本文主要介紹如何讓PRTG網絡監控系統通過企業微信webhook接口發送告警信息
效果就是這樣子的↑
PRTG簡介
https://www.cn.paessler.com/
產品主頁
企業微信簡介
https://work.weixin.qq.com/
產品主頁
實現原理
1、PRTG監控系統可以自定義告警通知方式,例如調用本地bat腳本或者python腳本。
2、企業微信支持通過webhook接口接收信息。
部署方式
一、企業微信端操作
拉上相關人員建個羣,創建一個小機器人。
最重要的是記錄下webhook的接口地址
心情好的話,還可以給小機器人改個頭像。
二、PRTG端操作
1、寫Python
很簡單的一段Python代碼,不懂的拿去直接用就好。
PRTG安裝完成之後,會自動安裝python2.7。也可以自行安裝python3.8。本案例需要
pip install urllib
pip install requests
pip install json
看CSDN的都是有python基礎的同學哈,直接上python代碼
import json
import urllib
import requests
import sys
import datetime
def wechatwork_robot():
now_time = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
paramsList =[ "", "探針設備:","設備羣組:","節點:", "傳感器名稱:" , "現在狀態:","停機時間:","附加消息:","參數8:","參數9:" ]
#這裏定義需要在告警中顯示的字段標題,順序與PRTG傳參進來的參數順序保持一致
content = ""
headers = {"Content-Type": "text/plain"}
for i in range(len(sys.argv)):
if i>0:
content = content +"<font color=\"comment\">"+paramsList[i]+"</font>"+sys.argv[i]+"\n"
#循環將傳入的參數與參數名稱標題合併成一個字符串
data = {
"msgtype": "markdown",
"markdown": {
"content": "**<font color=\"info\">【PTRG微信小機器人】</font>**\n**通知時間:"+ now_time +"**\n"+ content,
}
}
r = requests.post(url='https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=693a91f6-7xxx-4bc4-97a0-0ec2sifa5aaa',headers=headers, json=data)
#這裏的URL字段粘上前面小機器人的真實webhook接口地址
print(r.text)
wechatwork_robot()
2、寫個BAT腳本調用這個Python
PRTG直接調用python使用內置的python2.7的解釋器,由於這個程序是基於python 3.7調用的,因此需要通過bat腳本調用python3.7
@echo off
"C:\Users\Administrator\AppData\Local\Programs\Python\Python37\python.exe" "C:\Program Files (x86)\PRTG Network Monitor\Notifications\EXE\wechat_webhook.py" %1 %2 %3 %4 %5 %6 %7 %8 %9
然後,把剛纔寫好的python和bat腳本,通通丟到
C:\Program Files (x86)\PRTG Network Monitor\Notifications\EXE\
目錄下
2、配置PRTG通知模板
登錄PRTG,進入設置->賬戶設置->通知模板
點亮“執行程序”,程序文件選擇剛剛我們寫好的bat腳本
參數欄,根據剛纔python腳本中規定的順序,按照你的喜好填寫需要在告警通知中顯示的字段。
paramsList =[ “”, “探針設備:”,“設備羣組:”,“節點:”, “傳感器名稱:” , “現在狀態:”,“停機時間:”,“附加消息:”,“參數8:”,“參數9:” ]
PRTG在通知告警的時候,會有三種類型的告警,分別是:
傳感器出現停機時立即發送的,停機通知
傳感器保持停機狀態時,按照用戶定義每隔幾分鐘發送的,重複通知
傳感器恢復正常狀態時發送的,恢復通知
針對這三種通知的通知模板,我定義的是不太一樣的,具體如下:
停機通知
“%probe” “%group” “%device” “%name” “%status” “%lastdown” “%message”
重複通知
“【停機未恢復】%probe” “%group” “%device” “%name” “%status” “%lastdown” “%message”
恢復通知
“%probe” “%group” “%device” “%name” “%status” “%down” “%message”
收到的消息類型也是略有不同
PRTG可以傳遞的參數非常豐富,具體包含以下可用參數
| Placeholder | Contains | Synonym | Version/Usage Comment |
|---|---|---|---|
| %colorofstate | Color of the current object status (HTML hex code) | Might not work in older versions | |
| %company | Paessler’s copyright string | ||
| %comments | Comments entered for the sensor | %commentssensor | As of PRTG 15.4.21: resolved placeholders contain the heading Sensor Comments |
| %commentssensor | Comments entered for the sensor | %comments | As of PRTG 15.4.21: resolved placeholders contain the heading Sensor Comments |
| %commentsdevice | Comments entered for the parent device | As of PRTG 15.4.21: resolved placeholders contain the heading Device Comments | |
| %commentsgroup | Comments entered for the parent group | As of PRTG 15.4.21: resolved placeholders contain the heading Group Comments | |
| %commentsprobe | Comments entered for the parent probe | Available as of PRTG 12.4;as of PRTG 15.4.21: resolved placeholders contain the heading Probe Comments | |
