Alertmanager webhook 在单独定义时不起作用
Alertmanager webhook does not work when defined on its own
我使用包含电子邮件和 webhook 的默认接收器配置 alertmanager:
receivers:
- name: infra_email
email_configs:
- to: 'xxx.xxx@xxx.xxx'
send_resolved: true
webhook_configs:
- url: 'http://172.22.45.34:55553/'
send_resolved: false
这很好用。
当我尝试配置与单独的接收器相同时:
route:
receiver: 'infra_email'
group_by: [alertname, severity]
group_interval: 5m
repeat_interval: 4h
group_wait: 3m
routes:
- match:
alertname: ServerRebooted, HostOutOfDiskSpace, HostOutOfMemory
receiver: splunk_webhook
continue: true
receivers:
- name: infra_email
email_configs:
- to: 'xxx.xxx@xxx.xxx'
send_resolved: true
- name: splunk_webhook
webhook_configs:
- url: 'http://172.22.45.34:55553/'
send_resolved: false
这行不通。
amtool 报告路由有效:
# /usr/local/bin/amtool config routes show
Routing tree:
.
└── default-route receiver: infra_email
└── {alertname="ServerRebooted, HostOutOfDiskSpace, HostOutOfMemory} continue: true receiver: splunk_webhook
$ alertmanager --version
alertmanager, version 0.20.0 (branch: HEAD, revision: f74be0400a6243d10bb53812d6fa408ad71ff32d)
build user: root@00c3106655f8
build date: 20191211-14:13:14
go version: go1.13.5
我假设您希望为 ServerRebooted、HostOutOfDiskSpace 和 HostOutOfMemory 警报调用您的 webhook,并且它们是单独的警报。
您的提醒不符合指定条件。 match: 对指定的标签进行精确匹配,因此添加逗号不起作用。
最好的方法是改用 match_re: 并使用正则表达式:
match_re:
alertname: ServerRebooted|HostOutOfDiskSpace|HostOutOfMemory
或者,您可以考虑为警报本身添加一些标签,然后按该标签路由警报。如果他们将要发送到 splunk 的事实是警报本身的 属性,那么您可以 add/remove 从列表发送到 splunk 的警报,而无需触及 alertmanager 配置。
我使用包含电子邮件和 webhook 的默认接收器配置 alertmanager:
receivers:
- name: infra_email
email_configs:
- to: 'xxx.xxx@xxx.xxx'
send_resolved: true
webhook_configs:
- url: 'http://172.22.45.34:55553/'
send_resolved: false
这很好用。
当我尝试配置与单独的接收器相同时:
route:
receiver: 'infra_email'
group_by: [alertname, severity]
group_interval: 5m
repeat_interval: 4h
group_wait: 3m
routes:
- match:
alertname: ServerRebooted, HostOutOfDiskSpace, HostOutOfMemory
receiver: splunk_webhook
continue: true
receivers:
- name: infra_email
email_configs:
- to: 'xxx.xxx@xxx.xxx'
send_resolved: true
- name: splunk_webhook
webhook_configs:
- url: 'http://172.22.45.34:55553/'
send_resolved: false
这行不通。 amtool 报告路由有效:
# /usr/local/bin/amtool config routes show
Routing tree:
.
└── default-route receiver: infra_email
└── {alertname="ServerRebooted, HostOutOfDiskSpace, HostOutOfMemory} continue: true receiver: splunk_webhook
$ alertmanager --version
alertmanager, version 0.20.0 (branch: HEAD, revision: f74be0400a6243d10bb53812d6fa408ad71ff32d)
build user: root@00c3106655f8
build date: 20191211-14:13:14
go version: go1.13.5
我假设您希望为 ServerRebooted、HostOutOfDiskSpace 和 HostOutOfMemory 警报调用您的 webhook,并且它们是单独的警报。
您的提醒不符合指定条件。 match: 对指定的标签进行精确匹配,因此添加逗号不起作用。
最好的方法是改用 match_re: 并使用正则表达式:
match_re:
alertname: ServerRebooted|HostOutOfDiskSpace|HostOutOfMemory
或者,您可以考虑为警报本身添加一些标签,然后按该标签路由警报。如果他们将要发送到 splunk 的事实是警报本身的 属性,那么您可以 add/remove 从列表发送到 splunk 的警报,而无需触及 alertmanager 配置。