当前位置:网站首页>利用GrayLog告警功能实现钉钉群机器人定时工作提醒
利用GrayLog告警功能实现钉钉群机器人定时工作提醒
2022-07-05 15:34:00 【yuanfan2012】
利用GrayLog告警功能实现钉钉群机器人定时工作提醒
1、GrayLog单独新建一个Syslog Input
用于接收Linux服务器系统日志
(图片可点击放大查看)
建议单独建一个Indice
(图片可点击放大查看)
并配置单独的Stream
(图片可点击放大查看)
(图片可点击放大查看)
(图片可点击放大查看)
防火墙中将Input端口放通
[[email protected] opt]# firewall-cmd --permanent --zone=public --add-port=2514/udp
success
[[email protected] opt]# firewall-cmd --reload
success2、Linux服务器系统日志接入到GrayLog
这里为了方便,直接用Graylog自身作为Linux服务器日志源
[[email protected] opt]# echo "*.* @192.168.31.127:2514;RSYSLOG_SyslogProtocol23Format" >> /etc/rsyslog.conf
[[email protected] opt]#
[[email protected] opt]# tail -n 4 /etc/rsyslog.conf
# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
#*.* @@remote-host:514
# ### end of the forwarding rule ###
*.* @192.168.31.127:2514;RSYSLOG_SyslogProtocol23Format
[[email protected] opt]#
[[email protected] opt]# systemctl restart rsyslog
(图片可点击放大查看)
3、检查日志是否正常查询
可以看到日志正常接入
(图片可点击放大查看)
4、编写定时写入系统日志的脚本及Crontab定时任务
vi replace_username.sh
#!/bin/bash
temp_day=`date +%a`
case $temp_day in
Mon)
echo "今日值班工作提醒 @张三A" > /etc/work_alert.txt;
;;
Tue)
echo "今日值班工作提醒 @李四B" > /etc/work_alert.txt;
;;
Wed)
echo "今日值班工作提醒 @王五C" > /etc/work_alert.txt;
;;
Thu)
echo "今日值班工作提醒 @袁繁(行云) " > /etc/work_alert.txt;
;;
Fri)
echo "今日值班工作提醒 @袁繁" > /etc/work_alert.txt;
;;
Sat)
echo "今日值班工作提醒 @张三F" > /etc/work_alert.txt;
;;
Sun)
echo "今日值班工作提醒 @张三G" > /etc/work_alert.txt;
;;
*)
exit;
esac
配置本月工作定时任务
crontab -e
1 0 1,2,6,7,8,9,10,13,14,15,16,17,20,21,22,23,24,27,28,29,30 * * /opt/replace_username.sh
00 17 1,2,6,7,8,9,10,13,14,15,16,17,20,21,22,23,24,27,28,29,30 * * /usr/bin/logger -f /etc/work_alert.txt
也就是6月份的工作日
1、每天0点1分自动替换/etc/work_alert.txt文件中@的人员姓名,相关每周每日轮班为不同人员
2、每天17点时执行logger -f 命令写入到系统日志中
(图片可点击放大查看)
5、配置Alert告警模板
(图片可点击放大查看)
(图片可点击放大查看)
(图片可点击放大查看)
Search Query "今日值班工作提醒" Search within the last你可以写5分钟或者更短3分钟
Execute search every建议跟Search within the last设置的时间一致
(图片可点击放大查看)
(图片可点击放大查看)
PrometheusAlert上的告警模板请自行配置
如下截图
(图片可点击放大查看)
6、手动触发日志并测试告警
[[email protected] opt]# /usr/bin/logger -f /etc/work_alert.txt
[[email protected] opt]# date
Thu Jun 9 23:21:51 CST 2022
[[email protected] opt]# cat /etc/work_alert.txt
(图片可点击放大查看)
(图片可点击放大查看)
(图片可点击放大查看)
等待5分钟观察是否可以收到告警
(图片可点击放大查看)
7、Tips
1)理论上crontab定时任务脚本如果没有问题的话,就会正常发送告警
2)PrometheusAlert关闭@所有人 以及告警通知标题修改
(图片可点击放大查看)
(图片可点击放大查看)
3)说明:目前发现@某人的功能未能成功
还待研究,需要改写replace_username.sh 脚本
边栏推荐
猜你喜欢
Advanced level of static and extern
Transfer the idea of "Zhongtai" to the code
![16. [stm32] starting from the principle, I will show you the DS18B20 temperature sensor - four digit digital tube displays the temperature](/img/9f/c91904b6b1d3a1e85c0b50e43972e5.jpg)
16. [stm32] starting from the principle, I will show you the DS18B20 temperature sensor - four digit digital tube displays the temperature
lv_ font_ Conv offline conversion
Appium自动化测试基础 — APPium基础操作API(二)
Subclasses and superclasses of abstract classes
Codasip adds verify safe startup function to risc-v processor series
verilog实现计算最大公约数和最小公倍数
RepLKNet:不是大卷积不好,而是卷积不够大,31x31卷积了解一下 | CVPR 2022
【簡記】解决IDE golang 代碼飄紅報錯
随机推荐
CSDN I'm coming
Xiao Sha's arithmetic problem solving Report
Data communication foundation - Ethernet port mirroring and link aggregation
OSI seven layer model
list去重并统计个数
Maximum common subsequence
19.[STM32]HC_ SR04 ultrasonic ranging_ Timer mode (OLED display)
Modify PyUnit_ Time makes it support the time text of 'xx~xx months'
Go language programming specification combing summary
Lesson 4 knowledge summary
抽象类和接口的区别
Memo 00
Replknet: it's not that large convolution is bad, but that convolution is not large enough. 31x31 convolution. Let's have a look at | CVPR 2022
RLock锁的使用
具有倍数关系的时钟切换
对象和类的关系
F. Weights assignment for tree edges problem solving Report
后台系统发送验证码功能
Anti shake and throttling
How difficult is it to pass the certification of Intel Evo 3.0? Yilian technology tells you