本文主要介绍如何让PRTG网络监控系统通过企业微信webhook接口发送告警信息
效果就是这样子的↑
PRTG简介
https://www.cn.paessler.com/
产品主页
企业微信简介
https://work.weixin.qq.com/
产品主页
实现原理
1、PRTG监控系统可以自定义告警通知方式,例如调用本地bat脚本或者python脚本。
2、企业微信支持通过webhook接口接收信息。
部署方式
一、企业微信端操作
拉上相关人员建个群,创建一个小机器人。
最重要的是记录下webhook的接口地址
心情好的话,还可以给小机器人改个头像。
二、PRTG端操作
1、写Python
很简单的一段Python代码,不懂的拿去直接用就好。
PRTG安装完成之后,会自动安装python2.7。也可以自行安装python3.8。本案例需要
pip install urllib
pip install requests
pip install json
看CSDN的都是有python基础的同学哈,直接上python代码
import json
import urllib
import requests
import sys
import datetime
def wechatwork_robot():
now_time = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
paramsList =[ "", "探针设备:","设备群组:","节点:", "传感器名称:" , "现在状态:","停机时间:","附加消息:","参数8:","参数9:" ]
#这里定义需要在告警中显示的字段标题,顺序与PRTG传参进来的参数顺序保持一致
content = ""
headers = {"Content-Type": "text/plain"}
for i in range(len(sys.argv)):
if i>0:
content = content +""+paramsList[i]+""+sys.argv[i]+"
"
#循环将传入的参数与参数名称标题合并成一个字符串
data = {
"msgtype": "markdown",
"markdown": {
"content": "**【PTRG微信小机器人】**
**通知时间:"+ now_time +"**
"+ content,
}
}
r = requests.post(url='https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=693a91f6-7xxx-4bc4-97a0-0ec2sifa5aaa',headers=headers, json=data)
#这里的URL字段粘上前面小机器人的真实webhook接口地址
#安全部的不要研究了,这个地址肯定不是真的
print(r.text)
wechatwork_robot()
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
2、写个BAT脚本调用这个Python
PRTG直接调用python使用内置的python2.7的解释器,由于这个程序是基于python 3.7调用的,因此需要通过bat脚本调用python3.7
@echo off
"C:UsersAdministratorAppDataLocalProgramsPythonPython37python.exe" "C:Program Files (x86)PRTG Network MonitorNotificationsEXEwechat_webhook.py" %1 %2 %3 %4 %5 %6 %7 %8 %9
- 1
- 2
然后,把刚才写好的python和bat脚本,通通丢到
C:Program Files (x86)PRTG Network MonitorNotificationsEXE
目录下
2、配置PRTG通知模板
登录PRTG,进入设置->账户设置->通知模板
点亮“执行程序”,程序文件选择刚刚我们写好的bat脚本
参数栏,根据刚才python脚本中规定的顺序,按照你的喜好填写需要在告警通知中显示的字段。
paramsList =[ “”, “探针设备:”,“设备群组:”,“节点:”, “传感器名称:” , “现在状态:”,“停机时间:”,“附加消息:”,“参数8:”,“参数9:” ]
PRTG在通知告警的时候,会有三种类型的告警,分别是:
传感器出现停机时立即发送的,停机通知
传感器保持停机状态时,按照用户定义每隔几分钟发送的,重复通知
传感器恢复正常状态时发送的,恢复通知
针对这三种通知的通知模板,我定义的是不太一样的,具体如下:
停机通知
“%probe” “%group” “%device” “%name” “%status” “%lastdown” “%message”
重复通知
“【停机未恢复】%probe” “%group” “%device” “%name” “%status” “%lastdown” “%message”
恢复通知
“%probe” “%group” “%device” “%name” “%status” “%down” “%message”
收到的消息类型也是略有不同
PRTG可以传递的参数非常丰富,具体包含以下可用参数
| Placeholder | Contains | Synonym | Version/Usage Comment |
|---|---|---|---|
| %colorofstate | Color of the current object status (HTML hex code) | Might not work in older versions | |
| %company | Paessler’s copyright string | ||
| %comments | Comments entered for the sensor | %commentssensor | As of PRTG 15.4.21: resolved placeholders contain the heading Sensor Comments |
| %commentssensor | Comments entered for the sensor | %comments | As of PRTG 15.4.21: resolved placeholders contain the heading Sensor Comments |
| %commentsdevice | Comments entered for the parent device | As of PRTG 15.4.21: resolved placeholders contain the heading Device Comments | |
| %commentsgroup | Comments entered for the parent group | As of PRTG 15.4.21: resolved placeholders contain the heading Group Comments | |
| %commentsprobe | Comments entered for the parent probe | Available as of PRTG 12.4;as of PRTG 15.4.21: resolved placeholders contain the heading Probe Comments | |
