【逗老师带你学IT】PRTG监控系统通过企业微信推送告警消息
效果就是这样子的↑
PRTG简介
https://www.cn.paessler.com/
产品主页
企业微信简介
https://work.weixin.qq.com/
产品主页
实现原理
1、PRTG监控系统可以自定义告警通知方式,例如调用本地bat脚本或者python脚本。
2、企业微信支持通过webhook接口接收信息。
部署方式
一、企业微信端操作
拉上相关人员建个群,创建一个小机器人。
最重要的是记录下webhook的接口地址
![在这里插入图片描述](https://img-blog.csdnimg.cn/20200308154834496.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3l0bHpxMDIyOA==,size_16,color_FFFFFF,t_70 =400x)
心情好的话,还可以给小机器人改个头像。
二、PRTG端操作
1、写Python
很简单的一段Python代码,不懂的拿去直接用就好。
PRTG安装完成之后,会自动安装python2.7。也可以自行安装python3.8。本案例需要
pip install urllib
pip install requests
pip install json
看CSDN的都是有python基础的同学哈,直接上python代码
import json
import urllib
import requests
import sys
import datetime
def wechatwork_robot():
now_time = datetime.datetime.now().strftime(‘%Y-%m-%d %H:%M:%S‘)
paramsList =[ "", "探针设备:","设备群组:","节点:", "传感器名称:" , "现在状态:","停机时间:","附加消息:","参数8:","参数9:" ]
#这里定义需要在告警中显示的字段标题,顺序与PRTG传参进来的参数顺序保持一致
content = ""
headers = {"Content-Type": "text/plain"}
for i in range(len(sys.argv)):
if i>0:
content = content +"<font color=\"comment\">"+paramsList[i]+"</font>"+sys.argv[i]+"\n"
#循环将传入的参数与参数名称标题合并成一个字符串
data = {
"msgtype": "markdown",
"markdown": {
"content": "**<font color=\"info\">【PTRG微信小机器人】</font>**\n**通知时间:"+ now_time +"**\n"+ content,
}
}
r = requests.post(url=‘https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=693a91f6-7xxx-4bc4-97a0-0ec2sifa5aaa‘,headers=headers, json=data)
#这里的URL字段粘上前面小机器人的真实webhook接口地址
print(r.text)
wechatwork_robot()
2、写个BAT脚本调用这个Python
PRTG直接调用python使用内置的python2.7的解释器,由于这个程序是基于python 3.7调用的,因此需要通过bat脚本调用python3.7
@echo off
"C:\Users\Administrator\AppData\Local\Programs\Python\Python37\python.exe" "C:\Program Files (x86)\PRTG Network Monitor\Notifications\EXE\wechat_webhook.py" %1 %2 %3 %4 %5 %6 %7 %8 %9
然后,把刚才写好的python和bat脚本,通通丢到
C:\Program Files (x86)\PRTG Network Monitor\Notifications\EXE\
目录下
2、配置PRTG通知模板
登录PRTG,进入设置->账户设置->通知模板
点亮“执行程序”,程序文件选择刚刚我们写好的bat脚本
参数栏,根据刚才python脚本中规定的顺序,按照你的喜好填写需要在告警通知中显示的字段。
paramsList =[ "", "探针设备:","设备群组:","节点:", "传感器名称:" , "现在状态:","停机时间:","附加消息:","参数8:","参数9:" ]
PRTG在通知告警的时候,会有三种类型的告警,分别是:
传感器出现停机时立即发送的,停机通知
传感器保持停机状态时,按照用户定义每隔几分钟发送的,重复通知
传感器恢复正常状态时发送的,恢复通知
针对这三种通知的通知模板,我定义的是不太一样的,具体如下:
停机通知
"%probe" "%group" "%device" "%name" "%status" "%lastdown" "%message"
重复通知
"【停机未恢复】%probe" "%group" "%device" "%name" "%status" "%lastdown" "%message"
恢复通知
"%probe" "%group" "%device" "%name" "%status" "%down" "%message"
收到的消息类型也是略有不同
![在这里插入图片描述](https://img-blog.csdnimg.cn/20200308163527988.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3l0bHpxMDIyOA==,size_16,color_FFFFFF,t_70 =300x)
![在这里插入图片描述](https://img-blog.csdnimg.cn/2020030822214345.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3l0bHpxMDIyOA==,size_16,color_FFFFFF,t_70 =450x)
PRTG可以传递的参数非常丰富,具体包含以下可用参数
Placeholder | Contains | Synonym | Version/Usage Comment |
---|---|---|---|
%colorofstate | Color of the current object status (HTML hex code) | Might not work in older versions | |
%company | Paessler‘s copyright string | ||
%comments | Comments entered for the sensor | %commentssensor | As of PRTG 15.4.21: resolved placeholders contain the heading Sensor Comments |
%commentssensor | Comments entered for the sensor | %comments | As of PRTG 15.4.21: resolved placeholders contain the heading Sensor Comments |
%commentsdevice | Comments entered for the parent device | As of PRTG 15.4.21: resolved placeholders contain the heading Device Comments | |
