code refactor

feat: support postgresql alert (#2732 )
Merge branch 'main' of https://github.com/ccfos/nightingale
2026-03-02 22:19:10 +00:00 · 2025-06-12 10:55:15 +08:00 · 2025-06-11 17:43:34 +08:00 · 2025-06-11 11:50:47 +08:00 · 2025-06-11 11:50:37 +08:00 · 2025-06-11 11:37:18 +08:00
347 changed files with 55969 additions and 15831 deletions
--- a/.github/workflows/n9e.yml
+++ b/.github/workflows/n9e.yml
@@ -5,7 +5,7 @@ on:
    tags:
      - 'v*'
 env:
-  GO_VERSION: 1.18
+  GO_VERSION: 1.23

 jobs:
  goreleaser:
--- a/.gitignore
+++ b/.gitignore
@@ -9,6 +9,7 @@
 *.o
 *.a
 *.so
+*.db
 *.sw[po]
 *.tar.gz
 *.[568vq]
@@ -64,3 +65,7 @@ queries.active

 /n9e-*
 n9e.sql
+
+!/datasource
+
+.env.json
--- a/634
+++ b/634
@@ -1,433 +1,201 @@
-                              Apache License
- 
-                        Version 2.0, January 2004
- 
-                     http://www.apache.org/licenses/
- 
- 
- 
- 
-TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
- 
- 
- 
- 
-1. Definitions.
- 
- 
- 
- 
-   "License" shall mean the terms and conditions for use, reproduction,
- 
-   and distribution as defined by Sections 1 through 9 of this document.
- 
- 
- 
- 
-   "Licensor" shall mean the copyright owner or entity authorized by
- 
-   the copyright owner that is granting the License.
- 
- 
- 
- 
-   "Legal Entity" shall mean the union of the acting entity and all
- 
-   other entities that control, are controlled by, or are under common
- 
-   control with that entity. For the purposes of this definition,
- 
-   "control" means (i) the power, direct or indirect, to cause the
- 
-   direction or management of such entity, whether by contract or
- 
-   otherwise, or (ii) ownership of fifty percent (50%) or more of the
- 
-   outstanding shares, or (iii) beneficial ownership of such entity.
- 
- 
- 
- 
-   "You" (or "Your") shall mean an individual or Legal Entity
- 
-   exercising permissions granted by this License.
- 
- 
- 
- 
-   "Source" form shall mean the preferred form for making modifications,
- 
-   including but not limited to software source code, documentation
- 
-   source, and configuration files.
- 
- 
- 
- 
-   "Object" form shall mean any form resulting from mechanical
- 
-   transformation or translation of a Source form, including but
- 
-   not limited to compiled object code, generated documentation,
- 
-   and conversions to other media types.
- 
- 
- 
- 
-   "Work" shall mean the work of authorship, whether in Source or
- 
-   Object form, made available under the License, as indicated by a
- 
-   copyright notice that is included in or attached to the work
- 
-   (an example is provided in the Appendix below).
- 
- 
- 
- 
-   "Derivative Works" shall mean any work, whether in Source or Object
- 
-   form, that is based on (or derived from) the Work and for which the
- 
-   editorial revisions, annotations, elaborations, or other modifications
- 
-   represent, as a whole, an original work of authorship. For the purposes
- 
-   of this License, Derivative Works shall not include works that remain
- 
-   separable from, or merely link (or bind by name) to the interfaces of,
- 
-   the Work and Derivative Works thereof.
- 
- 
- 
- 
-   "Contribution" shall mean any work of authorship, including
- 
-   the original version of the Work and any modifications or additions
- 
-   to that Work or Derivative Works thereof, that is intentionally
- 
-   submitted to Licensor for inclusion in the Work by the copyright owner
- 
-   or by an individual or Legal Entity authorized to submit on behalf of
- 
-   the copyright owner. For the purposes of this definition, "submitted"
- 
-   means any form of electronic, verbal, or written communication sent
- 
-   to the Licensor or its representatives, including but not limited to
- 
-   communication on electronic mailing lists, source code control systems,
- 
-   and issue tracking systems that are managed by, or on behalf of, the
- 
-   Licensor for the purpose of discussing and improving the Work, but
- 
-   excluding communication that is conspicuously marked or otherwise
- 
-   designated in writing by the copyright owner as "Not a Contribution."
- 
- 
- 
- 
-   "Contributor" shall mean Licensor and any individual or Legal Entity
- 
-   on behalf of whom a Contribution has been received by Licensor and
- 
-   subsequently incorporated within the Work.
- 
- 
- 
- 
-2. Grant of Copyright License. Subject to the terms and conditions of
- 
-   this License, each Contributor hereby grants to You a perpetual,
- 
-   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- 
-   copyright license to reproduce, prepare Derivative Works of,
- 
-   publicly display, publicly perform, sublicense, and distribute the
- 
-   Work and such Derivative Works in Source or Object form.
- 
- 
- 
- 
-3. Grant of Patent License. Subject to the terms and conditions of
- 
-   this License, each Contributor hereby grants to You a perpetual,
- 
-   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- 
-   (except as stated in this section) patent license to make, have made,
- 
-   use, offer to sell, sell, import, and otherwise transfer the Work,
- 
-   where such license applies only to those patent claims licensable
- 
-   by such Contributor that are necessarily infringed by their
- 
-   Contribution(s) alone or by combination of their Contribution(s)
- 
-   with the Work to which such Contribution(s) was submitted. If You
- 
-   institute patent litigation against any entity (including a
- 
-   cross-claim or counterclaim in a lawsuit) alleging that the Work
- 
-   or a Contribution incorporated within the Work constitutes direct
- 
-   or contributory patent infringement, then any patent licenses
- 
-   granted to You under this License for that Work shall terminate
- 
-   as of the date such litigation is filed.
- 
- 
- 
- 
-4. Redistribution. You may reproduce and distribute copies of the
- 
-   Work or Derivative Works thereof in any medium, with or without
- 
-   modifications, and in Source or Object form, provided that You
- 
-   meet the following conditions:
- 
- 
- 
- 
-   (a) You must give any other recipients of the Work or
- 
-       Derivative Works a copy of this License; and
- 
- 
- 
- 
-   (b) You must cause any modified files to carry prominent notices
- 
-       stating that You changed the files; and
- 
- 
- 
- 
-   (c) You must retain, in the Source form of any Derivative Works
- 
-       that You distribute, all copyright, patent, trademark, and
- 
-       attribution notices from the Source form of the Work,
- 
-       excluding those notices that do not pertain to any part of
- 
-       the Derivative Works; and
- 
- 
- 
- 
-   (d) If the Work includes a "NOTICE" text file as part of its
- 
-       distribution, then any Derivative Works that You distribute must
- 
-       include a readable copy of the attribution notices contained
- 
-       within such NOTICE file, excluding those notices that do not
- 
-       pertain to any part of the Derivative Works, in at least one
- 
-       of the following places: within a NOTICE text file distributed
- 
-       as part of the Derivative Works; within the Source form or
- 
-       documentation, if provided along with the Derivative Works; or,
- 
-       within a display generated by the Derivative Works, if and
- 
-       wherever such third-party notices normally appear. The contents
- 
-       of the NOTICE file are for informational purposes only and
- 
-       do not modify the License. You may add Your own attribution
- 
-       notices within Derivative Works that You distribute, alongside
- 
-       or as an addendum to the NOTICE text from the Work, provided
- 
-       that such additional attribution notices cannot be construed
- 
-       as modifying the License.
- 
- 
- 
- 
-   You may add Your own copyright statement to Your modifications and
- 
-   may provide additional or different license terms and conditions
- 
-   for use, reproduction, or distribution of Your modifications, or
- 
-   for any such Derivative Works as a whole, provided Your use,
- 
-   reproduction, and distribution of the Work otherwise complies with
- 
-   the conditions stated in this License.
- 
- 
- 
- 
-5. Submission of Contributions. Unless You explicitly state otherwise,
- 
-   any Contribution intentionally submitted for inclusion in the Work
- 
-   by You to the Licensor shall be under the terms and conditions of
- 
-   this License, without any additional terms or conditions.
- 
-   Notwithstanding the above, nothing herein shall supersede or modify
- 
-   the terms of any separate license agreement you may have executed
- 
-   with Licensor regarding such Contributions.
- 
- 
- 
- 
-6. Trademarks. This License does not grant permission to use the trade
- 
-   names, trademarks, service marks, or product names of the Licensor,
- 
-   except as required for reasonable and customary use in describing the
- 
-   origin of the Work and reproducing the content of the NOTICE file.
- 
- 
- 
- 
-7. Disclaimer of Warranty. Unless required by applicable law or
- 
-   agreed to in writing, Licensor provides the Work (and each
- 
-   Contributor provides its Contributions) on an "AS IS" BASIS,
- 
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- 
-   implied, including, without limitation, any warranties or conditions
- 
-   of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
- 
-   PARTICULAR PURPOSE. You are solely responsible for determining the
- 
-   appropriateness of using or redistributing the Work and assume any
- 
-   risks associated with Your exercise of permissions under this License.
- 
- 
- 
- 
-8. Limitation of Liability. In no event and under no legal theory,
- 
-   whether in tort (including negligence), contract, or otherwise,
- 
-   unless required by applicable law (such as deliberate and grossly
- 
-   negligent acts) or agreed to in writing, shall any Contributor be
- 
-   liable to You for damages, including any direct, indirect, special,
- 
-   incidental, or consequential damages of any character arising as a
- 
-   result of this License or out of the use or inability to use the
- 
-   Work (including but not limited to damages for loss of goodwill,
- 
-   work stoppage, computer failure or malfunction, or any and all
- 
-   other commercial damages or losses), even if such Contributor
- 
-   has been advised of the possibility of such damages.
- 
- 
- 
- 
-9. Accepting Warranty or Additional Liability. While redistributing
- 
-   the Work or Derivative Works thereof, You may choose to offer,
- 
-   and charge a fee for, acceptance of support, warranty, indemnity,
- 
-   or other liability obligations and/or rights consistent with this
- 
-   License. However, in accepting such obligations, You may act only
- 
-   on Your own behalf and on Your sole responsibility, not on behalf
- 
-   of any other Contributor, and only if You agree to indemnify,
- 
-   defend, and hold each Contributor harmless for any liability
- 
-   incurred by, or claims asserted against, such Contributor by reason
- 
-   of your accepting any such warranty or additional liability.
- 
- 
- 
- 
-END OF TERMS AND CONDITIONS
- 
- 
- 
- 
-APPENDIX: How to apply the Apache License to your work.
- 
- 
- 
- 
-   To apply the Apache License to your work, attach the following
- 
-   boilerplate notice, with the fields enclosed by brackets "{}"
- 
-   replaced with your own identifying information. (Don't include
- 
-   the brackets!)  The text should be enclosed in the appropriate
- 
-   comment syntax for the file format. We also recommend that a
- 
-   file or class name and description of purpose be included on the
- 
-   same "printed page" as the copyright notice for easier
- 
-   identification within third-party archives.
- 
- 
- 
- 
-Copyright (C) 2017 Beijing Didi Infinity Technology and Development Co.,Ltd. All rights reserved.
- 
- 
- 
- 
-Licensed under the Apache License, Version 2.0 (the "License");
- 
-you may not use this file except in compliance with the License.
- 
-You may obtain a copy of the License at
- 
- 
- 
- 
-    http://www.apache.org/licenses/LICENSE-2.0
- 
- 
- 
- 
-Unless required by applicable law or agreed to in writing, software
- 
-distributed under the License is distributed on an "AS IS" BASIS,
- 
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- 
-See the License for the specific language governing permissions and
- 
-limitations under the License.
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright CCF ODC.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@
    <img src="doc/img/Nightingale_L_V.png" alt="nightingale - cloud native monitoring" width="100" /></a>
 </p>
 <p align="center">
-  <b>开源告警管理专家 一体化的可观测平台</b>
+  <b>开源告警管理专家</b>
 </p>

 <p align="center">
@@ -27,71 +27,89 @@

 [English](./README_en.md) | [中文](./README.md)

-## 夜莺 Nightingale 是什么
+## 夜莺是什么

-夜莺监控是一款开源云原生观测分析工具，采用 All-in-One 的设计理念，集数据采集、可视化、监控告警、数据分析于一体，与云原生生态紧密集成，提供开箱即用的企业级监控分析和告警能力。夜莺于 2020 年 3 月 20 日，在 github 上发布 v1 版本，已累计迭代 100 多个版本。
+夜莺监控（Nightingale）是一款侧重告警的监控类开源项目。类似 Grafana 的数据源集成方式，夜莺也是对接多种既有的数据源，不过 Grafana 侧重在可视化，夜莺是侧重在告警引擎、告警事件的处理和分发。

-夜莺最初由滴滴开发和开源，并于 2022 年 5 月 11 日，捐赠予中国计算机学会开源发展委员会（CCF ODC），为 CCF ODC 成立后接受捐赠的第一个开源项目。夜莺的核心研发团队，也是 Open-Falcon 项目原核心研发人员，从 2014 年（Open-Falcon 是 2014 年开源）算起来，也有 10 年了，只为把监控这个事情做好。
+夜莺监控项目，最初由滴滴开发和开源，并于 2022 年 5 月 11 日，捐赠予中国计算机学会开源发展委员会（CCF ODC），为 CCF ODC 成立后接受捐赠的第一个开源项目。
+
+## 夜莺的工作逻辑
+
+很多用户已经自行采集了指标、日志数据，此时就把存储库（VictoriaMetrics、ElasticSearch等）作为数据源接入夜莺，即可在夜莺里配置告警规则、通知规则，完成告警事件的生成和派发。
+
+![夜莺产品架构](doc/img/readme/20240221152601.png)
+
+夜莺项目本身不提供监控数据采集能力。推荐您使用 [Categraf](https://github.com/flashcatcloud/categraf) 作为采集器，可以和夜莺丝滑对接。
+
+[Categraf](https://github.com/flashcatcloud/categraf) 可以采集操作系统、网络设备、各类中间件、数据库的监控数据，通过 Remote Write 协议推送给夜莺，夜莺把监控数据转存到时序库（如 Prometheus、VictoriaMetrics 等），并提供告警和可视化能力。
+
+对于个别边缘机房，如果和中心夜莺服务端网络链路不好，希望提升告警可用性，夜莺也提供边缘机房告警引擎下沉部署模式，这个模式下，即便边缘和中心端网络割裂，告警功能也不受影响。
+
+![边缘部署模式](doc/img/readme/20240222102119.png)
+
+> 上图中，机房A和中心机房的网络链路很好，所以直接由中心端的夜莺进程做告警引擎，机房B和中心机房的网络链路不好，所以在机房B部署了 `n9e-edge` 做告警引擎，对机房B的数据源做告警判定。
+
+## 告警降噪、升级、协同
+
+夜莺的侧重点是做告警引擎，即负责产生告警事件，并根据规则做灵活派发，内置支持 20 种通知媒介（电话、短信、邮件、钉钉、飞书、企微、Slack 等）。
+
+如果您有更高级的需求，比如：
+
+- 想要把公司的多套监控系统产生的事件聚拢到一个平台，统一做收敛降噪、响应处理、数据分析
+- 想要支持人员的排班，践行 On-call 文化，想要支持告警认领、升级（避免遗漏）、协同处理
+
+那夜莺是不合适的，推荐您选用 [FlashDuty](https://flashcat.cloud/product/flashcat-duty/) 这样的 On-call 产品，产品简单易用，也有免费套餐。


-## 快速开始
- 👉[文档中心](https://flashcat.cloud/docs/) | [下载中心](https://flashcat.cloud/download/nightingale/)
- ❤️[报告 Bug](https://github.com/ccfos/nightingale/issues/new?assignees=&labels=&projects=&template=question.yml)
- ℹ️为了提供更快速的访问体验，上述文档和下载站点托管于 [FlashcatCloud](https://flashcat.cloud)
-
-## 功能特点
-
- 对接多种时序库：支持对接 Prometheus、VictoriaMetrics、Thanos、Mimir、M3DB、TDengine 等多种时序库，实现统一告警管理。
- 专业告警能力：内置支持多种告警规则，可以扩展支持常见通知媒介，支持告警屏蔽/抑制/订阅/自愈、告警事件管理。
- 高性能可视化引擎：支持多种图表样式，内置众多 Dashboard 模版，也可导入 Grafana 模版，开箱即用，开源协议商业友好。
- 支持常见采集器：支持 [Categraf](https://flashcat.cloud/product/categraf)、Telegraf、Grafana-agent、Datadog-agent、各种 Exporter 作为采集器，没有什么数据是不能监控的。
- 👀无缝搭配 [Flashduty](https://flashcat.cloud/product/flashcat-duty/)：实现告警聚合收敛、认领、升级、排班、IM集成，确保告警处理不遗漏，减少打扰，高效协同。
+## 相关资料 & 交流渠道
+- 📚 [夜莺介绍PPT](https://mp.weixin.qq.com/s/Mkwx_46xrltSq8NLqAIYow) 对您了解夜莺各项关键特性会有帮助（PPT链接在文末）
+- 👉 [文档中心](https://flashcat.cloud/docs/) 为了更快的访问速度，站点托管在 [FlashcatCloud](https://flashcat.cloud)
+- ❤️ [报告 Bug](https://github.com/ccfos/nightingale/issues/new?assignees=&labels=&projects=&template=question.yml) 写清楚问题描述、复现步骤、截图等信息，更容易得到答案
+- 💡 前后端代码分离，前端代码仓库：[https://github.com/n9e/fe](https://github.com/n9e/fe)
+- 🎯 关注[这个公众号](https://gitlink.org.cn/UlricQin)了解更多夜莺动态和知识
+- 🌟 加我微信：`picobyte`（我已关闭好友验证）拉入微信群，备注：`夜莺互助群`，如果已经把夜莺上到生产环境，可联系我拉入资深监控用户群


-## 截图演示
+## 关键特性简介

-即时查询，类似 Prometheus 内置的查询分析页面，做 ad-hoc 查询，夜莺做了一些 UI 优化，同时提供了一些内置 promql 指标，让不太了解 promql 的用户也可以快速查询。
+![夜莺告警规则](doc/img/readme/2025-05-23_18-43-37.png)

-![即时查询](https://download.flashcat.cloud/ulric/20240513103305.png)
+- 夜莺支持告警规则、屏蔽规则、订阅规则、通知规则，内置支持 20 种通知媒介，支持消息模板自定义
+- 支持事件管道，对告警事件做 Pipeline 处理，方便和自有系统做自动化整合，比如给告警事件附加一些元信息，对事件做 relabel
+- 支持业务组概念，引入权限体系，分门别类管理各类规则
+- 很多数据库、中间件内置了告警规则，可以直接导入使用，也可以直接导入 Prometheus 的告警规则
+- 支持告警自愈，即告警之后自动触发一个脚本执行一些预定义的逻辑，比如清理一下磁盘、抓一下现场等

-当然，也可以直接通过指标视图查看，有了指标视图，即时查询基本可以不用了，或者只有高端玩家使用即时查询，普通用户直接通过指标视图查询即可。
+![夜莺事件大盘](doc/img/readme/2025-05-30_08-49-28.png)

-![指标视图](https://download.flashcat.cloud/ulric/20240513103530.png)
+- 夜莺存档了历史告警事件，支持多维度的查询和统计
+- 支持灵活的聚合分组，一目了然看到公司的告警事件分布情况

-夜莺内置了常用仪表盘，可以直接导入使用。也可以导入 Grafana 仪表盘，不过只能兼容 Grafana 基本图表，如果已经习惯了 Grafana 建议继续使用 Grafana 看图，把夜莺作为一个告警引擎使用。
+![夜莺集成中心](doc/img/readme/2025-05-23_18-46-06.png)

-![内置仪表盘](https://download.flashcat.cloud/ulric/20240513103628.png)
-
-除了内置的仪表盘，也内置了很多告警规则，开箱即用。
-
-![内置告警规则](https://download.flashcat.cloud/ulric/20240513103825.png)
+- 夜莺内置常用操作系统、中间件、数据库的的指标说明、仪表盘、告警规则，不过都是社区贡献的，整体也是参差不齐
+- 夜莺直接接收 Remote Write、OpenTSDB、Datadog、Falcon 等多种协议的数据，故而可以和各类 Agent 对接
+- 夜莺支持 Prometheus、ElasticSearch、Loki、TDEngine 等多种数据源，可以对其中的数据做告警
+- 夜莺可以很方便内嵌企业内部系统，比如 Grafana、CMDB 等，甚至可以配置这些内嵌系统的菜单可见性


+![夜莺仪表盘](doc/img/readme/2025-05-23_18-49-02.png)

-## 产品架构
-
-社区使用夜莺最多的场景就是使用夜莺做告警引擎，对接多套时序库，统一告警规则管理。绘图仍然使用 Grafana 居多。作为一个告警引擎，夜莺的产品架构如下：
-
-![产品架构](https://download.flashcat.cloud/ulric/20240221152601.png)
-
-对于个别边缘机房，如果和中心夜莺服务端网络链路不好，希望提升告警可用性，我们也提供边缘机房告警引擎下沉部署模式，这个模式下，即便网络割裂，告警功能也不受影响。
-
-![边缘部署模式](https://download.flashcat.cloud/ulric/20240222102119.png)
-
-
-## 交流渠道
- 报告Bug，优先推荐提交[夜莺GitHub Issue](https://github.com/ccfos/nightingale/issues/new?assignees=&labels=kind%2Fbug&projects=&template=bug_report.yml)
- 推荐完整浏览[夜莺文档站点](https://flashcat.cloud/docs/content/flashcat-monitor/nightingale-v7/introduction/)，了解更多信息
- 推荐搜索关注夜莺公众号，第一时间获取社区动态：`夜莺监控Nightingale`
- 日常问题交流推荐加入[知识星球](https://download.flashcat.cloud/ulric/20240319095409.png)，也可以加我微信 `picobyte`，备注：`夜莺加群-<公司>-<姓名>` 拉入微信群，不过研发人员主要是关注 github issue 和星球，微信群关注较少
+- 夜莺支持仪表盘功能，支持常见的图表类型，也内置了一些仪表盘，上图是其中一个仪表盘的截图。
+- 如果你已经习惯了 Grafana，建议仍然使用 Grafana 看图。Grafana 在看图方面道行更深。
+- 机器相关的监控数据，如果是 Categraf 采集的，建议使用夜莺自带的仪表盘查看，因为 Categraf 的指标命名 Follow 的是 Telegraf 的命名方式，和 Node Exporter 不同
+- 因为夜莺有个业务组的概念，机器可以归属不同的业务组，有时在仪表盘里只想查看当前所属业务组的机器，所以夜莺的仪表盘可以和业务组联动

 ## 广受关注
 [![Stargazers over time](https://api.star-history.com/svg?repos=ccfos/nightingale&type=Date)](https://star-history.com/#ccfos/nightingale&Date)

+## 感谢众多企业的信赖
+
+![夜莺客户](doc/img/readme/logos.png)

 ## 社区共建
- ❇️请阅读浏览[夜莺开源项目和社区治理架构草案](./doc/community-governance.md)，真诚欢迎每一位用户、开发者、公司以及组织，使用夜莺监控、积极反馈 Bug、提交功能需求、分享最佳实践，共建专业、活跃的夜莺开源社区。
- 夜莺贡献者❤️
+- ❇️ 请阅读浏览[夜莺开源项目和社区治理架构草案](./doc/community-governance.md)，真诚欢迎每一位用户、开发者、公司以及组织，使用夜莺监控、积极反馈 Bug、提交功能需求、分享最佳实践，共建专业、活跃的夜莺开源社区。
+- ❤️ 夜莺贡献者
 <a href="https://github.com/ccfos/nightingale/graphs/contributors">
  <img src="https://contrib.rocks/image?repo=ccfos/nightingale" />
 </a>
--- a/README_en.md
+++ b/README_en.md
@@ -1,104 +1,113 @@
 <p align="center">
  <a href="https://github.com/ccfos/nightingale">
-    <img src="doc/img/Nightingale_L_V.png" alt="nightingale - cloud native monitoring" width="240" /></a>
+    <img src="doc/img/Nightingale_L_V.png" alt="nightingale - cloud native monitoring" width="100" /></a>
+</p>
+<p align="center">
+  <b>Open-source Alert Management Expert, an Integrated Observability Platform</b>
 </p>

