需求是这样的:
用zabbix来监控报警,那么时间久了、报警次数多了、人员忙了、这些情况会导致一些报警内容被忽略,所以需要一个报表来反应谁收到了什么样的报警信息,收到了多少条,从而来判断这些情况是否被处理及处理进度,以及可以更好的分配人力资源,防止工作都压到1个人身上。
需求分析假设:
1、用zabbix自带报表功能,但是这个东西存在局限性,还未发现有此功能;
2、数据库中查找表的信息,从来进行二次判断进行结果展现。
进程:
选用了第二种方法:数据库。
大概看了下zabbix数据库中的表,大概找出了下面3个表可能存在相应的关系:
其实,我这里的结果只使用了1表和3表2张表进行结果展现,其实结果呈现的方法很多种,可能最后还会需要“用户组”表,进行结果展现及组员管理。
我这里将结果展现成了下面的内容:(应用级监控邮件报警的历史发送情况)
|
1
2
|
邮件筛选sql:
select
userid,name,
sum
(
case
when subject like
'%CPU systime%'
then
1 end) systime,
sum
(
case
when subject like
'%CPU USE%'
then
1 end) cpuuse,
sum
(
case
when subject like
'%Disk I%'
then
1 end) diskio,
sum
(
case
when subject like
'%available memory%'
then
1 end) mem,
sum
(
case
when subject like
'%is unreachable%'
then
1 end) downtime,
sum
(
case
when subject like
'%restarted%'
then
1 end) restart,
sum
(
case
when subject like
'%has been changed%'
then
1 end) passchange,
sum
(
case
when subject like
'%Free disk%'
then
1 end) disk,
sum
(
case
when subject not like
'%CPU%'
and subject not like
'%available memory%'
and subject not like
'%Disk%'
and subject not like
'%is unreachable%'
and subject not like
'%restart%'
and subject not like
'%has been changed%'
and subject not like
'%disk%'
then
1 end) other from (
select
a.userid,c.name,a.subject from alerts a,
users
c where a.mediatypeid=
'6'
and a.clock>
'1392220800'
and a.clock<
'1392307200'
and a.userid=c.userid and a.status=
'1'
and a.subject not like
'%OK%'
) at group by userid;
|
|
1
2
|
短信筛选sql:
select
userid,name,
sum
(
case
when subject like
'%CPU systime%'
then
1 end) systime,
sum
(
case
when subject like
'%CPU USE%'
then
1 end) cpuuse,
sum
(
case
when subject like
'%Disk I%'
then
1 end) diskio,
sum
(
case
when subject like
'%available memory%'
then
1 end) mem,
sum
(
case
when subject like
'%is unreachable%'
then
1 end) downtime,
sum
(
case
when subject like
'%restarted%'
then
1 end) restart,
sum
(
case
when subject like
'%has been changed%'
then
1 end) passchange,
sum
(
case
when subject like
'%Free disk%'
then
1 end) disk,
sum
(
case
when subject not like
'%CPU%'
and subject not like
'%available memory%'
and subject not like
'%Disk%'
and subject not like
'%is unreachable%'
and subject not like
'%restart%'
and subject not like
'%has been changed%'
and subject not like
'%disk%'
then
1 end) other from (
select
a.userid,c.name,a.subject from alerts a,
users
c where a.mediatypeid=
'3'
and a.clock>
'1392220800'
and a.clock<
'1392307200'
and a.userid=c.userid and a.status=
'1'
and a.subject not like
'%OK%'
) at group by userid;
|
其中sql的条件可以更改。
需要特别注意的是
clock字段是 unix的时间戳,需要的筛选条件可以进行转换进行获得。
本文转自 陈延宗 51CTO博客,原文链接:http://blog.51cto.com/407711169/1359724,如需转载请自行联系原作者