%commentsgroup | Comments entered for the parent group | As of PRTG 15.4.21: resolved placeholders contain the heading Group Comments | |
%commentsprobe | Comments entered for the parent probe | Available as of PRTG 12.4;as of PRTG 15.4.21: resolved placeholders contain the heading Probe Comments | |
%coverage | Covered time span | Might not work in older versions | |
%cumsince | Since when data has been accumulated | ||
%date | Event‘s date, in user‘s timezone | ||
%datetime | Event‘s date and time, in user‘s timezone | ||
%device | Name of the device in which the event was triggered | %server | |
%deviceid | ID number of the device in which the event was triggered | As of PRTG 7.3.2 | |
%down | Time the item was down | ||
%downtime | Accumulated downtime | ||
%group | Group in which the event was triggered | ||
%groupid | ID number of the group in which the event was triggered | As of PRTG 7.3.2 | |
%history | History of sensor events | ||
%home | PRTG web server URL | ||
%host | IP or DNS name of the device that triggered the event | Can be used as Agent IP in SNMP Trap notifications sent by PRTG (as of PRTG 13.x.7) | |
%iconofstate | Filename incl. extension of the icon for the current object status | Might not work in older versions | |
%lastcheck | When was the sensor‘s last scan | ||
%lastdown | When was the sensor down for the last time | ||
%lastmessage | What message did the sensor send the last time | %message | |
%lastup | When was the sensor up for the last time | ||
%lastvalue | What value did the sensor send the last time | ||
%linkprobe | URL of the probe that triggered the event | Might not work in older versions | |
%linkgroup | URL of the group that triggered the event | Might not work in older versions | |
%linkdevice | URL of the device that triggered the event | Might not work in older versions | |
%linksensor | the URL of the sensor that triggered the event | Might not work in older versions | |
%location | Location of the device/server for which the event was triggered | ||
%message | Which message did the sensor send the last time | %lastmessage | |
%name | Name of the sensor that triggered the event (including sensor type) | %sensor | |
%nodename | Name of the node if in a cluster | Might not work in older versions | |
%objecttags | All tags of a sensor | Available as of PRTG 20.1.56 | |
%parenttags | All tags of a sensor‘s parent objects | Available as of PRTG 20.1.56 | |
%prio | Sensor priority setting | %priority | |
%priority | Sensor priority setting | %prio | |
%probe | Probe under which the event was triggered | ||
%probeid | ID number of the probe under which the event was triggered | As of PRTG 7.3.2 | |
%programname | PRTG official name | ||
%programversion | PRTG program version | ||
%sensor | Name of the sensor that triggered the event (including sensor type) | %name | |
%sensorid | ID number of the sensor that triggered the event | As of PRTG 7.3.2 | |
%server | Name of the device under which the event was triggered | %device | |
%serviceurl | Service URL configured for the device under which the event was triggered | As of PRTG 9.1 | |
%settings | Miscellaneous sensor settings, such as username for Windows, http, pop3 credentials, etc | ||
%shortname | Name of the sensor that triggered the event | As of PRTG 7.1 | |
%since | Since when the current status is active | %statesince | |
%sitename | PRTG web server (computer) name | ||
%statesince | Since when the current status is active | %since | |
%status | Old sensor status and current sensor status | ||
