我正在尝试使用 event.get 方法来选择最近的事件并通过相关对象描述和主机名进行过滤它们。
示例请求(没有主机名和相关对象描述过滤器(
{
"jsonrpc": "2.0",
"method": "event.get",
"params": {
"time_from": "1518016133",
"filter": {
"value": 1
},
"selectRelatedObject": ["description"],
"selectHost": ["name"]
},
"id": 2,
"auth": "474aeddd05bb5e5f7fc0e7267fbd2sd6"
}
示例响应
{
"jsonrpc": "2.0",
"result": [
{
"eventid": "24397263",
"source": "0",
"object": "0",
"objectid": "98218",
"clock": "1518016248",
"value": "1",
"acknowledged": "0",
"ns": "850595734",
"hosts": [
{
"hostid": "11513",
"name": "OS-1-LIVE"
}
],
"relatedObject": {
"triggerid": "98218",
"description": "No response"
}
}
],
"id": 2
}
我试图将以下内容添加到过滤器块(一次(
"hosts.name": "TEST"
"hosts[name]": "TEST"
"selectHosts.name": "TEST"
"selectHosts[name]": "TEST"
"relatedObject.description": "TEST"
,但它们都没有起作用。(所有结果仍然返回(
可以通过相关对象和主机名过滤事件?
zabbix API版本3.0.14
在更多研究之后编辑。
事件的参数。get仅适用于事件对象:您可以在值,确认,hostid,groupID等上过滤,但是您不能使用它来通过主机名过滤输出。
您可以使用hostids param(请参阅API(,但是您必须先调用API才能将目标主机名转换为主机ID。
或者您只能使用selectHosts = 'extend',它将返回具有时间范围的所有详细信息的事件列表和主机,然后按照您的标准局限于结果。
第一个需要更多的API呼叫,但我认为它更优雅。第二个将返回特定时间范围的所有主机的所有事件,然后您必须过滤所有不需要的事件。
带有hostids过滤的Python样品:
hostId = zapi.get_id('host', item="TEST host name")
eventObj = zapi.event.get(time_from=1515771918, hostids=hostId, value="1", selectHosts='extend')
for event in eventObj:
for host in event['hosts']:
# filter by host['description'] or any other host value
python样品没有hostids过滤:
eventObj = zapi.event.get(time_from=1515771918, value="1", selectHosts='extend')
for event in eventObj:
for host in event['hosts']:
# filter by host['name'] or host['description'] or any other host value
在这两种情况下,扩展输出都将为活动提供完整的主机信息:
[
{
"acknowledged": "0",
"c_eventid": "0",
"clock": "1515773211",
"correlationid": "0",
"eventid": "2738610",
"hosts": [
{
"available": "0",
"description": "Host description",
"disable_until": "0",
"error": "",
"errors_from": "0",
"flags": "0",
"host": "192.168.1.1",
"hostid": "10283",
"ipmi_authtype": "-1",
"ipmi_available": "0",
"ipmi_disable_until": "0",
"ipmi_error": "",
"ipmi_errors_from": "0",
"ipmi_password": "",
"ipmi_privilege": "2",
"ipmi_username": "",
"jmx_available": "0",
"jmx_disable_until": "0",
"jmx_error": "",
"jmx_errors_from": "0",
"lastaccess": "0",
"maintenance_from": "0",
"maintenance_status": "0",
"maintenance_type": "0",
"maintenanceid": "0",
"name": "Your device name or hostname",
"proxy_hostid": "0",
"snmp_available": "1",
"snmp_disable_until": "0",
"snmp_error": "",
"snmp_errors_from": "0",
"status": "0",
"templateid": "0",
"tls_accept": "1",
"tls_connect": "1",
"tls_issuer": "",
"tls_psk": "",
"tls_psk_identity": "",
"tls_subject": ""
}
],
"ns": "259800604",
"object": "0",
"objectid": "15177",
"r_eventid": "2738613",
"source": "0",
"userid": "0",
"value": "1"
},
-- other events --
]
您可以使用Selecthost来限制通过使用"扩展"数组来限制所检索的值:
eventObj = zapi.event.get(time_from=1515771918, hostids=hostId, value="1", selectHosts=['description', 'status', 'host'])
此请求将使用此主机格式返回事件:
{
"acknowledged": "0",
"c_eventid": "0",
"clock": "1516502139",
"correlationid": "0",
"eventid": "2768212",