 <p align="center">
-<img alt="GitHub latest release" src="https://img.shields.io/github/v/release/ccfos/nightingale"/>
-<a href="https://n9e.github.io">
+<a href="https://flashcat.cloud/docs/">
  <img alt="Docs" src="https://img.shields.io/badge/docs-get%20started-brightgreen"/></a>
 <a href="https://hub.docker.com/u/flashcatcloud">
  <img alt="Docker pulls" src="https://img.shields.io/docker/pulls/flashcatcloud/nightingale"/></a>
-<img alt="GitHub Repo stars" src="https://img.shields.io/github/stars/ccfos/nightingale">
-<img alt="GitHub Repo issues" src="https://img.shields.io/github/issues/ccfos/nightingale">
-<img alt="GitHub Repo issues closed" src="https://img.shields.io/github/issues-closed/ccfos/nightingale">
-<img alt="GitHub forks" src="https://img.shields.io/github/forks/ccfos/nightingale">
 <a href="https://github.com/ccfos/nightingale/graphs/contributors">
  <img alt="GitHub contributors" src="https://img.shields.io/github/contributors-anon/ccfos/nightingale"/></a>
+<img alt="GitHub Repo stars" src="https://img.shields.io/github/stars/ccfos/nightingale">
+<img alt="GitHub forks" src="https://img.shields.io/github/forks/ccfos/nightingale">
+<br/><img alt="GitHub Repo issues" src="https://img.shields.io/github/issues/ccfos/nightingale">
+<img alt="GitHub Repo issues closed" src="https://img.shields.io/github/issues-closed/ccfos/nightingale">
+<img alt="GitHub latest release" src="https://img.shields.io/github/v/release/ccfos/nightingale"/>
+<img alt="License" src="https://img.shields.io/badge/license-Apache--2.0-blue"/>
 <a href="https://n9e-talk.slack.com/">
  <img alt="GitHub contributors" src="https://img.shields.io/badge/join%20slack-%23n9e-brightgreen.svg"/></a>
-<img alt="License" src="https://img.shields.io/badge/license-Apache--2.0-blue"/>
-</p>
-<p align="center">
-  An open-source cloud-native monitoring system that is <b>all-in-one</b> <br/>
-  <b>Out-of-the-box</b>, it integrates data collection, visualization, and monitoring alert <br/>
-  We recommend upgrading your <b>Prometheus + AlertManager + Grafana</b> combination to Nightingale!
 </p>

+
+
 [English](./README_en.md) | [中文](./README.md)

+## What is Nightingale

-## Highlighted Features
+Nightingale is an open-source project focused on alerting. Similar to Grafana's data source integration approach, Nightingale also connects with various existing data sources. However, while Grafana focuses on visualization, Nightingale focuses on alerting engines.

- **Out-of-the-box**
-  - Supports multiple deployment methods such as **Docker, Helm Chart, and cloud services**, integrates data collection, monitoring, and alerting into one system, and comes with various monitoring dashboards, quick views, and alert rule templates. **It greatly reduces the construction cost, learning cost, and usage cost of cloud-native monitoring systems**.
- **Professional Alerting**
-  - Provides visual alert configuration and management, supports various alert rules, offers the ability to configure silence and subscription rules, supports multiple alert delivery channels, and has features such as alert self-healing and event management.
- **Cloud-Native**
-  - Quickly builds an enterprise-level cloud-native monitoring system through a turnkey approach, supports multiple collectors such as [Categraf](https://github.com/flashcatcloud/categraf), Telegraf, and Grafana-agent, supports multiple data sources such as Prometheus, VictoriaMetrics, M3DB, ElasticSearch, and Jaeger, and is compatible with importing Grafana dashboards. **It seamlessly integrates with the cloud-native ecosystem**.
- **High Performance and High Availability**
-  - Due to the multi-data-source management engine of Nightingale and its excellent architecture design, and utilizing a high-performance time-series database, it can handle data collection, storage, and alert analysis scenarios with billions of time-series data, saving a lot of costs.
-  - Nightingale components can be horizontally scaled with no single point of failure. It has been deployed in thousands of enterprises and tested in harsh production practices. Many leading Internet companies have used Nightingale for cluster machines with hundreds of nodes, processing billions of time-series data.
- **Flexible Extension and Centralized Management**
-  - Nightingale can be deployed on a 1-core 1G cloud host, deployed in a cluster of hundreds of machines, or run in Kubernetes. Time-series databases, alert engines, and other components can also be decentralized to various data centers and regions, balancing edge deployment with centralized management. **It solves the problem of data fragmentation and lack of unified views**.
+Originally developed and open-sourced by Didi, Nightingale was donated to the China Computer Federation Open Source Development Committee (CCF ODC) on May 11, 2022, becoming the first open-source project accepted by the CCF ODC after its establishment. 


-#### If you are using Prometheus and have one or more of the following requirement scenarios, it is recommended that you upgrade to Nightingale:
+## Quick Start

- Multiple systems such as Prometheus, Alertmanager, Grafana, etc. are fragmented and lack a unified view and cannot be used out of the box;
- The way to manage Prometheus and Alertmanager by modifying configuration files has a big learning curve and is difficult to collaborate;
- Too much data to scale-up your Prometheus cluster;
- Multiple Prometheus clusters running in production environments, which faced high management and usage costs;
+- 👉 [Documentation](https://flashcat.cloud/docs/) | [Download](https://flashcat.cloud/download/nightingale/)
+- ❤️ [Report a Bug](https://github.com/ccfos/nightingale/issues/new?assignees=&labels=&projects=&template=question.yml)
+- ℹ️ For faster access, the above documentation and download sites are hosted on [FlashcatCloud](https://flashcat.cloud).

-#### If you are using Zabbix and have the following scenarios, it is recommended that you upgrade to Nightingale:
+## Features

- Monitoring too much data and wanting a better scalable solution;
- A high learning curve and a desire for better efficiency of collaborative use in a multi-person, multi-team model;
- Microservice and cloud-native architectures with variable monitoring data lifecycles and high monitoring data dimension bases, which are not easily adaptable to the Zabbix data model;
+- **Integration with Multiple Time-Series Databases:** Supports integration with various time-series databases such as Prometheus, VictoriaMetrics, Thanos, Mimir, M3DB, and TDengine, enabling unified alert management.
+- **Advanced Alerting Capabilities:** Comes with built-in support for multiple alerting rules, extensible to common notification channels. It also supports alert suppression, silencing, subscription, self-healing, and alert event management.
+- **High-Performance Visualization Engine:** Offers various chart styles with numerous built-in dashboard templates and the ability to import Grafana templates. Ready to use with a business-friendly open-source license.
+- **Support for Common Collectors:** Compatible with [Categraf](https://flashcat.cloud/product/categraf), Telegraf, Grafana-agent, Datadog-agent, and various exporters as collectors—there's no data that can't be monitored.
+- **Seamless Integration with [Flashduty](https://flashcat.cloud/product/flashcat-duty/):** Enables alert aggregation, acknowledgment, escalation, scheduling, and IM integration, ensuring no alerts are missed, reducing unnecessary interruptions, and enhancing efficient collaboration.


-#### If you are using [open-falcon](https://github.com/open-falcon/falcon-plus), we recommend you to upgrade to Nightingale：
- For more information about open-falcon and Nightingale, please refer to read [Ten features and trends of cloud-native monitoring](https://mp.weixin.qq.com/s?__biz=MzkzNjI5OTM5Nw==&mid=2247483738&idx=1&sn=e8bdbb974a2cd003c1abcc2b5405dd18&chksm=c2a19fb0f5d616a63185cd79277a79a6b80118ef2185890d0683d2bb20451bd9303c78d083c5#rd)。
-
-## Getting Started
-
-[https://n9e.github.io/](https://n9e.github.io/)
-
 ## Screenshots

-https://user-images.githubusercontent.com/792850/216888712-2565fcea-9df5-47bd-a49e-d60af9bd76e8.mp4
+You can switch languages and themes in the top right corner. We now support English, Simplified Chinese, and Traditional Chinese. 
+
+![18n switch](doc/img/readme/n9e-switch-i18n.png)
+
+### Instant Query
+
+Similar to the built-in query analysis page in Prometheus, Nightingale offers an ad-hoc query feature with UI enhancements. It also provides built-in PromQL metrics, allowing users unfamiliar with PromQL to quickly perform queries.
+
+![Instant Query](doc/img/readme/20240513103305.png)
+
+### Metric View
+
+Alternatively, you can use the Metric View to access data. With this feature, Instant Query becomes less necessary, as it caters more to advanced users. Regular users can easily perform queries using the Metric View.
+
+![Metric View](doc/img/readme/20240513103530.png)
+
+### Built-in Dashboards
+
+Nightingale includes commonly used dashboards that can be imported and used directly. You can also import Grafana dashboards, although compatibility is limited to basic Grafana charts. If you’re accustomed to Grafana, it’s recommended to continue using it for visualization, with Nightingale serving as an alerting engine.
+
+![Built-in Dashboards](doc/img/readme/20240513103628.png)
+
+### Built-in Alert Rules
+
+In addition to the built-in dashboards, Nightingale also comes with numerous alert rules that are ready to use out of the box.
+
+![Built-in Alert Rules](doc/img/readme/20240513103825.png)
+
+

