ncc.zabbix_templates
ncc.zabbix_templates/Linux.common/zbx_export_templates.yaml
* Исправляем не работающий мониторинг логов ошибок
| awgur@0 | 1 zabbix_export: |
| awgur@0 | 2 version: '6.0' |
| awgur@0 | 3 date: '2023-09-30T06:54:07Z' |
| awgur@0 | 4 groups: |
| awgur@0 | 5 - uuid: 22941f4e01294888a9bed3aae15f6ef9 |
| awgur@0 | 6 name: Templates/AWNET |
| awgur@0 | 7 templates: |
| awgur@0 | 8 - uuid: d9ed1ecc0bc14cafb7fcbd309ad9a944 |
| awgur@0 | 9 template: 'AWNET Linux Template' |
| awgur@0 | 10 name: 'AWNET Linux Template' |
| awgur@0 | 11 groups: |
| awgur@0 | 12 - name: Templates/AWNET |
| awgur@0 | 13 items: |
| awgur@0 | 14 - uuid: 85da57ac953f48c5a1e08f74fb2b65d5 |
| awgur@0 | 15 name: 'Пакеты к обновлению' |
| awgur@0 | 16 key: aw.linux.apt.updatable |
| awgur@2 | 17 delay: 15m |
| awgur@0 | 18 trends: '0' |
| awgur@0 | 19 value_type: TEXT |
| awgur@0 | 20 preprocessing: |
| awgur@0 | 21 - type: JAVASCRIPT |
| awgur@0 | 22 parameters: |
| awgur@0 | 23 - | |
| awgur@0 | 24 var buf = value.split('\n'); |
| awgur@0 | 25 var res = ""; |
| awgur@0 | 26 |
| awgur@0 | 27 var re_test = [ |
| awgur@0 | 28 /^WARNING:/, |
| awgur@0 | 29 /^Вывод списка/, |
| awgur@0 | 30 ]; |
| awgur@0 | 31 |
| awgur@0 | 32 var flag; |
| awgur@0 | 33 for (var i in buf) { |
| awgur@0 | 34 flag = true; |
| awgur@0 | 35 for (var j in re_test) { |
| awgur@0 | 36 if (re_test[j].test(buf[i])) { |
| awgur@0 | 37 flag = false |
| awgur@0 | 38 break; |
| awgur@0 | 39 } |
| awgur@0 | 40 } |
| awgur@0 | 41 |
| awgur@0 | 42 if (flag && buf[i].length > 0) { |
| awgur@0 | 43 res += buf[i] + "\n"; |
| awgur@0 | 44 } |
| awgur@0 | 45 } |
| awgur@0 | 46 |
| awgur@0 | 47 return res |
| awgur@0 | 48 - type: NOT_MATCHES_REGEX |
| awgur@0 | 49 parameters: |
| awgur@0 | 50 - '^ *$' |
| awgur@0 | 51 error_handler: DISCARD_VALUE |
| awgur@0 | 52 tags: |
| awgur@0 | 53 - tag: Module |
| awgur@0 | 54 value: 'Система пакетов' |
| awgur@0 | 55 triggers: |
| awgur@0 | 56 - uuid: 9a2fbf76b8f44d45b8a987c1997de212 |
| awgur@0 | 57 expression: 'nodata(/AWNET Linux Template/aw.linux.apt.updatable,2h)=0' |
| awgur@0 | 58 name: 'Появились обновления системы' |
| awgur@0 | 59 opdata: '{ITEM.VALUE}' |
| awgur@0 | 60 priority: WARNING |
| awgur@0 | 61 - uuid: 33c23ce59f3c49068057013b35ffb849 |
| awgur@0 | 62 name: 'Ошибка в системном журнале' |
| awgur@0 | 63 key: 'aw.linux.journalctl[2]' |
| awgur@0 | 64 delay: 2m |
| awgur@0 | 65 trends: '0' |
| awgur@0 | 66 value_type: TEXT |
| awgur@0 | 67 preprocessing: |
| awgur@0 | 68 - type: JAVASCRIPT |
| awgur@0 | 69 parameters: |
| awgur@0 | 70 - | |
| awgur@0 | 71 var buf = value.split('\n'); |
| awgur@0 | 72 var res = ""; |
| awgur@0 | 73 |
| awgur@0 | 74 var re_test = [ |
