我正在尝试使用 event.get 方法选择最近的事件,并按相关的对象描述和主机名过滤它们。
示例请求(没有主机名和相关的对象描述过滤器)
{
"jsonrpc": "2.0",
"method": "event.get",
"params": {
"time_from": "1518016133",
"filter": {
"value": 1
},
"selectRelatedObject": ["description"],
"selectHost": ["name"]
},
"id": 2,
"auth": "474aeddd05bb5e5f7fc0e7267fbd2sd6"
}
回复示例
{
"jsonrpc": "2.0",
"result": [
{
"eventid": "24397263",
"source": "0",
"object": "0",
"objectid": "98218",
"clock": "1518016248",
"value": "1",
"acknowledged": "0",
"ns": "850595734",
"hosts": [
{
"hostid": "11513",
"name": "OS-1-LIVE"
}
],
"relatedObject": {
"triggerid": "98218",
"description": "No response"
}
}
],
"id": 2
}
我尝试将以下内容添加到过滤器块(一次一个)
"hosts.name": "TEST"
"hosts[name]": "TEST"
"selectHosts.name": "TEST"
"selectHosts[name]": "TEST"
"relatedObject.description": "TEST"
但它们都不起作用。 (所有结果仍然返回)
是否可以按相关对象和主机名过滤事件?
Zabbix API 3.0.14版
答案 0 :(得分:2)
经过更多研究后编辑。
event.get的参数仅适用于event object:您可以对值,已确认,hostids,groupids等进行过滤,但不能使用它来按主机名过滤输出。
您可以使用hostids参数(请参阅API),但您必须先调用API才能将目标主机名转换为主机ID。
或者您只能使用selectHosts = 'extend',它会返回包含时间范围完整详细信息的事件和主机列表,然后迭代结果并按您的条件进行过滤。
第一个需要更多的API调用,但我认为它更优雅。第二个将返回特定时间范围内所有主机的所有事件,然后您将必须过滤掉所有不需要的事件。
带有hostids过滤的Python示例:
hostId = zapi.get_id('host', item="TEST host name")
eventObj = zapi.event.get(time_from=1515771918, hostids=hostId, value="1", selectHosts='extend')
for event in eventObj:
for host in event['hosts']:
# filter by host['description'] or any other host value
没有hostids过滤的Python示例:
eventObj = zapi.event.get(time_from=1515771918, value="1", selectHosts='extend')
for event in eventObj:
for host in event['hosts']:
# filter by host['name'] or host['description'] or any other host value
在这两种情况下,扩展输出将提供foreach事件的完整主机信息:
[
{
"acknowledged": "0",
"c_eventid": "0",
"clock": "1515773211",
"correlationid": "0",
"eventid": "2738610",
"hosts": [
{
"available": "0",
"description": "Host description",
"disable_until": "0",
"error": "",
"errors_from": "0",
"flags": "0",
"host": "192.168.1.1",
"hostid": "10283",
"ipmi_authtype": "-1",
"ipmi_available": "0",
"ipmi_disable_until": "0",
"ipmi_error": "",
"ipmi_errors_from": "0",
"ipmi_password": "",
"ipmi_privilege": "2",
"ipmi_username": "",
"jmx_available": "0",
"jmx_disable_until": "0",
"jmx_error": "",
"jmx_errors_from": "0",
"lastaccess": "0",
"maintenance_from": "0",
"maintenance_status": "0",
"maintenance_type": "0",
"maintenanceid": "0",
"name": "Your device name or hostname",
"proxy_hostid": "0",
"snmp_available": "1",
"snmp_disable_until": "0",
"snmp_error": "",
"snmp_errors_from": "0",
"status": "0",
"templateid": "0",
"tls_accept": "1",
"tls_connect": "1",
"tls_issuer": "",
"tls_psk": "",
"tls_psk_identity": "",
"tls_subject": ""
}
],
"ns": "259800604",
"object": "0",
"objectid": "15177",
"r_eventid": "2738613",
"source": "0",
"userid": "0",
"value": "1"
},
-- other events --
]
您可以使用selectHosts来限制使用属性数组代替'extend'检索的值:
eventObj = zapi.event.get(time_from=1515771918, hostids=hostId, value="1", selectHosts=['description', 'status', 'host'])
此请求将返回具有以下主机格式的事件:
{
"acknowledged": "0",
"c_eventid": "0",
"clock": "1516502139",
"correlationid": "0",
"eventid": "2768212",
"hosts": [
{
"description": "Test server for API experiments",
"host": "Test Server",
"hostid": "10270",
"status": "0"
}
],
"ns": "536030065",
"object": "0",
"objectid": "14920",
"r_eventid": "0",
"source": "0",
"userid": "0",
"value": "1"
},