0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

【AWS】EC2経由でパトライトとの連携について②

Last updated at Posted at 2024-05-22

【AWS】EC2経由でパトライトとの連携について①の続きです。

■Lambda関数

SSM RunCommand実行が必要ですので、「AmazonSSMFullAccess」ポリシーのアタッチが必要。
@aws-sdk/client-ssm、mailparserのnode.jsライブラリはLambdaレイヤーに事前導入済み。

qiita.rb
<index.mjs>
import { SendCommandCommand } from "@aws-sdk/client-ssm";
import { ssmClient } from "./ssmClient.mjs";
import { simpleParser } from "mailparser";

export const handler = async (event) => {
    
    console.log("request:", JSON.stringify(event, undefined, 2));
    let res = "0"
    let command = "sh patlite.sh 192.168.100.5 "

    let params = {
        DocumentName: 'AWS-RunShellScript',
        InstanceIds: ['i-************'],
        Parameters: {
            commands: [
                "cd /usr/lib/zabbix/alertscripts"
            ],
        },
        CloudWatchOutputConfig: {
            CloudWatchLogGroupName: '/aws/lambda/S3toPatlite',
            CloudWatchOutputEnabled: true
        },
        TimeoutSeconds: 3600
    }
    
    const SES_message = event["Records"][0]["Sns"]["Message"];
    const SES_message_json = JSON.parse(SES_message);
    const SES_message_content = SES_message_json["content"];
    const email_message = await simpleParser(SES_message_content);
    console.log("email_message start --------");
    console.log(
        "Received email_message:",
        JSON.stringify(email_message, null, 2)
        );
    console.log("email_message end   --------");
    const email_from = email_message.from.value[0]["address"];
    console.log(email_from);
    const email_date = JSON.stringify(email_message.date).replace(/"/g, "");
    console.log(email_date);
    const email_subject = email_message.subject;
    console.log(email_subject);
    const email_content = email_message.text;
    console.log(email_content);
    
    if (email_subject.startsWith('★監視NG! 【' )){
        console.log("★監視NG!");
        res = "4"
    } else if (email_subject.startsWith('◎監視復旧! 【')){
        console.log("◎監視復旧!");
        res = "1"
    } else {
        console.log("何もない");
    }
    
    if(res != 0){
        params.Parameters.commands[1] = command + res;
        console.log(params);
        try {
            const response = await ssmClient.send(new SendCommandCommand(params));
            console.log("Successfully call shell patlite.sh.");
        } catch (error) {
            console.log("Error", error);
        }
    }
};
qiita.rb
<ssmClient.mjs>
import { SSMClient } from "@aws-sdk/client-ssm"

const REGION = "ap-northeast-1"
const ssmClient = new SSMClient({ region: REGION })
export { ssmClient }

★監視NG! 【から始まるメール件名ですとパトライト赤点灯、◎監視復旧! 【から始まるメール件名ですと、緑点灯となる設計です。
実際の運用に従い、変更する方が良いです。

■パトライトシェルスクリプト
qiita.rb
#!/bin/sh

user=root

notclassified=000000
information=001000
warning=010000
average=100000
high=111001
disaster=222002

ipaddress=$1
severity=$2

case $severity in
0)
  options=$notclassified;;
1)
  options=$information;;
2)
  options=$warning;;
3)
  options=$average;;
4)
  options=$high;;
5)
  options=$disaster;;
*)
  options=000000;;
esac

/usr/bin/rsh $ipaddress -l $user clear
/usr/bin/rsh $ipaddress -l $user alert $options 15

実行する時、今の状態をClearしてからRSHコマンドを実行する。15秒継続してまた元の状態(消灯)に戻すという設計となります。

パトライト側でrshサーバー接続許可が必要。

sssss.png

■まとめ

上記の一連の通り設定、構築してメール受信時、パトライトを動作させるよう実現しました。
実際の運用状況に従い、設定を変更する場合はあると思いますが、連携方法については記載させて頂きました。
又、EC2の構築は割愛とさせていただきました。RSHコマンドの実行ができる普通のLinuxで良いです。

0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?