refactor: optimize import prom alert rule

fix: new mysql db client
add case-insensitive search for builtin payload filtering
2026-03-03 06:29:16 +00:00 · 2025-08-06 11:09:53 +08:00 · 2025-08-04 18:40:04 +08:00 · 2025-08-04 16:31:28 +08:00 · 2025-08-01 19:00:06 +08:00 · 2025-08-01 16:47:14 +08:00
919 changed files with 240680 additions and 29196 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -1,67 +0,0 @@
-name: Bug Report
-description: Report a bug encountered while running Nightingale
-labels: ["kind/bug"]
-
-body:
-  - type: markdown
-    attributes:
-      value: |
-        Thanks for taking time to fill out this bug report! 
-        The more detailed the form is filled in, the easier the problem will be solved.
-  - type: textarea
-    id: config
-    attributes:
-      label: Relevant server.conf | webapi.conf
-      description: Place config in the toml code section. This will be automatically formatted into toml, so no need for backticks.
-      render: toml
-    validations:
-      required: true
-  - type: textarea
-    id: logs
-    attributes:
-      label: Relevant logs
-      description: categraf | telegraf | server | webapi | prometheus | chrome request/response ...
-      render: text
-    validations:
-      required: true
-  - type: input
-    id: system-info
-    attributes:
-      label: System info
-      description: Include nightingale version, operating system, and other relevant details
-      placeholder: ex. n9e 5.9.2, n9e-fe 5.5.0, categraf 0.1.0, Ubuntu 20.04, Docker 20.10.8
-    validations:
-      required: true
-  - type: textarea
-    id: reproduce
-    attributes:
-      label: Steps to reproduce
-      description: Describe the steps to reproduce the bug.
-      value: |
-        1.
-        2.
-        3.
-        ...
-    validations:
-      required: true
-  - type: textarea
-    id: expected-behavior
-    attributes:
-      label: Expected behavior
-      description: Describe what you expected to happen when you performed the above steps.
-    validations:
-      required: true
-  - type: textarea
-    id: actual-behavior
-    attributes:
-      label: Actual behavior
-      description: Describe what actually happened when you performed the above steps.
-    validations:
-      required: true
-  - type: textarea
-    id: additional-info
-    attributes:
-      label: Additional info
-      description: Include gist of relevant config, logs, etc.
-    validations:
-      required: false
--- a/.github/ISSUE_TEMPLATE/question.yml
+++ b/.github/ISSUE_TEMPLATE/question.yml
@@ -0,0 +1,33 @@
+name: Bug Report & Usage Question
+description: Reporting a bug or asking a question about how to use Nightingale 
+labels: []
+
+body:
+  - type: markdown
+    attributes:
+      value: |
+        The more detailed the form is filled in, the easier the problem will be solved.
+        提供的信息越详细，问题解决的可能性就越大。另外, 提问之前请先搜索历史 issue (包括 close 的), 以免重复提问。
+  - type: textarea
+    id: question
+    attributes:
+      label: Question and Steps to reproduce
+      description: Describe your question and steps to reproduce the bug. 描述问题以及复现步骤
+    validations:
+      required: true
+  - type: textarea
+    id: logs
+    attributes:
+      label: Relevant logs and configurations
+      description: Relevant logs and configurations. 报错日志（[查看方法](https://flashcat.cloud/docs/content/flashcat-monitor/nightingale-v6/faq/how-to-check-logs/)）以及各个相关组件的配置信息
+      render: text
+    validations:
+      required: true
+  - type: textarea
+    id: system-info
+    attributes:
+      label: Version
+      description: Include nightingale version, operating system, and other relevant details. 请告知夜莺的版本、操作系统的版本、CPU架构等信息
+    validations:
+      required: true
+ 
--- a/.github/workflows/n9e.yml
+++ b/.github/workflows/n9e.yml
@@ -5,7 +5,7 @@ on:
    tags:
      - 'v*'
 env:
-  GO_VERSION: 1.18
+  GO_VERSION: 1.23

 jobs:
  goreleaser:
@@ -26,7 +26,8 @@ jobs:
      - name: Run GoReleaser
        uses: goreleaser/goreleaser-action@v3
        with:
-          version: latest
+          distribution: goreleaser
+          version: '~> v1'
          args: release --rm-dist
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.gitignore
+++ b/.gitignore
@@ -9,6 +9,7 @@
 *.o
 *.a
 *.so
+*.db
 *.sw[po]
 *.tar.gz
 *.[568vq]
@@ -30,7 +31,11 @@ _test
 /dist
 /etc/*.local.yml
 /etc/*.local.conf
+/etc/rsa/*
 /etc/plugins/*.local.yml
+/etc/script/rules.yaml
+/etc/script/alert-rules.json
+/etc/script/record-rules.json
 /data*
 /tarball
 /run
@@ -40,13 +45,22 @@ _test
 /n9e
 /docker/pub
 /docker/n9e
-/docker/mysqldata
-/etc.local
+/docker/compose-bridge/mysqldata
+/docker/compose-host-network/mysqldata
+/docker/compose-host-network-metric-log/mysqldata
+/docker/compose-host-network-metric-log/n9e-logs
+/docker/compose-postgres/pgdata
+/etc.local*
+/front/statik/statik.go
+/docker/compose-bridge/etc-nightingale/rsa/

 .alerts
 .idea
 .index
 .vscode
+.issue
+.cursor
+.claude
 .DS_Store
 .cache-loader
 .payload
@@ -54,3 +68,7 @@ queries.active

 /n9e-*
 n9e.sql
+
+!/datasource
+
+.env.json
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -2,6 +2,7 @@ before:
  hooks:
    # You may remove this if you don't use go modules.
    - go mod tidy
+    - go install github.com/rakyll/statik

 snapshot:
  name_template: '{{ .Tag }}'
@@ -14,7 +15,8 @@ builds:
  - id: build
    hooks:
      pre:
-       - ./fe.sh
+      - cmd: sh -x ./fe.sh
+        output: true
    main: ./cmd/center/
    binary: n9e
    env:
@@ -40,22 +42,9 @@ builds:
    ldflags:
      - -s -w
      - -X github.com/ccfos/nightingale/v6/pkg/version.Version={{ .Tag }}-{{.Commit}}
-  - id: build-alert
-    main: ./cmd/alert/
-    binary: n9e-alert
-    env:
-      - CGO_ENABLED=0
-    goos:
-      - linux
-    goarch:
-      - amd64
-      - arm64
-    ldflags:
-      - -s -w
-      - -X github.com/ccfos/nightingale/v6/pkg/version.Version={{ .Tag }}-{{.Commit}}
-  - id: build-pushgw
-    main: ./cmd/pushgw/
-    binary: n9e-pushgw
+  - id: build-edge
+    main: ./cmd/edge/
+    binary: n9e-edge
    env:
      - CGO_ENABLED=0
    goos:
@@ -72,8 +61,7 @@ archives:
    builds:
      - build
      - build-cli
-      - build-alert
-      - build-pushgw
+      - build-edge
    format: tar.gz
    format_overrides:
      - goos: windows
@@ -83,7 +71,6 @@ archives:
    files:
      - docker/*
      - etc/*
-      - pub/*
      - integrations/*
      - cli/*
      - n9e.sql
@@ -103,7 +90,6 @@ dockers:
      - build
    dockerfile: docker/Dockerfile.goreleaser
    extra_files:
-      - pub
      - etc
      - integrations
    use: buildx
@@ -117,7 +103,6 @@ dockers:
      - build
    dockerfile: docker/Dockerfile.goreleaser.arm64
    extra_files:
-      - pub
      - etc
      - integrations
    use: buildx
--- a/.issue
+++ b/.issue
@@ -0,0 +1 @@
+/Users/ning/qinyening.com/issue/n9e
--- a/634
+++ b/634
@@ -1,433 +1,201 @@
-                              Apache License
- 
-                        Version 2.0, January 2004
- 
-                     http://www.apache.org/licenses/
- 
- 
- 
- 
-TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
- 
- 
- 
- 
-1. Definitions.
- 
- 
- 
- 
-   "License" shall mean the terms and conditions for use, reproduction,
- 
-   and distribution as defined by Sections 1 through 9 of this document.
- 
- 
- 
- 
-   "Licensor" shall mean the copyright owner or entity authorized by
- 
-   the copyright owner that is granting the License.
- 
- 
- 
- 
-   "Legal Entity" shall mean the union of the acting entity and all
- 
-   other entities that control, are controlled by, or are under common
- 
-   control with that entity. For the purposes of this definition,
- 
-   "control" means (i) the power, direct or indirect, to cause the
- 
-   direction or management of such entity, whether by contract or
- 
-   otherwise, or (ii) ownership of fifty percent (50%) or more of the
- 
-   outstanding shares, or (iii) beneficial ownership of such entity.
- 
- 
- 
- 
-   "You" (or "Your") shall mean an individual or Legal Entity
- 
-   exercising permissions granted by this License.
- 
- 
- 
- 
-   "Source" form shall mean the preferred form for making modifications,
- 
-   including but not limited to software source code, documentation
- 
-   source, and configuration files.
- 
- 
- 
- 
-   "Object" form shall mean any form resulting from mechanical
- 
-   transformation or translation of a Source form, including but
- 
-   not limited to compiled object code, generated documentation,
- 
-   and conversions to other media types.
- 
- 
- 
- 
-   "Work" shall mean the work of authorship, whether in Source or
- 
-   Object form, made available under the License, as indicated by a
- 
-   copyright notice that is included in or attached to the work
- 
-   (an example is provided in the Appendix below).
- 
- 
- 
- 
-   "Derivative Works" shall mean any work, whether in Source or Object
- 
-   form, that is based on (or derived from) the Work and for which the
- 
-   editorial revisions, annotations, elaborations, or other modifications
- 
-   represent, as a whole, an original work of authorship. For the purposes
- 
-   of this License, Derivative Works shall not include works that remain
- 
-   separable from, or merely link (or bind by name) to the interfaces of,
- 
-   the Work and Derivative Works thereof.
- 
- 
- 
- 
-   "Contribution" shall mean any work of authorship, including
- 
-   the original version of the Work and any modifications or additions
- 
-   to that Work or Derivative Works thereof, that is intentionally
- 
-   submitted to Licensor for inclusion in the Work by the copyright owner
- 
-   or by an individual or Legal Entity authorized to submit on behalf of
- 
-   the copyright owner. For the purposes of this definition, "submitted"
- 
-   means any form of electronic, verbal, or written communication sent
- 
-   to the Licensor or its representatives, including but not limited to
- 
-   communication on electronic mailing lists, source code control systems,
- 
-   and issue tracking systems that are managed by, or on behalf of, the
- 
-   Licensor for the purpose of discussing and improving the Work, but
- 
-   excluding communication that is conspicuously marked or otherwise
- 
-   designated in writing by the copyright owner as "Not a Contribution."
- 
- 
- 
- 
-   "Contributor" shall mean Licensor and any individual or Legal Entity
- 
-   on behalf of whom a Contribution has been received by Licensor and
- 
-   subsequently incorporated within the Work.
- 
- 
- 
- 
-2. Grant of Copyright License. Subject to the terms and conditions of
- 
-   this License, each Contributor hereby grants to You a perpetual,
- 
-   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- 
-   copyright license to reproduce, prepare Derivative Works of,
- 
-   publicly display, publicly perform, sublicense, and distribute the
- 
-   Work and such Derivative Works in Source or Object form.
- 
- 
- 
- 
-3. Grant of Patent License. Subject to the terms and conditions of
- 
-   this License, each Contributor hereby grants to You a perpetual,
- 
-   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- 
-   (except as stated in this section) patent license to make, have made,
- 
-   use, offer to sell, sell, import, and otherwise transfer the Work,
- 
-   where such license applies only to those patent claims licensable
- 
-   by such Contributor that are necessarily infringed by their
- 
-   Contribution(s) alone or by combination of their Contribution(s)
- 
-   with the Work to which such Contribution(s) was submitted. If You
- 
-   institute patent litigation against any entity (including a
- 
-   cross-claim or counterclaim in a lawsuit) alleging that the Work
- 
-   or a Contribution incorporated within the Work constitutes direct
- 
-   or contributory patent infringement, then any patent licenses
- 
-   granted to You under this License for that Work shall terminate
- 
-   as of the date such litigation is filed.
- 
- 
- 
- 
-4. Redistribution. You may reproduce and distribute copies of the
- 
-   Work or Derivative Works thereof in any medium, with or without
- 
-   modifications, and in Source or Object form, provided that You
- 
-   meet the following conditions:
- 
- 
- 
- 
-   (a) You must give any other recipients of the Work or
- 
-       Derivative Works a copy of this License; and
- 
- 
- 
- 
-   (b) You must cause any modified files to carry prominent notices
- 
-       stating that You changed the files; and
- 
- 
- 
- 
-   (c) You must retain, in the Source form of any Derivative Works
- 
-       that You distribute, all copyright, patent, trademark, and
- 
-       attribution notices from the Source form of the Work,
- 
-       excluding those notices that do not pertain to any part of
- 
-       the Derivative Works; and
- 
- 
- 
- 
-   (d) If the Work includes a "NOTICE" text file as part of its
- 
-       distribution, then any Derivative Works that You distribute must
- 
-       include a readable copy of the attribution notices contained
- 
-       within such NOTICE file, excluding those notices that do not
- 
-       pertain to any part of the Derivative Works, in at least one
- 
-       of the following places: within a NOTICE text file distributed
- 
-       as part of the Derivative Works; within the Source form or
- 
-       documentation, if provided along with the Derivative Works; or,
- 
-       within a display generated by the Derivative Works, if and
- 
-       wherever such third-party notices normally appear. The contents
- 
-       of the NOTICE file are for informational purposes only and
- 
-       do not modify the License. You may add Your own attribution
- 
-       notices within Derivative Works that You distribute, alongside
- 
-       or as an addendum to the NOTICE text from the Work, provided
- 
-       that such additional attribution notices cannot be construed
- 
-       as modifying the License.
- 
- 
- 
- 
-   You may add Your own copyright statement to Your modifications and
- 
-   may provide additional or different license terms and conditions
- 
-   for use, reproduction, or distribution of Your modifications, or
- 
-   for any such Derivative Works as a whole, provided Your use,
- 
-   reproduction, and distribution of the Work otherwise complies with
- 
-   the conditions stated in this License.
- 
- 
- 
- 
-5. Submission of Contributions. Unless You explicitly state otherwise,
- 
-   any Contribution intentionally submitted for inclusion in the Work
- 
-   by You to the Licensor shall be under the terms and conditions of
- 
-   this License, without any additional terms or conditions.
- 
-   Notwithstanding the above, nothing herein shall supersede or modify
- 
-   the terms of any separate license agreement you may have executed
- 
-   with Licensor regarding such Contributions.
- 
- 
- 
- 
-6. Trademarks. This License does not grant permission to use the trade
- 
-   names, trademarks, service marks, or product names of the Licensor,
- 
-   except as required for reasonable and customary use in describing the
- 
-   origin of the Work and reproducing the content of the NOTICE file.
- 
- 
- 
- 
-7. Disclaimer of Warranty. Unless required by applicable law or
- 
-   agreed to in writing, Licensor provides the Work (and each
- 
-   Contributor provides its Contributions) on an "AS IS" BASIS,
- 
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- 
-   implied, including, without limitation, any warranties or conditions
- 
-   of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
- 
-   PARTICULAR PURPOSE. You are solely responsible for determining the
- 
-   appropriateness of using or redistributing the Work and assume any
- 
-   risks associated with Your exercise of permissions under this License.
- 
- 
- 
- 
-8. Limitation of Liability. In no event and under no legal theory,
- 
-   whether in tort (including negligence), contract, or otherwise,
- 
-   unless required by applicable law (such as deliberate and grossly
- 
-   negligent acts) or agreed to in writing, shall any Contributor be
- 
-   liable to You for damages, including any direct, indirect, special,
- 
-   incidental, or consequential damages of any character arising as a
- 
-   result of this License or out of the use or inability to use the
- 
-   Work (including but not limited to damages for loss of goodwill,
- 
-   work stoppage, computer failure or malfunction, or any and all
- 
-   other commercial damages or losses), even if such Contributor
- 
-   has been advised of the possibility of such damages.
- 
- 
- 
- 
-9. Accepting Warranty or Additional Liability. While redistributing
- 
-   the Work or Derivative Works thereof, You may choose to offer,
- 
-   and charge a fee for, acceptance of support, warranty, indemnity,
- 
-   or other liability obligations and/or rights consistent with this
- 
-   License. However, in accepting such obligations, You may act only
- 
-   on Your own behalf and on Your sole responsibility, not on behalf
- 
-   of any other Contributor, and only if You agree to indemnify,
- 
-   defend, and hold each Contributor harmless for any liability
- 
-   incurred by, or claims asserted against, such Contributor by reason
- 
-   of your accepting any such warranty or additional liability.
- 
- 
- 
- 
-END OF TERMS AND CONDITIONS
- 
- 
- 
- 
-APPENDIX: How to apply the Apache License to your work.
- 
- 
- 
- 
-   To apply the Apache License to your work, attach the following
- 
-   boilerplate notice, with the fields enclosed by brackets "{}"
- 
-   replaced with your own identifying information. (Don't include
- 
-   the brackets!)  The text should be enclosed in the appropriate
- 
-   comment syntax for the file format. We also recommend that a
- 
-   file or class name and description of purpose be included on the
- 
-   same "printed page" as the copyright notice for easier
- 
-   identification within third-party archives.
- 
- 
- 
- 
-Copyright (C) 2017 Beijing Didi Infinity Technology and Development Co.,Ltd. All rights reserved.
- 
- 
- 
- 
-Licensed under the Apache License, Version 2.0 (the "License");
- 
-you may not use this file except in compliance with the License.
- 
-You may obtain a copy of the License at
- 
- 
- 
- 
-    http://www.apache.org/licenses/LICENSE-2.0
- 
- 
- 
- 
-Unless required by applicable law or agreed to in writing, software
- 
-distributed under the License is distributed on an "AS IS" BASIS,
- 
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- 
-See the License for the specific language governing permissions and
- 
-limitations under the License.
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright CCF ODC.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
--- a/18
+++ b/18
@@ -1,4 +1,4 @@
-.PHONY: start build
+.PHONY: prebuild build

 ROOT:=$(shell pwd -P)
 GIT_COMMIT:=$(shell git --work-tree ${ROOT}  rev-parse 'HEAD^{commit}')
@@ -6,27 +6,35 @@ _GIT_VERSION:=$(shell git --work-tree ${ROOT} describe --tags --abbrev=14 "${GIT
 TAG=$(shell echo "${_GIT_VERSION}" |  awk -F"-" '{print $$1}')
 RELEASE_VERSION:="$(TAG)-$(GIT_COMMIT)"

-all: build
+all: prebuild build
+
+prebuild:
+	echo "begin download and embed the front-end file..."
+	sh fe.sh
+	echo "front-end file download and embedding completed."

 build:
 	go build -ldflags "-w -s -X github.com/ccfos/nightingale/v6/pkg/version.Version=$(RELEASE_VERSION)" -o n9e ./cmd/center/main.go

+build-edge:
+	go build -ldflags "-w -s -X github.com/ccfos/nightingale/v6/pkg/version.Version=$(RELEASE_VERSION)" -o n9e-edge ./cmd/edge/
+
 build-alert:
 	go build -ldflags "-w -s -X github.com/ccfos/nightingale/v6/pkg/version.Version=$(RELEASE_VERSION)" -o n9e-alert ./cmd/alert/main.go

 build-pushgw:
 	go build -ldflags "-w -s -X github.com/ccfos/nightingale/v6/pkg/version.Version=$(RELEASE_VERSION)" -o n9e-pushgw ./cmd/pushgw/main.go

-build-cli:
+build-cli: 
 	go build -ldflags "-w -s -X github.com/ccfos/nightingale/v6/pkg/version.Version=$(RELEASE_VERSION)" -o n9e-cli ./cmd/cli/main.go

 run:
 	nohup ./n9e > n9e.log 2>&1 &

-run_alert:
+run-alert:
 	nohup ./n9e-alert > n9e-alert.log 2>&1 &

-run_pushgw:
+run-pushgw:
 	nohup ./n9e-pushgw > n9e-pushgw.log 2>&1 &

 release:
--- a/README.md
+++ b/README.md
@@ -1,148 +1,115 @@
 <p align="center">
  <a href="https://github.com/ccfos/nightingale">
-    <img src="doc/img/nightingale_logo_h.png" alt="nightingale - cloud native monitoring" width="240" /></a>
+    <img src="doc/img/Nightingale_L_V.png" alt="nightingale - cloud native monitoring" width="100" /></a>
+</p>
+<p align="center">
+  <b>Open-Source Alerting Expert</b>
 </p>

 <p align="center">
-<img alt="GitHub latest release" src="https://img.shields.io/github/v/release/ccfos/nightingale"/>
-<a href="https://n9e.github.io">
+<a href="https://flashcat.cloud/docs/">
  <img alt="Docs" src="https://img.shields.io/badge/docs-get%20started-brightgreen"/></a>
 <a href="https://hub.docker.com/u/flashcatcloud">
  <img alt="Docker pulls" src="https://img.shields.io/docker/pulls/flashcatcloud/nightingale"/></a>
-<img alt="GitHub Repo stars" src="https://img.shields.io/github/stars/ccfos/nightingale">
-<img alt="GitHub Repo issues" src="https://img.shields.io/github/issues/ccfos/nightingale">
-<img alt="GitHub Repo issues closed" src="https://img.shields.io/github/issues-closed/ccfos/nightingale">
-<img alt="GitHub forks" src="https://img.shields.io/github/forks/ccfos/nightingale">
 <a href="https://github.com/ccfos/nightingale/graphs/contributors">
  <img alt="GitHub contributors" src="https://img.shields.io/github/contributors-anon/ccfos/nightingale"/></a>
+<img alt="GitHub Repo stars" src="https://img.shields.io/github/stars/ccfos/nightingale">
+<img alt="GitHub forks" src="https://img.shields.io/github/forks/ccfos/nightingale">
+<br/><img alt="GitHub Repo issues" src="https://img.shields.io/github/issues/ccfos/nightingale">
+<img alt="GitHub Repo issues closed" src="https://img.shields.io/github/issues-closed/ccfos/nightingale">
+<img alt="GitHub latest release" src="https://img.shields.io/github/v/release/ccfos/nightingale"/>
+<img alt="License" src="https://img.shields.io/badge/license-Apache--2.0-blue"/>
 <a href="https://n9e-talk.slack.com/">
  <img alt="GitHub contributors" src="https://img.shields.io/badge/join%20slack-%23n9e-brightgreen.svg"/></a>
-<img alt="License" src="https://img.shields.io/badge/license-Apache--2.0-blue"/>
-</p>
-<p align="center">
-  <b>All-in-one</b> 的开源观测平台 <br/>
-  <b>开箱即用</b>，集数据采集、可视化、监控告警于一体 <br/>
-  推荐升级您的 <b>Prometheus + AlertManager + Grafana + ELK + Jaeger</b> 组合方案到夜莺！
 </p>

-[English](./README_en.md) | [中文](./README.md)


+[English](./README.md) | [中文](./README_zh.md)

-## 功能和特点
+## 🎯 What is Nightingale

- **开箱即用**
-  - 支持 Docker、Helm Chart、云服务等多种部署方式，集数据采集、监控告警、可视化为一体，内置多种监控仪表盘、快捷视图、告警规则模板，导入即可快速使用，**大幅降低云原生监控系统的建设成本、学习成本、使用成本**；
- **专业告警**
-  - 可视化的告警配置和管理，支持丰富的告警规则，提供屏蔽规则、订阅规则的配置能力，支持告警多种送达渠道，支持告警自愈、告警事件管理等；
-  - **推荐您使用夜莺的同时，无缝搭配[FlashDuty](https://flashcat.cloud/product/flashcat-duty/)，实现告警聚合收敛、认领、升级、排班、协同，让告警的触达既高效，又确保告警处理不遗漏、做到件件有回响**。
- **云原生**
-  - 以交钥匙的方式快速构建企业级的云原生监控体系，支持 [Categraf](https://github.com/flashcatcloud/categraf)、Telegraf、Grafana-agent 等多种采集器，支持 Prometheus、VictoriaMetrics、M3DB、ElasticSearch、Jaeger 等多种数据源，兼容支持导入 Grafana 仪表盘，**与云原生生态无缝集成**；
- **高性能 高可用**
-  - 得益于夜莺的多数据源管理引擎，和夜莺引擎侧优秀的架构设计，借助于高性能时序库，可以满足数亿时间线的采集、存储、告警分析场景，节省大量成本；
-  - 夜莺监控组件均可水平扩展，无单点，已在上千家企业部署落地，经受了严苛的生产实践检验。众多互联网头部公司，夜莺集群机器达百台，处理数亿级时间线，重度使用夜莺监控；
- **灵活扩展 中心化管理**
-  - 夜莺监控，可部署在 1 核 1G 的云主机，可在上百台机器集群化部署，可运行在 K8s 中；也可将时序库、告警引擎等组件下沉到各机房、各 Region，兼顾边缘部署和中心化统一管理，**解决数据割裂，缺乏统一视图的难题**；
- **开放社区**
-  - 托管于[中国计算机学会开源发展委员会](https://www.ccf.org.cn/kyfzwyh/)，有[快猫星云](https://flashcat.cloud)和众多公司的持续投入，和数千名社区用户的积极参与，以及夜莺监控项目清晰明确的定位，都保证了夜莺开源社区健康、长久的发展。活跃、专业的社区用户也在持续迭代和沉淀更多的最佳实践于产品中；
+Nightingale is an open-source monitoring project that focuses on alerting. Similar to Grafana, Nightingale also connects with various existing data sources. However, while Grafana emphasizes visualization, Nightingale places greater emphasis on the alerting engine, as well as the processing and distribution of alarms.

-## 使用场景
-1. **如果您希望在一个平台中，统一管理和查看 Metrics、Logging、Tracing 数据，推荐你使用夜莺**：
-   - 请参考阅读：[不止于监控，夜莺 V6 全新升级为开源观测平台](http://flashcat.cloud/blog/nightingale-v6-release/)
-2. **如果您在使用 Prometheus 过程中，有以下的一个或者多个需求场景，推荐您无缝升级到夜莺**：
-   - Prometheus、Alertmanager、Grafana 等多个系统较为割裂，缺乏统一视图，无法开箱即用;
-   - 通过修改配置文件来管理 Prometheus、Alertmanager 的方式，学习曲线大，协同有难度;
-   - 数据量过大而无法扩展您的 Prometheus 集群；
-   - 生产环境运行多套 Prometheus 集群，面临管理和使用成本高的问题；
-3. **如果您在使用 Zabbix，有以下的场景，推荐您升级到夜莺**：
-   - 监控的数据量太大，希望有更好的扩展解决方案；
-   - 学习曲线高，多人多团队模式下，希望有更好的协同使用效率；
-   - 微服务和云原生架构下，监控数据的生命周期多变、监控数据维度基数高，Zabbix 数据模型不易适配；
-   - 了解更多Zabbix和夜莺监控的对比，推荐您进一步阅读[Zabbix 和夜莺监控选型对比](https://flashcat.cloud/blog/zabbx-vs-nightingale/)
-4. **如果您在使用 [Open-Falcon](https://github.com/open-falcon/falcon-plus)，我们推荐您升级到夜莺：**
-   - 关于 Open-Falcon 和夜莺的详细介绍，请参考阅读：[云原生监控的十个特点和趋势](http://flashcat.cloud/blog/10-trends-of-cloudnative-monitoring/)
-   - 监控系统和可观测平台的区别，请参考阅读：[从监控系统到可观测平台，Gap有多大
-](https://flashcat.cloud/blog/gap-of-monitoring-to-o11y/)
-5. **我们推荐您使用 [Categraf](https://github.com/flashcatcloud/categraf) 作为首选的监控数据采集器**：
-   - [Categraf](https://github.com/flashcatcloud/categraf) 是夜莺监控的默认采集器，采用开放插件机制和 All-in-one 的设计理念，同时支持 metric、log、trace、event 的采集。Categraf 不仅可以采集 CPU、内存、网络等系统层面的指标，也集成了众多开源组件的采集能力，支持K8s生态。Categraf 内置了对应的仪表盘和告警规则，开箱即用。
+> The Nightingale project was initially developed and open-sourced by DiDi.inc. On May 11, 2022, it was donated to the Open Source Development Committee of the China Computer Federation (CCF ODC).

-## 文档
+![](https://n9e.github.io/img/global/arch-bg.png)

-[English Doc](https://n9e.github.io/) |  [中文文档](https://flashcat.cloud/docs/)
+## 💡 How Nightingale Works

-## 产品示意图
+Many users have already collected metrics and log data. In this case, you can connect your storage repositories (such as VictoriaMetrics, ElasticSearch, etc.) as data sources in Nightingale. This allows you to configure alerting rules and notification rules within Nightingale, enabling the generation and distribution of alarms.

-https://user-images.githubusercontent.com/792850/216888712-2565fcea-9df5-47bd-a49e-d60af9bd76e8.mp4
+![Nightingale Product Architecture](doc/img/readme/20240221152601.png)

-## 夜莺架构
+Nightingale itself does not provide monitoring data collection capabilities. We recommend using [Categraf](https://github.com/flashcatcloud/categraf) as the collector, which integrates seamlessly with Nightingale.

-夜莺监控可以接收各种采集器上报的监控数据（比如 [Categraf](https://github.com/flashcatcloud/categraf)、telegraf、grafana-agent、Prometheus），并写入多种流行的时序数据库中（可以支持Prometheus、M3DB、VictoriaMetrics、Thanos、TDEngine等），提供告警规则、屏蔽规则、订阅规则的配置能力，提供监控数据的查看能力，提供告警自愈机制（告警触发之后自动回调某个webhook地址或者执行某个脚本），提供历史告警事件的存储管理、分组查看的能力。
+[Categraf](https://github.com/flashcatcloud/categraf) can collect monitoring data from operating systems, network devices, various middleware, and databases. It pushes this data to Nightingale via the `Prometheus Remote Write` protocol. Nightingale then stores the monitoring data in a time-series database (such as Prometheus, VictoriaMetrics, etc.) and provides alerting and visualization capabilities.

-### 中心汇聚式部署方案
+For certain edge data centers with poor network connectivity to the central Nightingale server, we offer a distributed deployment mode for the alerting engine. In this mode, even if the network is disconnected, the alerting functionality remains unaffected.

-![中心汇聚式部署方案](https://download.flashcat.cloud/ulric/20230327133406.png)
+![Edge Deployment Mode](doc/img/readme/20240222102119.png)

-夜莺只有一个模块，就是 n9e，可以部署多个 n9e 实例组成集群，n9e 依赖 2 个存储，数据库、Redis，数据库可以使用 MySQL 或 Postgres，自己按需选用。
+> In the above diagram, Data Center A has a good network with the central data center, so it uses the Nightingale process in the central data center as the alerting engine. Data Center B has a poor network with the central data center, so it deploys `n9e-edge` as the alerting engine to handle alerting for its own data sources.

-n9e 提供的是 HTTP 接口，前面负载均衡可以是 4 层的，也可以是 7 层的。一般就选用 Nginx 就可以了。
+## 🔕 Alert Noise Reduction, Escalation, and Collaboration

-n9e 这个模块接收到数据之后，需要转发给后端的时序库，相关配置是：
+Nightingale focuses on being an alerting engine, responsible for generating alarms and flexibly distributing them based on rules. It supports 20 built-in notification medias (such as phone calls, SMS, email, DingTalk, Slack, etc.).

-```toml
-[Pushgw]
-LabelRewrite = true
-[[Pushgw.Writers]] 
-Url = "http://127.0.0.1:9090/api/v1/write"
-```
+If you have more advanced requirements, such as:
+- Want to consolidate events from multiple monitoring systems into one platform for unified noise reduction, response handling, and data analysis.
+- Want to support personnel scheduling, practice on-call culture, and support alert escalation (to avoid missing alerts) and collaborative handling.

-> 注意：虽然数据源可以在页面配置了，但是上报转发链路，还是需要在配置文件指定。
+Then Nightingale is not suitable. It is recommended that you choose on-call products such as PagerDuty and FlashDuty. These products are simple and easy to use.

-所有机房的 agent（ 比如 Categraf、Telegraf、 Grafana-agent、Datadog-agent ），都直接推数据给 n9e，这个架构最为简单，维护成本最低。当然，前提是要求机房之间网络链路比较好，一般有专线。如果网络链路不好，则要使用下面的部署方式了。
+## 🗨️ Communication Channels

-### 边缘下沉式混杂部署方案
+- **Report Bugs:** It is highly recommended to submit issues via the [Nightingale GitHub Issue tracker](https://github.com/ccfos/nightingale/issues/new?assignees=&labels=kind%2Fbug&projects=&template=bug_report.yml).
+- **Documentation:** For more information, we recommend thoroughly browsing the [Nightingale Documentation Site](https://n9e.github.io/).

-![边缘下沉式混杂部署方案](https://download.flashcat.cloud/ulric/20230327135615.png)
+## 🔑 Key Features

-这个图尝试解释 3 种不同的情形，比如 A 机房和中心网络链路很好，Categraf 可以直接汇报数据给中心 n9e 模块，另一个机房网络链路不好，就需要把时序库下沉部署，时序库下沉了，对应的告警引擎和转发网关也都要跟随下沉，这样数据不会跨机房传输，比较稳定。但是心跳还是需要往中心心跳，要不然在对象列表里看不到机器的 CPU、内存使用率。还有的时候，可能是接入的一个已有的 Prometheus，数据采集没有走 Categraf，那此时只需要把 Prometheus 作为数据源接入夜莺即可，可以在夜莺里看图、配告警规则，但是就是在对象列表里看不到，也不能使用告警自愈的功能，问题也不大，核心功能都不受影响。
+![Nightingale Alerting rules](doc/img/readme/2025-05-23_18-43-37.png)

-边缘机房，下沉部署时序库、告警引擎、转发网关的时候，要注意，告警引擎需要依赖数据库，因为要同步告警规则，转发网关也要依赖数据库，因为要注册对象到数据库里去，需要打通相关网络，告警引擎和转发网关都不用Redis，所以无需为 Redis 打通网络。 
+- Nightingale supports alerting rules, mute rules, subscription rules, and notification rules. It natively supports 20 types of notification media and allows customization of message templates.  
+- It supports event pipelines for Pipeline processing of alarms, facilitating automated integration with in-house systems. For example, it can append metadata to alarms or perform relabeling on events. 
+- It introduces the concept of business groups and a permission system to manage various rules in a categorized manner.  
+- Many databases and middleware come with built-in alert rules that can be directly imported and used. It also supports direct import of Prometheus alerting rules.  
+- It supports alerting self-healing, which automatically triggers a script to execute predefined logic after an alarm is generated—such as cleaning up disk space or capturing the current system state.

-### VictoriaMetrics 集群架构
-<img src="doc/img/install-vm.png" width="600">
+![Nightingale Alarm Dashboard](doc/img/readme/2025-05-30_08-49-28.png)

-如果单机版本的时序数据库（比如 Prometheus） 性能有瓶颈或容灾较差，我们推荐使用 [VictoriaMetrics](https://github.com/VictoriaMetrics/VictoriaMetrics)，VictoriaMetrics 架构较为简单，性能优异，易于部署和运维，架构图如上。VictoriaMetrics 更详尽的文档，还请参考其[官网](https://victoriametrics.com/)。
+- Nightingale archives historical alarms and supports multi-dimensional query and statistics.  
+- It supports flexible aggregation grouping, allowing a clear view of the distribution of alarms across the company.

-## 夜莺社区
+![Nightingale Integration Center](doc/img/readme/2025-05-23_18-46-06.png)

-开源项目要更有生命力，离不开开放的治理架构和源源不断的开发者和用户共同参与，我们致力于建立开放、中立的开源治理架构，吸纳更多来自企业、高校等各方面对云原生监控感兴趣、有热情的开发者，一起打造有活力的夜莺开源社区。关于《夜莺开源项目和社区治理架构（草案）》，请查阅 [COMMUNITY GOVERNANCE](./doc/community-governance.md).
+- Nightingale has built-in metric descriptions, dashboards, and alerting rules for common operating systems, middleware, and databases, which are contributed by the community with varying quality.  
+- It directly receives data via multiple protocols such as Remote Write, OpenTSDB, Datadog, and Falcon, integrates with various Agents.  
+- It supports data sources like Prometheus, ElasticSearch, Loki, ClickHouse, MySQL, Postgres, allowing alerting based on data from these sources.  
+- Nightingale can be easily embedded into internal enterprise systems (e.g. Grafana, CMDB), and even supports configuring menu visibility for these embedded systems.

-**我们欢迎您以各种方式参与到夜莺开源项目和开源社区中来，工作包括不限于**：
- 补充和完善文档 => [n9e.github.io](https://n9e.github.io/)
- 分享您在使用夜莺监控过程中的最佳实践和经验心得 => [文章分享](https://flashcat.cloud/docs/content/flashcat-monitor/nightingale/share/)
- 提交产品建议 =》 [github issue](https://github.com/ccfos/nightingale/issues/new?assignees=&labels=kind%2Ffeature&template=enhancement.md)
- 提交代码，让夜莺监控更快、更稳、更好用 => [github pull request](https://github.com/didi/nightingale/pulls)
+![Nightingale dashboards](doc/img/readme/2025-05-23_18-49-02.png)

-**尊重、认可和记录每一位贡献者的工作**是夜莺开源社区的第一指导原则，我们提倡**高效的提问**，这既是对开发者时间的尊重，也是对整个社区知识沉淀的贡献：
- 提问之前请先查阅 [FAQ](https://www.gitlink.org.cn/ccfos/nightingale/wiki/faq) 
- 我们使用[论坛](https://answer.flashcat.cloud/)进行交流，有问题可以到这里搜索、提问
- 我们也推荐你加入微信群，和其他夜莺用户交流经验 (请先加好友：[picobyte](https://www.gitlink.org.cn/UlricQin/gist/tree/master/self.jpeg) 备注：夜莺加群+姓名+公司)
+- Nightingale supports dashboard functionality, including common chart types, and comes with pre-built dashboards. The image above is a screenshot of one of these dashboards.  
+- If you are already accustomed to Grafana, it is recommended to continue using Grafana for visualization, as Grafana has deeper expertise in this area.  
+- For machine-related monitoring data collected by Categraf, it is advisable to use Nightingale's built-in dashboards for viewing. This is because Categraf's metric naming follows Telegraf's convention, which differs from that of Node Exporter.  
+- Due to Nightingale's concept of business groups (where machines can belong to different groups), there may be scenarios where you only want to view machines within the current business group on the dashboard. Thus, Nightingale's dashboards can be linked with business groups for interactive filtering.

+## 🌟 Stargazers over time

-## Who is using Nightingale
+[![Stargazers over time](https://api.star-history.com/svg?repos=ccfos/nightingale&type=Date)](https://star-history.com/#ccfos/nightingale&Date)

-您可以通过在 **[Who is Using Nightingale](https://github.com/ccfos/nightingale/issues/897)** 登记您的使用情况，分享您的使用经验。
+## 🔥 Users

-## Stargazers over time
-[![Stargazers over time](https://starchart.cc/ccfos/nightingale.svg)](https://starchart.cc/ccfos/nightingale)
+![User Logos](doc/img/readme/logos.png)

-## Contributors
+## 🤝 Community Co-Building
+
+- ❇️ Please read the [Nightingale Open Source Project and Community Governance Draft](./doc/community-governance.md). We sincerely welcome every user, developer, company, and organization to use Nightingale, actively report bugs, submit feature requests, share best practices, and help build a professional and active open-source community.
+- ❤️ Nightingale Contributors
 <a href="https://github.com/ccfos/nightingale/graphs/contributors">
  <img src="https://contrib.rocks/image?repo=ccfos/nightingale" />
 </a>

-## License
-[Apache License V2.0](https://github.com/didi/nightingale/blob/main/LICENSE)
-
-## 加入交流群
-
-<img src="doc/img/wecom.png" width="120">
+## 📜 License
+- [Apache License V2.0](https://github.com/didi/nightingale/blob/main/LICENSE)
--- a/README_en.md
+++ b/README_en.md
@@ -1,104 +0,0 @@
-<p align="center">
-  <a href="https://github.com/ccfos/nightingale">
-    <img src="doc/img/nightingale_logo_h.png" alt="nightingale - cloud native monitoring" width="240" /></a>
-</p>
-
-<p align="center">
-<img alt="GitHub latest release" src="https://img.shields.io/github/v/release/ccfos/nightingale"/>
-<a href="https://n9e.github.io">
-  <img alt="Docs" src="https://img.shields.io/badge/docs-get%20started-brightgreen"/></a>
-<a href="https://hub.docker.com/u/flashcatcloud">
-  <img alt="Docker pulls" src="https://img.shields.io/docker/pulls/flashcatcloud/nightingale"/></a>
-<img alt="GitHub Repo stars" src="https://img.shields.io/github/stars/ccfos/nightingale">
-<img alt="GitHub Repo issues" src="https://img.shields.io/github/issues/ccfos/nightingale">
-<img alt="GitHub Repo issues closed" src="https://img.shields.io/github/issues-closed/ccfos/nightingale">
-<img alt="GitHub forks" src="https://img.shields.io/github/forks/ccfos/nightingale">
-<a href="https://github.com/ccfos/nightingale/graphs/contributors">
-  <img alt="GitHub contributors" src="https://img.shields.io/github/contributors-anon/ccfos/nightingale"/></a>
-<a href="https://n9e-talk.slack.com/">
-  <img alt="GitHub contributors" src="https://img.shields.io/badge/join%20slack-%23n9e-brightgreen.svg"/></a>
-<img alt="License" src="https://img.shields.io/badge/license-Apache--2.0-blue"/>
-</p>
-<p align="center">
-  An open-source cloud-native monitoring system that is <b>all-in-one</b> <br/>
-  <b>Out-of-the-box</b>, it integrates data collection, visualization, and monitoring alert <br/>
-  We recommend upgrading your <b>Prometheus + AlertManager + Grafana</b> combination to Nightingale!
-</p>
-
-[English](./README.md) | [中文](./README_ZH.md)
-
-
-## Highlighted Features
-
- **Out-of-the-box**
-  - Supports multiple deployment methods such as **Docker, Helm Chart, and cloud services**, integrates data collection, monitoring, and alerting into one system, and comes with various monitoring dashboards, quick views, and alert rule templates. **It greatly reduces the construction cost, learning cost, and usage cost of cloud-native monitoring systems**.
- **Professional Alerting**
-  - Provides visual alert configuration and management, supports various alert rules, offers the ability to configure silence and subscription rules, supports multiple alert delivery channels, and has features such as alert self-healing and event management.
- **Cloud-Native**
-  - Quickly builds an enterprise-level cloud-native monitoring system through a turnkey approach, supports multiple collectors such as [Categraf](https://github.com/flashcatcloud/categraf), Telegraf, and Grafana-agent, supports multiple data sources such as Prometheus, VictoriaMetrics, M3DB, ElasticSearch, and Jaeger, and is compatible with importing Grafana dashboards. **It seamlessly integrates with the cloud-native ecosystem**.
- **High Performance and High Availability**
-  - Due to the multi-data-source management engine of Nightingale and its excellent architecture design, and utilizing a high-performance time-series database, it can handle data collection, storage, and alert analysis scenarios with billions of time-series data, saving a lot of costs.
-  - Nightingale components can be horizontally scaled with no single point of failure. It has been deployed in thousands of enterprises and tested in harsh production practices. Many leading Internet companies have used Nightingale for cluster machines with hundreds of nodes, processing billions of time-series data.
- **Flexible Extension and Centralized Management**
-  - Nightingale can be deployed on a 1-core 1G cloud host, deployed in a cluster of hundreds of machines, or run in Kubernetes. Time-series databases, alert engines, and other components can also be decentralized to various data centers and regions, balancing edge deployment with centralized management. **It solves the problem of data fragmentation and lack of unified views**.
-
-
-#### If you are using Prometheus and have one or more of the following requirement scenarios, it is recommended that you upgrade to Nightingale:
-
- Multiple systems such as Prometheus, Alertmanager, Grafana, etc. are fragmented and lack a unified view and cannot be used out of the box;
- The way to manage Prometheus and Alertmanager by modifying configuration files has a big learning curve and is difficult to collaborate;
- Too much data to scale-up your Prometheus cluster;
- Multiple Prometheus clusters running in production environments, which faced high management and usage costs;
-
-#### If you are using Zabbix and have the following scenarios, it is recommended that you upgrade to Nightingale:
-
- Monitoring too much data and wanting a better scalable solution;
- A high learning curve and a desire for better efficiency of collaborative use in a multi-person, multi-team model;
- Microservice and cloud-native architectures with variable monitoring data lifecycles and high monitoring data dimension bases, which are not easily adaptable to the Zabbix data model;
-
-
-#### If you are using [open-falcon](https://github.com/open-falcon/falcon-plus), we recommend you to upgrade to Nightingale：
- For more information about open-falcon and Nightingale, please refer to read [Ten features and trends of cloud-native monitoring](https://mp.weixin.qq.com/s?__biz=MzkzNjI5OTM5Nw==&mid=2247483738&idx=1&sn=e8bdbb974a2cd003c1abcc2b5405dd18&chksm=c2a19fb0f5d616a63185cd79277a79a6b80118ef2185890d0683d2bb20451bd9303c78d083c5#rd)。
-
-## Getting Started
-
-[English Doc](https://n9e.github.io/) |  [中文文档](http://n9e.flashcat.cloud/)
-
-## Screenshots
-
-https://user-images.githubusercontent.com/792850/216888712-2565fcea-9df5-47bd-a49e-d60af9bd76e8.mp4
-
-## Architecture
-
-<img src="doc/img/arch-product.png" width="600">
-
-Nightingale monitoring can receive monitoring data reported by various collectors (such as [Categraf](https://github.com/flashcatcloud/categraf) , telegraf, grafana-agent, Prometheus, etc.) and write them to various popular time-series databases (such as Prometheus, M3DB, VictoriaMetrics, Thanos, TDEngine, etc.). It provides configuration capabilities for alert rules, silence rules, and subscription rules, as well as the ability to view monitoring data. It also provides automatic alarm self-healing mechanisms (such as automatically calling back to a webhook address or executing a script after an alarm is triggered), and the ability to store and manage historical alarm events and view them in groups.
-
-If the performance of a standalone time-series database (such as Prometheus) has bottlenecks or poor disaster recovery, we recommend using [VictoriaMetrics](https://github.com/VictoriaMetrics/VictoriaMetrics). The VictoriaMetrics architecture is relatively simple, has excellent performance, and is easy to deploy and maintain. The architecture diagram is as shown above. For more detailed documentation on VictoriaMetrics, please refer to its [official website](https://victoriametrics.com/).
-
-**We welcome you to participate in the Nightingale open-source project and community in various ways, including but not limited to**：
- Adding and improving documentation => [n9e.github.io](https://n9e.github.io/)
- Sharing your best practices and experience in using Nightingale monitoring => [Article sharing]((https://n9e.github.io/docs/prologue/share/))
- Submitting product suggestions => [github issue](https://github.com/ccfos/nightingale/issues/new?assignees=&labels=kind%2Ffeature&template=enhancement.md)
- Submitting code to make Nightingale monitoring faster, more stable, and easier to use => [github pull request](https://github.com/didi/nightingale/pulls)
-
-
-**Respecting, recognizing, and recording the work of every contributor** is the first guiding principle of the Nightingale open-source community. We advocate effective questioning, which not only respects the developer's time but also contributes to the accumulation of knowledge in the entire community
- Before asking a question, please first refer to the [FAQ](https://www.gitlink.org.cn/ccfos/nightingale/wiki/faq) 
- We use [GitHub Discussions](https://github.com/ccfos/nightingale/discussions) as the communication forum. You can search and ask questions here.
- We also recommend that you join ours [Slack channel](https://n9e-talk.slack.com/) to exchange experiences with other Nightingale users.
-
-
-## Who is using Nightingale
-You can register your usage and share your experience by posting on **[Who is Using Nightingale](https://github.com/ccfos/nightingale/issues/897)**.
-
-## Stargazers over time
-[![Stargazers over time](https://starchart.cc/ccfos/nightingale.svg)](https://starchart.cc/ccfos/nightingale)
-
-## Contributors
-<a href="https://github.com/ccfos/nightingale/graphs/contributors">
-  <img src="https://contrib.rocks/image?repo=ccfos/nightingale" />
-</a>
-
-## License
-[Apache License V2.0](https://github.com/didi/nightingale/blob/main/LICENSE)
--- a/README_zh.md
+++ b/README_zh.md
@@ -0,0 +1,120 @@
+<p align="center">
+  <a href="https://github.com/ccfos/nightingale">
+    <img src="doc/img/Nightingale_L_V.png" alt="nightingale - cloud native monitoring" width="100" /></a>
+</p>
+<p align="center">
+  <b>开源告警管理专家</b>
+</p>
+
+<p align="center">
+<a href="https://flashcat.cloud/docs/">
+  <img alt="Docs" src="https://img.shields.io/badge/docs-get%20started-brightgreen"/></a>
+<a href="https://hub.docker.com/u/flashcatcloud">
+  <img alt="Docker pulls" src="https://img.shields.io/docker/pulls/flashcatcloud/nightingale"/></a>
+<a href="https://github.com/ccfos/nightingale/graphs/contributors">
+  <img alt="GitHub contributors" src="https://img.shields.io/github/contributors-anon/ccfos/nightingale"/></a>
+<img alt="GitHub Repo stars" src="https://img.shields.io/github/stars/ccfos/nightingale">
+<img alt="GitHub forks" src="https://img.shields.io/github/forks/ccfos/nightingale">
+<br/><img alt="GitHub Repo issues" src="https://img.shields.io/github/issues/ccfos/nightingale">
+<img alt="GitHub Repo issues closed" src="https://img.shields.io/github/issues-closed/ccfos/nightingale">
+<img alt="GitHub latest release" src="https://img.shields.io/github/v/release/ccfos/nightingale"/>
+<img alt="License" src="https://img.shields.io/badge/license-Apache--2.0-blue"/>
+<a href="https://n9e-talk.slack.com/">
+  <img alt="GitHub contributors" src="https://img.shields.io/badge/join%20slack-%23n9e-brightgreen.svg"/></a>
+</p>
+
+
+
+[English](./README.md) | [中文](./README_zh.md)
+
+## 夜莺是什么
+
+夜莺监控（Nightingale）是一款侧重告警的监控类开源项目。类似 Grafana 的数据源集成方式，夜莺也是对接多种既有的数据源，不过 Grafana 侧重在可视化，夜莺是侧重在告警引擎、告警事件的处理和分发。
+
+> 夜莺监控项目，最初由滴滴开发和开源，并于 2022 年 5 月 11 日，捐赠予中国计算机学会开源发展委员会（CCF ODC），为 CCF ODC 成立后接受捐赠的第一个开源项目。
+
+![](https://n9e.github.io/img/global/arch-bg.png)
+
+## 夜莺的工作逻辑
+
+很多用户已经自行采集了指标、日志数据，此时就把存储库（VictoriaMetrics、ElasticSearch等）作为数据源接入夜莺，即可在夜莺里配置告警规则、通知规则，完成告警事件的生成和派发。
+
+![夜莺产品架构](doc/img/readme/20240221152601.png)
+
+夜莺项目本身不提供监控数据采集能力。推荐您使用 [Categraf](https://github.com/flashcatcloud/categraf) 作为采集器，可以和夜莺丝滑对接。
+
+[Categraf](https://github.com/flashcatcloud/categraf) 可以采集操作系统、网络设备、各类中间件、数据库的监控数据，通过 Remote Write 协议推送给夜莺，夜莺把监控数据转存到时序库（如 Prometheus、VictoriaMetrics 等），并提供告警和可视化能力。
+
+对于个别边缘机房，如果和中心夜莺服务端网络链路不好，希望提升告警可用性，夜莺也提供边缘机房告警引擎下沉部署模式，这个模式下，即便边缘和中心端网络割裂，告警功能也不受影响。
+
+![边缘部署模式](doc/img/readme/20240222102119.png)
+
+> 上图中，机房A和中心机房的网络链路很好，所以直接由中心端的夜莺进程做告警引擎，机房B和中心机房的网络链路不好，所以在机房B部署了 `n9e-edge` 做告警引擎，对机房B的数据源做告警判定。
+
+## 告警降噪、升级、协同
+
+夜莺的侧重点是做告警引擎，即负责产生告警事件，并根据规则做灵活派发，内置支持 20 种通知媒介（电话、短信、邮件、钉钉、飞书、企微、Slack 等）。
+
+如果您有更高级的需求，比如：
+
+- 想要把公司的多套监控系统产生的事件聚拢到一个平台，统一做收敛降噪、响应处理、数据分析
+- 想要支持人员的排班，践行 On-call 文化，想要支持告警认领、升级（避免遗漏）、协同处理
+
+那夜莺是不合适的，推荐您选用 [FlashDuty](https://flashcat.cloud/product/flashcat-duty/) 这样的 On-call 产品，产品简单易用，也有免费套餐。
+
+
+## 相关资料 & 交流渠道
+- 📚 [夜莺介绍PPT](https://mp.weixin.qq.com/s/Mkwx_46xrltSq8NLqAIYow) 对您了解夜莺各项关键特性会有帮助（PPT链接在文末）
+- 👉 [文档中心](https://flashcat.cloud/docs/) 为了更快的访问速度，站点托管在 [FlashcatCloud](https://flashcat.cloud)
+- ❤️ [报告 Bug](https://github.com/ccfos/nightingale/issues/new?assignees=&labels=&projects=&template=question.yml) 写清楚问题描述、复现步骤、截图等信息，更容易得到答案
+- 💡 前后端代码分离，前端代码仓库：[https://github.com/n9e/fe](https://github.com/n9e/fe)
+- 🎯 关注[这个公众号](https://gitlink.org.cn/UlricQin)了解更多夜莺动态和知识
+- 🌟 加我微信：`picobyte`（我已关闭好友验证）拉入微信群，备注：`夜莺互助群`，如果已经把夜莺上到生产环境，可联系我拉入资深监控用户群
+
+
+## 关键特性简介
+
+![夜莺告警规则](doc/img/readme/2025-05-23_18-43-37.png)
+
+- 夜莺支持告警规则、屏蔽规则、订阅规则、通知规则，内置支持 20 种通知媒介，支持消息模板自定义
+- 支持事件管道，对告警事件做 Pipeline 处理，方便和自有系统做自动化整合，比如给告警事件附加一些元信息，对事件做 relabel
+- 支持业务组概念，引入权限体系，分门别类管理各类规则
+- 很多数据库、中间件内置了告警规则，可以直接导入使用，也可以直接导入 Prometheus 的告警规则
+- 支持告警自愈，即告警之后自动触发一个脚本执行一些预定义的逻辑，比如清理一下磁盘、抓一下现场等
+
+![夜莺事件大盘](doc/img/readme/2025-05-30_08-49-28.png)
+
+- 夜莺存档了历史告警事件，支持多维度的查询和统计
+- 支持灵活的聚合分组，一目了然看到公司的告警事件分布情况
+
+![夜莺集成中心](doc/img/readme/2025-05-23_18-46-06.png)
+
+- 夜莺内置常用操作系统、中间件、数据库的的指标说明、仪表盘、告警规则，不过都是社区贡献的，整体也是参差不齐
+- 夜莺直接接收 Remote Write、OpenTSDB、Datadog、Falcon 等多种协议的数据，故而可以和各类 Agent 对接
+- 夜莺支持 Prometheus、ElasticSearch、Loki、TDEngine 等多种数据源，可以对其中的数据做告警
+- 夜莺可以很方便内嵌企业内部系统，比如 Grafana、CMDB 等，甚至可以配置这些内嵌系统的菜单可见性
+
+
+![夜莺仪表盘](doc/img/readme/2025-05-23_18-49-02.png)
+
+- 夜莺支持仪表盘功能，支持常见的图表类型，也内置了一些仪表盘，上图是其中一个仪表盘的截图。
+- 如果你已经习惯了 Grafana，建议仍然使用 Grafana 看图。Grafana 在看图方面道行更深。
+- 机器相关的监控数据，如果是 Categraf 采集的，建议使用夜莺自带的仪表盘查看，因为 Categraf 的指标命名 Follow 的是 Telegraf 的命名方式，和 Node Exporter 不同
+- 因为夜莺有个业务组的概念，机器可以归属不同的业务组，有时在仪表盘里只想查看当前所属业务组的机器，所以夜莺的仪表盘可以和业务组联动
+
+## 广受关注
+[![Stargazers over time](https://api.star-history.com/svg?repos=ccfos/nightingale&type=Date)](https://star-history.com/#ccfos/nightingale&Date)
+
+## 感谢众多企业的信赖
+
+![夜莺客户](doc/img/readme/logos.png)
+
+## 社区共建
+- ❇️ 请阅读浏览[夜莺开源项目和社区治理架构草案](./doc/community-governance.md)，真诚欢迎每一位用户、开发者、公司以及组织，使用夜莺监控、积极反馈 Bug、提交功能需求、分享最佳实践，共建专业、活跃的夜莺开源社区。
+- ❤️ 夜莺贡献者
+<a href="https://github.com/ccfos/nightingale/graphs/contributors">
+  <img src="https://contrib.rocks/image?repo=ccfos/nightingale" />
+</a>
+
+## License
+- [Apache License V2.0](https://github.com/didi/nightingale/blob/main/LICENSE)
--- a/alert/aconf/conf.go
+++ b/alert/aconf/conf.go
@@ -2,11 +2,10 @@ package aconf

 import (
 	"path"
-
-	"github.com/toolkits/pkg/runner"
 )

 type Alert struct {
+	Disable     bool
 	EngineDelay int64
 	Heartbeat   HeartbeatConfig
 	Alerting    Alerting
@@ -33,6 +32,7 @@ type Alerting struct {
 	Timeout           int64
 	TemplatesDir      string
 	NotifyConcurrency int
+	WebhookBatchSend  bool
 }

 type CallPlugin struct {
@@ -47,16 +47,9 @@ type RedisPub struct {
 	ChannelKey    string
 }

-type Ibex struct {
-	Address       string
-	BasicAuthUser string
-	BasicAuthPass string
-	Timeout       int64
-}
-
-func (a *Alert) PreCheck() {
+func (a *Alert) PreCheck(configDir string) {
 	if a.Alerting.TemplatesDir == "" {
-		a.Alerting.TemplatesDir = path.Join(runner.Cwd, "etc", "template")
+		a.Alerting.TemplatesDir = path.Join(configDir, "template")
 	}

 	if a.Alerting.NotifyConcurrency == 0 {
@@ -67,7 +60,7 @@ func (a *Alert) PreCheck() {
 		a.Heartbeat.Interval = 1000
 	}

-	if a.Heartbeat.EngineName == "" {
-		a.Heartbeat.EngineName = "default"
+	if a.EngineDelay == 0 {
+		a.EngineDelay = 30
 	}
 }
--- a/alert/alert.go
+++ b/alert/alert.go
@@ -4,6 +4,8 @@ import (
 	"context"
 	"fmt"

+	"github.com/ccfos/nightingale/v6/dscache"
+
 	"github.com/ccfos/nightingale/v6/alert/aconf"
 	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/alert/dispatch"
@@ -15,15 +17,18 @@ import (
 	"github.com/ccfos/nightingale/v6/alert/router"
 	"github.com/ccfos/nightingale/v6/alert/sender"
 	"github.com/ccfos/nightingale/v6/conf"
+	"github.com/ccfos/nightingale/v6/dumper"
 	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/models"
 	"github.com/ccfos/nightingale/v6/pkg/ctx"
 	"github.com/ccfos/nightingale/v6/pkg/httpx"
 	"github.com/ccfos/nightingale/v6/pkg/logx"
+	"github.com/ccfos/nightingale/v6/pkg/macros"
 	"github.com/ccfos/nightingale/v6/prom"
 	"github.com/ccfos/nightingale/v6/pushgw/pconf"
 	"github.com/ccfos/nightingale/v6/pushgw/writer"
 	"github.com/ccfos/nightingale/v6/storage"
+	"github.com/flashcatcloud/ibex/src/cmd/ibex"
 )

 func Initialize(configDir string, cryptoKey string) (func(), error) {
@@ -37,13 +42,10 @@ func Initialize(configDir string, cryptoKey string) (func(), error) {
 		return nil, err
 	}

-	db, err := storage.New(config.DB)
-	if err != nil {
-		return nil, err
-	}
-	ctx := ctx.NewContext(context.Background(), db)
+	ctx := ctx.NewContext(context.Background(), nil, false, config.CenterApi)

-	redis, err := storage.NewRedis(config.Redis)
+	var redis storage.Redis
+	redis, err = storage.NewRedis(config.Redis)
 	if err != nil {
 		return nil, err
 	}
@@ -51,22 +53,40 @@ func Initialize(configDir string, cryptoKey string) (func(), error) {
 	syncStats := memsto.NewSyncStats()
 	alertStats := astats.NewSyncStats()

+	configCache := memsto.NewConfigCache(ctx, syncStats, nil, "")
 	targetCache := memsto.NewTargetCache(ctx, syncStats, redis)
 	busiGroupCache := memsto.NewBusiGroupCache(ctx, syncStats)
 	alertMuteCache := memsto.NewAlertMuteCache(ctx, syncStats)
 	alertRuleCache := memsto.NewAlertRuleCache(ctx, syncStats)
-	notifyConfigCache := memsto.NewNotifyConfigCache(ctx)
+	notifyConfigCache := memsto.NewNotifyConfigCache(ctx, configCache)
 	dsCache := memsto.NewDatasourceCache(ctx, syncStats)
+	userCache := memsto.NewUserCache(ctx, syncStats)
+	userGroupCache := memsto.NewUserGroupCache(ctx, syncStats)
+	taskTplsCache := memsto.NewTaskTplCache(ctx)
+	configCvalCache := memsto.NewCvalCache(ctx, syncStats)
+	notifyRuleCache := memsto.NewNotifyRuleCache(ctx, syncStats)
+	notifyChannelCache := memsto.NewNotifyChannelCache(ctx, syncStats)
+	messageTemplateCache := memsto.NewMessageTemplateCache(ctx, syncStats)

-	promClients := prom.NewPromClient(ctx, config.Alert.Heartbeat)
+	promClients := prom.NewPromClient(ctx)
+	dispatch.InitRegisterQueryFunc(promClients)

 	externalProcessors := process.NewExternalProcessors()

-	Start(config.Alert, config.Pushgw, syncStats, alertStats, externalProcessors, targetCache, busiGroupCache, alertMuteCache, alertRuleCache, notifyConfigCache, dsCache, ctx, promClients, false)
+	macros.RegisterMacro(macros.MacroInVain)
+	dscache.Init(ctx, false)
+	Start(config.Alert, config.Pushgw, syncStats, alertStats, externalProcessors, targetCache, busiGroupCache, alertMuteCache, alertRuleCache, notifyConfigCache, taskTplsCache, dsCache, ctx, promClients, userCache, userGroupCache, notifyRuleCache, notifyChannelCache, messageTemplateCache)

-	r := httpx.GinEngine(config.Global.RunMode, config.HTTP)
+	r := httpx.GinEngine(config.Global.RunMode, config.HTTP,
+		configCvalCache.PrintBodyPaths, configCvalCache.PrintAccessLog)
 	rt := router.New(config.HTTP, config.Alert, alertMuteCache, targetCache, busiGroupCache, alertStats, ctx, externalProcessors)
+
+	if config.Ibex.Enable {
+		ibex.ServerStart(false, nil, redis, config.HTTP.APIForService.BasicAuth, config.Alert.Heartbeat, &config.CenterApi, r, nil, config.Ibex, config.HTTP.Port)
+	}
+
 	rt.Config(r)
+	dumper.ConfigRouter(r)

 	httpClean := httpx.Init(config.HTTP, r)

@@ -77,27 +97,36 @@ func Initialize(configDir string, cryptoKey string) (func(), error) {
 }

 func Start(alertc aconf.Alert, pushgwc pconf.Pushgw, syncStats *memsto.Stats, alertStats *astats.Stats, externalProcessors *process.ExternalProcessorsType, targetCache *memsto.TargetCacheType, busiGroupCache *memsto.BusiGroupCacheType,
-	alertMuteCache *memsto.AlertMuteCacheType, alertRuleCache *memsto.AlertRuleCacheType, notifyConfigCache *memsto.NotifyConfigCacheType, datasourceCache *memsto.DatasourceCacheType, ctx *ctx.Context, promClients *prom.PromClientMap, isCenter bool) {
-	userCache := memsto.NewUserCache(ctx, syncStats)
-	userGroupCache := memsto.NewUserGroupCache(ctx, syncStats)
+	alertMuteCache *memsto.AlertMuteCacheType, alertRuleCache *memsto.AlertRuleCacheType, notifyConfigCache *memsto.NotifyConfigCacheType, taskTplsCache *memsto.TaskTplCache, datasourceCache *memsto.DatasourceCacheType, ctx *ctx.Context,
+	promClients *prom.PromClientMap, userCache *memsto.UserCacheType, userGroupCache *memsto.UserGroupCacheType, notifyRuleCache *memsto.NotifyRuleCacheType, notifyChannelCache *memsto.NotifyChannelCacheType, messageTemplateCache *memsto.MessageTemplateCacheType) {
 	alertSubscribeCache := memsto.NewAlertSubscribeCache(ctx, syncStats)
 	recordingRuleCache := memsto.NewRecordingRuleCache(ctx, syncStats)
+	targetsOfAlertRulesCache := memsto.NewTargetOfAlertRuleCache(ctx, alertc.Heartbeat.EngineName, syncStats)

 	go models.InitNotifyConfig(ctx, alertc.Alerting.TemplatesDir)
+	go models.InitNotifyChannel(ctx)
+	go models.InitMessageTemplate(ctx)

-	naming := naming.NewNaming(ctx, alertc.Heartbeat, isCenter)
+	naming := naming.NewNaming(ctx, alertc.Heartbeat, alertStats)

 	writers := writer.NewWriters(pushgwc)
-	record.NewScheduler(alertc, recordingRuleCache, promClients, writers, alertStats)
+	record.NewScheduler(alertc, recordingRuleCache, promClients, writers, alertStats, datasourceCache)

-	eval.NewScheduler(isCenter, alertc, externalProcessors, alertRuleCache, targetCache, busiGroupCache, alertMuteCache, datasourceCache, promClients, naming, ctx, alertStats)
+	eval.NewScheduler(alertc, externalProcessors, alertRuleCache, targetCache, targetsOfAlertRulesCache,
+		busiGroupCache, alertMuteCache, datasourceCache, promClients, naming, ctx, alertStats)

-	dp := dispatch.NewDispatch(alertRuleCache, userCache, userGroupCache, alertSubscribeCache, targetCache, notifyConfigCache, alertc.Alerting, ctx)
-	consumer := dispatch.NewConsumer(alertc.Alerting, ctx, dp)
+	eventProcessorCache := memsto.NewEventProcessorCache(ctx, syncStats)
+
+	dp := dispatch.NewDispatch(alertRuleCache, userCache, userGroupCache, alertSubscribeCache, targetCache, notifyConfigCache, taskTplsCache, notifyRuleCache, notifyChannelCache, messageTemplateCache, eventProcessorCache, alertc.Alerting, ctx, alertStats)
+	consumer := dispatch.NewConsumer(alertc.Alerting, ctx, dp, promClients)
+
+	notifyRecordComsumer := sender.NewNotifyRecordConsumer(ctx)

 	go dp.ReloadTpls()
 	go consumer.LoopConsume()
+	go notifyRecordComsumer.LoopConsume()

 	go queue.ReportQueueSize(alertStats)
-	go sender.StartEmailSender(notifyConfigCache.GetSMTP()) // todo
+	go sender.ReportNotifyRecordQueueSize(alertStats)
+	go sender.InitEmailSender(ctx, notifyConfigCache)
 }
--- a/alert/astats/stats.go
+++ b/alert/astats/stats.go
@@ -10,22 +10,81 @@ const (
 )

 type Stats struct {
-	CounterSampleTotal   *prometheus.CounterVec
-	CounterAlertsTotal   *prometheus.CounterVec
-	GaugeAlertQueueSize  prometheus.Gauge
-	GaugeSampleQueueSize *prometheus.GaugeVec
-	RequestDuration      *prometheus.HistogramVec
-	ForwardDuration      *prometheus.HistogramVec
+	AlertNotifyTotal            *prometheus.CounterVec
+	AlertNotifyErrorTotal       *prometheus.CounterVec
+	CounterAlertsTotal          *prometheus.CounterVec
+	GaugeAlertQueueSize         prometheus.Gauge
+	CounterRuleEval             *prometheus.CounterVec
+	CounterQueryDataErrorTotal  *prometheus.CounterVec
+	CounterQueryDataTotal       *prometheus.CounterVec
+	CounterVarFillingQuery      *prometheus.CounterVec
+	CounterRecordEval           *prometheus.CounterVec
+	CounterRecordEvalErrorTotal *prometheus.CounterVec
+	CounterMuteTotal            *prometheus.CounterVec
+	CounterRuleEvalErrorTotal   *prometheus.CounterVec
+	CounterHeartbeatErrorTotal  *prometheus.CounterVec
+	CounterSubEventTotal        *prometheus.CounterVec
+	GaugeQuerySeriesCount       *prometheus.GaugeVec
+	GaugeRuleEvalDuration       *prometheus.GaugeVec
+	GaugeNotifyRecordQueueSize  prometheus.Gauge
 }

 func NewSyncStats() *Stats {
-	// 从各个接收接口接收到的监控数据总量
-	CounterSampleTotal := prometheus.NewCounterVec(prometheus.CounterOpts{
+	CounterRuleEval := prometheus.NewCounterVec(prometheus.CounterOpts{
 		Namespace: namespace,
 		Subsystem: subsystem,
-		Name:      "samples_received_total",
-		Help:      "Total number samples received.",
-	}, []string{"cluster", "channel"})
+		Name:      "rule_eval_total",
+		Help:      "Number of rule eval.",
+	}, []string{})
+
+	CounterRuleEvalErrorTotal := prometheus.NewCounterVec(prometheus.CounterOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "rule_eval_error_total",
+		Help:      "Number of rule eval error.",
+	}, []string{"datasource", "stage", "busi_group", "rule_id"})
+
+	CounterQueryDataErrorTotal := prometheus.NewCounterVec(prometheus.CounterOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "query_data_error_total",
+		Help:      "Number of rule eval query data error.",
+	}, []string{"datasource"})
+
+	CounterQueryDataTotal := prometheus.NewCounterVec(prometheus.CounterOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "query_data_total",
+		Help:      "Number of rule eval query data.",
+	}, []string{"datasource", "rule_id"})
+
+	CounterRecordEval := prometheus.NewCounterVec(prometheus.CounterOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "record_eval_total",
+		Help:      "Number of record eval.",
+	}, []string{"datasource"})
+
+	CounterRecordEvalErrorTotal := prometheus.NewCounterVec(prometheus.CounterOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "record_eval_error_total",
+		Help:      "Number of record eval error.",
+	}, []string{"datasource"})
+
+	AlertNotifyTotal := prometheus.NewCounterVec(prometheus.CounterOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "alert_notify_total",
+		Help:      "Number of send msg.",
+	}, []string{"channel"})
+
+	AlertNotifyErrorTotal := prometheus.NewCounterVec(prometheus.CounterOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "alert_notify_error_total",
+		Help:      "Number of send msg.",
+	}, []string{"channel"})

 	// 产生的告警总量
 	CounterAlertsTotal := prometheus.NewCounterVec(prometheus.CounterOpts{
@@ -33,7 +92,7 @@ func NewSyncStats() *Stats {
 		Subsystem: subsystem,
 		Name:      "alerts_total",
 		Help:      "Total number alert events.",
-	}, []string{"cluster"})
+	}, []string{"cluster", "type", "busi_group"})

 	// 内存中的告警事件队列的长度
 	GaugeAlertQueueSize := prometheus.NewGauge(prometheus.GaugeOpts{
@@ -43,51 +102,92 @@ func NewSyncStats() *Stats {
 		Help:      "The size of alert queue.",
 	})

-	// 数据转发队列，各个队列的长度
-	GaugeSampleQueueSize := prometheus.NewGaugeVec(prometheus.GaugeOpts{
+	CounterMuteTotal := prometheus.NewCounterVec(prometheus.CounterOpts{
 		Namespace: namespace,
 		Subsystem: subsystem,
-		Name:      "sample_queue_size",
-		Help:      "The size of sample queue.",
-	}, []string{"cluster", "channel_number"})
+		Name:      "mute_total",
+		Help:      "Number of mute.",
+	}, []string{"group", "rule_id", "mute_rule_id", "datasource_id"})

-	// 一些重要的请求，比如接收数据的请求，应该统计一下延迟情况
-	RequestDuration := prometheus.NewHistogramVec(
-		prometheus.HistogramOpts{
-			Namespace: namespace,
-			Subsystem: subsystem,
-			Buckets:   []float64{.01, .1, 1},
-			Name:      "http_request_duration_seconds",
-			Help:      "HTTP request latencies in seconds.",
-		}, []string{"code", "path", "method"},
-	)
+	CounterSubEventTotal := prometheus.NewCounterVec(prometheus.CounterOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "sub_event_total",
+		Help:      "Number of sub event.",
+	}, []string{"group"})

-	// 发往后端TSDB，延迟如何
-	ForwardDuration := prometheus.NewHistogramVec(
-		prometheus.HistogramOpts{
-			Namespace: namespace,
-			Subsystem: subsystem,
-			Buckets:   []float64{.1, 1, 10},
-			Name:      "forward_duration_seconds",
-			Help:      "Forward samples to TSDB. latencies in seconds.",
-		}, []string{"cluster", "channel_number"},
-	)
+	CounterHeartbeatErrorTotal := prometheus.NewCounterVec(prometheus.CounterOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "heartbeat_error_count",
+		Help:      "Number of heartbeat error.",
+	}, []string{})
+
+	GaugeQuerySeriesCount := prometheus.NewGaugeVec(prometheus.GaugeOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "eval_query_series_count",
+		Help:      "Number of series retrieved from data source after query.",
+	}, []string{"rule_id", "datasource_id", "ref"})
+	// 通知记录队列的长度
+	GaugeNotifyRecordQueueSize := prometheus.NewGauge(prometheus.GaugeOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "notify_record_queue_size",
+		Help:      "The size of notify record queue.",
+	})
+
+	GaugeRuleEvalDuration := prometheus.NewGaugeVec(prometheus.GaugeOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "rule_eval_duration_ms",
+		Help:      "Duration of rule eval in milliseconds.",
+	}, []string{"rule_id", "datasource_id"})
+
+	CounterVarFillingQuery := prometheus.NewCounterVec(prometheus.CounterOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "var_filling_query_total",
+		Help:      "Number of var filling query.",
+	}, []string{"rule_id", "datasource_id", "ref", "typ"})

 	prometheus.MustRegister(
-		CounterSampleTotal,
 		CounterAlertsTotal,
 		GaugeAlertQueueSize,
-		GaugeSampleQueueSize,
-		RequestDuration,
-		ForwardDuration,
+		AlertNotifyTotal,
+		AlertNotifyErrorTotal,
+		CounterRuleEval,
+		CounterQueryDataTotal,
+		CounterQueryDataErrorTotal,
+		CounterRecordEval,
+		CounterRecordEvalErrorTotal,
+		CounterMuteTotal,
+		CounterRuleEvalErrorTotal,
+		CounterHeartbeatErrorTotal,
+		CounterSubEventTotal,
+		GaugeQuerySeriesCount,
+		GaugeRuleEvalDuration,
+		GaugeNotifyRecordQueueSize,
+		CounterVarFillingQuery,
 	)

 	return &Stats{
-		CounterSampleTotal:   CounterSampleTotal,
-		CounterAlertsTotal:   CounterAlertsTotal,
-		GaugeAlertQueueSize:  GaugeAlertQueueSize,
-		GaugeSampleQueueSize: GaugeSampleQueueSize,
-		RequestDuration:      RequestDuration,
-		ForwardDuration:      ForwardDuration,
+		CounterAlertsTotal:          CounterAlertsTotal,
+		GaugeAlertQueueSize:         GaugeAlertQueueSize,
+		AlertNotifyTotal:            AlertNotifyTotal,
+		AlertNotifyErrorTotal:       AlertNotifyErrorTotal,
+		CounterRuleEval:             CounterRuleEval,
+		CounterQueryDataTotal:       CounterQueryDataTotal,
+		CounterQueryDataErrorTotal:  CounterQueryDataErrorTotal,
+		CounterRecordEval:           CounterRecordEval,
+		CounterRecordEvalErrorTotal: CounterRecordEvalErrorTotal,
+		CounterMuteTotal:            CounterMuteTotal,
+		CounterRuleEvalErrorTotal:   CounterRuleEvalErrorTotal,
+		CounterHeartbeatErrorTotal:  CounterHeartbeatErrorTotal,
+		CounterSubEventTotal:        CounterSubEventTotal,
+		GaugeQuerySeriesCount:       GaugeQuerySeriesCount,
+		GaugeRuleEvalDuration:       GaugeRuleEvalDuration,
+		GaugeNotifyRecordQueueSize:  GaugeNotifyRecordQueueSize,
+		CounterVarFillingQuery:      CounterVarFillingQuery,
 	}
 }
--- a/alert/common/key.go
+++ b/alert/common/key.go
@@ -2,6 +2,7 @@ package common

 import (
 	"fmt"
+	"strings"

 	"github.com/ccfos/nightingale/v6/models"
 )
@@ -22,13 +23,21 @@ func MatchTags(eventTagsMap map[string]string, itags []models.TagFilter) bool {
 	}
 	return true
 }
+func MatchGroupsName(groupName string, groupFilter []models.TagFilter) bool {
+	for _, filter := range groupFilter {
+		if !matchTag(groupName, filter) {
+			return false
+		}
+	}
+	return true
+}

 func matchTag(value string, filter models.TagFilter) bool {
 	switch filter.Func {
 	case "==":
-		return filter.Value == value
+		return strings.TrimSpace(filter.Value) == strings.TrimSpace(value)
 	case "!=":
-		return filter.Value != value
+		return strings.TrimSpace(filter.Value) != strings.TrimSpace(value)
 	case "in":
 		_, has := filter.Vset[value]
 		return has
--- a/alert/dispatch/consume.go
+++ b/alert/dispatch/consume.go
@@ -1,14 +1,23 @@
 package dispatch

 import (
+	"context"
+	"encoding/json"
 	"fmt"
+	"strings"
 	"time"

 	"github.com/ccfos/nightingale/v6/alert/aconf"
+	"github.com/ccfos/nightingale/v6/alert/common"
 	"github.com/ccfos/nightingale/v6/alert/queue"
 	"github.com/ccfos/nightingale/v6/models"
 	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/ccfos/nightingale/v6/pkg/poster"
+	promsdk "github.com/ccfos/nightingale/v6/pkg/prom"
+	"github.com/ccfos/nightingale/v6/pkg/tplx"
+	"github.com/ccfos/nightingale/v6/prom"

+	"github.com/prometheus/common/model"
 	"github.com/toolkits/pkg/concurrent/semaphore"
 	"github.com/toolkits/pkg/logger"
 )
@@ -17,15 +26,29 @@ type Consumer struct {
 	alerting aconf.Alerting
 	ctx      *ctx.Context

-	dispatch *Dispatch
+	dispatch    *Dispatch
+	promClients *prom.PromClientMap
+}
+
+func InitRegisterQueryFunc(promClients *prom.PromClientMap) {
+	tplx.RegisterQueryFunc(func(datasourceID int64, promql string) model.Value {
+		if promClients.IsNil(datasourceID) {
+			return nil
+		}
+
+		readerClient := promClients.GetCli(datasourceID)
+		value, _, _ := readerClient.Query(context.Background(), promql, time.Now())
+		return value
+	})
 }