%summarycount | Returns the number of events triggered during the defined time span | For summarized notifications only | |
%syslogerrors | Max. last 20 syslog entries before the notification trigger | As of PRTG 14.x.10;works with Syslog Receiver sensors; can be used in the "message" part of Send Email notifications only! | |
%syslogmessages | Max. last 20 syslog entries before the notification trigger | As of PRTG 14.x.12;works with Syslog Receiver sensors; can be used in the "message" part of Send Email notifications only! | |
%syslogwarnings | Max. last 20 syslog entries before the notification trigger | As of PRTG 14.x.10;works with Syslog Receiver sensors; can be used in the "message" part of Send Email notifications only! | |
%systemdatetime | Date and time when the notification was sent, in user‘s timezone | ||
%tags | All tags of a sensor and its parent objects | Available as of PRTG 20.1.56 | |
%time | Event‘s time, in user‘s timezone | ||
%timezone | User‘s timezone name | ||
%toaddress | Address to which the notification was sent | ||
%traperrors | Max. last 20 trap entries before the notification trigger | As of PRTG 14.x.10;Works with SNMP Trap Receiver sensors; can be used in the "message" part of Send Email notifications only! | |
%trapmessages | Max. last 20 trap entries before the notification trigger | As of PRTG 14.x.12;works with SNMP Trap Receiver sensors; can be used in the "message" part of Send Email notifications only! | |
%trapwarnings | Max. last 20 trap entries before the notification trigger | As of PRTG 14.x.10;works with SNMP Trap Receiver sensors; can be used in the "message" part of Send Email notifications only! | |
%uptime | Accumulated uptime |
最后,我们需要对需要告警的设备配置通知触发器,可以直接在“root节点”设置通知触发器,然后所有子节点会继承该设置。
搞定!
最后,简单介绍一下企业微信的webhook接口(选读)
如何使用群机器人
在终端某个群组添加机器人之后,可以获取到webhook地址,然后开发者用户按以下说明构造post data向这个地址发起HTTP POST 请求,即可实现给该群组发送消息。下面举个简单的例子.
- 假设webhook是:https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=693a91f6-7xxx-4bc4-97a0-0ec2sifa5aaa
特别特别要注意:一定要保护好机器人的webhook地址,避免泄漏!不要分享到github、博客等可被公开查阅的地方,否则坏人就可以用你的机器人来发垃圾消息了。
以下是用curl工具往群组推送文本消息的示例(注意要将url替换成你的机器人webhook地址,content必须是utf8编码):
curl ‘https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=693axxx6-7aoc-4bc4-97a0-0ec2sifa5aaa‘ -H ‘Content-Type: application/json‘ -d ‘
{
"msgtype": "text",
"text": {
"content": "hello world"
}
}‘
消息类型及数据格式
文本类型
{
"msgtype": "text",
"text": {
"content": "广州今日天气:29度,大部分多云,降雨概率:60%",
"mentioned_list":["wangqing","@all"],
"mentioned_mobile_list":["13800001111","@all"]
}
}
参数 | 是否必填 | 说明 |
---|---|---|
msgtype | 是 | 消息类型,此时固定为text |
content | 是 | 文本内容,最长不超过2048个字节,必须是utf8编码 |
mentioned_list | 否 | userid的列表,提醒群中的指定成员(@某个成员),@all表示提醒所有人,如果开发者获取不到userid,可以使用mentioned_mobile_list |
mentioned_mobile_list | 否 | 手机号列表,提醒手机号对应的群成员(@某个成员),@all表示提醒所有人 |
![在这里插入图片描述](https://img-blog.csdnimg.cn/20200308160041310.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3l0bHpxMDIyOA==,size_16,color_FFFFFF,t_70 =300x )
markdown类型
{
"msgtype": "markdown",
"markdown": {
"content": "实时新增用户反馈<font color=\"warning\">132例</font>,请相关同事注意。\n
>类型:<font color=\"comment\">用户反馈</font>
>普通用户反馈:<font color=\"comment\">117例</font>
>VIP用户反馈:<font color=\"comment\">15例</font>"
}
}
![在这里插入图片描述](https://img-blog.csdnimg.cn/20200308160227332.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3l0bHpxMDIyOA==,size_16,color_FFFFFF,t_70 =300x)
更多详细的介绍,下面是企业微信官方API接口文档
https://work.weixin.qq.com/api/doc/90000/90136/91770