| %coverage | Covered time span | Might not work in older versions | |
| %cumsince | Since when data has been accumulated | ||
| %date | Event’s date, in user’s timezone | ||
| %datetime | Event’s date and time, in user’s timezone | ||
| %device | Name of the device in which the event was triggered | %server | |
| %deviceid | ID number of the device in which the event was triggered | As of PRTG 7.3.2 | |
| %down | Time the item was down | ||
| %downtime | Accumulated downtime | ||
| %group | Group in which the event was triggered | ||
| %groupid | ID number of the group in which the event was triggered | As of PRTG 7.3.2 | |
| %history | History of sensor events | ||
| %home | PRTG web server URL | ||
| %host | IP or DNS name of the device that triggered the event | Can be used as Agent IP in SNMP Trap notifications sent by PRTG (as of PRTG 13.x.7) | |
| %iconofstate | Filename incl. extension of the icon for the current object status | Might not work in older versions | |
| %lastcheck | When was the sensor’s last scan | ||
| %lastdown | When was the sensor down for the last time | ||
| %lastmessage | What message did the sensor send the last time | %message | |
| %lastup | When was the sensor up for the last time | ||
| %lastvalue | What value did the sensor send the last time | ||
| %linkprobe | URL of the probe that triggered the event | Might not work in older versions | |
| %linkgroup | URL of the group that triggered the event | Might not work in older versions | |
| %linkdevice | URL of the device that triggered the event | Might not work in older versions | |
| %linksensor | the URL of the sensor that triggered the event | Might not work in older versions | |
| %location | Location of the device/server for which the event was triggered | ||
| %message | Which message did the sensor send the last time | %lastmessage | |
| %name | Name of the sensor that triggered the event (including sensor type) | %sensor | |
| %nodename | Name of the node if in a cluster | Might not work in older versions | |
| %objecttags | All tags of a sensor | Available as of PRTG 20.1.56 | |
| %parenttags | All tags of a sensor’s parent objects | Available as of PRTG 20.1.56 | |
| %prio | Sensor priority setting | %priority | |
| %priority | Sensor priority setting | %prio | |
| %probe | Probe under which the event was triggered | ||
| %probeid | ID number of the probe under which the event was triggered | As of PRTG 7.3.2 | |
| %programname | PRTG official name | ||
| %programversion | PRTG program version | ||
| %sensor | Name of the sensor that triggered the event (including sensor type) | %name | |
| %sensorid | ID number of the sensor that triggered the event | As of PRTG 7.3.2 | |
| %server | Name of the device under which the event was triggered | %device | |
| %serviceurl | Service URL configured for the device under which the event was triggered | As of PRTG 9.1 | |
| %settings | Miscellaneous sensor settings, such as username for Windows, http, pop3 credentials, etc | ||
| %shortname | Name of the sensor that triggered the event | As of PRTG 7.1 | |
| %since | Since when the current status is active | %statesince | |
| %sitename | PRTG web server (computer) name | ||
| %statesince | Since when the current status is active | %since | |