 // 创建一个 Consumer 实例
-func NewConsumer(alerting aconf.Alerting, ctx *ctx.Context, dispatch *Dispatch) *Consumer {
+func NewConsumer(alerting aconf.Alerting, ctx *ctx.Context, dispatch *Dispatch, promClients *prom.PromClientMap) *Consumer {
 	return &Consumer{
-		alerting: alerting,
-		ctx:      ctx,
-		dispatch: dispatch,
+		alerting:    alerting,
+		ctx:         ctx,
+		dispatch:    dispatch,
+		promClients: promClients,
 	}
 }

@@ -60,16 +83,29 @@ func (e *Consumer) consume(events []interface{}, sema *semaphore.Semaphore) {
 func (e *Consumer) consumeOne(event *models.AlertCurEvent) {
 	LogEvent(event, "consume")

+	eventType := "alert"
+	if event.IsRecovered {
+		eventType = "recovery"
+	}
+
+	e.dispatch.Astats.CounterAlertsTotal.WithLabelValues(event.Cluster, eventType, event.GroupName).Inc()
+
 	if err := event.ParseRule("rule_name"); err != nil {
+		logger.Warningf("ruleid:%d failed to parse rule name: %v", event.RuleId, err)
 		event.RuleName = fmt.Sprintf("failed to parse rule name: %v", err)
 	}

-	if err := event.ParseRule("rule_note"); err != nil {
-		event.RuleNote = fmt.Sprintf("failed to parse rule note: %v", err)
+	if err := event.ParseRule("annotations"); err != nil {
+		logger.Warningf("ruleid:%d failed to parse annotations: %v", event.RuleId, err)
+		event.Annotations = fmt.Sprintf("failed to parse annotations: %v", err)
+		event.AnnotationsJSON["error"] = event.Annotations
 	}

-	if err := event.ParseRule("annotations"); err != nil {
-		event.Annotations = fmt.Sprintf("failed to parse rule note: %v", err)
+	e.queryRecoveryVal(event)
+
+	if err := event.ParseRule("rule_note"); err != nil {
+		logger.Warningf("ruleid:%d failed to parse rule note: %v", event.RuleId, err)
+		event.RuleNote = fmt.Sprintf("failed to parse rule note: %v", err)
 	}

 	e.persist(event)
@@ -82,78 +118,89 @@ func (e *Consumer) consumeOne(event *models.AlertCurEvent) {
 }

 func (e *Consumer) persist(event *models.AlertCurEvent) {
-	has, err := models.AlertCurEventExists(e.ctx, "hash=?", event.Hash)
-	if err != nil {
-		logger.Errorf("event_persist_check_exists_fail: %v rule_id=%d hash=%s", err, event.RuleId, event.Hash)
+	if event.Status != 0 {
 		return
 	}

-	his := event.ToHis(e.ctx)
-
-	// 不管是告警还是恢复，全量告警里都要记录
-	if err := his.Add(e.ctx); err != nil {
-		logger.Errorf(
-			"event_persist_his_fail: %v rule_id=%d cluster:%s hash=%s tags=%v timestamp=%d value=%s",
-			err,
-			event.RuleId,
-			event.Cluster,
-			event.Hash,
-			event.TagsJSON,
-			event.TriggerTime,
-			event.TriggerValue,
-		)
-	}
-
-	if has {
-		// 活跃告警表中有记录，删之
-		err = models.AlertCurEventDelByHash(e.ctx, event.Hash)
+	if !e.ctx.IsCenter {
+		event.DB2FE()
+		var err error
+		event.Id, err = poster.PostByUrlsWithResp[int64](e.ctx, "/v1/n9e/event-persist", event)
 		if err != nil {
-			logger.Errorf("event_del_cur_fail: %v hash=%s", err, event.Hash)
-			return
+			logger.Errorf("event:%+v persist err:%v", event, err)
+			e.dispatch.Astats.CounterRuleEvalErrorTotal.WithLabelValues(fmt.Sprintf("%v", event.DatasourceId), "persist_event", event.GroupName, fmt.Sprintf("%v", event.RuleId)).Inc()
 		}
-
-		if !event.IsRecovered {
-			// 恢复事件，从活跃告警列表彻底删掉，告警事件，要重新加进来新的event
-			// use his id as cur id
-			event.Id = his.Id
-			if event.Id > 0 {
-				if err := event.Add(e.ctx); err != nil {
-					logger.Errorf(
-						"event_persist_cur_fail: %v rule_id=%d cluster:%s hash=%s tags=%v timestamp=%d value=%s",
-						err,
-						event.RuleId,
-						event.Cluster,
-						event.Hash,
-						event.TagsJSON,
-						event.TriggerTime,
-						event.TriggerValue,
-					)
-				}
-			}
-		}
-
 		return
 	}

-	if event.IsRecovered {
-		// alert_cur_event表里没有数据，表示之前没告警，结果现在报了恢复，神奇....理论上不应该出现的
-		return
-	}
-
-	// use his id as cur id
-	event.Id = his.Id
-	if event.Id > 0 {
-		if err := event.Add(e.ctx); err != nil {
-			logger.Errorf(
-				"event_persist_cur_fail: %v rule_id=%d cluster:%s hash=%s tags=%v timestamp=%d value=%s",
-				err,
-				event.RuleId,
-				event.Cluster,
-				event.Hash,
-				event.TagsJSON,
-				event.TriggerTime,
-				event.TriggerValue,
-			)
-		}
+	err := models.EventPersist(e.ctx, event)
+	if err != nil {
+		logger.Errorf("event%+v persist err:%v", event, err)
+		e.dispatch.Astats.CounterRuleEvalErrorTotal.WithLabelValues(fmt.Sprintf("%v", event.DatasourceId), "persist_event", event.GroupName, fmt.Sprintf("%v", event.RuleId)).Inc()
 	}
 }
+
+func (e *Consumer) queryRecoveryVal(event *models.AlertCurEvent) {
+	if !event.IsRecovered {
+		return
+	}
+
+	// If the event is a recovery event, execute the recovery_promql query
+	promql, ok := event.AnnotationsJSON["recovery_promql"]
+	if !ok {
+		return
+	}
+
+	promql = strings.TrimSpace(promql)
+	if promql == "" {
+		logger.Warningf("rule_eval:%s promql is blank", getKey(event))
+		return
+	}
+
+	if e.promClients.IsNil(event.DatasourceId) {
+		logger.Warningf("rule_eval:%s error reader client is nil", getKey(event))
+		return
+	}
+
+	readerClient := e.promClients.GetCli(event.DatasourceId)
+
+	var warnings promsdk.Warnings
+	value, warnings, err := readerClient.Query(e.ctx.Ctx, promql, time.Now())
+	if err != nil {
+		logger.Errorf("rule_eval:%s promql:%s, error:%v", getKey(event), promql, err)
+		event.AnnotationsJSON["recovery_promql_error"] = fmt.Sprintf("promql:%s error:%v", promql, err)
+
+		b, err := json.Marshal(event.AnnotationsJSON)
+		if err != nil {
+			event.AnnotationsJSON = make(map[string]string)
+			event.AnnotationsJSON["error"] = fmt.Sprintf("failed to parse annotations: %v", err)
+		} else {
+			event.Annotations = string(b)
+		}
+		return
+	}
+
+	if len(warnings) > 0 {
+		logger.Errorf("rule_eval:%s promql:%s, warnings:%v", getKey(event), promql, warnings)
+	}
+
+	anomalyPoints := models.ConvertAnomalyPoints(value)
+	if len(anomalyPoints) == 0 {
+		logger.Warningf("rule_eval:%s promql:%s, result is empty", getKey(event), promql)
+		event.AnnotationsJSON["recovery_promql_error"] = fmt.Sprintf("promql:%s error:%s", promql, "result is empty")
+	} else {
+		event.AnnotationsJSON["recovery_value"] = fmt.Sprintf("%v", anomalyPoints[0].Value)
+	}
+
+	b, err := json.Marshal(event.AnnotationsJSON)
+	if err != nil {
+		event.AnnotationsJSON = make(map[string]string)
+		event.AnnotationsJSON["error"] = fmt.Sprintf("failed to parse annotations: %v", err)
+	} else {
+		event.Annotations = string(b)
+	}
+}
+
+func getKey(event *models.AlertCurEvent) string {
+	return common.RuleKey(event.DatasourceId, event.RuleId)
+}
--- a/alert/dispatch/dispatch.go
+++ b/alert/dispatch/dispatch.go
@@ -3,13 +3,19 @@ package dispatch
 import (
 	"bytes"
 	"encoding/json"
+	"errors"
+	"fmt"
 	"html/template"
+	"net/url"
 	"strconv"
+	"strings"
 	"sync"
 	"time"

 	"github.com/ccfos/nightingale/v6/alert/aconf"
+	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/alert/common"
+	"github.com/ccfos/nightingale/v6/alert/pipeline"
 	"github.com/ccfos/nightingale/v6/alert/sender"
 	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/models"
@@ -25,13 +31,23 @@ type Dispatch struct {
 	alertSubscribeCache *memsto.AlertSubscribeCacheType
 	targetCache         *memsto.TargetCacheType
 	notifyConfigCache   *memsto.NotifyConfigCacheType
+	taskTplsCache       *memsto.TaskTplCache
+
+	notifyRuleCache      *memsto.NotifyRuleCacheType
+	notifyChannelCache   *memsto.NotifyChannelCacheType
+	messageTemplateCache *memsto.MessageTemplateCacheType
+	eventProcessorCache  *memsto.EventProcessorCacheType

 	alerting aconf.Alerting

-	senders map[string]sender.Sender
-	tpls    map[string]*template.Template
+	Senders          map[string]sender.Sender
+	CallBacks        map[string]sender.CallBacker
+	tpls             map[string]*template.Template
+	ExtraSenders     map[string]sender.Sender
+	BeforeSenderHook func(*models.AlertCurEvent) bool

-	ctx *ctx.Context
+	ctx    *ctx.Context
+	Astats *astats.Stats

 	RwLock sync.RWMutex
 }
@@ -39,41 +55,56 @@ type Dispatch struct {
 // 创建一个 Notify 实例
 func NewDispatch(alertRuleCache *memsto.AlertRuleCacheType, userCache *memsto.UserCacheType, userGroupCache *memsto.UserGroupCacheType,
 	alertSubscribeCache *memsto.AlertSubscribeCacheType, targetCache *memsto.TargetCacheType, notifyConfigCache *memsto.NotifyConfigCacheType,
-	alerting aconf.Alerting, ctx *ctx.Context) *Dispatch {
+	taskTplsCache *memsto.TaskTplCache, notifyRuleCache *memsto.NotifyRuleCacheType, notifyChannelCache *memsto.NotifyChannelCacheType,
+	messageTemplateCache *memsto.MessageTemplateCacheType, eventProcessorCache *memsto.EventProcessorCacheType, alerting aconf.Alerting, ctx *ctx.Context, astats *astats.Stats) *Dispatch {
 	notify := &Dispatch{
-		alertRuleCache:      alertRuleCache,
-		userCache:           userCache,
-		userGroupCache:      userGroupCache,
-		alertSubscribeCache: alertSubscribeCache,
-		targetCache:         targetCache,
-		notifyConfigCache:   notifyConfigCache,
+		alertRuleCache:       alertRuleCache,
+		userCache:            userCache,
+		userGroupCache:       userGroupCache,
+		alertSubscribeCache:  alertSubscribeCache,
+		targetCache:          targetCache,
+		notifyConfigCache:    notifyConfigCache,
+		taskTplsCache:        taskTplsCache,
+		notifyRuleCache:      notifyRuleCache,
+		notifyChannelCache:   notifyChannelCache,
+		messageTemplateCache: messageTemplateCache,
+		eventProcessorCache:  eventProcessorCache,

 		alerting: alerting,

-		senders: make(map[string]sender.Sender),
-		tpls:    make(map[string]*template.Template),
+		Senders:          make(map[string]sender.Sender),
+		tpls:             make(map[string]*template.Template),
+		ExtraSenders:     make(map[string]sender.Sender),
+		BeforeSenderHook: func(*models.AlertCurEvent) bool { return true },

-		ctx: ctx,
+		ctx:    ctx,
+		Astats: astats,
 	}
+
+	pipeline.Init()
+
+	// 设置通知记录回调函数
+	notifyChannelCache.SetNotifyRecordFunc(sender.NotifyRecord)
+
 	return notify
 }

 func (e *Dispatch) ReloadTpls() error {
-	err := e.relaodTpls()
+	err := e.reloadTpls()
 	if err != nil {
-		logger.Error("failed to reload tpls: %v", err)
+		logger.Errorf("failed to reload tpls: %v", err)
 	}

 	duration := time.Duration(9000) * time.Millisecond
 	for {
 		time.Sleep(duration)
-		if err := e.relaodTpls(); err != nil {
+		if err := e.reloadTpls(); err != nil {
 			logger.Warning("failed to reload tpls:", err)
 		}
 	}
 }

-func (e *Dispatch) relaodTpls() error {
+func (e *Dispatch) reloadTpls() error {
 	tmpTpls, err := models.ListTpls(e.ctx)
 	if err != nil {
 		return err
@@ -81,21 +112,413 @@ func (e *Dispatch) relaodTpls() error {
 	smtp := e.notifyConfigCache.GetSMTP()

 	senders := map[string]sender.Sender{
-		models.Email:    sender.NewSender(models.Email, tmpTpls, smtp),
-		models.Dingtalk: sender.NewSender(models.Dingtalk, tmpTpls, smtp),
-		models.Wecom:    sender.NewSender(models.Wecom, tmpTpls, smtp),
-		models.Feishu:   sender.NewSender(models.Feishu, tmpTpls, smtp),
-		models.Mm:       sender.NewSender(models.Mm, tmpTpls, smtp),
-		models.Telegram: sender.NewSender(models.Telegram, tmpTpls, smtp),
+		models.Email:      sender.NewSender(models.Email, tmpTpls, smtp),
+		models.Dingtalk:   sender.NewSender(models.Dingtalk, tmpTpls),
+		models.Wecom:      sender.NewSender(models.Wecom, tmpTpls),
+		models.Feishu:     sender.NewSender(models.Feishu, tmpTpls),
+		models.Mm:         sender.NewSender(models.Mm, tmpTpls),
+		models.Telegram:   sender.NewSender(models.Telegram, tmpTpls),
+		models.FeishuCard: sender.NewSender(models.FeishuCard, tmpTpls),
+		models.Lark:       sender.NewSender(models.Lark, tmpTpls),
+		models.LarkCard:   sender.NewSender(models.LarkCard, tmpTpls),
 	}

+	// domain -> Callback()
+	callbacks := map[string]sender.CallBacker{
+		models.DingtalkDomain:   sender.NewCallBacker(models.DingtalkDomain, e.targetCache, e.userCache, e.taskTplsCache, tmpTpls),
+		models.WecomDomain:      sender.NewCallBacker(models.WecomDomain, e.targetCache, e.userCache, e.taskTplsCache, tmpTpls),
+		models.FeishuDomain:     sender.NewCallBacker(models.FeishuDomain, e.targetCache, e.userCache, e.taskTplsCache, tmpTpls),
+		models.TelegramDomain:   sender.NewCallBacker(models.TelegramDomain, e.targetCache, e.userCache, e.taskTplsCache, tmpTpls),
+		models.FeishuCardDomain: sender.NewCallBacker(models.FeishuCardDomain, e.targetCache, e.userCache, e.taskTplsCache, tmpTpls),
+		models.IbexDomain:       sender.NewCallBacker(models.IbexDomain, e.targetCache, e.userCache, e.taskTplsCache, tmpTpls),
+		models.LarkDomain:       sender.NewCallBacker(models.LarkDomain, e.targetCache, e.userCache, e.taskTplsCache, tmpTpls),
+		models.DefaultDomain:    sender.NewCallBacker(models.DefaultDomain, e.targetCache, e.userCache, e.taskTplsCache, tmpTpls),
+		models.LarkCardDomain:   sender.NewCallBacker(models.LarkCardDomain, e.targetCache, e.userCache, e.taskTplsCache, tmpTpls),
+	}
+
+	e.RwLock.RLock()
+	for channelName, extraSender := range e.ExtraSenders {
+		senders[channelName] = extraSender
+	}
+	e.RwLock.RUnlock()
+
 	e.RwLock.Lock()
 	e.tpls = tmpTpls
-	e.senders = senders
+	e.Senders = senders
+	e.CallBacks = callbacks
 	e.RwLock.Unlock()
 	return nil
 }

+func (e *Dispatch) HandleEventWithNotifyRule(eventOrigin *models.AlertCurEvent) {
+
+	if len(eventOrigin.NotifyRuleIds) > 0 {
+		for _, notifyRuleId := range eventOrigin.NotifyRuleIds {
+			// 深拷贝新的 event，避免并发修改 event 冲突
+			eventCopy := eventOrigin.DeepCopy()
+
+			logger.Infof("notify rule ids: %v, event: %+v", notifyRuleId, eventCopy)
+			notifyRule := e.notifyRuleCache.Get(notifyRuleId)
+			if notifyRule == nil {
+				continue
+			}
+
+			if !notifyRule.Enable {
+				continue
+			}
+
+			var processors []models.Processor
+			for _, pipelineConfig := range notifyRule.PipelineConfigs {
+				if !pipelineConfig.Enable {
+					continue
+				}
+
+				eventPipeline := e.eventProcessorCache.Get(pipelineConfig.PipelineId)
+				if eventPipeline == nil {
+					logger.Warningf("notify_id: %d, event:%+v, processor not found", notifyRuleId, eventCopy)
+					continue
+				}
+
+				if !pipelineApplicable(eventPipeline, eventCopy) {
+					logger.Debugf("notify_id: %d, event:%+v, pipeline_id: %d, not applicable", notifyRuleId, eventCopy, pipelineConfig.PipelineId)
+					continue
+				}
+
+				processors = append(processors, e.eventProcessorCache.GetProcessorsById(pipelineConfig.PipelineId)...)
+			}
+
+			for _, processor := range processors {
+				var res string
+				var err error
+				logger.Infof("before processor notify_id: %d, event:%+v, processor:%+v", notifyRuleId, eventCopy, processor)
+				eventCopy, res, err = processor.Process(e.ctx, eventCopy)
+				if eventCopy == nil {
+					logger.Warningf("after processor notify_id: %d, event:%+v, processor:%+v, event is nil", notifyRuleId, eventCopy, processor)
+					break
+				}
+				logger.Infof("after processor notify_id: %d, event:%+v, processor:%+v, res:%v, err:%v", notifyRuleId, eventCopy, processor, res, err)
+			}
+
+			if eventCopy == nil {
+				// 如果 eventCopy 为 nil，说明 eventCopy 被 processor drop 掉了, 不再发送通知
+				continue
+			}
+
+			// notify
+			for i := range notifyRule.NotifyConfigs {
+				err := NotifyRuleMatchCheck(&notifyRule.NotifyConfigs[i], eventCopy)
+				if err != nil {
+					logger.Errorf("notify_id: %d, event:%+v, channel_id:%d, template_id: %d, notify_config:%+v, err:%v", notifyRuleId, eventCopy, notifyRule.NotifyConfigs[i].ChannelID, notifyRule.NotifyConfigs[i].TemplateID, notifyRule.NotifyConfigs[i], err)
+					continue
+				}
+
+				notifyChannel := e.notifyChannelCache.Get(notifyRule.NotifyConfigs[i].ChannelID)
+				messageTemplate := e.messageTemplateCache.Get(notifyRule.NotifyConfigs[i].TemplateID)
+				if notifyChannel == nil {
+					sender.NotifyRecord(e.ctx, []*models.AlertCurEvent{eventCopy}, notifyRuleId, fmt.Sprintf("notify_channel_id:%d", notifyRule.NotifyConfigs[i].ChannelID), "", "", errors.New("notify_channel not found"))
+					logger.Warningf("notify_id: %d, event:%+v, channel_id:%d, template_id: %d, notify_channel not found", notifyRuleId, eventCopy, notifyRule.NotifyConfigs[i].ChannelID, notifyRule.NotifyConfigs[i].TemplateID)
+					continue
+				}
+
+				if notifyChannel.RequestType != "flashduty" && messageTemplate == nil {
+					logger.Warningf("notify_id: %d, channel_name: %v, event:%+v, template_id: %d, message_template not found", notifyRuleId, notifyChannel.Ident, eventCopy, notifyRule.NotifyConfigs[i].TemplateID)
+					sender.NotifyRecord(e.ctx, []*models.AlertCurEvent{eventCopy}, notifyRuleId, notifyChannel.Name, "", "", errors.New("message_template not found"))
+
+					continue
+				}
+
+				// todo go send
+				// todo 聚合 event
+				go e.sendV2([]*models.AlertCurEvent{eventCopy}, notifyRuleId, &notifyRule.NotifyConfigs[i], notifyChannel, messageTemplate)
+			}
+		}
+	}
+}
+
+func pipelineApplicable(pipeline *models.EventPipeline, event *models.AlertCurEvent) bool {
+	if pipeline == nil {
+		return true
+	}
+
+	if !pipeline.FilterEnable {
+		return true
+	}
+
+	tagMatch := true
+	if len(pipeline.LabelFilters) > 0 {
+		for i := range pipeline.LabelFilters {
+			if pipeline.LabelFilters[i].Func == "" {
+				pipeline.LabelFilters[i].Func = pipeline.LabelFilters[i].Op
+			}
+		}
+
+		tagFilters, err := models.ParseTagFilter(pipeline.LabelFilters)
+		if err != nil {
+			logger.Errorf("pipeline applicable failed to parse tag filter: %v event:%+v pipeline:%+v", err, event, pipeline)
+			return false
+		}
+		tagMatch = common.MatchTags(event.TagsMap, tagFilters)
+	}
+
+	attributesMatch := true
+	if len(pipeline.AttrFilters) > 0 {
+		tagFilters, err := models.ParseTagFilter(pipeline.AttrFilters)
+		if err != nil {
+			logger.Errorf("pipeline applicable failed to parse tag filter: %v event:%+v pipeline:%+v err:%v", tagFilters, event, pipeline, err)
+			return false
+		}
+
+		attributesMatch = common.MatchTags(event.JsonTagsAndValue(), tagFilters)
+	}
+
+	return tagMatch && attributesMatch
+}
+
+func NotifyRuleMatchCheck(notifyConfig *models.NotifyConfig, event *models.AlertCurEvent) error {
+	tm := time.Unix(event.TriggerTime, 0)
+	triggerTime := tm.Format("15:04")
+	triggerWeek := int(tm.Weekday())
+
+	timeMatch := false
+
+	if len(notifyConfig.TimeRanges) == 0 {
+		timeMatch = true
+	}
+	for j := range notifyConfig.TimeRanges {
+		if timeMatch {
+			break
+		}
+		enableStime := notifyConfig.TimeRanges[j].Start
+		enableEtime := notifyConfig.TimeRanges[j].End
+		enableDaysOfWeek := notifyConfig.TimeRanges[j].Week
+		length := len(enableDaysOfWeek)
+		// enableStime,enableEtime,enableDaysOfWeek三者长度肯定相同，这里循环一个即可
+		for i := 0; i < length; i++ {
+			if enableDaysOfWeek[i] != triggerWeek {
+				continue
+			}
+
+			if enableStime < enableEtime {
+				if enableEtime == "23:59" {
+					// 02:00-23:59，这种情况做个特殊处理，相当于左闭右闭区间了
+					if triggerTime < enableStime {
+						// mute, 即没生效
+						continue
+					}
+				} else {
+					// 02:00-04:00 或者 02:00-24:00
+					if triggerTime < enableStime || triggerTime >= enableEtime {
+						// mute, 即没生效
+						continue
+					}
+				}
+			} else if enableStime > enableEtime {
+				// 21:00-09:00
+				if triggerTime < enableStime && triggerTime >= enableEtime {
+					// mute, 即没生效
+					continue
+				}
+			}
+
+			// 到这里说明当前时刻在告警规则的某组生效时间范围内，即没有 mute，直接返回 false
+			timeMatch = true
+			break
+		}
+	}
+
+	if !timeMatch {
+		return fmt.Errorf("event time not match time filter")
+	}
+
+	severityMatch := false
+	for i := range notifyConfig.Severities {
+		if notifyConfig.Severities[i] == event.Severity {
+			severityMatch = true
+		}
+	}
+
+	if !severityMatch {
+		return fmt.Errorf("event severity not match severity filter")
+	}
+
+	tagMatch := true
+	if len(notifyConfig.LabelKeys) > 0 {
+		for i := range notifyConfig.LabelKeys {
+			if notifyConfig.LabelKeys[i].Func == "" {
+				notifyConfig.LabelKeys[i].Func = notifyConfig.LabelKeys[i].Op
+			}
+		}
+
+		tagFilters, err := models.ParseTagFilter(notifyConfig.LabelKeys)
+		if err != nil {
+			logger.Errorf("notify send failed to parse tag filter: %v event:%+v notify_config:%+v", err, event, notifyConfig)
+			return fmt.Errorf("failed to parse tag filter: %v", err)
+		}
+		tagMatch = common.MatchTags(event.TagsMap, tagFilters)
+	}
+
+	if !tagMatch {
+		return fmt.Errorf("event tag not match tag filter")
+	}
+
+	attributesMatch := true
+	if len(notifyConfig.Attributes) > 0 {
+		tagFilters, err := models.ParseTagFilter(notifyConfig.Attributes)
+		if err != nil {
+			logger.Errorf("notify send failed to parse tag filter: %v event:%+v notify_config:%+v err:%v", tagFilters, event, notifyConfig, err)
+			return fmt.Errorf("failed to parse tag filter: %v", err)
+		}
+
+		attributesMatch = common.MatchTags(event.JsonTagsAndValue(), tagFilters)
+	}
+
+	if !attributesMatch {
+		return fmt.Errorf("event attributes not match attributes filter")
+	}
+
+	logger.Infof("notify send timeMatch:%v severityMatch:%v tagMatch:%v attributesMatch:%v event:%+v notify_config:%+v", timeMatch, severityMatch, tagMatch, attributesMatch, event, notifyConfig)
+	return nil
+}
+
+func GetNotifyConfigParams(notifyConfig *models.NotifyConfig, contactKey string, userCache *memsto.UserCacheType, userGroupCache *memsto.UserGroupCacheType) ([]string, []int64, map[string]string) {
+	customParams := make(map[string]string)
+	var flashDutyChannelIDs []int64
+	var userInfoParams models.CustomParams
+
+	for key, value := range notifyConfig.Params {
+		switch key {
+		case "user_ids", "user_group_ids", "ids":
+			if data, err := json.Marshal(value); err == nil {
+				var ids []int64
+				if json.Unmarshal(data, &ids) == nil {
+					if key == "user_ids" {
+						userInfoParams.UserIDs = ids
+					} else if key == "user_group_ids" {
+						userInfoParams.UserGroupIDs = ids
+					} else if key == "ids" {
+						flashDutyChannelIDs = ids
+					}
+				}
+			}
+		default:
+			customParams[key] = value.(string)
+		}
+	}
+
+	if len(userInfoParams.UserIDs) == 0 && len(userInfoParams.UserGroupIDs) == 0 {
+		return []string{}, flashDutyChannelIDs, customParams
+	}
+
+	userIds := make([]int64, 0)
+	userIds = append(userIds, userInfoParams.UserIDs...)
+
+	if len(userInfoParams.UserGroupIDs) > 0 {
+		userGroups := userGroupCache.GetByUserGroupIds(userInfoParams.UserGroupIDs)
+		for _, userGroup := range userGroups {
+			userIds = append(userIds, userGroup.UserIds...)
+		}
+	}
+
+	users := userCache.GetByUserIds(userIds)
+	visited := make(map[int64]bool)
+	sendtos := make([]string, 0)
+	for _, user := range users {
+		if visited[user.Id] {
+			continue
+		}
+		var sendto string
+		if contactKey == "phone" {
+			sendto = user.Phone
+		} else if contactKey == "email" {
+			sendto = user.Email
+		} else {
+			sendto, _ = user.ExtractToken(contactKey)
+		}
+
+		if sendto == "" {
+			continue
+		}
+		sendtos = append(sendtos, sendto)
+		visited[user.Id] = true
+	}
+
+	return sendtos, flashDutyChannelIDs, customParams
+}
+
+func (e *Dispatch) sendV2(events []*models.AlertCurEvent, notifyRuleId int64, notifyConfig *models.NotifyConfig, notifyChannel *models.NotifyChannelConfig, messageTemplate *models.MessageTemplate) {
+	if len(events) == 0 {
+		logger.Errorf("notify_id: %d events is empty", notifyRuleId)
+		return
+	}
+
+	tplContent := make(map[string]interface{})
+	if notifyChannel.RequestType != "flashduty" {
+		tplContent = messageTemplate.RenderEvent(events)
+	}
+
+	var contactKey string
+	if notifyChannel.ParamConfig != nil && notifyChannel.ParamConfig.UserInfo != nil {
+		contactKey = notifyChannel.ParamConfig.UserInfo.ContactKey
+	}
+
+	sendtos, flashDutyChannelIDs, customParams := GetNotifyConfigParams(notifyConfig, contactKey, e.userCache, e.userGroupCache)
+
+	e.Astats.GaugeNotifyRecordQueueSize.Inc()
+	defer e.Astats.GaugeNotifyRecordQueueSize.Dec()
+
+	switch notifyChannel.RequestType {
+	case "flashduty":
+		if len(flashDutyChannelIDs) == 0 {
+			flashDutyChannelIDs = []int64{0} // 如果 flashduty 通道没有配置，则使用 0, 给 SendFlashDuty 判断使用, 不给 flashduty 传 channel_id 参数
+		}
+
+		for i := range flashDutyChannelIDs {
+			start := time.Now()
+			respBody, err := notifyChannel.SendFlashDuty(events, flashDutyChannelIDs[i], e.notifyChannelCache.GetHttpClient(notifyChannel.ID))
+			respBody = fmt.Sprintf("duration: %d ms %s", time.Since(start).Milliseconds(), respBody)
+			logger.Infof("notify_id: %d, channel_name: %v, event:%+v, IntegrationUrl: %v dutychannel_id: %v, respBody: %v, err: %v", notifyRuleId, notifyChannel.Name, events[0], notifyChannel.RequestConfig.FlashDutyRequestConfig.IntegrationUrl, flashDutyChannelIDs[i], respBody, err)
+			sender.NotifyRecord(e.ctx, events, notifyRuleId, notifyChannel.Name, strconv.FormatInt(flashDutyChannelIDs[i], 10), respBody, err)
+		}
+
+	case "http":
+		// 使用队列模式处理 http 通知
+		// 创建通知任务
+		task := &memsto.NotifyTask{
+			Events:        events,
+			NotifyRuleId:  notifyRuleId,
+			NotifyChannel: notifyChannel,
+			TplContent:    tplContent,
+			CustomParams:  customParams,
+			Sendtos:       sendtos,
+		}
+
+		// 将任务加入队列
+		success := e.notifyChannelCache.EnqueueNotifyTask(task)
+		if !success {
+			logger.Errorf("failed to enqueue notify task for channel %d, notify_id: %d", notifyChannel.ID, notifyRuleId)
+			// 如果入队失败，记录错误通知
+			sender.NotifyRecord(e.ctx, events, notifyRuleId, notifyChannel.Name, getSendTarget(customParams, sendtos), "", errors.New("failed to enqueue notify task, queue is full"))
+		}
+
+	case "smtp":
+		notifyChannel.SendEmail(notifyRuleId, events, tplContent, sendtos, e.notifyChannelCache.GetSmtpClient(notifyChannel.ID))
+
+	case "script":
+		start := time.Now()
+		target, res, err := notifyChannel.SendScript(events, tplContent, customParams, sendtos)
+		res = fmt.Sprintf("duration: %d ms %s", time.Since(start).Milliseconds(), res)
+		logger.Infof("notify_id: %d, channel_name: %v, event:%+v, tplContent:%s, customParams:%v, target:%s, res:%s, err:%v", notifyRuleId, notifyChannel.Name, events[0], tplContent, customParams, target, res, err)
+		sender.NotifyRecord(e.ctx, events, notifyRuleId, notifyChannel.Name, target, res, err)
+	default:
+		logger.Warningf("notify_id: %d, channel_name: %v, event:%+v send type not found", notifyRuleId, notifyChannel.Name, events[0])
+	}
+}
+
+func NeedBatchContacts(requestConfig *models.HTTPRequestConfig) bool {
+	b, _ := json.Marshal(requestConfig)
+	return strings.Contains(string(b), "$sendtos")
+}
+
 // HandleEventNotify 处理event事件的主逻辑
 // event: 告警/恢复事件
 // isSubscribe: 告警事件是否由subscribe的配置产生
@@ -104,6 +527,7 @@ func (e *Dispatch) HandleEventNotify(event *models.AlertCurEvent, isSubscribe bo
 	if rule == nil {
 		return
 	}
+
 	fillUsers(event, e.userCache, e.userGroupCache)

 	var (
@@ -131,7 +555,7 @@ func (e *Dispatch) HandleEventNotify(event *models.AlertCurEvent, isSubscribe bo
 		notifyTarget.AndMerge(handler(rule, event, notifyTarget, e))
 	}

-	// 处理事件发送,这里用一个goroutine处理一个event的所有发送事件
+	go e.HandleEventWithNotifyRule(event)
 	go e.Send(rule, event, notifyTarget, isSubscribe)

 	// 如果是不是订阅规则出现的event, 则需要处理订阅规则的event
@@ -159,45 +583,180 @@ func (e *Dispatch) handleSubs(event *models.AlertCurEvent) {

 // handleSub 处理订阅规则的event,注意这里event要使用值传递,因为后面会修改event的状态
 func (e *Dispatch) handleSub(sub *models.AlertSubscribe, event models.AlertCurEvent) {
-	if sub.IsDisabled() || !sub.MatchCluster(event.DatasourceId) {
+	if sub.IsDisabled() {
 		return
 	}
+
+	if !sub.MatchCluster(event.DatasourceId) {
+		return
+	}
+
+	if !sub.MatchProd(event.RuleProd) {
+		return
+	}
+
+	if !sub.MatchCate(event.Cate) {
+		return
+	}
+
 	if !common.MatchTags(event.TagsMap, sub.ITags) {
 		return
 	}
+	// event BusiGroups filter
+	if !common.MatchGroupsName(event.GroupName, sub.IBusiGroups) {
+		return
+	}
 	if sub.ForDuration > (event.TriggerTime - event.FirstTriggerTime) {
 		return
 	}
+
+	if len(sub.SeveritiesJson) != 0 {
+		match := false
+		for _, s := range sub.SeveritiesJson {
+			if s == event.Severity || s == 0 {
+				match = true
+				break
+			}
+		}
+		if !match {
+			return
+		}
+	}
+
+	e.Astats.CounterSubEventTotal.WithLabelValues(event.GroupName).Inc()
 	sub.ModifyEvent(&event)
+	event.SubRuleId = sub.Id
+
 	LogEvent(&event, "subscribe")
 	e.HandleEventNotify(&event, true)
 }

 func (e *Dispatch) Send(rule *models.AlertRule, event *models.AlertCurEvent, notifyTarget *NotifyTarget, isSubscribe bool) {
-	for channel, uids := range notifyTarget.ToChannelUserMap() {
-		ctx := sender.BuildMessageContext(rule, event, uids, e.userCache)
-		e.RwLock.RLock()
-		s := e.senders[channel]
-		e.RwLock.RUnlock()
-		if s == nil {
-			logger.Warningf("no sender for channel: %s", channel)
-			continue
+	needSend := e.BeforeSenderHook(event)
+	if needSend {
+		for channel, uids := range notifyTarget.ToChannelUserMap() {
+			msgCtx := sender.BuildMessageContext(e.ctx, rule, []*models.AlertCurEvent{event},
+				uids, e.userCache, e.Astats)
+			e.RwLock.RLock()
+			s := e.Senders[channel]
+			e.RwLock.RUnlock()
+			if s == nil {
+				logger.Debugf("no sender for channel: %s", channel)
+				continue
+			}
+
+			var event *models.AlertCurEvent
+			if len(msgCtx.Events) > 0 {
+				event = msgCtx.Events[0]
+			}
+
+			logger.Debugf("send to channel:%s event:%+v users:%+v", channel, event, msgCtx.Users)
+			s.Send(msgCtx)
 		}
-		logger.Debugf("send event: %s, channel: %s", event.Hash, channel)
-		for i := 0; i < len(ctx.Users); i++ {
-			logger.Debug("send event to user: ", ctx.Users[i])
-		}
-		s.Send(ctx)
 	}

 	// handle event callbacks
-	sender.SendCallbacks(e.ctx, notifyTarget.ToCallbackList(), event, e.targetCache, e.notifyConfigCache.GetIbex())
+	e.SendCallbacks(rule, notifyTarget, event)

 	// handle global webhooks
-	sender.SendWebhooks(notifyTarget.ToWebhookList(), event)
+	if !event.OverrideGlobalWebhook() {
+		if e.alerting.WebhookBatchSend {
+			sender.BatchSendWebhooks(e.ctx, notifyTarget.ToWebhookMap(), event, e.Astats)
+		} else {
+			sender.SingleSendWebhooks(e.ctx, notifyTarget.ToWebhookMap(), event, e.Astats)
+		}
+	}

 	// handle plugin call
-	go sender.MayPluginNotify(e.genNoticeBytes(event), e.notifyConfigCache.GetNotifyScript())
+	go sender.MayPluginNotify(e.ctx, e.genNoticeBytes(event), e.notifyConfigCache.
+		GetNotifyScript(), e.Astats, event)
+
+	if !isSubscribe {
+		// handle ibex callbacks
+		e.HandleIbex(rule, event)
+	}
+}
+
+func (e *Dispatch) SendCallbacks(rule *models.AlertRule, notifyTarget *NotifyTarget, event *models.AlertCurEvent) {
+	uids := notifyTarget.ToUidList()
+	urls := notifyTarget.ToCallbackList()
+	whMap := notifyTarget.ToWebhookMap()
+	ogw := event.OverrideGlobalWebhook()
+	for _, urlStr := range urls {
+		if len(urlStr) == 0 {
+			continue
+		}
+
+		cbCtx := sender.BuildCallBackContext(e.ctx, urlStr, rule, []*models.AlertCurEvent{event}, uids, e.userCache, e.alerting.WebhookBatchSend, e.Astats)
+
+		if wh, ok := whMap[cbCtx.CallBackURL]; !ogw && ok && wh.Enable {
+			logger.Debugf("SendCallbacks: webhook[%s] is in global conf.", cbCtx.CallBackURL)
+			continue
+		}
+
+		if strings.HasPrefix(urlStr, "${ibex}") {
+			e.CallBacks[models.IbexDomain].CallBack(cbCtx)
+			continue
+		}
+
+		if !(strings.HasPrefix(urlStr, "http://") || strings.HasPrefix(urlStr, "https://")) {
+			cbCtx.CallBackURL = "http://" + urlStr
+		}
+
+		parsedURL, err := url.Parse(urlStr)
+		if err != nil {
+			logger.Errorf("SendCallbacks: failed to url.Parse(urlStr=%s): %v", urlStr, err)
+			continue
+		}
+
+		// process feishu card
+		if parsedURL.Host == models.FeishuDomain && parsedURL.Query().Get("card") == "1" {
+			e.CallBacks[models.FeishuCardDomain].CallBack(cbCtx)
+			continue
+		}
+
+		// process lark card
+		if parsedURL.Host == models.LarkDomain && parsedURL.Query().Get("card") == "1" {
+			e.CallBacks[models.LarkCardDomain].CallBack(cbCtx)
+			continue
+		}
+
+		callBacker, ok := e.CallBacks[parsedURL.Host]
+		if ok {
+			callBacker.CallBack(cbCtx)
+		} else {
+			e.CallBacks[models.DefaultDomain].CallBack(cbCtx)
+		}
+	}
+}
+
+func (e *Dispatch) HandleIbex(rule *models.AlertRule, event *models.AlertCurEvent) {
+	// 解析 RuleConfig 字段
+	var ruleConfig struct {
+		TaskTpls []*models.Tpl `json:"task_tpls"`
+	}
+	json.Unmarshal([]byte(rule.RuleConfig), &ruleConfig)
+
+	if event.IsRecovered {
+		// 恢复事件不需要走故障自愈的逻辑
+		return
+	}
+
+	for _, t := range ruleConfig.TaskTpls {
+		if t.TplId == 0 {
+			continue
+		}
+
+		if len(t.Host) == 0 {
+			sender.CallIbex(e.ctx, t.TplId, event.TargetIdent,
+				e.taskTplsCache, e.targetCache, e.userCache, event)
+			continue
+		}
+		for _, host := range t.Host {
+			sender.CallIbex(e.ctx, t.TplId, host,
+				e.taskTplsCache, e.targetCache, e.userCache, event)
+		}
+	}
 }

 type Notice struct {
@@ -261,3 +820,22 @@ func mapKeys(m map[int64]struct{}) []int64 {
 	}
 	return lst
 }
+
+func getSendTarget(customParams map[string]string, sendtos []string) string {
+	if len(customParams) == 0 {
+		return strings.Join(sendtos, ",")
+	}
+
+	values := make([]string, 0)
+	for _, value := range customParams {
+		runes := []rune(value)
+		if len(runes) <= 4 {
+			values = append(values, value)
+		} else {
+			maskedValue := string(runes[:len(runes)-4]) + "****"
+			values = append(values, maskedValue)
+		}
+	}
+
+	return strings.Join(values, ",")
+}
--- a/alert/dispatch/log.go
+++ b/alert/dispatch/log.go
@@ -18,15 +18,18 @@ func LogEvent(event *models.AlertCurEvent, location string, err ...error) {
 	}

 	logger.Infof(
-		"event(%s %s) %s: rule_id=%d cluster:%s %v%s@%d %s",
+		"event(%s %s) %s: rule_id=%d sub_id:%d notify_rule_ids:%v cluster:%s %v%s@%d last_eval_time:%d %s",
 		event.Hash,
 		status,
 		location,
 		event.RuleId,
+		event.SubRuleId,
+		event.NotifyRuleIds,
 		event.Cluster,
 		event.TagsJSON,
 		event.TriggerValue,
 		event.TriggerTime,
+		event.LastEvalTime,
 		message,
 	)
 }
--- a/alert/dispatch/notify_target.go
+++ b/alert/dispatch/notify_target.go
@@ -76,12 +76,16 @@ func (s *NotifyTarget) ToCallbackList() []string {
 	return callbacks
 }

-func (s *NotifyTarget) ToWebhookList() []*models.Webhook {
-	webhooks := make([]*models.Webhook, 0, len(s.webhooks))
-	for _, wh := range s.webhooks {
-		webhooks = append(webhooks, wh)
+func (s *NotifyTarget) ToWebhookMap() map[string]*models.Webhook {
+	return s.webhooks
+}
+
+func (s *NotifyTarget) ToUidList() []int64 {
+	uids := make([]int64, 0, len(s.userMap))
+	for uid, _ := range s.userMap {
+		uids = append(uids, uid)
 	}
-	return webhooks
+	return uids
 }

 // Dispatch 抽象由告警事件到信息接收者的路由策略
--- a/alert/eval/alert_rule.go
+++ b/alert/eval/alert_rule.go
@@ -3,12 +3,14 @@ package eval
 import (
 	"context"
 	"fmt"
+	"strconv"
 	"time"

 	"github.com/ccfos/nightingale/v6/alert/aconf"
 	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/alert/naming"
 	"github.com/ccfos/nightingale/v6/alert/process"
+	"github.com/ccfos/nightingale/v6/datasource/commons/eslike"
 	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/pkg/ctx"
 	"github.com/ccfos/nightingale/v6/prom"
@@ -16,7 +18,6 @@ import (
 )

 type Scheduler struct {
-	isCenter bool
 	// key: hash
 	alertRules map[string]*AlertRuleWorker

@@ -24,11 +25,12 @@ type Scheduler struct {

 	aconf aconf.Alert

-	alertRuleCache  *memsto.AlertRuleCacheType
-	targetCache     *memsto.TargetCacheType
-	busiGroupCache  *memsto.BusiGroupCacheType
-	alertMuteCache  *memsto.AlertMuteCacheType
-	datasourceCache *memsto.DatasourceCacheType
+	alertRuleCache          *memsto.AlertRuleCacheType
+	targetCache             *memsto.TargetCacheType
+	targetsOfAlertRuleCache *memsto.TargetsOfAlertRuleCacheType
+	busiGroupCache          *memsto.BusiGroupCacheType
+	alertMuteCache          *memsto.AlertMuteCacheType
+	datasourceCache         *memsto.DatasourceCacheType

 	promClients *prom.PromClientMap

@@ -38,21 +40,22 @@ type Scheduler struct {
 	stats *astats.Stats
 }

-func NewScheduler(isCenter bool, aconf aconf.Alert, externalProcessors *process.ExternalProcessorsType, arc *memsto.AlertRuleCacheType, targetCache *memsto.TargetCacheType,
-	busiGroupCache *memsto.BusiGroupCacheType, alertMuteCache *memsto.AlertMuteCacheType, datasourceCache *memsto.DatasourceCacheType, promClients *prom.PromClientMap, naming *naming.Naming,
-	ctx *ctx.Context, stats *astats.Stats) *Scheduler {
+func NewScheduler(aconf aconf.Alert, externalProcessors *process.ExternalProcessorsType, arc *memsto.AlertRuleCacheType,
+	targetCache *memsto.TargetCacheType, toarc *memsto.TargetsOfAlertRuleCacheType,
+	busiGroupCache *memsto.BusiGroupCacheType, alertMuteCache *memsto.AlertMuteCacheType, datasourceCache *memsto.DatasourceCacheType,
+	promClients *prom.PromClientMap, naming *naming.Naming, ctx *ctx.Context, stats *astats.Stats) *Scheduler {
 	scheduler := &Scheduler{
-		isCenter:   isCenter,
 		aconf:      aconf,
 		alertRules: make(map[string]*AlertRuleWorker),

 		ExternalProcessors: externalProcessors,

-		alertRuleCache:  arc,
-		targetCache:     targetCache,
-		busiGroupCache:  busiGroupCache,
-		alertMuteCache:  alertMuteCache,
-		datasourceCache: datasourceCache,
+		alertRuleCache:          arc,
+		targetCache:             targetCache,
+		targetsOfAlertRuleCache: toarc,
+		busiGroupCache:          busiGroupCache,
+		alertMuteCache:          alertMuteCache,
+		datasourceCache:         datasourceCache,

 		promClients: promClients,
 		naming:      naming,
@@ -60,6 +63,7 @@ func NewScheduler(isCenter bool, aconf aconf.Alert, externalProcessors *process.
 		ctx:   ctx,
 		stats: stats,
 	}
+	eslike.SetEsIndexPatternCacheType(memsto.NewEsIndexPatternCacheType(ctx))

 	go scheduler.LoopSyncRules(context.Background())
 	return scheduler
@@ -87,10 +91,12 @@ func (s *Scheduler) syncAlertRules() {
 		if rule == nil {
 			continue
 		}
-		if rule.IsPrometheusRule() {
-			datasourceIds := s.promClients.Hit(rule.DatasourceIdsJson)
+
+		ruleType := rule.GetRuleType()
+		if rule.IsPrometheusRule() || rule.IsInnerRule() {
+			datasourceIds := s.datasourceCache.GetIDsByDsCateAndQueries(rule.Cate, rule.DatasourceQueries)
 			for _, dsId := range datasourceIds {
-				if !naming.DatasourceHashRing.IsHit(dsId, fmt.Sprintf("%d", rule.Id), s.aconf.Heartbeat.Endpoint) {
+				if !naming.DatasourceHashRing.IsHit(strconv.FormatInt(dsId, 10), fmt.Sprintf("%d", rule.Id), s.aconf.Heartbeat.Endpoint) {
 					continue
 				}
 				ds := s.datasourceCache.GetById(dsId)
@@ -99,27 +105,33 @@ func (s *Scheduler) syncAlertRules() {
 					continue
 				}

+				if ds.PluginType != ruleType {
+					logger.Debugf("datasource %d category is %s not %s", dsId, ds.PluginType, ruleType)
+					continue
+				}
+
 				if ds.Status != "enabled" {
 					logger.Debugf("datasource %d status is %s", dsId, ds.Status)
 					continue
 				}
-				processor := process.NewProcessor(rule, dsId, s.alertRuleCache, s.targetCache, s.busiGroupCache, s.alertMuteCache, s.datasourceCache, s.promClients, s.ctx, s.stats)
+				processor := process.NewProcessor(s.aconf.Heartbeat.EngineName, rule, dsId, s.alertRuleCache, s.targetCache, s.targetsOfAlertRuleCache, s.busiGroupCache, s.alertMuteCache, s.datasourceCache, s.ctx, s.stats)

 				alertRule := NewAlertRuleWorker(rule, dsId, processor, s.promClients, s.ctx)
 				alertRuleWorkers[alertRule.Hash()] = alertRule
 			}
-		} else if rule.IsHostRule() && s.isCenter {
+		} else if rule.IsHostRule() {
 			// all host rule will be processed by center instance
-			if !naming.DatasourceHashRing.IsHit(naming.HostDatasource, fmt.Sprintf("%d", rule.Id), s.aconf.Heartbeat.Endpoint) {
+			if !naming.DatasourceHashRing.IsHit(s.aconf.Heartbeat.EngineName, strconv.FormatInt(rule.Id, 10), s.aconf.Heartbeat.Endpoint) {
 				continue
 			}
-			processor := process.NewProcessor(rule, 0, s.alertRuleCache, s.targetCache, s.busiGroupCache, s.alertMuteCache, s.datasourceCache, s.promClients, s.ctx, s.stats)
+			processor := process.NewProcessor(s.aconf.Heartbeat.EngineName, rule, 0, s.alertRuleCache, s.targetCache, s.targetsOfAlertRuleCache, s.busiGroupCache, s.alertMuteCache, s.datasourceCache, s.ctx, s.stats)
 			alertRule := NewAlertRuleWorker(rule, 0, processor, s.promClients, s.ctx)
 			alertRuleWorkers[alertRule.Hash()] = alertRule
 		} else {
 			// 如果 rule 不是通过 prometheus engine 来告警的，则创建为 externalRule
 			// if rule is not processed by prometheus engine, create it as externalRule
-			for _, dsId := range rule.DatasourceIdsJson {
+			dsIds := s.datasourceCache.GetIDsByDsCateAndQueries(rule.Cate, rule.DatasourceQueries)
+			for _, dsId := range dsIds {
 				ds := s.datasourceCache.GetById(dsId)
 				if ds == nil {
 					logger.Debugf("datasource %d not found", dsId)
@@ -130,7 +142,7 @@ func (s *Scheduler) syncAlertRules() {
 					logger.Debugf("datasource %d status is %s", dsId, ds.Status)
 					continue
 				}
-				processor := process.NewProcessor(rule, dsId, s.alertRuleCache, s.targetCache, s.busiGroupCache, s.alertMuteCache, s.datasourceCache, s.promClients, s.ctx, s.stats)
+				processor := process.NewProcessor(s.aconf.Heartbeat.EngineName, rule, dsId, s.alertRuleCache, s.targetCache, s.targetsOfAlertRuleCache, s.busiGroupCache, s.alertMuteCache, s.datasourceCache, s.ctx, s.stats)
 				externalRuleWorkers[processor.Key()] = processor
 			}
 		}
@@ -139,6 +151,7 @@ func (s *Scheduler) syncAlertRules() {
 	for hash, rule := range alertRuleWorkers {
 		if _, has := s.alertRules[hash]; !has {
 			rule.Prepare()
+			time.Sleep(time.Duration(20) * time.Millisecond)
 			rule.Start()
 			s.alertRules[hash] = rule
 		}
--- a/alert/eval/eval.go
+++ b/alert/eval/eval.go
--- a/alert/eval/eval_test.go
+++ b/alert/eval/eval_test.go
@@ -0,0 +1,458 @@
+package eval
+
+import (
+	"reflect"
+	"testing"
+
+	"golang.org/x/exp/slices"
+)
+
+var (
+	reHashTagIndex1 = map[uint64][][]uint64{
+		1: {
+			{1, 2}, {3, 4},
+		},
+		2: {
+			{5, 6}, {7, 8},
+		},
+	}
+	reHashTagIndex2 = map[uint64][][]uint64{
+		1: {
+			{9, 10}, {11, 12},
+		},
+		3: {
+			{13, 14}, {15, 16},
+		},
+	}
+	seriesTagIndex1 = map[uint64][]uint64{
+		1: {1, 2, 3, 4},
+		2: {5, 6, 7, 8},
+	}
+	seriesTagIndex2 = map[uint64][]uint64{
+		1: {9, 10, 11, 12},
+		3: {13, 14, 15, 16},
+	}
+)
+
+func Test_originalJoin(t *testing.T) {
+	type args struct {
+		seriesTagIndex1 map[uint64][]uint64
+		seriesTagIndex2 map[uint64][]uint64
+	}
+	tests := []struct {
+		name string
+		args args
+		want map[uint64][]uint64
+	}{
+		{
+			name: "original join",
+			args: args{
+				seriesTagIndex1: map[uint64][]uint64{
+					1: {1, 2, 3, 4},
+					2: {5, 6, 7, 8},
+				},
+				seriesTagIndex2: map[uint64][]uint64{
+					1: {9, 10, 11, 12},
+					3: {13, 14, 15, 16},
+				},
+			},
+			want: map[uint64][]uint64{
+				1: {1, 2, 3, 4, 9, 10, 11, 12},
+				2: {5, 6, 7, 8},
+				3: {13, 14, 15, 16},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := originalJoin(tt.args.seriesTagIndex1, tt.args.seriesTagIndex2); !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("originalJoin() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func Test_exclude(t *testing.T) {
+	type args struct {
+		reHashTagIndex1 map[uint64][][]uint64
+		reHashTagIndex2 map[uint64][][]uint64
+	}
+	tests := []struct {
+		name string
+		args args
+		want map[uint64][]uint64
+	}{
+		{
+			name: "left exclude",
+			args: args{
+				reHashTagIndex1: reHashTagIndex1,
+				reHashTagIndex2: reHashTagIndex2,
+			},
+			want: map[uint64][]uint64{
+				0: {5, 6},
+				1: {7, 8},
+			},
+		},
+		{
+			name: "right exclude",
+			args: args{
+				reHashTagIndex1: reHashTagIndex2,
+				reHashTagIndex2: reHashTagIndex1,
+			},
+			want: map[uint64][]uint64{
+				3: {13, 14},
+				4: {15, 16},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := exclude(tt.args.reHashTagIndex1, tt.args.reHashTagIndex2); !allValueDeepEqual(flatten(got), tt.want) {
+				t.Errorf("exclude() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func Test_noneJoin(t *testing.T) {
+	type args struct {
+		seriesTagIndex1 map[uint64][]uint64
+		seriesTagIndex2 map[uint64][]uint64
+	}
+	tests := []struct {
+		name string
+		args args
+		want map[uint64][]uint64
+	}{
+		{
+			name: "none join, direct splicing",
+			args: args{
+				seriesTagIndex1: seriesTagIndex1,
+				seriesTagIndex2: seriesTagIndex2,
+			},
+			want: map[uint64][]uint64{
+				0: {1, 2, 3, 4},
+				1: {5, 6, 7, 8},
+				2: {9, 10, 11, 12},
+				3: {13, 14, 15, 16},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := noneJoin(tt.args.seriesTagIndex1, tt.args.seriesTagIndex2); !allValueDeepEqual(got, tt.want) {
+				t.Errorf("noneJoin() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func Test_cartesianJoin(t *testing.T) {
+	type args struct {
+		seriesTagIndex1 map[uint64][]uint64
+		seriesTagIndex2 map[uint64][]uint64
+	}
+	tests := []struct {
+		name string
+		args args
+		want map[uint64][]uint64
+	}{
+		{
+			name: "cartesian join",
+			args: args{
+				seriesTagIndex1: seriesTagIndex1,
+				seriesTagIndex2: seriesTagIndex2,
+			},
+			want: map[uint64][]uint64{
+				0: {1, 2, 3, 4, 9, 10, 11, 12},
+				1: {5, 6, 7, 8, 9, 10, 11, 12},
+				2: {5, 6, 7, 8, 13, 14, 15, 16},
+				3: {1, 2, 3, 4, 13, 14, 15, 16},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := cartesianJoin(tt.args.seriesTagIndex1, tt.args.seriesTagIndex2); !allValueDeepEqual(got, tt.want) {
+				t.Errorf("cartesianJoin() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func Test_onJoin(t *testing.T) {
+	type args struct {
+		reHashTagIndex1 map[uint64][][]uint64
+		reHashTagIndex2 map[uint64][][]uint64
+		joinType        JoinType
+	}
+	tests := []struct {
+		name string
+		args args
+		want map[uint64][]uint64
+	}{
+		{
+			name: "left join",
+			args: args{
+				reHashTagIndex1: reHashTagIndex1,
+				reHashTagIndex2: reHashTagIndex2,
+				joinType:        Left,
+			},
+			want: map[uint64][]uint64{
+				1: {1, 2, 9, 10},
+				2: {3, 4, 9, 10},
+				3: {1, 2, 11, 12},
+				4: {3, 4, 11, 12},
+				5: {5, 6},
+				6: {7, 8},
+			},
+		},
+		{
+			name: "right join",
+			args: args{
+				reHashTagIndex1: reHashTagIndex2,
+				reHashTagIndex2: reHashTagIndex1,
+				joinType:        Right,
+			},
+			want: map[uint64][]uint64{
+				1: {1, 2, 9, 10},
+				2: {3, 4, 9, 10},
+				3: {1, 2, 11, 12},
+				4: {3, 4, 11, 12},
+				5: {13, 14},
+				6: {15, 16},
+			},
+		},
+
+		{
+			name: "inner join",
+			args: args{
+				reHashTagIndex1: reHashTagIndex1,
+				reHashTagIndex2: reHashTagIndex2,
+				joinType:        Inner,
+			},
+			want: map[uint64][]uint64{
+				1: {1, 2, 9, 10},
+				2: {3, 4, 9, 10},
+				3: {1, 2, 11, 12},
+				4: {3, 4, 11, 12},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := onJoin(tt.args.reHashTagIndex1, tt.args.reHashTagIndex2, tt.args.joinType); !allValueDeepEqual(flatten(got), tt.want) {
+				t.Errorf("onJoin() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+// allValueDeepEqual 判断 map 的 value 是否相同，不考虑 key
+func allValueDeepEqual(got, want map[uint64][]uint64) bool {
+	if len(got) != len(want) {
+		return false
+	}
+	for _, v1 := range got {
+		curEqual := false
+		slices.Sort(v1)
+		for _, v2 := range want {
+			slices.Sort(v2)
+			if reflect.DeepEqual(v1, v2) {
+				curEqual = true
+				break
+			}
+		}
+		if !curEqual {
+			return false
+		}
+	}
+	return true
+}
+
+// allValueDeepEqualOmitOrder 判断两个字符串切片是否相等，不考虑顺序
+func allValueDeepEqualOmitOrder(got, want []string) bool {
+	if len(got) != len(want) {
+		return false
+	}
+	slices.Sort(got)
+	slices.Sort(want)
+	for i := range got {
+		if got[i] != want[i] {
+			return false
+		}
+	}
+	return true
+}
+
+func Test_removeVal(t *testing.T) {
+	type args struct {
+		promql string
+	}
+	tests := []struct {
+		name string
+		args args
+		want string
+	}{
+		// TODO: Add test cases.
+		{
+			name: "removeVal1",
+			args: args{
+				promql: "mem{test1=\"$test1\",test2=\"$test2\",test3=\"$test3\"} > $val",
+			},
+			want: "mem{} > $val",
+		},
+		{
+			name: "removeVal2",
+			args: args{
+				promql: "mem{test1=\"test1\",test2=\"$test2\",test3=\"$test3\"} > $val",
+			},
+			want: "mem{test1=\"test1\"} > $val",
+		},
+		{
+			name: "removeVal3",
+			args: args{
+				promql: "mem{test1=\"$test1\",test2=\"test2\",test3=\"$test3\"} > $val",
+			},
+			want: "mem{test2=\"test2\"} > $val",
+		},
+		{
+			name: "removeVal4",
+			args: args{
+				promql: "mem{test1=\"$test1\",test2=\"$test2\",test3=\"test3\"} > $val",
+			},
+			want: "mem{test3=\"test3\"} > $val",
+		},
+		{
+			name: "removeVal5",
+			args: args{
+				promql: "mem{test1=\"$test1\",test2=\"test2\",test3=\"test3\"} > $val",
+			},
+			want: "mem{test2=\"test2\",test3=\"test3\"} > $val",
+		},
+		{
+			name: "removeVal6",
+			args: args{
+				promql: "mem{test1=\"test1\",test2=\"$test2\",test3=\"test3\"} > $val",
+			},
+			want: "mem{test1=\"test1\",test3=\"test3\"} > $val",
+		},
+		{
+			name: "removeVal7",
+			args: args{
+				promql: "mem{test1=\"test1\",test2=\"test2\",test3='$test3'} > $val",
+			},
+			want: "mem{test1=\"test1\",test2=\"test2\"} > $val",
+		},
+		{
+			name: "removeVal8",
+			args: args{
+				promql: "mem{test1=\"test1\",test2=\"test2\",test3=\"test3\"} > $val",
+			},
+			want: "mem{test1=\"test1\",test2=\"test2\",test3=\"test3\"} > $val",
+		},
+		{
+			name: "removeVal9",
+			args: args{
+				promql: "mem{test1=\"$test1\",test2=\"test2\"} > $val1 and mem{test3=\"test3\",test4=\"test4\"} > $val2",
+			},
+			want: "mem{test2=\"test2\"} > $val1 and mem{test3=\"test3\",test4=\"test4\"} > $val2",
+		},
+		{
+			name: "removeVal10",
+			args: args{
+				promql: "mem{test1=\"test1\",test2='$test2'} > $val1 and mem{test3=\"test3\",test4=\"test4\"} > $val2",
+			},
+			want: "mem{test1=\"test1\"} > $val1 and mem{test3=\"test3\",test4=\"test4\"} > $val2",
+		},
+		{
+			name: "removeVal11",
+			args: args{
+				promql: "mem{test1='test1',test2=\"test2\"} > $val1 and mem{test3=\"$test3\",test4=\"test4\"} > $val2",
+			},
+			want: "mem{test1='test1',test2=\"test2\"} > $val1 and mem{test4=\"test4\"} > $val2",
+		},
+		{
+			name: "removeVal12",
+			args: args{
+				promql: "mem{test1=\"test1\",test2=\"test2\"} > $val1 and mem{test3=\"test3\",test4=\"$test4\"} > $val2",
+			},
+			want: "mem{test1=\"test1\",test2=\"test2\"} > $val1 and mem{test3=\"test3\"} > $val2",
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := removeVal(tt.args.promql); got != tt.want {
+				t.Errorf("removeVal() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestExtractVarMapping(t *testing.T) {
+	tests := []struct {
+		name   string
+		promql string
+		want   map[string]string
+	}{
+		{
+			name:   "单个花括号单个变量",
+			promql: `mem_used_percent{host="$my_host"} > $val`,
+			want:   map[string]string{"my_host": "host"},
+		},
+		{
+			name:   "单个花括号多个变量",
+			promql: `mem_used_percent{host="$my_host",region="$region",env="prod"} > $val`,
+			want:   map[string]string{"my_host": "host", "region": "region"},
+		},
+		{
+			name:   "多个花括号多个变量",
+			promql: `sum(rate(mem_used_percent{host="$my_host"})) by (instance) + avg(node_load1{region="$region"}) > $val`,
+			want:   map[string]string{"my_host": "host", "region": "region"},
+		},
+		{
+			name:   "相同变量出现多次",
+			promql: `sum(rate(mem_used_percent{host="$my_host"})) + avg(node_load1{host="$my_host"}) > $val`,
+			want:   map[string]string{"my_host": "host"},
+		},
+		{
+			name:   "没有变量",
+			promql: `mem_used_percent{host="localhost",region="cn"} > 80`,
+			want:   map[string]string{},
+		},
+		{
+			name:   "没有花括号",
+			promql: `80 > $val`,
+			want:   map[string]string{},
+		},
+		{
+			name:   "格式不规范的标签",
+			promql: `mem_used_percent{host=$my_host,region = $region} > $val`,
+			want:   map[string]string{"my_host": "host", "region": "region"},
+		},
+		{
+			name:   "空花括号",
+			promql: `mem_used_percent{} > $val`,
+			want:   map[string]string{},
+		},
+		{
+			name:   "不完整的花括号",
+			promql: `mem_used_percent{host="$my_host"`,
+			want:   map[string]string{},
+		},
+		{
+			name:   "复杂表达式",
+			promql: `sum(rate(http_requests_total{handler="$handler",code="$code"}[5m])) by (handler) / sum(rate(http_requests_total{handler="$handler"}[5m])) by (handler) * 100 > $threshold`,
+			want:   map[string]string{"handler": "handler", "code": "code"},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got := ExtractVarMapping(tt.promql)
+			if !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("ExtractVarMapping() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
--- a/alert/mute/mute.go
+++ b/alert/mute/mute.go
@@ -9,39 +9,48 @@ import (
 	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/models"

+	"github.com/pkg/errors"
 	"github.com/toolkits/pkg/logger"
 )

-func IsMuted(rule *models.AlertRule, event *models.AlertCurEvent, targetCache *memsto.TargetCacheType, alertMuteCache *memsto.AlertMuteCacheType) bool {
-	if TimeNonEffectiveMuteStrategy(rule, event) {
-		return true
+func IsMuted(rule *models.AlertRule, event *models.AlertCurEvent, targetCache *memsto.TargetCacheType, alertMuteCache *memsto.AlertMuteCacheType) (bool, string, int64) {
+	if rule.Disabled == 1 {
+		return true, "rule disabled", 0
+	}
+
+	if TimeSpanMuteStrategy(rule, event) {
+		return true, "rule is not effective for period of time", 0
 	}

 	if IdentNotExistsMuteStrategy(rule, event, targetCache) {
-		return true
+		return true, "ident not exists mute", 0
 	}

 	if BgNotMatchMuteStrategy(rule, event, targetCache) {
-		return true
+		return true, "bg not match mute", 0
 	}

-	if EventMuteStrategy(event, alertMuteCache) {
-		return true
+	hit, muteId := EventMuteStrategy(event, alertMuteCache)
+	if hit {
+		return true, "match mute rule", muteId
 	}

-	return false
+	return false, "", 0
 }

-// TimeNonEffectiveMuteStrategy 根据规则配置的告警时间过滤,如果产生的告警不在规则配置的告警时间内,则不告警
-func TimeNonEffectiveMuteStrategy(rule *models.AlertRule, event *models.AlertCurEvent) bool {
-	if rule.Disabled == 1 {
-		return true
-	}
-
+// TimeSpanMuteStrategy 根据规则配置的告警生效时间段过滤,如果产生的告警不在规则配置的告警生效时间段内,则不告警,即被mute
+// 时间范围，左闭右开，默认范围：00:00-24:00
+func TimeSpanMuteStrategy(rule *models.AlertRule, event *models.AlertCurEvent) bool {
 	tm := time.Unix(event.TriggerTime, 0)
 	triggerTime := tm.Format("15:04")
 	triggerWeek := strconv.Itoa(int(tm.Weekday()))

+	if rule.EnableDaysOfWeek == "" {
+		// 如果规则没有配置生效时间，则默认全天生效
+
+		return false
+	}
+
 	enableStime := strings.Fields(rule.EnableStime)
 	enableEtime := strings.Fields(rule.EnableEtime)
 	enableDaysOfWeek := strings.Split(rule.EnableDaysOfWeek, ";")
@@ -52,18 +61,33 @@ func TimeNonEffectiveMuteStrategy(rule *models.AlertRule, event *models.AlertCur
 		if !strings.Contains(enableDaysOfWeek[i], triggerWeek) {
 			continue
 		}
-		if enableStime[i] <= enableEtime[i] {
-			if triggerTime < enableStime[i] || triggerTime > enableEtime[i] {
-				continue
+
+		if enableStime[i] < enableEtime[i] {
+			if enableEtime[i] == "23:59" {
+				// 02:00-23:59，这种情况做个特殊处理，相当于左闭右闭区间了
+				if triggerTime < enableStime[i] {
+					// mute, 即没生效
+					continue
+				}
+			} else {
+				// 02:00-04:00 或者 02:00-24:00
+				if triggerTime < enableStime[i] || triggerTime >= enableEtime[i] {
+					// mute, 即没生效
+					continue
+				}
 			}
-		} else {
-			if triggerTime < enableStime[i] && triggerTime > enableEtime[i] {
+		} else if enableStime[i] > enableEtime[i] {
+			// 21:00-09:00
+			if triggerTime < enableStime[i] && triggerTime >= enableEtime[i] {
+				// mute, 即没生效
 				continue
 			}
 		}
-		// 到这里说明当前时刻在告警规则的某组生效时间范围内，直接返回 false
+
+		// 到这里说明当前时刻在告警规则的某组生效时间范围内，即没有 mute，直接返回 false
 		return false
 	}
+
 	return true
 }

@@ -98,40 +122,37 @@ func BgNotMatchMuteStrategy(rule *models.AlertRule, event *models.AlertCurEvent,
 	target, exists := targetCache.Get(ident)
 	// 对于包含ident的告警事件，check一下ident所属bg和rule所属bg是否相同
 	// 如果告警规则选择了只在本BG生效，那其他BG的机器就不能因此规则产生告警
-	if exists && target.GroupId != rule.GroupId {
+	if exists && !target.MatchGroupId(rule.GroupId) {
 		logger.Debugf("[%s] mute: rule_eval:%d cluster:%s", "BgNotMatchMuteStrategy", rule.Id, event.Cluster)
 		return true
 	}
 	return false
 }

-func EventMuteStrategy(event *models.AlertCurEvent, alertMuteCache *memsto.AlertMuteCacheType) bool {
+func EventMuteStrategy(event *models.AlertCurEvent, alertMuteCache *memsto.AlertMuteCacheType) (bool, int64) {
 	mutes, has := alertMuteCache.Gets(event.GroupId)
 	if !has || len(mutes) == 0 {
-		return false
+		return false, 0
 	}

 	for i := 0; i < len(mutes); i++ {
-		if matchMute(event, mutes[i]) {
-			return true
+		matched, _ := MatchMute(event, mutes[i])
+		if matched {
+			return true, mutes[i].Id
 		}
 	}

-	return false
+	return false, 0
 }

-// matchMute 如果传入了clock这个可选参数，就表示使用这个clock表示的时间，否则就从event的字段中取TriggerTime
-func matchMute(event *models.AlertCurEvent, mute *models.AlertMute, clock ...int64) bool {
+// MatchMute 如果传入了clock这个可选参数，就表示使用这个clock表示的时间，否则就从event的字段中取TriggerTime
+func MatchMute(event *models.AlertCurEvent, mute *models.AlertMute, clock ...int64) (bool, error) {
 	if mute.Disabled == 1 {
-		return false
-	}
-	ts := event.TriggerTime
-	if len(clock) > 0 {
-		ts = clock[0]
+		return false, errors.New("mute is disabled")
 	}

 	// 如果不是全局的，判断 匹配的 datasource id
-	if !(len(mute.DatasourceIdsJson) != 0 && mute.DatasourceIdsJson[0] == 0) && event.DatasourceId != 0 {
+	if len(mute.DatasourceIdsJson) != 0 && mute.DatasourceIdsJson[0] != 0 && event.DatasourceId != 0 {
 		idm := make(map[int64]struct{}, len(mute.DatasourceIdsJson))
 		for i := 0; i < len(mute.DatasourceIdsJson); i++ {
 			idm[mute.DatasourceIdsJson[i]] = struct{}{}
@@ -139,40 +160,49 @@ func matchMute(event *models.AlertCurEvent, mute *models.AlertMute, clock ...int

 		// 判断 event.datasourceId 是否包含在 idm 中
 		if _, has := idm[event.DatasourceId]; !has {
-			return false
+			return false, errors.New("datasource id not match")
 		}
 	}

-	var matchTime bool
 	if mute.MuteTimeType == models.TimeRange {
-		if ts < mute.Btime || ts > mute.Etime {
-			return false
+		if !mute.IsWithinTimeRange(event.TriggerTime) {
+			return false, errors.New("event trigger time not within mute time range")
 		}
-		matchTime = true
 	} else if mute.MuteTimeType == models.Periodic {
-		tm := time.Unix(event.TriggerTime, 0)
-		triggerTime := tm.Format("15:04")
-		triggerWeek := strconv.Itoa(int(tm.Weekday()))
+		ts := event.TriggerTime
+		if len(clock) > 0 {
+			ts = clock[0]
+		}

-		for i := 0; i < len(mute.PeriodicMutesJson); i++ {
-			if strings.Contains(mute.PeriodicMutesJson[i].EnableDaysOfWeek, triggerWeek) {
-				if mute.PeriodicMutesJson[i].EnableStime <= mute.PeriodicMutesJson[i].EnableEtime {
-					if triggerTime >= mute.PeriodicMutesJson[i].EnableStime && triggerTime < mute.PeriodicMutesJson[i].EnableEtime {
-						matchTime = true
-						break
-					}
-				} else {
-					if triggerTime < mute.PeriodicMutesJson[i].EnableStime || triggerTime >= mute.PeriodicMutesJson[i].EnableEtime {
-						matchTime = true
-						break
-					}
-				}
+		if !mute.IsWithinPeriodicMute(ts) {
+			return false, errors.New("event trigger time not within periodic mute range")
+		}
+	} else {
+		logger.Warningf("mute time type invalid, %d", mute.MuteTimeType)
+		return false, errors.New("mute time type invalid")
+	}
+
+	var matchSeverity bool
+	if len(mute.SeveritiesJson) > 0 {
+		for _, s := range mute.SeveritiesJson {
+			if event.Severity == s || s == 0 {
+				matchSeverity = true
+				break
 			}
 		}
-	}
-	if !matchTime {
-		return false
+	} else {
+		matchSeverity = true
 	}

-	return common.MatchTags(event.TagsMap, mute.ITags)
+	if !matchSeverity {
+		return false, errors.New("event severity not match mute severity")
+	}
+
+	if mute.ITags == nil || len(mute.ITags) == 0 {
+		return true, nil
+	}
+	if !common.MatchTags(event.TagsMap, mute.ITags) {
+		return false, errors.New("event tags not match mute tags")
+	}
+	return true, nil
 }
--- a/alert/naming/hashring.go
+++ b/alert/naming/hashring.go
@@ -1,6 +1,7 @@
 package naming

 import (
+	"errors"
 	"sync"

 	"github.com/toolkits/pkg/consistent"
@@ -11,12 +12,12 @@ const NodeReplicas = 500

 type DatasourceHashRingType struct {
 	sync.RWMutex
-	Rings map[int64]*consistent.Consistent
+	Rings map[string]*consistent.Consistent
 }

 // for alert_rule sharding
-var HostDatasource int64 = 100000
-var DatasourceHashRing = DatasourceHashRingType{Rings: make(map[int64]*consistent.Consistent)}
+var HostDatasource int64 = 99999999
+var DatasourceHashRing = DatasourceHashRingType{Rings: make(map[string]*consistent.Consistent)}

 func NewConsistentHashRing(replicas int32, nodes []string) *consistent.Consistent {
 	ret := consistent.New()
@@ -27,7 +28,7 @@ func NewConsistentHashRing(replicas int32, nodes []string) *consistent.Consisten
 	return ret
 }

-func RebuildConsistentHashRing(datasourceId int64, nodes []string) {
+func RebuildConsistentHashRing(datasourceId string, nodes []string) {
 	r := consistent.New()
 	r.NumberOfReplicas = NodeReplicas
 	for i := 0; i < len(nodes); i++ {
@@ -35,12 +36,12 @@ func RebuildConsistentHashRing(datasourceId int64, nodes []string) {
 	}

 	DatasourceHashRing.Set(datasourceId, r)
-	logger.Infof("hash ring %d rebuild %+v", datasourceId, r.Members())
+	logger.Infof("hash ring %s rebuild %+v", datasourceId, r.Members())
 }

-func (chr *DatasourceHashRingType) GetNode(datasourceId int64, pk string) (string, error) {
-	chr.RLock()
-	defer chr.RUnlock()
+func (chr *DatasourceHashRingType) GetNode(datasourceId string, pk string) (string, error) {
+	chr.Lock()
+	defer chr.Unlock()
 	_, exists := chr.Rings[datasourceId]
 	if !exists {
 		chr.Rings[datasourceId] = NewConsistentHashRing(int32(NodeReplicas), []string{})
@@ -49,17 +50,36 @@ func (chr *DatasourceHashRingType) GetNode(datasourceId int64, pk string) (strin
 	return chr.Rings[datasourceId].Get(pk)
 }

-func (chr *DatasourceHashRingType) IsHit(datasourceId int64, pk string, currentNode string) bool {
+func (chr *DatasourceHashRingType) IsHit(datasourceId string, pk string, currentNode string) bool {
 	node, err := chr.GetNode(datasourceId, pk)
 	if err != nil {
-		logger.Debugf("datasource id:%d pk:%s failed to get node from hashring:%v", datasourceId, pk, err)
+		if !errors.Is(err, consistent.ErrEmptyCircle) {
+			logger.Errorf("rule id:%s is not work, datasource id:%s failed to get node from hashring:%v", pk, datasourceId, err)
+		}
 		return false
 	}
 	return node == currentNode
 }

-func (chr *DatasourceHashRingType) Set(datasourceId int64, r *consistent.Consistent) {
-	chr.RLock()
-	defer chr.RUnlock()
+func (chr *DatasourceHashRingType) Set(datasourceId string, r *consistent.Consistent) {
+	chr.Lock()
+	defer chr.Unlock()
 	chr.Rings[datasourceId] = r
 }
+
+func (chr *DatasourceHashRingType) Del(datasourceId string) {
+	chr.Lock()
+	defer chr.Unlock()
+	delete(chr.Rings, datasourceId)
+}
+
+func (chr *DatasourceHashRingType) Clear(engineName string) {
+	chr.Lock()
+	defer chr.Unlock()
+	for id := range chr.Rings {
+		if id == engineName {
+			continue
+		}
+		delete(chr.Rings, id)
+	}
+}
--- a/alert/naming/heartbeat.go
+++ b/alert/naming/heartbeat.go
@@ -7,8 +7,10 @@ import (
 	"time"

 	"github.com/ccfos/nightingale/v6/alert/aconf"
+	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/models"
 	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/ccfos/nightingale/v6/pkg/poster"

 	"github.com/toolkits/pkg/logger"
 )
@@ -16,14 +18,14 @@ import (
 type Naming struct {
 	ctx             *ctx.Context
 	heartbeatConfig aconf.HeartbeatConfig
-	isCenter        bool
+	astats          *astats.Stats
 }

-func NewNaming(ctx *ctx.Context, heartbeat aconf.HeartbeatConfig, isCenter bool) *Naming {
+func NewNaming(ctx *ctx.Context, heartbeat aconf.HeartbeatConfig, alertStats *astats.Stats) *Naming {
 	naming := &Naming{
 		ctx:             ctx,
 		heartbeatConfig: heartbeat,
-		isCenter:        isCenter,
+		astats:          alertStats,
 	}
 	naming.Heartbeats()
 	return naming
@@ -31,9 +33,11 @@ func NewNaming(ctx *ctx.Context, heartbeat aconf.HeartbeatConfig, isCenter bool)

