hertzbeat(赫兹跳动)监控带动态token的api接口
我写这篇博客的目的也是为了后续如果自己或其它需要用到这款监控工具的小伙伴的一点帮助,我之前也部署用zabbix监控,但对比下来确实hertzbeat(版本1.7)确实要更方便,少了要在目标服务器部署agent来定时收集信息,而是通过访问服务器输入对应命令来查询采集服务器信息,对用户来说是无感的
hertzbeat简介:
HertzBeat 是一款轻量级、开源、无需 Agent 的监控系统,专注于简化监控任务的配置与管理,支持对各类服务、应用、中间件等进行实时监控。其设计理念是通过简洁的配置而非复杂的代码来实现监控能力,让用户以更低的成本构建高效的监控体系.
官网地址:https://hertzbeat.com/zh-cn/docs/
业务:
我这边是最近工作上需要监控带动态token的业务接口,而hertzbeat的监控脚本中基本都是监控单一接口,没有在调用业务接口之前会先调用认证接口将动态token注入到业务接口的头部Authorization参数中,在参考了官网文档中获取token后续认证使用文档编写了自定义监控脚本
# 请在此通过编写YML内容来定义新的监控类型, 参考文档: https://hertzbeat.apache.org/docs/advanced/extend-point # 请在此通过编写YML内容来定义新的监控类型, 参考文档: https://hertzbeat.apache.org/docs/advanced/extend-point category: custom app: api_dynamic_token_full name: zh-CN: 动态Token API监控完整测试 en-US: API with Dynamic Token help: zh-CN: 监控需要动态Token认证的HTTP API接口,自动获取Token并注入后续请求 en-US: Monitor APIs requiring dynamic token authentication, automatically fetching and injecting tokens helpLink: zh-CN: https://hertzbeat.apache.org/zh-cn/docs/help/api_code en-US: https://hertzbeat.apache.org/docs/help/api_code params: # ===== 1. 基础参数 ===== - field: host name: zh-CN: 基础Host en-US: Base Host type: host required: false hide: false defaultValue: required-but-unused # ===== 2. 认证接口参数组 ===== [必须放在业务参数前] # 基础参数 - field: auth_host name: zh-CN: 认证主机 en-US: Auth Host type: text required: true - field: auth_port name: zh-CN: 认证端口 en-US: Auth Port type: number required: true defaultValue: 443 - field: auth_ssl name: zh-CN: 认证HTTPS en-US: Auth HTTPS type: boolean required: true defaultValue: true - field: auth_uri name: zh-CN: 认证接口路径 en-US: Auth URI type: text required: true defaultValue: /api/auth - field: auth_method name: zh-CN: 认证请求方式 en-US: Auth Method type: radio required: true defaultValue: POST options: - label: GET value: GET - label: POST value: POST - label: PUT value: PUT - label: DELETE value: DELETE - field: token_path name: zh-CN: Token解析路径 en-US: Token Path type: text required: true defaultValue: $.code # 认证接口高级参数 - field: auth_content_type name: zh-CN: Content-Type en-US: Content-Type type: text required: false hide: true defaultValue: application/json - field: auth_payload name: zh-CN: 请求BODY en-US: BODY type: textarea required: false hide: true - field: auth_headers name: zh-CN: 请求Headers en-US: Headers type: key-value required: false hide: true - field: auth_params name: zh-CN: 查询Params en-US: Params type: key-value required: false hide: true - field: auth_auth_type name: zh-CN: 认证方式 en-US: Auth Type type: radio required: false hide: true options: - label: Basic Auth value: Basic Auth - label: Digest Auth value: Digest Auth - label: Bearer Token value: Bearer Token - label: None value: None - field: auth_username name: zh-CN: 用户名 en-US: Username type: text required: false hide: true - field: auth_password name: zh-CN: 密码 en-US: Password type: password required: false hide: true - field: auth_token name: zh-CN: 非业务认证Token en-US: Access Token type: text required: false hide: true # ===== 3. 