at)[ -1] nearest5 = sorted(active_alert, key=lambda x: x.created_at, reverse=True)[ -1] # 计算与最近一次的报警发生的时间差, 一小时发一次汇总 timing = (common.now() - nearest.created_at).seconds if active_alert: same_problem = filter( lambda x: x.category == category, active_alert) if len(same_problem) >= 5: # 同类型的未恢复的报警大于等于5,不发送 print(len(same_problem)) if len(same_problem) == 5: return {"send": True, "recovery": False, "category_batch": True, "same": same_problem} else: if 60 <= timing: # 符合平均周期,不在发出 log.info( "[%(sn)s] Alarm recovery time line match not send.") category_match = api.get_alert_by_feature(context, keyword, category=category) category_match = filter( lambda x: x.created_at >= nearest5.created_at, category_match) if len(category_match) > 10: start_end = str(nearest.created_at) + '--' + str(common.now()) return {"send": False, "recovery": False, "category_batch": True, "category_match": filter(lambda x:x.ip, category_match), "summary": True, "strat_end": start_end} else: start_end = str(nearest.created_at) + '--' + str(common.now()) category_match = api.get_alert_by_feature(context, keyword, category=category) category_match = filter(lambda x:x.created_at >= nearest5.created_at, category_match) return {"send": False, "recovery": False, "category_batch": True, "category_match": len(category_match), "summary": True, "strat_end": start_end} same_problem = sorted(same_problem, key=lambda x: x.created_at, reverse=True) return {"send": False, "recovery": True, "category_batch": True, "same": same_problem} else: return {"send": True, "recovery": False, "category_batch": True, "same": same_problem} else: return {"send": True, "recovery": False, "category_batch": True}在主发送函数中调用verify_send2 函数进行过滤即可;