 // local servers
 var localss map[int64]string
+var localHostServers map[string]string

 func (n *Naming) Heartbeats() error {
 	localss = make(map[int64]string)
+	localHostServers = make(map[string]string)
 	if err := n.heartbeat(); err != nil {
 		fmt.Println("failed to heartbeat:", err)
 		return err
@@ -45,6 +49,10 @@ func (n *Naming) Heartbeats() error {
 }

 func (n *Naming) loopDeleteInactiveInstances() {
+	if !n.ctx.IsCenter {
+		return
+	}
+
 	interval := time.Duration(10) * time.Minute
 	for {
 		time.Sleep(interval)
@@ -74,7 +82,7 @@ func (n *Naming) heartbeat() error {
 	var err error

 	// 在页面上维护实例和集群的对应关系
-	datasourceIds, err = models.GetDatasourceIdsByClusterName(n.ctx, n.heartbeatConfig.EngineName)
+	datasourceIds, err = models.GetDatasourceIdsByEngineName(n.ctx, n.heartbeatConfig.EngineName)
 	if err != nil {
 		return err
 	}
@@ -83,20 +91,32 @@ func (n *Naming) heartbeat() error {
 		err := models.AlertingEngineHeartbeatWithCluster(n.ctx, n.heartbeatConfig.Endpoint, n.heartbeatConfig.EngineName, 0)
 		if err != nil {
 			logger.Warningf("heartbeat with cluster %s err:%v", "", err)
+			n.astats.CounterHeartbeatErrorTotal.WithLabelValues().Inc()
 		}
 	} else {
 		for i := 0; i < len(datasourceIds); i++ {
 			err := models.AlertingEngineHeartbeatWithCluster(n.ctx, n.heartbeatConfig.Endpoint, n.heartbeatConfig.EngineName, datasourceIds[i])
 			if err != nil {
 				logger.Warningf("heartbeat with cluster %d err:%v", datasourceIds[i], err)
+				n.astats.CounterHeartbeatErrorTotal.WithLabelValues().Inc()
 			}
 		}
 	}

+	if len(datasourceIds) == 0 {
+		DatasourceHashRing.Clear(n.heartbeatConfig.EngineName)
+		for dsId := range localss {
+			delete(localss, dsId)
+		}
+	}
+
+	newDatasource := make(map[int64]struct{})
 	for i := 0; i < len(datasourceIds); i++ {
+		newDatasource[datasourceIds[i]] = struct{}{}
 		servers, err := n.ActiveServers(datasourceIds[i])
 		if err != nil {
 			logger.Warningf("hearbeat %d get active server err:%v", datasourceIds[i], err)
+			n.astats.CounterHeartbeatErrorTotal.WithLabelValues().Inc()
 			continue
 		}

@@ -108,36 +128,42 @@ func (n *Naming) heartbeat() error {
 			continue
 		}

-		RebuildConsistentHashRing(datasourceIds[i], servers)
+		RebuildConsistentHashRing(fmt.Sprintf("%d", datasourceIds[i]), servers)
 		localss[datasourceIds[i]] = newss
 	}

-	if n.isCenter {
-		// 如果是中心节点，还需要处理 host 类型的告警规则，host 类型告警规则，和数据源无关，想复用下数据源的 hash ring，想用一个虚假的数据源 id 来处理
-		// if is center node, we need to handle host type alerting rules, host type alerting rules are not related to datasource, we want to reuse the hash ring of datasource, we want to use a fake datasource id to handle it
-		err := models.AlertingEngineHeartbeatWithCluster(n.ctx, n.heartbeatConfig.Endpoint, n.heartbeatConfig.EngineName, HostDatasource)
-		if err != nil {
-			logger.Warningf("heartbeat with cluster %s err:%v", "", err)
+	for dsId := range localss {
+		if _, exists := newDatasource[dsId]; !exists {
+			delete(localss, dsId)
+			DatasourceHashRing.Del(fmt.Sprintf("%d", dsId))
 		}
-
-		servers, err := n.ActiveServers(HostDatasource)
-		if err != nil {
-			logger.Warningf("hearbeat %d get active server err:%v", HostDatasource, err)
-			return nil
-		}
-
-		sort.Strings(servers)
-		newss := strings.Join(servers, " ")
-
-		oldss, exists := localss[HostDatasource]
-		if exists && oldss == newss {
-			return nil
-		}
-
-		RebuildConsistentHashRing(HostDatasource, servers)
-		localss[HostDatasource] = newss
 	}

+	// host 告警使用的是 hash ring
+	err = models.AlertingEngineHeartbeatWithCluster(n.ctx, n.heartbeatConfig.Endpoint, n.heartbeatConfig.EngineName, HostDatasource)
+	if err != nil {
+		logger.Warningf("heartbeat with cluster %s err:%v", "", err)
+		n.astats.CounterHeartbeatErrorTotal.WithLabelValues().Inc()
+	}
+
+	servers, err := n.ActiveServersByEngineName()
+	if err != nil {
+		logger.Warningf("hearbeat %d get active server err:%v", HostDatasource, err)
+		n.astats.CounterHeartbeatErrorTotal.WithLabelValues().Inc()
+		return nil
+	}
+
+	sort.Strings(servers)
+	newss := strings.Join(servers, " ")
+
+	oldss, exists := localHostServers[n.heartbeatConfig.EngineName]
+	if exists && oldss == newss {
+		return nil
+	}
+
+	RebuildConsistentHashRing(n.heartbeatConfig.EngineName, servers)
+	localHostServers[n.heartbeatConfig.EngineName] = newss
+
 	return nil
 }

@@ -146,6 +172,21 @@ func (n *Naming) ActiveServers(datasourceId int64) ([]string, error) {
 		return nil, fmt.Errorf("cluster is empty")
 	}

+	if !n.ctx.IsCenter {
+		lst, err := poster.GetByUrls[[]string](n.ctx, "/v1/n9e/servers-active?dsid="+fmt.Sprintf("%d", datasourceId))
+		return lst, err
+	}
+
 	// 30秒内有心跳，就认为是活的
 	return models.AlertingEngineGetsInstances(n.ctx, "datasource_id = ? and clock > ?", datasourceId, time.Now().Unix()-30)
 }
+
+func (n *Naming) ActiveServersByEngineName() ([]string, error) {
+	if !n.ctx.IsCenter {
+		lst, err := poster.GetByUrls[[]string](n.ctx, "/v1/n9e/servers-active?engine_name="+n.heartbeatConfig.EngineName)
+		return lst, err
+	}
+
+	// 30秒内有心跳，就认为是活的
+	return models.AlertingEngineGetsInstances(n.ctx, "engine_cluster = ? and clock > ?", n.heartbeatConfig.EngineName, time.Now().Unix()-30)
+}
--- a/alert/naming/leader.go
+++ b/alert/naming/leader.go
@@ -0,0 +1,28 @@
+package naming
+
+import (
+	"sort"
+
+	"github.com/toolkits/pkg/logger"
+)
+
+func (n *Naming) IamLeader() bool {
+	if !n.ctx.IsCenter {
+		return false
+	}
+
+	servers, err := n.ActiveServersByEngineName()
+	if err != nil {
+		logger.Errorf("failed to get active servers: %v", err)
+		return false
+	}
+
+	if len(servers) == 0 {
+		logger.Errorf("active servers empty")
+		return false
+	}
+
+	sort.Strings(servers)
+
+	return n.heartbeatConfig.Endpoint == servers[0]
+}
--- a/alert/pipeline/pipeline.go
+++ b/alert/pipeline/pipeline.go
@@ -0,0 +1,12 @@
+package pipeline
+
+import (
+	_ "github.com/ccfos/nightingale/v6/alert/pipeline/processor/aisummary"
+	_ "github.com/ccfos/nightingale/v6/alert/pipeline/processor/callback"
+	_ "github.com/ccfos/nightingale/v6/alert/pipeline/processor/eventdrop"
+	_ "github.com/ccfos/nightingale/v6/alert/pipeline/processor/eventupdate"
+	_ "github.com/ccfos/nightingale/v6/alert/pipeline/processor/relabel"
+)
+
+func Init() {
+}
--- a/alert/pipeline/processor/aisummary/ai_summary.go
+++ b/alert/pipeline/processor/aisummary/ai_summary.go
@@ -0,0 +1,244 @@
+package aisummary
+
+import (
+	"bytes"
+	"crypto/tls"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"strconv"
+	"strings"
+	"text/template"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/alert/pipeline/processor/callback"
+	"github.com/ccfos/nightingale/v6/alert/pipeline/processor/common"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/ccfos/nightingale/v6/pkg/tplx"
+)
+
+const (
+	HTTP_STATUS_SUCCESS_MAX = 299
+)
+
+// AISummaryConfig 配置结构体
+type AISummaryConfig struct {
+	callback.HTTPConfig
+	ModelName      string                 `json:"model_name"`
+	APIKey         string                 `json:"api_key"`
+	PromptTemplate string                 `json:"prompt_template"`
+	CustomParams   map[string]interface{} `json:"custom_params"`
+}
+
+type Message struct {
+	Role    string `json:"role"`
+	Content string `json:"content"`
+}
+
+type ChatCompletionResponse struct {
+	Choices []struct {
+		Message struct {
+			Content string `json:"content"`
+		} `json:"message"`
+	} `json:"choices"`
+}
+
+func init() {
+	models.RegisterProcessor("ai_summary", &AISummaryConfig{})
+}
+
+func (c *AISummaryConfig) Init(settings interface{}) (models.Processor, error) {
+	result, err := common.InitProcessor[*AISummaryConfig](settings)
+	return result, err
+}
+
+func (c *AISummaryConfig) Process(ctx *ctx.Context, event *models.AlertCurEvent) (*models.AlertCurEvent, string, error) {
+	if c.Client == nil {
+		if err := c.initHTTPClient(); err != nil {
+			return event, "", fmt.Errorf("failed to initialize HTTP client: %v processor: %v", err, c)
+		}
+	}
+
+	// 准备告警事件信息
+	eventInfo, err := c.prepareEventInfo(event)
+	if err != nil {
+		return event, "", fmt.Errorf("failed to prepare event info: %v processor: %v", err, c)
+	}
+
+	// 调用AI模型生成总结
+	summary, err := c.generateAISummary(eventInfo)
+	if err != nil {
+		return event, "", fmt.Errorf("failed to generate AI summary: %v processor: %v", err, c)
+	}
+
+	// 将总结添加到annotations字段
+	if event.AnnotationsJSON == nil {
+		event.AnnotationsJSON = make(map[string]string)
+	}
+	event.AnnotationsJSON["ai_summary"] = summary
+
+	// 更新Annotations字段
+	b, err := json.Marshal(event.AnnotationsJSON)
+	if err != nil {
+		return event, "", fmt.Errorf("failed to marshal annotations: %v processor: %v", err, c)
+	}
+	event.Annotations = string(b)
+
+	return event, "", nil
+}
+
+func (c *AISummaryConfig) initHTTPClient() error {
+	transport := &http.Transport{
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: c.SkipSSLVerify},
+	}
+
+	if c.Proxy != "" {
+		proxyURL, err := url.Parse(c.Proxy)
+		if err != nil {
+			return fmt.Errorf("failed to parse proxy url: %v", err)
+		}
+		transport.Proxy = http.ProxyURL(proxyURL)
+	}
+
+	c.Client = &http.Client{
+		Timeout:   time.Duration(c.Timeout) * time.Millisecond,
+		Transport: transport,
+	}
+	return nil
+}
+
+func (c *AISummaryConfig) prepareEventInfo(event *models.AlertCurEvent) (string, error) {
+	var defs = []string{
+		"{{$event := .}}",
+	}
+
+	text := strings.Join(append(defs, c.PromptTemplate), "")
+	t, err := template.New("prompt").Funcs(template.FuncMap(tplx.TemplateFuncMap)).Parse(text)
+	if err != nil {
+		return "", fmt.Errorf("failed to parse prompt template: %v", err)
+	}
+
+	var body bytes.Buffer
+	err = t.Execute(&body, event)
+	if err != nil {
+		return "", fmt.Errorf("failed to execute prompt template: %v", err)
+	}
+
+	return body.String(), nil
+}
+
+func (c *AISummaryConfig) generateAISummary(eventInfo string) (string, error) {
+	// 构建基础请求参数
+	reqParams := map[string]interface{}{
+		"model": c.ModelName,
+		"messages": []Message{
+			{
+				Role:    "user",
+				Content: eventInfo,
+			},
+		},
+	}
+
+	// 合并自定义参数
+	for k, v := range c.CustomParams {
+		converted, err := convertCustomParam(v)
+		if err != nil {
+			return "", fmt.Errorf("failed to convert custom param %s: %v", k, err)
+		}
+		reqParams[k] = converted
+	}
+
+	// 序列化请求体
+	jsonData, err := json.Marshal(reqParams)
+	if err != nil {
+		return "", fmt.Errorf("failed to marshal request body: %v", err)
+	}
+
+	// 创建HTTP请求
+	req, err := http.NewRequest("POST", c.URL, bytes.NewBuffer(jsonData))
+	if err != nil {
+		return "", fmt.Errorf("failed to create request: %v", err)
+	}
+
+	// 设置请求头
+	req.Header.Set("Authorization", "Bearer "+c.APIKey)
+	req.Header.Set("Content-Type", "application/json")
+	for k, v := range c.Headers {
+		req.Header.Set(k, v)
+	}
+
+	// 发送请求
+	resp, err := c.Client.Do(req)
+	if err != nil {
+		return "", fmt.Errorf("failed to send request: %v", err)
+	}
+	defer resp.Body.Close()
+
+	// 检查响应状态码
+	if resp.StatusCode > HTTP_STATUS_SUCCESS_MAX {
+		body, _ := io.ReadAll(resp.Body)
+		return "", fmt.Errorf("unexpected status code: %d, body: %s", resp.StatusCode, string(body))
+	}
+
+	// 读取响应
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return "", fmt.Errorf("failed to read response body: %v", err)
+	}
+
+	// 解析响应
+	var chatResp ChatCompletionResponse
+	if err := json.Unmarshal(body, &chatResp); err != nil {
+		return "", fmt.Errorf("failed to unmarshal response: %v", err)
+	}
+
+	if len(chatResp.Choices) == 0 {
+		return "", fmt.Errorf("no response from AI model")
+	}
+
+	return chatResp.Choices[0].Message.Content, nil
+}
+
+// convertCustomParam 将前端传入的参数转换为正确的类型
+func convertCustomParam(value interface{}) (interface{}, error) {
+	if value == nil {
+		return nil, nil
+	}
+
+	// 如果是字符串，尝试转换为其他类型
+	if str, ok := value.(string); ok {
+		// 尝试转换为数字
+		if f, err := strconv.ParseFloat(str, 64); err == nil {
+			// 检查是否为整数
+			if f == float64(int64(f)) {
+				return int64(f), nil
+			}
+			return f, nil
+		}
+
+		// 尝试转换为布尔值
+		if b, err := strconv.ParseBool(str); err == nil {
+			return b, nil
+		}
+
+		// 尝试解析为JSON数组
+		if strings.HasPrefix(strings.TrimSpace(str), "[") {
+			var arr []interface{}
+			if err := json.Unmarshal([]byte(str), &arr); err == nil {
+				return arr, nil
+			}
+		}
+
+		// 尝试解析为JSON对象
+		if strings.HasPrefix(strings.TrimSpace(str), "{") {
+			var obj map[string]interface{}
+			if err := json.Unmarshal([]byte(str), &obj); err == nil {
+				return obj, nil
+			}
+		}
+	}
+	return value, nil
+}
--- a/alert/pipeline/processor/aisummary/ai_summary_test.go
+++ b/alert/pipeline/processor/aisummary/ai_summary_test.go
@@ -0,0 +1,139 @@
+package aisummary
+
+import (
+	"testing"
+
+	"github.com/ccfos/nightingale/v6/alert/pipeline/processor/callback"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestAISummaryConfig_Process(t *testing.T) {
+	// 创建测试配置
+	config := &AISummaryConfig{
+		HTTPConfig: callback.HTTPConfig{
+			URL:           "https://generativelanguage.googleapis.com/v1beta/openai/chat/completions",
+			Timeout:       30000,
+			SkipSSLVerify: true,
+			Headers: map[string]string{
+				"Content-Type": "application/json",
+			},
+		},
+		ModelName:      "gemini-2.0-flash",
+		APIKey:         "*",
+		PromptTemplate: "告警规则：{{$event.RuleName}}\n严重程度：{{$event.Severity}}",
+		CustomParams: map[string]interface{}{
+			"temperature": 0.7,
+			"max_tokens":  2000,
+			"top_p":       0.9,
+		},
+	}
+
+	// 创建测试事件
+	event := &models.AlertCurEvent{
+		RuleName: "Test Rule",
+		Severity: 1,
+		TagsMap: map[string]string{
+			"host": "test-host",
+		},
+		AnnotationsJSON: map[string]string{
+			"description": "Test alert",
+		},
+	}
+
+	// 测试模板处理
+	eventInfo, err := config.prepareEventInfo(event)
+	assert.NoError(t, err)
+	assert.Contains(t, eventInfo, "Test Rule")
+	assert.Contains(t, eventInfo, "1")
+
+	// 测试配置初始化
+	processor, err := config.Init(config)
+	assert.NoError(t, err)
+	assert.NotNil(t, processor)
+
+	// 测试处理函数
+	result, _, err := processor.Process(&ctx.Context{}, event)
+	assert.NoError(t, err)
+	assert.NotNil(t, result)
+	assert.NotEmpty(t, result.AnnotationsJSON["ai_summary"])
+
+	// 展示处理结果
+	t.Log("\n=== 处理结果 ===")
+	t.Logf("告警规则: %s", result.RuleName)
+	t.Logf("严重程度: %d", result.Severity)
+	t.Logf("标签: %v", result.TagsMap)
+	t.Logf("原始注释: %v", result.AnnotationsJSON["description"])
+	t.Logf("AI总结: %s", result.AnnotationsJSON["ai_summary"])
+}
+
+func TestConvertCustomParam(t *testing.T) {
+	tests := []struct {
+		name     string
+		input    interface{}
+		expected interface{}
+		hasError bool
+	}{
+		{
+			name:     "nil value",
+			input:    nil,
+			expected: nil,
+			hasError: false,
+		},
+		{
+			name:     "string number to int64",
+			input:    "123",
+			expected: int64(123),
+			hasError: false,
+		},
+		{
+			name:     "string float to float64",
+			input:    "123.45",
+			expected: 123.45,
+			hasError: false,
+		},
+		{
+			name:     "string boolean to bool",
+			input:    "true",
+			expected: true,
+			hasError: false,
+		},
+		{
+			name:     "string false to bool",
+			input:    "false",
+			expected: false,
+			hasError: false,
+		},
+		{
+			name:     "JSON array string to slice",
+			input:    `["a", "b", "c"]`,
+			expected: []interface{}{"a", "b", "c"},
+			hasError: false,
+		},
+		{
+			name:     "JSON object string to map",
+			input:    `{"key": "value", "num": 123}`,
+			expected: map[string]interface{}{"key": "value", "num": float64(123)},
+			hasError: false,
+		},
+		{
+			name:     "plain string remains string",
+			input:    "hello world",
+			expected: "hello world",
+			hasError: false,
+		},
+	}
+
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			converted, err := convertCustomParam(test.input)
+			if test.hasError {
+				assert.Error(t, err)
+				return
+			}
+			assert.NoError(t, err)
+			assert.Equal(t, test.expected, converted)
+		})
+	}
+}
--- a/alert/pipeline/processor/callback/callback.go
+++ b/alert/pipeline/processor/callback/callback.go
@@ -0,0 +1,103 @@
+package callback
+
+import (
+	"crypto/tls"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"strings"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/alert/pipeline/processor/common"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/toolkits/pkg/logger"
+)
+
+type HTTPConfig struct {
+	URL           string            `json:"url"`
+	Method        string            `json:"method,omitempty"`
+	Body          string            `json:"body,omitempty"`
+	Headers       map[string]string `json:"header"`
+	AuthUsername  string            `json:"auth_username"`
+	AuthPassword  string            `json:"auth_password"`
+	Timeout       int               `json:"timeout"` // 单位:ms
+	SkipSSLVerify bool              `json:"skip_ssl_verify"`
+	Proxy         string            `json:"proxy"`
+	Client        *http.Client      `json:"-"`
+}
+
+// RelabelConfig
+type CallbackConfig struct {
+	HTTPConfig
+}
+
+func init() {
+	models.RegisterProcessor("callback", &CallbackConfig{})
+}
+
+func (c *CallbackConfig) Init(settings interface{}) (models.Processor, error) {
+	result, err := common.InitProcessor[*CallbackConfig](settings)
+	return result, err
+}
+
+func (c *CallbackConfig) Process(ctx *ctx.Context, event *models.AlertCurEvent) (*models.AlertCurEvent, string, error) {
+	if c.Client == nil {
+		transport := &http.Transport{
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: c.SkipSSLVerify},
+		}
+
+		if c.Proxy != "" {
+			proxyURL, err := url.Parse(c.Proxy)
+			if err != nil {
+				return event, "", fmt.Errorf("failed to parse proxy url: %v processor: %v", err, c)
+			} else {
+				transport.Proxy = http.ProxyURL(proxyURL)
+			}
+		}
+
+		c.Client = &http.Client{
+			Timeout:   time.Duration(c.Timeout) * time.Millisecond,
+			Transport: transport,
+		}
+	}
+
+	headers := make(map[string]string)
+	headers["Content-Type"] = "application/json"
+	for k, v := range c.Headers {
+		headers[k] = v
+	}
+
+	body, err := json.Marshal(event)
+	if err != nil {
+		return event, "", fmt.Errorf("failed to marshal event: %v processor: %v", err, c)
+	}
+
+	req, err := http.NewRequest("POST", c.URL, strings.NewReader(string(body)))
+	if err != nil {
+		return event, "", fmt.Errorf("failed to create request: %v processor: %v", err, c)
+	}
+
+	for k, v := range headers {
+		req.Header.Set(k, v)
+	}
+
+	if c.AuthUsername != "" && c.AuthPassword != "" {
+		req.SetBasicAuth(c.AuthUsername, c.AuthPassword)
+	}
+
+	resp, err := c.Client.Do(req)
+	if err != nil {
+		return event, "", fmt.Errorf("failed to send request: %v processor: %v", err, c)
+	}
+
+	b, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return event, "", fmt.Errorf("failed to read response body: %v processor: %v", err, c)
+	}
+
+	logger.Debugf("callback processor response body: %s", string(b))
+	return event, "callback success", nil
+}
--- a/alert/pipeline/processor/common/common.go
+++ b/alert/pipeline/processor/common/common.go
@@ -0,0 +1,24 @@
+package common
+
+import (
+	"encoding/json"
+)
+
+// InitProcessor 是一个通用的初始化处理器的方法
+// 使用泛型简化处理器初始化逻辑
+// T 必须是 models.Processor 接口的实现
+func InitProcessor[T any](settings interface{}) (T, error) {
+	var zero T
+	b, err := json.Marshal(settings)
+	if err != nil {
+		return zero, err
+	}
+
+	var result T
+	err = json.Unmarshal(b, &result)
+	if err != nil {
+		return zero, err
+	}
+
+	return result, nil
+}
--- a/alert/pipeline/processor/eventdrop/event_drop.go
+++ b/alert/pipeline/processor/eventdrop/event_drop.go
@@ -0,0 +1,60 @@
+package eventdrop
+
+import (
+	"bytes"
+	"fmt"
+	"strings"
+	texttemplate "text/template"
+
+	"github.com/ccfos/nightingale/v6/alert/pipeline/processor/common"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/ccfos/nightingale/v6/pkg/tplx"
+	"github.com/toolkits/pkg/logger"
+)
+
+type EventDropConfig struct {
+	Content string `json:"content"`
+}
+
+func init() {
+	models.RegisterProcessor("event_drop", &EventDropConfig{})
+}
+
+func (c *EventDropConfig) Init(settings interface{}) (models.Processor, error) {
+	result, err := common.InitProcessor[*EventDropConfig](settings)
+	return result, err
+}
+
+func (c *EventDropConfig) Process(ctx *ctx.Context, event *models.AlertCurEvent) (*models.AlertCurEvent, string, error) {
+	// 使用背景是可以根据此处理器，实现对事件进行更加灵活的过滤的逻辑
+	// 在标签过滤和属性过滤都不满足需求时可以使用
+	// 如果模板执行结果为 true，则删除该事件
+
+	var defs = []string{
+		"{{ $event := . }}",
+		"{{ $labels := .TagsMap }}",
+		"{{ $value := .TriggerValue }}",
+	}
+
+	text := strings.Join(append(defs, c.Content), "")
+
+	tpl, err := texttemplate.New("eventdrop").Funcs(tplx.TemplateFuncMap).Parse(text)
+	if err != nil {
+		return event, "", fmt.Errorf("processor failed to parse template: %v processor: %v", err, c)
+	}
+
+	var body bytes.Buffer
+	if err = tpl.Execute(&body, event); err != nil {
+		return event, "", fmt.Errorf("processor failed to execute template: %v processor: %v", err, c)
+	}
+
+	result := strings.TrimSpace(body.String())
+	logger.Infof("processor eventdrop result: %v", result)
+	if result == "true" {
+		logger.Infof("processor eventdrop drop event: %v", event)
+		return nil, "drop event success", nil
+	}
+
+	return event, "drop event failed", nil
+}
--- a/alert/pipeline/processor/eventupdate/event_update.go
+++ b/alert/pipeline/processor/eventupdate/event_update.go
@@ -0,0 +1,96 @@
+package eventupdate
+
+import (
+	"crypto/tls"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"strings"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/alert/pipeline/processor/callback"
+	"github.com/ccfos/nightingale/v6/alert/pipeline/processor/common"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/toolkits/pkg/logger"
+)
+
+// RelabelConfig
+type EventUpdateConfig struct {
+	callback.HTTPConfig
+}
+
+func init() {
+	models.RegisterProcessor("event_update", &EventUpdateConfig{})
+}
+
+func (c *EventUpdateConfig) Init(settings interface{}) (models.Processor, error) {
+	result, err := common.InitProcessor[*EventUpdateConfig](settings)
+	return result, err
+}
+
+func (c *EventUpdateConfig) Process(ctx *ctx.Context, event *models.AlertCurEvent) (*models.AlertCurEvent, string, error) {
+	if c.Client == nil {
+		transport := &http.Transport{
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: c.SkipSSLVerify},
+		}
+
+		if c.Proxy != "" {
+			proxyURL, err := url.Parse(c.Proxy)
+			if err != nil {
+				return event, "", fmt.Errorf("failed to parse proxy url: %v processor: %v", err, c)
+			} else {
+				transport.Proxy = http.ProxyURL(proxyURL)
+			}
+		}
+
+		c.Client = &http.Client{
+			Timeout:   time.Duration(c.Timeout) * time.Millisecond,
+			Transport: transport,
+		}
+	}
+
+	headers := make(map[string]string)
+	headers["Content-Type"] = "application/json"
+	for k, v := range c.Headers {
+		headers[k] = v
+	}
+
+	body, err := json.Marshal(event)
+	if err != nil {
+		return event, "", fmt.Errorf("failed to marshal event: %v processor: %v", err, c)
+	}
+
+	req, err := http.NewRequest("POST", c.URL, strings.NewReader(string(body)))
+	if err != nil {
+		return event, "", fmt.Errorf("failed to create request: %v processor: %v", err, c)
+	}
+
+	for k, v := range headers {
+		req.Header.Set(k, v)
+	}
+
+	if c.AuthUsername != "" && c.AuthPassword != "" {
+		req.SetBasicAuth(c.AuthUsername, c.AuthPassword)
+	}
+
+	resp, err := c.Client.Do(req)
+	if err != nil {
+		return event, "", fmt.Errorf("failed to send request: %v processor: %v", err, c)
+	}
+
+	b, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, "", fmt.Errorf("failed to read response body: %v processor: %v", err, c)
+	}
+	logger.Debugf("event update processor response body: %s", string(b))
+
+	err = json.Unmarshal(b, &event)
+	if err != nil {
+		return event, "", fmt.Errorf("failed to unmarshal response body: %v processor: %v", err, c)
+	}
+
+	return event, "", nil
+}
--- a/alert/pipeline/processor/relabel/relabel.go
+++ b/alert/pipeline/processor/relabel/relabel.go
@@ -0,0 +1,107 @@
+package relabel
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+
+	"github.com/ccfos/nightingale/v6/alert/pipeline/processor/common"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/ccfos/nightingale/v6/pushgw/pconf"
+	"github.com/ccfos/nightingale/v6/pushgw/writer"
+
+	"github.com/prometheus/common/model"
+	"github.com/prometheus/prometheus/prompb"
+)
+
+const (
+	REPLACE_DOT = "___"
+)
+
+// RelabelConfig
+type RelabelConfig struct {
+	SourceLabels  []string `json:"source_labels"`
+	Separator     string   `json:"separator"`
+	Regex         string   `json:"regex"`
+	RegexCompiled *regexp.Regexp
+	If            string `json:"if"`
+	IfRegex       *regexp.Regexp
+	Modulus       uint64 `json:"modulus"`
+	TargetLabel   string `json:"target_label"`
+	Replacement   string `json:"replacement"`
+	Action        string `json:"action"`
+}
+
+func init() {
+	models.RegisterProcessor("relabel", &RelabelConfig{})
+}
+
+func (r *RelabelConfig) Init(settings interface{}) (models.Processor, error) {
+	result, err := common.InitProcessor[*RelabelConfig](settings)
+	return result, err
+}
+
+func (r *RelabelConfig) Process(ctx *ctx.Context, event *models.AlertCurEvent) (*models.AlertCurEvent, string, error) {
+	sourceLabels := make([]model.LabelName, len(r.SourceLabels))
+	for i := range r.SourceLabels {
+		sourceLabels[i] = model.LabelName(strings.ReplaceAll(r.SourceLabels[i], ".", REPLACE_DOT))
+	}
+
+	relabelConfigs := []*pconf.RelabelConfig{
+		{
+			SourceLabels:  sourceLabels,
+			Separator:     r.Separator,
+			Regex:         r.Regex,
+			RegexCompiled: r.RegexCompiled,
+			If:            r.If,
+			IfRegex:       r.IfRegex,
+			Modulus:       r.Modulus,
+			TargetLabel:   r.TargetLabel,
+			Replacement:   r.Replacement,
+			Action:        r.Action,
+		},
+	}
+
+	EventRelabel(event, relabelConfigs)
+	return event, "", nil
+}
+
+func EventRelabel(event *models.AlertCurEvent, relabelConfigs []*pconf.RelabelConfig) {
+	labels := make([]prompb.Label, len(event.TagsJSON))
+	event.OriginalTagsJSON = make([]string, len(event.TagsJSON))
+	for i, tag := range event.TagsJSON {
+		label := strings.SplitN(tag, "=", 2)
+		if len(label) != 2 {
+			continue
+		}
+		event.OriginalTagsJSON[i] = tag
+
+		label[0] = strings.ReplaceAll(string(label[0]), ".", REPLACE_DOT)
+		labels[i] = prompb.Label{Name: label[0], Value: label[1]}
+	}
+
+	for i := 0; i < len(relabelConfigs); i++ {
+		if relabelConfigs[i].Replacement == "" {
+			relabelConfigs[i].Replacement = "$1"
+		}
+
+		if relabelConfigs[i].Separator == "" {
+			relabelConfigs[i].Separator = ";"
+		}
+
+		if relabelConfigs[i].Regex == "" {
+			relabelConfigs[i].Regex = "(.*)"
+		}
+	}
+
+	gotLabels := writer.Process(labels, relabelConfigs...)
+	event.TagsJSON = make([]string, len(gotLabels))
+	event.TagsMap = make(map[string]string, len(gotLabels))
+	for i, label := range gotLabels {
+		label.Name = strings.ReplaceAll(string(label.Name), REPLACE_DOT, ".")
+		event.TagsJSON[i] = fmt.Sprintf("%s=%s", label.Name, label.Value)
+		event.TagsMap[label.Name] = label.Value
+	}
+	event.Tags = strings.Join(event.TagsJSON, ",,")
+}
--- a/alert/process/process.go
+++ b/alert/process/process.go
@@ -2,6 +2,7 @@ package process

 import (
 	"bytes"
+	"encoding/json"
 	"fmt"
 	"html/template"
 	"sort"
@@ -13,16 +14,20 @@ import (
 	"github.com/ccfos/nightingale/v6/alert/common"
 	"github.com/ccfos/nightingale/v6/alert/dispatch"
 	"github.com/ccfos/nightingale/v6/alert/mute"
+	"github.com/ccfos/nightingale/v6/alert/pipeline/processor/relabel"
 	"github.com/ccfos/nightingale/v6/alert/queue"
 	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/models"
 	"github.com/ccfos/nightingale/v6/pkg/ctx"
 	"github.com/ccfos/nightingale/v6/pkg/tplx"
-	"github.com/ccfos/nightingale/v6/prom"
+
+	"github.com/robfig/cron/v3"
 	"github.com/toolkits/pkg/logger"
 	"github.com/toolkits/pkg/str"
 )

+type EventMuteHookFunc func(event *models.AlertCurEvent) bool
+
 type ExternalProcessorsType struct {
 	ExternalLock sync.RWMutex
 	Processors   map[string]*Processor
@@ -43,29 +48,38 @@ func (e *ExternalProcessorsType) GetExternalAlertRule(datasourceId, id int64) (*
 	return processor, has
 }

+type HandleEventFunc func(event *models.AlertCurEvent)
+
 type Processor struct {
 	datasourceId int64
+	EngineName   string

-	rule     *models.AlertRule
-	fires    *AlertCurEventMap
-	pendings *AlertCurEventMap
-	inhibit  bool
+	rule                 *models.AlertRule
+	fires                *AlertCurEventMap
+	pendings             *AlertCurEventMap
+	pendingsUseByRecover *AlertCurEventMap
+	inhibit              bool

-	tagsMap    map[string]string
-	tagsArr    []string
-	target     string
-	targetNote string
-	groupName  string
+	tagsMap   map[string]string
+	tagsArr   []string
+	groupName string

-	atertRuleCache  *memsto.AlertRuleCacheType
-	TargetCache     *memsto.TargetCacheType
-	BusiGroupCache  *memsto.BusiGroupCacheType
-	alertMuteCache  *memsto.AlertMuteCacheType
-	datasourceCache *memsto.DatasourceCacheType
+	alertRuleCache          *memsto.AlertRuleCacheType
+	TargetCache             *memsto.TargetCacheType
+	TargetsOfAlertRuleCache *memsto.TargetsOfAlertRuleCacheType
+	BusiGroupCache          *memsto.BusiGroupCacheType
+	alertMuteCache          *memsto.AlertMuteCacheType
+	datasourceCache         *memsto.DatasourceCacheType

-	promClients *prom.PromClientMap
-	ctx         *ctx.Context
-	stats       *astats.Stats
+	ctx   *ctx.Context
+	Stats *astats.Stats
+
+	HandleFireEventHook    HandleEventFunc
+	HandleRecoverEventHook HandleEventFunc
+	EventMuteHook          EventMuteHookFunc
+
+	ScheduleEntry    cron.Entry
+	PromEvalInterval int
 }

 func (p *Processor) Key() string {
@@ -77,63 +91,93 @@ func (p *Processor) DatasourceId() int64 {
 }

 func (p *Processor) Hash() string {
-	return str.MD5(fmt.Sprintf("%d_%d_%s_%d",
+	return str.MD5(fmt.Sprintf("%d_%s_%s_%d",
 		p.rule.Id,
-		p.rule.PromEvalInterval,
+		p.rule.CronPattern,
 		p.rule.RuleConfig,
 		p.datasourceId,
 	))
 }

-func NewProcessor(rule *models.AlertRule, datasourceId int64, atertRuleCache *memsto.AlertRuleCacheType, targetCache *memsto.TargetCacheType,
-	busiGroupCache *memsto.BusiGroupCacheType, alertMuteCache *memsto.AlertMuteCacheType, datasourceCache *memsto.DatasourceCacheType, promClients *prom.PromClientMap, ctx *ctx.Context,
+func NewProcessor(engineName string, rule *models.AlertRule, datasourceId int64, alertRuleCache *memsto.AlertRuleCacheType,
+	targetCache *memsto.TargetCacheType, targetsOfAlertRuleCache *memsto.TargetsOfAlertRuleCacheType,
+	busiGroupCache *memsto.BusiGroupCacheType, alertMuteCache *memsto.AlertMuteCacheType, datasourceCache *memsto.DatasourceCacheType, ctx *ctx.Context,
 	stats *astats.Stats) *Processor {

 	p := &Processor{
+		EngineName:   engineName,
 		datasourceId: datasourceId,
 		rule:         rule,

-		TargetCache:     targetCache,
-		BusiGroupCache:  busiGroupCache,
-		alertMuteCache:  alertMuteCache,
-		atertRuleCache:  atertRuleCache,
-		datasourceCache: datasourceCache,
+		TargetCache:             targetCache,
+		TargetsOfAlertRuleCache: targetsOfAlertRuleCache,
+		BusiGroupCache:          busiGroupCache,
+		alertMuteCache:          alertMuteCache,
+		alertRuleCache:          alertRuleCache,
+		datasourceCache:         datasourceCache,

-		promClients: promClients,
-		ctx:         ctx,
-		stats:       stats,
+		ctx:   ctx,
+		Stats: stats,
+
+		HandleFireEventHook:    func(event *models.AlertCurEvent) {},
+		HandleRecoverEventHook: func(event *models.AlertCurEvent) {},
+		EventMuteHook:          func(event *models.AlertCurEvent) bool { return false },
 	}

 	p.mayHandleGroup()
 	return p
 }

-func (p *Processor) Handle(anomalyPoints []common.AnomalyPoint, from string, inhibit bool) {
+func (p *Processor) Handle(anomalyPoints []models.AnomalyPoint, from string, inhibit bool) {
 	// 有可能rule的一些配置已经发生变化，比如告警接收人、callbacks等
 	// 这些信息的修改是不会引起worker restart的，但是确实会影响告警处理逻辑
 	// 所以，这里直接从memsto.AlertRuleCache中获取并覆盖
 	p.inhibit = inhibit
-	p.rule = p.atertRuleCache.Get(p.rule.Id)
-	cachedRule := p.rule
+	cachedRule := p.alertRuleCache.Get(p.rule.Id)
 	if cachedRule == nil {
 		logger.Errorf("rule not found %+v", anomalyPoints)
+		p.Stats.CounterRuleEvalErrorTotal.WithLabelValues(fmt.Sprintf("%v", p.DatasourceId()), "handle_event", p.BusiGroupCache.GetNameByBusiGroupId(p.rule.GroupId), fmt.Sprintf("%v", p.rule.Id)).Inc()
 		return
 	}

+	// 在 rule 变化之前取到 ruleHash
+	ruleHash := p.rule.Hash()
+
+	p.rule = cachedRule
 	now := time.Now().Unix()
 	alertingKeys := map[string]struct{}{}

 	// 根据 event 的 tag 将 events 分组，处理告警抑制的情况
 	eventsMap := make(map[string][]*models.AlertCurEvent)
 	for _, anomalyPoint := range anomalyPoints {
-		event := p.BuildEvent(anomalyPoint, from, now)
+		event := p.BuildEvent(anomalyPoint, from, now, ruleHash)
+		event.NotifyRuleIds = cachedRule.NotifyRuleIds
 		// 如果 event 被 mute 了,本质也是 fire 的状态,这里无论如何都添加到 alertingKeys 中,防止 fire 的事件自动恢复了
 		hash := event.Hash
 		alertingKeys[hash] = struct{}{}
-		if mute.IsMuted(cachedRule, event, p.TargetCache, p.alertMuteCache) {
-			logger.Debugf("rule_eval:%s event:%v is muted", p.Key(), event)
+		isMuted, detail, muteId := mute.IsMuted(cachedRule, event, p.TargetCache, p.alertMuteCache)
+		if isMuted {
+			logger.Debugf("rule_eval:%s event:%v is muted, detail:%s", p.Key(), event, detail)
+			p.Stats.CounterMuteTotal.WithLabelValues(
+				fmt.Sprintf("%v", event.GroupName),
+				fmt.Sprintf("%v", p.rule.Id),
+				fmt.Sprintf("%v", muteId),
+				fmt.Sprintf("%v", p.datasourceId),
+			).Inc()
 			continue
 		}
+
+		if p.EventMuteHook(event) {
+			logger.Debugf("rule_eval:%s event:%v is muted by hook", p.Key(), event)
+			p.Stats.CounterMuteTotal.WithLabelValues(
+				fmt.Sprintf("%v", event.GroupName),
+				fmt.Sprintf("%v", p.rule.Id),
+				fmt.Sprintf("%v", 0),
+				fmt.Sprintf("%v", p.datasourceId),
+			).Inc()
+			continue
+		}
+
 		tagHash := TagHash(anomalyPoint)
 		eventsMap[tagHash] = append(eventsMap[tagHash], event)
 	}
@@ -142,12 +186,14 @@ func (p *Processor) Handle(anomalyPoints []common.AnomalyPoint, from string, inh
 		p.handleEvent(events)
 	}

-	p.HandleRecover(alertingKeys, now)
+	if from == "inner" {
+		p.HandleRecover(alertingKeys, now, inhibit)
+	}
 }

-func (p *Processor) BuildEvent(anomalyPoint common.AnomalyPoint, from string, now int64) *models.AlertCurEvent {
+func (p *Processor) BuildEvent(anomalyPoint models.AnomalyPoint, from string, now int64, ruleHash string) *models.AlertCurEvent {
 	p.fillTags(anomalyPoint)
-	p.mayHandleIdent()
+
 	hash := Hash(p.rule.Id, p.datasourceId, anomalyPoint)
 	ds := p.datasourceCache.GetById(p.datasourceId)
 	var dsName string
@@ -156,35 +202,94 @@ func (p *Processor) BuildEvent(anomalyPoint common.AnomalyPoint, from string, no
 	}

 	event := p.rule.GenerateNewEvent(p.ctx)
+
+	bg := p.BusiGroupCache.GetByBusiGroupId(p.rule.GroupId)
+	if bg != nil {
+		event.GroupName = bg.Name
+	}
+
 	event.TriggerTime = anomalyPoint.Timestamp
 	event.TagsMap = p.tagsMap
 	event.DatasourceId = p.datasourceId
 	event.Cluster = dsName
 	event.Hash = hash
-	event.TargetIdent = p.target
-	event.TargetNote = p.targetNote
 	event.TriggerValue = anomalyPoint.ReadableValue()
+	event.TriggerValues = anomalyPoint.Values
+	event.TriggerValuesJson = models.EventTriggerValues{ValuesWithUnit: anomalyPoint.ValuesUnit}
 	event.TagsJSON = p.tagsArr
-	event.GroupName = p.groupName
 	event.Tags = strings.Join(p.tagsArr, ",,")
 	event.IsRecovered = false
 	event.Callbacks = p.rule.Callbacks
 	event.CallbacksJSON = p.rule.CallbacksJSON
 	event.Annotations = p.rule.Annotations
-	event.AnnotationsJSON = make(map[string]string)
 	event.RuleConfig = p.rule.RuleConfig
 	event.RuleConfigJson = p.rule.RuleConfigJson
 	event.Severity = anomalyPoint.Severity
+	event.ExtraConfig = p.rule.ExtraConfigJSON
+	event.PromQl = anomalyPoint.Query
+	event.RecoverConfig = anomalyPoint.RecoverConfig
+	event.RuleHash = ruleHash
+
+	if anomalyPoint.TriggerType == models.TriggerTypeNodata {
+		event.TriggerValue = "nodata"
+		ruleConfig := models.RuleQuery{}
+		json.Unmarshal([]byte(p.rule.RuleConfig), &ruleConfig)
+		ruleConfig.TriggerType = anomalyPoint.TriggerType
+		b, _ := json.Marshal(ruleConfig)
+		event.RuleConfig = string(b)
+	}
+
+	if err := json.Unmarshal([]byte(p.rule.Annotations), &event.AnnotationsJSON); err != nil {
+		event.AnnotationsJSON = make(map[string]string) // 解析失败时使用空 map
+		logger.Warningf("unmarshal annotations json failed: %v, rule: %d", err, p.rule.Id)
+	}
+
+	if event.TriggerValues != "" && strings.Count(event.TriggerValues, "$") > 1 {
+		// TriggerValues 有多个变量，将多个变量都放到 TriggerValue 中
+		event.TriggerValue = event.TriggerValues
+	}

 	if from == "inner" {
 		event.LastEvalTime = now
 	} else {
 		event.LastEvalTime = event.TriggerTime
 	}
+
+	// 生成事件之后，立马进程 relabel 处理
+	Relabel(p.rule, event)
+
+	// 放到 Relabel(p.rule, event) 下面，为了处理 relabel 之后，标签里才出现 ident 的情况
+	p.mayHandleIdent(event)
+
+	if event.TargetIdent != "" {
+		if pt, exist := p.TargetCache.Get(event.TargetIdent); exist {
+			pt.GroupNames = p.BusiGroupCache.GetNamesByBusiGroupIds(pt.GroupIds)
+			event.Target = pt
+		} else {
+			logger.Infof("fill event target error, ident: %s doesn't exist in cache.", event.TargetIdent)
+		}
+	}
+
 	return event
 }

-func (p *Processor) HandleRecover(alertingKeys map[string]struct{}, now int64) {
+func Relabel(rule *models.AlertRule, event *models.AlertCurEvent) {
+	if rule == nil {
+		return
+	}
+
+	// need to keep the original label
+	event.OriginalTags = event.Tags
+	event.OriginalTagsJSON = event.TagsJSON
+
+	if len(rule.EventRelabelConfig) == 0 {
+		return
+	}
+
+	relabel.EventRelabel(event, rule.EventRelabelConfig)
+}
+
+func (p *Processor) HandleRecover(alertingKeys map[string]struct{}, now int64, inhibit bool) {
 	for _, hash := range p.pendings.Keys() {
 		if _, has := alertingKeys[hash]; has {
 			continue
@@ -192,53 +297,129 @@ func (p *Processor) HandleRecover(alertingKeys map[string]struct{}, now int64) {
 		p.pendings.Delete(hash)
 	}

-	for hash := range p.fires.GetAll() {
+	hashArr := make([]string, 0, len(alertingKeys))
+	for hash, _ := range p.fires.GetAll() {
 		if _, has := alertingKeys[hash]; has {
 			continue
 		}
-		p.RecoverSingle(hash, now, nil)
+
+		hashArr = append(hashArr, hash)
 	}
+	p.HandleRecoverEvent(hashArr, now, inhibit)
+
 }

-func (p *Processor) RecoverSingle(hash string, now int64, value *string) {
+func (p *Processor) HandleRecoverEvent(hashArr []string, now int64, inhibit bool) {
 	cachedRule := p.rule
 	if cachedRule == nil {
 		return
 	}
+
+	if !inhibit {
+		for _, hash := range hashArr {
+			p.RecoverSingle(false, hash, now, nil)
+		}
+		return
+	}
+
+	eventMap := make(map[string]models.AlertCurEvent)
+	for _, hash := range hashArr {
+		event, has := p.fires.Get(hash)
+		if !has {
+			continue
+		}
+
+		e, exists := eventMap[event.Tags]
+		if !exists {
+			eventMap[event.Tags] = *event
+			continue
+		}
+
+		if e.Severity > event.Severity {
+			// hash 对应的恢复事件的被抑制了，把之前的事件删除
+			p.fires.Delete(e.Hash)
+			p.pendings.Delete(e.Hash)
+			models.AlertCurEventDelByHash(p.ctx, e.Hash)
+			eventMap[event.Tags] = *event
+		}
+	}
+
+	for _, event := range eventMap {
+		p.RecoverSingle(false, event.Hash, now, nil)
+	}
+}
+
+func (p *Processor) RecoverSingle(byRecover bool, hash string, now int64, value *string, values ...string) {
+	cachedRule := p.rule
+	if cachedRule == nil {
+		return
+	}
+
 	event, has := p.fires.Get(hash)
 	if !has {
 		return
 	}
+
 	// 如果配置了留观时长，就不能立马恢复了
-	if cachedRule.RecoverDuration > 0 && now-event.LastEvalTime < cachedRule.RecoverDuration {
+	if cachedRule.RecoverDuration > 0 {
+		lastPendingEvent, has := p.pendingsUseByRecover.Get(hash)
+		if !has {
+			// 说明没有产生过异常点，就不需要恢复了
+			logger.Debugf("rule_eval:%s event:%v do not has pending event, not recover", p.Key(), event)
+			return
+		}
+
+		if now-lastPendingEvent.LastEvalTime < cachedRule.RecoverDuration {
+			logger.Debugf("rule_eval:%s event:%v not recover", p.Key(), event)
+			return
+		}
+	}
+
+	// 如果设置了恢复条件，则不能在此处恢复，必须依靠 recoverPoint 来恢复
+	if event.RecoverConfig.JudgeType != models.Origin && !byRecover {
 		logger.Debugf("rule_eval:%s event:%v not recover", p.Key(), event)
 		return
 	}
+
 	if value != nil {
 		event.TriggerValue = *value
+		if len(values) > 0 {
+			event.TriggerValues = values[0]
+		}
 	}

 	// 没查到触发阈值的vector，姑且就认为这个vector的值恢复了
 	// 我确实无法分辨，是prom中有值但是未满足阈值所以没返回，还是prom中确实丢了一些点导致没有数据可以返回，尴尬
 	p.fires.Delete(hash)
 	p.pendings.Delete(hash)
+	p.pendingsUseByRecover.Delete(hash)

 	// 可能是因为调整了promql才恢复的，所以事件里边要体现最新的promql，否则用户会比较困惑
 	// 当然，其实rule的各个字段都可能发生变化了，都更新一下吧
 	cachedRule.UpdateEvent(event)
 	event.IsRecovered = true
 	event.LastEvalTime = now
+
+	p.HandleRecoverEventHook(event)
 	p.pushEventToQueue(event)
 }

 func (p *Processor) handleEvent(events []*models.AlertCurEvent) {
 	var fireEvents []*models.AlertCurEvent
-	// severity 初始为 4, 一定为遇到比自己优先级高的事件
-	severity := 4
+	// severity 初始为最低优先级, 一定为遇到比自己优先级高的事件
+	severity := models.SeverityLowest
 	for _, event := range events {
 		if event == nil {
 			continue
 		}
+
+		if _, has := p.pendingsUseByRecover.Get(event.Hash); has {
+			p.pendingsUseByRecover.UpdateLastEvalTime(event.Hash, event.LastEvalTime)
+		} else {
+			p.pendingsUseByRecover.Set(event.Hash, event)
+		}
+
+		event.PromEvalInterval = p.PromEvalInterval
 		if p.rule.PromForDuration == 0 {
 			fireEvents = append(fireEvents, event)
 			if severity > event.Severity {
@@ -247,17 +428,18 @@ func (p *Processor) handleEvent(events []*models.AlertCurEvent) {
 			continue
 		}

-		var preTriggerTime int64
+		var preEvalTime int64 // 第一个 pending event 的检测时间
 		preEvent, has := p.pendings.Get(event.Hash)
 		if has {
 			p.pendings.UpdateLastEvalTime(event.Hash, event.LastEvalTime)
-			preTriggerTime = preEvent.TriggerTime
+			preEvalTime = preEvent.FirstEvalTime
 		} else {
+			event.FirstEvalTime = event.LastEvalTime
 			p.pendings.Set(event.Hash, event)
-			preTriggerTime = event.TriggerTime
+			preEvalTime = event.FirstEvalTime
 		}

-		if event.LastEvalTime-preTriggerTime+int64(event.PromEvalInterval) >= int64(p.rule.PromForDuration) {
+		if event.LastEvalTime-preEvalTime+int64(event.PromEvalInterval) >= int64(p.rule.PromForDuration) {
 			fireEvents = append(fireEvents, event)
 			if severity > event.Severity {
 				severity = event.Severity
@@ -285,39 +467,48 @@ func (p *Processor) fireEvent(event *models.AlertCurEvent) {
 	if cachedRule == nil {
 		return
 	}
-	logger.Debugf("rule_eval:%s event:%+v fire", p.Key(), event)
+
+	message := "unknown"
+	defer func() {
+		logger.Infof("rule_eval:%s event-hash-%s %s", p.Key(), event.Hash, message)
+	}()
+
 	if fired, has := p.fires.Get(event.Hash); has {
 		p.fires.UpdateLastEvalTime(event.Hash, event.LastEvalTime)
+		event.FirstTriggerTime = fired.FirstTriggerTime
+		p.HandleFireEventHook(event)

 		if cachedRule.NotifyRepeatStep == 0 {
-			logger.Debugf("rule_eval:%s event:%+v repeat is zero nothing to do", p.Key(), event)
-			// 说明不想重复通知，那就直接返回了，nothing to do
-			// do not need to send alert again
+			message = "stalled, rule.notify_repeat_step is 0, no need to repeat notify"
 			return
 		}

 		// 之前发送过告警了，这次是否要继续发送，要看是否过了通道静默时间
-		if event.LastEvalTime > fired.LastSentTime+int64(cachedRule.NotifyRepeatStep)*60 {
+		if event.LastEvalTime >= fired.LastSentTime+int64(cachedRule.NotifyRepeatStep)*60 {
 			if cachedRule.NotifyMaxNumber == 0 {
 				// 最大可以发送次数如果是0，表示不想限制最大发送次数，一直发即可
 				event.NotifyCurNumber = fired.NotifyCurNumber + 1
-				event.FirstTriggerTime = fired.FirstTriggerTime
+				message = fmt.Sprintf("fired, notify_repeat_step_matched(%d >= %d + %d * 60) notify_max_number_ignore(#%d / %d)", event.LastEvalTime, fired.LastSentTime, cachedRule.NotifyRepeatStep, event.NotifyCurNumber, cachedRule.NotifyMaxNumber)
 				p.pushEventToQueue(event)
 			} else {
 				// 有最大发送次数的限制，就要看已经发了几次了，是否达到了最大发送次数
 				if fired.NotifyCurNumber >= cachedRule.NotifyMaxNumber {
-					logger.Debugf("rule_eval:%s event:%+v reach max number", p.Key(), event)
+					message = fmt.Sprintf("stalled, notify_repeat_step_matched(%d >= %d + %d * 60) notify_max_number_not_matched(#%d / %d)", event.LastEvalTime, fired.LastSentTime, cachedRule.NotifyRepeatStep, fired.NotifyCurNumber, cachedRule.NotifyMaxNumber)
 					return
 				} else {
 					event.NotifyCurNumber = fired.NotifyCurNumber + 1
-					event.FirstTriggerTime = fired.FirstTriggerTime
+					message = fmt.Sprintf("fired, notify_repeat_step_matched(%d >= %d + %d * 60) notify_max_number_matched(#%d / %d)", event.LastEvalTime, fired.LastSentTime, cachedRule.NotifyRepeatStep, event.NotifyCurNumber, cachedRule.NotifyMaxNumber)
 					p.pushEventToQueue(event)
 				}
 			}
+		} else {
+			message = fmt.Sprintf("stalled, notify_repeat_step_not_matched(%d < %d + %d * 60)", event.LastEvalTime, fired.LastSentTime, cachedRule.NotifyRepeatStep)
 		}
 	} else {
 		event.NotifyCurNumber = 1
 		event.FirstTriggerTime = event.TriggerTime
+		message = fmt.Sprintf("fired, first_trigger_time: %d", event.FirstTriggerTime)
+		p.HandleFireEventHook(event)
 		p.pushEventToQueue(event)
 	}
 }
@@ -328,33 +519,61 @@ func (p *Processor) pushEventToQueue(e *models.AlertCurEvent) {
 		p.fires.Set(e.Hash, e)
 	}

-	p.stats.CounterAlertsTotal.WithLabelValues(fmt.Sprintf("%d", e.DatasourceId)).Inc()
 	dispatch.LogEvent(e, "push_queue")
 	if !queue.EventQueue.PushFront(e) {
 		logger.Warningf("event_push_queue: queue is full, event:%+v", e)
+		p.Stats.CounterRuleEvalErrorTotal.WithLabelValues(fmt.Sprintf("%v", p.DatasourceId()), "push_event_queue", p.BusiGroupCache.GetNameByBusiGroupId(p.rule.GroupId), fmt.Sprintf("%v", p.rule.Id)).Inc()
 	}
 }

 func (p *Processor) RecoverAlertCurEventFromDb() {
 	p.pendings = NewAlertCurEventMap(nil)
+	p.pendingsUseByRecover = NewAlertCurEventMap(nil)

-	curEvents, err := models.AlertCurEventGetByRuleIdAndCluster(p.ctx, p.rule.Id, p.datasourceId)
+	curEvents, err := models.AlertCurEventGetByRuleIdAndDsId(p.ctx, p.rule.Id, p.datasourceId)
 	if err != nil {
 		logger.Errorf("recover event from db for rule:%s failed, err:%s", p.Key(), err)
+		p.Stats.CounterRuleEvalErrorTotal.WithLabelValues(fmt.Sprintf("%v", p.DatasourceId()), "get_recover_event", p.BusiGroupCache.GetNameByBusiGroupId(p.rule.GroupId), fmt.Sprintf("%v", p.rule.Id)).Inc()
 		p.fires = NewAlertCurEventMap(nil)
 		return
 	}

 	fireMap := make(map[string]*models.AlertCurEvent)
+	pendingsUseByRecoverMap := make(map[string]*models.AlertCurEvent)
 	for _, event := range curEvents {
+		alertRule := p.alertRuleCache.Get(event.RuleId)
+		if alertRule == nil {
+			continue
+		}
+		event.NotifyRuleIds = alertRule.NotifyRuleIds
+
+		if event.Cate == models.HOST {
+			target, exists := p.TargetCache.Get(event.TargetIdent)
+			if exists && target.EngineName != p.EngineName && !(p.ctx.IsCenter && target.EngineName == "") {
+				// 如果是 host rule，且 target 的 engineName 不是当前的 engineName 或者是中心机房 target EngineName 为空，就跳过
+				continue
+			}
+		}
+
 		event.DB2Mem()
+		target, exists := p.TargetCache.Get(event.TargetIdent)
+		if exists {
+			target.GroupNames = p.BusiGroupCache.GetNamesByBusiGroupIds(target.GroupIds)
+			event.Target = target
+		}
+
 		fireMap[event.Hash] = event
+		e := *event
+		pendingsUseByRecoverMap[event.Hash] = &e
 	}

 	p.fires = NewAlertCurEventMap(fireMap)
+
+	// 修改告警规则，或者进程重启之后，需要重新加载 pendingsUseByRecover
+	p.pendingsUseByRecover = NewAlertCurEventMap(pendingsUseByRecoverMap)
 }

-func (p *Processor) fillTags(anomalyPoint common.AnomalyPoint) {
+func (p *Processor) fillTags(anomalyPoint models.AnomalyPoint) {
 	// handle series tags
 	tagsMap := make(map[string]string)
 	for label, value := range anomalyPoint.Labels {
@@ -366,7 +585,9 @@ func (p *Processor) fillTags(anomalyPoint common.AnomalyPoint) {
 	}

 	// handle rule tags
-	for _, tag := range p.rule.AppendTagsJSON {
+	tags := p.rule.AppendTagsJSON
+	tags = append(tags, "rulename="+p.rule.Name)
+	for _, tag := range tags {
 		arr := strings.SplitN(tag, "=", 2)

 		var defs = []string{
@@ -392,21 +613,25 @@ func (p *Processor) fillTags(anomalyPoint common.AnomalyPoint) {

 		tagsMap[arr[0]] = body.String()
 	}
-
-	tagsMap["rulename"] = p.rule.Name
 	p.tagsMap = tagsMap

 	// handle tagsArr
 	p.tagsArr = labelMapToArr(tagsMap)
 }

-func (p *Processor) mayHandleIdent() {
+func (p *Processor) mayHandleIdent(event *models.AlertCurEvent) {
 	// handle ident
-	if ident, has := p.tagsMap["ident"]; has {
+	if ident, has := event.TagsMap["ident"]; has {
 		if target, exists := p.TargetCache.Get(ident); exists {
-			p.target = target.Ident
-			p.targetNote = target.Note
+			event.TargetIdent = target.Ident
+			event.TargetNote = target.Note
+		} else {
+			event.TargetIdent = ident
+			event.TargetNote = ""
 		}
+	} else {
+		event.TargetIdent = ""
+		event.TargetNote = ""
 	}
 }

@@ -418,6 +643,12 @@ func (p *Processor) mayHandleGroup() {
 	}
 }

+func (p *Processor) DeleteProcessEvent(hash string) {
+	p.fires.Delete(hash)
+	p.pendings.Delete(hash)
+	p.pendingsUseByRecover.Delete(hash)
+}
+
 func labelMapToArr(m map[string]string) []string {
 	numLabels := len(m)

@@ -432,10 +663,10 @@ func labelMapToArr(m map[string]string) []string {
 	return labelStrings
 }

-func Hash(ruleId, datasourceId int64, vector common.AnomalyPoint) string {
-	return str.MD5(fmt.Sprintf("%d_%s_%d_%d", ruleId, vector.Labels.String(), datasourceId, vector.Severity))
+func Hash(ruleId, datasourceId int64, vector models.AnomalyPoint) string {
+	return str.MD5(fmt.Sprintf("%d_%s_%d_%d_%s", ruleId, vector.Labels.String(), datasourceId, vector.Severity, vector.Query))
 }

-func TagHash(vector common.AnomalyPoint) string {
+func TagHash(vector models.AnomalyPoint) string {
 	return str.MD5(vector.Labels.String())
 }
--- a/alert/record/prom_rule.go
+++ b/alert/record/prom_rule.go
@@ -6,9 +6,11 @@ import (
 	"strings"
 	"time"

+	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/models"
 	"github.com/ccfos/nightingale/v6/prom"
 	"github.com/ccfos/nightingale/v6/pushgw/writer"
+	"github.com/robfig/cron/v3"

 	"github.com/toolkits/pkg/logger"
 	"github.com/toolkits/pkg/str"
@@ -18,19 +20,35 @@ type RecordRuleContext struct {
 	datasourceId int64
 	quit         chan struct{}

-	rule *models.RecordingRule
-	// writers     *writer.WritersType
+	scheduler   *cron.Cron
+	rule        *models.RecordingRule
 	promClients *prom.PromClientMap
+	stats       *astats.Stats
 }

-func NewRecordRuleContext(rule *models.RecordingRule, datasourceId int64, promClients *prom.PromClientMap, writers *writer.WritersType) *RecordRuleContext {
-	return &RecordRuleContext{
+func NewRecordRuleContext(rule *models.RecordingRule, datasourceId int64, promClients *prom.PromClientMap, writers *writer.WritersType, stats *astats.Stats) *RecordRuleContext {
+	rrc := &RecordRuleContext{
 		datasourceId: datasourceId,
 		quit:         make(chan struct{}),
 		rule:         rule,
 		promClients:  promClients,
-		//writers:      writers,
+		stats:        stats,
 	}
+
+	if rule.CronPattern == "" && rule.PromEvalInterval != 0 {
+		rule.CronPattern = fmt.Sprintf("@every %ds", rule.PromEvalInterval)
+	}
+
+	rrc.scheduler = cron.New(cron.WithSeconds(), cron.WithChain(cron.SkipIfStillRunning(cron.DefaultLogger)))
+	_, err := rrc.scheduler.AddFunc(rule.CronPattern, func() {
+		rrc.Eval()
+	})
+
+	if err != nil {
+		logger.Errorf("add cron pattern error: %v", err)
+	}
+
+	return rrc
 }

 func (rrc *RecordRuleContext) Key() string {
@@ -38,11 +56,13 @@ func (rrc *RecordRuleContext) Key() string {
 }

 func (rrc *RecordRuleContext) Hash() string {
-	return str.MD5(fmt.Sprintf("%d_%d_%s_%d",
+	return str.MD5(fmt.Sprintf("%d_%s_%s_%d_%s_%s",
 		rrc.rule.Id,
-		rrc.rule.PromEvalInterval,
+		rrc.rule.CronPattern,
 		rrc.rule.PromQl,
 		rrc.datasourceId,
+		rrc.rule.AppendTags,
+		rrc.rule.Name,
 	))
 }

@@ -50,24 +70,11 @@ func (rrc *RecordRuleContext) Prepare() {}

 func (rrc *RecordRuleContext) Start() {
 	logger.Infof("eval:%s started", rrc.Key())
-	interval := rrc.rule.PromEvalInterval
-	if interval <= 0 {
-		interval = 10
-	}
-	go func() {
-		for {
-			select {
-			case <-rrc.quit:
-				return
-			default:
-				rrc.Eval()
-				time.Sleep(time.Duration(interval) * time.Second)
-			}
-		}
-	}()
+	rrc.scheduler.Start()
 }

 func (rrc *RecordRuleContext) Eval() {
+	rrc.stats.CounterRecordEval.WithLabelValues(fmt.Sprintf("%d", rrc.datasourceId)).Inc()
 	promql := strings.TrimSpace(rrc.rule.PromQl)
 	if promql == "" {
 		logger.Errorf("eval:%s promql is blank", rrc.Key())
@@ -76,27 +83,37 @@ func (rrc *RecordRuleContext) Eval() {

 	if rrc.promClients.IsNil(rrc.datasourceId) {
 		logger.Errorf("eval:%s reader client is nil", rrc.Key())
+		rrc.stats.CounterRecordEvalErrorTotal.WithLabelValues(fmt.Sprintf("%d", rrc.datasourceId)).Inc()
 		return
 	}

 	value, warnings, err := rrc.promClients.GetCli(rrc.datasourceId).Query(context.Background(), promql, time.Now())
 	if err != nil {
 		logger.Errorf("eval:%s promql:%s, error:%v", rrc.Key(), promql, err)
+		rrc.stats.CounterRecordEvalErrorTotal.WithLabelValues(fmt.Sprintf("%d", rrc.datasourceId)).Inc()
 		return
 	}

 	if len(warnings) > 0 {
 		logger.Errorf("eval:%s promql:%s, warnings:%v", rrc.Key(), promql, warnings)
+		rrc.stats.CounterRecordEvalErrorTotal.WithLabelValues(fmt.Sprintf("%d", rrc.datasourceId)).Inc()
 		return
 	}

 	ts := ConvertToTimeSeries(value, rrc.rule)
 	if len(ts) != 0 {
-		rrc.promClients.GetWriterCli(rrc.datasourceId).Write(ts)
+		err := rrc.promClients.GetWriterCli(rrc.datasourceId).Write(ts)
+		if err != nil {
+			logger.Errorf("eval:%s promql:%s, error:%v", rrc.Key(), promql, err)
+			rrc.stats.CounterRecordEvalErrorTotal.WithLabelValues(fmt.Sprintf("%d", rrc.datasourceId)).Inc()
+		}
 	}
 }

 func (rrc *RecordRuleContext) Stop() {
 	logger.Infof("%s stopped", rrc.Key())
+
+	c := rrc.scheduler.Stop()
+	<-c.Done()
 	close(rrc.quit)
 }
--- a/alert/record/sample.go
+++ b/alert/record/sample.go
@@ -15,7 +15,7 @@ const (
 	LabelName = "__name__"
 )

-func ConvertToTimeSeries(value model.Value, rule *models.RecordingRule) (lst []*prompb.TimeSeries) {
+func ConvertToTimeSeries(value model.Value, rule *models.RecordingRule) (lst []prompb.TimeSeries) {
 	switch value.Type() {
 	case model.ValVector:
 		items, ok := value.(model.Vector)
@@ -31,7 +31,7 @@ func ConvertToTimeSeries(value model.Value, rule *models.RecordingRule) (lst []*
 			s.Timestamp = time.Unix(item.Timestamp.Unix(), 0).UnixNano() / 1e6
 			s.Value = float64(item.Value)
 			l := labelsToLabelsProto(item.Metric, rule)
-			lst = append(lst, &prompb.TimeSeries{
+			lst = append(lst, prompb.TimeSeries{
 				Labels:  l,
 				Samples: []prompb.Sample{s},
 			})
@@ -63,7 +63,7 @@ func ConvertToTimeSeries(value model.Value, rule *models.RecordingRule) (lst []*
 					Value:     float64(v.Value),
 				})
 			}
-			lst = append(lst, &prompb.TimeSeries{
+			lst = append(lst, prompb.TimeSeries{
 				Labels:  l,
 				Samples: slst,
 			})
@@ -78,7 +78,7 @@ func ConvertToTimeSeries(value model.Value, rule *models.RecordingRule) (lst []*
 			return
 		}

-		lst = append(lst, &prompb.TimeSeries{
+		lst = append(lst, prompb.TimeSeries{
 			Labels:  nil,
 			Samples: []prompb.Sample{{Value: float64(item.Value), Timestamp: time.Unix(item.Timestamp.Unix(), 0).UnixNano() / 1e6}},
 		})
@@ -89,9 +89,9 @@ func ConvertToTimeSeries(value model.Value, rule *models.RecordingRule) (lst []*
 	return
 }

-func labelsToLabelsProto(labels model.Metric, rule *models.RecordingRule) (result []*prompb.Label) {
+func labelsToLabelsProto(labels model.Metric, rule *models.RecordingRule) (result []prompb.Label) {
 	//name
-	nameLs := &prompb.Label{
+	nameLs := prompb.Label{
 		Name:  LabelName,
 		Value: rule.Name,
 	}
@@ -101,7 +101,7 @@ func labelsToLabelsProto(labels model.Metric, rule *models.RecordingRule) (resul
 			continue
 		}
 		if model.LabelNameRE.MatchString(string(k)) {
-			result = append(result, &prompb.Label{
+			result = append(result, prompb.Label{
 				Name:  string(k),
 				Value: string(v),
 			})
@@ -111,7 +111,7 @@ func labelsToLabelsProto(labels model.Metric, rule *models.RecordingRule) (resul
 		for _, v := range rule.AppendTagsJSON {
 			index := strings.Index(v, "=")
 			if model.LabelNameRE.MatchString(v[:index]) {
-				result = append(result, &prompb.Label{
+				result = append(result, prompb.Label{
 					Name:  v[:index],
 					Value: v[index+1:],
 				})
--- a/alert/record/scheduler.go
+++ b/alert/record/scheduler.go
@@ -3,6 +3,7 @@ package record
 import (
 	"context"
 	"fmt"
+	"strconv"
 	"time"

 	"github.com/ccfos/nightingale/v6/alert/aconf"
@@ -25,9 +26,11 @@ type Scheduler struct {
 	writers     *writer.WritersType

 	stats *astats.Stats
+
+	datasourceCache *memsto.DatasourceCacheType
 }

-func NewScheduler(aconf aconf.Alert, rrc *memsto.RecordingRuleCacheType, promClients *prom.PromClientMap, writers *writer.WritersType, stats *astats.Stats) *Scheduler {
+func NewScheduler(aconf aconf.Alert, rrc *memsto.RecordingRuleCacheType, promClients *prom.PromClientMap, writers *writer.WritersType, stats *astats.Stats, datasourceCache *memsto.DatasourceCacheType) *Scheduler {
 	scheduler := &Scheduler{
 		aconf:       aconf,
 		recordRules: make(map[string]*RecordRuleContext),
@@ -38,6 +41,8 @@ func NewScheduler(aconf aconf.Alert, rrc *memsto.RecordingRuleCacheType, promCli
 		writers:     writers,

 		stats: stats,
+
+		datasourceCache: datasourceCache,
 	}

 	go scheduler.LoopSyncRules(context.Background())
@@ -66,13 +71,13 @@ func (s *Scheduler) syncRecordRules() {
 			continue
 		}

-		datasourceIds := s.promClients.Hit(rule.DatasourceIdsJson)
+		datasourceIds := s.datasourceCache.GetIDsByDsCateAndQueries("prometheus", rule.DatasourceQueries)
 		for _, dsId := range datasourceIds {
-			if !naming.DatasourceHashRing.IsHit(dsId, fmt.Sprintf("%d", rule.Id), s.aconf.Heartbeat.Endpoint) {
+			if !naming.DatasourceHashRing.IsHit(strconv.FormatInt(dsId, 10), fmt.Sprintf("%d", rule.Id), s.aconf.Heartbeat.Endpoint) {
 				continue
 			}

-			recordRule := NewRecordRuleContext(rule, dsId, s.promClients, s.writers)
+			recordRule := NewRecordRuleContext(rule, dsId, s.promClients, s.writers, s.stats)
 			recordRules[recordRule.Hash()] = recordRule
 		}
 	}
--- a/alert/router/router.go
+++ b/alert/router/router.go
@@ -39,15 +39,16 @@ func New(httpConfig httpx.Config, alert aconf.Alert, amc *memsto.AlertMuteCacheT
 }

 func (rt *Router) Config(r *gin.Engine) {
-	if !rt.HTTP.Alert.Enable {
+	if !rt.HTTP.APIForService.Enable {
 		return
 	}

 	service := r.Group("/v1/n9e")
-	if len(rt.HTTP.Alert.BasicAuth) > 0 {
-		service.Use(gin.BasicAuth(rt.HTTP.Alert.BasicAuth))
+	if len(rt.HTTP.APIForService.BasicAuth) > 0 {
+		service.Use(gin.BasicAuth(rt.HTTP.APIForService.BasicAuth))
 	}
 	service.POST("/event", rt.pushEventToQueue)
+	service.POST("/event-persist", rt.eventPersist)
 	service.POST("/make-event", rt.makeEvent)
 }

--- a/alert/router/router_event.go
+++ b/alert/router/router_event.go
@@ -2,10 +2,10 @@ package router

 import (
 	"fmt"
+	"strconv"
 	"strings"
 	"time"

-	"github.com/ccfos/nightingale/v6/alert/common"
 	"github.com/ccfos/nightingale/v6/alert/dispatch"
 	"github.com/ccfos/nightingale/v6/alert/mute"
 	"github.com/ccfos/nightingale/v6/alert/naming"
@@ -33,15 +33,15 @@ func (rt *Router) pushEventToQueue(c *gin.Context) {
 			continue
 		}

-		arr := strings.Split(pair, "=")
+		arr := strings.SplitN(pair, "=", 2)
 		if len(arr) != 2 {
 			continue
 		}

 		event.TagsMap[arr[0]] = arr[1]
 	}
-
-	if mute.EventMuteStrategy(event, rt.AlertMuteCache) {
+	hit, _ :=  mute.EventMuteStrategy(event, rt.AlertMuteCache)
+	if hit {
 		logger.Infof("event_muted: rule_id=%d %s", event.RuleId, event.Hash)
 		ginx.NewRender(c).Message(nil)
 		return
@@ -72,8 +72,6 @@ func (rt *Router) pushEventToQueue(c *gin.Context) {
 	event.NotifyChannels = strings.Join(event.NotifyChannelsJSON, " ")
 	event.NotifyGroups = strings.Join(event.NotifyGroupsJSON, " ")

-	rt.AlertStats.CounterAlertsTotal.WithLabelValues(event.Cluster).Inc()
-
 	dispatch.LogEvent(event, "http_push_queue")
 	if !queue.EventQueue.PushFront(event) {
 		msg := fmt.Sprintf("event:%+v push_queue err: queue is full", event)
@@ -83,9 +81,17 @@ func (rt *Router) pushEventToQueue(c *gin.Context) {
 	ginx.NewRender(c).Message(nil)
 }

+func (rt *Router) eventPersist(c *gin.Context) {
+	var event *models.AlertCurEvent
+	ginx.BindJSON(c, &event)
+	event.FE2DB()
+	err := models.EventPersist(rt.Ctx, event)
+	ginx.NewRender(c).Data(event.Id, err)
+}
+
 type eventForm struct {
 	Alert         bool                  `json:"alert"`
-	AnomalyPoints []common.AnomalyPoint `json:"vectors"`
+	AnomalyPoints []models.AnomalyPoint `json:"vectors"`
 	RuleId        int64                 `json:"rule_id"`
 	DatasourceId  int64                 `json:"datasource_id"`
 	Inhibit       bool                  `json:"inhibit"`
@@ -96,7 +102,7 @@ func (rt *Router) makeEvent(c *gin.Context) {
 	ginx.BindJSON(c, &events)
 	//now := time.Now().Unix()
 	for i := 0; i < len(events); i++ {
-		node, err := naming.DatasourceHashRing.GetNode(events[i].DatasourceId, fmt.Sprintf("%d", events[i].RuleId))
+		node, err := naming.DatasourceHashRing.GetNode(strconv.FormatInt(events[i].DatasourceId, 10), fmt.Sprintf("%d", events[i].RuleId))
 		if err != nil {
 			logger.Warningf("event:%+v get node err:%v", events[i], err)
 			ginx.Bomb(200, "event node not exists")
@@ -122,7 +128,7 @@ func (rt *Router) makeEvent(c *gin.Context) {
 		} else {
 			for _, vector := range events[i].AnomalyPoints {
 				readableString := vector.ReadableValue()
-				go ruleWorker.RecoverSingle(process.Hash(events[i].RuleId, events[i].DatasourceId, vector), vector.Timestamp, &readableString)
+				go ruleWorker.RecoverSingle(false, process.Hash(events[i].RuleId, events[i].DatasourceId, vector), vector.Timestamp, &readableString)
 			}
 		}
 	}
--- a/alert/sender/callback.go
+++ b/alert/sender/callback.go
@@ -1,58 +1,185 @@
 package sender

 import (
-	"strconv"
+	"fmt"
+	"html/template"
+	"net/url"
 	"strings"
 	"time"

-	"github.com/ccfos/nightingale/v6/alert/aconf"
+	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/models"
 	"github.com/ccfos/nightingale/v6/pkg/ctx"
-	"github.com/ccfos/nightingale/v6/pkg/ibex"
 	"github.com/ccfos/nightingale/v6/pkg/poster"

 	"github.com/toolkits/pkg/logger"
 )

-func SendCallbacks(ctx *ctx.Context, urls []string, event *models.AlertCurEvent, targetCache *memsto.TargetCacheType, ibexConf aconf.Ibex) {
-	for _, url := range urls {
-		if url == "" {
-			continue
-		}
+type (
+	// CallBacker 进行回调的接口
+	CallBacker interface {
+		CallBack(ctx CallBackContext)
+	}

-		if strings.HasPrefix(url, "${ibex}") {
-			if !event.IsRecovered {
-				handleIbex(ctx, url, event, targetCache, ibexConf)
-			}
-			continue
-		}
+	// CallBackContext 回调时所需的上下文
+	CallBackContext struct {
+		Ctx         *ctx.Context
+		CallBackURL string
+		Users       []*models.User
+		Rule        *models.AlertRule
+		Events      []*models.AlertCurEvent
+		Stats       *astats.Stats
+		BatchSend   bool
+	}

-		if !(strings.HasPrefix(url, "http://") || strings.HasPrefix(url, "https://")) {
-			url = "http://" + url
-		}
+	DefaultCallBacker struct{}
+)

-		resp, code, err := poster.PostJSON(url, 5*time.Second, event, 3)
-		if err != nil {
-			logger.Errorf("event_callback(rule_id=%d url=%s) fail, resp: %s, err: %v, code: %d", event.RuleId, url, string(resp), err, code)
-		} else {
-			logger.Infof("event_callback(rule_id=%d url=%s) succ, resp: %s, code: %d", event.RuleId, url, string(resp), code)
-		}
+func BuildCallBackContext(ctx *ctx.Context, callBackURL string, rule *models.AlertRule, events []*models.AlertCurEvent,
+	uids []int64, userCache *memsto.UserCacheType, batchSend bool, stats *astats.Stats) CallBackContext {
+	users := userCache.GetByUserIds(uids)
+
+	newCallBackUrl, _ := events[0].ParseURL(callBackURL)
+	return CallBackContext{
+		Ctx:         ctx,
+		CallBackURL: newCallBackUrl,
+		Rule:        rule,
+		Events:      events,
+		Users:       users,
+		BatchSend:   batchSend,
+		Stats:       stats,
 	}
 }

