Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.
Awesome Lists | Featured Topics | Projects
https://github.com/alerta/zabbix-alerta

Forward Zabbix alerts to the alerta monitoring system
https://github.com/alerta/zabbix-alerta
alerta zabbix
Last synced: 3 months ago
JSON representation
Forward Zabbix alerts to the alerta monitoring system
Host: GitHub
URL: https://github.com/alerta/zabbix-alerta
Owner: alerta
License: mit
Created: 2013-10-01T18:41:39.000Z (about 11 years ago)
Default Branch: master
Last Pushed: 2021-06-14T17:56:01.000Z (over 3 years ago)
Last Synced: 2024-05-21T04:15:39.299Z (6 months ago)
Topics: alerta, zabbix
Language: Python
Homepage: http://alerta.io
Size: 3.26 MB
Stars: 97
Watchers: 11
Forks: 42
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project

README

        Zabbix-Alerta Gateway

=====================

Consolidate Zabbix alerts from across multiple sites into a single

"at-a-glance" console by using a custom Zabbix [alertscript](https://www.zabbix.com/documentation/current/manual/config/notifications/media/script).

Transform this ...

![zabbix](/docs/images/zabbix-alerta-before.png?raw=true)

Into this ...

![alerta](/docs/images/zabbix-alerta-after.png?raw=true)

For help, join [![Slack chat](https://img.shields.io/badge/chat-on%20slack-blue?logo=slack)](https://slack.alerta.dev)

Installation

------------

Clone the GitHub repo and run:

    $ python setup.py install

Or, to install remotely from GitHub run:

    $ pip install git+https://github.com/alerta/zabbix-alerta

Then symlink the `zabbix-alerta` script to the `AlertScriptsPath` directory

which can be found in the `/etc/zabbix/zabbix_server.conf` configuration file:

    $ grep -e '^AlertScriptsPath' /etc/zabbix/zabbix_server.conf

    AlertScriptsPath=/path/to/zabbix/alertscripts

    $ ln -s `which zabbix-alerta` /path/to/zabbix/alertscripts

Configuration

-------------

To forward Zabbix events to Alerta a new media script needs to be created

and associated with a user. Follow the steps below as a Zabbix Admin user...

1/ Create a new media type [Admininstration > Media Types > Create Media Type]

```

Name: Alerta

Type: Script

Script name: zabbix-alerta

Script parameters:

    1st: {ALERT.SENDTO}

    2nd: {ALERT.SUBJECT}

    3rd: {ALERT.MESSAGE}

Enabled: [x]

```

2/ Modify the Media for the Admin user [Administration > Users]

```

Type: Alerta

Send to: http://x.x.x.x:8080   => API hostname/IP and port of alerta server

When active: 1-7,00:00-24:00

Use if severity: (all)

Status: Enabled

```

**Note:** If the [Docker container for Alerta](https://hub.docker.com/r/alerta/alerta-web/)

is used then the "Send to" URL will use a host and port specific to

your environment and the URL path will need to include `/api` eg. `http://x.x.x.x:8080/api`.

**Note:** If API authentication is enabled then an API key will need to be

specified in the `Send to` configuration. The API key is added after the API

endpoint separated only by a semicolon. eg. `http://x.x.x.x;YOUR_API_KEY_HERE`

3/ Configure Action [Configuration > Actions > Create Action > Action]

```

Name: Forward to Alerta

```

```

Default subject:

{TRIGGER.STATUS}: {TRIGGER.NAME}

```

```

Default message:

resource={HOST.NAME1}

event={ITEM.KEY1}

environment=Production

severity={TRIGGER.SEVERITY}

status={TRIGGER.STATUS}

ack={EVENT.ACK.STATUS}

service={TRIGGER.HOSTGROUP.NAME}

group=Zabbix

value={ITEM.VALUE1}

text={TRIGGER.STATUS}: {TRIGGER.NAME}

tags={EVENT.TAGS}

attributes.ip={HOST.IP1}

attributes.thresholdInfo={TRIGGER.TEMPLATE.NAME}: {TRIGGER.EXPRESSION}

type=zabbixAlert

dateTime={EVENT.DATE}T{EVENT.TIME}Z

```

RECOVERY

```

Default subject:

{TRIGGER.STATUS}: {TRIGGER.NAME}

```

```

Default message:

resource={HOST.NAME1}

event={ITEM.KEY1}

environment=Production

severity={TRIGGER.SEVERITY}

status={TRIGGER.STATUS}

ack={EVENT.ACK.STATUS}

service={TRIGGER.HOSTGROUP.NAME}

group=Zabbix

value={ITEM.VALUE1}

text={TRIGGER.STATUS}: {ITEM.NAME1}

tags={EVENT.RECOVERY.TAGS}

attributes.ip={HOST.IP1}

attributes.thresholdInfo={TRIGGER.TEMPLATE.NAME}: {TRIGGER.EXPRESSION}

attributes.moreInfo=Zabbix console

type=zabbixAlert

dateTime={EVENT.RECOVERY.DATE}T{EVENT.RECOVERY.TIME}Z

```

https://www.zabbix.com/documentation/current/manual/appendix/macros/supported_by_location

To send OK events ...

````

Recovery message: [check]

Enabled [check]

````

At the Conditions tab, to only forward PROBLEM and OK events ...

```

(A)	Maintenance status not in "maintenance"

(B)	Trigger value = "PROBLEM"

```

To forward PROBLEM, ACKNOWLEDGED, OK events ...

```

(A)	Maintenance status not in "maintenance"

```

Finally, add an operation:

```

Send to Users: Admin

Send only to: Alerta API

```

Advanced Configuration

----------------------

Additional features are available that enhance the integration

between Zabbix and Alerta if configuration profiles are used instead

of the basic `URL;Key` format described above.