| awgur@0 | 75 new RegExp('^-- Journal begins'), |
| awgur@0 | 76 new RegExp('^-- No entries --'), |
| awgur@0 | 77 new RegExp('[0-9]{2} [0-9:]{8} [a-zA-Z0-9._-]* sudo\[[0-9]*\]: '), |
| awgur@0 | 78 new RegExp('CONFIG: restrict nopeer ignored'), |
| awgur@0 | 79 new RegExp('statistics directory /var/log/ntpsec/ does not exist or is unwriteable, error No such file or directory'), |
| awgur@0 | 80 new RegExp('error\: kex_exchange_identification\: Connection closed by remote host'), |
| awgur@0 | 81 new RegExp('error\: maximum authentication attempts exceeded for [^ ]* from [a-f0-9.:-]* port [0-9]+ ssh[0-9]*'), |
| awgur@0 | 82 new RegExp('error\: kex_exchange_identification\: client sent invalid protocol identifier "[^"]*"'), |
| awgur@0 | 83 new RegExp('error\: beginning MaxStartups throttling'), |
| awgur@0 | 84 new RegExp('error\: kex_exchange_identification\: read\: Connection reset by peer'), |
| awgur@0 | 85 new RegExp('error\: kex_exchange_identification\: banner line contains invalid characters'), |
| awgur@0 | 86 new RegExp('error\: maximum authentication attempts exceeded for invalid user [a-zA-Z0-9_.-]+ from [0-9a-f:.]+ port [0-9]+ ssh[0-9]*'), |
| awgur@0 | 87 new RegExp('fatal\: userauth_pubkey\: parse request failed: incomplete message'), |
| awgur@0 | 88 new RegExp('sshd\[[0-9]*\]\: error\: Protocol major versions differ\: [0-9]+ vs\. [0-9]+'), |
| awgur@0 | 89 new RegExp('sshd\[[0-9]*\]\: fatal\: userauth_finish\: Broken pipe \\[preauth\\]'), |
| awgur@0 | 90 new RegExp('openvpn\[[0-9]*\]\: [0-9.:a-fA-F]* Connection reset, restarting \\[[0-9]\\]'), |
| awgur@0 | 91 new RegExp('/system\.journal\: Journal header limits reached or header out-of-date, rotating\.'), |
| awgur@0 | 92 ]; |
| awgur@0 | 93 |
| awgur@0 | 94 var flag; |
| awgur@0 | 95 for (var i in buf) { |
| awgur@0 | 96 flag = true; |
| awgur@0 | 97 for (var j in re_test) { |
| awgur@0 | 98 if (re_test[j].test(buf[i])) { |
| awgur@0 | 99 flag = false |
| awgur@0 | 100 break; |
| awgur@0 | 101 } |
| awgur@0 | 102 } |
| awgur@0 | 103 |
| awgur@0 | 104 if (flag) { |
| awgur@0 | 105 res += buf[i] + "\n"; |
| awgur@0 | 106 } |
| awgur@0 | 107 } |
| awgur@0 | 108 |
| awgur@0 | 109 return res |
| awgur@0 | 110 - type: NOT_MATCHES_REGEX |
| awgur@0 | 111 parameters: |
| awgur@0 | 112 - '^ *$' |
| awgur@0 | 113 error_handler: DISCARD_VALUE |
| awgur@0 | 114 tags: |
| awgur@0 | 115 - tag: Module |
| awgur@0 | 116 value: 'Системный журнал' |
| awgur@0 | 117 triggers: |
| awgur@0 | 118 - uuid: e8001f72a356424ea8e83abfd2a83c63 |
| awgur@0 | 119 expression: 'nodata(/AWNET Linux Template/aw.linux.journalctl[2],5m)=0' |
| awgur@0 | 120 name: 'Ошибки в системном журнале' |
| awgur@0 | 121 opdata: '{ITEM.VALUE}' |
| awgur@0 | 122 priority: WARNING |