cacti realizes the warning function of wechat

Keywords: PHP curl MySQL JSON

background

Recently, I was entrusted by my friend to implement cacti's micro-alert function for him, but in my impression, cacti's thold plug-in seems to only have email alert function? So I spent a little time searching the Internet for relevant information, and found that the information of cacti's micro-message alarm was very little. The only article that seemed to be available tried but failed. On the basis of that article, I modified the code of the micro-message script and tested it successfully. So I'll sort it out here for you to see.

Original articles for online reference: http://www.itnpc.com/news/web/145117534132561.html


principle

Because the thold plug-in of cacti has no wechat alarm function, only email function, the wechat alarm function of this article has the nature of ingenuity. The principle is that when the thold plug-in triggers the email alarm, it runs the script of sending messages by wechat, and sends the alarm content by using the api of wechat public number.


Configuration (cacti directory is / usr/local/cacti)

1: Install the thold and settings plug-ins of cacti.

thold relies on the settings plug-in to install the settings plug-in first:

Plug-in download address: http://docs.cacti.net/plugin:settings

# cp settings-v0.71-1.tgz /usr/local/cacti/plugins
# tar -zxvf settings-v0.71-1.tgz

Install thold plug-ins:

Plug-in download address: http://docs.cacti.net/plugin:thold

# cp thold-v0.5.0.tgz /usr/local/cacti/plugins
# tar -zxvf thold-v0.5.0.tgz

Make plug-ins work:

# vi /usr/local/cacti/include/config.php 
$database_type = "mysql";
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cacti";
$database_password = "cacti123456";
$database_port = "3306";
$database_ssl = false;

#Add the following information
$plugins[] = 'settings';
$plugins[] = 'thold';

Enter cacti and open the plug-in in console--Configuration--Plugin Management.


2: Configure the trigger and script of Wechat alarm

In the thold plug-in program, the part that triggers the mail alarm is added to the code that runs the wechat alarm.

# vi /usr/local/cacti/plugins/thold/thold_functions.php
 $message = str_replace('<GRAPH>', "<br><img src='" . $val['file'] . "'><br>Could not open!<br>" . $val['file'], $message);
                        }
                }
        }
          
   ########Find the relevant code location and add the following code__start##################### 
        $msg_wx = strip_tags(str_replace('<br>', "\n", $message));       //Delete the html tag in message and replace <br> with the newline character\n
        $msg_wx = trim($msg_wx);                         //Clean up msg_wx string
        $msg_wx = iconv( "GB2312//IGNORE",""utf-8", $msg_wx); //Convert to utf-8 to prevent scrambling
        $sub_wx = iconv( "GB2312//IGNORE",""utf-8", $subject"; //Convert to utf-8 to prevent scrambling
        $file_title  = '/tmp/title.txt';                     //The filename to write to the file (which can be any filename) will be created if the file does not exist.
        $file_message  = '/tmp/message.txt';                  //The filename to write to the file (which can be any filename) will be created if the file does not exist.
        if($f  = file_put_contents($file_title, $sub_wx))           //Save the value of the subject parameter to file_title
        if($f  = file_put_contents($file_message,  $msg_wx))         //Save the value of the msg_wx parameter to file_message
        shell_exec("/etc/wechat.sh");                       //Run the wechat.sh file and do the wechat alarm operation.
   #################end#################################
        
        $text = array('text' => '', 'html' => '');
        if ($filename == '') {
                $message = str_replace('<br>',  "\n", $message);
                $message = str_replace('<BR>',  "\n", $message);
                $message = str_replace('</BR>', "\n", $message);
                $text['text'] = strip_tags($message);

Trigger the Wechat Message Script: (Apply for Wechat Enterprise Number in advance and configure relevant information, refer to blog http://icenycmh.blog.51cto.com/4077647/1909527)