 ## Architecture

-<img src="doc/img/arch-product.png" width="600">
+In most community scenarios, Nightingale is primarily used as an alert engine, integrating with multiple time-series databases to unify alert rule management. Grafana remains the preferred tool for visualization. As an alert engine, the product architecture of Nightingale is as follows:

-Nightingale monitoring can receive monitoring data reported by various collectors (such as [Categraf](https://github.com/flashcatcloud/categraf) , telegraf, grafana-agent, Prometheus, etc.) and write them to various popular time-series databases (such as Prometheus, M3DB, VictoriaMetrics, Thanos, TDEngine, etc.). It provides configuration capabilities for alert rules, silence rules, and subscription rules, as well as the ability to view monitoring data. It also provides automatic alarm self-healing mechanisms (such as automatically calling back to a webhook address or executing a script after an alarm is triggered), and the ability to store and manage historical alarm events and view them in groups.
+![Product Architecture](doc/img/readme/20240221152601.png)

-If the performance of a standalone time-series database (such as Prometheus) has bottlenecks or poor disaster recovery, we recommend using [VictoriaMetrics](https://github.com/VictoriaMetrics/VictoriaMetrics). The VictoriaMetrics architecture is relatively simple, has excellent performance, and is easy to deploy and maintain. The architecture diagram is as shown above. For more detailed documentation on VictoriaMetrics, please refer to its [official website](https://victoriametrics.com/).
+For certain edge data centers with poor network connectivity to the central Nightingale server, we offer a distributed deployment mode for the alert engine. In this mode, even if the network is disconnected, the alerting functionality remains unaffected.

-**We welcome you to participate in the Nightingale open-source project and community in various ways, including but not limited to**：
- Adding and improving documentation => [n9e.github.io](https://n9e.github.io/)
- Sharing your best practices and experience in using Nightingale monitoring => [Article sharing]((https://n9e.github.io/docs/prologue/share/))
- Submitting product suggestions => [github issue](https://github.com/ccfos/nightingale/issues/new?assignees=&labels=kind%2Ffeature&template=enhancement.md)
- Submitting code to make Nightingale monitoring faster, more stable, and easier to use => [github pull request](https://github.com/didi/nightingale/pulls)
+![Edge Deployment Mode](doc/img/readme/20240222102119.png)


-**Respecting, recognizing, and recording the work of every contributor** is the first guiding principle of the Nightingale open-source community. We advocate effective questioning, which not only respects the developer's time but also contributes to the accumulation of knowledge in the entire community
- Before asking a question, please first refer to the [FAQ](https://www.gitlink.org.cn/ccfos/nightingale/wiki/faq) 
- We use [GitHub Discussions](https://github.com/ccfos/nightingale/discussions) as the communication forum. You can search and ask questions here.
- We also recommend that you join ours [Slack channel](https://n9e-talk.slack.com/) to exchange experiences with other Nightingale users.
+## Communication Channels

-
-## Who is using Nightingale
-You can register your usage and share your experience by posting on **[Who is Using Nightingale](https://github.com/ccfos/nightingale/issues/897)**.
+- **Report Bugs:** It is highly recommended to submit issues via the [Nightingale GitHub Issue tracker](https://github.com/ccfos/nightingale/issues/new?assignees=&labels=kind%2Fbug&projects=&template=bug_report.yml).
+- **Documentation:** For more information, we recommend thoroughly browsing the [Nightingale Documentation Site](https://flashcat.cloud/docs/content/flashcat-monitor/nightingale-v7/introduction/).

 ## Stargazers over time
-[![Stargazers over time](https://starchart.cc/ccfos/nightingale.svg)](https://starchart.cc/ccfos/nightingale)

-## Contributors
+[![Stargazers over time](https://api.star-history.com/svg?repos=ccfos/nightingale&type=Date)](https://star-history.com/#ccfos/nightingale&Date)
+
+## Community Co-Building
+
+- ❇️ Please read the [Nightingale Open Source Project and Community Governance Draft](./doc/community-governance.md). We sincerely welcome every user, developer, company, and organization to use Nightingale, actively report bugs, submit feature requests, share best practices, and help build a professional and active open-source community.
+-  ❤️ Nightingale Contributors
 <a href="https://github.com/ccfos/nightingale/graphs/contributors">
  <img src="https://contrib.rocks/image?repo=ccfos/nightingale" />
 </a>

 ## License
-[Apache License V2.0](https://github.com/didi/nightingale/blob/main/LICENSE)
+- [Apache License V2.0](https://github.com/didi/nightingale/blob/main/LICENSE)
--- a/alert/aconf/conf.go
+++ b/alert/aconf/conf.go
@@ -32,6 +32,7 @@ type Alerting struct {
 	Timeout           int64
 	TemplatesDir      string
 	NotifyConcurrency int
+	WebhookBatchSend  bool
 }

 type CallPlugin struct {
@@ -59,10 +60,6 @@ func (a *Alert) PreCheck(configDir string) {
 		a.Heartbeat.Interval = 1000
 	}

-	if a.Heartbeat.EngineName == "" {
-		a.Heartbeat.EngineName = "default"
-	}
-
 	if a.EngineDelay == 0 {
 		a.EngineDelay = 30
 	}
--- a/alert/alert.go
+++ b/alert/alert.go
@@ -4,6 +4,8 @@ import (
 	"context"
 	"fmt"

+	"github.com/ccfos/nightingale/v6/dscache"
+
 	"github.com/ccfos/nightingale/v6/alert/aconf"
 	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/alert/dispatch"
@@ -21,12 +23,11 @@ import (
 	"github.com/ccfos/nightingale/v6/pkg/ctx"
 	"github.com/ccfos/nightingale/v6/pkg/httpx"
 	"github.com/ccfos/nightingale/v6/pkg/logx"
+	"github.com/ccfos/nightingale/v6/pkg/macros"
 	"github.com/ccfos/nightingale/v6/prom"
 	"github.com/ccfos/nightingale/v6/pushgw/pconf"
 	"github.com/ccfos/nightingale/v6/pushgw/writer"
 	"github.com/ccfos/nightingale/v6/storage"
-	"github.com/ccfos/nightingale/v6/tdengine"
-
 	"github.com/flashcatcloud/ibex/src/cmd/ibex"
 )

@@ -62,15 +63,22 @@ func Initialize(configDir string, cryptoKey string) (func(), error) {
 	userCache := memsto.NewUserCache(ctx, syncStats)
 	userGroupCache := memsto.NewUserGroupCache(ctx, syncStats)
 	taskTplsCache := memsto.NewTaskTplCache(ctx)
+	configCvalCache := memsto.NewCvalCache(ctx, syncStats)
+	notifyRuleCache := memsto.NewNotifyRuleCache(ctx, syncStats)
+	notifyChannelCache := memsto.NewNotifyChannelCache(ctx, syncStats)
+	messageTemplateCache := memsto.NewMessageTemplateCache(ctx, syncStats)

 	promClients := prom.NewPromClient(ctx)
-	tdengineClients := tdengine.NewTdengineClient(ctx, config.Alert.Heartbeat)
+	dispatch.InitRegisterQueryFunc(promClients)

 	externalProcessors := process.NewExternalProcessors()

-	Start(config.Alert, config.Pushgw, syncStats, alertStats, externalProcessors, targetCache, busiGroupCache, alertMuteCache, alertRuleCache, notifyConfigCache, taskTplsCache, dsCache, ctx, promClients, tdengineClients, userCache, userGroupCache)
+	macros.RegisterMacro(macros.MacroInVain)
+	dscache.Init(ctx, false)
+	Start(config.Alert, config.Pushgw, syncStats, alertStats, externalProcessors, targetCache, busiGroupCache, alertMuteCache, alertRuleCache, notifyConfigCache, taskTplsCache, dsCache, ctx, promClients, userCache, userGroupCache, notifyRuleCache, notifyChannelCache, messageTemplateCache)