-type TaskForm struct {
-	Title     string   `json:"title"`
-	Account   string   `json:"account"`
-	Batch     int      `json:"batch"`
-	Tolerance int      `json:"tolerance"`
-	Timeout   int      `json:"timeout"`
-	Pause     string   `json:"pause"`
-	Script    string   `json:"script"`
-	Args      string   `json:"args"`
-	Action    string   `json:"action"`
-	Creator   string   `json:"creator"`
-	Hosts     []string `json:"hosts"`
+func ExtractAtsParams(rawURL string) []string {
+	ans := make([]string, 0, 1)
+	parsedURL, err := url.Parse(rawURL)
+	if err != nil {
+		logger.Errorf("ExtractAtsParams(url=%s), err: %v", rawURL, err)
+		return ans
+	}
+
+	queryParams := parsedURL.Query()
+	atParam := queryParams.Get("ats")
+	if atParam == "" {
+		return ans
+	}
+
+	// Split the atParam by comma and return the result as a slice
+	return strings.Split(atParam, ",")
+}
+
+func NewCallBacker(
+	key string,
+	targetCache *memsto.TargetCacheType,
+	userCache *memsto.UserCacheType,
+	taskTplCache *memsto.TaskTplCache,
+	tpls map[string]*template.Template,
+) CallBacker {
+
+	switch key {
+	case models.IbexDomain: // Distribute to Ibex
+		return &IbexCallBacker{
+			targetCache:  targetCache,
+			userCache:    userCache,
+			taskTplCache: taskTplCache,
+		}
+	case models.DefaultDomain: // default callback
+		return &DefaultCallBacker{}
+	case models.DingtalkDomain:
+		return &DingtalkSender{tpl: tpls[models.Dingtalk]}
+	case models.WecomDomain:
+		return &WecomSender{tpl: tpls[models.Wecom]}
+	case models.FeishuDomain:
+		return &FeishuSender{tpl: tpls[models.Feishu]}
+	case models.FeishuCardDomain:
+		return &FeishuCardSender{tpl: tpls[models.FeishuCard]}
+	//case models.Mm:
+	//	return &MmSender{tpl: tpls[models.Mm]}
+	case models.TelegramDomain:
+		return &TelegramSender{tpl: tpls[models.Telegram]}
+	case models.LarkDomain:
+		return &LarkSender{tpl: tpls[models.Lark]}
+	case models.LarkCardDomain:
+		return &LarkCardSender{tpl: tpls[models.LarkCard]}
+	}
+
+	return nil
+}
+
+func (c *DefaultCallBacker) CallBack(ctx CallBackContext) {
+	if len(ctx.CallBackURL) == 0 || len(ctx.Events) == 0 {
+		return
+	}
+
+	event := ctx.Events[0]
+
+	if ctx.BatchSend {
+		webhookConf := &models.Webhook{
+			Type:          models.RuleCallback,
+			Enable:        true,
+			Url:           ctx.CallBackURL,
+			Timeout:       5,
+			RetryCount:    3,
+			RetryInterval: 10,
+			Batch:         1000,
+		}
+
+		PushCallbackEvent(ctx.Ctx, webhookConf, event, ctx.Stats)
+		return
+	}
+
+	doSendAndRecord(ctx.Ctx, ctx.CallBackURL, ctx.CallBackURL, event, "callback", ctx.Stats, ctx.Events)
+}
+
+func doSendAndRecord(ctx *ctx.Context, url, token string, body interface{}, channel string,
+	stats *astats.Stats, events []*models.AlertCurEvent) {
+	start := time.Now()
+	res, err := doSend(url, body, channel, stats)
+	res = fmt.Sprintf("duration: %d ms %s", time.Since(start).Milliseconds(), res)
+	NotifyRecord(ctx, events, 0, channel, token, res, err)
+}
+
+func NotifyRecord(ctx *ctx.Context, evts []*models.AlertCurEvent, notifyRuleID int64, channel, target, res string, err error) {
+	// 一个通知可能对应多个 event，都需要记录
+	notis := make([]*models.NotificaitonRecord, 0, len(evts))
+	for _, evt := range evts {
+		noti := models.NewNotificationRecord(evt, notifyRuleID, channel, target)
+		if err != nil {
+			noti.SetStatus(models.NotiStatusFailure)
+			noti.SetDetails(err.Error())
+		} else if res != "" {
+			noti.SetDetails(string(res))
+		}
+		notis = append(notis, noti)
+	}
+
+	if !ctx.IsCenter {
+		err := poster.PostByUrls(ctx, "/v1/n9e/notify-record", notis)
+		if err != nil {
+			logger.Errorf("add notis:%v failed, err: %v", notis, err)
+		}
+		return
+	}
+
+	PushNotifyRecords(notis)
+}
+
+func doSend(url string, body interface{}, channel string, stats *astats.Stats) (string, error) {
+	stats.AlertNotifyTotal.WithLabelValues(channel).Inc()
+
+	start := time.Now()
+	res, code, err := poster.PostJSON(url, time.Second*5, body, 3)
+	res = []byte(fmt.Sprintf("duration: %d ms %s", time.Since(start).Milliseconds(), res))
+	if err != nil {
+		logger.Errorf("%s_sender: result=fail url=%s code=%d error=%v req:%v response=%s", channel, url, code, err, body, string(res))
+		stats.AlertNotifyErrorTotal.WithLabelValues(channel).Inc()
+		return "", err
+	}
+
+	logger.Infof("%s_sender: result=succ url=%s code=%d req:%v response=%s", channel, url, code, body, string(res))
+	return string(res), nil
 }

 type TaskCreateReply struct {
@@ -60,136 +187,26 @@ type TaskCreateReply struct {
 	Dat int64  `json:"dat"` // task.id
 }

-func handleIbex(ctx *ctx.Context, url string, event *models.AlertCurEvent, targetCache *memsto.TargetCacheType, ibexConf aconf.Ibex) {
-	arr := strings.Split(url, "/")
+func PushCallbackEvent(ctx *ctx.Context, webhook *models.Webhook, event *models.AlertCurEvent, stats *astats.Stats) {
+	CallbackEventQueueLock.RLock()
+	queue := CallbackEventQueue[webhook.Url]
+	CallbackEventQueueLock.RUnlock()

-	var idstr string
-	var host string
+	if queue == nil {
+		queue = &WebhookQueue{
+			eventQueue: NewSafeEventQueue(QueueMaxSize),
+			closeCh:    make(chan struct{}),
+		}

-	if len(arr) > 1 {
-		idstr = arr[1]
+		CallbackEventQueueLock.Lock()
+		CallbackEventQueue[webhook.Url] = queue
+		CallbackEventQueueLock.Unlock()
+
+		StartConsumer(ctx, queue, webhook.Batch, webhook, stats)
 	}

-	if len(arr) > 2 {
-		host = arr[2]
-	}
-
-	id, err := strconv.ParseInt(idstr, 10, 64)
-	if err != nil {
-		logger.Errorf("event_callback_ibex: failed to parse url: %s", url)
-		return
-	}
-
-	if host == "" {
-		// 用户在callback url中没有传入host，就从event中解析
-		host = event.TargetIdent
-	}
-
-	if host == "" {
-		logger.Error("event_callback_ibex: failed to get host")
-		return
-	}
-
-	tpl, err := models.TaskTplGet(ctx, "id = ?", id)
-	if err != nil {
-		logger.Errorf("event_callback_ibex: failed to get tpl: %v", err)
-		return
-	}
-
-	if tpl == nil {
-		logger.Errorf("event_callback_ibex: no such tpl(%d)", id)
-		return
-	}
-
-	// check perm
-	// tpl.GroupId - host - account 三元组校验权限
-	can, err := canDoIbex(ctx, tpl.UpdateBy, tpl, host, targetCache)
-	if err != nil {
-		logger.Errorf("event_callback_ibex: check perm fail: %v", err)
-		return
-	}
-
-	if !can {
-		logger.Errorf("event_callback_ibex: user(%s) no permission", tpl.UpdateBy)
-		return
-	}
-
-	// call ibex
-	in := TaskForm{
-		Title:     tpl.Title + " FH: " + host,
-		Account:   tpl.Account,
-		Batch:     tpl.Batch,
-		Tolerance: tpl.Tolerance,
-		Timeout:   tpl.Timeout,
-		Pause:     tpl.Pause,
-		Script:    tpl.Script,
-		Args:      tpl.Args,
-		Action:    "start",
-		Creator:   tpl.UpdateBy,
-		Hosts:     []string{host},
-	}
-
-	var res TaskCreateReply
-	err = ibex.New(
-		ibexConf.Address,
-		ibexConf.BasicAuthUser,
-		ibexConf.BasicAuthPass,
-		ibexConf.Timeout,
-	).
-		Path("/ibex/v1/tasks").
-		In(in).
-		Out(&res).
-		POST()
-
-	if err != nil {
-		logger.Errorf("event_callback_ibex: call ibex fail: %v", err)
-		return
-	}
-
-	if res.Err != "" {
-		logger.Errorf("event_callback_ibex: call ibex response error: %v", res.Err)
-		return
-	}
-
-	// write db
-	record := models.TaskRecord{
-		Id:           res.Dat,
-		EventId:      event.Id,
-		GroupId:      tpl.GroupId,
-		IbexAddress:  ibexConf.Address,
-		IbexAuthUser: ibexConf.BasicAuthUser,
-		IbexAuthPass: ibexConf.BasicAuthPass,
-		Title:        in.Title,
-		Account:      in.Account,
-		Batch:        in.Batch,
-		Tolerance:    in.Tolerance,
-		Timeout:      in.Timeout,
-		Pause:        in.Pause,
-		Script:       in.Script,
-		Args:         in.Args,
-		CreateAt:     time.Now().Unix(),
-		CreateBy:     in.Creator,
-	}
-
-	if err = record.Add(ctx); err != nil {
-		logger.Errorf("event_callback_ibex: persist task_record fail: %v", err)
+	succ := queue.eventQueue.Push(event)
+	if !succ {
+		logger.Warningf("Write channel(%s) full, current channel size: %d event:%v", webhook.Url, queue.eventQueue.Len(), event)
 	}
 }
-
-func canDoIbex(ctx *ctx.Context, username string, tpl *models.TaskTpl, host string, targetCache *memsto.TargetCacheType) (bool, error) {
-	user, err := models.UserGetByUsername(ctx, username)
-	if err != nil {
-		return false, err
-	}
-
-	if user != nil && user.IsAdmin() {
-		return true, nil
-	}
-
-	target, has := targetCache.Get(host)
-	if !has {
-		return false, nil
-	}
-
-	return target.GroupId == tpl.GroupId, nil
-}
--- a/alert/sender/dingtalk.go
+++ b/alert/sender/dingtalk.go
@@ -3,12 +3,8 @@ package sender
 import (
 	"html/template"
 	"strings"
-	"time"

 	"github.com/ccfos/nightingale/v6/models"
-	"github.com/ccfos/nightingale/v6/pkg/poster"
-
-	"github.com/toolkits/pkg/logger"
 )

 type dingtalkMarkdown struct {
@@ -27,29 +23,33 @@ type dingtalk struct {
 	At       dingtalkAt       `json:"at"`
 }

+var (
+	_ CallBacker = (*DingtalkSender)(nil)
+)
+
 type DingtalkSender struct {
 	tpl *template.Template
 }

 func (ds *DingtalkSender) Send(ctx MessageContext) {
-	if len(ctx.Users) == 0 || ctx.Rule == nil || ctx.Event == nil {
+	if len(ctx.Users) == 0 || len(ctx.Events) == 0 {
 		return
 	}

-	urls, ats := ds.extract(ctx.Users)
+	urls, ats, tokens := ds.extract(ctx.Users)
 	if len(urls) == 0 {
 		return
 	}
-	message := BuildTplMessage(ds.tpl, ctx.Event)
+	message := BuildTplMessage(models.Dingtalk, ds.tpl, ctx.Events)

-	for _, url := range urls {
+	for i, url := range urls {
 		var body dingtalk
 		// NoAt in url
 		if strings.Contains(url, "noat=1") {
 			body = dingtalk{
 				Msgtype: "markdown",
 				Markdown: dingtalkMarkdown{
-					Title: ctx.Event.RuleName,
+					Title: ctx.Events[0].RuleName,
 					Text:  message,
 				},
 			}
@@ -57,7 +57,7 @@ func (ds *DingtalkSender) Send(ctx MessageContext) {
 			body = dingtalk{
 				Msgtype: "markdown",
 				Markdown: dingtalkMarkdown{
-					Title: ctx.Event.RuleName,
+					Title: ctx.Events[0].RuleName,
 					Text:  message + "\n" + strings.Join(ats, " "),
 				},
 				At: dingtalkAt{
@@ -66,14 +66,45 @@ func (ds *DingtalkSender) Send(ctx MessageContext) {
 				},
 			}
 		}
-		ds.doSend(url, body)
+
+		doSendAndRecord(ctx.Ctx, url, tokens[i], body, models.Dingtalk, ctx.Stats, ctx.Events)
 	}
 }

+func (ds *DingtalkSender) CallBack(ctx CallBackContext) {
+	if len(ctx.Events) == 0 || len(ctx.CallBackURL) == 0 {
+		return
+	}
+
+	body := dingtalk{
+		Msgtype: "markdown",
+		Markdown: dingtalkMarkdown{
+			Title: ctx.Events[0].RuleName,
+		},
+	}
+
+	ats := ExtractAtsParams(ctx.CallBackURL)
+	message := BuildTplMessage(models.Dingtalk, ds.tpl, ctx.Events)
+
+	if len(ats) > 0 {
+		body.Markdown.Text = message + "\n@" + strings.Join(ats, "@")
+		body.At = dingtalkAt{
+			AtMobiles: ats,
+			IsAtAll:   false,
+		}
+	} else {
+		// NoAt in url
+		body.Markdown.Text = message
+	}
+
+	doSendAndRecord(ctx.Ctx, ctx.CallBackURL, ctx.CallBackURL, body, "callback", ctx.Stats, ctx.Events)
+}
+
 // extract urls and ats from Users
-func (ds *DingtalkSender) extract(users []*models.User) ([]string, []string) {
+func (ds *DingtalkSender) extract(users []*models.User) ([]string, []string, []string) {
 	urls := make([]string, 0, len(users))
 	ats := make([]string, 0, len(users))
+	tokens := make([]string, 0, len(users))

 	for _, user := range users {
 		if user.Phone != "" {
@@ -81,20 +112,12 @@ func (ds *DingtalkSender) extract(users []*models.User) ([]string, []string) {
 		}
 		if token, has := user.ExtractToken(models.Dingtalk); has {
 			url := token
-			if !strings.HasPrefix(token, "https://") {
+			if !strings.HasPrefix(token, "https://") && !strings.HasPrefix(token, "http://") {
 				url = "https://oapi.dingtalk.com/robot/send?access_token=" + token
 			}
 			urls = append(urls, url)
+			tokens = append(tokens, token)
 		}
 	}
-	return urls, ats
-}
-
-func (ds *DingtalkSender) doSend(url string, body dingtalk) {
-	res, code, err := poster.PostJSON(url, time.Second*5, body, 3)
-	if err != nil {
-		logger.Errorf("dingtalk_sender: result=fail url=%s code=%d error=%v response=%s", url, code, err, string(res))
-	} else {
-		logger.Infof("dingtalk_sender: result=succ url=%s code=%d response=%s", url, code, string(res))
-	}
+	return urls, ats, tokens
 }
--- a/alert/sender/email.go
+++ b/alert/sender/email.go
@@ -2,18 +2,21 @@ package sender

 import (
 	"crypto/tls"
+	"errors"
 	"html/template"
 	"time"

 	"github.com/ccfos/nightingale/v6/alert/aconf"
+	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"

 	"github.com/toolkits/pkg/logger"

 	"gopkg.in/gomail.v2"
 )

-var mailch chan *gomail.Message
+var mailch chan *EmailContext

 type EmailSender struct {
 	subjectTpl *template.Template
@@ -21,20 +24,27 @@ type EmailSender struct {
 	smtp       aconf.SMTPConfig
 }

+type EmailContext struct {
+	events []*models.AlertCurEvent
+	mail   *gomail.Message
+}
+
 func (es *EmailSender) Send(ctx MessageContext) {
-	if len(ctx.Users) == 0 || ctx.Rule == nil || ctx.Event == nil {
+	if len(ctx.Users) == 0 || len(ctx.Events) == 0 {
 		return
 	}
 	tos := extract(ctx.Users)
 	var subject string

 	if es.subjectTpl != nil {
-		subject = BuildTplMessage(es.subjectTpl, ctx.Event)
+		subject = BuildTplMessage(models.Email, es.subjectTpl, []*models.AlertCurEvent{ctx.Events[0]})
 	} else {
-		subject = ctx.Event.RuleName
+		subject = ctx.Events[0].RuleName
 	}
-	content := BuildTplMessage(es.contentTpl, ctx.Event)
-	es.WriteEmail(subject, content, tos)
+	content := BuildTplMessage(models.Email, es.contentTpl, ctx.Events)
+	es.WriteEmail(subject, content, tos, ctx.Events)
+
+	ctx.Stats.AlertNotifyTotal.WithLabelValues(models.Email).Add(float64(len(tos)))
 }

 func extract(users []*models.User) []string {
@@ -47,7 +57,7 @@ func extract(users []*models.User) []string {
 	return tos
 }

-func (es *EmailSender) SendEmail(subject, content string, tos []string, stmp aconf.SMTPConfig) {
+func SendEmail(subject, content string, tos []string, stmp aconf.SMTPConfig) error {
 	conf := stmp

 	d := gomail.NewDialer(conf.Host, conf.Port, conf.User, conf.Pass)
@@ -64,11 +74,12 @@ func (es *EmailSender) SendEmail(subject, content string, tos []string, stmp aco

 	err := d.DialAndSend(m)
 	if err != nil {
-		logger.Errorf("email_sender: failed to send: %v", err)
+		return errors.New("email_sender: failed to send: " + err.Error())
 	}
+	return nil
 }

-func (es *EmailSender) WriteEmail(subject, content string, tos []string) {
+func (es *EmailSender) WriteEmail(subject, content string, tos []string, events []*models.AlertCurEvent) {
 	m := gomail.NewMessage()

 	m.SetHeader("From", es.smtp.From)
@@ -76,39 +87,65 @@ func (es *EmailSender) WriteEmail(subject, content string, tos []string) {
 	m.SetHeader("Subject", subject)
 	m.SetBody("text/html", content)

-	mailch <- m
+	mailch <- &EmailContext{events, m}
 }

 func dialSmtp(d *gomail.Dialer) gomail.SendCloser {
 	for {
-		if s, err := d.Dial(); err != nil {
-			logger.Errorf("email_sender: failed to dial smtp: %s", err)
+		select {
+		case <-mailQuit:
+			// Note that Sendcloser is not obtained below,
+			// and the outgoing signal (with configuration changes) exits the current dial
+			return nil
+		default:
+			if s, err := d.Dial(); err != nil {
+				logger.Errorf("email_sender: failed to dial smtp: %s", err)
+			} else {
+				return s
+			}
 			time.Sleep(time.Second)
-			continue
-		} else {
-			return s
 		}
 	}
 }

 var mailQuit = make(chan struct{})

-func RestartEmailSender(smtp aconf.SMTPConfig) {
-	close(mailQuit)
-	mailQuit = make(chan struct{})
-	StartEmailSender(smtp)
+func RestartEmailSender(ctx *ctx.Context, smtp aconf.SMTPConfig) {
+	// Notify internal start exit
+	mailQuit <- struct{}{}
+	startEmailSender(ctx, smtp)
 }

-func StartEmailSender(smtp aconf.SMTPConfig) {
-	mailch = make(chan *gomail.Message, 100000)
+var smtpConfig aconf.SMTPConfig

+func InitEmailSender(ctx *ctx.Context, ncc *memsto.NotifyConfigCacheType) {
+	mailch = make(chan *EmailContext, 100000)
+	go updateSmtp(ctx, ncc)
+	smtpConfig = ncc.GetSMTP()
+	go startEmailSender(ctx, smtpConfig)
+}
+
+func updateSmtp(ctx *ctx.Context, ncc *memsto.NotifyConfigCacheType) {
+	for {
+		time.Sleep(1 * time.Minute)
+		smtp := ncc.GetSMTP()
+		if smtpConfig.Host != smtp.Host || smtpConfig.Batch != smtp.Batch || smtpConfig.From != smtp.From ||
+			smtpConfig.Pass != smtp.Pass || smtpConfig.User != smtp.User || smtpConfig.Port != smtp.Port ||
+			smtpConfig.InsecureSkipVerify != smtp.InsecureSkipVerify { //diff
+			smtpConfig = smtp
+			RestartEmailSender(ctx, smtp)
+		}
+	}
+}
+
+func startEmailSender(ctx *ctx.Context, smtp aconf.SMTPConfig) {
 	conf := smtp
-
 	if conf.Host == "" || conf.Port == 0 {
 		logger.Warning("SMTP configurations invalid")
+		<-mailQuit
 		return
 	}
-	logger.Infof("start email sender... %+v", conf)
+	logger.Infof("start email sender... conf.Host:%+v,conf.Port:%+v", conf.Host, conf.Port)

 	d := gomail.NewDialer(conf.Host, conf.Port, conf.User, conf.Pass)
 	if conf.InsecureSkipVerify {
@@ -129,9 +166,16 @@ func StartEmailSender(smtp aconf.SMTPConfig) {

 			if !open {
 				s = dialSmtp(d)
+				if s == nil {
+					// Indicates that the dialing failed and exited the current goroutine directly,
+					// but put the Message back in the mailch
+					mailch <- m
+					return
+				}
 				open = true
 			}
-			if err := gomail.Send(s, m); err != nil {
+			var err error
+			if err = gomail.Send(s, m.mail); err != nil {
 				logger.Errorf("email_sender: failed to send: %s", err)

 				// close and retry
@@ -140,13 +184,28 @@ func StartEmailSender(smtp aconf.SMTPConfig) {
 				}

 				s = dialSmtp(d)
+				if s == nil {
+					// Indicates that the dialing failed and exited the current goroutine directly,
+					// but put the Message back in the mailch
+					mailch <- m
+					return
+				}
 				open = true

-				if err := gomail.Send(s, m); err != nil {
+				if err = gomail.Send(s, m.mail); err != nil {
 					logger.Errorf("email_sender: failed to retry send: %s", err)
 				}
 			} else {
-				logger.Infof("email_sender: result=succ subject=%v to=%v", m.GetHeader("Subject"), m.GetHeader("To"))
+				logger.Infof("email_sender: result=succ subject=%v to=%v",
+					m.mail.GetHeader("Subject"), m.mail.GetHeader("To"))
+			}
+
+			for _, to := range m.mail.GetHeader("To") {
+				msg := ""
+				if err == nil {
+					msg = "ok"
+				}
+				NotifyRecord(ctx, m.events, 0, models.Email, to, msg, err)
 			}

 			size++
--- a/alert/sender/feishu.go
+++ b/alert/sender/feishu.go
@@ -1,14 +1,11 @@
 package sender

 import (
+	"fmt"
 	"html/template"
 	"strings"
-	"time"

 	"github.com/ccfos/nightingale/v6/models"
-	"github.com/ccfos/nightingale/v6/pkg/poster"
-
-	"github.com/toolkits/pkg/logger"
 )

 type feishuContent struct {
@@ -26,17 +23,47 @@ type feishu struct {
 	At      feishuAt      `json:"at"`
 }

+var (
+	_ CallBacker = (*FeishuSender)(nil)
+)
+
 type FeishuSender struct {
 	tpl *template.Template
 }

-func (fs *FeishuSender) Send(ctx MessageContext) {
-	if len(ctx.Users) == 0 || ctx.Rule == nil || ctx.Event == nil {
+func (fs *FeishuSender) CallBack(ctx CallBackContext) {
+	if len(ctx.Events) == 0 || len(ctx.CallBackURL) == 0 {
 		return
 	}
-	urls, ats := fs.extract(ctx.Users)
-	message := BuildTplMessage(fs.tpl, ctx.Event)
-	for _, url := range urls {
+
+	ats := ExtractAtsParams(ctx.CallBackURL)
+	message := BuildTplMessage(models.Feishu, fs.tpl, ctx.Events)
+
+	if len(ats) > 0 {
+		atTags := ""
+		for _, at := range ats {
+			atTags += fmt.Sprintf("<at user_id=\"%s\"></at> ", at)
+		}
+		message = atTags + message
+	}
+
+	body := feishu{
+		Msgtype: "text",
+		Content: feishuContent{
+			Text: message,
+		},
+	}
+
+	doSendAndRecord(ctx.Ctx, ctx.CallBackURL, ctx.CallBackURL, body, "callback", ctx.Stats, ctx.Events)
+}
+
+func (fs *FeishuSender) Send(ctx MessageContext) {
+	if len(ctx.Users) == 0 || len(ctx.Events) == 0 {
+		return
+	}
+	urls, ats, tokens := fs.extract(ctx.Users)
+	message := BuildTplMessage(models.Feishu, fs.tpl, ctx.Events)
+	for i, url := range urls {
 		body := feishu{
 			Msgtype: "text",
 			Content: feishuContent{
@@ -49,13 +76,14 @@ func (fs *FeishuSender) Send(ctx MessageContext) {
 				IsAtAll:   false,
 			}
 		}
-		fs.doSend(url, body)
+		doSendAndRecord(ctx.Ctx, url, tokens[i], body, models.Feishu, ctx.Stats, ctx.Events)
 	}
 }

-func (fs *FeishuSender) extract(users []*models.User) ([]string, []string) {
+func (fs *FeishuSender) extract(users []*models.User) ([]string, []string, []string) {
 	urls := make([]string, 0, len(users))
 	ats := make([]string, 0, len(users))
+	tokens := make([]string, 0, len(users))

 	for _, user := range users {
 		if user.Phone != "" {
@@ -63,20 +91,12 @@ func (fs *FeishuSender) extract(users []*models.User) ([]string, []string) {
 		}
 		if token, has := user.ExtractToken(models.Feishu); has {
 			url := token
-			if !strings.HasPrefix(token, "https://") {
+			if !strings.HasPrefix(token, "https://") && !strings.HasPrefix(token, "http://") {
 				url = "https://open.feishu.cn/open-apis/bot/v2/hook/" + token
 			}
 			urls = append(urls, url)
+			tokens = append(tokens, token)
 		}
 	}
-	return urls, ats
-}
-
-func (fs *FeishuSender) doSend(url string, body feishu) {
-	res, code, err := poster.PostJSON(url, time.Second*5, body, 3)
-	if err != nil {
-		logger.Errorf("feishu_sender: result=fail url=%s code=%d error=%v response=%s", url, code, err, string(res))
-	} else {
-		logger.Infof("feishu_sender: result=succ url=%s code=%d response=%s", url, code, string(res))
-	}
+	return urls, ats, tokens
 }
--- a/alert/sender/feishucard.go
+++ b/alert/sender/feishucard.go
@@ -0,0 +1,180 @@
+package sender
+
+import (
+	"fmt"
+	"html/template"
+	"net/url"
+	"strings"
+
+	"github.com/ccfos/nightingale/v6/models"
+)
+
+type Conf struct {
+	WideScreenMode bool `json:"wide_screen_mode"`
+	EnableForward  bool `json:"enable_forward"`
+}
+
+type Te struct {
+	Content string `json:"content"`
+	Tag     string `json:"tag"`
+}
+
+type Element struct {
+	Tag      string    `json:"tag"`
+	Text     Te        `json:"text"`
+	Content  string    `json:"content"`
+	Elements []Element `json:"elements"`
+}
+
+type Titles struct {
+	Content string `json:"content"`
+	Tag     string `json:"tag"`
+}
+
+type Headers struct {
+	Title    Titles `json:"title"`
+	Template string `json:"template"`
+}
+
+type Cards struct {
+	Config   Conf      `json:"config"`
+	Elements []Element `json:"elements"`
+	Header   Headers   `json:"header"`
+}
+
+type feishuCard struct {
+	feishu
+	Card Cards `json:"card"`
+}
+
+type FeishuCardSender struct {
+	tpl *template.Template
+}
+
+const (
+	Recovered = "recovered"
+	Triggered = "triggered"
+)
+
+func createFeishuCardBody() feishuCard {
+	return feishuCard{
+		feishu: feishu{Msgtype: "interactive"},
+		Card: Cards{
+			Config: Conf{
+				WideScreenMode: true,
+				EnableForward:  true,
+			},
+			Header: Headers{
+				Title: Titles{
+					Tag: "plain_text",
+				},
+			},
+			Elements: []Element{
+				{
+					Tag: "div",
+					Text: Te{
+						Tag: "lark_md",
+					},
+				},
+				{
+					Tag: "hr",
+				},
+				{
+					Tag: "note",
+					Elements: []Element{
+						{
+							Tag: "lark_md",
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func (fs *FeishuCardSender) CallBack(ctx CallBackContext) {
+	if len(ctx.Events) == 0 || len(ctx.CallBackURL) == 0 {
+		return
+	}
+
+	ats := ExtractAtsParams(ctx.CallBackURL)
+	message := BuildTplMessage(models.FeishuCard, fs.tpl, ctx.Events)
+
+	if len(ats) > 0 {
+		atTags := ""
+		for _, at := range ats {
+			if strings.Contains(at, "@") {
+				atTags += fmt.Sprintf("<at email=\"%s\" ></at>", at)
+			} else {
+				atTags += fmt.Sprintf("<at id=\"%s\" ></at>", at)
+			}
+		}
+		message = atTags + message
+	}
+
+	color := "red"
+	lowerUnicode := strings.ToLower(message)
+	if strings.Count(lowerUnicode, Recovered) > 0 && strings.Count(lowerUnicode, Triggered) > 0 {
+		color = "orange"
+	} else if strings.Count(lowerUnicode, Recovered) > 0 {
+		color = "green"
+	}
+
+	SendTitle := fmt.Sprintf("🔔 %s", ctx.Events[0].RuleName)
+	body := createFeishuCardBody()
+	body.Card.Header.Title.Content = SendTitle
+	body.Card.Header.Template = color
+	body.Card.Elements[0].Text.Content = message
+	body.Card.Elements[2].Elements[0].Content = SendTitle
+
+	// This is to be compatible with the feishucard interface, if with query string parameters, the request will fail
+	// Remove query parameters from the URL,
+	parsedURL, err := url.Parse(ctx.CallBackURL)
+	if err != nil {
+		return
+	}
+	parsedURL.RawQuery = ""
+
+	doSendAndRecord(ctx.Ctx, parsedURL.String(), parsedURL.String(), body, "callback", ctx.Stats, ctx.Events)
+}
+
+func (fs *FeishuCardSender) Send(ctx MessageContext) {
+	if len(ctx.Users) == 0 || len(ctx.Events) == 0 {
+		return
+	}
+	urls, tokens := fs.extract(ctx.Users)
+	message := BuildTplMessage(models.FeishuCard, fs.tpl, ctx.Events)
+	color := "red"
+	lowerUnicode := strings.ToLower(message)
+	if strings.Count(lowerUnicode, Recovered) > 0 && strings.Count(lowerUnicode, Triggered) > 0 {
+		color = "orange"
+	} else if strings.Count(lowerUnicode, Recovered) > 0 {
+		color = "green"
+	}
+
+	SendTitle := fmt.Sprintf("🔔 %s", ctx.Events[0].RuleName)
+	body := createFeishuCardBody()
+	body.Card.Header.Title.Content = SendTitle
+	body.Card.Header.Template = color
+	body.Card.Elements[0].Text.Content = message
+	body.Card.Elements[2].Elements[0].Content = SendTitle
+	for i, url := range urls {
+		doSendAndRecord(ctx.Ctx, url, tokens[i], body, models.FeishuCard, ctx.Stats, ctx.Events)
+	}
+}
+
+func (fs *FeishuCardSender) extract(users []*models.User) ([]string, []string) {
+	urls := make([]string, 0, len(users))
+	tokens := make([]string, 0, len(users))
+	for i := range users {
+		if token, has := users[i].ExtractToken(models.FeishuCard); has {
+			url := token
+			if !strings.HasPrefix(token, "https://") && !strings.HasPrefix(token, "http://") {
+				url = "https://open.feishu.cn/open-apis/bot/v2/hook/" + strings.TrimSpace(token)
+			}
+			urls = append(urls, url)
+			tokens = append(tokens, token)
+		}
+	}
+	return urls, tokens
+}
--- a/alert/sender/ibex.go
+++ b/alert/sender/ibex.go
@@ -0,0 +1,287 @@
+// @Author: Ciusyan 6/5/24
+
+package sender
+
+import (
+	"encoding/json"
+	"fmt"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/memsto"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	imodels "github.com/flashcatcloud/ibex/src/models"
+	"github.com/flashcatcloud/ibex/src/storage"
+
+	"github.com/toolkits/pkg/logger"
+)
+
+var (
+	_ CallBacker = (*IbexCallBacker)(nil)
+)
+
+type IbexCallBacker struct {
+	targetCache  *memsto.TargetCacheType
+	userCache    *memsto.UserCacheType
+	taskTplCache *memsto.TaskTplCache
+}
+
+func (c *IbexCallBacker) CallBack(ctx CallBackContext) {
+	if len(ctx.CallBackURL) == 0 || len(ctx.Events) == 0 {
+		logger.Warningf("event_callback_ibex: url or events is empty, url: %s, events: %+v", ctx.CallBackURL, ctx.Events)
+		return
+	}
+
+	event := ctx.Events[0]
+
+	if event.IsRecovered {
+		logger.Infof("event_callback_ibex: event is recovered, event: %+v", event)
+		return
+	}
+
+	c.handleIbex(ctx.Ctx, ctx.CallBackURL, event)
+}
+
+func (c *IbexCallBacker) handleIbex(ctx *ctx.Context, url string, event *models.AlertCurEvent) {
+	logger.Infof("event_callback_ibex: url: %s, event: %+v", url, event)
+	if imodels.DB() == nil && ctx.IsCenter {
+		logger.Warningf("event_callback_ibex: db is nil, event: %+v", event)
+		return
+	}
+
+	arr := strings.Split(url, "/")
+
+	var idstr string
+	var host string
+
+	if len(arr) > 1 {
+		idstr = arr[1]
+	}
+
+	if len(arr) > 2 {
+		host = arr[2]
+	}
+
+	id, err := strconv.ParseInt(idstr, 10, 64)
+	if err != nil {
+		logger.Errorf("event_callback_ibex: failed to parse url: %s event: %+v", url, event)
+		return
+	}
+
+	if host == "" {
+		// 用户在callback url中没有传入host，就从event中解析
+		host = event.TargetIdent
+
+		if host == "" {
+			if ident, has := event.TagsMap["ident"]; has {
+				host = ident
+			}
+		}
+	}
+
+	if host == "" {
+		logger.Errorf("event_callback_ibex: failed to get host, id: %d, event: %+v", id, event)
+		return
+	}
+
+	CallIbex(ctx, id, host, c.taskTplCache, c.targetCache, c.userCache, event)
+}
+
+func CallIbex(ctx *ctx.Context, id int64, host string,
+	taskTplCache *memsto.TaskTplCache, targetCache *memsto.TargetCacheType,
+	userCache *memsto.UserCacheType, event *models.AlertCurEvent) {
+	logger.Infof("event_callback_ibex: id: %d, host: %s, event: %+v", id, host, event)
+
+	tpl := taskTplCache.Get(id)
+	if tpl == nil {
+		logger.Errorf("event_callback_ibex: no such tpl(%d), event: %+v", id, event)
+		return
+	}
+	// check perm
+	// tpl.GroupId - host - account 三元组校验权限
+	can, err := canDoIbex(tpl.UpdateBy, tpl, host, targetCache, userCache)
+	if err != nil {
+		logger.Errorf("event_callback_ibex: check perm fail: %v, event: %+v", err, event)
+		return
+	}
+
+	if !can {
+		logger.Errorf("event_callback_ibex: user(%s) no permission, event: %+v", tpl.UpdateBy, event)
+		return
+	}
+
+	tagsMap := make(map[string]string)
+	for i := 0; i < len(event.TagsJSON); i++ {
+		pair := strings.TrimSpace(event.TagsJSON[i])
+		if pair == "" {
+			continue
+		}
+
+		arr := strings.SplitN(pair, "=", 2)
+		if len(arr) != 2 {
+			continue
+		}
+
+		tagsMap[arr[0]] = arr[1]
+	}
+	// 附加告警级别  告警触发值标签
+	tagsMap["alert_severity"] = strconv.Itoa(event.Severity)
+	tagsMap["alert_trigger_value"] = event.TriggerValue
+	tagsMap["is_recovered"] = strconv.FormatBool(event.IsRecovered)
+
+	tags, err := json.Marshal(tagsMap)
+	if err != nil {
+		logger.Errorf("event_callback_ibex: failed to marshal tags to json: %v, event: %+v", tagsMap, event)
+		return
+	}
+
+	// call ibex
+	in := models.TaskForm{
+		Title:          tpl.Title + " FH: " + host,
+		Account:        tpl.Account,
+		Batch:          tpl.Batch,
+		Tolerance:      tpl.Tolerance,
+		Timeout:        tpl.Timeout,
+		Pause:          tpl.Pause,
+		Script:         tpl.Script,
+		Args:           tpl.Args,
+		Stdin:          string(tags),
+		Action:         "start",
+		Creator:        tpl.UpdateBy,
+		Hosts:          []string{host},
+		AlertTriggered: true,
+	}
+
+	id, err = TaskAdd(in, tpl.UpdateBy, ctx.IsCenter)
+	if err != nil {
+		logger.Errorf("event_callback_ibex: call ibex fail: %v, event: %+v", err, event)
+		return
+	}
+
+	// write db
+	record := models.TaskRecord{
+		Id:        id,
+		EventId:   event.Id,
+		GroupId:   tpl.GroupId,
+		Title:     in.Title,
+		Account:   in.Account,
+		Batch:     in.Batch,
+		Tolerance: in.Tolerance,
+		Timeout:   in.Timeout,
+		Pause:     in.Pause,
+		Script:    in.Script,
+		Args:      in.Args,
+		CreateAt:  time.Now().Unix(),
+		CreateBy:  in.Creator,
+	}
+
+	if err = record.Add(ctx); err != nil {
+		logger.Errorf("event_callback_ibex: persist task_record fail: %v, event: %+v", err, event)
+	}
+}
+
+func canDoIbex(username string, tpl *models.TaskTpl, host string, targetCache *memsto.TargetCacheType, userCache *memsto.UserCacheType) (bool, error) {
+	user := userCache.GetByUsername(username)
+	if user != nil && user.IsAdmin() {
+		return true, nil
+	}
+
+	target, has := targetCache.Get(host)
+	if !has {
+		return false, nil
+	}
+
+	return target.MatchGroupId(tpl.GroupId), nil
+}
+
+func TaskAdd(f models.TaskForm, authUser string, isCenter bool) (int64, error) {
+	if storage.Cache == nil {
+		logger.Warningf("event_callback_ibex: redis cache is nil, task: %+v", f)
+		return 0, fmt.Errorf("redis cache is nil")
+	}
+
+	hosts := cleanHosts(f.Hosts)
+	if len(hosts) == 0 {
+		return 0, fmt.Errorf("arg(hosts) empty")
+	}
+
+	taskMeta := &imodels.TaskMeta{
+		Title:     f.Title,
+		Account:   f.Account,
+		Batch:     f.Batch,
+		Tolerance: f.Tolerance,
+		Timeout:   f.Timeout,
+		Pause:     f.Pause,
+		Script:    f.Script,
+		Args:      f.Args,
+		Stdin:     f.Stdin,
+		Creator:   f.Creator,
+	}
+
+	err := taskMeta.CleanFields()
+	if err != nil {
+		return 0, err
+	}
+
+	taskMeta.HandleFH(hosts[0])
+
+	// 任务类型分为"告警规则触发"和"n9e center用户下发"两种；
+	// 边缘机房"告警规则触发"的任务不需要规划，并且它可能是失联的，无法使用db资源，所以放入redis缓存中，直接下发给agentd执行
+	if !isCenter && f.AlertTriggered {
+		if err := taskMeta.Create(); err != nil {
+			// 当网络不连通时，生成唯一的id，防止边缘机房中不同任务的id相同；
+			// 方法是，redis自增id去防止同一个机房的不同n9e edge生成的id相同；
+			// 但没法防止不同边缘机房生成同样的id，所以，生成id的数据不会上报存入数据库，只用于闭环执行。
+			taskMeta.Id, err = storage.IdGet()
+			if err != nil {
+				return 0, err
+			}
+		}
+
+		taskHost := imodels.TaskHost{
+			Id:     taskMeta.Id,
+			Host:   hosts[0],
+			Status: "running",
+		}
+		if err = taskHost.Create(); err != nil {
+			logger.Warningf("task_add_fail: authUser=%s title=%s err=%s", authUser, taskMeta.Title, err.Error())
+		}
+
+		// 缓存任务元信息和待下发的任务
+		err = taskMeta.Cache(hosts[0])
+		if err != nil {
+			return 0, err
+		}
+
+	} else {
+		// 如果是中心机房，还是保持之前的逻辑
+		err = taskMeta.Save(hosts, f.Action)
+		if err != nil {
+			return 0, err
+		}
+	}
+
+	logger.Infof("task_add_succ: authUser=%s title=%s", authUser, taskMeta.Title)
+	return taskMeta.Id, nil
+}
+
+func cleanHosts(formHosts []string) []string {
+	cnt := len(formHosts)
+	arr := make([]string, 0, cnt)
+	for i := 0; i < cnt; i++ {
+		item := strings.TrimSpace(formHosts[i])
+		if item == "" {
+			continue
+		}
+
+		if strings.HasPrefix(item, "#") {
+			continue
+		}
+
+		arr = append(arr, item)
+	}
+
+	return arr
+}
--- a/alert/sender/lark.go
+++ b/alert/sender/lark.go
@@ -0,0 +1,65 @@
+package sender
+
+import (
+	"html/template"
+	"strings"
+
+	"github.com/ccfos/nightingale/v6/models"
+)
+
+var (
+	_ CallBacker = (*LarkSender)(nil)
+)
+
+type LarkSender struct {
+	tpl *template.Template
+}
+
+func (lk *LarkSender) CallBack(ctx CallBackContext) {
+	if len(ctx.Events) == 0 || len(ctx.CallBackURL) == 0 {
+		return
+	}
+
+	body := feishu{
+		Msgtype: "text",
+		Content: feishuContent{
+			Text: BuildTplMessage(models.Lark, lk.tpl, ctx.Events),
+		},
+	}
+
+	doSendAndRecord(ctx.Ctx, ctx.CallBackURL, ctx.CallBackURL, body, "callback", ctx.Stats, ctx.Events)
+}
+
+func (lk *LarkSender) Send(ctx MessageContext) {
+	if len(ctx.Users) == 0 || len(ctx.Events) == 0 {
+		return
+	}
+	urls, tokens := lk.extract(ctx.Users)
+	message := BuildTplMessage(models.Lark, lk.tpl, ctx.Events)
+	for i, url := range urls {
+		body := feishu{
+			Msgtype: "text",
+			Content: feishuContent{
+				Text: message,
+			},
+		}
+		doSendAndRecord(ctx.Ctx, url, tokens[i], body, models.Lark, ctx.Stats, ctx.Events)
+	}
+}
+
+func (lk *LarkSender) extract(users []*models.User) ([]string, []string) {
+	urls := make([]string, 0, len(users))
+	tokens := make([]string, 0, len(users))
+
+	for _, user := range users {
+		if token, has := user.ExtractToken(models.Lark); has {
+			url := token
+			if !strings.HasPrefix(token, "https://") && !strings.HasPrefix(token, "http://") {
+				url = "https://open.larksuite.com/open-apis/bot/v2/hook/" + token
+			}
+			urls = append(urls, url)
+			tokens = append(tokens, token)
+		}
+	}
+	return urls, tokens
+}
--- a/alert/sender/larkcard.go
+++ b/alert/sender/larkcard.go
@@ -0,0 +1,101 @@
+package sender
+
+import (
+	"fmt"
+	"html/template"
+	"net/url"
+	"strings"
+
+	"github.com/ccfos/nightingale/v6/models"
+)
+
+type LarkCardSender struct {
+	tpl *template.Template
+}
+
+func (fs *LarkCardSender) CallBack(ctx CallBackContext) {
+	if len(ctx.Events) == 0 || len(ctx.CallBackURL) == 0 {
+		return
+	}
+
+	ats := ExtractAtsParams(ctx.CallBackURL)
+	message := BuildTplMessage(models.LarkCard, fs.tpl, ctx.Events)
+
+	if len(ats) > 0 {
+		atTags := ""
+		for _, at := range ats {
+			if strings.Contains(at, "@") {
+				atTags += fmt.Sprintf("<at email=\"%s\" ></at>", at)
+			} else {
+				atTags += fmt.Sprintf("<at id=\"%s\" ></at>", at)
+			}
+		}
+		message = atTags + message
+	}
+
+	color := "red"
+	lowerUnicode := strings.ToLower(message)
+	if strings.Count(lowerUnicode, Recovered) > 0 && strings.Count(lowerUnicode, Triggered) > 0 {
+		color = "orange"
+	} else if strings.Count(lowerUnicode, Recovered) > 0 {
+		color = "green"
+	}
+
+	SendTitle := fmt.Sprintf("🔔 %s", ctx.Events[0].RuleName)
+	body := createFeishuCardBody()
+	body.Card.Header.Title.Content = SendTitle
+	body.Card.Header.Template = color
+	body.Card.Elements[0].Text.Content = message
+	body.Card.Elements[2].Elements[0].Content = SendTitle
+
+	// This is to be compatible with the Larkcard interface, if with query string parameters, the request will fail
+	// Remove query parameters from the URL,
+	parsedURL, err := url.Parse(ctx.CallBackURL)
+	if err != nil {
+		return
+	}
+	parsedURL.RawQuery = ""
+
+	doSendAndRecord(ctx.Ctx, ctx.CallBackURL, ctx.CallBackURL, body, "callback", ctx.Stats, ctx.Events)
+}
+
+func (fs *LarkCardSender) Send(ctx MessageContext) {
+	if len(ctx.Users) == 0 || len(ctx.Events) == 0 {
+		return
+	}
+	urls, tokens := fs.extract(ctx.Users)
+	message := BuildTplMessage(models.LarkCard, fs.tpl, ctx.Events)
+	color := "red"
+	lowerUnicode := strings.ToLower(message)
+	if strings.Count(lowerUnicode, Recovered) > 0 && strings.Count(lowerUnicode, Triggered) > 0 {
+		color = "orange"
+	} else if strings.Count(lowerUnicode, Recovered) > 0 {
+		color = "green"
+	}
+
+	SendTitle := fmt.Sprintf("🔔 %s", ctx.Events[0].RuleName)
+	body := createFeishuCardBody()
+	body.Card.Header.Title.Content = SendTitle
+	body.Card.Header.Template = color
+	body.Card.Elements[0].Text.Content = message
+	body.Card.Elements[2].Elements[0].Content = SendTitle
+	for i, url := range urls {
+		doSendAndRecord(ctx.Ctx, url, tokens[i], body, models.LarkCard, ctx.Stats, ctx.Events)
+	}
+}
+
+func (fs *LarkCardSender) extract(users []*models.User) ([]string, []string) {
+	urls := make([]string, 0, len(users))
+	tokens := make([]string, 0)
+	for i := range users {
+		if token, has := users[i].ExtractToken(models.Lark); has {
+			url := token
+			if !strings.HasPrefix(token, "https://") && !strings.HasPrefix(token, "http://") {
+				url = "https://open.larksuite.com/open-apis/bot/v2/hook/" + strings.TrimSpace(token)
+			}
+			urls = append(urls, url)
+			tokens = append(tokens, token)
+		}
+	}
+	return urls, tokens
+}
--- a/alert/sender/mm.go
+++ b/alert/sender/mm.go
@@ -4,10 +4,10 @@ import (
 	"html/template"
 	"net/url"
 	"strings"
-	"time"

+	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/models"
-	"github.com/ccfos/nightingale/v6/pkg/poster"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"

 	"github.com/toolkits/pkg/logger"
 )
@@ -15,6 +15,7 @@ import (
 type MatterMostMessage struct {
 	Text   string
 	Tokens []string
+	Stats  *astats.Stats
 }

 type mm struct {
@@ -28,7 +29,7 @@ type MmSender struct {
 }

 func (ms *MmSender) Send(ctx MessageContext) {
-	if len(ctx.Users) == 0 || ctx.Rule == nil || ctx.Event == nil {
+	if len(ctx.Users) == 0 || len(ctx.Events) == 0 {
 		return
 	}

@@ -36,12 +37,26 @@ func (ms *MmSender) Send(ctx MessageContext) {
 	if len(urls) == 0 {
 		return
 	}
-	message := BuildTplMessage(ms.tpl, ctx.Event)
+	message := BuildTplMessage(models.Mm, ms.tpl, ctx.Events)

-	SendMM(MatterMostMessage{
+	SendMM(ctx.Ctx, MatterMostMessage{
 		Text:   message,
 		Tokens: urls,
-	})
+		Stats:  ctx.Stats,
+	}, ctx.Events, models.Mm)
+}
+
+func (ms *MmSender) CallBack(ctx CallBackContext) {
+	if len(ctx.Events) == 0 || len(ctx.CallBackURL) == 0 {
+		return
+	}
+	message := BuildTplMessage(models.Mm, ms.tpl, ctx.Events)
+
+	SendMM(ctx.Ctx, MatterMostMessage{
+		Text:   message,
+		Tokens: []string{ctx.CallBackURL},
+		Stats:  ctx.Stats,
+	}, ctx.Events, "callback")
 }

 func (ms *MmSender) extract(users []*models.User) []string {
@@ -54,11 +69,12 @@ func (ms *MmSender) extract(users []*models.User) []string {
 	return tokens
 }

-func SendMM(message MatterMostMessage) {
+func SendMM(ctx *ctx.Context, message MatterMostMessage, events []*models.AlertCurEvent, channel string) {
 	for i := 0; i < len(message.Tokens); i++ {
 		u, err := url.Parse(message.Tokens[i])
 		if err != nil {
 			logger.Errorf("mm_sender: failed to parse error=%v", err)
+			NotifyRecord(ctx, events, 0, channel, message.Tokens[i], "", err)
 			continue
 		}

@@ -87,13 +103,7 @@ func SendMM(message MatterMostMessage) {
 				Username: username,
 				Text:     txt + message.Text,
 			}
-
-			res, code, err := poster.PostJSON(ur, time.Second*5, body, 3)
-			if err != nil {
-				logger.Errorf("mm_sender: result=fail url=%s code=%d error=%v response=%s", ur, code, err, string(res))
-			} else {
-				logger.Infof("mm_sender: result=succ url=%s code=%d response=%s", ur, code, string(res))
-			}
+			doSendAndRecord(ctx, ur, message.Tokens[i], body, channel, message.Stats, events)
 		}
 	}
 }
--- a/alert/sender/notify_record_queue.go
+++ b/alert/sender/notify_record_queue.go
@@ -0,0 +1,75 @@
+package sender
+
+import (
+	"errors"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/alert/astats"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/toolkits/pkg/container/list"
+	"github.com/toolkits/pkg/logger"
+)
+
+// 通知记录队列，最大长度 1000000
+var NotifyRecordQueue = list.NewSafeListLimited(1000000)
+
+// 每秒上报通知记录队列大小
+func ReportNotifyRecordQueueSize(stats *astats.Stats) {
+	for {
+		time.Sleep(time.Second)
+		stats.GaugeNotifyRecordQueueSize.Set(float64(NotifyRecordQueue.Len()))
+	}
+}
+
+// 推送通知记录到队列
+// 若队列满 则返回 error
+func PushNotifyRecords(records []*models.NotificaitonRecord) error {
+	for _, record := range records {
+		if ok := NotifyRecordQueue.PushFront(record); !ok {
+			logger.Warningf("notify record queue is full, record: %+v", record)
+			return errors.New("notify record queue is full")
+		}
+	}
+
+	return nil
+}
+
+type NotifyRecordConsumer struct {
+	ctx *ctx.Context
+}
+
+func NewNotifyRecordConsumer(ctx *ctx.Context) *NotifyRecordConsumer {
+	return &NotifyRecordConsumer{
+		ctx: ctx,
+	}
+}
+
+// 消费通知记录队列 每 100ms 检测一次队列是否为空
+func (c *NotifyRecordConsumer) LoopConsume() {
+	duration := time.Duration(100) * time.Millisecond
+	for {
+		// 无论队列是否为空 都需要等待
+		time.Sleep(duration)
+
+		inotis := NotifyRecordQueue.PopBackBy(100)
+
+		if len(inotis) == 0 {
+			continue
+		}
+
+		// 类型转换，不然 CreateInBatches 会报错
+		notis := make([]*models.NotificaitonRecord, 0, len(inotis))
+		for _, inoti := range inotis {
+			notis = append(notis, inoti.(*models.NotificaitonRecord))
+		}
+
+		c.consume(notis)
+	}
+}
+
+func (c *NotifyRecordConsumer) consume(notis []*models.NotificaitonRecord) {
+	if err := models.DB(c.ctx).CreateInBatches(notis, 100).Error; err != nil {
+		logger.Errorf("add notis:%v failed, err: %v", notis, err)
+	}
+}
--- a/alert/sender/plugin.go
+++ b/alert/sender/plugin.go
@@ -2,31 +2,39 @@ package sender

 import (
 	"bytes"
+	"fmt"
 	"os"
 	"os/exec"
 	"time"
+	"unicode/utf8"

+	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"

 	"github.com/toolkits/pkg/file"
 	"github.com/toolkits/pkg/logger"
 	"github.com/toolkits/pkg/sys"
 )

-func MayPluginNotify(noticeBytes []byte, notifyScript models.NotifyScript) {
+func MayPluginNotify(ctx *ctx.Context, noticeBytes []byte, notifyScript models.NotifyScript,
+	stats *astats.Stats, event *models.AlertCurEvent) {
 	if len(noticeBytes) == 0 {
 		return
 	}
-	alertingCallScript(noticeBytes, notifyScript)
+	alertingCallScript(ctx, noticeBytes, notifyScript, stats, event)
 }

-func alertingCallScript(stdinBytes []byte, notifyScript models.NotifyScript) {
+func alertingCallScript(ctx *ctx.Context, stdinBytes []byte, notifyScript models.NotifyScript,
+	stats *astats.Stats, event *models.AlertCurEvent) {
 	// not enable or no notify.py? do nothing
 	config := notifyScript
 	if !config.Enable || config.Content == "" {
 		return
 	}

+	channel := "script"
+	stats.AlertNotifyTotal.WithLabelValues(channel).Inc()
 	fpath := ".notify_scriptt"
 	if config.Type == 1 {
 		fpath = config.Content
@@ -35,7 +43,8 @@ func alertingCallScript(stdinBytes []byte, notifyScript models.NotifyScript) {
 		if file.IsExist(fpath) {
 			oldContent, err := file.ToString(fpath)
 			if err != nil {
-				logger.Errorf("event_notify: read script file err: %v", err)
+				logger.Errorf("event_script_notify_fail: read script file err: %v", err)
+				stats.AlertNotifyErrorTotal.WithLabelValues(channel).Inc()
 				return
 			}

@@ -47,13 +56,15 @@ func alertingCallScript(stdinBytes []byte, notifyScript models.NotifyScript) {
 		if rewrite {
 			_, err := file.WriteString(fpath, config.Content)
 			if err != nil {
-				logger.Errorf("event_notify: write script file err: %v", err)
+				logger.Errorf("event_script_notify_fail: write script file err: %v", err)
+				stats.AlertNotifyErrorTotal.WithLabelValues(channel).Inc()
 				return
 			}

 			err = os.Chmod(fpath, 0777)
 			if err != nil {
-				logger.Errorf("event_notify: chmod script file err: %v", err)
+				logger.Errorf("event_script_notify_fail: chmod script file err: %v", err)
+				stats.AlertNotifyErrorTotal.WithLabelValues(channel).Inc()
 				return
 			}
 		}
@@ -68,30 +79,60 @@ func alertingCallScript(stdinBytes []byte, notifyScript models.NotifyScript) {
 	cmd.Stdout = &buf
 	cmd.Stderr = &buf

+	start := time.Now()
 	err := startCmd(cmd)
 	if err != nil {
-		logger.Errorf("event_notify: run cmd err: %v", err)
+		logger.Errorf("event_script_notify_fail: run cmd err: %v", err)
 		return
 	}

 	err, isTimeout := sys.WrapTimeout(cmd, time.Duration(config.Timeout)*time.Second)

+	res := buf.String()
+	res = fmt.Sprintf("duration: %d ms %s", time.Since(start).Milliseconds(), res)
+
+	// 截断超出长度的输出
+	if len(res) > 512 {
+		// 确保在有效的UTF-8字符边界处截断
+		validLen := 0
+		for i := 0; i < 512 && i < len(res); {
+			_, size := utf8.DecodeRuneInString(res[i:])
+			if i+size > 512 {
+				break
+			}
+			i += size
+			validLen = i
+		}
+		res = res[:validLen] + "..."
+	}
+
+	NotifyRecord(ctx, []*models.AlertCurEvent{event}, 0, channel, cmd.String(), res, buildErr(err, isTimeout))
+
 	if isTimeout {
 		if err == nil {
-			logger.Errorf("event_notify: timeout and killed process %s", fpath)
+			logger.Errorf("event_script_notify_fail: timeout and killed process %s", fpath)
 		}

 		if err != nil {
-			logger.Errorf("event_notify: kill process %s occur error %v", fpath, err)
+			logger.Errorf("event_script_notify_fail: kill process %s occur error %v", fpath, err)
+			stats.AlertNotifyErrorTotal.WithLabelValues(channel).Inc()
 		}
-
 		return
 	}

 	if err != nil {
-		logger.Errorf("event_notify: exec script %s occur error: %v, output: %s", fpath, err, buf.String())
+		logger.Errorf("event_script_notify_fail: exec script %s occur error: %v, output: %s", fpath, err, res)
+		stats.AlertNotifyErrorTotal.WithLabelValues(channel).Inc()
 		return
 	}

-	logger.Infof("event_notify: exec %s output: %s", fpath, buf.String())
+	logger.Infof("event_script_notify_ok: exec %s output: %s", fpath, res)
+}
+
+func buildErr(err error, isTimeout bool) error {
+	if err == nil && !isTimeout {
+		return nil
+	} else {
+		return fmt.Errorf("is_timeout: %v, err: %v", isTimeout, err)
+	}
 }
--- a/alert/sender/sender.go
+++ b/alert/sender/sender.go
@@ -5,8 +5,10 @@ import (
 	"html/template"

 	"github.com/ccfos/nightingale/v6/alert/aconf"
+	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
 )

 type (
@@ -17,13 +19,15 @@ type (

 	// MessageContext 一个event所生成的告警通知的上下文
 	MessageContext struct {
-		Users []*models.User
-		Rule  *models.AlertRule
-		Event *models.AlertCurEvent
+		Users  []*models.User
+		Rule   *models.AlertRule
+		Events []*models.AlertCurEvent
+		Stats  *astats.Stats
+		Ctx    *ctx.Context
 	}
 )

-func NewSender(key string, tpls map[string]*template.Template, smtp aconf.SMTPConfig) Sender {
+func NewSender(key string, tpls map[string]*template.Template, smtp ...aconf.SMTPConfig) Sender {
 	switch key {
 	case models.Dingtalk:
 		return &DingtalkSender{tpl: tpls[models.Dingtalk]}
@@ -31,32 +35,51 @@ func NewSender(key string, tpls map[string]*template.Template, smtp aconf.SMTPCo
 		return &WecomSender{tpl: tpls[models.Wecom]}
 	case models.Feishu:
 		return &FeishuSender{tpl: tpls[models.Feishu]}
+	case models.FeishuCard:
+		return &FeishuCardSender{tpl: tpls[models.FeishuCard]}
 	case models.Email:
-		return &EmailSender{subjectTpl: tpls["mailsubject"], contentTpl: tpls[models.Email], smtp: smtp}
+		return &EmailSender{subjectTpl: tpls[models.EmailSubject], contentTpl: tpls[models.Email], smtp: smtp[0]}
 	case models.Mm:
 		return &MmSender{tpl: tpls[models.Mm]}
 	case models.Telegram:
 		return &TelegramSender{tpl: tpls[models.Telegram]}
+	case models.Lark:
+		return &LarkSender{tpl: tpls[models.Lark]}
+	case models.LarkCard:
+		return &LarkCardSender{tpl: tpls[models.LarkCard]}
 	}
 	return nil
 }

-func BuildMessageContext(rule *models.AlertRule, event *models.AlertCurEvent, uids []int64, userCache *memsto.UserCacheType) MessageContext {
+func BuildMessageContext(ctx *ctx.Context, rule *models.AlertRule, events []*models.AlertCurEvent,
+	uids []int64, userCache *memsto.UserCacheType, stats *astats.Stats) MessageContext {
 	users := userCache.GetByUserIds(uids)
 	return MessageContext{
-		Rule:  rule,
-		Event: event,
-		Users: users,
+		Rule:   rule,
+		Events: events,
+		Users:  users,
+		Stats:  stats,
+		Ctx:    ctx,
 	}
 }

-func BuildTplMessage(tpl *template.Template, event *models.AlertCurEvent) string {
+type BuildTplMessageFunc func(channel string, tpl *template.Template, events []*models.AlertCurEvent) string
+
+var BuildTplMessage BuildTplMessageFunc = buildTplMessage
+
+func buildTplMessage(channel string, tpl *template.Template, events []*models.AlertCurEvent) string {
 	if tpl == nil {
 		return "tpl for current sender not found, please check configuration"
 	}
-	var body bytes.Buffer
-	if err := tpl.Execute(&body, event); err != nil {
-		return err.Error()
+
+	var content string
+	for _, event := range events {
+		var body bytes.Buffer
+		if err := tpl.Execute(&body, event); err != nil {
+			return err.Error()
+		}
+		content += body.String() + "\n\n"
 	}
-	return body.String()
+
+	return content
 }
--- a/alert/sender/telegram.go
+++ b/alert/sender/telegram.go
@@ -1,12 +1,13 @@
 package sender

 import (
+	"errors"
 	"html/template"
 	"strings"
-	"time"

+	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/models"
-	"github.com/ccfos/nightingale/v6/pkg/poster"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"

 	"github.com/toolkits/pkg/logger"
 )
@@ -14,6 +15,7 @@ import (
 type TelegramMessage struct {
 	Text   string
 	Tokens []string
+	Stats  *astats.Stats
 }

 type telegram struct {
@@ -21,21 +23,39 @@ type telegram struct {
 	Text      string `json:"text"`
 }

+var (
+	_ CallBacker = (*TelegramSender)(nil)
+)
+
 type TelegramSender struct {
 	tpl *template.Template
 }

+func (ts *TelegramSender) CallBack(ctx CallBackContext) {
+	if len(ctx.Events) == 0 || len(ctx.CallBackURL) == 0 {
+		return
+	}
+
+	message := BuildTplMessage(models.Telegram, ts.tpl, ctx.Events)
+	SendTelegram(ctx.Ctx, TelegramMessage{
+		Text:   message,
+		Tokens: []string{ctx.CallBackURL},
+		Stats:  ctx.Stats,
+	}, ctx.Events, "callback")
+}
+
 func (ts *TelegramSender) Send(ctx MessageContext) {
-	if len(ctx.Users) == 0 || ctx.Rule == nil || ctx.Event == nil {
+	if len(ctx.Users) == 0 || len(ctx.Events) == 0 {
 		return
 	}
 	tokens := ts.extract(ctx.Users)
-	message := BuildTplMessage(ts.tpl, ctx.Event)
+	message := BuildTplMessage(models.Telegram, ts.tpl, ctx.Events)

-	SendTelegram(TelegramMessage{
+	SendTelegram(ctx.Ctx, TelegramMessage{
 		Text:   message,
 		Tokens: tokens,
-	})
+		Stats:  ctx.Stats,
+	}, ctx.Events, models.Telegram)
 }

 func (ts *TelegramSender) extract(users []*models.User) []string {
@@ -48,14 +68,15 @@ func (ts *TelegramSender) extract(users []*models.User) []string {
 	return tokens
 }

-func SendTelegram(message TelegramMessage) {
+func SendTelegram(ctx *ctx.Context, message TelegramMessage, events []*models.AlertCurEvent, channel string) {
 	for i := 0; i < len(message.Tokens); i++ {
 		if !strings.Contains(message.Tokens[i], "/") && !strings.HasPrefix(message.Tokens[i], "https://") {
 			logger.Errorf("telegram_sender: result=fail invalid token=%s", message.Tokens[i])
+			NotifyRecord(ctx, events, 0, channel, message.Tokens[i], "", errors.New("invalid token"))
 			continue
 		}
 		var url string
-		if strings.HasPrefix(message.Tokens[i], "https://") {
+		if strings.HasPrefix(message.Tokens[i], "https://") || strings.HasPrefix(message.Tokens[i], "http://") {
 			url = message.Tokens[i]
 		} else {
 			array := strings.Split(message.Tokens[i], "/")
@@ -72,11 +93,6 @@ func SendTelegram(message TelegramMessage) {
 			Text:      message.Text,
 		}

-		res, code, err := poster.PostJSON(url, time.Second*5, body, 3)
-		if err != nil {
-			logger.Errorf("telegram_sender: result=fail url=%s code=%d error=%v response=%s", url, code, err, string(res))
-		} else {
-			logger.Infof("telegram_sender: result=succ url=%s code=%d response=%s", url, code, string(res))
-		}
+		doSendAndRecord(ctx, url, message.Tokens[i], body, channel, message.Stats, events)
 	}
 }
--- a/alert/sender/webhook.go
+++ b/alert/sender/webhook.go
@@ -2,67 +2,185 @@ package sender

 import (
 	"bytes"
+	"crypto/tls"
 	"encoding/json"
-	"io/ioutil"
+	"fmt"
+	"io"
 	"net/http"
+	"sync"
 	"time"

+	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"

 	"github.com/toolkits/pkg/logger"
 )

-func SendWebhooks(webhooks []*models.Webhook, event *models.AlertCurEvent) {
-	for _, conf := range webhooks {
-		if conf.Url == "" || !conf.Enable {
-			continue
-		}
-		bs, err := json.Marshal(event)
-		if err != nil {
-			continue
-		}
+func sendWebhook(webhook *models.Webhook, event interface{}, stats *astats.Stats) (bool, string, error) {
+	channel := "webhook"
+	if webhook.Type == models.RuleCallback {
+		channel = "callback"
+	}

-		bf := bytes.NewBuffer(bs)
+	conf := webhook
+	if conf.Url == "" || !conf.Enable {
+		return false, "", nil
+	}
+	bs, err := json.Marshal(event)
+	if err != nil {
+		logger.Errorf("%s alertingWebhook failed to marshal event:%+v err:%v", channel, event, err)
+		return false, "", err
+	}

-		req, err := http.NewRequest("POST", conf.Url, bf)
-		if err != nil {
-			logger.Warning("alertingWebhook failed to new request", err)
-			continue
-		}
+	bf := bytes.NewBuffer(bs)

-		req.Header.Set("Content-Type", "application/json")
-		if conf.BasicAuthUser != "" && conf.BasicAuthPass != "" {
-			req.SetBasicAuth(conf.BasicAuthUser, conf.BasicAuthPass)
-		}
+	req, err := http.NewRequest("POST", conf.Url, bf)
+	if err != nil {
+		logger.Warningf("%s alertingWebhook failed to new reques event:%s err:%v", channel, string(bs), err)
+		return true, "", err
+	}

-		if len(conf.Headers) > 0 && len(conf.Headers)%2 == 0 {
-			for i := 0; i < len(conf.Headers); i += 2 {
-				if conf.Headers[i] == "host" {
-					req.Host = conf.Headers[i+1]
-					continue
-				}
-				req.Header.Set(conf.Headers[i], conf.Headers[i+1])
+	req.Header.Set("Content-Type", "application/json")
+	if conf.BasicAuthUser != "" && conf.BasicAuthPass != "" {
+		req.SetBasicAuth(conf.BasicAuthUser, conf.BasicAuthPass)
+	}
+
+	if len(conf.Headers) > 0 && len(conf.Headers)%2 == 0 {
+		for i := 0; i < len(conf.Headers); i += 2 {
+			if conf.Headers[i] == "host" || conf.Headers[i] == "Host" {
+				req.Host = conf.Headers[i+1]
+				continue
 			}
+			req.Header.Set(conf.Headers[i], conf.Headers[i+1])
 		}
+	}
+	insecureSkipVerify := false
+	if webhook != nil {
+		insecureSkipVerify = webhook.SkipVerify
+	}

-		// todo add skip verify
-		client := http.Client{
+	if conf.Client == nil {
+		logger.Warningf("event_%s, event:%s, url: [%s], error: [%s]", channel, string(bs), conf.Url, "client is nil")
+		conf.Client = &http.Client{
 			Timeout: time.Duration(conf.Timeout) * time.Second,
+			Transport: &http.Transport{
+				TLSClientConfig: &tls.Config{InsecureSkipVerify: insecureSkipVerify},
+			},
 		}
+	}

-		var resp *http.Response
-		resp, err = client.Do(req)
-		if err != nil {
-			logger.Warningf("WebhookCallError, ruleId: [%d], eventId: [%d], url: [%s], error: [%s]", event.RuleId, event.Id, conf.Url, err)
-			continue
+	stats.AlertNotifyTotal.WithLabelValues(channel).Inc()
+	var resp *http.Response
+	var body []byte
+	resp, err = conf.Client.Do(req)
+
+	if err != nil {
+		stats.AlertNotifyErrorTotal.WithLabelValues(channel).Inc()
+		logger.Errorf("event_%s_fail, event:%s, url: [%s], error: [%s]", channel, string(bs), conf.Url, err)
+		return true, "", err
+	}
+
+	if resp.Body != nil {
+		defer resp.Body.Close()
+		body, _ = io.ReadAll(resp.Body)
+	}
+
+	if resp.StatusCode == 429 {
+		logger.Errorf("event_%s_fail, url: %s, response code: %d, body: %s event:%s", channel, conf.Url, resp.StatusCode, string(body), string(bs))
+		return true, string(body), fmt.Errorf("status code is 429")
+	}
+
+	logger.Debugf("event_%s_succ, url: %s, response code: %d, body: %s event:%s", channel, conf.Url, resp.StatusCode, string(body), string(bs))
+	return false, string(body), nil
+}
+
+func SingleSendWebhooks(ctx *ctx.Context, webhooks map[string]*models.Webhook, event *models.AlertCurEvent, stats *astats.Stats) {
+	for _, conf := range webhooks {
+		retryCount := 0
+		for retryCount < 3 {
+			start := time.Now()
+			needRetry, res, err := sendWebhook(conf, event, stats)
+			res = fmt.Sprintf("duration: %d ms %s", time.Since(start).Milliseconds(), res)
+			NotifyRecord(ctx, []*models.AlertCurEvent{event}, 0, "webhook", conf.Url, res, err)
+			if !needRetry {
+				break
+			}
+			retryCount++
+			time.Sleep(time.Minute * 1 * time.Duration(retryCount))
+		}
+	}
+}
+
+func BatchSendWebhooks(ctx *ctx.Context, webhooks map[string]*models.Webhook, event *models.AlertCurEvent, stats *astats.Stats) {
+	for _, conf := range webhooks {
+		logger.Infof("push event:%+v to queue:%v", event, conf)
+		PushEvent(ctx, conf, event, stats)
+	}
+}
+
+var EventQueue = make(map[string]*WebhookQueue)
+var CallbackEventQueue = make(map[string]*WebhookQueue)
+var CallbackEventQueueLock sync.RWMutex
+var EventQueueLock sync.RWMutex
+
+const QueueMaxSize = 100000
+
+type WebhookQueue struct {
+	eventQueue *SafeEventQueue
+	closeCh    chan struct{}
+}
+
+func PushEvent(ctx *ctx.Context, webhook *models.Webhook, event *models.AlertCurEvent, stats *astats.Stats) {
+	EventQueueLock.RLock()
+	queue := EventQueue[webhook.Url]
+	EventQueueLock.RUnlock()
+
+	if queue == nil {
+		queue = &WebhookQueue{
+			eventQueue: NewSafeEventQueue(QueueMaxSize),
+			closeCh:    make(chan struct{}),
+		}
+
+		EventQueueLock.Lock()
+		EventQueue[webhook.Url] = queue
+		EventQueueLock.Unlock()
+
+		StartConsumer(ctx, queue, webhook.Batch, webhook, stats)
+	}
+
+	succ := queue.eventQueue.Push(event)
+	if !succ {
+		stats.AlertNotifyErrorTotal.WithLabelValues("push_event_queue").Inc()
+		logger.Warningf("Write channel(%s) full, current channel size: %d event:%v", webhook.Url, queue.eventQueue.Len(), event)
+	}
+}
+
+func StartConsumer(ctx *ctx.Context, queue *WebhookQueue, popSize int, webhook *models.Webhook, stats *astats.Stats) {
+	for {
+		select {
+		case <-queue.closeCh:
+			logger.Infof("event queue:%v closed", queue)
+			return
+		default:
+			events := queue.eventQueue.PopN(popSize)
+			if len(events) == 0 {
+				time.Sleep(time.Millisecond * 400)
+				continue
+			}
+
+			retryCount := 0
+			for retryCount < webhook.RetryCount {
+				start := time.Now()
+				needRetry, res, err := sendWebhook(webhook, events, stats)
+				res = fmt.Sprintf("duration: %d ms %s", time.Since(start).Milliseconds(), res)
+				go NotifyRecord(ctx, events, 0, "webhook", webhook.Url, res, err)
+				if !needRetry {
+					break
+				}
+				retryCount++
+				time.Sleep(time.Second * time.Duration(webhook.RetryInterval) * time.Duration(retryCount))
+			}
 		}
-
-		var body []byte
-		if resp.Body != nil {
-			defer resp.Body.Close()
-			body, _ = ioutil.ReadAll(resp.Body)
-		}
-
-		logger.Debugf("alertingWebhook done, url: %s, response code: %d, body: %s", conf.Url, resp.StatusCode, string(body))
 	}
 }
--- a/alert/sender/webhook_event_queue.go
+++ b/alert/sender/webhook_event_queue.go
@@ -0,0 +1,109 @@
+package sender
+
+import (
+	"container/list"
+	"sync"
+
+	"github.com/ccfos/nightingale/v6/models"
+)
+
+type SafeEventQueue struct {
+	lock        sync.RWMutex
+	maxSize     int
+	queueHigh   *list.List
+	queueMiddle *list.List
+	queueLow    *list.List
+}
+
+const (
+	High   = 1
+	Middle = 2
+	Low    = 3
+)
+
+func NewSafeEventQueue(maxSize int) *SafeEventQueue {
+	return &SafeEventQueue{
+		maxSize:     maxSize,
+		lock:        sync.RWMutex{},
+		queueHigh:   list.New(),
+		queueMiddle: list.New(),
+		queueLow:    list.New(),
+	}
+}
+
+func (spq *SafeEventQueue) Len() int {
+	spq.lock.RLock()
+	defer spq.lock.RUnlock()
+	return spq.queueHigh.Len() + spq.queueMiddle.Len() + spq.queueLow.Len()
+}
+
+// len 无锁读取长度，不要在本文件外调用
+func (spq *SafeEventQueue) len() int {
+	return spq.queueHigh.Len() + spq.queueMiddle.Len() + spq.queueLow.Len()
+}
+
+func (spq *SafeEventQueue) Push(event *models.AlertCurEvent) bool {
+	spq.lock.Lock()
+	defer spq.lock.Unlock()
+
+	for spq.len() > spq.maxSize {
+		return false
+	}
+
+	switch event.Severity {
+	case High:
+		spq.queueHigh.PushBack(event)
+	case Middle:
+		spq.queueMiddle.PushBack(event)
+	case Low:
+		spq.queueLow.PushBack(event)
+	default:
+		return false
+	}
+
+	return true
+}
+
+// pop 无锁弹出事件，不要在本文件外调用
+func (spq *SafeEventQueue) pop() *models.AlertCurEvent {
+	if spq.len() == 0 {
+		return nil
+	}
+
+	var elem interface{}
+
+	if spq.queueHigh.Len() > 0 {
+		elem = spq.queueHigh.Remove(spq.queueHigh.Front())
+	} else if spq.queueMiddle.Len() > 0 {
+		elem = spq.queueMiddle.Remove(spq.queueMiddle.Front())
+	} else {
+		elem = spq.queueLow.Remove(spq.queueLow.Front())
+	}
+	event, ok := elem.(*models.AlertCurEvent)
+	if !ok {
+		return nil
+	}
+	return event
+}
+
+func (spq *SafeEventQueue) Pop() *models.AlertCurEvent {
+	spq.lock.Lock()
+	defer spq.lock.Unlock()
+	return spq.pop()
+}
+
+func (spq *SafeEventQueue) PopN(n int) []*models.AlertCurEvent {
+	spq.lock.Lock()
+	defer spq.lock.Unlock()
+
+	events := make([]*models.AlertCurEvent, 0, n)
+	count := 0
+	for count < n && spq.len() > 0 {
+		event := spq.pop()
+		if event != nil {
+			events = append(events, event)
+		}
+		count++
+	}
+	return events
+}
--- a/alert/sender/webhook_event_queue_test.go
+++ b/alert/sender/webhook_event_queue_test.go
@@ -0,0 +1,157 @@
+package sender
+
+import (
+	"sync"
+	"testing"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestSafePriorityQueue_ConcurrentPushPop(t *testing.T) {
+	spq := NewSafeEventQueue(100000)
+
+	var wg sync.WaitGroup
+	numGoroutines := 100
+	numEvents := 1000
+
+	// 并发 Push
+	wg.Add(numGoroutines)
+	for i := 0; i < numGoroutines; i++ {
+		go func(goroutineID int) {
+			defer wg.Done()
+			for j := 0; j < numEvents; j++ {
+				event := &models.AlertCurEvent{
+					Severity:    goroutineID%3 + 1,
+					TriggerTime: time.Now().UnixNano(),
+				}
+				spq.Push(event)
+			}
+		}(i)
+	}
+	wg.Wait()
+
+	// 检查队列长度是否正确
+	expectedLen := numGoroutines * numEvents
+	assert.Equal(t, expectedLen, spq.Len(), "Queue length mismatch after concurrent pushes")
+
+	// 并发 Pop
+	wg.Add(numGoroutines)
+	for i := 0; i < numGoroutines; i++ {
+		go func() {
+			defer wg.Done()
+			for {
+				event := spq.Pop()
+				if event == nil {
+					return
+				}
+			}
+		}()
+	}
+	wg.Wait()
+
+	// 最终队列应该为空
+	assert.Equal(t, 0, spq.Len(), "Queue should be empty after concurrent pops")
+}
+
+func TestSafePriorityQueue_ConcurrentPopMax(t *testing.T) {
+	spq := NewSafeEventQueue(100000)
+
+	// 添加初始数据
+	for i := 0; i < 1000; i++ {
+		spq.Push(&models.AlertCurEvent{
+			Severity:    i%3 + 1,
+			TriggerTime: time.Now().UnixNano(),
+		})
+	}
+
+	var wg sync.WaitGroup
+	numGoroutines := 10
+	popMax := 100
+
+	// 并发 PopN
+	wg.Add(numGoroutines)
+	for i := 0; i < numGoroutines; i++ {
+		go func() {
+			defer wg.Done()
+			events := spq.PopN(popMax)
+			assert.LessOrEqual(t, len(events), popMax, "PopN exceeded maximum")
+		}()
+	}
+	wg.Wait()
+
+	// 检查队列长度是否正确
+	expectedRemaining := 1000 - (numGoroutines * popMax)
+	if expectedRemaining < 0 {
+		expectedRemaining = 0
+	}
+	assert.Equal(t, expectedRemaining, spq.Len(), "Queue length mismatch after concurrent PopN")
+}
+
+func TestSafePriorityQueue_ConcurrentPushPopWithDifferentSeverities(t *testing.T) {
+	spq := NewSafeEventQueue(100000)
+
+	var wg sync.WaitGroup
+	numGoroutines := 50
+	numEvents := 500
+
+	// 并发 Push 不同优先级的事件
+	wg.Add(numGoroutines)
+	for i := 0; i < numGoroutines; i++ {
+		go func(goroutineID int) {
+			defer wg.Done()
+			for j := 0; j < numEvents; j++ {
+				event := &models.AlertCurEvent{
+					Severity:    goroutineID%3 + 1, // 模拟不同的 Severity
+					TriggerTime: time.Now().UnixNano(),
+				}
+				spq.Push(event)
+			}
+		}(i)
+	}
+	wg.Wait()
+
+	// 检查队列长度是否正确
+	expectedLen := numGoroutines * numEvents
+	assert.Equal(t, expectedLen, spq.Len(), "Queue length mismatch after concurrent pushes")
+
+	// 检查事件的顺序是否按照优先级排列
+	var lastEvent *models.AlertCurEvent
+	for spq.Len() > 0 {
+		event := spq.Pop()
+		if lastEvent != nil {
+			assert.LessOrEqual(t, lastEvent.Severity, event.Severity, "Events are not in correct priority order")
+		}
+		lastEvent = event
+	}
+}
+
+func TestSafePriorityQueue_ExceedMaxSize(t *testing.T) {
+	spq := NewSafeEventQueue(5)
+
+	// 插入超过最大容量的事件
+	for i := 0; i < 10; i++ {
+		spq.Push(&models.AlertCurEvent{
+			Severity:    i % 3,
+			TriggerTime: int64(i),
+		})
+	}
+
+	// 验证队列的长度是否不超过 maxSize
+	assert.LessOrEqual(t, spq.Len(), spq.maxSize)
+
+	// 验证队列中剩余事件的内容
+	expectedEvents := 5
+	if spq.Len() < 5 {
+		expectedEvents = spq.Len()
+	}
+
+	// 检查最后存入的事件是否是按优先级排序
+	for i := 0; i < expectedEvents; i++ {
+		event := spq.Pop()
+		if event != nil {
+			assert.LessOrEqual(t, event.Severity, 2)
+		}
+	}
+}
--- a/alert/sender/webhook_queue.go
+++ b/alert/sender/webhook_queue.go
@@ -0,0 +1,111 @@
+package sender
+
+import (
+	"container/list"
+	"sync"
+
+	"github.com/ccfos/nightingale/v6/models"
+)
+
+type SafeList struct {
+	sync.RWMutex
+	L *list.List
+}
+
+func NewSafeList() *SafeList {
+	return &SafeList{L: list.New()}
+}
+
+func (sl *SafeList) PushFront(v interface{}) *list.Element {
+	sl.Lock()
+	e := sl.L.PushFront(v)
+	sl.Unlock()
+	return e
+}
+
+func (sl *SafeList) PushFrontBatch(vs []interface{}) {
+	sl.Lock()
+	for _, item := range vs {
+		sl.L.PushFront(item)
+	}
+	sl.Unlock()
+}
+
+func (sl *SafeList) PopBack(max int) []*models.AlertCurEvent {
+	sl.Lock()
+
+	count := sl.L.Len()
+	if count == 0 {
+		sl.Unlock()
+		return []*models.AlertCurEvent{}
+	}
+
+	if count > max {
+		count = max
+	}
+
+	items := make([]*models.AlertCurEvent, 0, count)
+	for i := 0; i < count; i++ {
+		item := sl.L.Remove(sl.L.Back())
+		sample, ok := item.(*models.AlertCurEvent)
+		if ok {
+			items = append(items, sample)
+		}
+	}
+
+	sl.Unlock()
+	return items
+}
+
+func (sl *SafeList) RemoveAll() {
+	sl.Lock()
+	sl.L.Init()
+	sl.Unlock()
+}
+
+func (sl *SafeList) Len() int {
+	sl.RLock()
+	size := sl.L.Len()
+	sl.RUnlock()
+	return size
+}
+
+// SafeList with Limited Size
+type SafeListLimited struct {
+	maxSize int
+	SL      *SafeList
+}
+
+func NewSafeListLimited(maxSize int) *SafeListLimited {
+	return &SafeListLimited{SL: NewSafeList(), maxSize: maxSize}
+}
+
+func (sll *SafeListLimited) PopBack(max int) []*models.AlertCurEvent {
+	return sll.SL.PopBack(max)
+}
+
+func (sll *SafeListLimited) PushFront(v interface{}) bool {
+	if sll.SL.Len() >= sll.maxSize {
+		return false
+	}
+
+	sll.SL.PushFront(v)
+	return true
+}
+
+func (sll *SafeListLimited) PushFrontBatch(vs []interface{}) bool {
+	if sll.SL.Len() >= sll.maxSize {
+		return false
+	}
+
+	sll.SL.PushFrontBatch(vs)
+	return true
+}
+
+func (sll *SafeListLimited) RemoveAll() {
+	sll.SL.RemoveAll()
+}
+
+func (sll *SafeListLimited) Len() int {
+	return sll.SL.Len()
+}
--- a/alert/sender/wecom.go
+++ b/alert/sender/wecom.go
@@ -3,12 +3,8 @@ package sender
 import (
 	"html/template"
 	"strings"
-	"time"

