zabbix 告警数据查询语句

分享一些总结的zabbix告警查询语句
1、查询zabbix过去一周群组告警总数

SELECT
        a.hostid,
        a.`host`,
        a.`status`,
        a.`name` AS hostnname,
        b.`name` AS groupname,
        d.`name` AS item,
        FROM_UNIXTIME( e.clock ) AS eventtime,
        e.`name`,
        e.severity 
FROM
        hosts a
        JOIN hosts_groups c ON a.hostid = c.hostid
        JOIN hstgrp b ON b.groupid = c.groupid 
        AND b.NAME LIKE '%系统组%'
        JOIN items d ON a.hostid = d.hostid 
        AND d.flags <> 1 
        AND d.flags <> 2
        JOIN ( SELECT itemid, triggerid FROM functions GROUP BY itemid, triggerid ) f ON d.itemid = f.itemid
        JOIN events e ON f.triggerid = e.objectid 
        AND e.`value` = 1 
        AND yearweek( FROM_UNIXTIME( e.clock ), 1 )= yearweek( now(), 1 ) 
ORDER BY
        e.clock

2、查询zabbix所有监控指标触发器和告警等级

SELECT * FROM 
(SELECT a.hostid,b.`name` AS 系统名称,a.`host` AS 地址,d.`name` AS 监控项,d.key_  as 键值,d.itemid
   from `hosts` a,hstgrp b,hosts_groups c,items d
      where a.available  = 1 and a.hostid =c.hostid and b.groupid = c.groupid
          AND b.`name` LIKE '%系统%'  
             AND a.hostid = d.hostid AND d.key_ not LIKE '%#%'  AND d.key_ not like '%IPADDRESS%' AND d.name like "%进程%"
                 ORDER BY b.`name`,a.`host`) A 
                    LEFT JOIN (SELECT m.itemid,m.`name` as 触发器函数,m.parameter as 触发器参数,n.expression as 触发器条件,n.recovery_mode AS 恢复模式,n.recovery_expression,
                                   CASE  
                                         WHEN n.priority =5 THEN '一级' 
																				 WHEN n.priority =4 THEN '二级'
                                         WHEN n.priority =3 THEN '三级' 
                                         WHEN n.priority =2 THEN '四级' 
                                         WHEN n.priority =1 THEN '五级' 
                                         WHEN n.priority =0 THEN '六级' 
                                         END AS 告警等级
                                from  functions m,`triggers`n  
                                   where n.triggerid=m.triggerid  
                                     --  GROUP BY itemid
                               ) B ON  A.itemid = B.itemid

3、导出zabbix群组所有监控主机指标

SELECT * FROM 
(SELECT a.hostid,b.`name` AS 系统名称,a.`host` AS 地址,d.`name` AS 监控项,d.key_  as 键值,d.itemid
   from `hosts` a,hstgrp b,hosts_groups c,items d
      where a.available  = 1 and a.hostid =c.hostid and b.groupid = c.groupid
          AND b.`name` LIKE '%系统%'  
             AND a.hostid = d.hostid  AND d.name like "%进程%"
                 ORDER BY b.`name`,a.`host`) A 
                    LEFT JOIN (SELECT m.itemid,m.`name` as 触发器函数,m.parameter as 触发器参数,n.expression as 触发器条件 
                                from  functions m,`triggers`n  
                                   where n.triggerid=m.triggerid  
                                     --  GROUP BY itemid
                               ) B ON  A.itemid = B.itemid
							   

4、导出zabbix群组所有监控主机

SELECT b.`name` AS 系统名称,a.`host` AS 地址
   from `hosts` a,hstgrp b,hosts_groups c
        -- where a.`status`  = 1
        WHERE a.hostid =c.hostid and b.groupid = c.groupid  AND a.`status` <> 3
          AND (b.`name` LIKE '%45-%')
         --    AND A.hostid = D.hostid AND d.key_ not LIKE '%#%'  AND d.key_ not like '%IPADDRESS%'
                 ORDER BY b.`name`,a.`host`

5、查看所有监控项

SELECT
    *
FROM
    (
        SELECT
            a.hostid,
            b.`name` AS 系统名称,
            a.`host` AS 地址,
            d.`name` AS 监控项,
            d.key_ AS 键值,
            d.itemid
        FROM
            `hosts` a,
            hstgrp b,
            hosts_groups c,
            items d
        WHERE
            a.available = 1
        AND a.hostid = c.hostid
        AND b.groupid = c.groupid
        AND b.`name` LIKE '%45-%'
        AND A.hostid = D.hostid
        AND d.key_ NOT LIKE '%#%'
        AND d.key_ NOT LIKE '%IPADDRESS%'
        AND d.key_ NOT LIKE '%discovery%'
        ORDER BY
            b.`name`,
            a.`host`
    ) A
LEFT JOIN (
    SELECT
        m.itemid,
        m.nameparameter AS 触发器函数参数,
        -- m.parameter AS 触发器参数,
        n.expression AS 触发器条件,
        n.recovery_mode AS 恢复模式,
        CASE
    WHEN n.priority = 5 THEN '一级'
    WHEN n.priority = 4 THEN '二级'
    WHEN n.priority = 3 THEN '三级'
    WHEN n.priority = 2 THEN '四级'
    WHEN n.priority = 1 THEN '五级'
    WHEN n.priority = 0 THEN '六级'
    END AS 告警等级
    FROM
        (
            SELECT
                m.itemid,
                m.triggerid,
                CONCAT(GROUP_CONCAT(
                    CONCAT(NAME, '(', parameter, ')')
                )) nameparameter
            FROM
                functions m
            GROUP BY
                m.itemid,
                m.triggerid
        ) m,
        `triggers` n
    WHERE
        n.triggerid = m.triggerid
) B ON A.itemid = B.itemid

另一种写法

select name,count(name) '发送次数',from_unixtime(clock) '发生时间' 
from events where clock in (select clock from events where TIMESTAMPDIFF(day,from_unixtime(clock,'%Y-%m-%d'),current_date)<30) and value=1 and source=0 
group by name order by count(name) desc

6、查询最近30天zabbix告警数据

SELECT
        a.hostid ,
        a.`host`,
        a.`name` AS hostnname,
        b.`name` AS groupname,
        FROM_UNIXTIME( e.clock ) AS eventtime,
        e.`name`,
        e.severity 
FROM
        hosts a
        JOIN hosts_groups c ON a.hostid = c.hostid
        JOIN hstgrp b ON b.groupid = c.groupid 
        AND b.NAME LIKE '%系统组%'
        JOIN items d ON a.hostid = d.hostid 
        AND d.flags <> 1 
        AND d.flags <> 2
        JOIN ( SELECT itemid, triggerid FROM functions GROUP BY itemid, triggerid ) f ON d.itemid = f.itemid
        JOIN events e ON f.triggerid = e.objectid 
        AND e.`value` = 1 
				AND e.clock in (select e.clock from events e where TIMESTAMPDIFF(day,from_unixtime(e.clock,'%Y-%m-%d'),current_date)<30)
        
ORDER BY e.clock

以上均可自行尝试,修改查询但是由于zabbix数据库量比较大,经常会导致查询时长过大,请先测试后使用。

  • 2
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

酱江奖

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值