| %status | Old sensor status and current sensor status | ||
| %summarycount | Returns the number of events triggered during the defined time span | For summarized notifications only | |
| %syslogerrors | Max. last 20 syslog entries before the notification trigger | As of PRTG 14.x.10;works with Syslog Receiver sensors; can be used in the “message” part of Send Email notifications only! | |
| %syslogmessages | Max. last 20 syslog entries before the notification trigger | As of PRTG 14.x.12;works with Syslog Receiver sensors; can be used in the “message” part of Send Email notifications only! | |
| %syslogwarnings | Max. last 20 syslog entries before the notification trigger | As of PRTG 14.x.10;works with Syslog Receiver sensors; can be used in the “message” part of Send Email notifications only! | |
| %systemdatetime | Date and time when the notification was sent, in user’s timezone | ||
| %tags | All tags of a sensor and its parent objects | Available as of PRTG 20.1.56 | |
| %time | Event’s time, in user’s timezone | ||
| %timezone | User’s timezone name | ||
| %toaddress | Address to which the notification was sent | ||
| %traperrors | Max. last 20 trap entries before the notification trigger | As of PRTG 14.x.10;Works with SNMP Trap Receiver sensors; can be used in the “message” part of Send Email notifications only! | |
| %trapmessages | Max. last 20 trap entries before the notification trigger | As of PRTG 14.x.12;works with SNMP Trap Receiver sensors; can be used in the “message” part of Send Email notifications only! | |
| %trapwarnings | Max. last 20 trap entries before the notification trigger | As of PRTG 14.x.10;works with SNMP Trap Receiver sensors; can be used in the “message” part of Send Email notifications only! | |
| %uptime | Accumulated uptime |
最后,我们需要对需要告警的设备配置通知触发器,可以直接在“root节点”设置通知触发器,然后所有子节点会继承该设置。
搞定!
最后,简单介绍一下企业微信的webhook接口(选读)
如何使用群机器人
在终端某个群组添加机器人之后,可以获取到webhook地址,然后开发者用户按以下说明构造post data向这个地址发起HTTP POST 请求,即可实现给该群组发送消息。下面举个简单的例子.
- 假设webhook是:https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=693a91f6-7xxx-4bc4-97a0-0ec2sifa5aaa
特别特别要注意:一定要保护好机器人的webhook地址,避免泄漏!不要分享到github、博客等可被公开查阅的地方,否则坏人就可以用你的机器人来发垃圾消息了。
以下是用curl工具往群组推送文本消息的示例(注意要将url替换成你的机器人webhook地址,content必须是utf8编码):
curl 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=693axxx6-7aoc-4bc4-97a0-0ec2sifa5aaa'
-H 'Content-Type: application/json'
-d '
{
"msgtype": "text",
"text": {
"content": "hello world"
}
}'
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
消息类型及数据格式
文本类型
{
"msgtype": "text",
"text": {
"content": "广州今日天气:29度,大部分多云,降雨概率:60%",
"mentioned_list":["wangqing","@all"],
"mentioned_mobile_list":["13800001111","@all"]
}
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
| 参数 | 是否必填 | 说明 |
|---|---|---|
| msgtype | 是 | 消息类型,此时固定为text |
| content | 是 | 文本内容,最长不超过2048个字节,必须是utf8编码 |
| mentioned_list | 否 | userid的列表,提醒群中的指定成员(@某个成员),@all表示提醒所有人,如果开发者获取不到userid,可以使用mentioned_mobile_list |
| mentioned_mobile_list | 否 | 手机号列表,提醒手机号对应的群成员(@某个成员),@all表示提醒所有人 |
markdown类型
{
"msgtype": "markdown",
"markdown": {
"content": "实时新增用户反馈">132例,请相关同事注意。
>类型:">用户反馈
>普通用户反馈:">117例
>VIP用户反馈:">15例"
}
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
更多详细的介绍,下面是企业微信官方API接口文档
https://work.weixin.qq.com/api/doc/90000/90136/91770
评论记录:
回复评论: