1.测试端口是否开放:
nc -w 2 smtp.exmail.qq.com 465 < /dev/null && echo “port is ok”
nc -w 2 smtp.exmail.qq.com 25 < /dev/null && echo “port is ok”
首先拿到163邮箱的授权码,邮箱设置–选择“POP/SMTP/IMAP”选项,选择“IMAP/SMTP服务”,点击开启,扫码页面可以选择扫码发送短信,或者点击下方“手动发送短信”,点击“我已发送”后,如果系统检测到用户成功发送短信,即获取到授权码。授权码可以在多个第三方客户端使用。
2.配置163邮箱
zabbix路径:/usr/lib/zabbix/,执行:
certutil -A -n “GeoTrust SSL CA - G3” -t “Pu,Pu,Pu” -d /usr/lib/zabbix/.certs./ -i /usr/lib/zabbix/.certs./163.crt
certutil: unable to open “/usr/lib/zabbix/.certs./163.crt” for reading (-5950, 2).
没有到.certs 目录下执行或者certs不可读
cd .certs/
certutil -A -n “GeoTrust SSL CA - G3” -t “Pu,Pu,Pu” -d ./ -i 163.crt
Notice: Trust flag u is set automatically if the private key is present.
依然报错;
echo “hehe” | mail -v -s “test” abc1@qq.com
Resolving host smtp.163.com . . .Could not resolve host: smtp.163.com
Vim /etc/mail.rc
set from=邮箱地址
set smtp=smtps://smtp.163.com:465
set smtp-auth-user=账号名不要加@
set smtp-auth-password=授权码
set smtp-auth=login
set ssl-verify=ignore
=后面不要“”
测试发邮件:
echo “邮件正文” | mail -s “ZABBIX-TEST” cxxx@163.com
Resolving host smtp.163.com . . . done.
Connecting to 103.74.29.40:465 . . . connected.
Error initializing NSS: Unknown error -8015.
Error initializing NSS: Unknown error -8015.
“/root/dead.letter” 11/320
. . . message not sent.
很莫名奇妙,最终在root下面生产.certs,首先在/root下生成相应文件,在copy到zabbix路径下面;
cd /root
mkdir .certs
echo -n | openssl s_client -connect smtp.163.com:465 | sed -ne ‘/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p’ > /root/.certs/163.crt
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = GeoTrust RSA CN CA G2
verify return:1
depth=0 C = CN, ST = zhejiang, L = hangzhou, O = “NetEase (Hangzhou) Network Co., Ltd”, CN = *.163.com
verify return:1
DONE
certutil -A -n “GeoTrust SSL CA” -t “C,,” -d /root/.certs -i /root/.certs/163.crt
certutil -A -n “GeoTrust Global CA” -t “C,,” -d /root/.certs -i /root/.certs/163.crt
Cd .certs
certutil -A -n “GeoTrust SSL CA - G3” -t “Pu,Pu,Pu” -d /root/.certs/./ -i /root/.certs/163.crt
Notice: Trust flag u is set automatically if the private key is present.
ls /root/.certs/
163.crt cert8.db key3.db secmod.db
certutil -L -d /root/.certs
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
GeoTrust SSL CA P,P,P
cp -a /root/.certs/ /etc/zabbix/ && cd /etc/zabbix && chmod 777 -R .certs
tail -10f /etc/mail.rc
set from=email@163.com
set smtp=smtps://smtp.163.com:465
set smtp-auth-user=用户名不带@
set smtp-auth-password=授权码
set smtp-auth=login
set ssl-verify=ignore
set nss-config-dir=/etc/zabbix/.certs
echo “邮件正文” | mail -s “ZABBIX-TEST” cxxx@163.com
成功了;
Zabbix安装,参照官网https://www.zabbix.com/cn/download
或者网上一大堆源码安装教程;
3.邮件报警配置:
Zabbix5.0安装调试完毕,邮件系统发送,给多用户发送遇到了问题,期初创建了多个用户,用163邮件通知,也有sendmail脚本通知,钉钉通知脚本都用过,
设置了3种通知方式:163邮件通知,钉钉报警给机器人,sendmail脚本发送报警;
1)163邮件通知:
消息模版:
问题:
主题:
TRIGGER.STATUS,服务器:HOSTNAME1,发生:TRIGGER.NAME
消息:
告警主机:HOST.NAME
告警IP:HOST.IP
告警时间:EVENT.DATE-EVENT.TIME
告警等级:TRIGGER.SEVERITY
告警信息:TRIGGER.NAME:ITEM.VALUE
问题详情:ITEM.NAME:ITEM.VALUE
当前状态:TRIGGER.STATUS:ITEM.VALUE
事件ID:EVENT.ID
——-FROM ZABBIX 平台——-163邮局—-
问题恢复:
主题:
恢复{TRIGGER.STATUS}, 服务器:{HOSTNAME1}: {TRIGGER.NAME} 已恢复!