 	"github.com/ccfos/nightingale/v6/models"
-	"github.com/ccfos/nightingale/v6/pkg/poster"
-
-	"github.com/toolkits/pkg/logger"
 )

 type wecomMarkdown struct {
@@ -20,46 +16,59 @@ type wecom struct {
 	Markdown wecomMarkdown `json:"markdown"`
 }

+var (
+	_ CallBacker = (*WecomSender)(nil)
+)
+
 type WecomSender struct {
 	tpl *template.Template
 }

-func (ws *WecomSender) Send(ctx MessageContext) {
-	if len(ctx.Users) == 0 || ctx.Rule == nil || ctx.Event == nil {
+func (ws *WecomSender) CallBack(ctx CallBackContext) {
+	if len(ctx.Events) == 0 || len(ctx.CallBackURL) == 0 {
 		return
 	}
-	urls := ws.extract(ctx.Users)
-	message := BuildTplMessage(ws.tpl, ctx.Event)
-	for _, url := range urls {
+
+	message := BuildTplMessage(models.Wecom, ws.tpl, ctx.Events)
+	body := wecom{
+		Msgtype: "markdown",
+		Markdown: wecomMarkdown{
+			Content: message,
+		},
+	}
+
+	doSendAndRecord(ctx.Ctx, ctx.CallBackURL, ctx.CallBackURL, body, "callback", ctx.Stats, ctx.Events)
+}
+
+func (ws *WecomSender) Send(ctx MessageContext) {
+	if len(ctx.Users) == 0 || len(ctx.Events) == 0 {
+		return
+	}
+	urls, tokens := ws.extract(ctx.Users)
+	message := BuildTplMessage(models.Wecom, ws.tpl, ctx.Events)
+	for i, url := range urls {
 		body := wecom{
 			Msgtype: "markdown",
 			Markdown: wecomMarkdown{
 				Content: message,
 			},
 		}
-		ws.doSend(url, body)
+		doSendAndRecord(ctx.Ctx, url, tokens[i], body, models.Wecom, ctx.Stats, ctx.Events)
 	}
 }

-func (ws *WecomSender) extract(users []*models.User) []string {
+func (ws *WecomSender) extract(users []*models.User) ([]string, []string) {
 	urls := make([]string, 0, len(users))
+	tokens := make([]string, 0, len(users))
 	for _, user := range users {
 		if token, has := user.ExtractToken(models.Wecom); has {
 			url := token
-			if !strings.HasPrefix(token, "https://") {
+			if !strings.HasPrefix(token, "https://") && !strings.HasPrefix(token, "http://") {
 				url = "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=" + token
 			}
 			urls = append(urls, url)
+			tokens = append(tokens, token)
 		}
 	}
-	return urls
-}
-
-func (ws *WecomSender) doSend(url string, body wecom) {
-	res, code, err := poster.PostJSON(url, time.Second*5, body, 3)
-	if err != nil {
-		logger.Errorf("wecom_sender: result=fail url=%s code=%d error=%v response=%s", url, code, err, string(res))
-	} else {
-		logger.Infof("wecom_sender: result=succ url=%s code=%d response=%s", url, code, string(res))
-	}
+	return urls, tokens
 }
--- a/center/cconf/conf.go
+++ b/center/cconf/conf.go
@@ -1,19 +1,20 @@
 package cconf

-import (
-	"github.com/gin-gonic/gin"
-)
+import "time"

 type Center struct {
 	Plugins                []Plugin
-	BasicAuth              gin.Accounts
 	MetricsYamlFile        string
 	OpsYamlFile            string
 	BuiltinIntegrationsDir string
 	I18NHeaderKey          string
 	MetricDesc             MetricDescType
-	TargetMetrics          map[string]string
 	AnonymousAccess        AnonymousAccess
+	UseFileAssets          bool
+	FlashDuty              FlashDuty
+	EventHistoryGroupView  bool
+	CleanNotifyRecordDay   int
+	MigrateBusiGroupLabel  bool
 }

 type Plugin struct {
@@ -23,6 +24,12 @@ type Plugin struct {
 	TypeName string `json:"plugin_type_name"`
 }

+type FlashDuty struct {
+	Api     string
+	Headers map[string]string
+	Timeout time.Duration
+}
+
 type AnonymousAccess struct {
 	PromQuerier bool
 	AlertDetail bool
--- a/center/cconf/metric.go
+++ b/center/cconf/metric.go
@@ -4,7 +4,6 @@ import (
 	"path"

 	"github.com/toolkits/pkg/file"
-	"github.com/toolkits/pkg/runner"
 )

 // metricDesc , As load map happens before read map, there is no necessary to use concurrent map for metric desc store
@@ -19,24 +18,32 @@ var MetricDesc MetricDescType
 // GetMetricDesc , if metric is not registered, empty string will be returned
 func GetMetricDesc(lang, metric string) string {
 	var m map[string]string
-	if lang == "zh" {
-		m = MetricDesc.Zh
-	} else {
+
+	switch lang {
+	case "en":
 		m = MetricDesc.En
+	default:
+		m = MetricDesc.Zh
 	}
+
 	if m != nil {
-		if desc, has := m[metric]; has {
+		if desc, ok := m[metric]; ok {
 			return desc
 		}
 	}

-	return MetricDesc.CommonDesc[metric]
-}
+	if MetricDesc.CommonDesc != nil {
+		if desc, ok := MetricDesc.CommonDesc[metric]; ok {
+			return desc
+		}
+	}

-func LoadMetricsYaml(metricsYamlFile string) error {
+	return ""
+}
+func LoadMetricsYaml(configDir, metricsYamlFile string) error {
 	fp := metricsYamlFile
 	if fp == "" {
-		fp = path.Join(runner.Cwd, "etc", "metrics.yaml")
+		fp = path.Join(configDir, "metrics.yaml")
 	}
 	if !file.IsExist(fp) {
 		return nil
--- a/center/cconf/ops.go
+++ b/center/cconf/ops.go
@@ -1,10 +1,11 @@
 package cconf

 import (
+	"fmt"
 	"path"

 	"github.com/toolkits/pkg/file"
-	"github.com/toolkits/pkg/runner"
+	"gopkg.in/yaml.v2"
 )

 var Operations = Operation{}
@@ -14,26 +15,291 @@ type Operation struct {
 }

 type Ops struct {
-	Name  string   `yaml:"name" json:"name"`
-	Cname string   `yaml:"cname" json:"cname"`
-	Ops   []string `yaml:"ops" json:"ops"`
+	Name  string     `yaml:"name" json:"name"`
+	Cname string     `yaml:"cname" json:"cname"`
+	Ops   []SingleOp `yaml:"ops" json:"ops"`
 }

-func LoadOpsYaml(opsYamlFile string) error {
+// SingleOp Name 为 op 名称；Cname 为展示名称，默认英文
+type SingleOp struct {
+	Name  string `yaml:"name" json:"name"`
+	Cname string `yaml:"cname" json:"cname"`
+}
+
+func TransformNames(name []string, nameToName map[string]string) []string {
+	var ret []string
+	for _, n := range name {
+		if v, has := nameToName[n]; has {
+			ret = append(ret, v)
+		}
+	}
+	return ret
+}
+
+func LoadOpsYaml(configDir string, opsYamlFile string) error {
 	fp := opsYamlFile
 	if fp == "" {
-		fp = path.Join(runner.Cwd, "etc", "ops.yaml")
+		fp = path.Join(configDir, "ops.yaml")
 	}
 	if !file.IsExist(fp) {
 		return nil
 	}
+
+	hash, _ := file.MD5(fp)
+	if hash == "2f91a9ed265cf2024e266dc1d538ee77" {
+		// ops.yaml 是老的默认文件，删除
+		file.Remove(fp)
+		return nil
+	}
+
 	return file.ReadYaml(fp, &Operations)
 }

-func GetAllOps(ops []Ops) []string {
-	var ret []string
+func GetAllOps(ops []Ops) []SingleOp {
+	var ret []SingleOp
 	for _, op := range ops {
 		ret = append(ret, op.Ops...)
 	}
 	return ret
 }
+
+func MergeOperationConf() error {
+	var opsBuiltIn Operation
+	err := yaml.Unmarshal([]byte(builtInOps), &opsBuiltIn)
+	if err != nil {
+		return fmt.Errorf("cannot parse builtInOps: %s", err.Error())
+	}
+	configOpsMap := make(map[string]struct{})
+	for _, op := range Operations.Ops {
+		configOpsMap[op.Name] = struct{}{}
+	}
+	//If the opBu.Name is not a constant in the target (Operations.Ops), add Ops from the built-in options
+	for _, opBu := range opsBuiltIn.Ops {
+		if _, has := configOpsMap[opBu.Name]; !has {
+			Operations.Ops = append(Operations.Ops, opBu)
+		}
+	}
+	return nil
+}
+
+const (
+	builtInOps = `
+ops:
+- name: Infrastructure
+  cname: Infrastructure
+  ops:
+    - name: /targets
+      cname: Host - View
+    - name: /targets/put
+      cname: Host - Modify
+    - name: /targets/del
+      cname: Host - Delete
+    - name: /targets/bind
+      cname: Host - Bind Uncategorized
+
+- name: Explorer
+  cname: Explorer
+  ops:
+    - name: /metric/explorer
+      cname: Metrics Explorer
+    - name: /object/explorer
+      cname: Quick View
+    - name: /metrics-built-in
+      cname: Built-in Metric - View
+    - name: /builtin-metrics/add
+      cname: Built-in Metric - Add
+    - name: /builtin-metrics/put
+      cname: Built-in Metric - Modify
+    - name: /builtin-metrics/del
+      cname: Built-in Metric - Delete
+    - name: /recording-rules
+      cname: Recording Rule - View
+    - name: /recording-rules/add
+      cname: Recording Rule - Add
+    - name: /recording-rules/put
+      cname: Recording Rule - Modify
+    - name: /recording-rules/del
+      cname: Recording Rule - Delete
+    - name: /log/explorer
+      cname: Logs Explorer
+    - name: /log/index-patterns # 前端有个管理索引模式的页面，所以需要一个权限点来控制，后面应该改成侧拉板
+      cname: Index Pattern - View
+    - name: /log/index-patterns/add
+      cname: Index Pattern - Add
+    - name: /log/index-patterns/put
+      cname: Index Pattern - Modify
+    - name: /log/index-patterns/del
+      cname: Index Pattern - Delete
+    - name: /dashboards
+      cname: Dashboard - View
+    - name: /dashboards/add
+      cname: Dashboard - Add
+    - name: /dashboards/put
+      cname: Dashboard - Modify
+    - name: /dashboards/del
+      cname: Dashboard - Delete
+    - name: /public-dashboards
+      cname: Dashboard - View Public
+
+- name: alerting
+  cname: Alerting
+  ops:
+    - name: /alert-rules
+      cname: Alerting Rule - View
+    - name: /alert-rules/add
+      cname: Alerting Rule - Add
+    - name: /alert-rules/put
+      cname: Alerting Rule - Modify
+    - name: /alert-rules/del
+      cname: Alerting Rule - Delete
+    - name: /alert-mutes
+      cname: Mutting Rule - View
+    - name: /alert-mutes/add
+      cname: Mutting Rule - Add
+    - name: /alert-mutes/put
+      cname: Mutting Rule - Modify
+    - name: /alert-mutes/del
+      cname: Mutting Rule - Delete
+    - name: /alert-subscribes
+      cname: Subscribing Rule - View
+    - name: /alert-subscribes/add
+      cname: Subscribing Rule - Add
+    - name: /alert-subscribes/put
+      cname: Subscribing Rule - Modify
+    - name: /alert-subscribes/del
+      cname: Subscribing Rule - Delete
+    - name: /job-tpls
+      cname: Self-healing-Script - View
+    - name: /job-tpls/add
+      cname: Self-healing-Script - Add
+    - name: /job-tpls/put
+      cname: Self-healing-Script - Modify
+    - name: /job-tpls/del
+      cname: Self-healing-Script - Delete
+    - name: /job-tasks
+      cname: Self-healing-Job - View
+    - name: /job-tasks/add
+      cname: Self-healing-Job - Add
+    - name: /job-tasks/put
+      cname: Self-healing-Job - Modify
+    - name: /alert-cur-events
+      cname: Active Event - View
+    - name: /alert-cur-events/del
+      cname: Active Event - Delete
+    - name: /alert-his-events
+      cname: Historical Event - View
+
+- name: Notification
+  cname: Notification
+  ops:
+    - name: /notification-rules
+      cname: Notification Rule - View
+    - name: /notification-rules/add
+      cname: Notification Rule - Add
+    - name: /notification-rules/put
+      cname: Notification Rule - Modify
+    - name: /notification-rules/del
+      cname: Notification Rule - Delete
+    - name: /notification-channels
+      cname: Media Type - View
+    - name: /notification-channels/add
+      cname: Media Type - Add
+    - name: /notification-channels/put
+      cname: Media Type - Modify
+    - name: /notification-channels/del
+      cname: Media Type - Delete
+    - name: /notification-templates
+      cname: Message Template - View
+    - name: /notification-templates/add
+      cname: Message Template - Add
+    - name: /notification-templates/put
+      cname: Message Template - Modify
+    - name: /notification-templates/del
+      cname: Message Template - Delete
+    - name: /event-pipelines
+      cname: Event Pipeline - View
+    - name: /event-pipelines/add
+      cname: Event Pipeline - Add
+    - name: /event-pipelines/put
+      cname: Event Pipeline - Modify
+    - name: /event-pipelines/del
+      cname: Event Pipeline - Delete
+    - name: /help/notification-settings # 用于控制老版本的通知设置菜单是否展示
+      cname: Notification Settings - View
+    - name: /help/notification-tpls # 用于控制老版本的通知模板菜单是否展示
+      cname: Notification Templates - View
+
+- name: Integrations
+  cname: Integrations
+  ops:
+    - name: /datasources # 用于控制能否看到数据源列表页面的菜单。只有 Admin 才能修改、删除数据源
+      cname: Data Source - View
+    - name: /components
+      cname: Component - View
+    - name: /components/add
+      cname: Component - Add
+    - name: /components/put
+      cname: Component - Modify
+    - name: /components/del
+      cname: Component - Delete
+    - name: /embedded-products
+      cname: Embedded Product - View
+    - name: /embedded-product/add
+      cname: Embedded Product - Add
+    - name: /embedded-product/put
+      cname: Embedded Product - Modify
+    - name: /embedded-product/delete
+      cname: Embedded Product - Delete
+
+- name: Organization
+  cname: Organization
+  ops:
+    - name: /users
+      cname: User - View
+    - name: /users/add
+      cname: User - Add
+    - name: /users/put
+      cname: User - Modify
+    - name: /users/del
+      cname: User - Delete
+    - name: /user-groups
+      cname: Team - View
+    - name: /user-groups/add
+      cname: Team - Add
+    - name: /user-groups/put
+      cname: Team - Modify
+    - name: /user-groups/del
+      cname: Team - Delete
+    - name: /busi-groups
+      cname: Business Group - View
+    - name: /busi-groups/add
+      cname: Business Group - Add
+    - name: /busi-groups/put
+      cname: Business Group - Modify
+    - name: /busi-groups/del
+      cname: Business Group - Delete
+    - name: /roles
+      cname: Role - View
+    - name: /roles/add
+      cname: Role - Add
+    - name: /roles/put
+      cname: Role - Modify
+    - name: /roles/del
+      cname: Role - Delete
+
+- name: System Settings
+  cname: System Settings
+  ops:
+    - name: /system/site-settings # 仅用于控制能否展示菜单，只有 Admin 才能修改、删除
+      cname: View Site Settings
+    - name: /system/variable-settings
+      cname: View Variable Settings
+    - name: /system/sso-settings
+      cname: View SSO Settings
+    - name: /system/alerting-engines
+      cname: View Alerting Engines
+    - name: /system/version
+      cname: View Product Version
+
+`
+)
--- a/center/cconf/plugin.go
+++ b/center/cconf/plugin.go
@@ -15,8 +15,44 @@ var Plugins = []Plugin{
 	},
 	{
 		Id:       3,
+		Category: "loki",
+		Type:     "loki",
+		TypeName: "Loki",
+	},
+	{
+		Id:       4,
+		Category: "timeseries",
+		Type:     "tdengine",
+		TypeName: "TDengine",
+	},
+	{
+		Id:       5,
 		Category: "logging",
-		Type:     "jaeger",
-		TypeName: "Jaeger",
+		Type:     "ck",
+		TypeName: "ClickHouse",
+	},
+	{
+		Id:       6,
+		Category: "timeseries",
+		Type:     "mysql",
+		TypeName: "MySQL",
+	},
+	{
+		Id:       7,
+		Category: "timeseries",
+		Type:     "pgsql",
+		TypeName: "PostgreSQL",
+	},
+	{
+		Id:       8,
+		Category: "logging",
+		Type:     "doris",
+		TypeName: "Doris",
+	},
+	{
+		Id:       9,
+		Category: "logging",
+		Type:     "opensearch",
+		TypeName: "OpenSearch",
 	},
 }
--- a/center/cconf/rsa/rsa_conf.go
+++ b/center/cconf/rsa/rsa_conf.go
@@ -0,0 +1,105 @@
+package rsa
+
+import (
+	"os"
+
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/ccfos/nightingale/v6/pkg/httpx"
+	"github.com/ccfos/nightingale/v6/pkg/secu"
+
+	"github.com/pkg/errors"
+	"github.com/toolkits/pkg/file"
+	"github.com/toolkits/pkg/logger"
+)
+
+func InitRSAConfig(ctx *ctx.Context, rsaConfig *httpx.RSAConfig) error {
+
+	// 1.Load RSA keys from Database
+	rsaPassWord, err := models.ConfigsGet(ctx, models.RSA_PASSWORD)
+	if err != nil {
+		return errors.WithMessagef(err, "cannot query config(%s)", models.RSA_PASSWORD)
+	}
+	privateKeyVal, err := models.ConfigsGet(ctx, models.RSA_PRIVATE_KEY)
+	if err != nil {
+		return errors.WithMessagef(err, "cannot query config(%s)", models.RSA_PRIVATE_KEY)
+	}
+	publicKeyVal, err := models.ConfigsGet(ctx, models.RSA_PUBLIC_KEY)
+	if err != nil {
+		return errors.WithMessagef(err, "cannot query config(%s)", models.RSA_PUBLIC_KEY)
+	}
+	if rsaPassWord != "" && privateKeyVal != "" && publicKeyVal != "" {
+		rsaConfig.RSAPassWord = rsaPassWord
+		rsaConfig.RSAPrivateKey = []byte(privateKeyVal)
+		rsaConfig.RSAPublicKey = []byte(publicKeyVal)
+		return nil
+	}
+
+	// 2.Read RSA configuration from file if exists
+	if file.IsExist(rsaConfig.RSAPrivateKeyPath) && file.IsExist(rsaConfig.RSAPublicKeyPath) {
+		//password already read from config
+		rsaConfig.RSAPrivateKey, rsaConfig.RSAPublicKey, err = readConfigFile(rsaConfig)
+		if err != nil {
+			return errors.WithMessage(err, "failed to read rsa config from file")
+		}
+		return nil
+	}
+	// 3.Generate RSA keys if not exist
+	rsaConfig.RSAPassWord, rsaConfig.RSAPrivateKey, rsaConfig.RSAPublicKey, err = initRSAKeyPairs(ctx, rsaConfig.RSAPassWord)
+	if err != nil {
+		return errors.WithMessage(err, "failed to generate rsa key pair")
+	}
+	return nil
+}
+
+func initRSAKeyPairs(ctx *ctx.Context, rsaPassWord string) (password string, privateByte, publicByte []byte, err error) {
+
+	// Generate RSA keys
+
+	// Generate RSA password
+	if rsaPassWord != "" {
+		logger.Debug("Using existing RSA password")
+		password = rsaPassWord
+		err = models.ConfigsSet(ctx, models.RSA_PASSWORD, password)
+		if err != nil {
+			err = errors.WithMessagef(err, "failed to set config(%s)", models.RSA_PASSWORD)
+			return
+		}
+	} else {
+		password, err = models.InitRSAPassWord(ctx)
+		if err != nil {
+			err = errors.WithMessage(err, "failed to generate rsa password")
+			return
+		}
+	}
+	privateByte, publicByte, err = secu.GenerateRsaKeyPair(password)
+	if err != nil {
+		err = errors.WithMessage(err, "failed to generate rsa key pair")
+		return
+	}
+	// Save generated RSA keys
+	err = models.ConfigsSet(ctx, models.RSA_PRIVATE_KEY, string(privateByte))
+	if err != nil {
+		err = errors.WithMessagef(err, "failed to set config(%s)", models.RSA_PRIVATE_KEY)
+		return
+	}
+	err = models.ConfigsSet(ctx, models.RSA_PUBLIC_KEY, string(publicByte))
+	if err != nil {
+		err = errors.WithMessagef(err, "failed to set config(%s)", models.RSA_PUBLIC_KEY)
+		return
+	}
+	return
+}
+
+func readConfigFile(rsaConfig *httpx.RSAConfig) (privateBuf, publicBuf []byte, err error) {
+	publicBuf, err = os.ReadFile(rsaConfig.RSAPublicKeyPath)
+	if err != nil {
+		err = errors.WithMessagef(err, "could not read RSAPublicKeyPath %q", rsaConfig.RSAPublicKeyPath)
+		return
+	}
+	privateBuf, err = os.ReadFile(rsaConfig.RSAPrivateKeyPath)
+	if err != nil {
+		err = errors.WithMessagef(err, "could not read RSAPrivateKeyPath %q", rsaConfig.RSAPrivateKeyPath)
+	}
+	return
+}
--- a/center/cconf/sql_tpl.go
+++ b/center/cconf/sql_tpl.go
@@ -0,0 +1,15 @@
+package cconf
+
+var TDengineSQLTpl = map[string]string{
+	"load5":                "SELECT _wstart as ts, last(load5) FROM $database.system WHERE host = '$server' and _ts >= $from and _ts <= $to interval($interval) fill(null)",
+	"process_total":        "SELECT _wstart as ts, last(total) FROM $database.processes WHERE host = '$server' and _ts >= $from and _ts <= $to interval($interval) fill(null)",
+	"thread_total":         "SELECT _wstart as ts, last(total) FROM $database.threads WHERE host = '$server' and _ts >= $from and _ts <= $to interval($interval) fill(null)",
+	"cpu_idle":             "SELECT _wstart as ts, last(usage_idle) * -1 + 100 FROM $database.cpu WHERE (host = '$server' and cpu = 'cpu-total') and _ts >= $from and _ts <= $to interval($interval) fill(null)",
+	"mem_used_percent":     "SELECT _wstart as ts, last(used_percent) FROM $database.mem WHERE (host = '$server') and _ts >= $from and _ts <= $to interval($interval) fill(null)",
+	"disk_used_percent":    "SELECT _wstart as ts, last(used_percent) FROM $database.disk WHERE (host = '$server' and path = '/') and _ts >= $from and _ts <= $to interval($interval) fill(null)",
+	"cpu_context_switches": "select ts, derivative(context_switches, 1s, 0) as context FROM (SELECT _wstart as ts, avg(context_switches) as context_switches FROM $database.kernel WHERE host = '$server' and _ts >= $from and _ts <= $to interval($interval) )",
+	"tcp":                  "SELECT _wstart as ts, avg(tcp_close) as CLOSED, avg(tcp_close_wait) as CLOSE_WAIT, avg(tcp_closing) as CLOSING, avg(tcp_established) as ESTABLISHED, avg(tcp_fin_wait1) as FIN_WAIT1, avg(tcp_fin_wait2) as FIN_WAIT2, avg(tcp_last_ack) as LAST_ACK, avg(tcp_syn_recv) as SYN_RECV, avg(tcp_syn_sent) as SYN_SENT, avg(tcp_time_wait) as TIME_WAIT FROM $database.netstat WHERE host = '$server' and _ts >= $from and _ts <= $to interval($interval)",
+	"net_bytes_recv":       "SELECT _wstart as ts, derivative(bytes_recv,1s, 1) as bytes_in FROM $database.net WHERE host = '$server' and interface = '$netif' and _ts >= $from and _ts <= $to group by tbname",
+	"net_bytes_sent":       "SELECT _wstart as ts, derivative(bytes_sent,1s, 1) as bytes_out FROM $database.net WHERE host = '$server' and interface = '$netif' and _ts >= $from and _ts <= $to group by tbname",
+	"disk_total":           "SELECT _wstart as ts, avg(total) AS total, avg(used) as used FROM $database.disk WHERE   path = '$mountpoint' and _ts >= $from and _ts <= $to  interval($interval) group by host",
+}
--- a/center/center.go
+++ b/center/center.go
@@ -4,27 +4,38 @@ import (
 	"context"
 	"fmt"

+	"github.com/ccfos/nightingale/v6/dscache"
+
 	"github.com/ccfos/nightingale/v6/alert"
 	"github.com/ccfos/nightingale/v6/alert/astats"
+	"github.com/ccfos/nightingale/v6/alert/dispatch"
 	"github.com/ccfos/nightingale/v6/alert/process"
+	alertrt "github.com/ccfos/nightingale/v6/alert/router"
 	"github.com/ccfos/nightingale/v6/center/cconf"
+	"github.com/ccfos/nightingale/v6/center/cconf/rsa"
+	"github.com/ccfos/nightingale/v6/center/integration"
 	"github.com/ccfos/nightingale/v6/center/metas"
+	centerrt "github.com/ccfos/nightingale/v6/center/router"
 	"github.com/ccfos/nightingale/v6/center/sso"
 	"github.com/ccfos/nightingale/v6/conf"
+	"github.com/ccfos/nightingale/v6/cron"
+	"github.com/ccfos/nightingale/v6/dumper"
 	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/models/migrate"
 	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/ccfos/nightingale/v6/pkg/flashduty"
 	"github.com/ccfos/nightingale/v6/pkg/httpx"
 	"github.com/ccfos/nightingale/v6/pkg/i18nx"
 	"github.com/ccfos/nightingale/v6/pkg/logx"
+	"github.com/ccfos/nightingale/v6/pkg/macros"
+	"github.com/ccfos/nightingale/v6/pkg/version"
 	"github.com/ccfos/nightingale/v6/prom"
 	"github.com/ccfos/nightingale/v6/pushgw/idents"
+	pushgwrt "github.com/ccfos/nightingale/v6/pushgw/router"
 	"github.com/ccfos/nightingale/v6/pushgw/writer"
 	"github.com/ccfos/nightingale/v6/storage"
-
-	alertrt "github.com/ccfos/nightingale/v6/alert/router"
-	centerrt "github.com/ccfos/nightingale/v6/center/router"
-	pushgwrt "github.com/ccfos/nightingale/v6/pushgw/router"
+	"github.com/flashcatcloud/ibex/src/cmd/ibex"
 )

 func Initialize(configDir string, cryptoKey string) (func(), error) {
@@ -33,62 +44,116 @@ func Initialize(configDir string, cryptoKey string) (func(), error) {
 		return nil, fmt.Errorf("failed to init config: %v", err)
 	}

-	cconf.LoadMetricsYaml(config.Center.MetricsYamlFile)
-	cconf.LoadOpsYaml(config.Center.OpsYamlFile)
+	cconf.LoadMetricsYaml(configDir, config.Center.MetricsYamlFile)
+	cconf.LoadOpsYaml(configDir, config.Center.OpsYamlFile)
+
+	cconf.MergeOperationConf()
+
+	if config.Alert.Heartbeat.EngineName == "" {
+		config.Alert.Heartbeat.EngineName = "default"
+	}

 	logxClean, err := logx.Init(config.Log)
 	if err != nil {
 		return nil, err
 	}

-	i18nx.Init()
+	i18nx.Init(configDir)
+	flashduty.Init(config.Center.FlashDuty)

 	db, err := storage.New(config.DB)
 	if err != nil {
 		return nil, err
 	}
-	ctx := ctx.NewContext(context.Background(), db)
-	models.InitRoot(ctx)
+	ctx := ctx.NewContext(context.Background(), db, true)
+	migrate.Migrate(db)
+	isRootInit := models.InitRoot(ctx)

-	redis, err := storage.NewRedis(config.Redis)
+	config.HTTP.JWTAuth.SigningKey = models.InitJWTSigningKey(ctx)
+
+	err = rsa.InitRSAConfig(ctx, &config.HTTP.RSA)
+	if err != nil {
+		return nil, err
+	}
+
+	go integration.Init(ctx, config.Center.BuiltinIntegrationsDir)
+	var redis storage.Redis
+	redis, err = storage.NewRedis(config.Redis)
 	if err != nil {
 		return nil, err
 	}

 	metas := metas.New(redis)
-	idents := idents.New(db)
+	idents := idents.New(ctx, redis, config.Pushgw)

 	syncStats := memsto.NewSyncStats()
 	alertStats := astats.NewSyncStats()

-	sso := sso.Init(config.Center, ctx)
+	if config.Center.MigrateBusiGroupLabel || models.CanMigrateBg(ctx) {
+		models.MigrateBg(ctx, config.Pushgw.BusiGroupLabelKey)
+	}
+	if models.CanMigrateEP(ctx) {
+		models.MigrateEP(ctx)
+	}

+	configCache := memsto.NewConfigCache(ctx, syncStats, config.HTTP.RSA.RSAPrivateKey, config.HTTP.RSA.RSAPassWord)
 	busiGroupCache := memsto.NewBusiGroupCache(ctx, syncStats)
 	targetCache := memsto.NewTargetCache(ctx, syncStats, redis)
 	dsCache := memsto.NewDatasourceCache(ctx, syncStats)
 	alertMuteCache := memsto.NewAlertMuteCache(ctx, syncStats)
 	alertRuleCache := memsto.NewAlertRuleCache(ctx, syncStats)
-	notifyConfigCache := memsto.NewNotifyConfigCache(ctx)
+	notifyConfigCache := memsto.NewNotifyConfigCache(ctx, configCache)
+	userCache := memsto.NewUserCache(ctx, syncStats)
+	userGroupCache := memsto.NewUserGroupCache(ctx, syncStats)
+	taskTplCache := memsto.NewTaskTplCache(ctx)
+	configCvalCache := memsto.NewCvalCache(ctx, syncStats)
+	notifyRuleCache := memsto.NewNotifyRuleCache(ctx, syncStats)
+	notifyChannelCache := memsto.NewNotifyChannelCache(ctx, syncStats)
+	messageTemplateCache := memsto.NewMessageTemplateCache(ctx, syncStats)
+	userTokenCache := memsto.NewUserTokenCache(ctx, syncStats)

-	promClients := prom.NewPromClient(ctx, config.Alert.Heartbeat)
+	sso := sso.Init(config.Center, ctx, configCache)
+	promClients := prom.NewPromClient(ctx)
+
+	dispatch.InitRegisterQueryFunc(promClients)

 	externalProcessors := process.NewExternalProcessors()
-	alert.Start(config.Alert, config.Pushgw, syncStats, alertStats, externalProcessors, targetCache, busiGroupCache, alertMuteCache, alertRuleCache, notifyConfigCache, dsCache, ctx, promClients, true)
+
+	macros.RegisterMacro(macros.MacroInVain)
+	dscache.Init(ctx, false)
+	alert.Start(config.Alert, config.Pushgw, syncStats, alertStats, externalProcessors, targetCache, busiGroupCache, alertMuteCache, alertRuleCache, notifyConfigCache, taskTplCache, dsCache, ctx, promClients, userCache, userGroupCache, notifyRuleCache, notifyChannelCache, messageTemplateCache)

 	writers := writer.NewWriters(config.Pushgw)

-	alertrtRouter := alertrt.New(config.HTTP, config.Alert, alertMuteCache, targetCache, busiGroupCache, alertStats, ctx, externalProcessors)
-	centerRouter := centerrt.New(config.HTTP, config.Center, cconf.Operations, dsCache, notifyConfigCache, promClients, redis, sso, ctx, metas, targetCache)
-	pushgwRouter := pushgwrt.New(config.HTTP, config.Pushgw, targetCache, busiGroupCache, idents, writers, ctx)
+	go version.GetGithubVersion()

-	r := httpx.GinEngine(config.Global.RunMode, config.HTTP)
+	go cron.CleanNotifyRecord(ctx, config.Center.CleanNotifyRecordDay)
+
+	alertrtRouter := alertrt.New(config.HTTP, config.Alert, alertMuteCache, targetCache, busiGroupCache, alertStats, ctx, externalProcessors)
+	centerRouter := centerrt.New(config.HTTP, config.Center, config.Alert, config.Ibex,
+		cconf.Operations, dsCache, notifyConfigCache, promClients,
+		redis, sso, ctx, metas, idents, targetCache, userCache, userGroupCache, userTokenCache)
+	pushgwRouter := pushgwrt.New(config.HTTP, config.Pushgw, config.Alert, targetCache, busiGroupCache, idents, metas, writers, ctx)
+
+	r := httpx.GinEngine(config.Global.RunMode, config.HTTP, configCvalCache.PrintBodyPaths, configCvalCache.PrintAccessLog)

 	centerRouter.Config(r)
 	alertrtRouter.Config(r)
 	pushgwRouter.Config(r)
+	dumper.ConfigRouter(r)
+
+	if config.Ibex.Enable {
+		migrate.MigrateIbexTables(db)
+		ibex.ServerStart(true, db, redis, config.HTTP.APIForService.BasicAuth, config.Alert.Heartbeat, &config.CenterApi, r, centerRouter, config.Ibex, config.HTTP.Port)
+	}

 	httpClean := httpx.Init(config.HTTP, r)

+	fmt.Printf("please view n9e at  http://%v:%v\n", config.Alert.Heartbeat.IP, config.HTTP.Port)
+	if isRootInit {
+		fmt.Println("username/password: root/root.2020")
+	}
+
 	return func() {
 		logxClean()
 		httpClean()
--- a/center/cstats/stats.go
+++ b/center/cstats/stats.go
@@ -6,40 +6,49 @@ import (
 	"github.com/prometheus/client_golang/prometheus"
 )

-const Service = "n9e-center"
+const (
+	namespace = "n9e"
+	subsystem = "center"
+)

 var (
-	labels = []string{"service", "code", "path", "method"}
-
-	uptime = prometheus.NewCounterVec(
+	uptime = prometheus.NewCounter(
 		prometheus.CounterOpts{
-			Name: "uptime",
-			Help: "HTTP service uptime.",
-		}, []string{"service"},
-	)
-
-	RequestCounter = prometheus.NewCounterVec(
-		prometheus.CounterOpts{
-			Name: "http_request_count_total",
-			Help: "Total number of HTTP requests made.",
-		}, labels,
+			Namespace: namespace,
+			Subsystem: subsystem,
+			Name:      "uptime",
+			Help:      "HTTP service uptime.",
+		},
 	)

 	RequestDuration = prometheus.NewHistogramVec(
 		prometheus.HistogramOpts{
-			Buckets: []float64{.01, .1, 1, 10},
-			Name:    "http_request_duration_seconds",
-			Help:    "HTTP request latencies in seconds.",
-		}, labels,
+			Namespace: namespace,
+			Subsystem: subsystem,
+			Buckets:   prometheus.DefBuckets,
+			Name:      "http_request_duration_seconds",
+			Help:      "HTTP request latencies in seconds.",
+		}, []string{"code", "path", "method"},
+	)
+
+	RedisOperationLatency = prometheus.NewHistogramVec(
+		prometheus.HistogramOpts{
+			Namespace: namespace,
+			Subsystem: subsystem,
+			Name:      "redis_operation_latency_seconds",
+			Help:      "Histogram of latencies for Redis operations",
+			Buckets:   []float64{.005, .01, .025, .05, .1, .25, .5, 1, 2.5, 5},
+		},
+		[]string{"operation", "status"},
 	)
 )

-func Init() {
+func init() {
 	// Register the summary and the histogram with Prometheus's default registry.
 	prometheus.MustRegister(
 		uptime,
-		RequestCounter,
 		RequestDuration,
+		RedisOperationLatency,
 	)

 	go recordUptime()
@@ -48,6 +57,6 @@ func Init() {
 // recordUptime increases service uptime per second.
 func recordUptime() {
 	for range time.Tick(time.Second) {
-		uptime.WithLabelValues(Service).Inc()
+		uptime.Inc()
 	}
 }
--- a/center/integration/init.go
+++ b/center/integration/init.go
@@ -0,0 +1,626 @@
+package integration
+
+import (
+	"encoding/json"
+	"path"
+	"sort"
+	"strings"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+
+	"github.com/pkg/errors"
+	"github.com/toolkits/pkg/container/set"
+	"github.com/toolkits/pkg/file"
+	"github.com/toolkits/pkg/logger"
+	"github.com/toolkits/pkg/runner"
+)
+
+const SYSTEM = "system"
+
+var BuiltinPayloadInFile *BuiltinPayloadInFileType
+
+type BuiltinPayloadInFileType struct {
+	Data      map[uint64]map[string]map[string][]*models.BuiltinPayload // map[componet_id]map[type]map[cate][]*models.BuiltinPayload
+	IndexData map[int64]*models.BuiltinPayload                          // map[uuid]payload
+
+	BuiltinMetrics map[string]*models.BuiltinMetric
+}
+
+func Init(ctx *ctx.Context, builtinIntegrationsDir string) {
+	BuiltinPayloadInFile = NewBuiltinPayloadInFileType()
+
+	err := models.InitBuiltinPayloads(ctx)
+	if err != nil {
+		logger.Warning("init old builtinPayloads fail ", err)
+		return
+	}
+
+	if res, err := models.ConfigsSelectByCkey(ctx, "disable_integration_init"); err != nil {
+		logger.Error("fail to get value 'disable_integration_init' from configs", err)
+		return
+	} else if len(res) != 0 {
+		logger.Info("disable_integration_init is set, skip integration init")
+		return
+	}
+
+	fp := builtinIntegrationsDir
+	if fp == "" {
+		fp = path.Join(runner.Cwd, "integrations")
+	}
+
+	// var fileList []string
+	dirList, err := file.DirsUnder(fp)
+	if err != nil {
+		logger.Warning("read builtin component dir fail ", err)
+		return
+	}
+
+	for _, dir := range dirList {
+		// components icon
+		componentDir := fp + "/" + dir
+		component := models.BuiltinComponent{
+			Ident: dir,
+		}
+
+		// get logo name
+		// /api/n9e/integrations/icon/AliYun/aliyun.png
+		files, err := file.FilesUnder(componentDir + "/icon")
+		if err == nil && len(files) > 0 {
+			component.Logo = "/api/n9e/integrations/icon/" + component.Ident + "/" + files[0]
+		} else if err != nil {
+			logger.Warningf("read builtin component icon dir fail %s %v", component.Ident, err)
+		}
+
+		// get description
+		files, err = file.FilesUnder(componentDir + "/markdown")
+		if err == nil && len(files) > 0 {
+			var readmeFile string
+			for _, file := range files {
+				if strings.HasSuffix(strings.ToLower(file), "md") {
+					readmeFile = componentDir + "/markdown/" + file
+					break
+				}
+			}
+			if readmeFile != "" {
+				component.Readme, _ = file.ReadString(readmeFile)
+			}
+		} else if err != nil {
+			logger.Warningf("read builtin component markdown dir fail %s %v", component.Ident, err)
+		}
+
+		exists, _ := models.BuiltinComponentExists(ctx, &component)
+		if !exists {
+			err = component.Add(ctx, SYSTEM)
+			if err != nil {
+				logger.Warning("add builtin component fail ", component, err)
+				continue
+			}
+		} else {
+			old, err := models.BuiltinComponentGet(ctx, "ident = ?", component.Ident)
+			if err != nil {
+				logger.Warning("get builtin component fail ", component, err)
+				continue
+			}
+
+			if old == nil {
+				logger.Warning("get builtin component nil ", component)
+				continue
+			}
+
+			if old.UpdatedBy == SYSTEM {
+				now := time.Now().Unix()
+				old.CreatedAt = now
+				old.UpdatedAt = now
+				old.Readme = component.Readme
+				old.UpdatedBy = SYSTEM
+
+				err = models.DB(ctx).Model(old).Select("*").Updates(old).Error
+				if err != nil {
+					logger.Warning("update builtin component fail ", old, err)
+				}
+			}
+			component.ID = old.ID
+		}
+
+		// delete uuid is emtpy
+		err = models.DB(ctx).Exec("delete from builtin_payloads where uuid = 0 and type != 'collect' and (updated_by = 'system' or updated_by = '')").Error
+		if err != nil {
+			logger.Warning("delete builtin payloads fail ", err)
+		}
+
+		// delete builtin metrics uuid is emtpy
+		err = models.DB(ctx).Exec("delete from builtin_metrics where uuid = 0 and (updated_by = 'system' or updated_by = '')").Error
+		if err != nil {
+			logger.Warning("delete builtin metrics fail ", err)
+		}
+
+		// 删除 uuid%1000 不为 0 uuid > 1000000000000000000 且 type 为 dashboard 的记录
+		err = models.DB(ctx).Exec("delete from builtin_payloads where uuid%1000 != 0 and uuid > 1000000000000000000 and type = 'dashboard' and updated_by = 'system'").Error
+		if err != nil {
+			logger.Warning("delete builtin payloads fail ", err)
+		}
+
+		// alerts
+		files, err = file.FilesUnder(componentDir + "/alerts")
+		if err == nil && len(files) > 0 {
+			for _, f := range files {
+				fp := componentDir + "/alerts/" + f
+				bs, err := file.ReadBytes(fp)
+				if err != nil {
+					logger.Warning("read builtin component alerts file fail ", f, err)
+					continue
+				}
+
+				alerts := []models.AlertRule{}
+				err = json.Unmarshal(bs, &alerts)
+				if err != nil {
+					logger.Warning("parse builtin component alerts file fail ", f, err)
+					continue
+				}
+
+				newAlerts := []models.AlertRule{}
+				for _, alert := range alerts {
+					if alert.UUID == 0 {
+						time.Sleep(time.Microsecond)
+						alert.UUID = time.Now().UnixMicro()
+					}
+
+					newAlerts = append(newAlerts, alert)
+					content, err := json.Marshal(alert)
+					if err != nil {
+						logger.Warning("marshal builtin alert fail ", alert, err)
+						continue
+					}
+
+					cate := strings.Replace(f, ".json", "", -1)
+					builtinAlert := models.BuiltinPayload{
+						ComponentID: component.ID,
+						Type:        "alert",
+						Cate:        cate,
+						Name:        alert.Name,
+						Tags:        alert.AppendTags,
+						Content:     string(content),
+						UUID:        alert.UUID,
+						ID:          alert.UUID,
+						CreatedBy:   SYSTEM,
+						UpdatedBy:   SYSTEM,
+					}
+					BuiltinPayloadInFile.AddBuiltinPayload(&builtinAlert)
+
+				}
+			}
+		}
+
+		// dashboards
+		files, err = file.FilesUnder(componentDir + "/dashboards")
+		if err == nil && len(files) > 0 {
+			for _, f := range files {
+				fp := componentDir + "/dashboards/" + f
+				bs, err := file.ReadBytes(fp)
+				if err != nil {
+					logger.Warning("read builtin component dashboards file fail ", f, err)
+					continue
+				}
+
+				dashboard := BuiltinBoard{}
+				err = json.Unmarshal(bs, &dashboard)
+				if err != nil {
+					logger.Warning("parse builtin component dashboards file fail ", f, err)
+					continue
+				}
+
+				if dashboard.UUID == 0 {
+					time.Sleep(time.Microsecond)
+					dashboard.UUID = time.Now().UnixMicro()
+					// 补全文件中的 uuid
+					bs, err = json.MarshalIndent(dashboard, "", "    ")
+					if err != nil {
+						logger.Warning("marshal builtin dashboard fail ", dashboard, err)
+						continue
+					}
+
+					_, err = file.WriteBytes(fp, bs)
+					if err != nil {
+						logger.Warning("write builtin dashboard file fail ", f, err)
+					}
+				}
+
+				content, err := json.Marshal(dashboard)
+				if err != nil {
+					logger.Warning("marshal builtin dashboard fail ", dashboard, err)
+					continue
+				}
+
+				builtinDashboard := models.BuiltinPayload{
+					ComponentID: component.ID,
+					Type:        "dashboard",
+					Cate:        "",
+					Name:        dashboard.Name,
+					Tags:        dashboard.Tags,
+					Content:     string(content),
+					UUID:        dashboard.UUID,
+					ID:          dashboard.UUID,
+					CreatedBy:   SYSTEM,
+					UpdatedBy:   SYSTEM,
+				}
+				BuiltinPayloadInFile.AddBuiltinPayload(&builtinDashboard)
+			}
+		} else if err != nil {
+			logger.Warningf("read builtin component dash dir fail %s %v", component.Ident, err)
+		}
+
+		// metrics
+		files, err = file.FilesUnder(componentDir + "/metrics")
+		if err == nil && len(files) > 0 {
+			for _, f := range files {
+				fp := componentDir + "/metrics/" + f
+				bs, err := file.ReadBytes(fp)
+				if err != nil {
+					logger.Warning("read builtin component metrics file fail", f, err)
+					continue
+				}
+
+				metrics := []models.BuiltinMetric{}
+				err = json.Unmarshal(bs, &metrics)
+				if err != nil {
+					logger.Warning("parse builtin component metrics file fail", f, err)
+					continue
+				}
+
+				for _, metric := range metrics {
+					if metric.UUID == 0 {
+						time.Sleep(time.Microsecond)
+						metric.UUID = time.Now().UnixMicro()
+					}
+					metric.ID = metric.UUID
+					metric.CreatedBy = SYSTEM
+					metric.UpdatedBy = SYSTEM
+
+					BuiltinPayloadInFile.BuiltinMetrics[metric.Expression] = &metric
+				}
+			}
+		} else if err != nil {
+			logger.Warningf("read builtin component metrics dir fail %s %v", component.Ident, err)
+		}
+	}
+}
+
+type BuiltinBoard struct {
+	Id         int64       `json:"id" gorm:"primaryKey"`
+	GroupId    int64       `json:"group_id"`
+	Name       string      `json:"name"`
+	Ident      string      `json:"ident"`
+	Tags       string      `json:"tags"`
+	CreateAt   int64       `json:"create_at"`
+	CreateBy   string      `json:"create_by"`
+	UpdateAt   int64       `json:"update_at"`
+	UpdateBy   string      `json:"update_by"`
+	Configs    interface{} `json:"configs" gorm:"-"`
+	Public     int         `json:"public"`      // 0: false, 1: true
+	PublicCate int         `json:"public_cate"` // 0: anonymous, 1: login, 2: busi
+	Bgids      []int64     `json:"bgids" gorm:"-"`
+	BuiltIn    int         `json:"built_in"` // 0: false, 1: true
+	Hide       int         `json:"hide"`     // 0: false, 1: true
+	UUID       int64       `json:"uuid"`
+}
+
+func NewBuiltinPayloadInFileType() *BuiltinPayloadInFileType {
+	return &BuiltinPayloadInFileType{
+		Data:           make(map[uint64]map[string]map[string][]*models.BuiltinPayload),
+		IndexData:      make(map[int64]*models.BuiltinPayload),
+		BuiltinMetrics: make(map[string]*models.BuiltinMetric),
+	}
+}
+
+func (b *BuiltinPayloadInFileType) AddBuiltinPayload(bp *models.BuiltinPayload) {
+	if _, exists := b.Data[bp.ComponentID]; !exists {
+		b.Data[bp.ComponentID] = make(map[string]map[string][]*models.BuiltinPayload)
+	}
+	bpInType := b.Data[bp.ComponentID]
+	if _, exists := bpInType[bp.Type]; !exists {
+		bpInType[bp.Type] = make(map[string][]*models.BuiltinPayload)
+	}
+	bpInCate := bpInType[bp.Type]
+	if _, exists := bpInCate[bp.Cate]; !exists {
+		bpInCate[bp.Cate] = make([]*models.BuiltinPayload, 0)
+	}
+	bpInCate[bp.Cate] = append(bpInCate[bp.Cate], bp)
+
+	b.IndexData[bp.UUID] = bp
+}
+
+func (b *BuiltinPayloadInFileType) GetBuiltinPayload(typ, cate, query string, componentId uint64) ([]*models.BuiltinPayload, error) {
+
+	var result []*models.BuiltinPayload
+	source := b.Data[componentId]
+
+	if source == nil {
+		return nil, nil
+	}
+
+	typeMap, exists := source[typ]
+	if !exists {
+		return nil, nil
+	}
+
+	if cate != "" {
+		payloads, exists := typeMap[cate]
+		if !exists {
+			return nil, nil
+		}
+		result = append(result, filterByQuery(payloads, query)...)
+	} else {
+		for _, payloads := range typeMap {
+			result = append(result, filterByQuery(payloads, query)...)
+		}
+	}
+
+	if len(result) > 0 {
+		sort.Slice(result, func(i, j int) bool {
+			return result[i].Name < result[j].Name
+		})
+	}
+
+	return result, nil
+}
+
+func (b *BuiltinPayloadInFileType) GetBuiltinPayloadCates(typ string, componentId uint64) ([]string, error) {
+	var result []string
+	source := b.Data[componentId]
+	if source == nil {
+		return result, nil
+	}
+
+	typeData := source[typ]
+	if typeData == nil {
+		return result, nil
+	}
+	for cate := range typeData {
+		result = append(result, cate)
+	}
+
+	sort.Strings(result)
+	return result, nil
+}
+
+func filterByQuery(payloads []*models.BuiltinPayload, query string) []*models.BuiltinPayload {
+	if query == "" {
+		return payloads
+	}
+
+	queryLower := strings.ToLower(query)
+	var filtered []*models.BuiltinPayload
+	for _, p := range payloads {
+		if strings.Contains(strings.ToLower(p.Name), queryLower) || strings.Contains(strings.ToLower(p.Tags), queryLower) {
+			filtered = append(filtered, p)
+		}
+	}
+	return filtered
+}
+
+func (b *BuiltinPayloadInFileType) BuiltinMetricGets(metricsInDB []*models.BuiltinMetric, lang, collector, typ, query, unit string, limit, offset int) ([]*models.BuiltinMetric, int, error) {
+	var filteredMetrics []*models.BuiltinMetric
+	expressionSet := set.NewStringSet()
+	builtinMetricsByDB := convertBuiltinMetricByDB(metricsInDB)
+	builtinMetricsMap := make(map[string]*models.BuiltinMetric)
+
+	for expression, metric := range builtinMetricsByDB {
+		builtinMetricsMap[expression] = metric
+	}
+
+	for expression, metric := range b.BuiltinMetrics {
+		builtinMetricsMap[expression] = metric
+	}
+
+	for _, metric := range builtinMetricsMap {
+		if !applyFilter(metric, collector, typ, query, unit) {
+			continue
+		}
+
+		// Skip if expression is already in db cache
+		// NOTE: 忽略重复的expression，特别的，在旧版本中，用户可能已经创建了重复的metrics，需要覆盖掉ByFile中相同的Metrics
+		// NOTE: Ignore duplicate expressions, especially in the old version, users may have created duplicate metrics,
+		if expressionSet.Exists(metric.Expression) {
+			continue
+		}
+
+		// Add db expression in set.
+		expressionSet.Add(metric.Expression)
+
+		// Apply language
+		trans, err := getTranslationWithLanguage(metric, lang)
+		if err != nil {
+			logger.Errorf("Error getting translation for metric %s: %v", metric.Name, err)
+			continue // Skip if translation not found
+		}
+		metric.Name = trans.Name
+		metric.Note = trans.Note
+
+		filteredMetrics = append(filteredMetrics, metric)
+	}
+
+	// Sort metrics
+	sort.Slice(filteredMetrics, func(i, j int) bool {
+		if filteredMetrics[i].Collector != filteredMetrics[j].Collector {
+			return filteredMetrics[i].Collector < filteredMetrics[j].Collector
+		}
+		if filteredMetrics[i].Typ != filteredMetrics[j].Typ {
+			return filteredMetrics[i].Typ < filteredMetrics[j].Typ
+		}
+		return filteredMetrics[i].Expression < filteredMetrics[j].Expression
+	})
+
+	totalCount := len(filteredMetrics)
+
+	// Validate parameters
+	if offset < 0 {
+		offset = 0
+	}
+	if limit < 0 {
+		limit = 0
+	}
+
+	// Handle edge cases
+	if offset >= totalCount || limit == 0 {
+		return []*models.BuiltinMetric{}, totalCount, nil
+	}
+
+	// Apply pagination
+	end := offset + limit
+	if end > totalCount {
+		end = totalCount
+	}
+
+	return filteredMetrics[offset:end], totalCount, nil
+}
+
+func (b *BuiltinPayloadInFileType) BuiltinMetricTypes(lang, collector, query string) []string {
+	typeSet := set.NewStringSet()
+	for _, metric := range b.BuiltinMetrics {
+		if !applyFilter(metric, collector, "", query, "") {
+			continue
+		}
+
+		typeSet.Add(metric.Typ)
+	}
+
+	return typeSet.ToSlice()
+}
+
+func (b *BuiltinPayloadInFileType) BuiltinMetricCollectors(lang, typ, query string) []string {
+	collectorSet := set.NewStringSet()
+	for _, metric := range b.BuiltinMetrics {
+		if !applyFilter(metric, "", typ, query, "") {
+			continue
+		}
+
+		collectorSet.Add(metric.Collector)
+	}
+	return collectorSet.ToSlice()
+}
+
+func applyFilter(metric *models.BuiltinMetric, collector, typ, query, unit string) bool {
+	if collector != "" && collector != metric.Collector {
+		return false
+	}
+
+	if typ != "" && typ != metric.Typ {
+		return false
+	}
+
+	if unit != "" && !containsUnit(unit, metric.Unit) {
+		return false
+	}
+
+	if query != "" && !applyQueryFilter(metric, query) {
+		return false
+	}
+
+	return true
+}
+
+func containsUnit(unit, metricUnit string) bool {
+	us := strings.Split(unit, ",")
+	for _, u := range us {
+		if u == metricUnit {
+			return true
+		}
+	}
+	return false
+}
+
+func applyQueryFilter(metric *models.BuiltinMetric, query string) bool {
+	qs := strings.Split(query, " ")
+	for _, q := range qs {
+		if strings.HasPrefix(q, "-") {
+			q = strings.TrimPrefix(q, "-")
+			if strings.Contains(metric.Name, q) || strings.Contains(metric.Note, q) || strings.Contains(metric.Expression, q) {
+				return false
+			}
+		} else {
+			if !strings.Contains(metric.Name, q) && !strings.Contains(metric.Note, q) && !strings.Contains(metric.Expression, q) {
+				return false
+			}
+		}
+	}
+	return true
+}
+
+func getTranslationWithLanguage(bm *models.BuiltinMetric, lang string) (*models.Translation, error) {
+	var defaultTranslation *models.Translation
+	for _, t := range bm.Translation {
+		if t.Lang == lang {
+			return &t, nil
+		}
+
+		if t.Lang == "en_US" {
+			defaultTranslation = &t
+		}
+	}
+
+	if defaultTranslation != nil {
+		return defaultTranslation, nil
+	}
+
+	return nil, errors.Errorf("translation not found for metric %s", bm.Name)
+}
+
+func convertBuiltinMetricByDB(metricsInDB []*models.BuiltinMetric) map[string]*models.BuiltinMetric {
+	builtinMetricsByDB := make(map[string]*models.BuiltinMetric)
+	builtinMetricsByDBList := make(map[string][]*models.BuiltinMetric)
+
+	for _, metric := range metricsInDB {
+		builtinMetrics, ok := builtinMetricsByDBList[metric.Expression]
+		if !ok {
+			builtinMetrics = []*models.BuiltinMetric{}
+		}
+
+		builtinMetrics = append(builtinMetrics, metric)
+		builtinMetricsByDBList[metric.Expression] = builtinMetrics
+	}
+
+	for expression, builtinMetrics := range builtinMetricsByDBList {
+		if len(builtinMetrics) == 0 {
+			continue
+		}
+
+		// NOTE: 为兼容旧版本用户已经创建的 metrics，同时将修改 metrics 收敛到同一个记录上，
+		// 我们选择使用 expression 相同但是 id 最小的 metric 记录作为主要的 Metric。
+		sort.Slice(builtinMetrics, func(i, j int) bool {
+			return builtinMetrics[i].ID < builtinMetrics[j].ID
+		})
+
+		currentBuiltinMetric := builtinMetrics[0]
+		// User have no customed translation, so we can merge it
+		if len(currentBuiltinMetric.Translation) == 0 {
+			translationMap := make(map[string]models.Translation)
+			for _, bm := range builtinMetrics {
+				for _, t := range getDefaultTranslation(bm) {
+					translationMap[t.Lang] = t
+				}
+			}
+			currentBuiltinMetric.Translation = make([]models.Translation, 0, len(translationMap))
+			for _, t := range translationMap {
+				currentBuiltinMetric.Translation = append(currentBuiltinMetric.Translation, t)
+			}
+		}
+
+		builtinMetricsByDB[expression] = currentBuiltinMetric
+	}
+
+	return builtinMetricsByDB
+}
+
+func getDefaultTranslation(bm *models.BuiltinMetric) []models.Translation {
+	if len(bm.Translation) != 0 {
+		return bm.Translation
+	}
+
+	return []models.Translation{{
+		Lang: bm.Lang,
+		Name: bm.Name,
+		Note: bm.Note,
+	}}
+}
--- a/center/metas/metas.go
+++ b/center/metas/metas.go
@@ -2,9 +2,11 @@ package metas

 import (
 	"context"
+	"encoding/json"
 	"sync"
 	"time"

+	"github.com/ccfos/nightingale/v6/center/cstats"
 	"github.com/ccfos/nightingale/v6/models"
 	"github.com/ccfos/nightingale/v6/storage"

@@ -90,15 +92,49 @@ func (s *Set) updateMeta(items map[string]models.HostMeta) {
 }

 func (s *Set) updateTargets(m map[string]models.HostMeta) error {
+	if s.redis == nil {
+		logger.Warningf("redis is nil")
+		return nil
+	}
+
 	count := int64(len(m))
 	if count == 0 {
 		return nil
 	}

 	newMap := make(map[string]interface{}, count)
+	extendMap := make(map[string]interface{})
 	for ident, meta := range m {
+		if meta.ExtendInfo != nil {
+			extendMeta := meta.ExtendInfo
+			meta.ExtendInfo = make(map[string]interface{})
+			extendMetaStr, err := json.Marshal(extendMeta)
+			if err != nil {
+				return err
+			}
+			extendMap[models.WrapExtendIdent(ident)] = extendMetaStr
+		}
 		newMap[models.WrapIdent(ident)] = meta
 	}
+
+	start := time.Now()
 	err := storage.MSet(context.Background(), s.redis, newMap)
+	if err != nil {
+		cstats.RedisOperationLatency.WithLabelValues("mset_target_meta", "fail").Observe(time.Since(start).Seconds())
+		return err
+	} else {
+		cstats.RedisOperationLatency.WithLabelValues("mset_target_meta", "success").Observe(time.Since(start).Seconds())
+	}
+
+	if len(extendMap) > 0 {
+		err = storage.MSet(context.Background(), s.redis, extendMap)
+		if err != nil {
+			cstats.RedisOperationLatency.WithLabelValues("mset_target_extend", "fail").Observe(time.Since(start).Seconds())
+			return err
+		} else {
+			cstats.RedisOperationLatency.WithLabelValues("mset_target_extend", "success").Observe(time.Since(start).Seconds())
+		}
+	}
+
 	return err
 }
--- a/center/router/router.go
+++ b/center/router/router.go
@@ -8,49 +8,81 @@ import (
 	"strings"
 	"time"

+	"github.com/ccfos/nightingale/v6/alert/aconf"
 	"github.com/ccfos/nightingale/v6/center/cconf"
 	"github.com/ccfos/nightingale/v6/center/cstats"
 	"github.com/ccfos/nightingale/v6/center/metas"
 	"github.com/ccfos/nightingale/v6/center/sso"
+	"github.com/ccfos/nightingale/v6/conf"
+	_ "github.com/ccfos/nightingale/v6/front/statik"
 	"github.com/ccfos/nightingale/v6/memsto"
+	"github.com/ccfos/nightingale/v6/models"
 	"github.com/ccfos/nightingale/v6/pkg/aop"
 	"github.com/ccfos/nightingale/v6/pkg/ctx"
 	"github.com/ccfos/nightingale/v6/pkg/httpx"
+	"github.com/ccfos/nightingale/v6/pkg/version"
 	"github.com/ccfos/nightingale/v6/prom"
+	"github.com/ccfos/nightingale/v6/pushgw/idents"
 	"github.com/ccfos/nightingale/v6/storage"
-	"github.com/toolkits/pkg/runner"
+	"gorm.io/gorm"

 	"github.com/gin-gonic/gin"
+	"github.com/rakyll/statik/fs"
+	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/logger"
+	"github.com/toolkits/pkg/runner"
 )

 type Router struct {
 	HTTP              httpx.Config
 	Center            cconf.Center
+	Ibex              conf.Ibex
+	Alert             aconf.Alert
 	Operations        cconf.Operation
 	DatasourceCache   *memsto.DatasourceCacheType
 	NotifyConfigCache *memsto.NotifyConfigCacheType
 	PromClients       *prom.PromClientMap
 	Redis             storage.Redis
 	MetaSet           *metas.Set
+	IdentSet          *idents.Set
 	TargetCache       *memsto.TargetCacheType
 	Sso               *sso.SsoClient
+	UserCache         *memsto.UserCacheType
+	UserGroupCache    *memsto.UserGroupCacheType
+	UserTokenCache    *memsto.UserTokenCacheType
 	Ctx               *ctx.Context
+
+	HeartbeatHook       HeartbeatHookFunc
+	TargetDeleteHook    models.TargetDeleteHookFunc
+	AlertRuleModifyHook AlertRuleModifyHookFunc
 }

-func New(httpConfig httpx.Config, center cconf.Center, operations cconf.Operation, ds *memsto.DatasourceCacheType, ncc *memsto.NotifyConfigCacheType,
-	pc *prom.PromClientMap, redis storage.Redis, sso *sso.SsoClient, ctx *ctx.Context, metaSet *metas.Set, tc *memsto.TargetCacheType) *Router {
+func New(httpConfig httpx.Config, center cconf.Center, alert aconf.Alert, ibex conf.Ibex,
+	operations cconf.Operation, ds *memsto.DatasourceCacheType, ncc *memsto.NotifyConfigCacheType,
+	pc *prom.PromClientMap, redis storage.Redis,
+	sso *sso.SsoClient, ctx *ctx.Context, metaSet *metas.Set, idents *idents.Set,
+	tc *memsto.TargetCacheType, uc *memsto.UserCacheType, ugc *memsto.UserGroupCacheType, utc *memsto.UserTokenCacheType) *Router {
 	return &Router{
-		HTTP:              httpConfig,
-		Center:            center,
-		Operations:        operations,
-		DatasourceCache:   ds,
-		NotifyConfigCache: ncc,
-		PromClients:       pc,
-		Redis:             redis,
-		MetaSet:           metaSet,
-		TargetCache:       tc,
-		Sso:               sso,
-		Ctx:               ctx,
+		HTTP:                httpConfig,
+		Center:              center,
+		Alert:               alert,
+		Ibex:                ibex,
+		Operations:          operations,
+		DatasourceCache:     ds,
+		NotifyConfigCache:   ncc,
+		PromClients:         pc,
+		Redis:               redis,
+		MetaSet:             metaSet,
+		IdentSet:            idents,
+		TargetCache:         tc,
+		Sso:                 sso,
+		UserCache:           uc,
+		UserGroupCache:      ugc,
+		UserTokenCache:      utc,
+		Ctx:                 ctx,
+		HeartbeatHook:       func(ident string) map[string]interface{} { return nil },
+		TargetDeleteHook:    func(tx *gorm.DB, idents []string) error { return nil },
+		AlertRuleModifyHook: func(ar *models.AlertRule) {},
 	}
 }

@@ -61,10 +93,9 @@ func stat() gin.HandlerFunc {

 		code := fmt.Sprintf("%d", c.Writer.Status())
 		method := c.Request.Method
-		labels := []string{cstats.Service, code, c.FullPath(), method}
+		labels := []string{code, c.FullPath(), method}

-		cstats.RequestCounter.WithLabelValues(labels...).Inc()
-		cstats.RequestDuration.WithLabelValues(labels...).Observe(float64(time.Since(start).Seconds()))
+		cstats.RequestDuration.WithLabelValues(labels...).Observe(time.Since(start).Seconds())
 	}
 }

@@ -74,104 +105,197 @@ func languageDetector(i18NHeaderKey string) gin.HandlerFunc {
 		if headerKey != "" {
 			lang := c.GetHeader(headerKey)
 			if lang != "" {
-				if strings.HasPrefix(lang, "zh") {
-					c.Request.Header.Set("X-Language", "zh")
+				if strings.HasPrefix(lang, "zh_HK") {
+					c.Request.Header.Set("X-Language", "zh_HK")
+				} else if strings.HasPrefix(lang, "zh") {
+					c.Request.Header.Set("X-Language", "zh_CN")
 				} else if strings.HasPrefix(lang, "en") {
 					c.Request.Header.Set("X-Language", "en")
 				} else {
 					c.Request.Header.Set("X-Language", lang)
 				}
 			} else {
-				c.Request.Header.Set("X-Language", "en")
+				c.Request.Header.Set("X-Language", "zh_CN")
 			}
 		}
 		c.Next()
 	}
 }

-func (rt *Router) configNoRoute(r *gin.Engine) {
+func (rt *Router) configNoRoute(r *gin.Engine, fs *http.FileSystem) {
 	r.NoRoute(func(c *gin.Context) {
 		arr := strings.Split(c.Request.URL.Path, ".")
 		suffix := arr[len(arr)-1]
+
 		switch suffix {
-		case "png", "jpeg", "jpg", "svg", "ico", "gif", "css", "js", "html", "htm", "gz", "zip", "map":
-			cwdarr := []string{"/"}
-			if runtime.GOOS == "windows" {
-				cwdarr[0] = ""
+		case "png", "jpeg", "jpg", "svg", "ico", "gif", "css", "js", "html", "htm", "gz", "zip", "map", "ttf", "md":
+			if !rt.Center.UseFileAssets {
+				c.FileFromFS(c.Request.URL.Path, *fs)
+			} else {
+				cwdarr := []string{"/"}
+				if runtime.GOOS == "windows" {
+					cwdarr[0] = ""
+				}
+				cwdarr = append(cwdarr, strings.Split(runner.Cwd, "/")...)
+				cwdarr = append(cwdarr, "pub")
+				cwdarr = append(cwdarr, strings.Split(c.Request.URL.Path, "/")...)
+				c.File(path.Join(cwdarr...))
 			}
-			cwdarr = append(cwdarr, strings.Split(runner.Cwd, "/")...)
-			cwdarr = append(cwdarr, "pub")
-			cwdarr = append(cwdarr, strings.Split(c.Request.URL.Path, "/")...)
-			c.File(path.Join(cwdarr...))
 		default:
-			cwdarr := []string{"/"}
-			if runtime.GOOS == "windows" {
-				cwdarr[0] = ""
+			if !rt.Center.UseFileAssets {
+				c.FileFromFS("/", *fs)
+			} else {
+				cwdarr := []string{"/"}
+				if runtime.GOOS == "windows" {
+					cwdarr[0] = ""
+				}
+				cwdarr = append(cwdarr, strings.Split(runner.Cwd, "/")...)
+				cwdarr = append(cwdarr, "pub")
+				cwdarr = append(cwdarr, "index.html")
+				c.File(path.Join(cwdarr...))
 			}
-			cwdarr = append(cwdarr, strings.Split(runner.Cwd, "/")...)
-			cwdarr = append(cwdarr, "pub")
-			cwdarr = append(cwdarr, "index.html")
-			c.File(path.Join(cwdarr...))
 		}
 	})
 }

 func (rt *Router) Config(r *gin.Engine) {
+
 	r.Use(stat())
 	r.Use(languageDetector(rt.Center.I18NHeaderKey))
 	r.Use(aop.Recovery())

+	statikFS, err := fs.New()
+	if err != nil {
+		logger.Errorf("cannot create statik fs: %v", err)
+	}
+
+	if !rt.Center.UseFileAssets {
+		r.StaticFS("/pub", statikFS)
+	}
+
 	pagesPrefix := "/api/n9e"
 	pages := r.Group(pagesPrefix)
 	{

+		pages.DELETE("/datasource/series", rt.auth(), rt.admin(), rt.deleteDatasourceSeries)
 		if rt.Center.AnonymousAccess.PromQuerier {
 			pages.Any("/proxy/:id/*url", rt.dsProxy)
 			pages.POST("/query-range-batch", rt.promBatchQueryRange)
 			pages.POST("/query-instant-batch", rt.promBatchQueryInstant)
 			pages.GET("/datasource/brief", rt.datasourceBriefs)
+			pages.POST("/datasource/query", rt.datasourceQuery)
+
+			pages.POST("/ds-query", rt.QueryData)
+			pages.POST("/logs-query", rt.QueryLogV2)
+
+			pages.POST("/tdengine-databases", rt.tdengineDatabases)
+			pages.POST("/tdengine-tables", rt.tdengineTables)
+			pages.POST("/tdengine-columns", rt.tdengineColumns)
+
+			pages.POST("/log-query-batch", rt.QueryLogBatch)
+
+			// 数据库元数据接口
+			pages.POST("/db-databases", rt.ShowDatabases)
+			pages.POST("/db-tables", rt.ShowTables)
+			pages.POST("/db-desc-table", rt.DescribeTable)
+
+			// es 专用接口
+			pages.POST("/indices", rt.auth(), rt.user(), rt.QueryIndices)
+			pages.POST("/es-variable", rt.auth(), rt.user(), rt.QueryESVariable)
+			pages.POST("/fields", rt.auth(), rt.user(), rt.QueryFields)
+			pages.POST("/log-query", rt.auth(), rt.user(), rt.QueryLog)
 		} else {
 			pages.Any("/proxy/:id/*url", rt.auth(), rt.dsProxy)
 			pages.POST("/query-range-batch", rt.auth(), rt.promBatchQueryRange)
 			pages.POST("/query-instant-batch", rt.auth(), rt.promBatchQueryInstant)
-			pages.GET("/datasource/brief", rt.auth(), rt.datasourceBriefs)
+			pages.GET("/datasource/brief", rt.auth(), rt.user(), rt.datasourceBriefs)
+			pages.POST("/datasource/query", rt.auth(), rt.user(), rt.datasourceQuery)
+
+			pages.POST("/ds-query", rt.auth(), rt.QueryData)
+			pages.POST("/logs-query", rt.auth(), rt.QueryLogV2)
+
+			pages.POST("/tdengine-databases", rt.auth(), rt.tdengineDatabases)
+			pages.POST("/tdengine-tables", rt.auth(), rt.tdengineTables)
+			pages.POST("/tdengine-columns", rt.auth(), rt.tdengineColumns)
+
+			pages.POST("/log-query-batch", rt.auth(), rt.user(), rt.QueryLogBatch)
+
+			// 数据库元数据接口
+			pages.POST("/db-databases", rt.auth(), rt.user(), rt.ShowDatabases)
+			pages.POST("/db-tables", rt.auth(), rt.user(), rt.ShowTables)
+			pages.POST("/db-desc-table", rt.auth(), rt.user(), rt.DescribeTable)
+
+			// es 专用接口
+			pages.POST("/indices", rt.auth(), rt.user(), rt.QueryIndices)
+			pages.POST("/es-variable", rt.QueryESVariable)
+			pages.POST("/fields", rt.QueryFields)
+			pages.POST("/log-query", rt.QueryLog)
 		}

+		// OpenSearch 专用接口
+		pages.POST("/os-indices", rt.QueryOSIndices)
+		pages.POST("/os-variable", rt.QueryOSVariable)
+		pages.POST("/os-fields", rt.QueryOSFields)
+
+		pages.GET("/sql-template", rt.QuerySqlTemplate)
 		pages.POST("/auth/login", rt.jwtMock(), rt.loginPost)
-		pages.POST("/auth/logout", rt.jwtMock(), rt.logoutPost)
+		pages.POST("/auth/logout", rt.jwtMock(), rt.auth(), rt.user(), rt.logoutPost)
 		pages.POST("/auth/refresh", rt.jwtMock(), rt.refreshPost)
+		pages.POST("/auth/captcha", rt.jwtMock(), rt.generateCaptcha)
+		pages.POST("/auth/captcha-verify", rt.jwtMock(), rt.captchaVerify)
+		pages.GET("/auth/ifshowcaptcha", rt.ifShowCaptcha)

 		pages.GET("/auth/sso-config", rt.ssoConfigNameGet)
+		pages.GET("/auth/rsa-config", rt.rsaConfigGet)
 		pages.GET("/auth/redirect", rt.loginRedirect)
 		pages.GET("/auth/redirect/cas", rt.loginRedirectCas)
 		pages.GET("/auth/redirect/oauth", rt.loginRedirectOAuth)
 		pages.GET("/auth/callback", rt.loginCallback)
 		pages.GET("/auth/callback/cas", rt.loginCallbackCas)
 		pages.GET("/auth/callback/oauth", rt.loginCallbackOAuth)
+		pages.GET("/auth/perms", rt.allPerms)

 		pages.GET("/metrics/desc", rt.metricsDescGetFile)
 		pages.POST("/metrics/desc", rt.metricsDescGetMap)

 		pages.GET("/notify-channels", rt.notifyChannelsGets)
 		pages.GET("/contact-keys", rt.contactKeysGets)
+		pages.GET("/install-date", rt.installDateGet)

 		pages.GET("/self/perms", rt.auth(), rt.user(), rt.permsGets)
 		pages.GET("/self/profile", rt.auth(), rt.user(), rt.selfProfileGet)
 		pages.PUT("/self/profile", rt.auth(), rt.user(), rt.selfProfilePut)
 		pages.PUT("/self/password", rt.auth(), rt.user(), rt.selfPasswordPut)
+		pages.GET("/self/token", rt.auth(), rt.user(), rt.getToken)
+		pages.POST("/self/token", rt.auth(), rt.user(), rt.addToken)
+		pages.DELETE("/self/token/:id", rt.auth(), rt.user(), rt.deleteToken)

 		pages.GET("/users", rt.auth(), rt.user(), rt.perm("/users"), rt.userGets)
-		pages.POST("/users", rt.auth(), rt.admin(), rt.userAddPost)
+		pages.POST("/users", rt.auth(), rt.user(), rt.perm("/users/add"), rt.userAddPost)
 		pages.GET("/user/:id/profile", rt.auth(), rt.userProfileGet)
-		pages.PUT("/user/:id/profile", rt.auth(), rt.admin(), rt.userProfilePut)
-		pages.PUT("/user/:id/password", rt.auth(), rt.admin(), rt.userPasswordPut)
-		pages.DELETE("/user/:id", rt.auth(), rt.admin(), rt.userDel)
+		pages.PUT("/user/:id/profile", rt.auth(), rt.user(), rt.perm("/users/put"), rt.userProfilePut)
+		pages.PUT("/user/:id/password", rt.auth(), rt.user(), rt.perm("/users/put"), rt.userPasswordPut)
+		pages.DELETE("/user/:id", rt.auth(), rt.user(), rt.perm("/users/del"), rt.userDel)

 		pages.GET("/metric-views", rt.auth(), rt.metricViewGets)
 		pages.DELETE("/metric-views", rt.auth(), rt.user(), rt.metricViewDel)
 		pages.POST("/metric-views", rt.auth(), rt.user(), rt.metricViewAdd)
 		pages.PUT("/metric-views", rt.auth(), rt.user(), rt.metricViewPut)

