🥇Zabbix - kukulitsa malire akulu | Pulogalamu ya ProHoster

Popanga yankho kwa kasitomala, ntchito za 2 zidawuka zomwe ndimafuna kuthetsa bwino komanso magwiridwe antchito a Zabbix.

Ntchito 1. Kutsata mtundu waposachedwa wa firmware pa ma routers a Mikrotik.

Ntchitoyi imathetsedwa mosavuta - powonjezera wothandizira pa template ya HTTP. Wothandizira amalandira mtundu waposachedwa kuchokera patsamba la Mikrotik, ndipo choyambitsacho chimafanizira mawonekedwe apano ndi omwe alipo ndipo amapereka chenjezo ngati pangakhale kusiyana.

Mukakhala ndi ma routers 10, ma aligorivimu otere siwovuta, koma chochita ndi ma routers 3000? Tumizani zopempha 3000 ku seva? Zoonadi, chiwembu choterocho chidzagwira ntchito, koma lingaliro lomwe la zopempha 3000 silinagwirizane ndi ine, ndinkafuna kupeza yankho lina. Kuonjezera apo, panalibe zovuta mu ndondomeko yotereyi: mbali inayo ikhoza kuwerengera zopempha zambiri kuchokera ku IP imodzi pa kuukira kwa DoS, akhoza kungoletsa.

Ntchito 2. Kugwiritsa ntchito gawo lololeza mu othandizira osiyanasiyana a HTTP.

Pamene wothandizira akufunika kulandira zambiri kuchokera pamasamba "otsekedwa" kudzera pa HTTP, cookie yololeza ikufunika. Kuti muchite izi, nthawi zambiri pamakhala fomu yovomerezeka yokhala ndi "login / password" awiri ndikuyika ID yagawo mu cookie.

Koma pali vuto, ndizosatheka kupeza deta ya chinthu china kuchokera ku chinthu chimodzi chothandizira HTTP kuti mulowe m'malo mwa Mtengowu.

Palinso "Web script", ili ndi malire ena, samakulolani kuti mutengere zomwe mungafufuze ndikusunganso. Mutha kungoyang'ana kupezeka kwa zosintha zofunika pamasamba kapena kudutsa zosintha zomwe zidalandilidwa kale pakati pa masitepe a script.

Nditaganizira pang'ono za ntchitozi, ndinaganiza zogwiritsa ntchito macros omwe amawoneka bwino m'mbali iliyonse ya polojekiti: mu ma templates, makamu, zoyambitsa kapena zinthu. Ndipo mutha kusintha ma macros kudzera pa intaneti ya API.

Zabbix ili ndi zolemba zabwino komanso zatsatanetsatane za API. Pakusinthana kwa data kudzera pa api, mawonekedwe a data a Json amagwiritsidwa ntchito. Zambiri zitha kupezeka mu zolemba zovomerezeka.

Mndandanda wazinthu zopezera zomwe tikufuna ndikuzijambulira mu macro zikuwonetsedwa pazithunzi pansipa.

mwatsatane 1

Gawo loyamba likhoza kukhala ndi chinthu chimodzi kapena zingapo. Mfundo zazikuluzikulu zonse zimayikidwa pamasitepe oyamba, ndipo masitepe atatu omaliza ndi akulu.

Mu chitsanzo changa, sitepe yoyamba inali kupeza ma cookie ovomerezeka pa PBX pa ntchito yoyamba. Pantchito yachiwiri, ndapeza nambala ya mtundu waposachedwa wa firmware wa Mikrotik.

Ulalo wa mitundu yaposachedwa ya firmware ya Mikrotik

upgrade.mikrotik.com/routeros/LATEST.6 - URL adilesi ya mtundu wa Stable wapano
upgrade.mikrotik.com/routeros/LATEST.6fix - adilesi ya URL ya mtundu waposachedwa wa LTS

Maadiresi awa amafikiridwa ndi zida za Mikrotik zokha pomwe mtundu waposachedwa wa firmware walandilidwa.

Gawo loyamba ndilokhazikika payekha pazochitika zilizonse ndipo malingaliro a ntchito yake angakhale osiyana. Zonse zimadalira ntchito yanu.

Pamene mukugwira ntchito ndi web scripting, fufuzani njira yoyankhira yomwe mukufuna. Maina audindo Kuyankha kwa HTTP kapena kudzikonda thupi kuyankha popanda mitu?
Ngati ma cookie ovomerezeka akufunika, ikani njira yoyankhira Maina audindo monga momwe zilili ndi Asterisk.

Ngati mukufuna deta, monga momwe zilili ndi yankho la seva ya mikrotik, ikani Thupi kuyankha popanda mitu.

mwatsatane 2

Tiyeni tipitirire ku sitepe yachiwiri. Kupeza gawo lovomerezeka:

POST http://company.com/zabbix/api_jsonrpc.php HTTP/1.1
Content-Type: application/json-rpc

{
    "jsonrpc": "2.0",
    "method": "user.login",
    "params": {
        "user": "Admin"
        "password": "zabbix"
    },
    "id": 1,
    "auth": null
}

jsonrpc ndiye mtundu wa protocol ya JSON-RPC yomwe ikugwiritsidwa ntchito;
Zabbix imagwiritsa ntchito mtundu wa JSON-RPC 2.0;

njira - njira yomwe imatchedwa;

magawo - magawo omwe amadutsa njira;

id ndi chizindikiritso chopempha mwachisawawa;

auth - kiyi yotsimikizira ogwiritsa ntchito; popeza tilibebe, tiyeni tiyike kuti ikhale yopanda pake.