-	r := httpx.GinEngine(config.Global.RunMode, config.HTTP)
+	r := httpx.GinEngine(config.Global.RunMode, config.HTTP,
+		configCvalCache.PrintBodyPaths, configCvalCache.PrintAccessLog)
 	rt := router.New(config.HTTP, config.Alert, alertMuteCache, targetCache, busiGroupCache, alertStats, ctx, externalProcessors)

 	if config.Ibex.Enable {
@@ -90,27 +98,35 @@ func Initialize(configDir string, cryptoKey string) (func(), error) {

 func Start(alertc aconf.Alert, pushgwc pconf.Pushgw, syncStats *memsto.Stats, alertStats *astats.Stats, externalProcessors *process.ExternalProcessorsType, targetCache *memsto.TargetCacheType, busiGroupCache *memsto.BusiGroupCacheType,
 	alertMuteCache *memsto.AlertMuteCacheType, alertRuleCache *memsto.AlertRuleCacheType, notifyConfigCache *memsto.NotifyConfigCacheType, taskTplsCache *memsto.TaskTplCache, datasourceCache *memsto.DatasourceCacheType, ctx *ctx.Context,
-	promClients *prom.PromClientMap, tdendgineClients *tdengine.TdengineClientMap, userCache *memsto.UserCacheType, userGroupCache *memsto.UserGroupCacheType) {
+	promClients *prom.PromClientMap, userCache *memsto.UserCacheType, userGroupCache *memsto.UserGroupCacheType, notifyRuleCache *memsto.NotifyRuleCacheType, notifyChannelCache *memsto.NotifyChannelCacheType, messageTemplateCache *memsto.MessageTemplateCacheType) {
 	alertSubscribeCache := memsto.NewAlertSubscribeCache(ctx, syncStats)
 	recordingRuleCache := memsto.NewRecordingRuleCache(ctx, syncStats)
 	targetsOfAlertRulesCache := memsto.NewTargetOfAlertRuleCache(ctx, alertc.Heartbeat.EngineName, syncStats)

 	go models.InitNotifyConfig(ctx, alertc.Alerting.TemplatesDir)
+	go models.InitNotifyChannel(ctx)
+	go models.InitMessageTemplate(ctx)

 	naming := naming.NewNaming(ctx, alertc.Heartbeat, alertStats)

 	writers := writer.NewWriters(pushgwc)
-	record.NewScheduler(alertc, recordingRuleCache, promClients, writers, alertStats)
+	record.NewScheduler(alertc, recordingRuleCache, promClients, writers, alertStats, datasourceCache)

 	eval.NewScheduler(alertc, externalProcessors, alertRuleCache, targetCache, targetsOfAlertRulesCache,
-		busiGroupCache, alertMuteCache, datasourceCache, promClients, tdendgineClients, naming, ctx, alertStats)
+		busiGroupCache, alertMuteCache, datasourceCache, promClients, naming, ctx, alertStats)

-	dp := dispatch.NewDispatch(alertRuleCache, userCache, userGroupCache, alertSubscribeCache, targetCache, notifyConfigCache, taskTplsCache, alertc.Alerting, ctx, alertStats)
+	eventProcessorCache := memsto.NewEventProcessorCache(ctx, syncStats)
+
+	dp := dispatch.NewDispatch(alertRuleCache, userCache, userGroupCache, alertSubscribeCache, targetCache, notifyConfigCache, taskTplsCache, notifyRuleCache, notifyChannelCache, messageTemplateCache, eventProcessorCache, alertc.Alerting, ctx, alertStats)
 	consumer := dispatch.NewConsumer(alertc.Alerting, ctx, dp, promClients)

+	notifyRecordComsumer := sender.NewNotifyRecordConsumer(ctx)
+
 	go dp.ReloadTpls()
 	go consumer.LoopConsume()
+	go notifyRecordComsumer.LoopConsume()

 	go queue.ReportQueueSize(alertStats)
-	go sender.InitEmailSender(notifyConfigCache)
+	go sender.ReportNotifyRecordQueueSize(alertStats)
+	go sender.InitEmailSender(ctx, notifyConfigCache)
 }
--- a/alert/astats/stats.go
+++ b/alert/astats/stats.go
@@ -17,12 +17,16 @@ type Stats struct {
 	CounterRuleEval             *prometheus.CounterVec
 	CounterQueryDataErrorTotal  *prometheus.CounterVec
 	CounterQueryDataTotal       *prometheus.CounterVec
+	CounterVarFillingQuery      *prometheus.CounterVec
 	CounterRecordEval           *prometheus.CounterVec
 	CounterRecordEvalErrorTotal *prometheus.CounterVec
 	CounterMuteTotal            *prometheus.CounterVec
 	CounterRuleEvalErrorTotal   *prometheus.CounterVec
 	CounterHeartbeatErrorTotal  *prometheus.CounterVec
 	CounterSubEventTotal        *prometheus.CounterVec
+	GaugeQuerySeriesCount       *prometheus.GaugeVec
+	GaugeRuleEvalDuration       *prometheus.GaugeVec
+	GaugeNotifyRecordQueueSize  prometheus.Gauge
 }

 func NewSyncStats() *Stats {
@@ -38,7 +42,7 @@ func NewSyncStats() *Stats {
 		Subsystem: subsystem,
 		Name:      "rule_eval_error_total",
 		Help:      "Number of rule eval error.",
-	}, []string{"datasource", "stage"})
+	}, []string{"datasource", "stage", "busi_group", "rule_id"})

 	CounterQueryDataErrorTotal := prometheus.NewCounterVec(prometheus.CounterOpts{
 		Namespace: namespace,
@@ -52,7 +56,7 @@ func NewSyncStats() *Stats {
 		Subsystem: subsystem,
 		Name:      "query_data_total",
 		Help:      "Number of rule eval query data.",
-	}, []string{"datasource"})
+	}, []string{"datasource", "rule_id"})

 	CounterRecordEval := prometheus.NewCounterVec(prometheus.CounterOpts{
 		Namespace: namespace,
@@ -103,7 +107,7 @@ func NewSyncStats() *Stats {
 		Subsystem: subsystem,
 		Name:      "mute_total",
 		Help:      "Number of mute.",
-	}, []string{"group"})
+	}, []string{"group", "rule_id", "mute_rule_id", "datasource_id"})

 	CounterSubEventTotal := prometheus.NewCounterVec(prometheus.CounterOpts{
 		Namespace: namespace,
@@ -119,6 +123,34 @@ func NewSyncStats() *Stats {
 		Help:      "Number of heartbeat error.",
 	}, []string{})

+	GaugeQuerySeriesCount := prometheus.NewGaugeVec(prometheus.GaugeOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "eval_query_series_count",
+		Help:      "Number of series retrieved from data source after query.",
+	}, []string{"rule_id", "datasource_id", "ref"})
+	// 通知记录队列的长度
+	GaugeNotifyRecordQueueSize := prometheus.NewGauge(prometheus.GaugeOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "notify_record_queue_size",
+		Help:      "The size of notify record queue.",
+	})
+
+	GaugeRuleEvalDuration := prometheus.NewGaugeVec(prometheus.GaugeOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "rule_eval_duration_ms",
+		Help:      "Duration of rule eval in milliseconds.",
+	}, []string{"rule_id", "datasource_id"})
+
+	CounterVarFillingQuery := prometheus.NewCounterVec(prometheus.CounterOpts{
+		Namespace: namespace,
+		Subsystem: subsystem,
+		Name:      "var_filling_query_total",
+		Help:      "Number of var filling query.",
+	}, []string{"rule_id", "datasource_id", "ref", "typ"})
+
 	prometheus.MustRegister(
 		CounterAlertsTotal,
 		GaugeAlertQueueSize,
@@ -133,6 +165,10 @@ func NewSyncStats() *Stats {
 		CounterRuleEvalErrorTotal,
 		CounterHeartbeatErrorTotal,
 		CounterSubEventTotal,
+		GaugeQuerySeriesCount,
+		GaugeRuleEvalDuration,
+		GaugeNotifyRecordQueueSize,
+		CounterVarFillingQuery,
 	)

 	return &Stats{
@@ -149,5 +185,9 @@ func NewSyncStats() *Stats {
 		CounterRuleEvalErrorTotal:   CounterRuleEvalErrorTotal,
 		CounterHeartbeatErrorTotal:  CounterHeartbeatErrorTotal,
 		CounterSubEventTotal:        CounterSubEventTotal,
+		GaugeQuerySeriesCount:       GaugeQuerySeriesCount,
+		GaugeRuleEvalDuration:       GaugeRuleEvalDuration,
+		GaugeNotifyRecordQueueSize:  GaugeNotifyRecordQueueSize,
+		CounterVarFillingQuery:      CounterVarFillingQuery,
 	}
 }
--- a/alert/common/key.go
+++ b/alert/common/key.go
@@ -2,6 +2,7 @@ package common

 import (
 	"fmt"
+	"strings"