+		pages.GET("/builtin-metric-filters", rt.auth(), rt.user(), rt.metricFilterGets)
+		pages.DELETE("/builtin-metric-filters", rt.auth(), rt.user(), rt.metricFilterDel)
+		pages.POST("/builtin-metric-filters", rt.auth(), rt.user(), rt.metricFilterAdd)
+		pages.PUT("/builtin-metric-filters", rt.auth(), rt.user(), rt.metricFilterPut)
+		pages.POST("/builtin-metric-promql", rt.auth(), rt.user(), rt.getMetricPromql)
+
+		pages.POST("/builtin-metrics", rt.auth(), rt.user(), rt.perm("/builtin-metrics/add"), rt.builtinMetricsAdd)
+		pages.PUT("/builtin-metrics", rt.auth(), rt.user(), rt.perm("/builtin-metrics/put"), rt.builtinMetricsPut)
+		pages.DELETE("/builtin-metrics", rt.auth(), rt.user(), rt.perm("/builtin-metrics/del"), rt.builtinMetricsDel)
+		pages.GET("/builtin-metrics", rt.auth(), rt.user(), rt.builtinMetricsGets)
+		pages.GET("/builtin-metrics/types", rt.auth(), rt.user(), rt.builtinMetricsTypes)
+		pages.GET("/builtin-metrics/types/default", rt.auth(), rt.user(), rt.builtinMetricsDefaultTypes)
+		pages.GET("/builtin-metrics/collectors", rt.auth(), rt.user(), rt.builtinMetricsCollectors)
+
 		pages.GET("/user-groups", rt.auth(), rt.user(), rt.userGroupGets)
 		pages.POST("/user-groups", rt.auth(), rt.user(), rt.perm("/user-groups/add"), rt.userGroupAdd)
 		pages.GET("/user-group/:id", rt.auth(), rt.user(), rt.userGroupGet)
@@ -189,30 +313,38 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.DELETE("/busi-group/:id/members", rt.auth(), rt.user(), rt.perm("/busi-groups/put"), rt.bgrw(), rt.busiGroupMemberDel)
 		pages.DELETE("/busi-group/:id", rt.auth(), rt.user(), rt.perm("/busi-groups/del"), rt.bgrw(), rt.busiGroupDel)
 		pages.GET("/busi-group/:id/perm/:perm", rt.auth(), rt.user(), rt.checkBusiGroupPerm)
+		pages.GET("/busi-groups/tags", rt.auth(), rt.user(), rt.busiGroupsGetTags)

 		pages.GET("/targets", rt.auth(), rt.user(), rt.targetGets)
+		pages.GET("/target/extra-meta", rt.auth(), rt.user(), rt.targetExtendInfoByIdent)
 		pages.POST("/target/list", rt.auth(), rt.user(), rt.targetGetsByHostFilter)
 		pages.DELETE("/targets", rt.auth(), rt.user(), rt.perm("/targets/del"), rt.targetDel)
 		pages.GET("/targets/tags", rt.auth(), rt.user(), rt.targetGetTags)
 		pages.POST("/targets/tags", rt.auth(), rt.user(), rt.perm("/targets/put"), rt.targetBindTagsByFE)
 		pages.DELETE("/targets/tags", rt.auth(), rt.user(), rt.perm("/targets/put"), rt.targetUnbindTagsByFE)
 		pages.PUT("/targets/note", rt.auth(), rt.user(), rt.perm("/targets/put"), rt.targetUpdateNote)
-		pages.PUT("/targets/bgid", rt.auth(), rt.user(), rt.perm("/targets/put"), rt.targetUpdateBgid)
+		pages.PUT("/targets/bgids", rt.auth(), rt.user(), rt.perm("/targets/put"), rt.targetBindBgids)

 		pages.POST("/builtin-cate-favorite", rt.auth(), rt.user(), rt.builtinCateFavoriteAdd)
 		pages.DELETE("/builtin-cate-favorite/:name", rt.auth(), rt.user(), rt.builtinCateFavoriteDel)

-		pages.GET("/builtin-boards", rt.builtinBoardGets)
-		pages.GET("/builtin-board/:name", rt.builtinBoardGet)
-		pages.GET("/dashboards/builtin/list", rt.builtinBoardGets)
-		pages.GET("/builtin-boards-cates", rt.auth(), rt.user(), rt.builtinBoardCateGets)
-		pages.POST("/builtin-boards-detail", rt.auth(), rt.user(), rt.builtinBoardDetailGets)
 		pages.GET("/integrations/icon/:cate/:name", rt.builtinIcon)

+		// pages.GET("/builtin-boards", rt.builtinBoardGets)
+		// pages.GET("/builtin-board/:name", rt.builtinBoardGet)
+		// pages.GET("/dashboards/builtin/list", rt.builtinBoardGets)
+		// pages.GET("/builtin-boards-cates", rt.auth(), rt.user(), rt.builtinBoardCateGets)
+		// pages.POST("/builtin-boards-detail", rt.auth(), rt.user(), rt.builtinBoardDetailGets)
+		// pages.GET("/integrations/makedown/:cate", rt.builtinMarkdown)
+
+		pages.GET("/busi-groups/public-boards", rt.auth(), rt.user(), rt.perm("/dashboards"), rt.publicBoardGets)
+		pages.GET("/busi-groups/boards", rt.auth(), rt.user(), rt.perm("/dashboards"), rt.boardGetsByGids)
 		pages.GET("/busi-group/:id/boards", rt.auth(), rt.user(), rt.perm("/dashboards"), rt.bgro(), rt.boardGets)
 		pages.POST("/busi-group/:id/boards", rt.auth(), rt.user(), rt.perm("/dashboards/add"), rt.bgrw(), rt.boardAdd)
 		pages.POST("/busi-group/:id/board/:bid/clone", rt.auth(), rt.user(), rt.perm("/dashboards/add"), rt.bgrw(), rt.boardClone)
+		pages.POST("/busi-groups/boards/clones", rt.auth(), rt.user(), rt.perm("/dashboards/add"), rt.boardBatchClone)

+		pages.GET("/boards", rt.auth(), rt.user(), rt.boardGetsByBids)
 		pages.GET("/board/:bid", rt.boardGet)
 		pages.GET("/board/:bid/pure", rt.boardPureGet)
 		pages.PUT("/board/:bid", rt.auth(), rt.user(), rt.perm("/dashboards/put"), rt.boardPut)
@@ -223,17 +355,34 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.GET("/share-charts", rt.chartShareGets)
 		pages.POST("/share-charts", rt.auth(), rt.chartShareAdd)

-		pages.GET("/alert-rules/builtin/alerts-cates", rt.auth(), rt.user(), rt.builtinAlertCateGets)
-		pages.GET("/alert-rules/builtin/list", rt.auth(), rt.user(), rt.builtinAlertRules)
+		pages.POST("/dashboard-annotations", rt.auth(), rt.user(), rt.perm("/dashboards/put"), rt.dashAnnotationAdd)
+		pages.GET("/dashboard-annotations", rt.dashAnnotationGets)
+		pages.PUT("/dashboard-annotation/:id", rt.auth(), rt.user(), rt.perm("/dashboards/put"), rt.dashAnnotationPut)
+		pages.DELETE("/dashboard-annotation/:id", rt.auth(), rt.user(), rt.perm("/dashboards/del"), rt.dashAnnotationDel)

+		// pages.GET("/alert-rules/builtin/alerts-cates", rt.auth(), rt.user(), rt.builtinAlertCateGets)
+		// pages.GET("/alert-rules/builtin/list", rt.auth(), rt.user(), rt.builtinAlertRules)
+		pages.GET("/alert-rules/callbacks", rt.auth(), rt.user(), rt.alertRuleCallbacks)
+
+		pages.GET("/busi-groups/alert-rules", rt.auth(), rt.user(), rt.perm("/alert-rules"), rt.alertRuleGetsByGids)
 		pages.GET("/busi-group/:id/alert-rules", rt.auth(), rt.user(), rt.perm("/alert-rules"), rt.alertRuleGets)
 		pages.POST("/busi-group/:id/alert-rules", rt.auth(), rt.user(), rt.perm("/alert-rules/add"), rt.bgrw(), rt.alertRuleAddByFE)
 		pages.POST("/busi-group/:id/alert-rules/import", rt.auth(), rt.user(), rt.perm("/alert-rules/add"), rt.bgrw(), rt.alertRuleAddByImport)
+		pages.POST("/busi-group/:id/alert-rules/import-prom-rule", rt.auth(),
+			rt.user(), rt.perm("/alert-rules/add"), rt.bgrw(), rt.alertRuleAddByImportPromRule)
 		pages.DELETE("/busi-group/:id/alert-rules", rt.auth(), rt.user(), rt.perm("/alert-rules/del"), rt.bgrw(), rt.alertRuleDel)
 		pages.PUT("/busi-group/:id/alert-rules/fields", rt.auth(), rt.user(), rt.perm("/alert-rules/put"), rt.bgrw(), rt.alertRulePutFields)
 		pages.PUT("/busi-group/:id/alert-rule/:arid", rt.auth(), rt.user(), rt.perm("/alert-rules/put"), rt.alertRulePutByFE)
 		pages.GET("/alert-rule/:arid", rt.auth(), rt.user(), rt.perm("/alert-rules"), rt.alertRuleGet)
+		pages.GET("/alert-rule/:arid/pure", rt.auth(), rt.user(), rt.perm("/alert-rules"), rt.alertRulePureGet)
+		pages.PUT("/busi-group/alert-rule/validate", rt.auth(), rt.user(), rt.perm("/alert-rules/put"), rt.alertRuleValidation)
+		pages.POST("/relabel-test", rt.auth(), rt.user(), rt.relabelTest)
+		pages.POST("/busi-group/:id/alert-rules/clone", rt.auth(), rt.user(), rt.perm("/alert-rules/add"), rt.bgrw(), rt.cloneToMachine)
+		pages.POST("/busi-groups/alert-rules/clones", rt.auth(), rt.user(), rt.perm("/alert-rules/add"), rt.batchAlertRuleClone)
+		pages.POST("/busi-group/alert-rules/notify-tryrun", rt.auth(), rt.user(), rt.perm("/alert-rules/add"), rt.alertRuleNotifyTryRun)
+		pages.POST("/busi-group/alert-rules/enable-tryrun", rt.auth(), rt.user(), rt.perm("/alert-rules/add"), rt.alertRuleEnableTryRun)

+		pages.GET("/busi-groups/recording-rules", rt.auth(), rt.user(), rt.perm("/recording-rules"), rt.recordingRuleGetsByGids)
 		pages.GET("/busi-group/:id/recording-rules", rt.auth(), rt.user(), rt.perm("/recording-rules"), rt.recordingRuleGets)
 		pages.POST("/busi-group/:id/recording-rules", rt.auth(), rt.user(), rt.perm("/recording-rules/add"), rt.bgrw(), rt.recordingRuleAddByFE)
 		pages.DELETE("/busi-group/:id/recording-rules", rt.auth(), rt.user(), rt.perm("/recording-rules/del"), rt.bgrw(), rt.recordingRuleDel)
@@ -241,38 +390,43 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.GET("/recording-rule/:rrid", rt.auth(), rt.user(), rt.perm("/recording-rules"), rt.recordingRuleGet)
 		pages.PUT("/busi-group/:id/recording-rules/fields", rt.auth(), rt.user(), rt.perm("/recording-rules/put"), rt.recordingRulePutFields)

+		pages.GET("/busi-groups/alert-mutes", rt.auth(), rt.user(), rt.perm("/alert-mutes"), rt.alertMuteGetsByGids)
 		pages.GET("/busi-group/:id/alert-mutes", rt.auth(), rt.user(), rt.perm("/alert-mutes"), rt.bgro(), rt.alertMuteGetsByBG)
+		pages.POST("/busi-group/:id/alert-mutes/preview", rt.auth(), rt.user(), rt.perm("/alert-mutes/add"), rt.bgrw(), rt.alertMutePreview)
 		pages.POST("/busi-group/:id/alert-mutes", rt.auth(), rt.user(), rt.perm("/alert-mutes/add"), rt.bgrw(), rt.alertMuteAdd)
 		pages.DELETE("/busi-group/:id/alert-mutes", rt.auth(), rt.user(), rt.perm("/alert-mutes/del"), rt.bgrw(), rt.alertMuteDel)
 		pages.PUT("/busi-group/:id/alert-mute/:amid", rt.auth(), rt.user(), rt.perm("/alert-mutes/put"), rt.alertMutePutByFE)
+		pages.GET("/busi-group/:id/alert-mute/:amid", rt.auth(), rt.user(), rt.perm("/alert-mutes"), rt.alertMuteGet)
 		pages.PUT("/busi-group/:id/alert-mutes/fields", rt.auth(), rt.user(), rt.perm("/alert-mutes/put"), rt.bgrw(), rt.alertMutePutFields)
+		pages.POST("/alert-mute-tryrun", rt.auth(), rt.user(), rt.perm("/alert-mutes/add"), rt.alertMuteTryRun)

+		pages.GET("/busi-groups/alert-subscribes", rt.auth(), rt.user(), rt.perm("/alert-subscribes"), rt.alertSubscribeGetsByGids)
 		pages.GET("/busi-group/:id/alert-subscribes", rt.auth(), rt.user(), rt.perm("/alert-subscribes"), rt.bgro(), rt.alertSubscribeGets)
 		pages.GET("/alert-subscribe/:sid", rt.auth(), rt.user(), rt.perm("/alert-subscribes"), rt.alertSubscribeGet)
 		pages.POST("/busi-group/:id/alert-subscribes", rt.auth(), rt.user(), rt.perm("/alert-subscribes/add"), rt.bgrw(), rt.alertSubscribeAdd)
 		pages.PUT("/busi-group/:id/alert-subscribes", rt.auth(), rt.user(), rt.perm("/alert-subscribes/put"), rt.bgrw(), rt.alertSubscribePut)
 		pages.DELETE("/busi-group/:id/alert-subscribes", rt.auth(), rt.user(), rt.perm("/alert-subscribes/del"), rt.bgrw(), rt.alertSubscribeDel)
+		pages.POST("/alert-subscribe/alert-subscribes-tryrun", rt.auth(), rt.user(), rt.perm("/alert-subscribes/add"), rt.alertSubscribeTryRun)

-		if rt.Center.AnonymousAccess.AlertDetail {
-			pages.GET("/alert-cur-event/:eid", rt.alertCurEventGet)
-			pages.GET("/alert-his-event/:eid", rt.alertHisEventGet)
-		} else {
-			pages.GET("/alert-cur-event/:eid", rt.auth(), rt.alertCurEventGet)
-			pages.GET("/alert-his-event/:eid", rt.auth(), rt.alertHisEventGet)
-		}
+		pages.GET("/alert-cur-event/:eid", rt.alertCurEventGet)
+		pages.GET("/alert-his-event/:eid", rt.alertHisEventGet)
+		pages.GET("/event-notify-records/:eid", rt.notificationRecordList)

 		// card logic
-		pages.GET("/alert-cur-events/list", rt.auth(), rt.alertCurEventsList)
-		pages.GET("/alert-cur-events/card", rt.auth(), rt.alertCurEventsCard)
+		pages.GET("/alert-cur-events/list", rt.auth(), rt.user(), rt.alertCurEventsList)
+		pages.GET("/alert-cur-events/card", rt.auth(), rt.user(), rt.alertCurEventsCard)
 		pages.POST("/alert-cur-events/card/details", rt.auth(), rt.alertCurEventsCardDetails)
-		pages.GET("/alert-his-events/list", rt.auth(), rt.alertHisEventsList)
+		pages.GET("/alert-his-events/list", rt.auth(), rt.user(), rt.alertHisEventsList)
+		pages.DELETE("/alert-his-events", rt.auth(), rt.admin(), rt.alertHisEventsDelete)
 		pages.DELETE("/alert-cur-events", rt.auth(), rt.user(), rt.perm("/alert-cur-events/del"), rt.alertCurEventDel)
+		pages.GET("/alert-cur-events/stats", rt.auth(), rt.alertCurEventsStatistics)

 		pages.GET("/alert-aggr-views", rt.auth(), rt.alertAggrViewGets)
 		pages.DELETE("/alert-aggr-views", rt.auth(), rt.user(), rt.alertAggrViewDel)
 		pages.POST("/alert-aggr-views", rt.auth(), rt.user(), rt.alertAggrViewAdd)
 		pages.PUT("/alert-aggr-views", rt.auth(), rt.user(), rt.alertAggrViewPut)

+		pages.GET("/busi-groups/task-tpls", rt.auth(), rt.user(), rt.perm("/job-tpls"), rt.taskTplGetsByGids)
 		pages.GET("/busi-group/:id/task-tpls", rt.auth(), rt.user(), rt.perm("/job-tpls"), rt.bgro(), rt.taskTplGets)
 		pages.POST("/busi-group/:id/task-tpls", rt.auth(), rt.user(), rt.perm("/job-tpls/add"), rt.bgrw(), rt.taskTplAdd)
 		pages.DELETE("/busi-group/:id/task-tpl/:tid", rt.auth(), rt.user(), rt.perm("/job-tpls/del"), rt.bgrw(), rt.taskTplDel)
@@ -281,106 +435,258 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.GET("/busi-group/:id/task-tpl/:tid", rt.auth(), rt.user(), rt.perm("/job-tpls"), rt.bgro(), rt.taskTplGet)
 		pages.PUT("/busi-group/:id/task-tpl/:tid", rt.auth(), rt.user(), rt.perm("/job-tpls/put"), rt.bgrw(), rt.taskTplPut)

+		pages.GET("/busi-groups/tasks", rt.auth(), rt.user(), rt.perm("/job-tasks"), rt.taskGetsByGids)
 		pages.GET("/busi-group/:id/tasks", rt.auth(), rt.user(), rt.perm("/job-tasks"), rt.bgro(), rt.taskGets)
 		pages.POST("/busi-group/:id/tasks", rt.auth(), rt.user(), rt.perm("/job-tasks/add"), rt.bgrw(), rt.taskAdd)
-		pages.GET("/busi-group/:id/task/*url", rt.auth(), rt.user(), rt.perm("/job-tasks"), rt.taskProxy)
-		pages.PUT("/busi-group/:id/task/*url", rt.auth(), rt.user(), rt.perm("/job-tasks/put"), rt.bgrw(), rt.taskProxy)

-		pages.GET("/servers", rt.auth(), rt.admin(), rt.serversGet)
-		pages.GET("/server-clusters", rt.auth(), rt.admin(), rt.serverClustersGet)
+		pages.GET("/servers", rt.auth(), rt.user(), rt.serversGet)
+		pages.GET("/server-clusters", rt.auth(), rt.user(), rt.serverClustersGet)

-		pages.POST("/datasource/list", rt.auth(), rt.datasourceList)
+		pages.POST("/datasource/list", rt.auth(), rt.user(), rt.datasourceList)
 		pages.POST("/datasource/plugin/list", rt.auth(), rt.pluginList)
 		pages.POST("/datasource/upsert", rt.auth(), rt.admin(), rt.datasourceUpsert)
 		pages.POST("/datasource/desc", rt.auth(), rt.admin(), rt.datasourceGet)
 		pages.POST("/datasource/status/update", rt.auth(), rt.admin(), rt.datasourceUpdataStatus)
 		pages.DELETE("/datasource/", rt.auth(), rt.admin(), rt.datasourceDel)

-		pages.GET("/roles", rt.auth(), rt.admin(), rt.roleGets)
-		pages.POST("/roles", rt.auth(), rt.admin(), rt.roleAdd)
-		pages.PUT("/roles", rt.auth(), rt.admin(), rt.rolePut)
-		pages.DELETE("/role/:id", rt.auth(), rt.admin(), rt.roleDel)
+		pages.GET("/roles", rt.auth(), rt.user(), rt.roleGets)
+		pages.POST("/roles", rt.auth(), rt.user(), rt.perm("/roles/add"), rt.roleAdd)
+		pages.PUT("/roles", rt.auth(), rt.user(), rt.perm("/roles/put"), rt.rolePut)
+		pages.DELETE("/role/:id", rt.auth(), rt.user(), rt.perm("/roles/del"), rt.roleDel)

-		pages.GET("/role/:id/ops", rt.auth(), rt.admin(), rt.operationOfRole)
-		pages.PUT("/role/:id/ops", rt.auth(), rt.admin(), rt.roleBindOperation)
-		pages.GET("operation", rt.operations)
+		pages.GET("/role/:id/ops", rt.auth(), rt.user(), rt.perm("/roles"), rt.operationOfRole)
+		pages.PUT("/role/:id/ops", rt.auth(), rt.user(), rt.perm("/roles/put"), rt.roleBindOperation)
+		pages.GET("/operation", rt.operations)

-		pages.GET("/notify-tpls", rt.auth(), rt.admin(), rt.notifyTplGets)
-		pages.PUT("/notify-tpl/content", rt.auth(), rt.admin(), rt.notifyTplUpdateContent)
-		pages.PUT("/notify-tpl", rt.auth(), rt.admin(), rt.notifyTplUpdate)
-		pages.POST("/notify-tpl/preview", rt.auth(), rt.admin(), rt.notifyTplPreview)
+		pages.GET("/notify-tpls", rt.auth(), rt.user(), rt.notifyTplGets)
+		pages.PUT("/notify-tpl/content", rt.auth(), rt.user(), rt.notifyTplUpdateContent)
+		pages.PUT("/notify-tpl", rt.auth(), rt.user(), rt.notifyTplUpdate)
+		pages.POST("/notify-tpl", rt.auth(), rt.user(), rt.notifyTplAdd)
+		pages.DELETE("/notify-tpl/:id", rt.auth(), rt.user(), rt.notifyTplDel)
+		pages.POST("/notify-tpl/preview", rt.auth(), rt.user(), rt.notifyTplPreview)

 		pages.GET("/sso-configs", rt.auth(), rt.admin(), rt.ssoConfigGets)
 		pages.PUT("/sso-config", rt.auth(), rt.admin(), rt.ssoConfigUpdate)

-		pages.GET("/webhooks", rt.auth(), rt.admin(), rt.webhookGets)
+		pages.GET("/webhooks", rt.auth(), rt.user(), rt.webhookGets)
 		pages.PUT("/webhooks", rt.auth(), rt.admin(), rt.webhookPuts)

-		pages.GET("/notify-script", rt.auth(), rt.admin(), rt.notifyScriptGet)
+		pages.GET("/notify-script", rt.auth(), rt.user(), rt.perm("/help/notification-settings"), rt.notifyScriptGet)
 		pages.PUT("/notify-script", rt.auth(), rt.admin(), rt.notifyScriptPut)

-		pages.GET("/notify-channel", rt.auth(), rt.admin(), rt.notifyChannelGets)
+		pages.GET("/notify-channel", rt.auth(), rt.user(), rt.perm("/help/notification-settings"), rt.notifyChannelGets)
 		pages.PUT("/notify-channel", rt.auth(), rt.admin(), rt.notifyChannelPuts)

-		pages.GET("/notify-contact", rt.auth(), rt.admin(), rt.notifyContactGets)
+		pages.GET("/notify-contact", rt.auth(), rt.user(), rt.notifyContactGets)
 		pages.PUT("/notify-contact", rt.auth(), rt.admin(), rt.notifyContactPuts)

-		pages.GET("/notify-config", rt.auth(), rt.admin(), rt.notifyConfigGet)
+		pages.GET("/notify-config", rt.auth(), rt.user(), rt.perm("/help/notification-settings"), rt.notifyConfigGet)
 		pages.PUT("/notify-config", rt.auth(), rt.admin(), rt.notifyConfigPut)
+		pages.PUT("/smtp-config-test", rt.auth(), rt.admin(), rt.attemptSendEmail)
+
+		pages.GET("/es-index-pattern", rt.auth(), rt.esIndexPatternGet)
+		pages.GET("/es-index-pattern-list", rt.auth(), rt.esIndexPatternGetList)
+		pages.POST("/es-index-pattern", rt.auth(), rt.user(), rt.perm("/log/index-patterns/add"), rt.esIndexPatternAdd)
+		pages.PUT("/es-index-pattern", rt.auth(), rt.user(), rt.perm("/log/index-patterns/put"), rt.esIndexPatternPut)
+		pages.DELETE("/es-index-pattern", rt.auth(), rt.user(), rt.perm("/log/index-patterns/del"), rt.esIndexPatternDel)
+
+		pages.GET("/embedded-dashboards", rt.auth(), rt.user(), rt.perm("/embedded-dashboards"), rt.embeddedDashboardsGet)
+		pages.PUT("/embedded-dashboards", rt.auth(), rt.user(), rt.perm("/embedded-dashboards/put"), rt.embeddedDashboardsPut)
+
+		// 获取 embedded-product 列表
+		pages.GET("/embedded-product", rt.auth(), rt.user(), rt.embeddedProductGets)
+		pages.GET("/embedded-product/:id", rt.auth(), rt.user(), rt.embeddedProductGet)
+		pages.POST("/embedded-product", rt.auth(), rt.user(), rt.perm("/embedded-product/add"), rt.embeddedProductAdd)
+		pages.PUT("/embedded-product/:id", rt.auth(), rt.user(), rt.perm("/embedded-product/put"), rt.embeddedProductPut)
+		pages.DELETE("/embedded-product/:id", rt.auth(), rt.user(), rt.perm("/embedded-product/delete"), rt.embeddedProductDelete)
+
+		pages.GET("/user-variable-configs", rt.auth(), rt.user(), rt.perm("/help/variable-configs"), rt.userVariableConfigGets)
+		pages.POST("/user-variable-config", rt.auth(), rt.user(), rt.perm("/help/variable-configs"), rt.userVariableConfigAdd)
+		pages.PUT("/user-variable-config/:id", rt.auth(), rt.user(), rt.perm("/help/variable-configs"), rt.userVariableConfigPut)
+		pages.DELETE("/user-variable-config/:id", rt.auth(), rt.user(), rt.perm("/help/variable-configs"), rt.userVariableConfigDel)
+
+		pages.GET("/config", rt.auth(), rt.admin(), rt.configGetByKey)
+		pages.PUT("/config", rt.auth(), rt.admin(), rt.configPutByKey)
+		pages.GET("/site-info", rt.siteInfo)
+
+		// source token 相关路由
+		pages.POST("/source-token", rt.auth(), rt.user(), rt.sourceTokenAdd)
+
+		// for admin api
+		pages.GET("/user/busi-groups", rt.auth(), rt.admin(), rt.userBusiGroupsGets)
+
+		pages.GET("/builtin-components", rt.auth(), rt.user(), rt.builtinComponentsGets)
+		pages.POST("/builtin-components", rt.auth(), rt.user(), rt.perm("/components/add"), rt.builtinComponentsAdd)
+		pages.PUT("/builtin-components", rt.auth(), rt.user(), rt.perm("/components/put"), rt.builtinComponentsPut)
+		pages.DELETE("/builtin-components", rt.auth(), rt.user(), rt.perm("/components/del"), rt.builtinComponentsDel)
+
+		pages.GET("/builtin-payloads", rt.auth(), rt.user(), rt.builtinPayloadsGets)
+		pages.GET("/builtin-payloads/cates", rt.auth(), rt.user(), rt.builtinPayloadcatesGet)
+		pages.POST("/builtin-payloads", rt.auth(), rt.user(), rt.perm("/components/add"), rt.builtinPayloadsAdd)
+		pages.PUT("/builtin-payloads", rt.auth(), rt.user(), rt.perm("/components/put"), rt.builtinPayloadsPut)
+		pages.DELETE("/builtin-payloads", rt.auth(), rt.user(), rt.perm("/components/del"), rt.builtinPayloadsDel)
+		pages.GET("/builtin-payload", rt.auth(), rt.user(), rt.builtinPayloadsGetByUUID)
+
+		pages.POST("/message-templates", rt.auth(), rt.user(), rt.perm("/notification-templates/add"), rt.messageTemplatesAdd)
+		pages.DELETE("/message-templates", rt.auth(), rt.user(), rt.perm("/notification-templates/del"), rt.messageTemplatesDel)
+		pages.PUT("/message-template/:id", rt.auth(), rt.user(), rt.perm("/notification-templates/put"), rt.messageTemplatePut)
+		pages.GET("/message-template/:id", rt.auth(), rt.user(), rt.perm("/notification-templates"), rt.messageTemplateGet)
+		pages.GET("/message-templates", rt.auth(), rt.user(), rt.messageTemplatesGet)
+		pages.POST("/events-message", rt.auth(), rt.user(), rt.eventsMessage)
+
+		pages.POST("/notify-rules", rt.auth(), rt.user(), rt.perm("/notification-rules/add"), rt.notifyRulesAdd)
+		pages.DELETE("/notify-rules", rt.auth(), rt.user(), rt.perm("/notification-rules/del"), rt.notifyRulesDel)
+		pages.PUT("/notify-rule/:id", rt.auth(), rt.user(), rt.perm("/notification-rules/put"), rt.notifyRulePut)
+		pages.GET("/notify-rule/:id", rt.auth(), rt.user(), rt.perm("/notification-rules"), rt.notifyRuleGet)
+		pages.GET("/notify-rules", rt.auth(), rt.user(), rt.perm("/notification-rules"), rt.notifyRulesGet)
+		pages.POST("/notify-rule/test", rt.auth(), rt.user(), rt.perm("/notification-rules"), rt.notifyTest)
+		pages.GET("/notify-rule/custom-params", rt.auth(), rt.user(), rt.perm("/notification-rules"), rt.notifyRuleCustomParamsGet)
+		pages.POST("/notify-rule/event-pipelines-tryrun", rt.auth(), rt.user(), rt.perm("/notification-rules/add"), rt.tryRunEventProcessorByNotifyRule)
+
+		// 事件Pipeline相关路由
+		pages.GET("/event-pipelines", rt.auth(), rt.user(), rt.perm("/event-pipelines"), rt.eventPipelinesList)
+		pages.POST("/event-pipeline", rt.auth(), rt.user(), rt.perm("/event-pipelines/add"), rt.addEventPipeline)
+		pages.PUT("/event-pipeline", rt.auth(), rt.user(), rt.perm("/event-pipelines/put"), rt.updateEventPipeline)
+		pages.GET("/event-pipeline/:id", rt.auth(), rt.user(), rt.perm("/event-pipelines"), rt.getEventPipeline)
+		pages.DELETE("/event-pipelines", rt.auth(), rt.user(), rt.perm("/event-pipelines/del"), rt.deleteEventPipelines)
+		pages.POST("/event-pipeline-tryrun", rt.auth(), rt.user(), rt.perm("/event-pipelines"), rt.tryRunEventPipeline)
+		pages.POST("/event-processor-tryrun", rt.auth(), rt.user(), rt.perm("/event-pipelines"), rt.tryRunEventProcessor)
+
+		pages.POST("/notify-channel-configs", rt.auth(), rt.user(), rt.perm("/notification-channels/add"), rt.notifyChannelsAdd)
+		pages.DELETE("/notify-channel-configs", rt.auth(), rt.user(), rt.perm("/notification-channels/del"), rt.notifyChannelsDel)
+		pages.PUT("/notify-channel-config/:id", rt.auth(), rt.user(), rt.perm("/notification-channels/put"), rt.notifyChannelPut)
+		pages.GET("/notify-channel-config/:id", rt.auth(), rt.user(), rt.perm("/notification-channels"), rt.notifyChannelGet)
+		pages.GET("/notify-channel-configs", rt.auth(), rt.user(), rt.perm("/notification-channels"), rt.notifyChannelsGet)
+		pages.GET("/simplified-notify-channel-configs", rt.notifyChannelsGetForNormalUser)
+		pages.GET("/flashduty-channel-list/:id", rt.auth(), rt.user(), rt.flashDutyNotifyChannelsGet)
+		pages.GET("/notify-channel-config", rt.auth(), rt.user(), rt.notifyChannelGetBy)
+		pages.GET("/notify-channel-config/idents", rt.notifyChannelIdentsGet)
 	}

-	if rt.HTTP.Service.Enable {
+	r.GET("/api/n9e/versions", func(c *gin.Context) {
+		v := version.Version
+		lastIndex := strings.LastIndex(version.Version, "-")
+		if lastIndex != -1 {
+			v = version.Version[:lastIndex]
+		}
+
+		gv := version.GithubVersion.Load()
+		if gv != nil {
+			ginx.NewRender(c).Data(gin.H{"version": v, "github_verison": gv.(string)}, nil)
+		} else {
+			ginx.NewRender(c).Data(gin.H{"version": v, "github_verison": ""}, nil)
+		}
+	})
+
+	if rt.HTTP.APIForService.Enable {
 		service := r.Group("/v1/n9e")
-		if len(rt.HTTP.Service.BasicAuth) > 0 {
-			service.Use(gin.BasicAuth(rt.HTTP.Service.BasicAuth))
+		if len(rt.HTTP.APIForService.BasicAuth) > 0 {
+			service.Use(gin.BasicAuth(rt.HTTP.APIForService.BasicAuth))
 		}
 		{
 			service.Any("/prometheus/*url", rt.dsProxy)
 			service.POST("/users", rt.userAddPost)
+			service.PUT("/user/:id", rt.userProfilePutByService)
+			service.DELETE("/user/:id", rt.userDel)
 			service.GET("/users", rt.userFindAll)

-			service.GET("/targets", rt.targetGets)
+			service.GET("/user-groups", rt.userGroupGetsByService)
+			service.GET("/user-group-members", rt.userGroupMemberGetsByService)
+
+			service.GET("/targets", rt.targetGetsByService)
+			service.GET("/target/extra-meta", rt.targetExtendInfoByIdent)
+			service.POST("/target/list", rt.targetGetsByHostFilter)
+			service.DELETE("/targets", rt.targetDelByService)
 			service.GET("/targets/tags", rt.targetGetTags)
 			service.POST("/targets/tags", rt.targetBindTagsByService)
 			service.DELETE("/targets/tags", rt.targetUnbindTagsByService)
 			service.PUT("/targets/note", rt.targetUpdateNoteByService)
+			service.PUT("/targets/bgid", rt.targetUpdateBgidByService)
+
+			service.POST("/targets-of-host-query", rt.targetsOfHostQuery)

 			service.POST("/alert-rules", rt.alertRuleAddByService)
+			service.POST("/alert-rule-add", rt.alertRuleAddOneByService)
 			service.DELETE("/alert-rules", rt.alertRuleDelByService)
 			service.PUT("/alert-rule/:arid", rt.alertRulePutByService)
 			service.GET("/alert-rule/:arid", rt.alertRuleGet)
 			service.GET("/alert-rules", rt.alertRulesGetByService)

+			service.GET("/alert-subscribes", rt.alertSubscribeGetsByService)
+
+			service.GET("/busi-groups", rt.busiGroupGetsByService)
+
+			service.GET("/datasources", rt.datasourceGetsByService)
+			service.GET("/datasource-ids", rt.getDatasourceIds)
+			service.POST("/server-heartbeat", rt.serverHeartbeat)
+			service.GET("/servers-active", rt.serversActive)
+
+			service.GET("/recording-rules", rt.recordingRuleGetsByService)
+
 			service.GET("/alert-mutes", rt.alertMuteGets)
 			service.POST("/alert-mutes", rt.alertMuteAddByService)
 			service.DELETE("/alert-mutes", rt.alertMuteDel)

 			service.GET("/alert-cur-events", rt.alertCurEventsList)
+			service.GET("/alert-cur-events-get-by-rid", rt.alertCurEventsGetByRid)
 			service.GET("/alert-his-events", rt.alertHisEventsList)
 			service.GET("/alert-his-event/:eid", rt.alertHisEventGet)

+			service.GET("/task-tpl/:tid", rt.taskTplGetByService)
+			service.GET("/task-tpls", rt.taskTplGetsByService)
+			service.GET("/task-tpl/statistics", rt.taskTplStatistics)
+
 			service.GET("/config/:id", rt.configGet)
 			service.GET("/configs", rt.configsGet)
+			service.GET("/config", rt.configGetByKey)
+			service.GET("/all-configs", rt.configGetAll)
 			service.PUT("/configs", rt.configsPut)
 			service.POST("/configs", rt.configsPost)
 			service.DELETE("/configs", rt.configsDel)

 			service.POST("/conf-prop/encrypt", rt.confPropEncrypt)
 			service.POST("/conf-prop/decrypt", rt.confPropDecrypt)
+
+			service.GET("/statistic", rt.statistic)
+
+			service.GET("/notify-tpls", rt.notifyTplGets)
+
+			service.POST("/task-record-add", rt.taskRecordAdd)
+
+			service.GET("/user-variable/decrypt", rt.userVariableGetDecryptByService)
+
+			service.GET("/targets-of-alert-rule", rt.targetsOfAlertRule)
+
+			service.POST("/notify-record", rt.notificationRecordAdd)
+
+			service.GET("/alert-cur-events-del-by-hash", rt.alertCurEventDelByHash)
+
+			service.POST("/center/heartbeat", rt.heartbeat)
+
+			service.GET("/es-index-pattern-list", rt.esIndexPatternGetList)
+
+			service.GET("/notify-rules", rt.notifyRulesGetByService)
+
+			service.GET("/notify-channels", rt.notifyChannelConfigGets)
+
+			service.GET("/message-templates", rt.messageTemplateGets)
+
+			service.GET("/event-pipelines", rt.eventPipelinesListByService)
 		}
 	}

-	if rt.HTTP.Heartbeat.Enable {
+	if rt.HTTP.APIForAgent.Enable {
 		heartbeat := r.Group("/v1/n9e")
 		{
-			if len(rt.HTTP.Heartbeat.BasicAuth) > 0 {
-				heartbeat.Use(gin.BasicAuth(rt.HTTP.Heartbeat.BasicAuth))
+			if len(rt.HTTP.APIForAgent.BasicAuth) > 0 {
+				heartbeat.Use(gin.BasicAuth(rt.HTTP.APIForAgent.BasicAuth))
 			}
 			heartbeat.POST("/heartbeat", rt.heartbeat)
 		}
 	}

-	rt.configNoRoute(r)
+	rt.configNoRoute(r, &statikFS)
+
 }

 func Render(c *gin.Context, data, msg interface{}) {
--- a/center/router/router_alert_aggr_view.go
+++ b/center/router/router_alert_aggr_view.go
@@ -69,6 +69,11 @@ func (rt *Router) alertAggrViewPut(c *gin.Context) {
 			return
 		}
 	}
-
-	ginx.NewRender(c).Message(view.Update(rt.Ctx, f.Name, f.Rule, f.Cate, me.Id))
+	view.Name = f.Name
+	view.Rule = f.Rule
+	view.Cate = f.Cate
+	if view.CreateBy == 0 {
+		view.CreateBy = me.Id
+	}
+	ginx.NewRender(c).Message(view.Update(rt.Ctx))
 }
--- a/center/router/router_alert_cur_event.go
+++ b/center/router/router_alert_cur_event.go
@@ -1,50 +1,54 @@
 package router

 import (
+	"fmt"
 	"net/http"
 	"sort"
 	"strings"
+	"time"

 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
 )

-func parseAggrRules(c *gin.Context) []*models.AggrRule {
-	aggrRules := strings.Split(ginx.QueryStr(c, "rule", ""), "::") // e.g. field:group_name::field:severity::tagkey:ident
-
-	if len(aggrRules) == 0 {
-		ginx.Bomb(http.StatusBadRequest, "rule empty")
+func getUserGroupIds(ctx *gin.Context, rt *Router, myGroups bool) ([]int64, error) {
+	if !myGroups {
+		return nil, nil
 	}
-
-	rules := make([]*models.AggrRule, len(aggrRules))
-	for i := 0; i < len(aggrRules); i++ {
-		pair := strings.Split(aggrRules[i], ":")
-		if len(pair) != 2 {
-			ginx.Bomb(http.StatusBadRequest, "rule invalid")
-		}
-
-		if !(pair[0] == "field" || pair[0] == "tagkey") {
-			ginx.Bomb(http.StatusBadRequest, "rule invalid")
-		}
-
-		rules[i] = &models.AggrRule{
-			Type:  pair[0],
-			Value: pair[1],
-		}
-	}
-
-	return rules
+	me := ctx.MustGet("user").(*models.User)
+	return models.MyGroupIds(rt.Ctx, me.Id)
 }

 func (rt *Router) alertCurEventsCard(c *gin.Context) {
 	stime, etime := getTimeRange(c)
-	severity := ginx.QueryInt(c, "severity", -1)
+	severity := strx.IdsInt64ForAPI(ginx.QueryStr(c, "severity", ""), ",")
 	query := ginx.QueryStr(c, "query", "")
-	busiGroupId := ginx.QueryInt64(c, "bgid", 0)
+	myGroups := ginx.QueryBool(c, "my_groups", false) // 是否只看自己组，默认false
+
+	var gids []int64
+	var err error
+	if myGroups {
+		gids, err = getUserGroupIds(c, rt, myGroups)
+		ginx.Dangerous(err)
+		if len(gids) == 0 {
+			gids = append(gids, -1)
+		}
+	}
+
+	viewId := ginx.QueryInt64(c, "view_id")
+
+	alertView, err := models.GetAlertAggrViewByViewID(rt.Ctx, viewId)
+	ginx.Dangerous(err)
+
+	if alertView == nil {
+		ginx.Bomb(http.StatusNotFound, "alert aggr view not found")
+	}
+
 	dsIds := queryDatasourceIds(c)
-	rules := parseAggrRules(c)

 	prod := ginx.QueryStr(c, "prods", "")
 	if prod == "" {
@@ -61,13 +65,18 @@ func (rt *Router) alertCurEventsCard(c *gin.Context) {
 		cates = strings.Split(cate, ",")
 	}

+	bgids, err := GetBusinessGroupIds(c, rt.Ctx, rt.Center.EventHistoryGroupView, myGroups)
+	ginx.Dangerous(err)
+
 	// 最多获取50000个，获取太多也没啥意义
-	list, err := models.AlertCurEventGets(rt.Ctx, prods, busiGroupId, stime, etime, severity, dsIds, cates, query, 50000, 0)
+	list, err := models.AlertCurEventsGet(rt.Ctx, prods, bgids, stime, etime, severity, dsIds,
+		cates, 0, query, 50000, 0, []int64{})
 	ginx.Dangerous(err)

 	cardmap := make(map[string]*AlertCard)
 	for _, event := range list {
-		title := event.GenCardTitle(rules)
+		title, err := event.GenCardTitle(alertView.Rule)
+		ginx.Dangerous(err)
 		if _, has := cardmap[title]; has {
 			cardmap[title].Total++
 			cardmap[title].EventIds = append(cardmap[title].EventIds, event.Id)
@@ -82,6 +91,10 @@ func (rt *Router) alertCurEventsCard(c *gin.Context) {
 				Severity: event.Severity,
 			}
 		}
+
+		if cardmap[title].Severity < 1 {
+			cardmap[title].Severity = 3
+		}
 	}

 	titles := make([]string, 0, len(cardmap))
@@ -128,15 +141,25 @@ func (rt *Router) alertCurEventsCardDetails(c *gin.Context) {
 	ginx.NewRender(c).Data(list, err)
 }

+// alertCurEventsGetByRid
+func (rt *Router) alertCurEventsGetByRid(c *gin.Context) {
+	rid := ginx.QueryInt64(c, "rid")
+	dsId := ginx.QueryInt64(c, "dsid")
+	ginx.NewRender(c).Data(models.AlertCurEventGetByRuleIdAndDsId(rt.Ctx, rid, dsId))
+}
+
 // 列表方式，拉取活跃告警
 func (rt *Router) alertCurEventsList(c *gin.Context) {
 	stime, etime := getTimeRange(c)
-	severity := ginx.QueryInt(c, "severity", -1)
+	severity := strx.IdsInt64ForAPI(ginx.QueryStr(c, "severity", ""), ",")
 	query := ginx.QueryStr(c, "query", "")
 	limit := ginx.QueryInt(c, "limit", 20)
-	busiGroupId := ginx.QueryInt64(c, "bgid", 0)
+	myGroups := ginx.QueryBool(c, "my_groups", false) // 是否只看自己组，默认false
+
 	dsIds := queryDatasourceIds(c)

+	eventIds := strx.IdsInt64ForAPI(ginx.QueryStr(c, "event_ids", ""), ",")
+
 	prod := ginx.QueryStr(c, "prods", "")
 	if prod == "" {
 		prod = ginx.QueryStr(c, "rule_prods", "")
@@ -153,13 +176,21 @@ func (rt *Router) alertCurEventsList(c *gin.Context) {
 		cates = strings.Split(cate, ",")
 	}

-	total, err := models.AlertCurEventTotal(rt.Ctx, prods, busiGroupId, stime, etime, severity, dsIds, cates, query)
+	ruleId := ginx.QueryInt64(c, "rid", 0)
+
+	bgids, err := GetBusinessGroupIds(c, rt.Ctx, rt.Center.EventHistoryGroupView, myGroups)
 	ginx.Dangerous(err)

-	list, err := models.AlertCurEventGets(rt.Ctx, prods, busiGroupId, stime, etime, severity, dsIds, cates, query, limit, ginx.Offset(c, limit))
+	total, err := models.AlertCurEventTotal(rt.Ctx, prods, bgids, stime, etime, severity, dsIds,
+		cates, ruleId, query, eventIds)
+	ginx.Dangerous(err)
+
+	list, err := models.AlertCurEventsGet(rt.Ctx, prods, bgids, stime, etime, severity, dsIds,
+		cates, ruleId, query, limit, ginx.Offset(c, limit), eventIds)
 	ginx.Dangerous(err)

 	cache := make(map[int64]*models.UserGroup)
+
 	for i := 0; i < len(list); i++ {
 		list[i].FillNotifyGroups(rt.Ctx, cache)
 	}
@@ -175,29 +206,102 @@ func (rt *Router) alertCurEventDel(c *gin.Context) {
 	ginx.BindJSON(c, &f)
 	f.Verify()

+	rt.checkCurEventBusiGroupRWPermission(c, f.Ids)
+
+	ginx.NewRender(c).Message(models.AlertCurEventDel(rt.Ctx, f.Ids))
+}
+
+func (rt *Router) checkCurEventBusiGroupRWPermission(c *gin.Context, ids []int64) {
 	set := make(map[int64]struct{})

-	for i := 0; i < len(f.Ids); i++ {
-		event, err := models.AlertCurEventGetById(rt.Ctx, f.Ids[i])
-		ginx.Dangerous(err)
+	// event group id is 0, ignore perm check
+	set[0] = struct{}{}

+	for i := 0; i < len(ids); i++ {
+		event, err := models.AlertCurEventGetById(rt.Ctx, ids[i])
+		ginx.Dangerous(err)
+		if event == nil {
+			continue
+		}
 		if _, has := set[event.GroupId]; !has {
 			rt.bgrwCheck(c, event.GroupId)
 			set[event.GroupId] = struct{}{}
 		}
 	}
-
-	ginx.NewRender(c).Message(models.AlertCurEventDel(rt.Ctx, f.Ids))
 }

 func (rt *Router) alertCurEventGet(c *gin.Context) {
 	eid := ginx.UrlParamInt64(c, "eid")
-	event, err := models.AlertCurEventGetById(rt.Ctx, eid)
-	ginx.Dangerous(err)
+	event, err := GetCurEventDetail(rt.Ctx, eid)

-	if event == nil {
-		ginx.Bomb(404, "No such active event")
+	hasPermission := HasPermission(rt.Ctx, c, "event", fmt.Sprintf("%d", eid), rt.Center.AnonymousAccess.AlertDetail)
+	if !hasPermission {
+		rt.auth()(c)
+		rt.user()(c)
+		rt.bgroCheck(c, event.GroupId)
 	}

-	ginx.NewRender(c).Data(event, nil)
+	ginx.NewRender(c).Data(event, err)
+}
+
+func GetCurEventDetail(ctx *ctx.Context, eid int64) (*models.AlertCurEvent, error) {
+	event, err := models.AlertCurEventGetById(ctx, eid)
+	if err != nil {
+		return nil, err
+	}
+
+	if event == nil {
+		return nil, fmt.Errorf("no such active event")
+	}
+
+	ruleConfig, needReset := models.FillRuleConfigTplName(ctx, event.RuleConfig)
+	if needReset {
+		event.RuleConfigJson = ruleConfig
+	}
+
+	event.LastEvalTime = event.TriggerTime
+	event.NotifyVersion, err = GetEventNotifyVersion(ctx, event.RuleId, event.NotifyRuleIds)
+	ginx.Dangerous(err)
+
+	event.NotifyRules, err = GetEventNorifyRuleNames(ctx, event.NotifyRuleIds)
+	return event, err
+}
+
+func GetEventNorifyRuleNames(ctx *ctx.Context, notifyRuleIds []int64) ([]*models.EventNotifyRule, error) {
+	notifyRuleNames := make([]*models.EventNotifyRule, 0)
+	notifyRules, err := models.NotifyRulesGet(ctx, "id in ?", notifyRuleIds)
+	if err != nil {
+		return nil, err
+	}
+
+	for _, notifyRule := range notifyRules {
+		notifyRuleNames = append(notifyRuleNames, &models.EventNotifyRule{
+			Id:   notifyRule.ID,
+			Name: notifyRule.Name,
+		})
+	}
+	return notifyRuleNames, nil
+}
+
+func GetEventNotifyVersion(ctx *ctx.Context, ruleId int64, notifyRuleIds []int64) (int, error) {
+	if len(notifyRuleIds) != 0 {
+		// 如果存在 notify_rule_ids，则认为使用新的告警通知方式
+		return 1, nil
+	}
+
+	rule, err := models.AlertRuleGetById(ctx, ruleId)
+	if err != nil {
+		return 0, err
+	}
+	return rule.NotifyVersion, nil
+}
+
+func (rt *Router) alertCurEventsStatistics(c *gin.Context) {
+
+	ginx.NewRender(c).Data(models.AlertCurEventStatistics(rt.Ctx, time.Now()), nil)
+}
+
+func (rt *Router) alertCurEventDelByHash(c *gin.Context) {
+	hash := ginx.QueryStr(c, "hash")
+	ginx.NewRender(c).Message(models.AlertCurEventDelByHash(rt.Ctx, hash))
 }
--- a/center/router/router_alert_his_event.go
+++ b/center/router/router_alert_his_event.go
@@ -1,13 +1,18 @@
 package router

 import (
+	"fmt"
+	"net/http"
 	"strings"
 	"time"

 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/logger"
+	"golang.org/x/exp/slices"
 )

 func getTimeRange(c *gin.Context) (stime, etime int64) {
@@ -33,7 +38,6 @@ func (rt *Router) alertHisEventsList(c *gin.Context) {
 	recovered := ginx.QueryInt(c, "is_recovered", -1)
 	query := ginx.QueryStr(c, "query", "")
 	limit := ginx.QueryInt(c, "limit", 20)
-	busiGroupId := ginx.QueryInt64(c, "bgid", 0)
 	dsIds := queryDatasourceIds(c)

 	prod := ginx.QueryStr(c, "prods", "")
@@ -52,10 +56,17 @@ func (rt *Router) alertHisEventsList(c *gin.Context) {
 		cates = strings.Split(cate, ",")
 	}

-	total, err := models.AlertHisEventTotal(rt.Ctx, prods, busiGroupId, stime, etime, severity, recovered, dsIds, cates, query)
+	ruleId := ginx.QueryInt64(c, "rid", 0)
+
+	bgids, err := GetBusinessGroupIds(c, rt.Ctx, rt.Center.EventHistoryGroupView, false)
 	ginx.Dangerous(err)

-	list, err := models.AlertHisEventGets(rt.Ctx, prods, busiGroupId, stime, etime, severity, recovered, dsIds, cates, query, limit, ginx.Offset(c, limit))
+	total, err := models.AlertHisEventTotal(rt.Ctx, prods, bgids, stime, etime, severity,
+		recovered, dsIds, cates, ruleId, query)
+	ginx.Dangerous(err)
+
+	list, err := models.AlertHisEventGets(rt.Ctx, prods, bgids, stime, etime, severity, recovered,
+		dsIds, cates, ruleId, query, limit, ginx.Offset(c, limit))
 	ginx.Dangerous(err)

 	cache := make(map[int64]*models.UserGroup)
@@ -69,14 +80,112 @@ func (rt *Router) alertHisEventsList(c *gin.Context) {
 	}, nil)
 }

+type alertHisEventsDeleteForm struct {
+	Severities []int `json:"severities"`
+	Timestamp  int64 `json:"timestamp" binding:"required"`
+}
+
+func (rt *Router) alertHisEventsDelete(c *gin.Context) {
+	var f alertHisEventsDeleteForm
+	ginx.BindJSON(c, &f)
+	// 校验
+	if f.Timestamp == 0 {
+		ginx.Bomb(http.StatusBadRequest, "timestamp parameter is required")
+		return
+	}
+
+	user := c.MustGet("user").(*models.User)
+
+	// 启动后台清理任务
+	go func() {
+		limit := 100
+		for {
+			n, err := models.AlertHisEventBatchDelete(rt.Ctx, f.Timestamp, f.Severities, limit)
+			if err != nil {
+				logger.Errorf("Failed to delete alert history events: operator=%s, timestamp=%d, severities=%v, error=%v",
+					user.Username, f.Timestamp, f.Severities, err)
+				break
+			}
+			logger.Debugf("Successfully deleted alert history events: operator=%s, timestamp=%d, severities=%v, deleted=%d",
+				user.Username, f.Timestamp, f.Severities, n)
+			if n < int64(limit) {
+				break // 已经删完
+			}
+
+			time.Sleep(100 * time.Millisecond) // 防止锁表
+		}
+	}()
+	ginx.NewRender(c).Message("Alert history events deletion started")
+}
+
 func (rt *Router) alertHisEventGet(c *gin.Context) {
 	eid := ginx.UrlParamInt64(c, "eid")
 	event, err := models.AlertHisEventGetById(rt.Ctx, eid)
 	ginx.Dangerous(err)
-
 	if event == nil {
 		ginx.Bomb(404, "No such alert event")
 	}

+	hasPermission := HasPermission(rt.Ctx, c, "event", fmt.Sprintf("%d", eid), rt.Center.AnonymousAccess.AlertDetail)
+	if !hasPermission {
+		rt.auth()(c)
+		rt.user()(c)
+		rt.bgroCheck(c, event.GroupId)
+	}
+
+	ruleConfig, needReset := models.FillRuleConfigTplName(rt.Ctx, event.RuleConfig)
+	if needReset {
+		event.RuleConfigJson = ruleConfig
+	}
+
+	event.NotifyVersion, err = GetEventNotifyVersion(rt.Ctx, event.RuleId, event.NotifyRuleIds)
+	ginx.Dangerous(err)
+
+	event.NotifyRules, err = GetEventNorifyRuleNames(rt.Ctx, event.NotifyRuleIds)
 	ginx.NewRender(c).Data(event, err)
 }
+
+func GetBusinessGroupIds(c *gin.Context, ctx *ctx.Context, onlySelfGroupView bool, myGroups bool) ([]int64, error) {
+	bgid := ginx.QueryInt64(c, "bgid", 0)
+	var bgids []int64
+
+	if strings.HasPrefix(c.Request.URL.Path, "/v1") {
+		// 如果请求路径以 /v1 开头，不查询用户信息
+		if bgid > 0 {
+			return []int64{bgid}, nil
+		}
+
+		return bgids, nil
+	}
+
+	user := c.MustGet("user").(*models.User)
+	if myGroups || (onlySelfGroupView && !user.IsAdmin()) {
+		// 1. 页面上勾选了我的业务组，需要查询用户所属的业务组
+		// 2. 如果 onlySelfGroupView 为 true，表示只允许查询用户所属的业务组
+		bussGroupIds, err := models.MyBusiGroupIds(ctx, user.Id)
+		if err != nil {
+			return nil, err
+		}
+
+		if len(bussGroupIds) == 0 {
+			// 如果没查到用户属于任何业务组，需要返回一个0，否则会导致查询到全部告警历史
+			return []int64{0}, nil
+		}
+
+		if bgid > 0 {
+			if !slices.Contains(bussGroupIds, bgid) && !user.IsAdmin() {
+				return nil, fmt.Errorf("business group ID not allowed")
+			}
+
+			return []int64{bgid}, nil
+		}
+
+		return bussGroupIds, nil
+	}
+
+	if bgid > 0 {
+		return []int64{bgid}, nil
+	}
+
+	return bgids, nil
+}
--- a/center/router/router_alert_rule.go
+++ b/center/router/router_alert_rule.go
@@ -1,17 +1,32 @@
 package router

 import (
+	"encoding/json"
+	"fmt"
 	"net/http"
+	"regexp"
+	"strconv"
 	"strings"
 	"time"

+	"gopkg.in/yaml.v2"
+
+	"github.com/ccfos/nightingale/v6/alert/mute"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/strx"
+	"github.com/ccfos/nightingale/v6/pushgw/pconf"
+	"github.com/ccfos/nightingale/v6/pushgw/writer"

 	"github.com/gin-gonic/gin"
+	"github.com/jinzhu/copier"
+	"github.com/pkg/errors"
+	"github.com/prometheus/prometheus/prompb"
 	"github.com/toolkits/pkg/ginx"
 	"github.com/toolkits/pkg/i18n"
 )

+type AlertRuleModifyHookFunc func(ar *models.AlertRule)
+
 // Return all, front-end search and paging
 func (rt *Router) alertRuleGets(c *gin.Context) {
 	busiGroupId := ginx.UrlParamInt64(c, "id")
@@ -26,8 +41,82 @@ func (rt *Router) alertRuleGets(c *gin.Context) {
 	ginx.NewRender(c).Data(ars, err)
 }

+func getAlertCueEventTimeRange(c *gin.Context) (stime, etime int64) {
+	stime = ginx.QueryInt64(c, "stime", 0)
+	etime = ginx.QueryInt64(c, "etime", 0)
+	if etime == 0 {
+		etime = time.Now().Unix()
+	}
+	if stime == 0 || stime >= etime {
+		stime = etime - 30*24*int64(time.Hour.Seconds())
+	}
+	return
+}
+
+func (rt *Router) alertRuleGetsByGids(c *gin.Context) {
+	gids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "gids", ""), ",")
+	if len(gids) > 0 {
+		for _, gid := range gids {
+			rt.bgroCheck(c, gid)
+		}
+	} else {
+		me := c.MustGet("user").(*models.User)
+		if !me.IsAdmin() {
+			var err error
+			gids, err = models.MyBusiGroupIds(rt.Ctx, me.Id)
+			ginx.Dangerous(err)
+
+			if len(gids) == 0 {
+				ginx.NewRender(c).Data([]int{}, nil)
+				return
+			}
+		}
+	}
+
+	ars, err := models.AlertRuleGetsByBGIds(rt.Ctx, gids)
+	if err == nil {
+		cache := make(map[int64]*models.UserGroup)
+		rids := make([]int64, 0, len(ars))
+		names := make([]string, 0, len(ars))
+		for i := 0; i < len(ars); i++ {
+			ars[i].FillNotifyGroups(rt.Ctx, cache)
+			ars[i].FillSeverities()
+
+			if len(ars[i].DatasourceQueries) != 0 {
+				ars[i].DatasourceIdsJson = rt.DatasourceCache.GetIDsByDsCateAndQueries(ars[i].Cate, ars[i].DatasourceQueries)
+			}
+
+			rids = append(rids, ars[i].Id)
+			names = append(names, ars[i].UpdateBy)
+		}
+
+		stime, etime := getAlertCueEventTimeRange(c)
+		cnt := models.AlertCurEventCountByRuleId(rt.Ctx, rids, stime, etime)
+		if cnt != nil {
+			for i := 0; i < len(ars); i++ {
+				ars[i].CurEventCount = cnt[ars[i].Id]
+			}
+		}
+
+		users := models.UserMapGet(rt.Ctx, "username in (?)", names)
+		if users != nil {
+			for i := 0; i < len(ars); i++ {
+				if user, exist := users[ars[i].UpdateBy]; exist {
+					ars[i].UpdateByNickname = user.Nickname
+				}
+			}
+		}
+	}
+	ginx.NewRender(c).Data(ars, err)
+}
+
 func (rt *Router) alertRulesGetByService(c *gin.Context) {
-	prods := strings.Split(ginx.QueryStr(c, "prods", ""), ",")
+	prods := []string{}
+	prodStr := ginx.QueryStr(c, "prods", "")
+	if prodStr != "" {
+		prods = strings.Split(ginx.QueryStr(c, "prods", ""), ",")
+	}
+
 	query := ginx.QueryStr(c, "query", "")
 	algorithm := ginx.QueryStr(c, "algorithm", "")
 	cluster := ginx.QueryStr(c, "cluster", "")
@@ -43,6 +132,10 @@ func (rt *Router) alertRulesGetByService(c *gin.Context) {
 		cache := make(map[int64]*models.UserGroup)
 		for i := 0; i < len(ars); i++ {
 			ars[i].FillNotifyGroups(rt.Ctx, cache)
+
+			if len(ars[i].DatasourceQueries) != 0 {
+				ars[i].DatasourceIdsJson = rt.DatasourceCache.GetIDsByDsCateAndQueries(ars[i].Cate, ars[i].DatasourceQueries)
+			}
 		}
 	}
 	ginx.NewRender(c).Data(ars, err)
@@ -66,6 +159,120 @@ func (rt *Router) alertRuleAddByFE(c *gin.Context) {
 	ginx.NewRender(c).Data(reterr, nil)
 }

+type AlertRuleTryRunForm struct {
+	EventId         int64            `json:"event_id" binding:"required"`
+	AlertRuleConfig models.AlertRule `json:"config" binding:"required"`
+}
+
+func (rt *Router) alertRuleNotifyTryRun(c *gin.Context) {
+	// check notify channels of old version
+	var f AlertRuleTryRunForm
+	ginx.BindJSON(c, &f)
+
+	hisEvent, err := models.AlertHisEventGetById(rt.Ctx, f.EventId)
+	ginx.Dangerous(err)
+
+	if hisEvent == nil {
+		ginx.Bomb(http.StatusNotFound, "event not found")
+	}
+
+	curEvent := *hisEvent.ToCur()
+	curEvent.SetTagsMap()
+
+	if f.AlertRuleConfig.NotifyVersion == 1 {
+		for _, id := range f.AlertRuleConfig.NotifyRuleIds {
+			notifyRule, err := models.GetNotifyRule(rt.Ctx, id)
+			ginx.Dangerous(err)
+			for _, notifyConfig := range notifyRule.NotifyConfigs {
+				_, err = SendNotifyChannelMessage(rt.Ctx, rt.UserCache, rt.UserGroupCache, notifyConfig, []*models.AlertCurEvent{&curEvent})
+				ginx.Dangerous(err)
+			}
+		}
+
+		ginx.NewRender(c).Data("notification test ok", nil)
+		return
+	}
+
+	if len(f.AlertRuleConfig.NotifyChannelsJSON) == 0 {
+		ginx.Bomb(http.StatusOK, "no notify channels selected")
+	}
+
+	if len(f.AlertRuleConfig.NotifyGroupsJSON) == 0 {
+		ginx.Bomb(http.StatusOK, "no notify groups selected")
+	}
+
+	ancs := make([]string, 0, len(curEvent.NotifyChannelsJSON))
+	ugids := f.AlertRuleConfig.NotifyGroupsJSON
+	ngids := make([]int64, 0)
+	for i := 0; i < len(ugids); i++ {
+		if gid, err := strconv.ParseInt(ugids[i], 10, 64); err == nil {
+			ngids = append(ngids, gid)
+		}
+	}
+	userGroups := rt.UserGroupCache.GetByUserGroupIds(ngids)
+	uids := make([]int64, 0)
+	for i := range userGroups {
+		uids = append(uids, userGroups[i].UserIds...)
+	}
+	users := rt.UserCache.GetByUserIds(uids)
+	for _, NotifyChannels := range curEvent.NotifyChannelsJSON {
+		flag := true
+		// ignore non-default channels
+		switch NotifyChannels {
+		case models.Dingtalk, models.Wecom, models.Feishu, models.Mm,
+			models.Telegram, models.Email, models.FeishuCard:
+			// do nothing
+		default:
+			continue
+		}
+		// default channels
+		for ui := range users {
+			if _, b := users[ui].ExtractToken(NotifyChannels); b {
+				flag = false
+				break
+			}
+		}
+		if flag {
+			ancs = append(ancs, NotifyChannels)
+		}
+	}
+	if len(ancs) > 0 {
+		ginx.Dangerous(errors.New(fmt.Sprintf("All users are missing notify channel configurations. Please check for missing tokens (each channel should be configured with at least one user). %v", ancs)))
+	}
+
+	ginx.NewRender(c).Data("notification test ok", nil)
+}
+
+func (rt *Router) alertRuleEnableTryRun(c *gin.Context) {
+	// check notify channels of old version
+	var f AlertRuleTryRunForm
+	ginx.BindJSON(c, &f)
+
+	hisEvent, err := models.AlertHisEventGetById(rt.Ctx, f.EventId)
+	ginx.Dangerous(err)
+
+	if hisEvent == nil {
+		ginx.Bomb(http.StatusNotFound, "event not found")
+	}
+
+	curEvent := *hisEvent.ToCur()
+	curEvent.SetTagsMap()
+
+	if f.AlertRuleConfig.Disabled == 1 {
+		ginx.Bomb(http.StatusOK, "rule is disabled")
+	}
+
+	if mute.TimeSpanMuteStrategy(&f.AlertRuleConfig, &curEvent) {
+		ginx.Bomb(http.StatusOK, "event is not match for period of time")
+	}
+
+	if mute.BgNotMatchMuteStrategy(&f.AlertRuleConfig, &curEvent, rt.TargetCache) {
+		ginx.Bomb(http.StatusOK, "event target busi group not match rule busi group")
+	}
+
+	ginx.NewRender(c).Data("event is effective", nil)
+}
+
 func (rt *Router) alertRuleAddByImport(c *gin.Context) {
 	username := c.MustGet("username").(string)

@@ -77,12 +284,81 @@ func (rt *Router) alertRuleAddByImport(c *gin.Context) {
 		ginx.Bomb(http.StatusBadRequest, "input json is empty")
 	}

+	for i := range lst {
+		if len(lst[i].DatasourceQueries) == 0 {
+			lst[i].DatasourceQueries = []models.DatasourceQuery{
+				models.DataSourceQueryAll,
+			}
+		}
+	}
+
 	bgid := ginx.UrlParamInt64(c, "id")
 	reterr := rt.alertRuleAdd(lst, username, bgid, c.GetHeader("X-Language"))

 	ginx.NewRender(c).Data(reterr, nil)
 }

+type promRuleForm struct {
+	Payload           string                   `json:"payload" binding:"required"`
+	DatasourceQueries []models.DatasourceQuery `json:"datasource_queries" binding:"required"`
+	Disabled          int                      `json:"disabled" binding:"gte=0,lte=1"`
+}
+
+func (rt *Router) alertRuleAddByImportPromRule(c *gin.Context) {
+	var f promRuleForm
+	ginx.Dangerous(c.BindJSON(&f))
+
+	// 首先尝试解析带 groups 的格式
+	var pr struct {
+		Groups []models.PromRuleGroup `yaml:"groups"`
+	}
+	err := yaml.Unmarshal([]byte(f.Payload), &pr)
+
+	var groups []models.PromRuleGroup
+
+	if err != nil || len(pr.Groups) == 0 {
+		// 如果解析失败或没有 groups，尝试解析规则数组格式
+		var rules []models.PromRule
+		err = yaml.Unmarshal([]byte(f.Payload), &rules)
+		if err != nil {
+			// 最后尝试解析单个规则格式
+			var singleRule models.PromRule
+			err = yaml.Unmarshal([]byte(f.Payload), &singleRule)
+			if err != nil {
+				ginx.Bomb(http.StatusBadRequest, "invalid yaml format. err: %v", err)
+			}
+
+			// 验证单个规则是否有效
+			if singleRule.Alert == "" && singleRule.Record == "" {
+				ginx.Bomb(http.StatusBadRequest, "input yaml is empty or invalid")
+			}
+
+			rules = []models.PromRule{singleRule}
+		}
+
+		// 验证规则数组是否为空
+		if len(rules) == 0 {
+			ginx.Bomb(http.StatusBadRequest, "input yaml contains no rules")
+		}
+
+		// 将规则数组包装成 group
+		groups = []models.PromRuleGroup{
+			{
+				Name:  "imported_rules",
+				Rules: rules,
+			},
+		}
+	} else {
+		// 使用已解析的 groups
+		groups = pr.Groups
+	}
+
+	lst := models.DealPromGroup(groups, f.DatasourceQueries, f.Disabled)
+	username := c.MustGet("username").(string)
+	bgid := ginx.UrlParamInt64(c, "id")
+	ginx.NewRender(c).Data(rt.alertRuleAdd(lst, username, bgid, c.GetHeader("X-Language")), nil)
+}
+
 func (rt *Router) alertRuleAddByService(c *gin.Context) {
 	var lst []models.AlertRule
 	ginx.BindJSON(c, &lst)
@@ -95,6 +371,17 @@ func (rt *Router) alertRuleAddByService(c *gin.Context) {
 	ginx.NewRender(c).Data(reterr, nil)
 }

+func (rt *Router) alertRuleAddOneByService(c *gin.Context) {
+	var f models.AlertRule
+	ginx.BindJSON(c, &f)
+
+	err := f.FE2DB()
+	ginx.Dangerous(err)
+
+	err = f.Add(rt.Ctx)
+	ginx.NewRender(c).Data(f.Id, err)
+}
+
 func (rt *Router) alertRuleAddForService(lst []models.AlertRule, username string) map[string]string {
 	count := len(lst)
 	// alert rule name -> error string
@@ -222,6 +509,43 @@ func (rt *Router) alertRulePutFields(c *gin.Context) {
 			continue
 		}

+		if f.Action == "update_triggers" {
+			if triggers, has := f.Fields["triggers"]; has {
+				originRule := ar.RuleConfigJson.(map[string]interface{})
+				originRule["triggers"] = triggers
+				b, err := json.Marshal(originRule)
+				ginx.Dangerous(err)
+				ginx.Dangerous(ar.UpdateFieldsMap(rt.Ctx, map[string]interface{}{"rule_config": string(b)}))
+				continue
+			}
+		}
+
+		if f.Action == "annotations_add" {
+			if annotations, has := f.Fields["annotations"]; has {
+				annotationsMap := annotations.(map[string]interface{})
+				for k, v := range annotationsMap {
+					ar.AnnotationsJSON[k] = v.(string)
+				}
+				b, err := json.Marshal(ar.AnnotationsJSON)
+				ginx.Dangerous(err)
+				ginx.Dangerous(ar.UpdateFieldsMap(rt.Ctx, map[string]interface{}{"annotations": string(b)}))
+				continue
+			}
+		}
+
+		if f.Action == "annotations_del" {
+			if annotations, has := f.Fields["annotations"]; has {
+				annotationsKeys := annotations.(map[string]interface{})
+				for key := range annotationsKeys {
+					delete(ar.AnnotationsJSON, key)
+				}
+				b, err := json.Marshal(ar.AnnotationsJSON)
+				ginx.Dangerous(err)
+				ginx.Dangerous(ar.UpdateFieldsMap(rt.Ctx, map[string]interface{}{"annotations": string(b)}))
+				continue
+			}
+		}
+
 		if f.Action == "callback_add" {
 			// 增加一个 callback 地址
 			if callbacks, has := f.Fields["callbacks"]; has {
@@ -242,8 +566,41 @@ func (rt *Router) alertRulePutFields(c *gin.Context) {
 			}
 		}

+		if f.Action == "datasource_change" {
+			// 修改数据源
+			if datasourceQueries, has := f.Fields["datasource_queries"]; has {
+				bytes, err := json.Marshal(datasourceQueries)
+				ginx.Dangerous(err)
+				ginx.Dangerous(ar.UpdateFieldsMap(rt.Ctx, map[string]interface{}{"datasource_queries": bytes}))
+				continue
+			}
+		}
+
+		// 检测是否是批量更新通知规则的字段，如果是清理掉旧版本的配置
+		for k := range f.Fields {
+			if k == "notify_rule_ids" {
+				f.Fields["notify_version"] = 1
+				f.Fields["notify_channels"] = ""
+				f.Fields["notify_groups"] = ""
+				f.Fields["callbacks"] = ""
+			}
+
+			if k == "notify_channels" {
+				f.Fields["notify_version"] = 0
+			}
+		}
+
 		for k, v := range f.Fields {
-			ginx.Dangerous(ar.UpdateColumn(rt.Ctx, k, v))
+			// 检查 v 是否为各种切片类型
+			switch v.(type) {
+			case []interface{}, []int64, []int, []string:
+				// 将切片转换为 JSON 字符串
+				bytes, err := json.Marshal(v)
+				ginx.Dangerous(err)
+				ginx.Dangerous(ar.UpdateColumn(rt.Ctx, k, string(bytes)))
+			default:
+				ginx.Dangerous(ar.UpdateColumn(rt.Ctx, k, v))
+			}
 		}
 	}

@@ -261,8 +618,281 @@ func (rt *Router) alertRuleGet(c *gin.Context) {
 		return
 	}

+	if len(ar.DatasourceQueries) != 0 {
+		ar.DatasourceIdsJson = rt.DatasourceCache.GetIDsByDsCateAndQueries(ar.Cate, ar.DatasourceQueries)
+	}
+
 	err = ar.FillNotifyGroups(rt.Ctx, make(map[int64]*models.UserGroup))
 	ginx.Dangerous(err)

+	rt.AlertRuleModifyHook(ar)
 	ginx.NewRender(c).Data(ar, err)
 }
+
+func (rt *Router) alertRulePureGet(c *gin.Context) {
+	arid := ginx.UrlParamInt64(c, "arid")
+
+	ar, err := models.AlertRuleGetById(rt.Ctx, arid)
+	ginx.Dangerous(err)
+
+	if ar == nil {
+		ginx.NewRender(c, http.StatusNotFound).Message("No such AlertRule")
+		return
+	}
+
+	ginx.NewRender(c).Data(ar, err)
+}
+
+// pre validation before save rule
+func (rt *Router) alertRuleValidation(c *gin.Context) {
+	var f models.AlertRule //new
+	ginx.BindJSON(c, &f)
+
+	if len(f.NotifyChannelsJSON) > 0 && len(f.NotifyGroupsJSON) > 0 { //Validation NotifyChannels
+		ngids := make([]int64, 0, len(f.NotifyChannelsJSON))
+		for i := range f.NotifyGroupsJSON {
+			id, _ := strconv.ParseInt(f.NotifyGroupsJSON[i], 10, 64)
+			ngids = append(ngids, id)
+		}
+		userGroups := rt.UserGroupCache.GetByUserGroupIds(ngids)
+		uids := make([]int64, 0)
+		for i := range userGroups {
+			uids = append(uids, userGroups[i].UserIds...)
+		}
+		users := rt.UserCache.GetByUserIds(uids)
+		//If any users have a certain notify channel's token, it will be okay. Otherwise, this notify channel is absent of tokens.
+		ancs := make([]string, 0, len(f.NotifyChannelsJSON)) //absent Notify Channels
+		for i := range f.NotifyChannelsJSON {
+			flag := true
+			//ignore non-default channels
+			switch f.NotifyChannelsJSON[i] {
+			case models.Dingtalk, models.Wecom, models.Feishu, models.Mm,
+				models.Telegram, models.Email, models.FeishuCard:
+				// do nothing
+			default:
+				continue
+			}
+			//default channels
+			for ui := range users {
+				if _, b := users[ui].ExtractToken(f.NotifyChannelsJSON[i]); b {
+					flag = false
+					break
+				}
+			}
+			if flag {
+				ancs = append(ancs, f.NotifyChannelsJSON[i])
+			}
+		}
+
+		if len(ancs) > 0 {
+			ginx.NewRender(c).Message("All users are missing notify channel configurations. Please check for missing tokens (each channel should be configured with at least one user). %s", ancs)
+			return
+		}
+
+	}
+
+	ginx.NewRender(c).Message("")
+}
+
+func (rt *Router) alertRuleCallbacks(c *gin.Context) {
+	user := c.MustGet("user").(*models.User)
+	bussGroupIds, err := models.MyBusiGroupIds(rt.Ctx, user.Id)
+	ginx.Dangerous(err)
+
+	ars, err := models.AlertRuleGetsByBGIds(rt.Ctx, bussGroupIds)
+	ginx.Dangerous(err)
+
+	var callbacks []string
+	callbackFilter := make(map[string]struct{})
+	for i := range ars {
+		for _, callback := range ars[i].CallbacksJSON {
+			if _, ok := callbackFilter[callback]; !ok {
+				callbackFilter[callback] = struct{}{}
+				callbacks = append(callbacks, callback)
+			}
+		}
+	}
+
+	ginx.NewRender(c).Data(callbacks, nil)
+}
+
+type alertRuleTestForm struct {
+	Configs []*pconf.RelabelConfig `json:"configs"`
+	Tags    []string               `json:"tags"`
+}
+
+func (rt *Router) relabelTest(c *gin.Context) {
+	var f alertRuleTestForm
+	ginx.BindJSON(c, &f)
+
+	if len(f.Tags) == 0 || len(f.Configs) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "relabel config is empty")
+	}
+
+	labels := make([]prompb.Label, len(f.Tags))
+	for i, tag := range f.Tags {
+		label := strings.SplitN(tag, "=", 2)
+		if len(label) != 2 {
+			ginx.Bomb(http.StatusBadRequest, "tag:%s format error", tag)
+		}
+
+		labels[i] = prompb.Label{Name: label[0], Value: label[1]}
+	}
+
+	for i := 0; i < len(f.Configs); i++ {
+		if f.Configs[i].Replacement == "" {
+			f.Configs[i].Replacement = "$1"
+		}
+
+		if f.Configs[i].Separator == "" {
+			f.Configs[i].Separator = ";"
+		}
+
+		if f.Configs[i].Regex == "" {
+			f.Configs[i].Regex = "(.*)"
+		}
+	}
+
+	relabels := writer.Process(labels, f.Configs...)
+
+	var tags []string
+	for _, label := range relabels {
+		tags = append(tags, fmt.Sprintf("%s=%s", label.Name, label.Value))
+	}
+
+	ginx.NewRender(c).Data(tags, nil)
+}
+
+type identListForm struct {
+	Ids       []int64  `json:"ids"`
+	IdentList []string `json:"ident_list"`
+}
+
+func containsIdentOperator(s string) bool {
+	pattern := `ident\s*(!=|!~|=~)`
+	matched, err := regexp.MatchString(pattern, s)
+	if err != nil {
+		return false
+	}
+	return matched
+}
+
+func (rt *Router) cloneToMachine(c *gin.Context) {
+	var f identListForm
+	ginx.BindJSON(c, &f)
+
+	if len(f.IdentList) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "ident_list is empty")
+	}
+
+	alertRules, err := models.AlertRuleGetsByIds(rt.Ctx, f.Ids)
+	ginx.Dangerous(err)
+
+	re := regexp.MustCompile(`ident\s*=\s*\\".*?\\"`)
+
+	user := c.MustGet("username").(string)
+	now := time.Now().Unix()
+
+	newRules := make([]*models.AlertRule, 0)
+
+	reterr := make(map[string]map[string]string)
+
+	for i := range alertRules {
+		errMsg := make(map[string]string)
+
+		if alertRules[i].Cate != "prometheus" {
+			errMsg["all"] = "Only Prometheus rule can be cloned to machines"
+			reterr[alertRules[i].Name] = errMsg
+			continue
+		}
+
+		if containsIdentOperator(alertRules[i].RuleConfig) {
+			errMsg["all"] = "promql is missing ident"
+			reterr[alertRules[i].Name] = errMsg
+			continue
+		}
+
+		for j := range f.IdentList {
+			alertRules[i].RuleConfig = re.ReplaceAllString(alertRules[i].RuleConfig, fmt.Sprintf(`ident=\"%s\"`, f.IdentList[j]))
+
+			newRule := &models.AlertRule{}
+			if err := copier.Copy(newRule, alertRules[i]); err != nil {
+				errMsg[f.IdentList[j]] = fmt.Sprintf("fail to clone rule, err: %s", err)
+				continue
+			}
+
+			newRule.Id = 0
+			newRule.Name = alertRules[i].Name + "_" + f.IdentList[j]
+			newRule.CreateBy = user
+			newRule.UpdateBy = user
+			newRule.UpdateAt = now
+			newRule.CreateAt = now
+			newRule.RuleConfig = alertRules[i].RuleConfig
+
+			exist, err := models.AlertRuleExists(rt.Ctx, 0, newRule.GroupId, newRule.Name)
+			if err != nil {
+				errMsg[f.IdentList[j]] = err.Error()
+				continue
+			}
+
+			if exist {
+				errMsg[f.IdentList[j]] = fmt.Sprintf("rule already exists, ruleName: %s", newRule.Name)
+				continue
+			}
+
+			newRules = append(newRules, newRule)
+		}
+
+		if len(errMsg) > 0 {
+			reterr[alertRules[i].Name] = errMsg
+		}
+	}
+
+	ginx.NewRender(c).Data(reterr, models.InsertAlertRule(rt.Ctx, newRules))
+}
+
+type alertBatchCloneForm struct {
+	RuleIds []int64 `json:"rule_ids"`
+	Bgids   []int64 `json:"bgids"`
+}
+
+// 批量克隆告警规则
+func (rt *Router) batchAlertRuleClone(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+
+	var f alertBatchCloneForm
+	ginx.BindJSON(c, &f)
+
+	// 校验 bgids 操作权限
+	for _, bgid := range f.Bgids {
+		rt.bgrwCheck(c, bgid)
+	}
+
+	reterr := make(map[string]string, len(f.RuleIds))
+	lang := c.GetHeader("X-Language")
+
+	for _, arid := range f.RuleIds {
+		ar, err := models.AlertRuleGetById(rt.Ctx, arid)
+		for _, bgid := range f.Bgids {
+			// 为了让 bgid 和 arid 对应，将上面的 err 放到这里处理
+			if err != nil {
+				reterr[fmt.Sprintf("%d-%d", arid, bgid)] = i18n.Sprintf(lang, err.Error())
+				continue
+			}
+
+			if ar == nil {
+				reterr[fmt.Sprintf("%d-%d", arid, bgid)] = i18n.Sprintf(lang, "alert rule not found")
+				continue
+			}
+
+			newAr := ar.Clone(me.Username, bgid)
+			err = newAr.Add(rt.Ctx)
+			if err != nil {
+				reterr[fmt.Sprintf("%d-%d", arid, bgid)] = i18n.Sprintf(lang, err.Error())
+				continue
+			}
+		}
+	}
+
+	ginx.NewRender(c).Data(reterr, nil)
+}
--- a/center/router/router_alert_subscribe.go
+++ b/center/router/router_alert_subscribe.go
@@ -2,33 +2,71 @@ package router

 import (
 	"net/http"
+	"strconv"
+	"strings"
 	"time"