**Configuration Profiles**

Additional configuration options are available if you use a profile for

the `sendto` value.

  * endpoint

  * API key

  * disable ssl verify

  * debug

Define `ALERTA_CONF_FILE` env var in the `/etc/default/zabbix-server` file

so that `zabbix-alerta` can find configuration settings during startup:

    $ sudo vi /etc/default/zabbix-server

    START=yes

    ALERTA_CONF_FILE=/etc/alerta.conf    => default: /var/lib/zabbix/.alerta.conf

Create the configuration file referred to by the `ALERTA_CONF_FILE` file

above that contains one or more configuration profiles:

    $ sudo vi /etc/alerta.conf

    [default]

    profile = production

    [profile production]

    endpoint = https://api.alerta.io

    key = XCYxMmPYUKHRmm-V-rYHGpzA2vveC8yT7zuvid7B

    sslverify = on

    debug = off

    [profile development]

    endpoint = http://localhost:8080

    key = demo-key

    sslverify = off

    debug = on

Use a profile name instead of the API URL in the "Send to" input box:

2/ Modify the Media for the Admin user [Administration > Users]

```

Type: Alerta

Send to: production    <= profile not URL

When active: 1-7,00:00-24:00

Use if severity: (all)

Status: Enabled

```

**Setting Alert Environment**

Using a custom user macro called `{$ENVIRONMENT}` it is possible to

set the environment of alerts received by Alerta in Zabbix. By default

the environment will be `Production` but this can be overidden at the host,

template group or global level using the `{$ENVIRONMENT}` macro.

**Use Zabbix severity levels and colours in Alerta**

Alerta can display alerts using the Zabbix standard severity names and

colours and sorted correctly by priority.

Zabbix uses the following severity hierarchy:

    Numerical trigger severity. Possible values:

    0 - Not classified,

    1 - Information,

    2 - Warning,

    3 - Average,

    4 - High,

    5 - Disaster.

    Supported starting from Zabbix 1.6.2.

In zabbix config append `!!` to the `severity` line to tell `zabbix-alerta`

to use the supplied Trigger severity and not to map the value to the

Alerta severity:

```

Default message:

resource={HOST.NAME1}

event={ITEM.KEY1}

environment=Production

severity={TRIGGER.SEVERITY}!!

status={TRIGGER.STATUS}

ack={EVENT.ACK.STATUS}

service={TRIGGER.HOSTGROUP.NAME}

...

```

Add the following to the Alerta server configuration file `alertad.conf`:

```python

SEVERITY_MAP = {

    'Disaster'      : 0,

    'High'          : 1,

    'Average'       : 2,

    'Warning'       : 3,

    'Information'   : 4,

    'OK'            : 5,

    'Not classified': 6,

    'unknown'       : 9

}

DEFAULT_NORMAL_SEVERITY = 'OK'

DEFAULT_PREVIOUS_SEVERITY = 'Not classified'

COLOR_MAP = {

    'severity': {

        'Disaster'      : '#E45959',

        'High'          : '#E97659',

        'Average'       : '#FFA059',

        'Warning'       : '#FFC859',

        'Information'   : '#7499FF',

        'Not classified': '#97AAB3',

        'OK'            : '#59DB8F',

        'unknown'       : '#BA2222'

    }

}

```

![zabbix-severity-colors](/docs/images/zabbix-severity-colors.png?raw=true)

**Zabbix Console Integration**

To add a web link in Alerta that links to the specific event in Zabbix

that triggered the alert add:

ACTION:

attributes.moreInfo=\Zabbix console

RECOVERY

attributes.moreInfo=\Zabbix console

Troubleshooting

---------------

Set the debug level to `4`, restart the zabbix server and tail the server

logs:

    $ vi /etc/zabbix/zabbix_server.conf

    DebugLevel=4

    $ tail -f /var/log/zabbix/zabbix_server.log

See the [PagerDuty guide](http://www.pagerduty.com/docs/guides/zabbix-integration-guide/)

to configuring Zabbix integrations for an example installation with

screenshots.

References

----------

  * Zabbix Custom Alert Scripts: https://www.zabbix.com/documentation/current/manual/config/notifications/media/script

  * Zabbix Custom User Macros: https://www.zabbix.com/documentation/current/manual/config/macros/usermacros

License

-------

Copyright (c) 2013-2019 Nick Satterly. Available under the MIT License.