业务接口参数组 ===== # 基础参数 - field: biz_host name: zh-CN: 业务主机 en-US: Business Host type: text required: true - field: biz_port name: zh-CN: 业务端口 en-US: Business Port type: number required: true defaultValue: 80 - field: biz_ssl name: zh-CN: 业务HTTPS en-US: Business HTTPS type: boolean required: true defaultValue: false - field: biz_uri name: zh-CN: 业务接口路径 en-US: Business URI type: text required: true defaultValue: /api/data - field: biz_method name: zh-CN: 业务请求方式 en-US: Business Method type: radio required: true defaultValue: GET options: - label: GET value: GET - label: POST value: POST - label: PUT value: PUT - label: DELETE value: DELETE - field: json_path name: zh-CN: 状态码解析路径 en-US: Status Code Path type: text required: true defaultValue: $.code # 业务接口高级参数 - field: biz_content_type name: zh-CN: 业务Content-Type en-US: Content-Type type: text required: false hide: true - field: biz_payload name: zh-CN: 业务请求BODY en-US: BODY type: textarea required: false hide: true - field: biz_headers name: zh-CN: 业务请求Headers en-US: Headers type: key-value required: false hide: true - field: biz_params name: zh-CN: 业务查询Params en-US: Params type: key-value required: false hide: true # ===== 4. 通用参数 ===== - field: timeout name: zh-CN: 超时时间(ms) en-US: Timeout(ms) type: number required: false defaultValue: 10000 hide: true metrics: # 认证指标 - 关键修复点 - name: auth #优先级 priority: 0 fields: - field: token type: 1 - field: responseTime type: 0 unit: ms aliasFields: - responseTime - ^_^token_path^_^ calculates: - responseTime=responseTime - token=^_^token_path^_^ protocol: http http: host: ^_^auth_host^_^ port: ^_^auth_port^_^ ssl: ^_^auth_ssl^_^ url: ^_^auth_uri^_^ timeout: ^_^timeout^_^ method: ^_^auth_method^_^ # 确保正确引用高级参数 payload: ^_^auth_payload^_^ headers: content-type: ^_^auth_content_type^_^ ^_^auth_headers^_^: ^_^auth_headers^_^ params: ^_^auth_params^_^: ^_^auth_params^_^ # 精确缩进 (4空格) authorization: type: ^_^auth_auth_type^_^ basicAuthUsername: ^_^auth_username^_^ basicAuthPassword: ^_^auth_password^_^ digestAuthUsername: ^_^auth_username^_^ digestAuthPassword: ^_^auth_password^_^ bearerTokenToken: ^_^auth_token^_^ parseType: jsonPath parseScript: '$' # 业务指标 - name: biz priority: 1 fields: - field: code type: 1 - field: responseTime type: 0 unit: ms aliasFields: - ^_^json_path^_^ - responseTime calculates: - code=^_^json_path^_^ - responseTime=responseTime protocol: http http: host: ^_^biz_host^_^ port: ^_^biz_port^_^ ssl: ^_^biz_ssl^_^ url: ^_^biz_uri^_^ timeout: ^_^timeout^_^ method: ^_^biz_method^_^ payload: ^_^biz_payload^_^ headers: content-type: ^_^biz_content_type^_^ #这里是注入动态token的重点,注意写法 Authorization: ^o^token^o^ ^_^biz_headers^_^: ^_^biz_headers^_^ params: ^_^biz_params^_^: ^_^biz_params^_^ parseType: jsonPath parseScript: '$'
这个监控脚本的重点有三
1. Authorization: ^o^token^o^ 这里的^o^代表注入采集到的token值而^_^一般代表是替换页面中用户输入的值
2. priority: 0 优先级为0的认证接口会先一步调用并采集对应的token值,优先级为1的业务接口会注入认证的token进行调用
3. 认证接口及业务接口都分配独立的ip、port、url、调用参数等,基本能满足大部分的监控情况
这个监控的yaml脚本可以直接拿去用的,基本不用改什么配置
基础host这块ip可以随便写的(没有),因为监控脚本必选要有带host的参数否则报错
高级设置里的参数我这边基本上区分的认证的请求及业务的请求
这里是接口采集到值, auth为token的采集值, biz为业务的采集值(备注: 拿到业务的返回code可以在告警设置配置告警规则为code!=200即报错)
浙公网安备 33010602011771号