我的书签
添加书签
移除书签event.get
Description
描述
integer/array event.get(object **parameters**) 整数/数组 event.get(object **parameters**)
The method allows to retrieve events according to the given parameters. 此方法用于根据给定参数来获取事件
Parameters
参数
(object) Parameters defining the desired output. (对象) 定义所需输出的参数.
The method supports the following parameters. 此方法支持以下参数:
| Parameter | Type | Description |
|---|---|---|
| eventids | string/array | Return only events with the given IDs. |
| groupids | string/array | Return only events created by objects that belong to the given host groups. |
| hostids | string/array | Return only events created by objects that belong to the given hosts. |
| objectids | string/array | Return only events created by the given objects. |
| applicationids | string/array | Return only events created by objects that belong to the given applications. Applies only if object is trigger or item. |
| source | integer | Return only events with the given type. Refer to the event object page for a list of supported event types. Default: 0 - trigger events. |
| object | integer | Return only events created by objects of the given type. Refer to the event object page for a list of supported object types. Default: 0 - trigger. |
| acknowledged | boolean | If set to true return only acknowledged events. |
| severities | integer/array | Return only events with given event severities. Applies only if object is trigger. |
| evaltype | integer | Rules for tag searching. Possible values: 0 - (default) And/Or; 2 - Or. |
| tags | object | Return only events with given tags. Exact match by tag and case-insensitive search by value and operator. Format: [{“tag”: “<tag>”, “value”: “<value>”, “operator”: “<operator>”}, …].An empty array returns all events. Possible operator types: 0 - (default) Like; 1 - Equal. |
| eventid_from | string | Return only events with IDs greater or equal to the given ID. |
| eventid_till | string | Return only events with IDs less or equal to the given ID. |
| time_from | timestamp | Return only events that have been created after or at the given time. |
| time_till | timestamp | Return only events that have been created before or at the given time. |
| value | integer/array | Return only events with the given values. |
| selectHosts | query | Return hosts containing the object that created the event in the hosts property. Supported only for events generated by triggers, items or LLD rules. |
| selectRelatedObject | query | Return the object that created the event in the relatedObject property. The type of object returned depends on the event type. |
| select_alerts | query | Return alerts generated by the event in the alerts property. Alerts are sorted in reverse chronological order. |
| select_acknowledges | query | Return event’s updates in the acknowledges property. Event updates are sorted in reverse chronological order.The event update object has the following properties: acknowledgeid - (string) acknowledgement’s ID;userid - (string) ID of the user that updated the event;eventid - (string) ID of the updated event;clock - (timestamp) time when the event was updated;message - (string) text of the message;action - (integer) update action that was performed see event.acknowledge;old_severity - (integer) event severity before this update action;new_severity - (integer) event severity after this update action;alias - (string) alias of the user that updated the event;name - (string) name of the user that updated the event;surname - (string) surname of the user that updated the event.Supports count. |
| selectTags | query | Return event tags in tags property. |
| sortfield | string/array | Sort the result by the given properties. Possible values are: eventid, objectid and clock. |
| countOutput | boolean | These parameters being common for all get methods are described in detail in the reference commentary page. |
| editable | boolean | |
| excludeSearch | boolean | |
| filter | object | |
| limit | integer | |
| output | query | |
| preservekeys | boolean | |
| search | object | |
| searchByAny | boolean | |
| searchWildcardsEnabled | boolean | |
| sortorder | string/array | |
| startSearch | boolean | |
| 参数 | 类型 | 描述 |
|---|---|---|
| eventids | string/array | 仅返回具有给定ID的事件. |
| groupids | string/array | 仅返回由属于给定主机组的对象创建的事件. |
| hostids | string/array | 仅返回由属于给定主机的对象创建的事件。. |
| objectids | string/array | 仅返回由给定对象创建的事件. |
| applicationids | string/array | 仅返回属于给定应用程序的对象创建的事件。仅当对象为触发器或监控项时才适用。 |
| source | integer | 仅返回给定类型的事件. 有关支持的事件类型的列表,请参阅事件对象页面. 默认值: 0 - 触发器事件. |
| object | integer | 仅返回由给定类型的对象创建的事件. 有关支持的对象类型的列表,请参阅事件对象页面. 默认值: 0 - 触发器. |
| acknowledged | boolean | 如果设置为“true”,则只返回已被确认的事件. |