"hosts": [
{
"description": "Test server for API experiments",
"host": "Test Server",
"hostid": "10270",
"status": "0"
}
],
"ns": "536030065",
"object": "0",
"objectid": "14920",
"r_eventid": "0",
"source": "0",
"userid": "0",
"value": "1"
},
"""
Shows a list of all current issues (AKA tripped triggers)
"""
from datetime import datetime
import time
from pyzabbix import ZabbixAPI
# The hostname at which the Zabbix web interface is available
ZABBIX_SERVER = 'http://192.168.***.***/zabbix'
zapi = ZabbixAPI(ZABBIX_SERVER)
# Login to the Zabbix API
zapi.login('***', '***')
# Get a list of all issues (AKA tripped triggers)
triggers = zapi.trigger.get(only_true=1,
skipDependent=1,
monitored=1,
active=1,
filter={"value": 1},
output='extend',
expandDescription=1,
selectHosts=['name'],
sortfield=['lastchange'],
sortorder='ASC',
)
# Do another query to find out which issues are Unacknowledged
unack_triggers = zapi.trigger.get(only_true=1,
skipDependent=1,
monitored=1,
active=1,
output='extend',
expandDescription=1,
selectHosts=['host'],
withLastEventUnacknowledged=1,
)
def seconds_to_dhms(time):
seconds_to_minute = 60
seconds_to_hour = 60 * seconds_to_minute
seconds_to_day = 24 * seconds_to_hour
seconds_to_month = 30 * seconds_to_day
seconds_to_year = 12 * seconds_to_month
years = time // seconds_to_year
time %= seconds_to_year
month = time // seconds_to_month
time %= seconds_to_month
days = time // seconds_to_day
time %= seconds_to_day
hours = time // seconds_to_hour
time %= seconds_to_hour
minutes = time // seconds_to_minute
time %= seconds_to_minute
seconds = time
if (seconds >= 0) and (minutes == 0) and (hours == 0) and (days == 0) and (month == 0) and (years == 0):
return("%d seconds" % (seconds))
elif (seconds >= 0) and (minutes >= 1) and (hours == 0) and (days == 0) and (month == 0) and (years == 0):
return("%d minutes : %d seconds" % (minutes, seconds))
elif (seconds >= 0) and (minutes >= 0) and (hours >= 1) and (days == 0) and (month == 0) and (years == 0):
return("%d hours : %d minutes" % (hours, minutes))
elif (seconds >= 0) and (minutes >= 0) and (hours >= 0) and (days >= 1) and (month == 0) and (years == 0):
return("%d days : %d hours" % (days, hours))
elif (seconds >= 0) and (minutes >= 0) and (hours >= 0) and (days >= 0) and (month >= 1) and (years == 0):
return("%d month : %d days" % (month, days))
elif (seconds >= 0) and (minutes >= 0) and (hours >= 0) and (days >= 0) and (month >= 0) and (years >= 1):
return("%d year : %d month" % (years, month))
else:
return("%dm:%dd:%dh:%dm:%ds" % (month, days, hours, minutes, seconds))
# Print a list containing only "tripped" triggers
for t in triggers:
if int(t['value']) == 1:
time_period=int(time.mktime(datetime.now().timetuple())) - int(t['lastchange'])
hostss=zapi.host.get(hostids=t['hosts'][0]['hostid'], output = ['hostid','host','name'], selectInterfaces=['ip','port','dns'])
for i in hostss:
print("-----")
print("{0}n{1}n{2}n{3}".format(t['hosts'][0]['name'],i['interfaces'][0]['ip'], t['description'], seconds_to_dhms(time_period)))