python监控nginx实时日志并实现钉钉报警

158次阅读
没有评论

共计 2230 个字符,预计需要花费 6 分钟才能阅读完成。

# !/usr/bin/python
# --*coding:utf-8 -*-
'''
auth:kilig
desc: 监控 Nginx 后端服务响应的状态, 一旦响应时间超过 2ms, 累计次数超过 1 次, 将通过钉钉告警
'''
import re
import sys
import time
import subprocess
import requests
from email.mime.text import MIMEText
from email.header import Header

reload(sys)
sys.setdefaultencoding('utf-8')

# 匹配模式
#pattern = r'(.*?) ".*?(\[.*?\]).*?HTTP/1.1" "(.*?)" "(.*?)".*"(.*)$'
pattern =r'(.*?) ".*?(\[.*?\]).* (\/.*) ?HTTP/1.1" "(.*?)" "(.*?)".*"(.*)$'
# 日志路径
logfile = 'test11.log'
# ip 地址统计字典
result = {}
# 当前日期时间
currntime = time.strftime('%Y-%m-%d %H:%M', time.localtime(time.time()))


#统计 IP 地址出现响应超时的次数
def counterror(ipaddr):
    if ipaddr not in result:
        result[ipaddr] = 0
    result[ipaddr] += 1
    return result


def analyzelog(lists):
    date = lists[1]
    #print date
    ipaddr = lists[0]
    #print ipaddr
    ups_resp_time = str(lists[4]).split(':')[1]
    #print ups_resp_time
    url_file = str(lists[2])
    url_time = str(lists[1])

    # 当前日期时间
    currntime = time.strftime('%Y-%m-%d %H:%M', time.localtime(time.time()))
    try:
        if float(ups_resp_time) > 2:
            counts = counterror(ipaddr)
            if counts[ipaddr] > 1:
                msg = ('你好 \n' + url_time + '\nnginx 请求 ip:' + ipaddr + ",\n 响应 url 为:" + url_file + ",\n 响应时间超过阈值 (2s), 当前为:" + ups_resp_time + " 毫秒! \n 响应缓慢, 请联系管理员检查!")
            #print msg
                send_monitor(msg)
                counts[ipaddr] = 0

    except ValueError:
        print currntime, " 值异常:", ups_resp_time

def send_monitor(msg):
    dingding_url="https://oapi.dingtalk.com/robot/send?access_token=265f32a0f5f17b6d9b4a8e0ca6"
    date_str = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())  #使用本地时间
    data = '{"msgtype": "text",  "text": { "content": "%s %s"} }' % (date_str, msg)
    data = data.encode("utf-8")
    headers = {"Content-Type": "application/json",
               'User-Agent': 'Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.202.0 Safari/532.0'
               }

    r = requests.post(dingding_url, data=data, headers=headers, timeout=5)
    result_text = r.text
    if re.search(r'ok', str(result_text)):
        log_line = "%s 发送报警内容:%s 成功 " % (date_str, msg)
    else:
        log_line = "%s 发送报警内容:%s 失败 " % (date_str, msg)

def monitorlog(logfile):
    popen = subprocess.Popen('tail -f' + logfile, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
    print " 文件读取开始.... ", currntime
    pid = popen.pid
    print 'Popen.pid:' + str(pid)

    while True:
        line = popen.stdout.readline().strip()
        matchObj = re.findall(pattern, line, re.M)
        print matchObj

        if line and len(matchObj) > 0:
            analyzelog(matchObj[0])
            #print matchObj[0]
        else:
            continue


if __name__ == "__main__":
    print "Start"
    print " 监控的日志文件是 %s" % logfile
    monitorlog(logfile)

正文完
 0
yx
版权声明:本站原创文章,由 yx 于2019-06-12发表,共计2230字。
转载说明:除特殊说明外本站文章皆由CC-4.0协议发布,转载请注明出处。
评论(没有评论)
验证码