+	"github.com/ccfos/nightingale/v6/alert/common"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/i18n"
 )

 // Return all, front-end search and paging
 func (rt *Router) alertSubscribeGets(c *gin.Context) {
 	bgid := ginx.UrlParamInt64(c, "id")
 	lst, err := models.AlertSubscribeGets(rt.Ctx, bgid)
-	if err == nil {
-		ugcache := make(map[int64]*models.UserGroup)
-		for i := 0; i < len(lst); i++ {
-			ginx.Dangerous(lst[i].FillUserGroups(rt.Ctx, ugcache))
-		}
+	ginx.Dangerous(err)

-		rulecache := make(map[int64]string)
-		for i := 0; i < len(lst); i++ {
-			ginx.Dangerous(lst[i].FillRuleName(rt.Ctx, rulecache))
-		}
+	ugcache := make(map[int64]*models.UserGroup)
+	rulecache := make(map[int64]string)

-		for i := 0; i < len(lst); i++ {
-			ginx.Dangerous(lst[i].FillDatasourceIds(rt.Ctx))
+	for i := 0; i < len(lst); i++ {
+		ginx.Dangerous(lst[i].FillUserGroups(rt.Ctx, ugcache))
+		ginx.Dangerous(lst[i].FillRuleNames(rt.Ctx, rulecache))
+		ginx.Dangerous(lst[i].FillDatasourceIds(rt.Ctx))
+		ginx.Dangerous(lst[i].DB2FE())
+	}
+
+	ginx.NewRender(c).Data(lst, err)
+}
+
+func (rt *Router) alertSubscribeGetsByGids(c *gin.Context) {
+	gids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "gids", ""), ",")
+	if len(gids) > 0 {
+		for _, gid := range gids {
+			rt.bgroCheck(c, gid)
+		}
+	} else {
+		me := c.MustGet("user").(*models.User)
+		if !me.IsAdmin() {
+			var err error
+			gids, err = models.MyBusiGroupIds(rt.Ctx, me.Id)
+			ginx.Dangerous(err)
+
+			if len(gids) == 0 {
+				ginx.NewRender(c).Data([]int{}, nil)
+				return
+			}
 		}
 	}
+
+	lst, err := models.AlertSubscribeGetsByBGIds(rt.Ctx, gids)
+	ginx.Dangerous(err)
+
+	ugcache := make(map[int64]*models.UserGroup)
+	rulecache := make(map[int64]string)
+
+	for i := 0; i < len(lst); i++ {
+		ginx.Dangerous(lst[i].FillUserGroups(rt.Ctx, ugcache))
+		ginx.Dangerous(lst[i].FillRuleNames(rt.Ctx, rulecache))
+		ginx.Dangerous(lst[i].FillDatasourceIds(rt.Ctx))
+		ginx.Dangerous(lst[i].DB2FE())
+	}
+
 	ginx.NewRender(c).Data(lst, err)
 }

@@ -47,7 +85,7 @@ func (rt *Router) alertSubscribeGet(c *gin.Context) {
 	ginx.Dangerous(sub.FillUserGroups(rt.Ctx, ugcache))

 	rulecache := make(map[int64]string)
-	ginx.Dangerous(sub.FillRuleName(rt.Ctx, rulecache))
+	ginx.Dangerous(sub.FillRuleNames(rt.Ctx, rulecache))
 	ginx.Dangerous(sub.FillDatasourceIds(rt.Ctx))
 	ginx.Dangerous(sub.DB2FE())

@@ -70,6 +108,148 @@ func (rt *Router) alertSubscribeAdd(c *gin.Context) {
 	ginx.NewRender(c).Message(f.Add(rt.Ctx))
 }

+type SubscribeTryRunForm struct {
+	EventId         int64                 `json:"event_id" binding:"required"`
+	SubscribeConfig models.AlertSubscribe `json:"config" binding:"required"`
+}
+
+func (rt *Router) alertSubscribeTryRun(c *gin.Context) {
+	var f SubscribeTryRunForm
+	ginx.BindJSON(c, &f)
+	ginx.Dangerous(f.SubscribeConfig.Verify())
+
+	hisEvent, err := models.AlertHisEventGetById(rt.Ctx, f.EventId)
+	ginx.Dangerous(err)
+
+	if hisEvent == nil {
+		ginx.Bomb(http.StatusNotFound, "event not found")
+	}
+
+	curEvent := *hisEvent.ToCur()
+	curEvent.SetTagsMap()
+
+	lang := c.GetHeader("X-Language")
+
+	// 先判断匹配条件
+	if !f.SubscribeConfig.MatchCluster(curEvent.DatasourceId) {
+		ginx.Bomb(http.StatusBadRequest, i18n.Sprintf(lang, "event datasource not match"))
+	}
+
+	if len(f.SubscribeConfig.RuleIds) != 0 {
+		match := false
+		for _, rid := range f.SubscribeConfig.RuleIds {
+			if rid == curEvent.RuleId {
+				match = true
+				break
+			}
+		}
+		if !match {
+			ginx.Bomb(http.StatusBadRequest, i18n.Sprintf(lang, "event rule id not match"))
+		}
+	}
+
+	// 匹配 tag
+	f.SubscribeConfig.Parse()
+	if !common.MatchTags(curEvent.TagsMap, f.SubscribeConfig.ITags) {
+		ginx.Bomb(http.StatusBadRequest, i18n.Sprintf(lang, "event tags not match"))
+	}
+
+	// 匹配group name
+	if !common.MatchGroupsName(curEvent.GroupName, f.SubscribeConfig.IBusiGroups) {
+		ginx.Bomb(http.StatusBadRequest, i18n.Sprintf(lang, "event group name not match"))
+	}
+
+	// 检查严重级别（Severity）匹配
+	if len(f.SubscribeConfig.SeveritiesJson) != 0 {
+		match := false
+		for _, s := range f.SubscribeConfig.SeveritiesJson {
+			if s == curEvent.Severity || s == 0 {
+				match = true
+				break
+			}
+		}
+		if !match {
+			ginx.Bomb(http.StatusBadRequest, i18n.Sprintf(lang, "event severity not match"))
+		}
+	}
+
+	// 新版本通知规则
+	if f.SubscribeConfig.NotifyVersion == 1 {
+		if len(f.SubscribeConfig.NotifyRuleIds) == 0 {
+			ginx.Bomb(http.StatusBadRequest, i18n.Sprintf(lang, "no notify rules selected"))
+		}
+
+		for _, id := range f.SubscribeConfig.NotifyRuleIds {
+			notifyRule, err := models.GetNotifyRule(rt.Ctx, id)
+			if err != nil {
+				ginx.Bomb(http.StatusNotFound, i18n.Sprintf(lang, "subscribe notify rule not found: %v", err))
+			}
+
+			for _, notifyConfig := range notifyRule.NotifyConfigs {
+				_, err = SendNotifyChannelMessage(rt.Ctx, rt.UserCache, rt.UserGroupCache, notifyConfig, []*models.AlertCurEvent{&curEvent})
+				if err != nil {
+					ginx.Bomb(http.StatusBadRequest, i18n.Sprintf(lang, "notify rule send error: %v", err))
+				}
+			}
+		}
+
+		ginx.NewRender(c).Data(i18n.Sprintf(lang, "event match subscribe and notification test ok"), nil)
+		return
+	}
+
+	// 旧版通知方式
+	f.SubscribeConfig.ModifyEvent(&curEvent)
+	if len(curEvent.NotifyChannelsJSON) == 0 {
+		ginx.Bomb(http.StatusBadRequest, i18n.Sprintf(lang, "no notify channels selected"))
+	}
+
+	if len(curEvent.NotifyGroupsJSON) == 0 {
+		ginx.Bomb(http.StatusOK, i18n.Sprintf(lang, "no notify groups selected"))
+	}
+
+	ancs := make([]string, 0, len(curEvent.NotifyChannelsJSON))
+	ugids := strings.Fields(f.SubscribeConfig.UserGroupIds)
+	ngids := make([]int64, 0)
+	for i := 0; i < len(ugids); i++ {
+		if gid, err := strconv.ParseInt(ugids[i], 10, 64); err == nil {
+			ngids = append(ngids, gid)
+		}
+	}
+
+	userGroups := rt.UserGroupCache.GetByUserGroupIds(ngids)
+	uids := make([]int64, 0)
+	for i := range userGroups {
+		uids = append(uids, userGroups[i].UserIds...)
+	}
+	users := rt.UserCache.GetByUserIds(uids)
+	for _, NotifyChannels := range curEvent.NotifyChannelsJSON {
+		flag := true
+		// ignore non-default channels
+		switch NotifyChannels {
+		case models.Dingtalk, models.Wecom, models.Feishu, models.Mm,
+			models.Telegram, models.Email, models.FeishuCard:
+			// do nothing
+		default:
+			continue
+		}
+		// default channels
+		for ui := range users {
+			if _, b := users[ui].ExtractToken(NotifyChannels); b {
+				flag = false
+				break
+			}
+		}
+		if flag {
+			ancs = append(ancs, NotifyChannels)
+		}
+	}
+	if len(ancs) > 0 {
+		ginx.Bomb(http.StatusBadRequest, i18n.Sprintf(lang, "all users missing notify channel configurations: %v", ancs))
+	}
+
+	ginx.NewRender(c).Data(i18n.Sprintf(lang, "event match subscribe and notify settings ok"), nil)
+}
+
 func (rt *Router) alertSubscribePut(c *gin.Context) {
 	var fs []models.AlertSubscribe
 	ginx.BindJSON(c, &fs)
@@ -79,12 +259,19 @@ func (rt *Router) alertSubscribePut(c *gin.Context) {
 	for i := 0; i < len(fs); i++ {
 		fs[i].UpdateBy = username
 		fs[i].UpdateAt = timestamp
+		//After adding the function of batch subscription alert rules, rule_ids is used instead of rule_id.
+		//When the subscription rules are updated, set rule_id=0 to prevent the wrong subscription caused by the old rule_id.
+		fs[i].RuleId = 0
 		ginx.Dangerous(fs[i].Update(
 			rt.Ctx,
 			"name",
 			"disabled",
+			"prod",
+			"cate",
+			"datasource_ids",
 			"cluster",
 			"rule_id",
+			"rule_ids",
 			"tags",
 			"redefine_severity",
 			"new_severity",
@@ -96,7 +283,12 @@ func (rt *Router) alertSubscribePut(c *gin.Context) {
 			"webhooks",
 			"for_duration",
 			"redefine_webhooks",
-			"datasource_ids",
+			"severities",
+			"extra_config",
+			"busi_groups",
+			"note",
+			"notify_rule_ids",
+			"notify_version",
 		))
 	}

@@ -110,3 +302,8 @@ func (rt *Router) alertSubscribeDel(c *gin.Context) {

 	ginx.NewRender(c).Message(models.AlertSubscribeDel(rt.Ctx, f.Ids))
 }
+
+func (rt *Router) alertSubscribeGetsByService(c *gin.Context) {
+	lst, err := models.AlertSubscribeGetsByService(rt.Ctx)
+	ginx.NewRender(c).Data(lst, err)
+}
--- a/center/router/router_board.go
+++ b/center/router/router_board.go
@@ -1,22 +1,26 @@
 package router

 import (
+	"fmt"
 	"net/http"
 	"time"

 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
-	"github.com/google/uuid"
 	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/i18n"
 )

 type boardForm struct {
-	Name    string `json:"name"`
-	Ident   string `json:"ident"`
-	Tags    string `json:"tags"`
-	Configs string `json:"configs"`
-	Public  int    `json:"public"`
+	Name       string  `json:"name"`
+	Ident      string  `json:"ident"`
+	Tags       string  `json:"tags"`
+	Configs    string  `json:"configs"`
+	Public     int     `json:"public"`
+	PublicCate int     `json:"public_cate"`
+	Bgids      []int64 `json:"bgids"`
 }

 func (rt *Router) boardAdd(c *gin.Context) {
@@ -47,9 +51,14 @@ func (rt *Router) boardAdd(c *gin.Context) {

 func (rt *Router) boardGet(c *gin.Context) {
 	bid := ginx.UrlParamStr(c, "bid")
-	board, err := models.BoardGet(rt.Ctx, "id = ? or ident = ?", bid, bid)
+	board, err := models.BoardGet(rt.Ctx, "ident = ?", bid)
 	ginx.Dangerous(err)

+	if board == nil {
+		board, err = models.BoardGet(rt.Ctx, "id = ?", bid)
+		ginx.Dangerous(err)
+	}
+
 	if board == nil {
 		ginx.Bomb(http.StatusNotFound, "No such dashboard")
 	}
@@ -65,9 +74,39 @@ func (rt *Router) boardGet(c *gin.Context) {
 		}
 	}

+	if board.PublicCate == models.PublicLogin {
+		rt.auth()(c)
+	} else if board.PublicCate == models.PublicBusi {
+		rt.auth()(c)
+		rt.user()(c)
+
+		me := c.MustGet("user").(*models.User)
+		if !me.IsAdmin() {
+			bgids, err := models.MyBusiGroupIds(rt.Ctx, me.Id)
+			ginx.Dangerous(err)
+			if len(bgids) == 0 {
+				ginx.Bomb(http.StatusForbidden, "forbidden")
+			}
+
+			ok, err := models.BoardBusigroupCheck(rt.Ctx, board.Id, bgids)
+			ginx.Dangerous(err)
+			if !ok {
+				ginx.Bomb(http.StatusForbidden, "forbidden")
+			}
+		}
+	}
+
 	ginx.NewRender(c).Data(board, nil)
 }

+// 根据 bids 参数，获取多个 board
+func (rt *Router) boardGetsByBids(c *gin.Context) {
+	bids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "bids", ""), ",")
+	boards, err := models.BoardGetsByBids(rt.Ctx, bids)
+	ginx.Dangerous(err)
+	ginx.NewRender(c).Data(boards, err)
+}
+
 func (rt *Router) boardPureGet(c *gin.Context) {
 	board, err := models.BoardGetByID(rt.Ctx, ginx.UrlParamInt64(c, "bid"))
 	ginx.Dangerous(err)
@@ -192,10 +231,20 @@ func (rt *Router) boardPutPublic(c *gin.Context) {
 	}

 	bo.Public = f.Public
+	bo.PublicCate = f.PublicCate
+
+	if bo.PublicCate == models.PublicBusi {
+		err := models.BoardBusigroupUpdate(rt.Ctx, bo.Id, f.Bgids)
+		ginx.Dangerous(err)
+	} else {
+		err := models.BoardBusigroupDelByBoardId(rt.Ctx, bo.Id)
+		ginx.Dangerous(err)
+	}
+
 	bo.UpdateBy = me.Username
 	bo.UpdateAt = time.Now().Unix()

-	err := bo.Update(rt.Ctx, "public", "update_by", "update_at")
+	err := bo.Update(rt.Ctx, "public", "public_cate", "update_by", "update_at")
 	ginx.NewRender(c).Data(bo, err)
 }

@@ -207,21 +256,64 @@ func (rt *Router) boardGets(c *gin.Context) {
 	ginx.NewRender(c).Data(boards, err)
 }

+func (rt *Router) publicBoardGets(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+
+	bgids, err := models.MyBusiGroupIds(rt.Ctx, me.Id)
+	ginx.Dangerous(err)
+
+	boardIds, err := models.BoardIdsByBusiGroupIds(rt.Ctx, bgids)
+	ginx.Dangerous(err)
+
+	boards, err := models.BoardGets(rt.Ctx, "", "public=1 and (public_cate in (?) or id in (?))", []int64{0, 1}, boardIds)
+	ginx.NewRender(c).Data(boards, err)
+}
+
+func (rt *Router) boardGetsByGids(c *gin.Context) {
+	gids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "gids", ""), ",")
+	query := ginx.QueryStr(c, "query", "")
+
+	if len(gids) > 0 {
+		for _, gid := range gids {
+			rt.bgroCheck(c, gid)
+		}
+	} else {
+		me := c.MustGet("user").(*models.User)
+		if !me.IsAdmin() {
+			var err error
+			gids, err = models.MyBusiGroupIds(rt.Ctx, me.Id)
+			ginx.Dangerous(err)
+
+			if len(gids) == 0 {
+				ginx.NewRender(c).Data([]int{}, nil)
+				return
+			}
+		}
+	}
+
+	boardBusigroups, err := models.BoardBusigroupGets(rt.Ctx)
+	ginx.Dangerous(err)
+	m := make(map[int64][]int64)
+	for _, boardBusigroup := range boardBusigroups {
+		m[boardBusigroup.BoardId] = append(m[boardBusigroup.BoardId], boardBusigroup.BusiGroupId)
+	}
+
+	boards, err := models.BoardGetsByBGIds(rt.Ctx, gids, query)
+	ginx.Dangerous(err)
+	for i := 0; i < len(boards); i++ {
+		if ids, ok := m[boards[i].Id]; ok {
+			boards[i].Bgids = ids
+		}
+	}
+
+	ginx.NewRender(c).Data(boards, err)
+}
+
 func (rt *Router) boardClone(c *gin.Context) {
 	me := c.MustGet("user").(*models.User)
 	bo := rt.Board(ginx.UrlParamInt64(c, "bid"))

-	newBoard := &models.Board{
-		Name:     bo.Name + " Copy",
-		Tags:     bo.Tags,
-		GroupId:  bo.GroupId,
-		CreateBy: me.Username,
-		UpdateBy: me.Username,
-	}
-
-	if bo.Ident != "" {
-		newBoard.Ident = uuid.NewString()
-	}
+	newBoard := bo.Clone(me.Username, bo.GroupId, " Cloned")

 	ginx.Dangerous(newBoard.Add(rt.Ctx))

@@ -235,3 +327,39 @@ func (rt *Router) boardClone(c *gin.Context) {

 	ginx.NewRender(c).Message(nil)
 }
+
+type boardsForm struct {
+	BoardIds []int64 `json:"board_ids"`
+	Bgids    []int64 `json:"bgids"`
+}
+
+func (rt *Router) boardBatchClone(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+	var f boardsForm
+	ginx.BindJSON(c, &f)
+
+	for _, bgid := range f.Bgids {
+		rt.bgrwCheck(c, bgid)
+	}
+
+	reterr := make(map[string]string, len(f.BoardIds))
+	lang := c.GetHeader("X-Language")
+
+	for _, bgid := range f.Bgids {
+		for _, bid := range f.BoardIds {
+			bo := rt.Board(bid)
+			newBoard := bo.Clone(me.Username, bgid, "")
+			payload, err := models.BoardPayloadGet(rt.Ctx, bo.Id)
+			if err != nil {
+				reterr[fmt.Sprintf("%s-%d", newBoard.Name, bgid)] = i18n.Sprintf(lang, err.Error())
+				continue
+			}
+
+			if err = newBoard.AtomicAdd(rt.Ctx, payload); err != nil {
+				reterr[fmt.Sprintf("%s-%d", newBoard.Name, bgid)] = i18n.Sprintf(lang, err.Error())
+			}
+		}
+	}
+
+	ginx.NewRender(c).Data(reterr, nil)
+}
--- a/center/router/router_builtin.go
+++ b/center/router/router_builtin.go
@@ -78,7 +78,7 @@ func (rt *Router) builtinBoardCateGets(c *gin.Context) {
 	}

 	me := c.MustGet("user").(*models.User)
-	buildinFavoritesMap, err := models.BuiltinCateGetByUserId(rt.Ctx, me.Id)
+	builtinFavoritesMap, err := models.BuiltinCateGetByUserId(rt.Ctx, me.Id)
 	if err != nil {
 		logger.Warningf("get builtin favorites fail: %v", err)
 	}
@@ -91,6 +91,9 @@ func (rt *Router) builtinBoardCateGets(c *gin.Context) {
 		boardCate.Name = dir
 		files, err := file.FilesUnder(fp + "/" + dir + "/dashboards")
 		ginx.Dangerous(err)
+		if len(files) == 0 {
+			continue
+		}

 		var boards []Payload
 		for _, f := range files {
@@ -114,7 +117,7 @@ func (rt *Router) builtinBoardCateGets(c *gin.Context) {
 		}
 		boardCate.Boards = boards

-		if _, ok := buildinFavoritesMap[dir]; ok {
+		if _, ok := builtinFavoritesMap[dir]; ok {
 			boardCate.Favorite = true
 		}

@@ -170,7 +173,7 @@ func (rt *Router) builtinAlertCateGets(c *gin.Context) {
 	}

 	me := c.MustGet("user").(*models.User)
-	buildinFavoritesMap, err := models.BuiltinCateGetByUserId(rt.Ctx, me.Id)
+	builtinFavoritesMap, err := models.BuiltinCateGetByUserId(rt.Ctx, me.Id)
 	if err != nil {
 		logger.Warningf("get builtin favorites fail: %v", err)
 	}
@@ -207,7 +210,7 @@ func (rt *Router) builtinAlertCateGets(c *gin.Context) {
 			alertCate.IconUrl = fmt.Sprintf("/api/n9e/integrations/icon/%s/%s", dir, iconFiles[0])
 		}

-		if _, ok := buildinFavoritesMap[dir]; ok {
+		if _, ok := builtinFavoritesMap[dir]; ok {
 			alertCate.Favorite = true
 		}

@@ -230,7 +233,7 @@ func (rt *Router) builtinAlertRules(c *gin.Context) {
 	}

 	me := c.MustGet("user").(*models.User)
-	buildinFavoritesMap, err := models.BuiltinCateGetByUserId(rt.Ctx, me.Id)
+	builtinFavoritesMap, err := models.BuiltinCateGetByUserId(rt.Ctx, me.Id)
 	if err != nil {
 		logger.Warningf("get builtin favorites fail: %v", err)
 	}
@@ -243,6 +246,9 @@ func (rt *Router) builtinAlertRules(c *gin.Context) {
 		alertCate.Name = dir
 		files, err := file.FilesUnder(fp + "/" + dir + "/alerts")
 		ginx.Dangerous(err)
+		if len(files) == 0 {
+			continue
+		}

 		alertRules := make(map[string][]models.AlertRule)
 		for _, f := range files {
@@ -268,7 +274,7 @@ func (rt *Router) builtinAlertRules(c *gin.Context) {
 			alertCate.IconUrl = fmt.Sprintf("/api/n9e/integrations/icon/%s/%s", dir, iconFiles[0])
 		}

-		if _, ok := buildinFavoritesMap[dir]; ok {
+		if _, ok := builtinFavoritesMap[dir]; ok {
 			alertCate.Favorite = true
 		}

@@ -309,3 +315,26 @@ func (rt *Router) builtinIcon(c *gin.Context) {
 	iconPath := fp + "/" + cate + "/icon/" + ginx.UrlParamStr(c, "name")
 	c.File(path.Join(iconPath))
 }
+
+func (rt *Router) builtinMarkdown(c *gin.Context) {
+	fp := rt.Center.BuiltinIntegrationsDir
+	if fp == "" {
+		fp = path.Join(runner.Cwd, "integrations")
+	}
+	cate := ginx.UrlParamStr(c, "cate")
+
+	var markdown []byte
+	markdownDir := fp + "/" + cate + "/markdown"
+	markdownFiles, err := file.FilesUnder(markdownDir)
+	if err != nil {
+		logger.Warningf("get markdown fail: %v", err)
+	} else if len(markdownFiles) > 0 {
+		f := markdownFiles[0]
+		fn := markdownDir + "/" + f
+		markdown, err = file.ReadBytes(fn)
+		if err != nil {
+			logger.Warningf("get collect fail: %v", err)
+		}
+	}
+	ginx.NewRender(c).Data(string(markdown), nil)
+}
--- a/center/router/router_builtin_componet.go
+++ b/center/router/router_builtin_componet.go
@@ -0,0 +1,93 @@
+package router
+
+import (
+	"net/http"
+
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+	"gorm.io/gorm"
+)
+
+const SYSTEM = "system"
+
+func (rt *Router) builtinComponentsAdd(c *gin.Context) {
+	var lst []models.BuiltinComponent
+	ginx.BindJSON(c, &lst)
+
+	username := Username(c)
+
+	count := len(lst)
+	if count == 0 {
+		ginx.Bomb(http.StatusBadRequest, "input json is empty")
+	}
+
+	reterr := make(map[string]string)
+	for i := 0; i < count; i++ {
+		if err := lst[i].Add(rt.Ctx, username); err != nil {
+			reterr[lst[i].Ident] = err.Error()
+		}
+	}
+
+	ginx.NewRender(c).Data(reterr, nil)
+}
+
+func (rt *Router) builtinComponentsGets(c *gin.Context) {
+	query := ginx.QueryStr(c, "query", "")
+	disabled := ginx.QueryInt(c, "disabled", -1)
+
+	bc, err := models.BuiltinComponentGets(rt.Ctx, query, disabled)
+	ginx.Dangerous(err)
+
+	ginx.NewRender(c).Data(bc, nil)
+}
+
+func (rt *Router) builtinComponentsPut(c *gin.Context) {
+	var req models.BuiltinComponent
+	ginx.BindJSON(c, &req)
+
+	bc, err := models.BuiltinComponentGet(rt.Ctx, "id = ?", req.ID)
+	ginx.Dangerous(err)
+
+	if bc == nil {
+		ginx.NewRender(c, http.StatusNotFound).Message("No such builtin component")
+		return
+	}
+
+	if bc.CreatedBy == SYSTEM {
+		req.Ident = bc.Ident
+	}
+
+	username := Username(c)
+	req.UpdatedBy = username
+
+	err = models.DB(rt.Ctx).Transaction(func(tx *gorm.DB) error {
+		tCtx := &ctx.Context{
+			DB: tx,
+		}
+
+		txErr := models.BuiltinMetricBatchUpdateColumn(tCtx, "typ", bc.Ident, req.Ident, req.UpdatedBy)
+		if txErr != nil {
+			return txErr
+		}
+
+		txErr = bc.Update(tCtx, req)
+		if txErr != nil {
+			return txErr
+		}
+		return nil
+	})
+
+	ginx.NewRender(c).Message(err)
+}
+
+func (rt *Router) builtinComponentsDel(c *gin.Context) {
+	var req idsForm
+	ginx.BindJSON(c, &req)
+
+	req.Verify()
+
+	ginx.NewRender(c).Message(models.BuiltinComponentDels(rt.Ctx, req.Ids))
+}
--- a/center/router/router_builtin_metric_filter.go
+++ b/center/router/router_builtin_metric_filter.go
@@ -0,0 +1,120 @@
+package router
+
+import (
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/prom"
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+)
+
+func (rt *Router) metricFilterGets(c *gin.Context) {
+	lst, err := models.MetricFilterGets(rt.Ctx, "")
+	ginx.Dangerous(err)
+	me := c.MustGet("user").(*models.User)
+
+	gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+	ginx.Dangerous(err)
+	arr := make([]models.MetricFilter, 0)
+
+	for _, f := range lst {
+		if me.Username == f.CreateBy {
+			arr = append(arr, f)
+			continue
+		}
+
+		if HasPerm(gids, f.GroupsPerm, false) {
+			arr = append(arr, f)
+		}
+	}
+
+	ginx.NewRender(c).Data(arr, err)
+}
+
+func (rt *Router) metricFilterAdd(c *gin.Context) {
+	var f models.MetricFilter
+	ginx.BindJSON(c, &f)
+	me := c.MustGet("user").(*models.User)
+
+	f.CreateBy = me.Username
+	f.UpdateBy = me.Username
+	ginx.Dangerous(f.Add(rt.Ctx))
+	ginx.NewRender(c).Data(f, nil)
+}
+
+func (rt *Router) metricFilterDel(c *gin.Context) {
+	var f idsForm
+	ginx.BindJSON(c, &f)
+	f.Verify()
+
+	me := c.MustGet("user").(*models.User)
+
+	for _, id := range f.Ids {
+		old, err := models.MetricFilterGet(rt.Ctx, id)
+		ginx.Dangerous(err)
+
+		if me.Username != old.CreateBy {
+			gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+			ginx.Dangerous(err)
+
+			if !HasPerm(gids, old.GroupsPerm, true) {
+				ginx.NewRender(c).Message("forbidden")
+				return
+			}
+		}
+	}
+
+	ginx.NewRender(c).Message(models.MetricFilterDel(rt.Ctx, f.Ids))
+}
+
+func (rt *Router) metricFilterPut(c *gin.Context) {
+	var f models.MetricFilter
+	ginx.BindJSON(c, &f)
+
+	me := c.MustGet("user").(*models.User)
+	old, err := models.MetricFilterGet(rt.Ctx, f.ID)
+	ginx.Dangerous(err)
+
+	if me.Username != old.CreateBy {
+		gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+		ginx.Dangerous(err)
+
+		if !HasPerm(gids, old.GroupsPerm, true) {
+			ginx.NewRender(c).Message("forbidden")
+			return
+		}
+	}
+
+	f.UpdateBy = me.Username
+	ginx.NewRender(c).Message(f.Update(rt.Ctx))
+}
+
+type metricPromqlReq struct {
+	LabelFilter string `json:"label_filter"`
+	Promql      string `json:"promql"`
+}
+
+func (rt *Router) getMetricPromql(c *gin.Context) {
+	var req metricPromqlReq
+	ginx.BindJSON(c, &req)
+
+	promql := prom.AddLabelToPromQL(req.LabelFilter, req.Promql)
+	ginx.NewRender(c).Data(promql, nil)
+}
+
+func HasPerm(gids []int64, gps []models.GroupPerm, checkWrite bool) bool {
+	gmap := make(map[int64]struct{})
+	for _, gp := range gps {
+		if checkWrite && !gp.Write {
+			continue
+		}
+		gmap[gp.Gid] = struct{}{}
+	}
+
+	for _, gid := range gids {
+		if _, ok := gmap[gid]; ok {
+			return true
+		}
+	}
+
+	return false
+}
--- a/center/router/router_builtin_metrics.go
+++ b/center/router/router_builtin_metrics.go
@@ -0,0 +1,153 @@
+package router
+
+import (
+	"net/http"
+	"sort"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/center/integration"
+	"github.com/ccfos/nightingale/v6/models"
+
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/i18n"
+)
+
+// single or import
+func (rt *Router) builtinMetricsAdd(c *gin.Context) {
+	var lst []models.BuiltinMetric
+	ginx.BindJSON(c, &lst)
+	username := Username(c)
+	count := len(lst)
+	if count == 0 {
+		ginx.Bomb(http.StatusBadRequest, "input json is empty")
+	}
+
+	lang := c.GetHeader("X-Language")
+	if lang == "" {
+		lang = "zh_CN"
+	}
+
+	reterr := make(map[string]string)
+	for i := 0; i < count; i++ {
+		lst[i].Lang = lang
+		lst[i].UUID = time.Now().UnixMicro()
+		if err := lst[i].Add(rt.Ctx, username); err != nil {
+			reterr[lst[i].Name] = i18n.Sprintf(c.GetHeader("X-Language"), err.Error())
+		}
+	}
+	ginx.NewRender(c).Data(reterr, nil)
+}
+
+func (rt *Router) builtinMetricsGets(c *gin.Context) {
+	collector := ginx.QueryStr(c, "collector", "")
+	typ := ginx.QueryStr(c, "typ", "")
+	query := ginx.QueryStr(c, "query", "")
+	limit := ginx.QueryInt(c, "limit", 20)
+	lang := c.GetHeader("X-Language")
+	unit := ginx.QueryStr(c, "unit", "")
+	if lang == "" {
+		lang = "zh_CN"
+	}
+
+	bmInDB, err := models.BuiltinMetricGets(rt.Ctx, "", collector, typ, query, unit, limit, ginx.Offset(c, limit))
+	ginx.Dangerous(err)
+
+	bm, total, err := integration.BuiltinPayloadInFile.BuiltinMetricGets(bmInDB, lang, collector, typ, query, unit, limit, ginx.Offset(c, limit))
+	ginx.Dangerous(err)
+
+	ginx.NewRender(c).Data(gin.H{
+		"list":  bm,
+		"total": total,
+	}, nil)
+}
+
+func (rt *Router) builtinMetricsPut(c *gin.Context) {
+	var req models.BuiltinMetric
+	ginx.BindJSON(c, &req)
+
+	bm, err := models.BuiltinMetricGet(rt.Ctx, "id = ?", req.ID)
+	ginx.Dangerous(err)
+	if bm == nil {
+		ginx.NewRender(c, http.StatusNotFound).Message("No such builtin metric")
+		return
+	}
+	username := Username(c)
+
+	req.UpdatedBy = username
+	ginx.NewRender(c).Message(bm.Update(rt.Ctx, req))
+}
+
+func (rt *Router) builtinMetricsDel(c *gin.Context) {
+	var req idsForm
+	ginx.BindJSON(c, &req)
+	req.Verify()
+
+	ginx.NewRender(c).Message(models.BuiltinMetricDels(rt.Ctx, req.Ids))
+}
+
+func (rt *Router) builtinMetricsDefaultTypes(c *gin.Context) {
+	lst := []string{
+		"Linux",
+		"Procstat",
+		"cAdvisor",
+		"Ping",
+		"MySQL",
+		"ClickHouse",
+	}
+	ginx.NewRender(c).Data(lst, nil)
+}
+
+func (rt *Router) builtinMetricsTypes(c *gin.Context) {
+	collector := ginx.QueryStr(c, "collector", "")
+	query := ginx.QueryStr(c, "query", "")
+	lang := c.GetHeader("X-Language")
+
+	metricTypeListInDB, err := models.BuiltinMetricTypes(rt.Ctx, lang, collector, query)
+	ginx.Dangerous(err)
+
+	metricTypeListInFile := integration.BuiltinPayloadInFile.BuiltinMetricTypes(lang, collector, query)
+
+	typeMap := make(map[string]struct{})
+	for _, metricType := range metricTypeListInDB {
+		typeMap[metricType] = struct{}{}
+	}
+	for _, metricType := range metricTypeListInFile {
+		typeMap[metricType] = struct{}{}
+	}
+
+	metricTypeList := make([]string, 0, len(typeMap))
+	for metricType := range typeMap {
+		metricTypeList = append(metricTypeList, metricType)
+	}
+	sort.Strings(metricTypeList)
+
+	ginx.NewRender(c).Data(metricTypeList, nil)
+}
+
+func (rt *Router) builtinMetricsCollectors(c *gin.Context) {
+	typ := ginx.QueryStr(c, "typ", "")
+	query := ginx.QueryStr(c, "query", "")
+	lang := c.GetHeader("X-Language")
+
+	collectorListInDB, err := models.BuiltinMetricCollectors(rt.Ctx, lang, typ, query)
+	ginx.Dangerous(err)
+
+	collectorListInFile := integration.BuiltinPayloadInFile.BuiltinMetricCollectors(lang, typ, query)
+
+	collectorMap := make(map[string]struct{})
+	for _, collector := range collectorListInDB {
+		collectorMap[collector] = struct{}{}
+	}
+	for _, collector := range collectorListInFile {
+		collectorMap[collector] = struct{}{}
+	}
+
+	collectorList := make([]string, 0, len(collectorMap))
+	for collector := range collectorMap {
+		collectorList = append(collectorList, collector)
+	}
+	sort.Strings(collectorList)
+
+	ginx.NewRender(c).Data(collectorList, nil)
+}
--- a/center/router/router_builtin_payload.go
+++ b/center/router/router_builtin_payload.go
@@ -0,0 +1,311 @@
+package router
+
+import (
+	"encoding/json"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/BurntSushi/toml"
+	"github.com/ccfos/nightingale/v6/center/integration"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/i18n"
+)
+
+type Board struct {
+	Name    string      `json:"name"`
+	Tags    string      `json:"tags"`
+	Configs interface{} `json:"configs"`
+	UUID    int64       `json:"uuid"`
+}
+
+func (rt *Router) builtinPayloadsAdd(c *gin.Context) {
+	var lst []models.BuiltinPayload
+	ginx.BindJSON(c, &lst)
+
+	username := Username(c)
+
+	count := len(lst)
+	if count == 0 {
+		ginx.Bomb(http.StatusBadRequest, "input json is empty")
+	}
+
+	reterr := make(map[string]string)
+	for i := 0; i < count; i++ {
+		if lst[i].Type == "alert" {
+			if strings.HasPrefix(strings.TrimSpace(lst[i].Content), "[") {
+				// 处理多个告警规则模板的情况
+				alertRules := []models.AlertRule{}
+				if err := json.Unmarshal([]byte(lst[i].Content), &alertRules); err != nil {
+					reterr[lst[i].Name] = err.Error()
+				}
+
+				for _, rule := range alertRules {
+					if rule.UUID == 0 {
+						rule.UUID = time.Now().UnixMicro()
+					}
+
+					contentBytes, err := json.Marshal(rule)
+					if err != nil {
+						reterr[rule.Name] = err.Error()
+						continue
+					}
+
+					bp := models.BuiltinPayload{
+						Type:        lst[i].Type,
+						ComponentID: lst[i].ComponentID,
+						Cate:        lst[i].Cate,
+						Name:        rule.Name,
+						Tags:        rule.AppendTags,
+						UUID:        rule.UUID,
+						Content:     string(contentBytes),
+						CreatedBy:   username,
+						UpdatedBy:   username,
+					}
+
+					if err := bp.Add(rt.Ctx, username); err != nil {
+						reterr[bp.Name] = i18n.Sprintf(c.GetHeader("X-Language"), err.Error())
+					}
+				}
+				continue
+			}
+
+			alertRule := models.AlertRule{}
+			if err := json.Unmarshal([]byte(lst[i].Content), &alertRule); err != nil {
+				reterr[lst[i].Name] = err.Error()
+				continue
+			}
+
+			if alertRule.UUID == 0 {
+				alertRule.UUID = time.Now().UnixMicro()
+			}
+
+			contentBytes, err := json.Marshal(alertRule)
+			if err != nil {
+				reterr[alertRule.Name] = err.Error()
+				continue
+			}
+
+			bp := models.BuiltinPayload{
+				Type:        lst[i].Type,
+				ComponentID: lst[i].ComponentID,
+				Cate:        lst[i].Cate,
+				Name:        alertRule.Name,
+				Tags:        alertRule.AppendTags,
+				UUID:        alertRule.UUID,
+				Content:     string(contentBytes),
+				CreatedBy:   username,
+				UpdatedBy:   username,
+			}
+
+			if err := bp.Add(rt.Ctx, username); err != nil {
+				reterr[bp.Name] = i18n.Sprintf(c.GetHeader("X-Language"), err.Error())
+			}
+		} else if lst[i].Type == "dashboard" {
+			if strings.HasPrefix(strings.TrimSpace(lst[i].Content), "[") {
+				// 处理多个告警规则模板的情况
+				dashboards := []Board{}
+				if err := json.Unmarshal([]byte(lst[i].Content), &dashboards); err != nil {
+					reterr[lst[i].Name] = err.Error()
+				}
+
+				for _, dashboard := range dashboards {
+					if dashboard.UUID == 0 {
+						dashboard.UUID = time.Now().UnixMicro()
+					}
+
+					contentBytes, err := json.Marshal(dashboard)
+					if err != nil {
+						reterr[dashboard.Name] = err.Error()
+						continue
+					}
+
+					bp := models.BuiltinPayload{
+						Type:        lst[i].Type,
+						ComponentID: lst[i].ComponentID,
+						Cate:        lst[i].Cate,
+						Name:        dashboard.Name,
+						Tags:        dashboard.Tags,
+						UUID:        dashboard.UUID,
+						Content:     string(contentBytes),
+						CreatedBy:   username,
+						UpdatedBy:   username,
+					}
+
+					if err := bp.Add(rt.Ctx, username); err != nil {
+						reterr[bp.Name] = i18n.Sprintf(c.GetHeader("X-Language"), err.Error())
+					}
+				}
+				continue
+			}
+
+			dashboard := Board{}
+			if err := json.Unmarshal([]byte(lst[i].Content), &dashboard); err != nil {
+				reterr[lst[i].Name] = i18n.Sprintf(c.GetHeader("X-Language"), err.Error())
+				continue
+			}
+
+			if dashboard.UUID == 0 {
+				dashboard.UUID = time.Now().UnixMicro()
+			}
+
+			contentBytes, err := json.Marshal(dashboard)
+			if err != nil {
+				reterr[dashboard.Name] = err.Error()
+				continue
+			}
+
+			bp := models.BuiltinPayload{
+				Type:        lst[i].Type,
+				ComponentID: lst[i].ComponentID,
+				Cate:        lst[i].Cate,
+				Name:        dashboard.Name,
+				Tags:        dashboard.Tags,
+				UUID:        dashboard.UUID,
+				Content:     string(contentBytes),
+				CreatedBy:   username,
+				UpdatedBy:   username,
+			}
+
+			if err := bp.Add(rt.Ctx, username); err != nil {
+				reterr[bp.Name] = i18n.Sprintf(c.GetHeader("X-Language"), err.Error())
+			}
+		} else {
+			if lst[i].Type == "collect" {
+				c := make(map[string]interface{})
+				if _, err := toml.Decode(lst[i].Content, &c); err != nil {
+					reterr[lst[i].Name] = err.Error()
+					continue
+				}
+			}
+
+			if err := lst[i].Add(rt.Ctx, username); err != nil {
+				reterr[lst[i].Name] = i18n.Sprintf(c.GetHeader("X-Language"), err.Error())
+			}
+		}
+
+	}
+
+	ginx.NewRender(c).Data(reterr, nil)
+}
+
+func (rt *Router) builtinPayloadsGets(c *gin.Context) {
+	typ := ginx.QueryStr(c, "type", "")
+	if typ == "" {
+		ginx.Bomb(http.StatusBadRequest, "type is required")
+		return
+	}
+	ComponentID := ginx.QueryInt64(c, "component_id", 0)
+
+	cate := ginx.QueryStr(c, "cate", "")
+	query := ginx.QueryStr(c, "query", "")
+
+	lst, err := models.BuiltinPayloadGets(rt.Ctx, uint64(ComponentID), typ, cate, query)
+	ginx.Dangerous(err)
+
+	lstInFile, err := integration.BuiltinPayloadInFile.GetBuiltinPayload(typ, cate, query, uint64(ComponentID))
+	ginx.Dangerous(err)
+
+	if len(lstInFile) > 0 {
+		lst = append(lst, lstInFile...)
+	}
+
+	ginx.NewRender(c).Data(lst, nil)
+}
+
+func (rt *Router) builtinPayloadcatesGet(c *gin.Context) {
+	typ := ginx.QueryStr(c, "type", "")
+	ComponentID := ginx.QueryInt64(c, "component_id", 0)
+
+	cates, err := models.BuiltinPayloadCates(rt.Ctx, typ, uint64(ComponentID))
+	ginx.Dangerous(err)
+
+	catesInFile, err := integration.BuiltinPayloadInFile.GetBuiltinPayloadCates(typ, uint64(ComponentID))
+	ginx.Dangerous(err)
+
+	// 使用 map 进行去重
+	cateMap := make(map[string]bool)
+
+	// 添加数据库中的分类
+	for _, cate := range cates {
+		cateMap[cate] = true
+	}
+
+	// 添加文件中的分类
+	for _, cate := range catesInFile {
+		cateMap[cate] = true
+	}
+
+	// 将去重后的结果转换回切片
+	result := make([]string, 0, len(cateMap))
+	for cate := range cateMap {
+		result = append(result, cate)
+	}
+
+	ginx.NewRender(c).Data(result, nil)
+}
+
+func (rt *Router) builtinPayloadsPut(c *gin.Context) {
+	var req models.BuiltinPayload
+	ginx.BindJSON(c, &req)
+
+	bp, err := models.BuiltinPayloadGet(rt.Ctx, "id = ?", req.ID)
+	ginx.Dangerous(err)
+
+	if bp == nil {
+		ginx.NewRender(c, http.StatusNotFound).Message("No such builtin payload")
+		return
+	}
+
+	if req.Type == "alert" {
+		alertRule := models.AlertRule{}
+		if err := json.Unmarshal([]byte(req.Content), &alertRule); err != nil {
+			ginx.Bomb(http.StatusBadRequest, err.Error())
+		}
+
+		req.Name = alertRule.Name
+		req.Tags = alertRule.AppendTags
+	} else if req.Type == "dashboard" {
+		dashboard := Board{}
+		if err := json.Unmarshal([]byte(req.Content), &dashboard); err != nil {
+			ginx.Bomb(http.StatusBadRequest, err.Error())
+		}
+
+		req.Name = dashboard.Name
+		req.Tags = dashboard.Tags
+	} else if req.Type == "collect" {
+		c := make(map[string]interface{})
+		if _, err := toml.Decode(req.Content, &c); err != nil {
+			ginx.Bomb(http.StatusBadRequest, err.Error())
+		}
+	}
+
+	username := Username(c)
+	req.UpdatedBy = username
+
+	ginx.NewRender(c).Message(bp.Update(rt.Ctx, req))
+}
+
+func (rt *Router) builtinPayloadsDel(c *gin.Context) {
+	var req idsForm
+	ginx.BindJSON(c, &req)
+
+	req.Verify()
+
+	ginx.NewRender(c).Message(models.BuiltinPayloadDels(rt.Ctx, req.Ids))
+}
+
+func (rt *Router) builtinPayloadsGetByUUID(c *gin.Context) {
+	uuid := ginx.QueryInt64(c, "uuid")
+
+	bp, err := models.BuiltinPayloadGet(rt.Ctx, "uuid = ?", uuid)
+	ginx.Dangerous(err)
+
+	if bp != nil {
+		ginx.NewRender(c).Data(bp, nil)
+	} else {
+		ginx.NewRender(c).Data(integration.BuiltinPayloadInFile.IndexData[uuid], nil)
+	}
+}
--- a/center/router/router_busi_group.go
+++ b/center/router/router_busi_group.go
@@ -4,11 +4,11 @@ import (
 	"net/http"

 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
 	"github.com/toolkits/pkg/logger"
-	"github.com/toolkits/pkg/str"
 )

 type busiGroupForm struct {
@@ -123,10 +123,15 @@ func (rt *Router) busiGroupGets(c *gin.Context) {
 	ginx.NewRender(c).Data(lst, err)
 }

+func (rt *Router) busiGroupGetsByService(c *gin.Context) {
+	lst, err := models.BusiGroupGetAll(rt.Ctx)
+	ginx.NewRender(c).Data(lst, err)
+}
+
 // 这个接口只有在活跃告警页面才调用，获取各个BG的活跃告警数量
 func (rt *Router) busiGroupAlertingsGets(c *gin.Context) {
 	ids := ginx.QueryStr(c, "ids", "")
-	ret, err := models.AlertNumbers(rt.Ctx, str.IdsInt64(ids))
+	ret, err := models.AlertNumbers(rt.Ctx, strx.IdsInt64ForAPI(ids))
 	ginx.NewRender(c).Data(ret, err)
 }

@@ -135,3 +140,12 @@ func (rt *Router) busiGroupGet(c *gin.Context) {
 	ginx.Dangerous(bg.FillUserGroups(rt.Ctx))
 	ginx.NewRender(c).Data(bg, nil)
 }
+
+func (rt *Router) busiGroupsGetTags(c *gin.Context) {
+	bgids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "gids", ""), ",")
+	targetIdents, err := models.TargetIndentsGetByBgids(rt.Ctx, bgids)
+	ginx.Dangerous(err)
+	tags, err := models.TargetGetTags(rt.Ctx, targetIdents, true, "busigroup")
+	ginx.Dangerous(err)
+	ginx.NewRender(c).Data(tags, nil)
+}
--- a/center/router/router_captcha.go
+++ b/center/router/router_captcha.go
@@ -0,0 +1,114 @@
+package router
+
+import (
+	"context"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/storage"
+	"github.com/gin-gonic/gin"
+	captcha "github.com/mojocn/base64Captcha"
+	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/logger"
+)
+
+type CaptchaRedisStore struct {
+	redis storage.Redis
+}
+
+func (s *CaptchaRedisStore) Set(id string, value string) error {
+	ctx := context.Background()
+	err := s.redis.Set(ctx, id, value, time.Duration(300*time.Second)).Err()
+	if err != nil {
+		logger.Errorf("captcha id set to redis error : %s", err.Error())
+		return err
+	}
+	return nil
+}
+
+func (s *CaptchaRedisStore) Get(id string, clear bool) string {
+	ctx := context.Background()
+	val, err := s.redis.Get(ctx, id).Result()
+	if err != nil {
+		logger.Errorf("captcha id get from redis error : %s", err.Error())
+		return ""
+	}
+
+	if clear {
+		s.redis.Del(ctx, id)
+	}
+
+	return val
+}
+
+func (s *CaptchaRedisStore) Verify(id, answer string, clear bool) bool {
+
+	old := s.Get(id, clear)
+	return old == answer
+}
+
+func (rt *Router) newCaptchaRedisStore() *CaptchaRedisStore {
+	if captchaStore == nil {
+		captchaStore = &CaptchaRedisStore{redis: rt.Redis}
+	}
+	return captchaStore
+}
+
+var captchaStore *CaptchaRedisStore
+
+type CaptchaReqBody struct {
+	Id          string
+	VerifyValue string
+}
+
+// 生成图形验证码
+func (rt *Router) generateCaptcha(c *gin.Context) {
+	var driver = captcha.NewDriverMath(60, 200, 0, captcha.OptionShowHollowLine, nil, nil, []string{"wqy-microhei.ttc"})
+	cc := captcha.NewCaptcha(driver, rt.newCaptchaRedisStore())
+	//data:image/png;base64
+	id, b64s, _, err := cc.Generate()
+
+	if err != nil {
+		ginx.NewRender(c).Message(err)
+		return
+	}
+
+	ginx.NewRender(c).Data(gin.H{
+		"imgdata":   b64s,
+		"captchaid": id,
+	}, nil)
+}
+
+// 验证
+func (rt *Router) captchaVerify(c *gin.Context) {
+
+	var param CaptchaReqBody
+	ginx.BindJSON(c, &param)
+
+	//verify the captcha
+	if captchaStore.Verify(param.Id, param.VerifyValue, true) {
+		ginx.NewRender(c).Message("")
+		return
+	}
+	ginx.NewRender(c).Message("incorrect verification code")
+}
+
+// 验证码开关
+func (rt *Router) ifShowCaptcha(c *gin.Context) {
+
+	if rt.HTTP.ShowCaptcha.Enable {
+		ginx.NewRender(c).Data(gin.H{
+			"show": true,
+		}, nil)
+		return
+	}
+
+	ginx.NewRender(c).Data(gin.H{
+		"show": false,
+	}, nil)
+}
+
+// 验证
+func CaptchaVerify(id string, value string) bool {
+	//verify the captcha
+	return captchaStore.Verify(id, value, true)
+}
--- a/center/router/router_chart_share.go
+++ b/center/router/router_chart_share.go
@@ -4,15 +4,15 @@ import (
 	"time"

 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
-	"github.com/toolkits/pkg/str"
 )

 func (rt *Router) chartShareGets(c *gin.Context) {
 	ids := ginx.QueryStr(c, "ids", "")
-	lst, err := models.ChartShareGetsByIds(rt.Ctx, str.IdsInt64(ids, ","))
+	lst, err := models.ChartShareGetsByIds(rt.Ctx, strx.IdsInt64ForAPI(ids, ","))
 	ginx.NewRender(c).Data(lst, err)
 }

--- a/center/router/router_config.go
+++ b/center/router/router_config.go
@@ -62,3 +62,8 @@ func (rt *Router) contactKeysGets(c *gin.Context) {

 	ginx.NewRender(c).Data(labelAndKeys, nil)
 }
+
+func (rt *Router) siteInfo(c *gin.Context) {
+	config, err := models.ConfigsGet(rt.Ctx, "site_info")
+	ginx.NewRender(c).Data(config, err)
+}
--- a/center/router/router_configs.go
+++ b/center/router/router_configs.go
@@ -1,12 +1,16 @@
 package router

 import (
+	"time"
+
 	"github.com/ccfos/nightingale/v6/models"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
 )

+const EMBEDDEDDASHBOARD = "embedded-dashboards"
+
 func (rt *Router) configsGet(c *gin.Context) {
 	prefix := ginx.QueryStr(c, "prefix", "")
 	limit := ginx.QueryInt(c, "limit", 10)
@@ -20,28 +24,71 @@ func (rt *Router) configGet(c *gin.Context) {
 	ginx.NewRender(c).Data(configs, err)
 }

+func (rt *Router) configGetAll(c *gin.Context) {
+	config, err := models.ConfigsGetAll(rt.Ctx)
+	ginx.NewRender(c).Data(config, err)
+}
+
+func (rt *Router) configGetByKey(c *gin.Context) {
+	config, err := models.ConfigsGet(rt.Ctx, ginx.QueryStr(c, "key"))
+	ginx.NewRender(c).Data(config, err)
+}
+
+func (rt *Router) configPutByKey(c *gin.Context) {
+	var f models.Configs
+	ginx.BindJSON(c, &f)
+	username := c.MustGet("username").(string)
+	ginx.NewRender(c).Message(models.ConfigsSetWithUname(rt.Ctx, f.Ckey, f.Cval, username))
+}
+
+func (rt *Router) embeddedDashboardsGet(c *gin.Context) {
+	config, err := models.ConfigsGet(rt.Ctx, EMBEDDEDDASHBOARD)
+	ginx.NewRender(c).Data(config, err)
+}
+
+func (rt *Router) embeddedDashboardsPut(c *gin.Context) {
+	var f models.Configs
+	ginx.BindJSON(c, &f)
+	username := c.MustGet("username").(string)
+	ginx.NewRender(c).Message(models.ConfigsSetWithUname(rt.Ctx, EMBEDDEDDASHBOARD, f.Cval, username))
+}
+
 func (rt *Router) configsDel(c *gin.Context) {
 	var f idsForm
 	ginx.BindJSON(c, &f)
 	ginx.NewRender(c).Message(models.ConfigsDel(rt.Ctx, f.Ids))
 }

-func (rt *Router) configsPut(c *gin.Context) {
+func (rt *Router) configsPut(c *gin.Context) { //for APIForService
 	var arr []models.Configs
 	ginx.BindJSON(c, &arr)
-
+	username := c.GetString("user")
+	if username == "" {
+		username = "default"
+	}
+	now := time.Now().Unix()
 	for i := 0; i < len(arr); i++ {
+		arr[i].UpdateBy = username
+		arr[i].UpdateAt = now
 		ginx.Dangerous(arr[i].Update(rt.Ctx))
 	}

 	ginx.NewRender(c).Message(nil)
 }

-func (rt *Router) configsPost(c *gin.Context) {
+func (rt *Router) configsPost(c *gin.Context) { //for APIForService
 	var arr []models.Configs
 	ginx.BindJSON(c, &arr)
-
+	username := c.GetString("user")
+	if username == "" {
+		username = "default"
+	}
+	now := time.Now().Unix()
 	for i := 0; i < len(arr); i++ {
+		arr[i].CreateBy = username
+		arr[i].UpdateBy = username
+		arr[i].CreateAt = now
+		arr[i].UpdateAt = now
 		ginx.Dangerous(arr[i].Add(rt.Ctx))
 	}

--- a/center/router/router_dash_annotation.go
+++ b/center/router/router_dash_annotation.go
@@ -0,0 +1,99 @@
+package router
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+)
+
+func checkAnnotationPermission(c *gin.Context, ctx *ctx.Context, dashboardId int64) {
+	dashboard, err := models.BoardGetByID(ctx, dashboardId)
+	if err != nil {
+		ginx.Bomb(http.StatusInternalServerError, "failed to get dashboard: %v", err)
+	}
+
+	if dashboard == nil {
+		ginx.Bomb(http.StatusNotFound, "dashboard not found")
+	}
+
+	bg := BusiGroup(ctx, dashboard.GroupId)
+	me := c.MustGet("user").(*models.User)
+	can, err := me.CanDoBusiGroup(ctx, bg, "rw")
+	ginx.Dangerous(err)
+
+	if !can {
+		ginx.Bomb(http.StatusForbidden, "forbidden")
+	}
+}
+
+func (rt *Router) dashAnnotationAdd(c *gin.Context) {
+	var f models.DashAnnotation
+	ginx.BindJSON(c, &f)
+
+	username := c.MustGet("username").(string)
+	now := time.Now().Unix()
+
+	checkAnnotationPermission(c, rt.Ctx, f.DashboardId)
+
+	f.CreateBy = username
+	f.CreateAt = now
+	f.UpdateBy = username
+	f.UpdateAt = now
+
+	ginx.NewRender(c).Data(f.Id, f.Add(rt.Ctx))
+}
+
+func (rt *Router) dashAnnotationGets(c *gin.Context) {
+	dashboardId := ginx.QueryInt64(c, "dashboard_id")
+	from := ginx.QueryInt64(c, "from")
+	to := ginx.QueryInt64(c, "to")
+	limit := ginx.QueryInt(c, "limit", 100)
+
+	lst, err := models.DashAnnotationGets(rt.Ctx, dashboardId, from, to, limit)
+	ginx.NewRender(c).Data(lst, err)
+}
+
+func (rt *Router) dashAnnotationPut(c *gin.Context) {
+	var f models.DashAnnotation
+	ginx.BindJSON(c, &f)
+
+	id := ginx.UrlParamInt64(c, "id")
+	annotation, err := getAnnotationById(rt.Ctx, id)
+	ginx.Dangerous(err)
+
+	checkAnnotationPermission(c, rt.Ctx, annotation.DashboardId)
+
+	f.Id = id
+	f.UpdateAt = time.Now().Unix()
+	f.UpdateBy = c.MustGet("username").(string)
+
+	ginx.NewRender(c).Message(f.Update(rt.Ctx))
+}
+
+func (rt *Router) dashAnnotationDel(c *gin.Context) {
+	id := ginx.UrlParamInt64(c, "id")
+
+	annotation, err := getAnnotationById(rt.Ctx, id)
+	ginx.Dangerous(err)
+	checkAnnotationPermission(c, rt.Ctx, annotation.DashboardId)
+
+	ginx.NewRender(c).Message(models.DashAnnotationDel(rt.Ctx, id))
+}
+
+// 可以提取获取注释的通用方法
+func getAnnotationById(ctx *ctx.Context, id int64) (*models.DashAnnotation, error) {
+	annotation, err := models.DashAnnotationGet(ctx, "id=?", id)
+	if err != nil {
+		return nil, err
+	}
+	if annotation == nil {
+		return nil, fmt.Errorf("annotation not found")
+	}
+	return annotation, nil
+}
--- a/center/router/router_datasource.go
+++ b/center/router/router_datasource.go
@@ -2,14 +2,19 @@ package router

 import (
 	"crypto/tls"
+	"encoding/json"
 	"fmt"
+	"io"
 	"net/http"
 	"net/url"
+	"strings"

+	"github.com/ccfos/nightingale/v6/datasource/opensearch"
 	"github.com/ccfos/nightingale/v6/models"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/i18n"
 	"github.com/toolkits/pkg/logger"
 )

@@ -24,6 +29,11 @@ type listReq struct {
 }

 func (rt *Router) datasourceList(c *gin.Context) {
+	if rt.DatasourceCache.DatasourceCheckHook(c) {
+		Render(c, []int{}, nil)
+		return
+	}
+
 	var req listReq
 	ginx.BindJSON(c, &req)

@@ -31,33 +41,58 @@ func (rt *Router) datasourceList(c *gin.Context) {
 	category := req.Category
 	name := req.Name

+	user := c.MustGet("user").(*models.User)
+
 	list, err := models.GetDatasourcesGetsBy(rt.Ctx, typ, category, name, "")
-	Render(c, list, err)
+	Render(c, rt.DatasourceCache.DatasourceFilter(list, user), err)
 }

-type datasourceBrief struct {
-	Id         int64  `json:"id"`
-	Name       string `json:"name"`
-	PluginType string `json:"plugin_type"`
+func (rt *Router) datasourceGetsByService(c *gin.Context) {
+	typ := ginx.QueryStr(c, "typ", "")
+	lst, err := models.GetDatasourcesGetsBy(rt.Ctx, typ, "", "", "")
+	ginx.NewRender(c).Data(lst, err)
 }

 func (rt *Router) datasourceBriefs(c *gin.Context) {
-	var dss []datasourceBrief
+	var dss []*models.Datasource
 	list, err := models.GetDatasourcesGetsBy(rt.Ctx, "", "", "", "")
 	ginx.Dangerous(err)

-	for i := range list {
-		dss = append(dss, datasourceBrief{
-			Id:         list[i].Id,
-			Name:       list[i].Name,
-			PluginType: list[i].PluginType,
-		})
+	for _, item := range list {
+		item.AuthJson.BasicAuthPassword = ""
+		if item.PluginType == models.PROMETHEUS {
+			for k, v := range item.SettingsJson {
+				if strings.HasPrefix(k, "prometheus.") {
+					item.SettingsJson[strings.TrimPrefix(k, "prometheus.")] = v
+					delete(item.SettingsJson, k)
+				}
+			}
+		} else if item.PluginType == "cloudwatch" {
+			for k := range item.SettingsJson {
+				if !strings.Contains(k, "region") {
+					delete(item.SettingsJson, k)
+				}
+			}
+		} else {
+			item.SettingsJson = nil
+		}
+		dss = append(dss, item)
+	}
+
+	if !rt.Center.AnonymousAccess.PromQuerier {
+		user := c.MustGet("user").(*models.User)
+		dss = rt.DatasourceCache.DatasourceFilter(dss, user)
 	}

 	ginx.NewRender(c).Data(dss, err)
 }

 func (rt *Router) datasourceUpsert(c *gin.Context) {
+	if rt.DatasourceCache.DatasourceCheckHook(c) {
+		Render(c, []int{}, nil)
+		return
+	}
+
 	var req models.Datasource
 	ginx.BindJSON(c, &req)
 	username := Username(c)
@@ -66,10 +101,56 @@ func (rt *Router) datasourceUpsert(c *gin.Context) {
 	var err error
 	var count int64

-	err = DatasourceCheck(req)
-	if err != nil {
-		Dangerous(c, err)
-		return
+	if !req.ForceSave {
+		if req.PluginType == models.PROMETHEUS || req.PluginType == models.LOKI || req.PluginType == models.TDENGINE {
+			err = DatasourceCheck(c, req)
+			if err != nil {
+				Dangerous(c, err)
+				return
+			}
+		}
+	}
+
+	for k, v := range req.SettingsJson {
+		if strings.Contains(k, "cluster_name") {
+			req.ClusterName = v.(string)
+			break
+		}
+	}
+
+	if req.PluginType == models.OPENSEARCH {
+		b, err := json.Marshal(req.SettingsJson)
+		if err != nil {
+			logger.Warningf("marshal settings fail: %v", err)
+			return
+		}
+
+		var os opensearch.OpenSearch
+		err = json.Unmarshal(b, &os)
+		if err != nil {
+			logger.Warningf("unmarshal settings fail: %v", err)
+			return
+		}
+
+		if len(os.Nodes) == 0 {
+			logger.Warningf("nodes empty, %+v", req)
+			return
+		}
+
+		req.HTTPJson = models.HTTP{
+			Timeout: os.Timeout,
+			Url:     os.Nodes[0],
+			Headers: os.Headers,
+			TLS: models.TLS{
+				SkipTlsVerify: os.TLS.SkipTlsVerify,
+			},
+		}
+
+		req.AuthJson = models.Auth{
+			BasicAuth:         os.Basic.Enable,
+			BasicAuthUser:     os.Basic.Username,
+			BasicAuthPassword: os.Basic.Password,
+		}
 	}

 	if req.Id == 0 {
@@ -87,15 +168,21 @@ func (rt *Router) datasourceUpsert(c *gin.Context) {
 		}
 		err = req.Add(rt.Ctx)
 	} else {
-		err = req.Update(rt.Ctx, "name", "description", "cluster_name", "settings", "http", "auth", "updated_by", "updated_at")
+		err = req.Update(rt.Ctx, "name", "identifier", "description", "cluster_name", "settings", "http", "auth", "updated_by", "updated_at", "is_default")
 	}

 	Render(c, nil, err)
 }

-func DatasourceCheck(ds models.Datasource) error {
-	if ds.HTTPJson.Url == "" {
-		return fmt.Errorf("url is empty")
+func DatasourceCheck(c *gin.Context, ds models.Datasource) error {
+	if ds.PluginType == models.PROMETHEUS || ds.PluginType == models.LOKI || ds.PluginType == models.TDENGINE {
+		if ds.HTTPJson.Url == "" {
+			return fmt.Errorf("url is empty")
+		}
+
+		if !strings.HasPrefix(ds.HTTPJson.Url, "http") {
+			return fmt.Errorf("url must start with http or https")
+		}
 	}

 	client := &http.Client{
@@ -106,23 +193,51 @@ func DatasourceCheck(ds models.Datasource) error {
 		},
 	}

-	fullURL := ds.HTTPJson.Url
-	req, err := http.NewRequest("GET", fullURL, nil)
+	ds.HTTPJson.Url = strings.TrimRight(ds.HTTPJson.Url, "/")
+	var fullURL string
+	req, err := ds.HTTPJson.NewReq(&fullURL)
 	if err != nil {
 		logger.Errorf("Error creating request: %v", err)
-		return fmt.Errorf("request url:%s failed", fullURL)
+		return fmt.Errorf("request urls:%v failed: %v", ds.HTTPJson.GetUrls(), err)
 	}

 	if ds.PluginType == models.PROMETHEUS {
 		subPath := "/api/v1/query"
 		query := url.Values{}
-		query.Add("query", "1+1")
+		if ds.HTTPJson.IsLoki() {
+			subPath = "/api/v1/labels"
+		} else {
+			query.Add("query", "1+1")
+		}
 		fullURL = fmt.Sprintf("%s%s?%s", ds.HTTPJson.Url, subPath, query.Encode())

-		req, err = http.NewRequest("POST", fullURL, nil)
+		req, err = http.NewRequest("GET", fullURL, nil)
 		if err != nil {
 			logger.Errorf("Error creating request: %v", err)
-			return fmt.Errorf("request url:%s failed", fullURL)
+			return fmt.Errorf("request url:%s failed: %v", fullURL, err)
+		}
+	} else if ds.PluginType == models.TDENGINE {
+		fullURL = fmt.Sprintf("%s/rest/sql", ds.HTTPJson.Url)
+		req, err = http.NewRequest("POST", fullURL, strings.NewReader("show databases"))
+		if err != nil {
+			logger.Errorf("Error creating request: %v", err)
+			return fmt.Errorf("request url:%s failed: %v", fullURL, err)
+		}
+	}
+
+	if ds.PluginType == models.LOKI {
+		subPath := "/api/v1/labels"
+
+		fullURL = fmt.Sprintf("%s%s", ds.HTTPJson.Url, subPath)
+
+		req, err = http.NewRequest("GET", fullURL, nil)
+		if err != nil {
+			logger.Errorf("Error creating request: %v", err)
+			if !strings.Contains(ds.HTTPJson.Url, "/loki") {
+				lang := c.GetHeader("X-Language")
+				return fmt.Errorf(i18n.Sprintf(lang, "/loki suffix is miss, please add /loki to the url: %s", ds.HTTPJson.Url+"/loki"))
+			}
+			return fmt.Errorf("request url:%s failed: %v", fullURL, err)
 		}
 	}

@@ -137,19 +252,29 @@ func DatasourceCheck(ds models.Datasource) error {
 	resp, err := client.Do(req)
 	if err != nil {
 		logger.Errorf("Error making request: %v\n", err)
-		return fmt.Errorf("request url:%s failed", fullURL)
+		return fmt.Errorf("request url:%s failed: %v", fullURL, err)
 	}
 	defer resp.Body.Close()

 	if resp.StatusCode != 200 {
 		logger.Errorf("Error making request: %v\n", resp.StatusCode)
-		return fmt.Errorf("request url:%s failed code:%d", fullURL, resp.StatusCode)
+		if resp.StatusCode == 404 && ds.PluginType == models.LOKI && !strings.Contains(ds.HTTPJson.Url, "/loki") {
+			lang := c.GetHeader("X-Language")
+			return fmt.Errorf(i18n.Sprintf(lang, "/loki suffix is miss, please add /loki to the url: %s", ds.HTTPJson.Url+"/loki"))
+		}
+		body, _ := io.ReadAll(resp.Body)
+		return fmt.Errorf("request url:%s failed code:%d body:%s", fullURL, resp.StatusCode, string(body))
 	}

 	return nil
 }

 func (rt *Router) datasourceGet(c *gin.Context) {
+	if rt.DatasourceCache.DatasourceCheckHook(c) {
+		Render(c, []int{}, nil)
+		return
+	}
+
 	var req models.Datasource
 	ginx.BindJSON(c, &req)
 	err := req.Get(rt.Ctx)
@@ -157,6 +282,11 @@ func (rt *Router) datasourceGet(c *gin.Context) {
 }

 func (rt *Router) datasourceUpdataStatus(c *gin.Context) {
+	if rt.DatasourceCache.DatasourceCheckHook(c) {
+		Render(c, []int{}, nil)
+		return
+	}
+
 	var req models.Datasource
 	ginx.BindJSON(c, &req)
 	username := Username(c)
@@ -166,13 +296,54 @@ func (rt *Router) datasourceUpdataStatus(c *gin.Context) {
 }

 func (rt *Router) datasourceDel(c *gin.Context) {
+	if rt.DatasourceCache.DatasourceCheckHook(c) {
+		Render(c, []int{}, nil)
+		return
+	}
+
 	var ids []int64
 	ginx.BindJSON(c, &ids)
 	err := models.DatasourceDel(rt.Ctx, ids)
 	Render(c, nil, err)
 }

-func Username(c *gin.Context) string {
+func (rt *Router) getDatasourceIds(c *gin.Context) {
+	name := ginx.QueryStr(c, "name")
+	datasourceIds, err := models.GetDatasourceIdsByEngineName(rt.Ctx, name)

