一、简介
部分人员会有屏蔽群发消息的习惯,导致有些告警没办法及时处理,所以配置自建应用告警,方便设备出现故障时及时通知。
二、企业微信端配置
2.1 登陆企业微信管理控制台
2.2 创建应用
打开应用管理==>创建应用==>填写应用名称==>设置提醒的人员
2.3 记录以下信息
AgentId Secret 企业ID 部门ID 人员账号
三、zabbix server端配置
3.1 打开AlertScriptsPath路径
cat /etc/zabbix/zabbix_server.conf | grep -Ev "^$|^#"
cd /usr/lib/zabbix/alertscripts
3.2 写入python文件
#这是一个企业微信告警的代码模块,按需求填入以下信息
#!/usr/local/bin/python>=3.5
#coding:utf-8
import requests,sys,json
import urllib3
import sys
import imp
import importlib
importlib.reload(sys)
urllib3.disable_warnings()
def GetToken(Corpid,Secret):
Url = "https://qyapi.weixin.qq.com/cgi-bin/gettoken"
Data = {
"corpid":Corpid,
"corpsecret":Secret
}
r = requests.get(url=Url,params=Data,verify=False)
Token = r.json()['access_token']
return Token
def SendMessage(Token,User,Agentid,Subject,Content):
Url = "https://qyapi.weixin.qq.com/cgi-bin/message/send?access_token=%s" % Token
Data = {
"touser": User,
"totag": Tagid,
"msgtype": "text", #消息类型
"agentid": Agentid,
"text": {
"content": Subject + '\n' + Content
},
"safe": "0"
}
r = requests.post(url=Url,data=json.dumps(Data),verify=False)
return r.text
if __name__ == '__main__':
User = sys.argv[1] # zabbix传过来的第一个参数
Subject = sys.argv[2] # zabbix传过来的第二个参数
Content = sys.argv[3] # zabbix传过来的第三个参数
#写入以下信息
Corpid = "wwd85fc580xxxxxxxx" # CorpID是企业号的标识
Secret = "V1Sgt62XxNfNzHJZ1kK_ULJA-U0uyxxxxxxxxxxxxxx" # Secret是管理组凭证密钥
Tagid = "1" # 通讯录标签ID
User = "Liaxxxxxx" #指定用户名
Agentid = "1000003" # 应用ID
Token = GetToken(Corpid, Secret)
Status = SendMessage(Token,User,Agentid,Subject,Content)
print (Status)
3.3 测试
python3 QW.py 1 告警 告警
四、zabbix Web端配置
4.1创建告警媒介
脚本参数{ALERT.SENDTO} {ALERT.SUBJECT} {ALERT.MESSAGE}
4.2 添加消息模板
4.3 测试
问题汇总
测试脚本:坏的解释器
问题描述:
- sh: /usr/lib/zabbix/alertscripts/QW.py: /usr/local/bin/python3.5: 坏的解释器: 没有那个文件或目录
解决方法:
which python3 ln -s /bin/python3 /usr/local/bin/python3.5
测试脚本:"errcode":60020
问题描述:
{"errcode":60020,"errmsg":"not allow to access from your ip, hint: [1700875172118370536961024], from ip: xxx.xxx.xxx.xx, more info at https://open.work.weixin.qq.com/devtool/query?e=60020"}
请求的IP不可信,要添加进应用管理的可信IP,具体操作步骤如下:
解决方法:
打开应用管理==>选择应用==>配置企业可信IP 方法1: 复制Token、EncodingAESKey 打开一台有公网IP的服务器执行以下操作wget https://github.com/sbzhu/weworkapi_python/archive/refs/heads/master.zip unzip master.zip mv weworkapi_python-master weworkapi_python
#-*- encoding:utf-8 -*-
from flask import abort, request
from flask import Flask
from xml.dom.minidom import parseString
import _thread
import time
import os
import sys
sys.path.append("weworkapi_python/callback") # 正确的模块导入路径
from WXBizMsgCrypt3 import WXBizMsgCrypt # https://github.com/sbzhu/weworkapi_python 项目地址
app = Flask(__name__)
# 对应步骤4中接受消息回调模式中的URL,如域名是'www.example.com' 那么在步骤4中填入的url就为"http://www.example.com/hook_path"
@app.route('/hook_path', methods=['GET','POST'])
def douban():
if request.method == 'GET':
echo_str = signature(request, 0)
return(echo_str)
elif request.method == 'POST':
echo_str = signature2(request, 0)
return(echo_str)
###!!!!!!!!!!!修改以下三处"XXXXXXX", "XXXXXXX", "XXXXXXX"
qy_api = [
WXBizMsgCrypt("XXXXXXX", "XXXXXXX", "XXXXXXX"),
] #对应接受消息回调模式中的token,EncodingAESKey 和 企业信息中的企业id
# 开启消息接受模式时验证接口连通性
def signature(request, i):
msg_signature = request.args.get('msg_signature', '')
timestamp = request.args.get('timestamp', '')
nonce = request.args.get('nonce', '')
echo_str = request.args.get('echostr', '')
ret,sEchoStr=qy_api[i].VerifyURL(msg_signature, timestamp,nonce,echo_str)
if (ret != 0):
print("ERR: VerifyURL ret: " + str(ret))
return("failed")
else:
return(sEchoStr)
# 实际接受消息
def signature2(request, i):
msg_signature = request.args.get('msg_signature', '')
timestamp = request.args.get('timestamp', '')
nonce = request.args.get('nonce', '')
data = request.data.decode('utf-8')
ret,sMsg=qy_api[i].DecryptMsg(data,msg_signature, timestamp,nonce)
if (ret != 0):
print("ERR: DecryptMsg ret: " + str(ret))
return("failed")
else:
with open ("/var/log/qywx.log", 'a+') as f: # 消息接收日志
doc = parseString(sMsg)
collection = doc.documentElement
name_xml = collection.getElementsByTagName("FromUserName")
msg_xml = collection.getElementsByTagName("Content")
type_xml = collection.getElementsByTagName("MsgType")
pic_xml = collection.getElementsByTagName("PicUrl")
msg = ""
name = ""
msg_type = type_xml[0].childNodes[0].data
if msg_type == "text": #文本消息
name = name_xml[0].childNodes[0].data #发送者id
msg = msg_xml[0].childNodes[0].data #发送的消息内容
f.write(time.strftime('[%Y-%m-%d %H:%M:%S]') + "[ch%d] %s:%s\n" % (i, name, msg))
_thread.start_new_thread(os.system, ("python3 command.py '%s' '%s' '%d' '%d'" % (name, msg, i, 0), )) #此处将消息进行外部业务处理
elif msg_type == "image": #图片消息
name = name_xml[0].childNodes[0].data
pic_url = pic_xml[0].childNodes[0].data
f.write(time.strftime('[%Y-%m-%d %H:%M:%S]') + "[ch%d] %s:图片消息\n" % (i, name))
_thread.start_new_thread(os.system, ("python3 command.py '%s' '%s' '%d' '%d'" % (name, pic_url, i, 1), )) #此处将消息进行外部业务处理
f.close()
return("ok")
if __name__=='__main__':
app.run("0.0.0.0", 888) #本地监听端口,可自定义
python3 wechat.py
http://公网IP地址:888/hook_path 填入 方法2: 文字描述:在公网linux上安装Apache,将文件放在Apache访问的根目录(默认:/var/www/html)下,然后启动Apache,将公网的域名写入可信域名(如果更改了http端口号,域名后也需加端口号),最后点击确定即可