消息:
告警主机: {HOSTNAME1}
主机地址: {HOST.IP}
告警等级: {TRIGGER.SEVERITY}
监控项目: {TRIGGER.KEY1}
问题详情: {ITEM.NAME}:{ITEM.VALUE}
当前状态: {TRIGGER.STATUS}: {ITEM.VALUE1}
告警信息: {TRIGGER.NAME}
告警时间: {EVENT.DATE} {EVENT.TIME}
事件ID: {EVENT.ID}
——来自zabbix监控平台–163邮局—–
问题更新:
Updated problem in {EVENT.AGE}: {EVENT.NAME}
消息:
{USER.FULLNAME} {EVENT.UPDATE.ACTION} problem at {EVENT.UPDATE.DATE} {EVENT.UPDATE.TIME}.
{EVENT.UPDATE.MESSAGE}
Current problem status is {EVENT.STATUS}, age is {EVENT.AGE}, acknowledged: {EVENT.ACK.STATUS}.
——来自zabbix监控平台–163邮局—–
2)Sendmail.sh
脚本:
\#!/bin/bash
\#export.UTF-8
FILE=/var/log/zabbix/mailtmp.txt
echo "$3" >$FILE
dos2unix -k $FILE
/bin/mail -s "$2" $1 < $FILE
\#!/bin/bash
\#messages=`echo $3 | tr '\r\n' '\n'`
\#subject=`echo $2 | tr '\r\n' '\n'`
\#echo "${messages}" | mail -v -s "${subject}" $1 >>/var/log/zabbix/mailx.log 2>&1消息模版基本一致;
3)钉钉告警:
钉钉脚本:
\#!/usr/bin/env python
\#coding:utf-8
\#zabbix钉钉报警
import requests,json,sys,os,datetime
webhook="https://oapi.dingtalk.com/robot/send?access_token=21211212111abcababcb..." #说明:这里改为自己创建的机器人的webhook的值,钉钉个人现在不好申请了;
user=sys.argv[1]
text=sys.argv[3]
data={
"msgtype": "text",
"text": {
"content": text
},
"at": {
"atMobiles": [
user
],
"isAtAll": True
}
}
headers = {'Content-Type': 'application/json'}
x=requests.post(url=webhook,data=json.dumps(data),headers=headers)
if os.path.exists("/usr/local/zabbix/log/ding.log"):
f=open("/usr/local/zabbix/log/ding.log","a+")
else:
f=open("/usr/local/zabbix/log/ding.log","w+")
f.write("\n"+"--"*30)
if x.json()["errcode"] == 0:
f.write("\n"+str(datetime.datetime.now())+" "+str(user)+" "+"发送成功"+"\n"+str(text))
f.close()
else:
f.write("\n"+str(datetime.datetime.now()) + " " + str(user) + " " + "发送失败" + "\n" + str(text))
f.close()Zabbix_server.conf
设置脚本路径:AlertScriptsPath=/usr/lib/zabbix/alertscripts
ExternalScripts=/usr/lib/zabbix/externalscripts
所监控的服务器设置监控脚本:/etc/zabbix/zabbix_agentd.conf
# UserParameter=
UserParameter=dis.process,/usr/lib/zabbix/alertscripts/discovery_process.sh
UserParameter=proc.check[*],/usr/lib/zabbix/alertscripts/process_check.sh $1 $2 $3
遇到问题:邮件只能发送给admin,建立的其他用户一直没收到邮件,后来添加到admin用户以后可以收到,其他用户没收到邮件挺奇怪的事情,现在没头绪。