-	return c.MustGet("username").(string)
+	ginx.NewRender(c).Data(datasourceIds, err)
+}
+
+type datasourceQueryForm struct {
+	Cate              string                   `json:"datasource_cate"`
+	DatasourceQueries []models.DatasourceQuery `json:"datasource_queries"`
+}
+
+type datasourceQueryResp struct {
+	ID   int64  `json:"id"`
+	Name string `json:"name"`
+}
+
+func (rt *Router) datasourceQuery(c *gin.Context) {
+	var dsf datasourceQueryForm
+	ginx.BindJSON(c, &dsf)
+	datasources, err := models.GetDatasourcesGetsByTypes(rt.Ctx, []string{dsf.Cate})
+	ginx.Dangerous(err)
+
+	nameToID := make(map[string]int64)
+	IDToName := make(map[int64]string)
+	for _, ds := range datasources {
+		nameToID[ds.Name] = ds.Id
+		IDToName[ds.Id] = ds.Name
+	}
+
+	ids := models.GetDatasourceIDsByDatasourceQueries(dsf.DatasourceQueries, IDToName, nameToID)
+	var req []datasourceQueryResp
+	for _, id := range ids {
+		req = append(req, datasourceQueryResp{
+			ID:   id,
+			Name: IDToName[id],
+		})
+	}
+	ginx.NewRender(c).Data(req, err)
 }
--- a/center/router/router_datasource_db.go
+++ b/center/router/router_datasource_db.go
@@ -0,0 +1,101 @@
+package router
+
+import (
+	"context"
+
+	"github.com/ccfos/nightingale/v6/dscache"
+	"github.com/ccfos/nightingale/v6/dskit/types"
+	"github.com/ccfos/nightingale/v6/models"
+
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/logger"
+)
+
+func (rt *Router) ShowDatabases(c *gin.Context) {
+	var f models.QueryParam
+	ginx.BindJSON(c, &f)
+
+	plug, exists := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+	if !exists {
+		logger.Warningf("cluster:%d not exists", f.DatasourceId)
+		ginx.Bomb(200, "cluster not exists")
+	}
+
+	var databases []string
+	var err error
+	type DatabaseShower interface {
+		ShowDatabases(context.Context) ([]string, error)
+	}
+	switch plug.(type) {
+	case DatabaseShower:
+		databases, err = plug.(DatabaseShower).ShowDatabases(c.Request.Context())
+		ginx.Dangerous(err)
+	default:
+		ginx.Bomb(200, "datasource not exists")
+	}
+
+	if len(databases) == 0 {
+		databases = make([]string, 0)
+	}
+
+	ginx.NewRender(c).Data(databases, nil)
+}
+
+func (rt *Router) ShowTables(c *gin.Context) {
+	var f models.QueryParam
+	ginx.BindJSON(c, &f)
+
+	plug, exists := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+	if !exists {
+		logger.Warningf("cluster:%d not exists", f.DatasourceId)
+		ginx.Bomb(200, "cluster not exists")
+	}
+
+	// 只接受一个入参
+	tables := make([]string, 0)
+	var err error
+	type TableShower interface {
+		ShowTables(ctx context.Context, database string) ([]string, error)
+	}
+	switch plug.(type) {
+	case TableShower:
+		if len(f.Querys) > 0 {
+			database, ok := f.Querys[0].(string)
+			if ok {
+				tables, err = plug.(TableShower).ShowTables(c.Request.Context(), database)
+			}
+		}
+	default:
+		ginx.Bomb(200, "datasource not exists")
+	}
+	ginx.NewRender(c).Data(tables, err)
+}
+
+func (rt *Router) DescribeTable(c *gin.Context) {
+	var f models.QueryParam
+	ginx.BindJSON(c, &f)
+
+	plug, exists := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+	if !exists {
+		logger.Warningf("cluster:%d not exists", f.DatasourceId)
+		ginx.Bomb(200, "cluster not exists")
+	}
+	// 只接受一个入参
+	columns := make([]*types.ColumnProperty, 0)
+	var err error
+	type TableDescriber interface {
+		DescribeTable(context.Context, interface{}) ([]*types.ColumnProperty, error)
+	}
+	switch plug.(type) {
+	case TableDescriber:
+		client := plug.(TableDescriber)
+		if len(f.Querys) > 0 {
+			columns, err = client.DescribeTable(c.Request.Context(), f.Querys[0])
+		}
+	default:
+		ginx.Bomb(200, "datasource not exists")
+	}
+
+	ginx.NewRender(c).Data(columns, err)
+}
--- a/center/router/router_embedded.go
+++ b/center/router/router_embedded.go
@@ -0,0 +1,141 @@
+package router
+
+import (
+	"time"
+
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+)
+
+func (rt *Router) embeddedProductGets(c *gin.Context) {
+	products, err := models.EmbeddedProductGets(rt.Ctx)
+	ginx.Dangerous(err)
+	// 获取当前用户可访问的Group ID 列表
+	me := c.MustGet("user").(*models.User)
+
+	if me.IsAdmin() {
+		ginx.NewRender(c).Data(products, err)
+		return
+	}
+
+	gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+	bgSet := make(map[int64]struct{}, len(gids))
+	for _, id := range gids {
+		bgSet[id] = struct{}{}
+	}
+
+	// 过滤出公开或有权限访问的私有 product link
+	var result []*models.EmbeddedProduct
+	for _, product := range products {
+		if !product.IsPrivate {
+			result = append(result, product)
+			continue
+		}
+
+		for _, tid := range product.TeamIDs {
+			if _, ok := bgSet[tid]; ok {
+				result = append(result, product)
+				break
+			}
+		}
+	}
+
+	ginx.NewRender(c).Data(result, err)
+}
+
+func (rt *Router) embeddedProductGet(c *gin.Context) {
+	id := ginx.UrlParamInt64(c, "id")
+	if id <= 0 {
+		ginx.Bomb(400, "invalid id")
+	}
+
+	data, err := models.GetEmbeddedProductByID(rt.Ctx, id)
+	ginx.Dangerous(err)
+
+	me := c.MustGet("user").(*models.User)
+	hashPermission, err := hasEmbeddedProductAccess(rt.Ctx, me, data)
+	ginx.Dangerous(err)
+
+	if !hashPermission {
+		ginx.Bomb(403, "forbidden")
+	}
+
+	ginx.NewRender(c).Data(data, nil)
+}
+
+func (rt *Router) embeddedProductAdd(c *gin.Context) {
+	var eps []models.EmbeddedProduct
+	ginx.BindJSON(c, &eps)
+
+	me := c.MustGet("user").(*models.User)
+
+	for i := range eps {
+		eps[i].CreateBy = me.Nickname
+		eps[i].UpdateBy = me.Nickname
+	}
+
+	err := models.AddEmbeddedProduct(rt.Ctx, eps)
+	ginx.NewRender(c).Message(err)
+}
+
+func (rt *Router) embeddedProductPut(c *gin.Context) {
+	var ep models.EmbeddedProduct
+	id := ginx.UrlParamInt64(c, "id")
+	ginx.BindJSON(c, &ep)
+
+	if id <= 0 {
+		ginx.Bomb(400, "invalid id")
+	}
+
+	oldProduct, err := models.GetEmbeddedProductByID(rt.Ctx, id)
+	ginx.Dangerous(err)
+	me := c.MustGet("user").(*models.User)
+
+	now := time.Now().Unix()
+	oldProduct.Name = ep.Name
+	oldProduct.URL = ep.URL
+	oldProduct.IsPrivate = ep.IsPrivate
+	oldProduct.TeamIDs = ep.TeamIDs
+	oldProduct.UpdateBy = me.Username
+	oldProduct.UpdateAt = now
+
+	err = models.UpdateEmbeddedProduct(rt.Ctx, oldProduct)
+	ginx.NewRender(c).Message(err)
+}
+
+func (rt *Router) embeddedProductDelete(c *gin.Context) {
+	id := ginx.UrlParamInt64(c, "id")
+	if id <= 0 {
+		ginx.Bomb(400, "invalid id")
+	}
+
+	err := models.DeleteEmbeddedProduct(rt.Ctx, id)
+	ginx.NewRender(c).Message(err)
+}
+
+func hasEmbeddedProductAccess(ctx *ctx.Context, user *models.User, ep *models.EmbeddedProduct) (bool, error) {
+	if user.IsAdmin() || !ep.IsPrivate {
+		return true, nil
+	}
+
+	gids, err := models.MyGroupIds(ctx, user.Id)
+	if err != nil {
+		return false, err
+	}
+
+	groupSet := make(map[int64]struct{}, len(gids))
+	for _, gid := range gids {
+		groupSet[gid] = struct{}{}
+	}
+
+	for _, tid := range ep.TeamIDs {
+		if _, ok := groupSet[tid]; ok {
+			return true, nil
+		}
+	}
+
+	return false, nil
+}
--- a/center/router/router_es.go
+++ b/center/router/router_es.go
@@ -0,0 +1,77 @@
+package router
+
+import (
+	"github.com/ccfos/nightingale/v6/datasource/es"
+	"github.com/ccfos/nightingale/v6/dscache"
+
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/logger"
+)
+
+type IndexReq struct {
+	Cate         string `json:"cate"`
+	DatasourceId int64  `json:"datasource_id"`
+	Index        string `json:"index"`
+}
+
+type FieldValueReq struct {
+	Cate         string   `json:"cate"`
+	DatasourceId int64    `json:"datasource_id"`
+	Index        string   `json:"index"`
+	Query        FieldObj `json:"query"`
+}
+
+type FieldObj struct {
+	Find  string `json:"find"`
+	Field string `json:"field"`
+	Query string `json:"query"`
+}
+
+func (rt *Router) QueryIndices(c *gin.Context) {
+	var f IndexReq
+	ginx.BindJSON(c, &f)
+
+	plug, exists := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+	if !exists {
+		logger.Warningf("cluster:%d not exists", f.DatasourceId)
+		ginx.Bomb(200, "cluster not exists")
+	}
+
+	indices, err := plug.(*es.Elasticsearch).QueryIndices()
+	ginx.Dangerous(err)
+
+	ginx.NewRender(c).Data(indices, nil)
+}
+
+func (rt *Router) QueryFields(c *gin.Context) {
+	var f IndexReq
+	ginx.BindJSON(c, &f)
+
+	plug, exists := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+	if !exists {
+		logger.Warningf("cluster:%d not exists", f.DatasourceId)
+		ginx.Bomb(200, "cluster not exists")
+	}
+
+	fields, err := plug.(*es.Elasticsearch).QueryFields([]string{f.Index})
+	ginx.Dangerous(err)
+
+	ginx.NewRender(c).Data(fields, nil)
+}
+
+func (rt *Router) QueryESVariable(c *gin.Context) {
+	var f FieldValueReq
+	ginx.BindJSON(c, &f)
+
+	plug, exists := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+	if !exists {
+		logger.Warningf("cluster:%d not exists", f.DatasourceId)
+		ginx.Bomb(200, "cluster not exists")
+	}
+
+	fields, err := plug.(*es.Elasticsearch).QueryFieldValue([]string{f.Index}, f.Query.Field, f.Query.Query)
+	ginx.Dangerous(err)
+
+	ginx.NewRender(c).Data(fields, nil)
+}
--- a/center/router/router_es_index_pattern.go
+++ b/center/router/router_es_index_pattern.go
@@ -0,0 +1,81 @@
+package router
+
+import (
+	"net/http"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+)
+
+// 创建 ES Index Pattern
+func (rt *Router) esIndexPatternAdd(c *gin.Context) {
+	var f models.EsIndexPattern
+	ginx.BindJSON(c, &f)
+
+	username := c.MustGet("username").(string)
+	now := time.Now().Unix()
+	f.CreateAt = now
+	f.CreateBy = username
+	f.UpdateAt = now
+	f.UpdateBy = username
+
+	err := f.Add(rt.Ctx)
+	ginx.NewRender(c).Message(err)
+}
+
+// 更新 ES Index Pattern
+func (rt *Router) esIndexPatternPut(c *gin.Context) {
+	var f models.EsIndexPattern
+	ginx.BindJSON(c, &f)
+
+	id := ginx.QueryInt64(c, "id")
+
+	esIndexPattern, err := models.EsIndexPatternGetById(rt.Ctx, id)
+	ginx.Dangerous(err)
+
+	if esIndexPattern == nil {
+		ginx.NewRender(c, http.StatusNotFound).Message("No such EsIndexPattern")
+		return
+	}
+
+	f.UpdateBy = c.MustGet("username").(string)
+
+	ginx.NewRender(c).Message(esIndexPattern.Update(rt.Ctx, f))
+}
+
+// 删除 ES Index Pattern
+func (rt *Router) esIndexPatternDel(c *gin.Context) {
+	var f idsForm
+	ginx.BindJSON(c, &f)
+
+	if len(f.Ids) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "ids empty")
+	}
+
+	ginx.NewRender(c).Message(models.EsIndexPatternDel(rt.Ctx, f.Ids))
+}
+
+// ES Index Pattern列表
+func (rt *Router) esIndexPatternGetList(c *gin.Context) {
+	datasourceId := ginx.QueryInt64(c, "datasource_id", 0)
+
+	var lst []*models.EsIndexPattern
+	var err error
+	if datasourceId != 0 {
+		lst, err = models.EsIndexPatternGets(rt.Ctx, "datasource_id = ?", datasourceId)
+	} else {
+		lst, err = models.EsIndexPatternGets(rt.Ctx, "")
+	}
+
+	ginx.NewRender(c).Data(lst, err)
+}
+
+// ES Index Pattern 单个数据
+func (rt *Router) esIndexPatternGet(c *gin.Context) {
+	id := ginx.QueryInt64(c, "id")
+
+	item, err := models.EsIndexPatternGet(rt.Ctx, "id=?", id)
+	ginx.NewRender(c).Data(item, err)
+}
--- a/center/router/router_event_pipeline.go
+++ b/center/router/router_event_pipeline.go
@@ -0,0 +1,249 @@
+package router
+
+import (
+	"net/http"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/models"
+
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+)
+
+// 获取事件Pipeline列表
+func (rt *Router) eventPipelinesList(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+	pipelines, err := models.ListEventPipelines(rt.Ctx)
+	ginx.Dangerous(err)
+
+	allTids := make([]int64, 0)
+	for _, pipeline := range pipelines {
+		allTids = append(allTids, pipeline.TeamIds...)
+	}
+	ugMap, err := models.UserGroupIdAndNameMap(rt.Ctx, allTids)
+	ginx.Dangerous(err)
+	for _, pipeline := range pipelines {
+		for _, tid := range pipeline.TeamIds {
+			pipeline.TeamNames = append(pipeline.TeamNames, ugMap[tid])
+		}
+	}
+
+	gids, err := models.MyGroupIdsMap(rt.Ctx, me.Id)
+	ginx.Dangerous(err)
+
+	if me.IsAdmin() {
+		ginx.NewRender(c).Data(pipelines, nil)
+		return
+	}
+
+	res := make([]*models.EventPipeline, 0)
+	for _, pipeline := range pipelines {
+		for _, tid := range pipeline.TeamIds {
+			if _, ok := gids[tid]; ok {
+				res = append(res, pipeline)
+				break
+			}
+		}
+	}
+
+	ginx.NewRender(c).Data(res, nil)
+}
+
+// 获取单个事件Pipeline详情
+func (rt *Router) getEventPipeline(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+	id := ginx.UrlParamInt64(c, "id")
+	pipeline, err := models.GetEventPipeline(rt.Ctx, id)
+	ginx.Dangerous(err)
+	ginx.Dangerous(me.CheckGroupPermission(rt.Ctx, pipeline.TeamIds))
+
+	err = pipeline.FillTeamNames(rt.Ctx)
+	ginx.Dangerous(err)
+
+	ginx.NewRender(c).Data(pipeline, nil)
+}
+
+// 创建事件Pipeline
+func (rt *Router) addEventPipeline(c *gin.Context) {
+	var pipeline models.EventPipeline
+	ginx.BindJSON(c, &pipeline)
+
+	user := c.MustGet("user").(*models.User)
+	now := time.Now().Unix()
+	pipeline.CreateBy = user.Username
+	pipeline.CreateAt = now
+	pipeline.UpdateAt = now
+	pipeline.UpdateBy = user.Username
+
+	err := pipeline.Verify()
+	if err != nil {
+		ginx.Bomb(http.StatusBadRequest, err.Error())
+	}
+
+	ginx.Dangerous(user.CheckGroupPermission(rt.Ctx, pipeline.TeamIds))
+	err = models.CreateEventPipeline(rt.Ctx, &pipeline)
+	ginx.NewRender(c).Message(err)
+}
+
+// 更新事件Pipeline
+func (rt *Router) updateEventPipeline(c *gin.Context) {
+	var f models.EventPipeline
+	ginx.BindJSON(c, &f)
+
+	me := c.MustGet("user").(*models.User)
+	f.UpdateBy = me.Username
+	f.UpdateAt = time.Now().Unix()
+
+	pipeline, err := models.GetEventPipeline(rt.Ctx, f.ID)
+	if err != nil {
+		ginx.Bomb(http.StatusNotFound, "No such event pipeline")
+	}
+	ginx.Dangerous(me.CheckGroupPermission(rt.Ctx, pipeline.TeamIds))
+
+	ginx.NewRender(c).Message(pipeline.Update(rt.Ctx, &f))
+}
+
+// 删除事件Pipeline
+func (rt *Router) deleteEventPipelines(c *gin.Context) {
+	var f struct {
+		Ids []int64 `json:"ids"`
+	}
+	ginx.BindJSON(c, &f)
+
+	if len(f.Ids) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "ids required")
+	}
+
+	me := c.MustGet("user").(*models.User)
+	for _, id := range f.Ids {
+		pipeline, err := models.GetEventPipeline(rt.Ctx, id)
+		ginx.Dangerous(err)
+		ginx.Dangerous(me.CheckGroupPermission(rt.Ctx, pipeline.TeamIds))
+	}
+
+	err := models.DeleteEventPipelines(rt.Ctx, f.Ids)
+	ginx.NewRender(c).Message(err)
+}
+
+// 测试事件Pipeline
+func (rt *Router) tryRunEventPipeline(c *gin.Context) {
+	var f struct {
+		EventId        int64                `json:"event_id"`
+		PipelineConfig models.EventPipeline `json:"pipeline_config"`
+	}
+	ginx.BindJSON(c, &f)
+
+	hisEvent, err := models.AlertHisEventGetById(rt.Ctx, f.EventId)
+	if err != nil || hisEvent == nil {
+		ginx.Bomb(http.StatusBadRequest, "event not found")
+	}
+	event := hisEvent.ToCur()
+
+	for _, p := range f.PipelineConfig.ProcessorConfigs {
+		processor, err := models.GetProcessorByType(p.Typ, p.Config)
+		if err != nil {
+			ginx.Bomb(http.StatusBadRequest, "get processor: %+v err: %+v", p, err)
+		}
+		event, _, err = processor.Process(rt.Ctx, event)
+		if err != nil {
+			ginx.Bomb(http.StatusBadRequest, "processor: %+v err: %+v", p, err)
+		}
+
+		if event == nil {
+			ginx.NewRender(c).Data(map[string]interface{}{
+				"event":  event,
+				"result": "event is dropped",
+			}, nil)
+			return
+		}
+	}
+
+	m := map[string]interface{}{
+		"event":  event,
+		"result": "",
+	}
+	ginx.NewRender(c).Data(m, nil)
+}
+
+// 测试事件处理器
+func (rt *Router) tryRunEventProcessor(c *gin.Context) {
+	var f struct {
+		EventId         int64                  `json:"event_id"`
+		ProcessorConfig models.ProcessorConfig `json:"processor_config"`
+	}
+	ginx.BindJSON(c, &f)
+
+	hisEvent, err := models.AlertHisEventGetById(rt.Ctx, f.EventId)
+	if err != nil || hisEvent == nil {
+		ginx.Bomb(http.StatusBadRequest, "event not found")
+	}
+	event := hisEvent.ToCur()
+
+	processor, err := models.GetProcessorByType(f.ProcessorConfig.Typ, f.ProcessorConfig.Config)
+	if err != nil {
+		ginx.Bomb(200, "get processor err: %+v", err)
+	}
+	event, res, err := processor.Process(rt.Ctx, event)
+	if err != nil {
+		ginx.Bomb(200, "processor err: %+v", err)
+	}
+
+	ginx.NewRender(c).Data(map[string]interface{}{
+		"event":  event,
+		"result": res,
+	}, nil)
+}
+
+func (rt *Router) tryRunEventProcessorByNotifyRule(c *gin.Context) {
+	var f struct {
+		EventId         int64                   `json:"event_id"`
+		PipelineConfigs []models.PipelineConfig `json:"pipeline_configs"`
+	}
+	ginx.BindJSON(c, &f)
+
+	hisEvent, err := models.AlertHisEventGetById(rt.Ctx, f.EventId)
+	if err != nil || hisEvent == nil {
+		ginx.Bomb(http.StatusBadRequest, "event not found")
+	}
+	event := hisEvent.ToCur()
+
+	pids := make([]int64, 0)
+	for _, pc := range f.PipelineConfigs {
+		if pc.Enable {
+			pids = append(pids, pc.PipelineId)
+		}
+	}
+
+	pipelines, err := models.GetEventPipelinesByIds(rt.Ctx, pids)
+	if err != nil {
+		ginx.Bomb(http.StatusBadRequest, "processors not found")
+	}
+
+	for _, pl := range pipelines {
+		for _, p := range pl.ProcessorConfigs {
+			processor, err := models.GetProcessorByType(p.Typ, p.Config)
+			if err != nil {
+				ginx.Bomb(http.StatusBadRequest, "get processor: %+v err: %+v", p, err)
+			}
+
+			event, _, err := processor.Process(rt.Ctx, event)
+			if err != nil {
+				ginx.Bomb(http.StatusBadRequest, "processor: %+v err: %+v", p, err)
+			}
+			if event == nil {
+				ginx.NewRender(c).Data(map[string]interface{}{
+					"event":  event,
+					"result": "event is dropped",
+				}, nil)
+				return
+			}
+		}
+	}
+
+	ginx.NewRender(c).Data(event, nil)
+}
+
+func (rt *Router) eventPipelinesListByService(c *gin.Context) {
+	pipelines, err := models.ListEventPipelines(rt.Ctx)
+	ginx.NewRender(c).Data(pipelines, err)
+}
--- a/center/router/router_funcs.go
+++ b/center/router/router_funcs.go
@@ -1,22 +1,74 @@
 package router

 import (
-	"fmt"
 	"net/http"
 	"strconv"
 	"strings"

-	"github.com/ccfos/nightingale/v6/alert/aconf"
 	"github.com/ccfos/nightingale/v6/models"
 	"github.com/ccfos/nightingale/v6/pkg/ctx"
-	"github.com/ccfos/nightingale/v6/pkg/ibex"
-	"github.com/gin-gonic/gin"

+	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
 )

 const defaultLimit = 300

+func (rt *Router) statistic(c *gin.Context) {
+	name := ginx.QueryStr(c, "name")
+	var model interface{}
+	var err error
+	var statistics *models.Statistics
+	switch name {
+	case "alert_mute":
+		model = models.AlertMute{}
+	case "alert_rule":
+		model = models.AlertRule{}
+	case "alert_subscribe":
+		model = models.AlertSubscribe{}
+	case "busi_group":
+		model = models.BusiGroup{}
+	case "recording_rule":
+		model = models.RecordingRule{}
+	case "target":
+		model = models.Target{}
+	case "user":
+		model = models.User{}
+	case "user_group":
+		model = models.UserGroup{}
+	case "notify_rule":
+		model = models.NotifyRule{}
+	case "notify_channel":
+		model = models.NotifyChannel{}
+	case "event_pipeline":
+		statistics, err = models.EventPipelineStatistics(rt.Ctx)
+		ginx.NewRender(c).Data(statistics, err)
+		return
+	case "datasource":
+		// datasource update_at is different from others
+		statistics, err = models.DatasourceStatistics(rt.Ctx)
+		ginx.NewRender(c).Data(statistics, err)
+		return
+	case "user_variable":
+		statistics, err = models.ConfigsUserVariableStatistics(rt.Ctx)
+		ginx.NewRender(c).Data(statistics, err)
+		return
+	case "cval":
+		statistics, err = models.ConfigCvalStatistics(rt.Ctx)
+		ginx.NewRender(c).Data(statistics, err)
+		return
+	case "message_template":
+		statistics, err = models.MessageTemplateStatistics(rt.Ctx)
+		ginx.NewRender(c).Data(statistics, err)
+		return
+	default:
+		ginx.Bomb(http.StatusBadRequest, "invalid name")
+	}
+
+	statistics, err = models.StatisticsGet(rt.Ctx, model)
+	ginx.NewRender(c).Data(statistics, err)
+}
+
 func queryDatasourceIds(c *gin.Context) []int64 {
 	datasourceIds := ginx.QueryStr(c, "datasource_ids", "")
 	datasourceIds = strings.ReplaceAll(datasourceIds, ",", " ")
@@ -29,8 +81,26 @@ func queryDatasourceIds(c *gin.Context) []int64 {
 	return ids
 }

+func queryStrListField(c *gin.Context, fieldName string, sep ...string) []string {
+	str := ginx.QueryStr(c, fieldName, "")
+	if str == "" {
+		return nil
+	}
+
+	lst := []string{str}
+	for _, s := range sep {
+		var newLst []string
+		for _, str := range lst {
+			newLst = append(newLst, strings.Split(str, s)...)
+		}
+		lst = newLst
+	}
+	return lst
+}
+
 type idsForm struct {
-	Ids []int64 `json:"ids"`
+	Ids               []int64 `json:"ids"`
+	IsSyncToFlashDuty bool    `json:"is_sync_to_flashduty"`
 }

 func (f idsForm) Verify() {
@@ -95,27 +165,46 @@ type TaskCreateReply struct {
 	Dat int64  `json:"dat"` // task.id
 }

-// return task.id, error
-func TaskCreate(v interface{}, ibexc aconf.Ibex) (int64, error) {
-	var res TaskCreateReply
-	err := ibex.New(
-		ibexc.Address,
-		ibexc.BasicAuthUser,
-		ibexc.BasicAuthPass,
-		ibexc.Timeout,
-	).
-		Path("/ibex/v1/tasks").
-		In(v).
-		Out(&res).
-		POST()
-
-	if err != nil {
-		return 0, err
+func Username(c *gin.Context) string {
+	username := c.GetString(gin.AuthUserKey)
+	if username == "" {
+		user := c.MustGet("user").(*models.User)
+		username = user.Username
 	}
-
-	if res.Err != "" {
-		return 0, fmt.Errorf("response.err: %v", res.Err)
-	}
-
-	return res.Dat, nil
+	return username
+}
+
+func HasPermission(ctx *ctx.Context, c *gin.Context, sourceType, sourceId string, isAnonymousAccess bool) bool {
+	if sourceType == "event" && isAnonymousAccess {
+		return true
+	}
+
+	// 尝试从请求中获取 __token 参数
+	token := ginx.QueryStr(c, "__token", "")
+
+	// 如果有 __token 参数，验证其合法性
+	if token != "" {
+		return ValidateSourceToken(ctx, sourceType, sourceId, token)
+	}
+
+	return false
+}
+
+func ValidateSourceToken(ctx *ctx.Context, sourceType, sourceId, token string) bool {
+	if token == "" {
+		return false
+	}
+
+	// 根据源类型、源ID和令牌获取源令牌记录
+	sourceToken, err := models.GetSourceTokenBySource(ctx, sourceType, sourceId, token)
+	if err != nil {
+		return false
+	}
+
+	// 检查令牌是否过期
+	if sourceToken.IsExpired() {
+		return false
+	}
+
+	return true
 }
--- a/center/router/router_heartbeat.go
+++ b/center/router/router_heartbeat.go
@@ -3,16 +3,35 @@ package router
 import (
 	"compress/gzip"
 	"encoding/json"
+	"errors"
 	"io/ioutil"
+	"sort"
+	"strconv"
+	"strings"
 	"time"

+	"github.com/ccfos/nightingale/v6/center/metas"
+	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/ccfos/nightingale/v6/pushgw/idents"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/logger"
 )

+type HeartbeatHookFunc func(ident string) map[string]interface{}
+
 func (rt *Router) heartbeat(c *gin.Context) {
+	req, err := HandleHeartbeat(c, rt.Ctx, rt.Alert.Heartbeat.EngineName, rt.MetaSet, rt.IdentSet, rt.TargetCache)
+	ginx.Dangerous(err)
+
+	m := rt.HeartbeatHook(req.Hostname)
+	ginx.NewRender(c).Data(m, err)
+}
+
+func HandleHeartbeat(c *gin.Context, ctx *ctx.Context, engineName string, metaSet *metas.Set, identSet *idents.Set, targetCache *memsto.TargetCacheType) (models.HostMeta, error) {
 	var bs []byte
 	var err error
 	var r *gzip.Reader
@@ -21,7 +40,7 @@ func (rt *Router) heartbeat(c *gin.Context) {
 		r, err = gzip.NewReader(c.Request.Body)
 		if err != nil {
 			c.String(400, err.Error())
-			return
+			return req, err
 		}
 		defer r.Close()
 		bs, err = ioutil.ReadAll(r)
@@ -29,24 +48,156 @@ func (rt *Router) heartbeat(c *gin.Context) {
 	} else {
 		defer c.Request.Body.Close()
 		bs, err = ioutil.ReadAll(c.Request.Body)
-		ginx.Dangerous(err)
-	}
-
-	err = json.Unmarshal(bs, &req)
-	ginx.Dangerous(err)
-
-	req.Offset = (time.Now().UnixMilli() - req.UnixTime)
-	req.RemoteAddr = c.ClientIP()
-	rt.MetaSet.Set(req.Hostname, req)
-
-	gid := ginx.QueryInt64(c, "gid", 0)
-
-	if gid != 0 {
-		target, has := rt.TargetCache.Get(req.Hostname)
-		if has && target.GroupId != gid {
-			err = models.TargetUpdateBgid(rt.Ctx, []string{req.Hostname}, gid, false)
+		if err != nil {
+			return req, err
 		}
 	}

-	ginx.NewRender(c).Message(err)
+	err = json.Unmarshal(bs, &req)
+	if err != nil {
+		return req, err
+	}
+
+	if req.Hostname == "" {
+		return req, errors.New("hostname is required")
+	}
+
+	// maybe from pushgw
+	if req.Offset == 0 {
+		req.Offset = (time.Now().UnixMilli() - req.UnixTime)
+	}
+
+	if req.RemoteAddr == "" {
+		req.RemoteAddr = c.ClientIP()
+	}
+
+	if req.EngineName == "" {
+		req.EngineName = engineName
+	}
+
+	metaSet.Set(req.Hostname, req)
+	var items = make(map[string]struct{})
+	items[req.Hostname] = struct{}{}
+	identSet.MSet(items)
+
+	if target, has := targetCache.Get(req.Hostname); has && target != nil {
+		gidsStr := ginx.QueryStr(c, "gid", "")
+		overwriteGids := ginx.QueryBool(c, "overwrite_gids", false)
+		hostIp := strings.TrimSpace(req.HostIp)
+		gids := strings.Split(gidsStr, ",")
+
+		if overwriteGids {
+			groupIds := make([]int64, 0)
+			for i := range gids {
+				if gids[i] == "" {
+					continue
+				}
+				groupId, err := strconv.ParseInt(gids[i], 10, 64)
+				if err != nil {
+					logger.Warningf("update target:%s group ids failed, err: %v", req.Hostname, err)
+					continue
+				}
+				groupIds = append(groupIds, groupId)
+			}
+
+			err := models.TargetOverrideBgids(ctx, []string{target.Ident}, groupIds, nil)
+			if err != nil {
+				logger.Warningf("update target:%s group ids failed, err: %v", target.Ident, err)
+			}
+		} else if gidsStr != "" {
+			for i := range gids {
+				groupId, err := strconv.ParseInt(gids[i], 10, 64)
+				if err != nil {
+					logger.Warningf("update target:%s group ids failed, err: %v", req.Hostname, err)
+					continue
+				}
+
+				if !target.MatchGroupId(groupId) {
+					err := models.TargetBindBgids(ctx, []string{target.Ident}, []int64{groupId}, nil)
+					if err != nil {
+						logger.Warningf("update target:%s group ids failed, err: %v", target.Ident, err)
+					}
+				}
+			}
+		}
+
+		newTarget := models.Target{}
+		targetNeedUpdate := false
+		if hostIp != "" && hostIp != target.HostIp {
+			newTarget.HostIp = hostIp
+			targetNeedUpdate = true
+		}
+
+		hostTagsMap := target.GetHostTagsMap()
+		hostTagNeedUpdate := false
+		if len(hostTagsMap) != len(req.GlobalLabels) {
+			hostTagNeedUpdate = true
+		} else {
+			for k, v := range req.GlobalLabels {
+				if v == "" {
+					continue
+				}
+
+				if tagv, ok := hostTagsMap[k]; !ok || tagv != v {
+					hostTagNeedUpdate = true
+					break
+				}
+			}
+		}
+
+		if hostTagNeedUpdate {
+			lst := []string{}
+			for k, v := range req.GlobalLabels {
+				lst = append(lst, k+"="+v)
+			}
+			sort.Strings(lst)
+			newTarget.HostTags = lst
+			targetNeedUpdate = true
+		}
+
+		userTagsMap := target.GetTagsMap()
+		userTagNeedUpdate := false
+		userTags := []string{}
+		for k, v := range userTagsMap {
+			if v == "" {
+				continue
+			}
+
+			if _, ok := req.GlobalLabels[k]; !ok {
+				userTags = append(userTags, k+"="+v)
+			} else { // 该key在hostTags中已经存在
+				userTagNeedUpdate = true
+			}
+		}
+
+		if userTagNeedUpdate {
+			newTarget.Tags = strings.Join(userTags, " ") + " "
+			targetNeedUpdate = true
+		}
+
+		if req.EngineName != "" && req.EngineName != target.EngineName {
+			newTarget.EngineName = req.EngineName
+			targetNeedUpdate = true
+		}
+
+		if req.AgentVersion != "" && req.AgentVersion != target.AgentVersion {
+			newTarget.AgentVersion = req.AgentVersion
+			targetNeedUpdate = true
+		}
+
+		if req.OS != "" && req.OS != target.OS {
+			newTarget.OS = req.OS
+			targetNeedUpdate = true
+		}
+
+		if targetNeedUpdate {
+			err := models.DB(ctx).Model(&target).Updates(newTarget).Error
+			if err != nil {
+				logger.Errorf("update target fields failed, err: %v", err)
+			}
+		}
+		logger.Debugf("heartbeat field:%+v target: %v", newTarget, *target)
+	}
+
+	return req, nil
 }
--- a/center/router/router_login.go
+++ b/center/router/router_login.go
@@ -1,50 +1,75 @@
 package router

 import (
+	"encoding/base64"
 	"fmt"
 	"net/http"
 	"strconv"
 	"strings"
-	"time"

 	"github.com/ccfos/nightingale/v6/models"
 	"github.com/ccfos/nightingale/v6/pkg/cas"
 	"github.com/ccfos/nightingale/v6/pkg/ldapx"
 	"github.com/ccfos/nightingale/v6/pkg/oauth2x"
 	"github.com/ccfos/nightingale/v6/pkg/oidcx"
-	"github.com/pelletier/go-toml/v2"
+	"github.com/ccfos/nightingale/v6/pkg/secu"

 	"github.com/dgrijalva/jwt-go"
 	"github.com/gin-gonic/gin"
+	"github.com/pelletier/go-toml/v2"
 	"github.com/toolkits/pkg/ginx"
 	"github.com/toolkits/pkg/logger"
 )

 type loginForm struct {
-	Username string `json:"username" binding:"required"`
-	Password string `json:"password" binding:"required"`
+	Username    string `json:"username" binding:"required"`
+	Password    string `json:"password" binding:"required"`
+	Captchaid   string `json:"captchaid"`
+	Verifyvalue string `json:"verifyvalue"`
 }

 func (rt *Router) loginPost(c *gin.Context) {
 	var f loginForm
 	ginx.BindJSON(c, &f)
+	logger.Infof("username:%s login from:%s", f.Username, c.ClientIP())

-	user, err := models.PassLogin(rt.Ctx, f.Username, f.Password)
-	if err != nil {
-		// pass validate fail, try ldap
-		if rt.Sso.LDAP.Enable {
-			roles := strings.Join(rt.Sso.LDAP.DefaultRoles, " ")
-			user, err = models.LdapLogin(rt.Ctx, f.Username, f.Password, roles, rt.Sso.LDAP)
-			if err != nil {
-				logger.Debugf("ldap login failed: %v username: %s", err, f.Username)
-				ginx.NewRender(c).Message(err)
-				return
-			}
-			user.RolesLst = strings.Fields(user.Roles)
-		} else {
+	if rt.HTTP.ShowCaptcha.Enable {
+		if !CaptchaVerify(f.Captchaid, f.Verifyvalue) {
+			ginx.NewRender(c).Message("incorrect verification code")
+			return
+		}
+	}
+	authPassWord := f.Password
+	// need decode
+	if rt.HTTP.RSA.OpenRSA {
+		decPassWord, err := secu.Decrypt(f.Password, rt.HTTP.RSA.RSAPrivateKey, rt.HTTP.RSA.RSAPassWord)
+		if err != nil {
+			logger.Errorf("RSA Decrypt failed: %v username: %s", err, f.Username)
 			ginx.NewRender(c).Message(err)
 			return
 		}
+		authPassWord = decPassWord
+	}
+
+	var user *models.User
+	var err error
+	lc := rt.Sso.LDAP.Copy()
+	if lc.Enable {
+		user, err = ldapx.LdapLogin(rt.Ctx, f.Username, authPassWord, lc.DefaultRoles, lc.DefaultTeams, lc)
+		if err != nil {
+			logger.Debugf("ldap login failed: %v username: %s", err, f.Username)
+			var errLoginInN9e error
+			// to use n9e as the minimum guarantee for login
+			if user, errLoginInN9e = models.PassLogin(rt.Ctx, rt.Redis, f.Username, authPassWord); errLoginInN9e != nil {
+				ginx.NewRender(c).Message("ldap login failed: %v; n9e login failed: %v", err, errLoginInN9e)
+				return
+			}
+		} else {
+			user.RolesLst = strings.Fields(user.Roles)
+		}
+	} else {
+		user, err = models.PassLogin(rt.Ctx, rt.Redis, f.Username, authPassWord)
+		ginx.Dangerous(err)
 	}

 	if user == nil {
@@ -67,6 +92,7 @@ func (rt *Router) loginPost(c *gin.Context) {
 }

 func (rt *Router) logoutPost(c *gin.Context) {
+	logger.Infof("username:%s logout from:%s", c.GetString("username"), c.ClientIP())
 	metadata, err := rt.extractTokenMetadata(c.Request)
 	if err != nil {
 		ginx.NewRender(c, http.StatusBadRequest).Message("failed to parse jwt token")
@@ -79,7 +105,18 @@ func (rt *Router) logoutPost(c *gin.Context) {
 		return
 	}

-	ginx.NewRender(c).Message("")
+	var logoutAddr string
+	user := c.MustGet("user").(*models.User)
+	switch user.Belong {
+	case "oidc":
+		logoutAddr = rt.Sso.OIDC.GetSsoLogoutAddr()
+	case "cas":
+		logoutAddr = rt.Sso.CAS.GetSsoLogoutAddr()
+	case "oauth2":
+		logoutAddr = rt.Sso.OAuth2.GetSsoLogoutAddr()
+	}
+
+	ginx.NewRender(c).Data(logoutAddr, nil)
 }

 type refreshForm struct {
@@ -115,6 +152,13 @@ func (rt *Router) refreshPost(c *gin.Context) {
 			return
 		}

+		// 看这个 token 是否还存在 redis 中
+		val, err := rt.fetchAuth(c.Request.Context(), refreshUuid)
+		if err != nil || val == "" {
+			ginx.NewRender(c, http.StatusUnauthorized).Message("refresh token expired")
+			return
+		}
+
 		userIdentity, ok := claims["user_identity"].(string)
 		if !ok {
 			// Theoretically impossible
@@ -207,7 +251,7 @@ func (rt *Router) loginCallback(c *gin.Context) {

 	ret, err := rt.Sso.OIDC.Callback(rt.Redis, c.Request.Context(), code, state)
 	if err != nil {
-		logger.Debugf("sso.callback() get ret %+v error %v", ret, err)
+		logger.Errorf("sso_callback fail. code:%s, state:%s, get ret: %+v. error: %v", code, state, ret, err)
 		ginx.NewRender(c).Data(CallbackOutput{}, err)
 		return
 	}
@@ -217,41 +261,23 @@ func (rt *Router) loginCallback(c *gin.Context) {

 	if user != nil {
 		if rt.Sso.OIDC.CoverAttributes {
-			if ret.Nickname != "" {
-				user.Nickname = ret.Nickname
-			}
-
-			if ret.Email != "" {
-				user.Email = ret.Email
-			}
-
-			if ret.Phone != "" {
-				user.Phone = ret.Phone
-			}
-
-			user.UpdateAt = time.Now().Unix()
-			user.Update(rt.Ctx, "email", "nickname", "phone", "update_at")
+			updatedFields := user.UpdateSsoFields("oidc", ret.Nickname, ret.Phone, ret.Email)
+			ginx.Dangerous(user.Update(rt.Ctx, "update_at", updatedFields...))
 		}
 	} else {
-		now := time.Now().Unix()
-		user = &models.User{
-			Username: ret.Username,
-			Password: "******",
-			Nickname: ret.Nickname,
-			Phone:    ret.Phone,
-			Email:    ret.Email,
-			Portrait: "",
-			Roles:    strings.Join(rt.Sso.OIDC.DefaultRoles, " "),
-			RolesLst: rt.Sso.OIDC.DefaultRoles,
-			Contacts: []byte("{}"),
-			CreateAt: now,
-			UpdateAt: now,
-			CreateBy: "oidc",
-			UpdateBy: "oidc",
-		}
-
+		user = new(models.User)
+		user.FullSsoFields("oidc", ret.Username, ret.Nickname, ret.Phone, ret.Email, rt.Sso.OIDC.DefaultRoles)
 		// create user from oidc
 		ginx.Dangerous(user.Add(rt.Ctx))
+
+		if len(rt.Sso.OIDC.DefaultTeams) > 0 {
+			for _, gid := range rt.Sso.OIDC.DefaultTeams {
+				err = models.UserGroupMemberAdd(rt.Ctx, gid, user.Id)
+				if err != nil {
+					logger.Errorf("user:%v UserGroupMemberAdd: %s", user, err)
+				}
+			}
+		}
 	}

 	// set user login state
@@ -327,38 +353,12 @@ func (rt *Router) loginCallbackCas(c *gin.Context) {
 	ginx.Dangerous(err)
 	if user != nil {
 		if rt.Sso.CAS.CoverAttributes {
-			if ret.Nickname != "" {
-				user.Nickname = ret.Nickname
-			}
-
-			if ret.Email != "" {
-				user.Email = ret.Email
-			}
-
-			if ret.Phone != "" {
-				user.Phone = ret.Phone
-			}
-
-			user.UpdateAt = time.Now().Unix()
-			ginx.Dangerous(user.Update(rt.Ctx, "email", "nickname", "phone", "update_at"))
+			updatedFields := user.UpdateSsoFields("cas", ret.Nickname, ret.Phone, ret.Email)
+			ginx.Dangerous(user.Update(rt.Ctx, "update_at", updatedFields...))
 		}
 	} else {
-		now := time.Now().Unix()
-		user = &models.User{
-			Username: ret.Username,
-			Password: "******",
-			Nickname: ret.Nickname,
-			Portrait: "",
-			Roles:    strings.Join(rt.Sso.CAS.DefaultRoles, " "),
-			RolesLst: rt.Sso.CAS.DefaultRoles,
-			Contacts: []byte("{}"),
-			Phone:    ret.Phone,
-			Email:    ret.Email,
-			CreateAt: now,
-			UpdateAt: now,
-			CreateBy: "CAS",
-			UpdateBy: "CAS",
-		}
+		user = new(models.User)
+		user.FullSsoFields("cas", ret.Username, ret.Nickname, ret.Phone, ret.Email, rt.Sso.CAS.DefaultRoles)
 		// create user from cas
 		ginx.Dangerous(user.Add(rt.Ctx))
 	}
@@ -429,39 +429,12 @@ func (rt *Router) loginCallbackOAuth(c *gin.Context) {

 	if user != nil {
 		if rt.Sso.OAuth2.CoverAttributes {
-			if ret.Nickname != "" {
-				user.Nickname = ret.Nickname
-			}
-
-			if ret.Email != "" {
-				user.Email = ret.Email
-			}
-
-			if ret.Phone != "" {
-				user.Phone = ret.Phone
-			}
-
-			user.UpdateAt = time.Now().Unix()
-			user.Update(rt.Ctx, "email", "nickname", "phone", "update_at")
+			updatedFields := user.UpdateSsoFields("oauth2", ret.Nickname, ret.Phone, ret.Email)
+			ginx.Dangerous(user.Update(rt.Ctx, "update_at", updatedFields...))
 		}
 	} else {
-		now := time.Now().Unix()
-		user = &models.User{
-			Username: ret.Username,
-			Password: "******",
-			Nickname: ret.Nickname,
-			Phone:    ret.Phone,
-			Email:    ret.Email,
-			Portrait: "",
-			Roles:    strings.Join(rt.Sso.OAuth2.DefaultRoles, " "),
-			RolesLst: rt.Sso.OAuth2.DefaultRoles,
-			Contacts: []byte("{}"),
-			CreateAt: now,
-			UpdateAt: now,
-			CreateBy: "oauth2",
-			UpdateBy: "oauth2",
-		}
-
+		user = new(models.User)
+		user.FullSsoFields("oauth2", ret.Username, ret.Nickname, ret.Phone, ret.Email, rt.Sso.OAuth2.DefaultRoles)
 		// create user from oidc
 		ginx.Dangerous(user.Add(rt.Ctx))
 	}
@@ -492,10 +465,23 @@ type SsoConfigOutput struct {
 }

 func (rt *Router) ssoConfigNameGet(c *gin.Context) {
+	var oidcDisplayName, casDisplayName, oauthDisplayName string
+	if rt.Sso.OIDC != nil {
+		oidcDisplayName = rt.Sso.OIDC.GetDisplayName()
+	}
+
+	if rt.Sso.CAS != nil {
+		casDisplayName = rt.Sso.CAS.GetDisplayName()
+	}
+
+	if rt.Sso.OAuth2 != nil {
+		oauthDisplayName = rt.Sso.OAuth2.GetDisplayName()
+	}
+
 	ginx.NewRender(c).Data(SsoConfigOutput{
-		OidcDisplayName:  rt.Sso.OIDC.GetDisplayName(),
-		CasDisplayName:   rt.Sso.CAS.GetDisplayName(),
-		OauthDisplayName: rt.Sso.OAuth2.GetDisplayName(),
+		OidcDisplayName:  oidcDisplayName,
+		CasDisplayName:   casDisplayName,
+		OauthDisplayName: oauthDisplayName,
 	}, nil)
 }

@@ -520,8 +506,7 @@ func (rt *Router) ssoConfigUpdate(c *gin.Context) {
 		var config oidcx.Config
 		err := toml.Unmarshal([]byte(f.Content), &config)
 		ginx.Dangerous(err)
-
-		err = rt.Sso.OIDC.Reload(config)
+		rt.Sso.OIDC, err = oidcx.New(config)
 		ginx.Dangerous(err)
 	case "CAS":
 		var config cas.Config
@@ -537,3 +522,19 @@ func (rt *Router) ssoConfigUpdate(c *gin.Context) {

 	ginx.NewRender(c).Message(nil)
 }
+
+type RSAConfigOutput struct {
+	OpenRSA      bool
+	RSAPublicKey string
+}
+
+func (rt *Router) rsaConfigGet(c *gin.Context) {
+	publicKey := ""
+	if len(rt.HTTP.RSA.RSAPublicKey) > 0 {
+		publicKey = base64.StdEncoding.EncodeToString(rt.HTTP.RSA.RSAPublicKey)
+	}
+	ginx.NewRender(c).Data(RSAConfigOutput{
+		OpenRSA:      rt.HTTP.RSA.OpenRSA,
+		RSAPublicKey: publicKey,
+	}, nil)
+}
--- a/center/router/router_message_template.go
+++ b/center/router/router_message_template.go
@@ -0,0 +1,219 @@
+package router
+
+import (
+	"bytes"
+	"fmt"
+	"html/template"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/slice"
+	"github.com/ccfos/nightingale/v6/pkg/strx"
+	"github.com/ccfos/nightingale/v6/pkg/tplx"
+
+	"github.com/gin-gonic/gin"
+	"github.com/google/uuid"
+	"github.com/toolkits/pkg/ginx"
+)
+
+func (rt *Router) messageTemplatesAdd(c *gin.Context) {
+	var lst []*models.MessageTemplate
+	ginx.BindJSON(c, &lst)
+	if len(lst) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "input json is empty")
+	}
+
+	me := c.MustGet("user").(*models.User)
+	isAdmin := me.IsAdmin()
+	idents := make([]string, 0, len(lst))
+	gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+	ginx.Dangerous(err)
+	now := time.Now().Unix()
+	for _, tpl := range lst {
+		// 生成一个唯一的标识符，以后也不允许修改，前端不需要传这个参数
+		tpl.Ident = uuid.New().String()
+
+		ginx.Dangerous(tpl.Verify())
+		if !isAdmin && !slice.HaveIntersection(gids, tpl.UserGroupIds) {
+			ginx.Bomb(http.StatusForbidden, "forbidden")
+		}
+		idents = append(idents, tpl.Ident)
+
+		tpl.CreateBy = me.Username
+		tpl.CreateAt = now
+		tpl.UpdateBy = me.Username
+		tpl.UpdateAt = now
+	}
+
+	lstWithSameId, err := models.MessageTemplatesGet(rt.Ctx, "ident IN ?", idents)
+	ginx.Dangerous(err)
+	if len(lstWithSameId) > 0 {
+		ginx.Bomb(http.StatusBadRequest, "ident already exists")
+	}
+
+	ids := make([]int64, 0, len(lst))
+	for _, tpl := range lst {
+		err := models.Insert(rt.Ctx, tpl)
+		ginx.Dangerous(err)
+
+		ids = append(ids, tpl.ID)
+	}
+	ginx.NewRender(c).Data(ids, nil)
+}
+
+func (rt *Router) messageTemplatesDel(c *gin.Context) {
+	var f idsForm
+	ginx.BindJSON(c, &f)
+	f.Verify()
+
+	lst, err := models.MessageTemplatesGet(rt.Ctx, "id in (?)", f.Ids)
+	ginx.Dangerous(err)
+	notifyRuleIds, err := models.UsedByNotifyRule(rt.Ctx, models.MsgTplList(lst))
+	ginx.Dangerous(err)
+	if len(notifyRuleIds) > 0 {
+		ginx.NewRender(c).Message(fmt.Errorf("used by notify rule: %v", notifyRuleIds))
+		return
+	}
+	if me := c.MustGet("user").(*models.User); !me.IsAdmin() {
+		gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+		ginx.Dangerous(err)
+		for _, t := range lst {
+			if !slice.HaveIntersection(gids, t.UserGroupIds) {
+				ginx.Bomb(http.StatusForbidden, "forbidden")
+			}
+		}
+	}
+
+	ginx.NewRender(c).Message(models.DB(rt.Ctx).Delete(
+		&models.MessageTemplate{}, "id in (?)", f.Ids).Error)
+}
+
+func (rt *Router) messageTemplatePut(c *gin.Context) {
+	var f models.MessageTemplate
+	ginx.BindJSON(c, &f)
+
+	mt, err := models.MessageTemplateGet(rt.Ctx, "id <> ? and ident = ?", ginx.UrlParamInt64(c, "id"), f.Ident)
+	ginx.Dangerous(err)
+	if mt != nil {
+		ginx.Bomb(http.StatusBadRequest, "message template ident already exists")
+	}
+
+	mt, err = models.MessageTemplateGet(rt.Ctx, "id = ?", ginx.UrlParamInt64(c, "id"))
+	ginx.Dangerous(err)
+	if mt == nil {
+		ginx.Bomb(http.StatusNotFound, "message template not found")
+	}
+
+	me := c.MustGet("user").(*models.User)
+	if !me.IsAdmin() {
+		gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+		ginx.Dangerous(err)
+		if !slice.HaveIntersection(gids, mt.UserGroupIds) {
+			ginx.Bomb(http.StatusForbidden, "forbidden")
+		}
+	}
+
+	f.UpdateBy = me.Username
+	ginx.NewRender(c).Message(mt.Update(rt.Ctx, f))
+}
+
+func (rt *Router) messageTemplateGet(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+	gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+	ginx.Dangerous(err)
+
+	tid := ginx.UrlParamInt64(c, "id")
+	mt, err := models.MessageTemplateGet(rt.Ctx, "id = ?", tid)
+	ginx.Dangerous(err)
+	if mt == nil {
+		ginx.Bomb(http.StatusNotFound, "message template not found")
+	}
+	if mt.Private == 1 && !slice.HaveIntersection(gids, mt.UserGroupIds) {
+		ginx.Bomb(http.StatusForbidden, "forbidden")
+	}
+
+	ginx.NewRender(c).Data(mt, nil)
+}
+
+func (rt *Router) messageTemplatesGet(c *gin.Context) {
+	var notifyChannelIdents []string
+	if tmp := ginx.QueryStr(c, "notify_channel_idents", ""); tmp != "" {
+		notifyChannelIdents = strings.Split(tmp, ",")
+	}
+	notifyChannelIds := strx.IdsInt64ForAPI(ginx.QueryStr(c, "notify_channel_ids", ""))
+	if len(notifyChannelIds) > 0 {
+		ginx.Dangerous(models.DB(rt.Ctx).Model(models.NotifyChannelConfig{}).
+			Where("id in (?)", notifyChannelIds).Pluck("ident", &notifyChannelIdents).Error)
+	}
+
+	me := c.MustGet("user").(*models.User)
+	gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+	ginx.Dangerous(err)
+
+	lst, err := models.MessageTemplatesGetBy(rt.Ctx, notifyChannelIdents)
+	ginx.Dangerous(err)
+
+	if me.IsAdmin() {
+		ginx.NewRender(c).Data(lst, nil)
+		return
+	}
+
+	res := make([]*models.MessageTemplate, 0)
+	for _, t := range lst {
+		if slice.HaveIntersection[int64](gids, t.UserGroupIds) || t.Private == 0 {
+			res = append(res, t)
+		}
+	}
+	ginx.NewRender(c).Data(res, nil)
+}
+
+type evtMsgReq struct {
+	EventIds []int64 `json:"event_ids"`
+	Tpl      struct {
+		Content map[string]string `json:"content"`
+	} `json:"tpl"`
+}
+
+func (rt *Router) eventsMessage(c *gin.Context) {
+	var req evtMsgReq
+	ginx.BindJSON(c, &req)
+
+	hisEvents, err := models.AlertHisEventGetByIds(rt.Ctx, req.EventIds)
+	ginx.Dangerous(err)
+
+	if len(hisEvents) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "event not found")
+	}
+
+	ginx.Dangerous(err)
+	events := make([]*models.AlertCurEvent, len(hisEvents))
+	for i, he := range hisEvents {
+		events[i] = he.ToCur()
+	}
+
+	var defs = []string{
+		"{{$events := .}}",
+		"{{$event := index . 0}}",
+	}
+	ret := make(map[string]string, len(req.Tpl.Content))
+	for k, v := range req.Tpl.Content {
+		text := strings.Join(append(defs, v), "")
+		tpl, err := template.New(k).Funcs(tplx.TemplateFuncMap).Parse(text)
+		if err != nil {
+			ret[k] = err.Error()
+			continue
+		}
+
+		var buf bytes.Buffer
+		err = tpl.Execute(&buf, events)
+		if err != nil {
+			ret[k] = err.Error()
+			continue
+		}
+
+		ret[k] = buf.String()
+	}
+	ginx.NewRender(c).Data(ret, nil)
+}
--- a/center/router/router_mute.go
+++ b/center/router/router_mute.go
@@ -5,10 +5,14 @@ import (
 	"strings"
 	"time"

+	"github.com/ccfos/nightingale/v6/alert/common"
+	"github.com/ccfos/nightingale/v6/alert/mute"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/i18n"
 )

 // Return all, front-end search and paging
@@ -19,31 +23,131 @@ func (rt *Router) alertMuteGetsByBG(c *gin.Context) {
 	ginx.NewRender(c).Data(lst, err)
 }

+func (rt *Router) alertMuteGetsByGids(c *gin.Context) {
+	gids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "gids", ""), ",")
+	if len(gids) > 0 {
+		for _, gid := range gids {
+			rt.bgroCheck(c, gid)
+		}
+	} else {
+		me := c.MustGet("user").(*models.User)
+		if !me.IsAdmin() {
+			var err error
+			gids, err = models.MyBusiGroupIds(rt.Ctx, me.Id)
+			ginx.Dangerous(err)
+
+			if len(gids) == 0 {
+				ginx.NewRender(c).Data([]int{}, nil)
+				return
+			}
+		}
+	}
+
+	lst, err := models.AlertMuteGetsByBGIds(rt.Ctx, gids)
+
+	ginx.NewRender(c).Data(lst, err)
+}
+
 func (rt *Router) alertMuteGets(c *gin.Context) {
 	prods := strings.Fields(ginx.QueryStr(c, "prods", ""))
-	bgid := ginx.QueryInt64(c, "bgid", 0)
+	bgid := ginx.QueryInt64(c, "bgid", -1)
 	query := ginx.QueryStr(c, "query", "")
-	lst, err := models.AlertMuteGets(rt.Ctx, prods, bgid, query)
+	disabled := ginx.QueryInt(c, "disabled", -1)
+	lst, err := models.AlertMuteGets(rt.Ctx, prods, bgid, disabled, query)

 	ginx.NewRender(c).Data(lst, err)
 }

 func (rt *Router) alertMuteAdd(c *gin.Context) {
+
 	var f models.AlertMute
 	ginx.BindJSON(c, &f)

 	username := c.MustGet("username").(string)
 	f.CreateBy = username
+	f.UpdateBy = username
 	f.GroupId = ginx.UrlParamInt64(c, "id")
-
 	ginx.NewRender(c).Message(f.Add(rt.Ctx))
 }

+type MuteTestForm struct {
+	EventId       int64            `json:"event_id" binding:"required"`
+	AlertMute     models.AlertMute `json:"config" binding:"required"`
+	PassTimeCheck bool             `json:"pass_time_check"`
+}
+
+func (rt *Router) alertMuteTryRun(c *gin.Context) {
+	var f MuteTestForm
+	ginx.BindJSON(c, &f)
+	ginx.Dangerous(f.AlertMute.Verify())
+
+	hisEvent, err := models.AlertHisEventGetById(rt.Ctx, f.EventId)
+	ginx.Dangerous(err)
+
+	if hisEvent == nil {
+		ginx.Bomb(http.StatusNotFound, "event not found")
+	}
+
+	curEvent := *hisEvent.ToCur()
+	curEvent.SetTagsMap()
+
+	if f.PassTimeCheck {
+		f.AlertMute.MuteTimeType = models.Periodic
+		f.AlertMute.PeriodicMutesJson = []models.PeriodicMute{
+			{
+				EnableDaysOfWeek: "0 1 2 3 4 5 6",
+				EnableStime:      "00:00",
+				EnableEtime:      "00:00",
+			},
+		}
+	}
+
+	match, err := mute.MatchMute(&curEvent, &f.AlertMute)
+	if err != nil {
+		// 对错误信息进行 i18n 翻译
+		translatedErr := i18n.Sprintf(c.GetHeader("X-Language"), err.Error())
+		ginx.Bomb(http.StatusBadRequest, translatedErr)
+	}
+
+	if !match {
+		ginx.NewRender(c).Data("event not match mute", nil)
+		return
+	}
+
+	ginx.NewRender(c).Data("event match mute", nil)
+}
+
+// Preview events (alert_cur_event) that match the mute strategy based on the following criteria:
+// business group ID (group_id, group_id), product (prod, rule_prod),
+// alert event severity (severities, severity), and event tags (tags, tags).
+// For products of type not 'host', also consider the category (cate, cate) and datasource ID (datasource_ids, datasource_id).
+func (rt *Router) alertMutePreview(c *gin.Context) {
+	//Generally the match of events would be less.
+
+	var f models.AlertMute
+	ginx.BindJSON(c, &f)
+	f.GroupId = ginx.UrlParamInt64(c, "id")
+	ginx.Dangerous(f.Verify()) //verify and parse tags json to ITags
+	events, err := models.AlertCurEventGetsFromAlertMute(rt.Ctx, &f)
+	ginx.Dangerous(err)
+
+	matchEvents := make([]*models.AlertCurEvent, 0, len(events))
+	for i := 0; i < len(events); i++ {
+		events[i].DB2Mem()
+		if common.MatchTags(events[i].TagsMap, f.ITags) {
+			matchEvents = append(matchEvents, events[i])
+		}
+	}
+	ginx.NewRender(c).Data(matchEvents, err)
+
+}
+
 func (rt *Router) alertMuteAddByService(c *gin.Context) {
 	var f models.AlertMute
 	ginx.BindJSON(c, &f)

-	ginx.NewRender(c).Message(f.Add(rt.Ctx))
+	err := f.Add(rt.Ctx)
+	ginx.NewRender(c).Data(f.Id, err)
 }

 func (rt *Router) alertMuteDel(c *gin.Context) {
@@ -54,6 +158,14 @@ func (rt *Router) alertMuteDel(c *gin.Context) {
 	ginx.NewRender(c).Message(models.AlertMuteDel(rt.Ctx, f.Ids))
 }

+// alertMuteGet returns the alert mute by ID
+func (rt *Router) alertMuteGet(c *gin.Context) {
+	amid := ginx.UrlParamInt64(c, "amid")
+	am, err := models.AlertMuteGetById(rt.Ctx, amid)
+	am.DB2FE()
+	ginx.NewRender(c).Data(am, err)
+}
+
 func (rt *Router) alertMutePutByFE(c *gin.Context) {
 	var f models.AlertMute
 	ginx.BindJSON(c, &f)
--- a/center/router/router_mw.go
+++ b/center/router/router_mw.go
@@ -9,6 +9,7 @@ import (
 	"strings"
 	"time"

+	"github.com/ccfos/nightingale/v6/center/cstats"
 	"github.com/ccfos/nightingale/v6/models"

 	"github.com/gin-gonic/gin"
@@ -17,6 +18,10 @@ import (
 	"github.com/toolkits/pkg/ginx"
 )

+const (
+	DefaultTokenKey = "X-User-Token"
+)
+
 type AccessDetails struct {
 	AccessUuid   string
 	UserIdentity string
@@ -62,8 +67,29 @@ func (rt *Router) proxyAuth() gin.HandlerFunc {
 	}
 }

-func (rt *Router) jwtAuth() gin.HandlerFunc {
+// tokenAuth 支持两种方式的认证，固定 token 和 jwt token
+// 因为不太好区分用户使用哪个方式，所以两种方式放在一个中间件里
+func (rt *Router) tokenAuth() gin.HandlerFunc {
 	return func(c *gin.Context) {
+		// 先验证固定 token
+		if rt.HTTP.TokenAuth.Enable {
+			tokenKey := rt.HTTP.TokenAuth.HeaderUserTokenKey
+			if tokenKey == "" {
+				tokenKey = DefaultTokenKey
+			}
+			token := c.GetHeader(tokenKey)
+			if token != "" {
+				user := rt.UserTokenCache.GetByToken(token)
+				if user != nil && user.Username != "" {
+					c.Set("userid", user.Id)
+					c.Set("username", user.Username)
+					c.Next()
+					return
+				}
+			}
+		}
+
+		// 再验证 jwt token
 		metadata, err := rt.extractTokenMetadata(c.Request)
 		if err != nil {
 			ginx.Bomb(http.StatusUnauthorized, "unauthorized")
@@ -92,11 +118,15 @@ func (rt *Router) jwtAuth() gin.HandlerFunc {
 	}
 }

+func (rt *Router) Auth() gin.HandlerFunc {
+	return rt.auth()
+}
+
 func (rt *Router) auth() gin.HandlerFunc {
 	if rt.HTTP.ProxyAuth.Enable {
 		return rt.proxyAuth()
 	} else {
-		return rt.jwtAuth()
+		return rt.tokenAuth()
 	}
 }

@@ -120,11 +150,15 @@ func (rt *Router) jwtMock() gin.HandlerFunc {
 	}
 }

+func (rt *Router) User() gin.HandlerFunc {
+	return rt.user()
+}
+
 func (rt *Router) user() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		userid := c.MustGet("userid").(int64)
+		username := c.MustGet("username").(string)

-		user, err := models.UserGetById(rt.Ctx, userid)
+		user, err := models.UserGetByUsername(rt.Ctx, username)
 		if err != nil {
 			ginx.Bomb(http.StatusUnauthorized, "unauthorized")
 		}
@@ -135,6 +169,8 @@ func (rt *Router) user() gin.HandlerFunc {

 		c.Set("user", user)
 		c.Set("isadmin", user.IsAdmin())
+		// Update user.LastActiveTime
+		rt.UserCache.SetLastActiveTime(user.Id, time.Now().Unix())
 		c.Next()
 	}
 }
@@ -174,6 +210,10 @@ func (rt *Router) bgro() gin.HandlerFunc {
 }

 // bgrw 逐步要被干掉，不安全
+func (rt *Router) Bgrw() gin.HandlerFunc {
+	return rt.bgrw()
+}
+
 func (rt *Router) bgrw() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		me := c.MustGet("user").(*models.User)
@@ -233,6 +273,10 @@ func (rt *Router) bgroCheck(c *gin.Context, bgid int64) {
 	c.Set("busi_group", bg)
 }

+func (rt *Router) Perm(operation string) gin.HandlerFunc {
+	return rt.perm(operation)
+}
+
 func (rt *Router) perm(operation string) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		me := c.MustGet("user").(*models.User)
@@ -292,6 +336,12 @@ func (rt *Router) extractTokenMetadata(r *http.Request) (*AccessDetails, error)
 			return nil, errors.New("failed to parse access_uuid from jwt")
 		}

+		// accessUuid 在 redis 里存在才放行
+		val, err := rt.fetchAuth(r.Context(), accessUuid)
+		if err != nil || val == "" {
+			return nil, errors.New("unauthorized")
+		}
+
 		return &AccessDetails{
 			AccessUuid:   accessUuid,
 			UserIdentity: claims["user_identity"].(string),
@@ -312,29 +362,72 @@ func (rt *Router) extractToken(r *http.Request) string {
 }

 func (rt *Router) createAuth(ctx context.Context, userIdentity string, td *TokenDetails) error {
+	username := strings.Split(userIdentity, "-")[1]
+
+	// 如果只能有一个账号登录，那么就删除之前的 token
+	if rt.HTTP.JWTAuth.SingleLogin {
+		delKeys, err := rt.Redis.SMembers(ctx, rt.wrapJwtKey(username)).Result()
+		if err != nil {
+			return err
+		}
+
+		if len(delKeys) > 0 {
+			errDel := rt.Redis.Del(ctx, delKeys...).Err()
+			if errDel != nil {
+				return errDel
+			}
+		}
+
+		if errDel := rt.Redis.Del(ctx, rt.wrapJwtKey(username)).Err(); errDel != nil {
+			return errDel
+		}
+	}
+
 	at := time.Unix(td.AtExpires, 0)
 	rte := time.Unix(td.RtExpires, 0)
 	now := time.Now()

-	errAccess := rt.Redis.Set(ctx, rt.wrapJwtKey(td.AccessUuid), userIdentity, at.Sub(now)).Err()
-	if errAccess != nil {
-		return errAccess
+	if err := rt.Redis.Set(ctx, rt.wrapJwtKey(td.AccessUuid), userIdentity, at.Sub(now)).Err(); err != nil {
+		cstats.RedisOperationLatency.WithLabelValues("set_token", "fail").Observe(time.Since(now).Seconds())
+		return err
 	}

-	errRefresh := rt.Redis.Set(ctx, rt.wrapJwtKey(td.RefreshUuid), userIdentity, rte.Sub(now)).Err()
-	if errRefresh != nil {
-		return errRefresh
+	if err := rt.Redis.Set(ctx, rt.wrapJwtKey(td.RefreshUuid), userIdentity, rte.Sub(now)).Err(); err != nil {
+		cstats.RedisOperationLatency.WithLabelValues("set_token", "fail").Observe(time.Since(now).Seconds())
+		return err
+	}
+
+	cstats.RedisOperationLatency.WithLabelValues("set_token", "success").Observe(time.Since(now).Seconds())
+
+	if rt.HTTP.JWTAuth.SingleLogin {
+		if err := rt.Redis.SAdd(ctx, rt.wrapJwtKey(username), rt.wrapJwtKey(td.AccessUuid), rt.wrapJwtKey(td.RefreshUuid)).Err(); err != nil {
+			return err
+		}
 	}

 	return nil
 }

 func (rt *Router) fetchAuth(ctx context.Context, givenUuid string) (string, error) {
-	return rt.Redis.Get(ctx, rt.wrapJwtKey(givenUuid)).Result()
+	now := time.Now()
+	ret, err := rt.Redis.Get(ctx, rt.wrapJwtKey(givenUuid)).Result()
+	if err != nil {
+		cstats.RedisOperationLatency.WithLabelValues("get_token", "fail").Observe(time.Since(now).Seconds())
+	} else {
+		cstats.RedisOperationLatency.WithLabelValues("get_token", "success").Observe(time.Since(now).Seconds())
+	}
+
+	return ret, err
 }

 func (rt *Router) deleteAuth(ctx context.Context, givenUuid string) error {
-	return rt.Redis.Del(ctx, rt.wrapJwtKey(givenUuid)).Err()
+	err := rt.Redis.Del(ctx, rt.wrapJwtKey(givenUuid)).Err()
+	if err != nil {
+		cstats.RedisOperationLatency.WithLabelValues("del_token", "fail").Observe(time.Since(time.Now()).Seconds())
+	} else {
+		cstats.RedisOperationLatency.WithLabelValues("del_token", "success").Observe(time.Since(time.Now()).Seconds())
+	}
+	return err
 }

 func (rt *Router) deleteTokens(ctx context.Context, authD *AccessDetails) error {
--- a/center/router/router_notification_record.go
+++ b/center/router/router_notification_record.go
@@ -0,0 +1,206 @@
+package router
+
+import (
+	"strings"
+
+	"github.com/ccfos/nightingale/v6/alert/sender"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/logger"
+)
+
+type NotificationResponse struct {
+	SubRules []SubRule           `json:"sub_rules"`
+	Notifies map[string][]Record `json:"notifies"`
+}
+
+type SubRule struct {
+	SubID        int64               `json:"sub_id"`
+	NotifyRuleId int64               `json:"notify_rule_id"`
+	Notifies     map[string][]Record `json:"notifies"`
+}
+
+type Record struct {
+	NotifyRuleId int64  `json:"notify_rule_id"`
+	Target       string `json:"target"`
+	Username     string `json:"username"`
+	Status       int    `json:"status"`
+	Detail       string `json:"detail"`
+}
+
+// notificationRecordAdd
+func (rt *Router) notificationRecordAdd(c *gin.Context) {
+	var req []*models.NotificaitonRecord
+	ginx.BindJSON(c, &req)
+	err := sender.PushNotifyRecords(req)
+	ginx.Dangerous(err, 429)
+
+	ginx.NewRender(c).Data(nil, err)
+}
+
+func (rt *Router) notificationRecordList(c *gin.Context) {
+	eid := ginx.UrlParamInt64(c, "eid")
+	lst, err := models.NotificaitonRecordsGetByEventId(rt.Ctx, eid)
+	ginx.Dangerous(err)
+
+	response := buildNotificationResponse(rt.Ctx, lst)
+	ginx.NewRender(c).Data(response, nil)
+}
+
+func buildNotificationResponse(ctx *ctx.Context, nl []*models.NotificaitonRecord) NotificationResponse {
+	response := NotificationResponse{
+		SubRules: []SubRule{},
+		Notifies: make(map[string][]Record),
+	}
+
+	subRuleMap := make(map[int64]*SubRule)
+
+	// Collect all group IDs
+	groupIdSet := make(map[int64]struct{})
+
+	// map[SubId]map[Channel]map[Target]index
+	filter := make(map[int64]map[string]map[string]int)
+
+	for i, n := range nl {
+		// 对相同的 channel-target 进行合并
+		for _, gid := range n.GetGroupIds(ctx) {
+			groupIdSet[gid] = struct{}{}
+		}
+
+		if _, exists := filter[n.SubId]; !exists {
+			filter[n.SubId] = make(map[string]map[string]int)
+		}
+
+		if _, exists := filter[n.SubId][n.Channel]; !exists {
+			filter[n.SubId][n.Channel] = make(map[string]int)
+		}
+
+		idx, exists := filter[n.SubId][n.Channel][n.Target]
+		if !exists {
+			filter[n.SubId][n.Channel][n.Target] = i
+		} else {
+			if nl[idx].Status < n.Status {
+				nl[idx].Status = n.Status
+			}
+			nl[idx].Details = nl[idx].Details + ", " + n.Details
+			nl[i] = nil
+		}
+
+	}
+
+	// Fill usernames only once
+	usernameByTarget := fillUserNames(ctx, groupIdSet)
+
+	for _, n := range nl {
+		if n == nil {
+			continue
+		}
+
+		m := usernameByTarget[n.Target]
+		usernames := make([]string, 0, len(m))
+		for k := range m {
+			usernames = append(usernames, k)
+		}
+
+		if !checkChannel(n.Channel) {
+			// Hide sensitive information
+			n.Target = replaceLastEightChars(n.Target)
+		}
+		record := Record{
+			Target:       n.Target,
+			Status:       n.Status,
+			Detail:       n.Details,
+			NotifyRuleId: n.NotifyRuleID,
+		}
+
+		record.Username = strings.Join(usernames, ",")
+
+		if n.SubId > 0 {
+			// Handle SubRules
+			subRule, ok := subRuleMap[n.SubId]
+			if !ok {
+				newSubRule := &SubRule{
+					NotifyRuleId: n.NotifyRuleID,
+					SubID:        n.SubId,
+				}
+				newSubRule.Notifies = make(map[string][]Record)
+				newSubRule.Notifies[n.Channel] = []Record{record}
+
+				subRuleMap[n.SubId] = newSubRule
+			} else {
+				if _, exists := subRule.Notifies[n.Channel]; !exists {
+
+					subRule.Notifies[n.Channel] = []Record{record}
+				} else {
+					subRule.Notifies[n.Channel] = append(subRule.Notifies[n.Channel], record)
+				}
+			}
+			continue
+		}
+
+		if response.Notifies == nil {
+			response.Notifies = make(map[string][]Record)
+		}
+
+		if _, exists := response.Notifies[n.Channel]; !exists {
+			response.Notifies[n.Channel] = []Record{record}
+		} else {
+			response.Notifies[n.Channel] = append(response.Notifies[n.Channel], record)
+		}
+	}
+
+	for _, subRule := range subRuleMap {
+		response.SubRules = append(response.SubRules, *subRule)
+	}
+
+	return response
+}
+
+// check channel is one of the following:  tx-sms, tx-voice, ali-sms, ali-voice, email, script
+func checkChannel(channel string) bool {
+	switch channel {
+	case "tx-sms", "tx-voice", "ali-sms", "ali-voice", "email", "script":
+		return true
+	}
+	return false
+}
+
+func replaceLastEightChars(s string) string {
+	if len(s) <= 8 {
+		return strings.Repeat("*", len(s))
+	}
+	return s[:len(s)-8] + strings.Repeat("*", 8)
+}
+
+func fillUserNames(ctx *ctx.Context, groupIdSet map[int64]struct{}) map[string]map[string]struct{} {
+	userNameByTarget := make(map[string]map[string]struct{})
+
+	gids := make([]int64, 0, len(groupIdSet))
+	for gid := range groupIdSet {
+		gids = append(gids, gid)
+	}
+
+	users, err := models.UsersGetByGroupIds(ctx, gids)
+	if err != nil {
+		logger.Errorf("UsersGetByGroupIds failed, err: %v", err)
+		return userNameByTarget
+	}
+
+	for _, user := range users {
+		logger.Warningf("user: %s", user.Username)
+		for _, ch := range models.DefaultChannels {
+			target, exist := user.ExtractToken(ch)
+			if exist {
+				if _, ok := userNameByTarget[target]; !ok {
+					userNameByTarget[target] = make(map[string]struct{})
+				}
+				userNameByTarget[target][user.Username] = struct{}{}
+			}
+		}
+	}
+
+	return userNameByTarget
+}
--- a/center/router/router_notify_channel.go
+++ b/center/router/router_notify_channel.go
@@ -0,0 +1,268 @@
+package router
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"sort"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+)
+
+func (rt *Router) notifyChannelsAdd(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+
+	var lst []*models.NotifyChannelConfig
+	ginx.BindJSON(c, &lst)
+	if len(lst) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "input json is empty")
+	}
+
+	names := make([]string, 0, len(lst))
+	for i := range lst {
+		ginx.Dangerous(lst[i].Verify())
+		names = append(names, lst[i].Name)
+
+		lst[i].CreateBy = me.Username
+		lst[i].CreateAt = time.Now().Unix()
+		lst[i].UpdateBy = me.Username
+		lst[i].UpdateAt = time.Now().Unix()
+	}
+
+	lstWithSameName, err := models.NotifyChannelsGet(rt.Ctx, "name IN ?", names)
+	ginx.Dangerous(err)
+	if len(lstWithSameName) > 0 {
+		ginx.Bomb(http.StatusBadRequest, "name already exists")
+	}
+
+	ids := make([]int64, 0, len(lst))
+	for _, item := range lst {
+		err := models.Insert(rt.Ctx, item)
+		ginx.Dangerous(err)
+
+		ids = append(ids, item.ID)
+	}
+	ginx.NewRender(c).Data(ids, nil)
+}
+
+func (rt *Router) notifyChannelsDel(c *gin.Context) {
+	var f idsForm
+	ginx.BindJSON(c, &f)
+	f.Verify()
+
+	lst, err := models.NotifyChannelsGet(rt.Ctx, "id in (?)", f.Ids)
+	ginx.Dangerous(err)
+	notifyRuleIds, err := models.UsedByNotifyRule(rt.Ctx, models.NotiChList(lst))
+	ginx.Dangerous(err)
+	if len(notifyRuleIds) > 0 {
+		ginx.NewRender(c).Message(fmt.Errorf("used by notify rule: %v", notifyRuleIds))
+		return
+	}
+
+	ginx.NewRender(c).Message(models.DB(rt.Ctx).
+		Delete(&models.NotifyChannelConfig{}, "id in (?)", f.Ids).Error)
+}
+
+func (rt *Router) notifyChannelPut(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+
+	var f models.NotifyChannelConfig
+	ginx.BindJSON(c, &f)
+
+	lstWithSameName, err := models.NotifyChannelsGet(rt.Ctx, "name = ? and id <> ?", f.Name, f.ID)
+	ginx.Dangerous(err)
+	if len(lstWithSameName) > 0 {
+		ginx.Bomb(http.StatusBadRequest, "name already exists")
+	}
+
+	nc, err := models.NotifyChannelGet(rt.Ctx, "id = ?", ginx.UrlParamInt64(c, "id"))
+	ginx.Dangerous(err)
+	if nc == nil {
+		ginx.Bomb(http.StatusNotFound, "notify channel not found")
+	}
+
+	f.UpdateBy = me.Username
+	ginx.NewRender(c).Message(nc.Update(rt.Ctx, f))
+}
+
+func (rt *Router) notifyChannelGet(c *gin.Context) {
+	cid := ginx.UrlParamInt64(c, "id")
+	nc, err := models.NotifyChannelGet(rt.Ctx, "id = ?", cid)
+	ginx.Dangerous(err)
+	if nc == nil {
+		ginx.Bomb(http.StatusNotFound, "notify channel not found")
+	}
+
+	ginx.NewRender(c).Data(nc, nil)
+}
+
+func (rt *Router) notifyChannelGetBy(c *gin.Context) {
+	ident := ginx.QueryStr(c, "ident")
+	nc, err := models.NotifyChannelGet(rt.Ctx, "ident = ?", ident)
+	ginx.Dangerous(err)
+	if nc == nil {
+		ginx.Bomb(http.StatusNotFound, "notify channel not found")
+	}
+
+	nc.ParamConfig = &models.NotifyParamConfig{}
+	nc.RequestConfig = &models.RequestConfig{}
+
+	ginx.NewRender(c).Data(nc, nil)
+}
+
+func (rt *Router) notifyChannelsGet(c *gin.Context) {
+	lst, err := models.NotifyChannelsGet(rt.Ctx, "", nil)
+	ginx.NewRender(c).Data(lst, err)
+}
+
+func (rt *Router) notifyChannelsGetForNormalUser(c *gin.Context) {
+	lst, err := models.NotifyChannelsGet(rt.Ctx, "")
+	ginx.Dangerous(err)
+
+	newLst := make([]*models.NotifyChannelConfig, 0, len(lst))
+	for _, c := range lst {
+		newLst = append(newLst, &models.NotifyChannelConfig{
+			ID:          c.ID,
+			Name:        c.Name,
+			Ident:       c.Ident,
+			Enable:      c.Enable,
+			RequestType: c.RequestType,
+			ParamConfig: c.ParamConfig,
+		})
+	}
+	ginx.NewRender(c).Data(newLst, nil)
+}
+
+func (rt *Router) notifyChannelIdentsGet(c *gin.Context) {
+	// 获取所有通知渠道
+	channels, err := models.NotifyChannelsGet(rt.Ctx, "", nil)
+	ginx.Dangerous(err)
+
+	// ident 去重
+	idents := make(map[string]struct{})
+	for _, channel := range channels {
+		if channel.Ident != "" {
+			idents[channel.Ident] = struct{}{}
+		}
+	}
+
+	lst := make([]string, 0, len(idents))
+	for ident := range idents {
+		lst = append(lst, ident)
+	}
+
+	sort.Strings(lst)
+
+	ginx.NewRender(c).Data(lst, nil)
+}
+
+type flushDutyChannelsResponse struct {
+	Error struct {
+		Code    string `json:"code"`
+		Message string `json:"message"`
+	} `json:"error"`
+	Data struct {
+		Items []struct {
+			ChannelID   int    `json:"channel_id"`
+			ChannelName string `json:"channel_name"`
+			Status      string `json:"status"`
+		} `json:"items"`
+		Total int `json:"total"`
+	} `json:"data"`
+}
+
+func (rt *Router) flashDutyNotifyChannelsGet(c *gin.Context) {
+	cid := ginx.UrlParamInt64(c, "id")
+	nc, err := models.NotifyChannelGet(rt.Ctx, "id = ?", cid)
+	ginx.Dangerous(err)
+	if nc == nil {
+		ginx.Bomb(http.StatusNotFound, "notify channel not found")
+	}
+
+	configs, err := models.ConfigsSelectByCkey(rt.Ctx, "flashduty_app_key")
+	if err != nil {
+		ginx.Bomb(http.StatusInternalServerError, "failed to get flashduty app key")
+	}
+
+	jsonData := []byte("{}")
+	if len(configs) > 0 {
+		me := c.MustGet("user").(*models.User)
+		jsonData = []byte(fmt.Sprintf(`{"member_name":"%s","email":"%s","phone":"%s"}`, me.Username, me.Email, me.Phone))
+	}
+
+	items, err := getFlashDutyChannels(nc.RequestConfig.FlashDutyRequestConfig.IntegrationUrl, jsonData)
+	ginx.Dangerous(err)
+
+	ginx.NewRender(c).Data(items, nil)
+}
+
+// getFlashDutyChannels 从FlashDuty API获取频道列表
+func getFlashDutyChannels(integrationUrl string, jsonData []byte) ([]struct {
+	ChannelID   int    `json:"channel_id"`
+	ChannelName string `json:"channel_name"`
+	Status      string `json:"status"`
+}, error) {
+	// 解析URL，提取baseUrl和参数
+	baseUrl, integrationKey, err := parseIntegrationUrl(integrationUrl)
+	if err != nil {
+		return nil, err
+	}
+
+	if integrationKey == "" {
+		return nil, fmt.Errorf("integration_key not found in URL")
+	}
+
+	// 构建新的API URL，保持原始路径
+	url := fmt.Sprintf("%s/channel/list-by-integration?integration_key=%s", baseUrl, integrationKey)
+
+	req, err := http.NewRequest("POST", url, bytes.NewBuffer(jsonData))
+	if err != nil {
+		return nil, err
+	}
+
+	req.Header.Set("Content-Type", "application/json")
+	httpResp, err := (&http.Client{}).Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer httpResp.Body.Close()
+
+	body, err := io.ReadAll(httpResp.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	var res flushDutyChannelsResponse
+	if err := json.Unmarshal(body, &res); err != nil {
+		return nil, err
+	}
+
+	if res.Error.Message != "" {
+		return nil, fmt.Errorf(res.Error.Message)
+	}
+
+	return res.Data.Items, nil
+}
+
+// parseIntegrationUrl 从URL中提取baseUrl和参数
+func parseIntegrationUrl(urlStr string) (baseUrl string, integrationKey string, err error) {
+	// 解析URL
+	parsedUrl, err := url.Parse(urlStr)
+	if err != nil {
+		return "", "", err
+	}
+
+	host := fmt.Sprintf("%s://%s", parsedUrl.Scheme, parsedUrl.Host)
+
+	// 提取查询参数
+	queryParams := parsedUrl.Query()
+	integrationKey = queryParams.Get("integration_key")
+
+	return host, integrationKey, nil
+}
--- a/Show More
+++ b/Show More