Kuti ndigwire ntchito ndi API, ndinapanga akaunti yosiyana yokhala ndi ufulu wochepa. Choyamba, simuyenera kupereka mwayi komwe simukuyenera kutero. Ndipo chachiwiri, mtundu wa 5.0 usanachitike, mawu achinsinsi omwe adayikidwa pa macro amatha kuwerengedwa. Chifukwa chake, ngati mugwiritsa ntchito mawu achinsinsi a Zabbix administrator, akaunti ya admin ndiyosavuta kuba.

Izi zidzakhala zowona makamaka mukamagwira ntchito ndi API kudzera muzolemba za chipani chachitatu ndikusunga zidziwitso kumbali.

Popeza mtundu 5.0 pali njira yobisa mawu achinsinsi osungidwa mu macro.

Mukapanga akaunti yosiyana yosinthira deta kudzera pa API, onetsetsani kuti mukuwona ngati deta yomwe mukufuna ikupezeka kudzera pa intaneti komanso ngati n'kotheka kuisintha. Sindinayang'ane, kenako kwa nthawi yayitali sindimamvetsetsa chifukwa chake macro omwe ndimafunikira sanali kuwoneka mu API.

Titalandira chilolezo mu API, timapitiliza kupeza mndandanda wa macros.

mwatsatane 3

API sikukulolani kuti musinthe macro ndi dzina, muyenera kupeza ID yayikulu. Komanso, kuti mupeze mndandanda wa macros kwa omwe akukhala nawo, muyenera kudziwa ID ya wolandirayo, ndipo ichi ndi pempho lowonjezera. Gwiritsani ntchito macro {ID YA HOST} mu pempho sikuloledwa. Ndinaganiza zolambalala lamuloli motere:

Ndinapanga macro wamba ndi ID ya wolandirayo. Kupeza ID yolandila ndikosavuta kuchokera pa intaneti.

Yankho lomwe lili ndi mndandanda wa macros onse pagulu lomwe lapatsidwa litha kusefedwa ndi pateni:

regex:{"hostmacroid":"([0-9]+)"[A-z0-9,":]+"{$MIKROTIK_VERSION}"

Chifukwa chake, timapeza ID ya macro omwe tikufuna, komwe MIKROTIK_VERSION ndi dzina la macro omwe tikuyang'ana. Kwa ine, macro amafufuzidwa MIKROTIK_VERSIONZomwe zidaperekedwa kwa woyang'anira.

Pempho lenilenilo likuwoneka motere:

POST http://company.com/zabbix/api_jsonrpc.php HTTP/1.1
Content-Type: application/json-rpc

{
    "jsonrpc":"2.0",
    "method":"usermacro.get",
    "params":{
        "output":"extend",
        "hostids":"{$HOST_ID}"
    },
    "auth":"{sid}",
    "id":1
}

Zosiyanasiyana {sid} zopezeka mu gawo lachiwiri ndipo zidzagwiritsidwa ntchito nthawi zonse, komwe muyenera kugwira ntchito ndi mawonekedwe a API.

Final 4 STEP - kukonzanso macro

Tsopano tikudziwa macro ID yomwe ikufunika kusinthidwa, cookie yovomerezeka kapena mtundu wa firmware wa rauta. Mutha kusintha macro palokha.

POST http://company.com/zabbix/api_jsonrpc.php HTTP/1.1
Content-Type: application/json-rpc

{
    "jsonrpc":"2.0",
    "method":"usermacro.update",
    "params":{
        "hostmacroid":"{hostmacroid}",
        "value":"{mikrotik_version}"
    },
    "auth":"{sid}",
    "id":1
}

{mikrotik_version} ndi mtengo wopezedwa mu sitepe yoyamba. Mu chitsanzo changa, mtundu wa firmware waposachedwa wa mikrotik
{hostmacroid} - mtengowo udapezedwa mu gawo lachitatu - id ya macro yomwe tikukonzanso.

anapezazo

Njira yothetsera vutoli ndi magwiridwe antchito ndizovuta kwambiri komanso zazitali. Makamaka ngati mukudziwa mapulogalamu ndipo mutha kuwonjezera mwachangu malingaliro ofunikira muzolemba.

Ubwino wodziwikiratu wa njirayi ndi "kunyamula" kwa yankho pakati pa ma seva osiyanasiyana.

Kwa ine ndekha, ndizodabwitsa kuti wothandizira HTTP sangathe kupeza deta ya chinthu china ndikulowetsa m'malo mwazopempha kapena mitu [ ZBXNEXT-5993].

The yomalizidwa template akhoza tsitsani pa GitHub.

Source: www.habr.com

Zabbix - kukulitsa malire akulu

mwatsatane 1

mwatsatane 2

mwatsatane 3

Final 4 STEP - kukonzanso macro

anapezazo

Kuwonjezera ndemanga kuletsa reply