1,添加一个机器人
2,安全设置建议为空
3,拷贝 webhook 地址 https://open.feishu.cn/open-apis/bot/v2/hook/fa00336f-73c4-4c55-90d3-1de8e08516b10
4, 把fa00336f-73c4-4c55-90d3-1de8e08516b10 写入
5,导入规则
categraf/alerts-linux.json at main · flashcatcloud/categraf · GitHub
6,告警组加入
报错提示开启关键字,而找不到关键字报错
2022-10-25 16:20:36.216513 INFO sender/feishu.go:53 feishu_sender: result=succ url=https://open.feishu.cn/open-apis/bot/v2/hook/c908396a-a1dd-4025-a58f-c7b84d254e4a code=200 response={"code":19024,"data":{},"msg":"Key Words Not Found"}
开启白名单而不在白名单的ip 提示报错
2022-10-25 16:17:18.217814 INFO sender/feishu.go:53 feishu_sender: result=succ url=https://open.feishu.cn/open-apis/bot/v2/hook/c908396a-a1dd-4025-a58f-c7b84d254e4a code=200 response={"code":19022,"data":{},"msg":"Ip Not Allowed"}
开启签名验证报错
2022-10-25 15:55:23.988391 INFO sender/feishu.go:53 feishu_sender: result=succ url=https://open.feishu.cn/open-apis/bot/v2/hook/c908396a-a1dd-4025-a58f-c7b84d254e4a code=200 response={"code":19021,"data":{},"msg":"sign match fail or timestamp is not within one hour from current time"}
token 写成了签名校验,识别不到报错
级别状态: S1 Triggered
规则名称: 监控对象失联
监控指标: [ident=categraf01 rulename=监控对象失联]
触发时间: 2022-10-25 16:47:17
触发时值: 1
发送时间: 2022-10-25 16:47:18
级别状态: S1 Recovered
规则名称: 监控对象失联
监控指标: [ident=categraf01 rulename=监控对象失联]
恢复时间:2022-10-25 16:52:32
发送时间: 2022-10-25 16:52:33