 	"github.com/ccfos/nightingale/v6/models"
 )
@@ -34,9 +35,9 @@ func MatchGroupsName(groupName string, groupFilter []models.TagFilter) bool {
 func matchTag(value string, filter models.TagFilter) bool {
 	switch filter.Func {
 	case "==":
-		return filter.Value == value
+		return strings.TrimSpace(filter.Value) == strings.TrimSpace(value)
 	case "!=":
-		return filter.Value != value
+		return strings.TrimSpace(filter.Value) != strings.TrimSpace(value)
 	case "in":
 		_, has := filter.Vset[value]
 		return has
--- a/alert/dispatch/consume.go
+++ b/alert/dispatch/consume.go
@@ -1,6 +1,7 @@
 package dispatch

 import (
+	"context"
 	"encoding/json"
 	"fmt"
 	"strings"
@@ -13,8 +14,10 @@ import (
 	"github.com/ccfos/nightingale/v6/pkg/ctx"
 	"github.com/ccfos/nightingale/v6/pkg/poster"
 	promsdk "github.com/ccfos/nightingale/v6/pkg/prom"
+	"github.com/ccfos/nightingale/v6/pkg/tplx"
 	"github.com/ccfos/nightingale/v6/prom"

+	"github.com/prometheus/common/model"
 	"github.com/toolkits/pkg/concurrent/semaphore"
 	"github.com/toolkits/pkg/logger"
 )
@@ -27,6 +30,18 @@ type Consumer struct {
 	promClients *prom.PromClientMap
 }

+func InitRegisterQueryFunc(promClients *prom.PromClientMap) {
+	tplx.RegisterQueryFunc(func(datasourceID int64, promql string) model.Value {
+		if promClients.IsNil(datasourceID) {
+			return nil
+		}
+
+		readerClient := promClients.GetCli(datasourceID)
+		value, _, _ := readerClient.Query(context.Background(), promql, time.Now())
+		return value
+	})
+}
+
 // 创建一个 Consumer 实例
 func NewConsumer(alerting aconf.Alerting, ctx *ctx.Context, dispatch *Dispatch, promClients *prom.PromClientMap) *Consumer {
 	return &Consumer{
@@ -113,7 +128,7 @@ func (e *Consumer) persist(event *models.AlertCurEvent) {
 		event.Id, err = poster.PostByUrlsWithResp[int64](e.ctx, "/v1/n9e/event-persist", event)
 		if err != nil {
 			logger.Errorf("event:%+v persist err:%v", event, err)
-			e.dispatch.Astats.CounterRuleEvalErrorTotal.WithLabelValues(fmt.Sprintf("%v", event.DatasourceId), "persist_event").Inc()
+			e.dispatch.Astats.CounterRuleEvalErrorTotal.WithLabelValues(fmt.Sprintf("%v", event.DatasourceId), "persist_event", event.GroupName, fmt.Sprintf("%v", event.RuleId)).Inc()
 		}
 		return
 	}
@@ -121,7 +136,7 @@ func (e *Consumer) persist(event *models.AlertCurEvent) {
 	err := models.EventPersist(e.ctx, event)
 	if err != nil {
 		logger.Errorf("event%+v persist err:%v", event, err)
-		e.dispatch.Astats.CounterRuleEvalErrorTotal.WithLabelValues(fmt.Sprintf("%v", event.DatasourceId), "persist_event").Inc()
+		e.dispatch.Astats.CounterRuleEvalErrorTotal.WithLabelValues(fmt.Sprintf("%v", event.DatasourceId), "persist_event", event.GroupName, fmt.Sprintf("%v", event.RuleId)).Inc()
 	}
 }

@@ -169,7 +184,7 @@ func (e *Consumer) queryRecoveryVal(event *models.AlertCurEvent) {
 		logger.Errorf("rule_eval:%s promql:%s, warnings:%v", getKey(event), promql, warnings)
 	}

-	anomalyPoints := common.ConvertAnomalyPoints(value)
+	anomalyPoints := models.ConvertAnomalyPoints(value)
 	if len(anomalyPoints) == 0 {
 		logger.Warningf("rule_eval:%s promql:%s, result is empty", getKey(event), promql)
 		event.AnnotationsJSON["recovery_promql_error"] = fmt.Sprintf("promql:%s error:%s", promql, "result is empty")
--- a/alert/dispatch/dispatch.go
+++ b/alert/dispatch/dispatch.go
@@ -3,6 +3,8 @@ package dispatch
 import (
 	"bytes"
 	"encoding/json"
+	"errors"
+	"fmt"
 	"html/template"
 	"net/url"
 	"strconv"
@@ -13,6 +15,7 @@ import (
 	"github.com/ccfos/nightingale/v6/alert/aconf"
 	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/alert/common"
+	"github.com/ccfos/nightingale/v6/alert/pipeline"
 	"github.com/ccfos/nightingale/v6/alert/sender"
 	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/models"
@@ -30,6 +33,11 @@ type Dispatch struct {
 	notifyConfigCache   *memsto.NotifyConfigCacheType
 	taskTplsCache       *memsto.TaskTplCache

+	notifyRuleCache      *memsto.NotifyRuleCacheType
+	notifyChannelCache   *memsto.NotifyChannelCacheType
+	messageTemplateCache *memsto.MessageTemplateCacheType
+	eventProcessorCache  *memsto.EventProcessorCacheType
+
 	alerting aconf.Alerting

 	Senders          map[string]sender.Sender
@@ -47,15 +55,20 @@ type Dispatch struct {
 // 创建一个 Notify 实例
 func NewDispatch(alertRuleCache *memsto.AlertRuleCacheType, userCache *memsto.UserCacheType, userGroupCache *memsto.UserGroupCacheType,
 	alertSubscribeCache *memsto.AlertSubscribeCacheType, targetCache *memsto.TargetCacheType, notifyConfigCache *memsto.NotifyConfigCacheType,
-	taskTplsCache *memsto.TaskTplCache, alerting aconf.Alerting, ctx *ctx.Context, astats *astats.Stats) *Dispatch {
+	taskTplsCache *memsto.TaskTplCache, notifyRuleCache *memsto.NotifyRuleCacheType, notifyChannelCache *memsto.NotifyChannelCacheType,
+	messageTemplateCache *memsto.MessageTemplateCacheType, eventProcessorCache *memsto.EventProcessorCacheType, alerting aconf.Alerting, ctx *ctx.Context, astats *astats.Stats) *Dispatch {
 	notify := &Dispatch{
-		alertRuleCache:      alertRuleCache,
-		userCache:           userCache,
-		userGroupCache:      userGroupCache,
-		alertSubscribeCache: alertSubscribeCache,
-		targetCache:         targetCache,
-		notifyConfigCache:   notifyConfigCache,
-		taskTplsCache:       taskTplsCache,
+		alertRuleCache:       alertRuleCache,
+		userCache:            userCache,
+		userGroupCache:       userGroupCache,
+		alertSubscribeCache:  alertSubscribeCache,
+		targetCache:          targetCache,
+		notifyConfigCache:    notifyConfigCache,
+		taskTplsCache:        taskTplsCache,
+		notifyRuleCache:      notifyRuleCache,
+		notifyChannelCache:   notifyChannelCache,
+		messageTemplateCache: messageTemplateCache,
+		eventProcessorCache:  eventProcessorCache,

 		alerting: alerting,

@@ -67,11 +80,13 @@ func NewDispatch(alertRuleCache *memsto.AlertRuleCacheType, userCache *memsto.Us
 		ctx:    ctx,
 		Astats: astats,
 	}
+
+	pipeline.Init()
 	return notify
 }

 func (e *Dispatch) ReloadTpls() error {
-	err := e.relaodTpls()
+	err := e.reloadTpls()
 	if err != nil {
 		logger.Errorf("failed to reload tpls: %v", err)
 	}
@@ -79,13 +94,13 @@ func (e *Dispatch) ReloadTpls() error {
 	duration := time.Duration(9000) * time.Millisecond
 	for {
 		time.Sleep(duration)
-		if err := e.relaodTpls(); err != nil {
+		if err := e.reloadTpls(); err != nil {
 			logger.Warning("failed to reload tpls:", err)
 		}
 	}
 }

-func (e *Dispatch) relaodTpls() error {
+func (e *Dispatch) reloadTpls() error {
 	tmpTpls, err := models.ListTpls(e.ctx)
 	if err != nil {
 		return err
@@ -131,6 +146,354 @@ func (e *Dispatch) relaodTpls() error {
 	return nil
 }