# vi /etc/wechat.sh 
#CropID of Wechat Enterprise Number
CropID='xxxxxxxxxxxxxxx'
#Application of Warning in Enterprise Number
Secret='xxxxxxxxxxxxxxxxxxxxxxxxxxx'
GURL="https://qyapi.weixin.qq.com/cgi-bin/gettoken?corpid=$CropID&corpsecret=$Secret"
Gtoken=$(/usr/bin/curl -s -G $GURL |  awk -F "[\":,]" '{print $15}')
PURL="https://qyapi.weixin.qq.com/cgi-bin/message/send?access_token=$Gtoken"
function body() {
local int AppID=1
#Appid Fill in the ID of the alarm APP established in the enterprise number
local UserID="@all"
#Fill in the alarm receiving user here, all alarms can be left blank.
local PartyID="@all"
local TagID="@all"
Ent=$'\n'
Date=$(date '+%Y year%m month%d day %H:%M:%S\n\n')
#Adding Cacti Wechat Alarm Date Parameters to the Requirements of cactifans Group
Tit=$(cat /tmp/title.txt)
#Read the contents of the / tmp/title file to the variable Tit
Msg=$Date$Tit$Ent$(cat /tmp/message.txt|sed 's/%//g')
#Splice msg main body file, including date, theme, alarm content. Delete the'%'number in the alarm content.
Url=$(grep  "http" /tmp/message.txt|sed  's/URL: //g')
#Get the url line content in message.txt
Pic_tmp=$(grep  "http" /tmp/message.txt|sed  's/URL: //g'|sed 's/\/graph.php/\/graph_image.php/g')
if [ ! -n "$Pic_tmp" ] ;then
Pic=""
else
Pic=$Pic_tmp$'&graph_height=130&graph_width=500&t='$Date
fi
#Modify to add Pic parameters based on the url line content
#Thank you also for the method provided by the cactifans group Shenzhen-Move. Here we modify the image size to prevent the image from being displayed incompletely and determine whether the image file exists or not. Prevent the outage of picture alarm
printf '{\n'
printf '\t"touser": "'"$UserID"\"",\n"
printf '\t"toparty": "'"$PartyID"\"",\n"
printf '\t"totag": "'"$TagID"\"",\n"
printf '\t"msgtype": "news",\n'
printf '\t"agentid": "'" $AppID "\"",\n"
printf '\t"news": {\n'
printf '\t"articles": [\n'
printf '{\n'
printf '\t\t"title": "'"$Tit"\","\n"
printf '\t\t"description": "'"$Msg"\","\n"
printf '\t\t"url": "'"$Url"\","\n"
printf '\t\t"picurl": "'"$Pic"\","\n"
printf '\t}\n'
printf '\t]\n'
printf '\t}\n'
printf '}\n'
}
curl -l -H "Content-type: application/json" -X POST -d "$(body )" $PURL

Test whether the Wechat script is available:

#Write in / tmp/title.txt and / tmp/message.txt and run the Wechat script:
# echo 123 > /tmp/title.txt
# echo 456 > /tmp/message.txt
# sh /etc/wechat.sh

If the message is received, the Wechat script is available as follows:

  


3: Configure cacti mail alarm, and configure the downtime status alarm of the host: (not configuring mail should also be possible, but can more intuitive discovery trigger mail alarm, while triggering Wechat alarm)

Configure mail-related information with DNS:

    

Turn on the downtime alarm of the main engine:  

Simulate the downtime of the host and check the alarm:

   


5:cacti traffic monitoring alarm configuration

Create an alarm template that specifies that an alarm will be triggered when the network entry traffic exceeds 30M. (Specific flow monitoring configuration is not described here)

Apply this template to a host port and trigger an alarm if the flow exceeds 30M. The alarm is as follows:

As you can see, not only text alarms can be received, but also the flow chart of the current interface can be received, indicating that the function of this micro-message alarm is still very powerful.~~~


Be careful:

If the flow chart cannot be displayed in the traffic alarm, the following modifications can be made:

#Cancel the image validation configuration of cacti
# vi /usr/local/cacti/graph_image.php     
#include("./include/auth.php");         #Add comments
include_once("./lib/rrd.php");
include("./include/global.php");        #Add this line


Posted by q1234ask on Thu, 20 Jun 2019 14:21:38 -0700