| %coverage | Covered time span | Might not work in older versions | |
| %cumsince | Since when data has been accumulated | ||
| %date | Event’s date, in user’s timezone | ||
| %datetime | Event’s date and time, in user’s timezone | ||
| %device | Name of the device in which the event was triggered | %server | |
| %deviceid | ID number of the device in which the event was triggered | As of PRTG 7.3.2 | |
| %down | Time the item was down | ||
| %downtime | Accumulated downtime | ||
| %group | Group in which the event was triggered | ||
| %groupid | ID number of the group in which the event was triggered | As of PRTG 7.3.2 | |
| %history | History of sensor events | ||
| %home | PRTG web server URL | ||
| %host | IP or DNS name of the device that triggered the event | Can be used as Agent IP in SNMP Trap notifications sent by PRTG (as of PRTG 13.x.7) | |
| %iconofstate | Filename incl. extension of the icon for the current object status | Might not work in older versions | |
| %lastcheck | When was the sensor’s last scan | ||
| %lastdown | When was the sensor down for the last time | ||
| %lastmessage | What message did the sensor send the last time | %message | |
| %lastup | When was the sensor up for the last time | ||
| %lastvalue | What value did the sensor send the last time | ||
| %linkprobe | URL of the probe that triggered the event | Might not work in older versions | |
| %linkgroup | URL of the group that triggered the event | Might not work in older versions | |
| %linkdevice | URL of the device that triggered the event | Might not work in older versions | |
| %linksensor | the URL of the sensor that triggered the event | Might not work in older versions | |
| %location | Location of the device/server for which the event was triggered | ||
| %message | Which message did the sensor send the last time | %lastmessage | |
| %name | Name of the sensor that triggered the event (including sensor type) | %sensor | |
| %nodename | Name of the node if in a cluster | Might not work in older versions | |
| %objecttags | All tags of a sensor | Available as of PRTG 20.1.56 | |
| %parenttags | All tags of a sensor’s parent objects | Available as of PRTG 20.1.56 | |
| %prio | Sensor priority setting | %priority | |
| %priority | Sensor priority setting | %prio | |
| %probe | Probe under which the event was triggered | ||
| %probeid | ID number of the probe under which the event was triggered | As of PRTG 7.3.2 | |
| %programname | PRTG official name | ||
| %programversion | PRTG program version | ||
| %sensor | Name of the sensor that triggered the event (including sensor type) | %name | |
| %sensorid | ID number of the sensor that triggered the event | As of PRTG 7.3.2 | |
| %server | Name of the device under which the event was triggered | %device | |
| %serviceurl | Service URL configured for the device under which the event was triggered | As of PRTG 9.1 | |
| %settings | Miscellaneous sensor settings, such as username for Windows, http, pop3 credentials, etc | ||
| %shortname | Name of the sensor that triggered the event | As of PRTG 7.1 | |
| %since | Since when the current status is active | %statesince | |
| %sitename | PRTG web server (computer) name | ||
| %statesince | Since when the current status is active | %since | |
