需求是这样的

       用zabbix来监控报警,那么时间久了、报警次数多了、人员忙了、这些情况会导致一些报警内容被忽略,所以需要一个报表来反应谁收到了什么样的报警信息,收到了多少条,从而来判断这些情况是否被处理及处理进度,以及可以更好的分配人力资源,防止工作都压到1个人身上。


需求分析假设

       1、用zabbix自带报表功能,但是这个东西存在局限性,还未发现有此功能;

               2、数据库中查找表的信息,从来进行二次判断进行结果展现。


进程:

   选用了第二种方法:数据库。

wKioL1MBe0WznLCqAAFF2pbfyeg318.jpg

   大概看了下zabbix数据库中的表,大概找出了下面3个表可能存在相应的关系:

wKiom1MBe9Hybm9EAAaZHYtcBn0331.jpg


其实,我这里的结果只使用了1表和3表2张表进行结果展现,其实结果呈现的方法很多种,可能最后还会需要“用户组”表,进行结果展现及组员管理。


我这里将结果展现成了下面的内容:(应用级监控邮件报警的历史发送情况)

wKiom1MBfV7xnSb3AAVoLXW5YJg592.jpg

邮件筛选sql:
select userid,name, sum(case when subject like '%CPU systime%' then 1 end) systime, sum(case when subject like '%CPU USE%' then 1 end) cpuuse, sum(case when subject like '%Disk I%' then 1 end) diskio, sum(case when subject like '%available memory%' then 1 end) mem, sum(case when subject like '%is unreachable%' then 1 end) downtime, sum(case when subject like '%restarted%' then 1 end) restart, sum(case when subject like '%has been changed%' then 1 end) passchange, sum(case when subject like '%Free disk%' then 1 end) disk, sum(case when subject not like '%CPU%' and subject not like '%available memory%' and subject not like '%Disk%' and subject not like '%is unreachable%' and subject not like '%restart%' and subject not like '%has been changed%' and subject not like '%disk%' then 1 end) other from (select a.userid,c.name,a.subject from alerts a,users c where a.mediatypeid='6' and a.clock>'1392220800' and a.clock<'1392307200' and a.userid=c.userid and a.status='1' and a.subject not like '%OK%') at group by userid;



短信筛选sql:
select userid,name, sum(case when subject like '%CPU systime%' then 1 end) systime, sum(case when subject like '%CPU USE%' then 1 end) cpuuse, sum(case when subject like '%Disk I%' then 1 end) diskio, sum(case when subject like '%available memory%' then 1 end) mem, sum(case when subject like '%is unreachable%' then 1 end) downtime, sum(case when subject like '%restarted%' then 1 end) restart, sum(case when subject like '%has been changed%' then 1 end) passchange, sum(case when subject like '%Free disk%' then 1 end) disk, sum(case when subject not like '%CPU%' and subject not like '%available memory%' and subject not like '%Disk%' and subject not like '%is unreachable%' and subject not like '%restart%' and subject not like '%has been changed%' and subject not like '%disk%' then 1 end) other from (select a.userid,c.name,a.subject from alerts a,users c where a.mediatypeid='3' and a.clock>'1392220800' and a.clock<'1392307200' and a.userid=c.userid and a.status='1' and a.subject not like '%OK%') at group by userid;



其中sql的条件可以更改。


需要特别注意的是

clock字段是 unix的时间戳,需要的筛选条件可以进行转换进行获得。