| severities | integer/array | 仅返回符合给定严重程度的事件。仅当对象为触发器时才适用. |
| evaltype | integer | 标签搜索的规则. 可能值: 0 - (默认) 与/或; 2 - 或. |
| tags | object | 仅返回具有给定标签的事件. 按标签进行完全匹配;按值搜索时,不区分大小写. Format: [{“tag”: “<tag>”, “value”: “<value>”, “operator”: “<operator>”}, …].一个空数组会返回所有事件. 可能的操作类型: 0 - (默认) 相似(like); 1 - 相等(equal). |
| eventid_from | string | 仅返回ID大于或等于给定ID的事件. |
| eventid_till | string | 仅返回ID小于或等于给定ID的事件. |
| time_from | timestamp | 仅返回在给定时间时或之后创建的事件. |
| time_till | timestamp | 仅返回在给定时间时或之前创建的事件. |
| value | integer/array | 仅返回具有给定值的事件. |
| selectHosts | query | 在 主机 属性下,返回包含创建该事件的对象的主机. 仅支持由触发器、监控项、低级别发现规则生成的事件. |
| selectRelatedObject | query | 在 相关对象(relatedObject) 属性下,返回创建该事件的对象. 返回的对象类型会依赖于该事件的类型. |
| select_alerts | query | 在 告警 属性下,返回由该事件生成的告警.告警是按反向时间顺序进行排序 |
| select_acknowledges | query | 在 确认 属性下,返回事件的更新. 事件的更新是按反向时间顺序进行排序.事件更新对象具有以下属性: acknowledgeid - (string) 确认的ID;userid - (string) 更新事件的用户的ID;eventid - (string) 被更新事件的ID;clock - (timestamp) 事件的更新时间;message - (string) 消息文本;action - (integer) 已执行的更新操作,参考event.acknowledge;old_severity - (integer) event severity before this update action更新操作之前的事件的严重等级;new_severity - (integer) 更新操作之后的事件的严重等级;alias - (string) alias of the user that updated the event更新该事件的用户的别名;name - (string) 更新该事件的用户的名称;surname - (string) 更新该事件的用户的姓氏.支持 计数(count). |
| selectTags | query | 在 标签 属性下,返回事件的标签. |
| sortfield | string/array | 根据给定属性,对结果进行排序. 可能值: eventid, objectid 以及 clock. |
| countOutput | boolean | 以下参数为get方法通常参数,在参考注释有详细说明. |
| editable | boolean | |
| excludeSearch | boolean | |
| filter | object | |
| limit | integer | |
| output | query | |
| preservekeys | boolean | |
| search | object | |
| searchByAny | boolean | |
| searchWildcardsEnabled | boolean | |
| sortorder | string/array | |
| startSearch | boolean | |
Return values
返回值
(integer/array) Returns either:
an array of objects;
the count of retrieved objects, if the
countOutputparameter has been used.
(整数/数组) 返回:
一个数组对象;
如果使用了
countOutput参数,返回获取的对象的数量.
Examples
例子
Retrieving trigger events
获取触发器事件
Retrieve the latest events from trigger “13926.” 从触发器“13926”中获取最新事件
Request: 请求:
{"jsonrpc": "2.0","method": "event.get","params": {"output": "extend","select_acknowledges": "extend","selectTags": "extend","objectids": "13926","sortfield": ["clock", "eventid"],"sortorder": "DESC"},"auth": "038e1d7b1735c6a5436ee9eae095879e","id": 1}
Response: 响应:
{"jsonrpc": "2.0","result": [{"acknowledges": [{"acknowledgeid": "1","userid": "1","eventid": "9695","clock": "1350640590","message": "Problem resolved.\n\r----[BULK ACKNOWLEDGE]----","action": "6","old_severity": "0","new_severity": "0","alias": "Admin","name": "Zabbix","surname": "Administrator"}],"eventid": "9695","source": "0","object": "0","objectid": "13926","clock": "1347970410","value": "1","acknowledged": "1","ns": "413316245","name": "MySQL is down","severity": "5","r_eventid": "0","c_eventid": "0","correlationid": "0","userid": "0","tags": [{"tag": "service","value": "mysqld"},{"tag": "error","value": ""}]},{"acknowledges": [],"eventid": "9671","source": "0","object": "0","objectid": "13926","clock": "1347970347","value": "0","acknowledged": "0","ns": "0","name": "Unavailable by ICMP ping","severity": "4","r_eventid": "0","c_eventid": "0","correlationid": "0","userid": "0","tags": []}],"id": 1}
Retrieving events by time period
按时间段获取事件
Retrieve all events that have been created between October 9 and 10, 2012, in reverse chronological order. 在2012-10-9至2012-10-10时间段内,以逆时间顺序获取所有已被创建的事件。
Request: 请求:
{"jsonrpc": "2.0","method": "event.get","params": {"output": "extend","time_from": "1349797228","time_till": "1350661228","sortfield": ["clock", "eventid"],"sortorder": "desc"},"auth": "038e1d7b1735c6a5436ee9eae095879e","id": 1}
Response: 响应:
{"jsonrpc": "2.0","result": [{"eventid": "20616","source": "0","object": "0","objectid": "14282","clock": "1350477814","value": "1","acknowledged": "0","ns": "0","name": "Less than 25% free in the history cache","severity": "3","r_eventid": "0","c_eventid": "0","correlationid": "0","userid": "0"},{"eventid": "20617","source": "0","object": "0","objectid": "14283","clock": "1350477814","value": "0","acknowledged": "0","ns": "0","name": "Zabbix trapper processes more than 75% busy","severity": "3","r_eventid": "0","c_eventid": "0","correlationid": "0","userid": "0"},{"eventid": "20618","source": "0","object": "0","objectid": "14284","clock": "1350477815","value": "1","acknowledged": "0","ns": "0","name": "High ICMP ping loss","severity": "3","r_eventid": "0","c_eventid": "0","correlationid": "0","userid": "0"}],"id": 1}
See also
参考
Source
来源
CEvent::get() in frontends/php/include/classes/api/services/CEvent.php.