| %status | Old sensor status and current sensor status | ||
| %summarycount | Returns the number of events triggered during the defined time span | For summarized notifications only | |
| %syslogerrors | Max. last 20 syslog entries before the notification trigger | As of PRTG 14.x.10;works with Syslog Receiver sensors; can be used in the “message” part of Send Email notifications only! | |
| %syslogmessages | Max. last 20 syslog entries before the notification trigger | As of PRTG 14.x.12;works with Syslog Receiver sensors; can be used in the “message” part of Send Email notifications only! | |
| %syslogwarnings | Max. last 20 syslog entries before the notification trigger | As of PRTG 14.x.10;works with Syslog Receiver sensors; can be used in the “message” part of Send Email notifications only! | |
| %systemdatetime | Date and time when the notification was sent, in user’s timezone | ||
| %tags | All tags of a sensor and its parent objects | Available as of PRTG 20.1.56 | |
| %time | Event’s time, in user’s timezone | ||
| %timezone | User’s timezone name | ||
| %toaddress | Address to which the notification was sent | ||
| %traperrors | Max. last 20 trap entries before the notification trigger | As of PRTG 14.x.10;Works with SNMP Trap Receiver sensors; can be used in the “message” part of Send Email notifications only! | |
| %trapmessages | Max. last 20 trap entries before the notification trigger | As of PRTG 14.x.12;works with SNMP Trap Receiver sensors; can be used in the “message” part of Send Email notifications only! | |
| %trapwarnings | Max. last 20 trap entries before the notification trigger | As of PRTG 14.x.10;works with SNMP Trap Receiver sensors; can be used in the “message” part of Send Email notifications only! | |
| %uptime | Accumulated uptime |
最後,我們需要對需要告警的設備配置通知觸發器,可以直接在“root節點”設置通知觸發器,然後所有子節點會繼承該設置。
搞定!
最後,簡單介紹一下企業微信的webhook接口(選讀)
如何使用羣機器人
在終端某個羣組添加機器人之後,可以獲取到webhook地址,然後開發者用戶按以下說明構造post data向這個地址發起HTTP POST 請求,即可實現給該羣組發送消息。下面舉個簡單的例子.
- 假設webhook是:https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=693a91f6-7xxx-4bc4-97a0-0ec2sifa5aaa
特別特別要注意:一定要保護好機器人的webhook地址,避免泄漏!不要分享到github、博客等可被公開查閱的地方,否則壞人就可以用你的機器人來發垃圾消息了。
以下是用curl工具往羣組推送文本消息的示例(注意要將url替換成你的機器人webhook地址,content必須是utf8編碼):
curl 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=693axxx6-7aoc-4bc4-97a0-0ec2sifa5aaa' \
-H 'Content-Type: application/json' \
-d '
{
"msgtype": "text",
"text": {
"content": "hello world"
}
}'
消息類型及數據格式
文本類型
{
"msgtype": "text",
"text": {
"content": "廣州今日天氣:29度,大部分多雲,降雨概率:60%",
"mentioned_list":["wangqing","@all"],
"mentioned_mobile_list":["13800001111","@all"]
}
}
| 參數 | 是否必填 | 說明 |
|---|---|---|
| msgtype | 是 | 消息類型,此時固定爲text |
| content | 是 | 文本內容,最長不超過2048個字節,必須是utf8編碼 |
| mentioned_list | 否 | userid的列表,提醒羣中的指定成員(@某個成員),@all表示提醒所有人,如果開發者獲取不到userid,可以使用mentioned_mobile_list |
| mentioned_mobile_list | 否 | 手機號列表,提醒手機號對應的羣成員(@某個成員),@all表示提醒所有人 |
markdown類型
{
"msgtype": "markdown",
"markdown": {
"content": "實時新增用戶反饋<font color=\"warning\">132例</font>,請相關同事注意。\n
>類型:<font color=\"comment\">用戶反饋</font>
>普通用戶反饋:<font color=\"comment\">117例</font>
>VIP用戶反饋:<font color=\"comment\">15例</font>"
}
}
更多詳細的介紹,下面是企業微信官方API接口文檔
https://work.weixin.qq.com/api/doc/90000/90136/91770