+func (e *Dispatch) HandleEventWithNotifyRule(eventOrigin *models.AlertCurEvent) {
+
+	if len(eventOrigin.NotifyRuleIds) > 0 {
+		for _, notifyRuleId := range eventOrigin.NotifyRuleIds {
+			// 深拷贝新的 event，避免并发修改 event 冲突
+			eventCopy := eventOrigin.DeepCopy()
+
+			logger.Infof("notify rule ids: %v, event: %+v", notifyRuleId, eventCopy)
+			notifyRule := e.notifyRuleCache.Get(notifyRuleId)
+			if notifyRule == nil {
+				continue
+			}
+
+			if !notifyRule.Enable {
+				continue
+			}
+
+			var processors []models.Processor
+			for _, pipelineConfig := range notifyRule.PipelineConfigs {
+				if !pipelineConfig.Enable {
+					continue
+				}
+
+				eventPipeline := e.eventProcessorCache.Get(pipelineConfig.PipelineId)
+				if eventPipeline == nil {
+					logger.Warningf("notify_id: %d, event:%+v, processor not found", notifyRuleId, eventCopy)
+					continue
+				}
+
+				if !pipelineApplicable(eventPipeline, eventCopy) {
+					logger.Debugf("notify_id: %d, event:%+v, pipeline_id: %d, not applicable", notifyRuleId, eventCopy, pipelineConfig.PipelineId)
+					continue
+				}
+
+				processors = append(processors, e.eventProcessorCache.GetProcessorsById(pipelineConfig.PipelineId)...)
+			}
+
+			for _, processor := range processors {
+				logger.Infof("before processor notify_id: %d, event:%+v, processor:%+v", notifyRuleId, eventCopy, processor)
+				eventCopy = processor.Process(e.ctx, eventCopy)
+				logger.Infof("after processor notify_id: %d, event:%+v, processor:%+v", notifyRuleId, eventCopy, processor)
+				if eventCopy == nil {
+					logger.Warningf("notify_id: %d, event:%+v, processor:%+v, event is nil", notifyRuleId, eventCopy, processor)
+					break
+				}
+			}
+
+			if eventCopy == nil {
+				// 如果 eventCopy 为 nil，说明 eventCopy 被 processor drop 掉了, 不再发送通知
+				continue
+			}
+
+			// notify
+			for i := range notifyRule.NotifyConfigs {
+				if !NotifyRuleApplicable(&notifyRule.NotifyConfigs[i], eventCopy) {
+					continue
+				}
+				notifyChannel := e.notifyChannelCache.Get(notifyRule.NotifyConfigs[i].ChannelID)
+				messageTemplate := e.messageTemplateCache.Get(notifyRule.NotifyConfigs[i].TemplateID)
+				if notifyChannel == nil {
+					sender.NotifyRecord(e.ctx, []*models.AlertCurEvent{eventCopy}, notifyRuleId, fmt.Sprintf("notify_channel_id:%d", notifyRule.NotifyConfigs[i].ChannelID), "", "", errors.New("notify_channel not found"))
+					logger.Warningf("notify_id: %d, event:%+v, channel_id:%d, template_id: %d, notify_channel not found", notifyRuleId, eventCopy, notifyRule.NotifyConfigs[i].ChannelID, notifyRule.NotifyConfigs[i].TemplateID)
+					continue
+				}
+
+				if notifyChannel.RequestType != "flashduty" && messageTemplate == nil {
+					logger.Warningf("notify_id: %d, channel_name: %v, event:%+v, template_id: %d, message_template not found", notifyRuleId, notifyChannel.Ident, eventCopy, notifyRule.NotifyConfigs[i].TemplateID)
+					sender.NotifyRecord(e.ctx, []*models.AlertCurEvent{eventCopy}, notifyRuleId, notifyChannel.Name, "", "", errors.New("message_template not found"))
+
+					continue
+				}
+
+				// todo go send
+				// todo 聚合 event
+				go e.sendV2([]*models.AlertCurEvent{eventCopy}, notifyRuleId, &notifyRule.NotifyConfigs[i], notifyChannel, messageTemplate)
+			}
+		}
+	}
+}
+
+func pipelineApplicable(pipeline *models.EventPipeline, event *models.AlertCurEvent) bool {
+	if pipeline == nil {
+		return true
+	}
+
+	if !pipeline.FilterEnable {
+		return true
+	}
+
+	tagMatch := true
+	if len(pipeline.LabelFilters) > 0 {
+		for i := range pipeline.LabelFilters {
+			if pipeline.LabelFilters[i].Func == "" {
+				pipeline.LabelFilters[i].Func = pipeline.LabelFilters[i].Op
+			}
+		}
+
+		tagFilters, err := models.ParseTagFilter(pipeline.LabelFilters)
+		if err != nil {
+			logger.Errorf("pipeline applicable failed to parse tag filter: %v event:%+v pipeline:%+v", err, event, pipeline)
+			return false
+		}
+		tagMatch = common.MatchTags(event.TagsMap, tagFilters)
+	}
+
+	attributesMatch := true
+	if len(pipeline.AttrFilters) > 0 {
+		tagFilters, err := models.ParseTagFilter(pipeline.AttrFilters)
+		if err != nil {
+			logger.Errorf("pipeline applicable failed to parse tag filter: %v event:%+v pipeline:%+v err:%v", tagFilters, event, pipeline, err)
+			return false
+		}
+
+		attributesMatch = common.MatchTags(event.JsonTagsAndValue(), tagFilters)
+	}
+
+	return tagMatch && attributesMatch
+}
+
+func NotifyRuleApplicable(notifyConfig *models.NotifyConfig, event *models.AlertCurEvent) bool {
+	tm := time.Unix(event.TriggerTime, 0)
+	triggerTime := tm.Format("15:04")
+	triggerWeek := int(tm.Weekday())
+
+	timeMatch := false
+
+	if len(notifyConfig.TimeRanges) == 0 {
+		timeMatch = true
+	}
+	for j := range notifyConfig.TimeRanges {
+		if timeMatch {
+			break
+		}
+		enableStime := notifyConfig.TimeRanges[j].Start
+		enableEtime := notifyConfig.TimeRanges[j].End
+		enableDaysOfWeek := notifyConfig.TimeRanges[j].Week
+		length := len(enableDaysOfWeek)
+		// enableStime,enableEtime,enableDaysOfWeek三者长度肯定相同，这里循环一个即可
+		for i := 0; i < length; i++ {
+			if enableDaysOfWeek[i] != triggerWeek {
+				continue
+			}
+
+			if enableStime < enableEtime {
+				if enableEtime == "23:59" {
+					// 02:00-23:59，这种情况做个特殊处理，相当于左闭右闭区间了
+					if triggerTime < enableStime {
+						// mute, 即没生效
+						continue
+					}
+				} else {
+					// 02:00-04:00 或者 02:00-24:00
+					if triggerTime < enableStime || triggerTime >= enableEtime {
+						// mute, 即没生效
+						continue
+					}
+				}
+			} else if enableStime > enableEtime {
+				// 21:00-09:00
+				if triggerTime < enableStime && triggerTime >= enableEtime {
+					// mute, 即没生效
+					continue
+				}
+			}
+
+			// 到这里说明当前时刻在告警规则的某组生效时间范围内，即没有 mute，直接返回 false
+			timeMatch = true
+			break
+		}
+	}
+
+	severityMatch := false
+	for i := range notifyConfig.Severities {
+		if notifyConfig.Severities[i] == event.Severity {
+			severityMatch = true
+		}
+	}
+
+	tagMatch := true
+	if len(notifyConfig.LabelKeys) > 0 {
+		for i := range notifyConfig.LabelKeys {
+			if notifyConfig.LabelKeys[i].Func == "" {
+				notifyConfig.LabelKeys[i].Func = notifyConfig.LabelKeys[i].Op
+			}
+		}
+
+		tagFilters, err := models.ParseTagFilter(notifyConfig.LabelKeys)
+		if err != nil {
+			logger.Errorf("notify send failed to parse tag filter: %v event:%+v notify_config:%+v", err, event, notifyConfig)
+			return false
+		}
+		tagMatch = common.MatchTags(event.TagsMap, tagFilters)
+	}
+
+	attributesMatch := true
+	if len(notifyConfig.Attributes) > 0 {
+		tagFilters, err := models.ParseTagFilter(notifyConfig.Attributes)
+		if err != nil {
+			logger.Errorf("notify send failed to parse tag filter: %v event:%+v notify_config:%+v err:%v", tagFilters, event, notifyConfig, err)
+			return false
+		}
+
+		attributesMatch = common.MatchTags(event.JsonTagsAndValue(), tagFilters)
+	}
+	logger.Infof("notify send timeMatch:%v severityMatch:%v tagMatch:%v attributesMatch:%v event:%+v notify_config:%+v", timeMatch, severityMatch, tagMatch, attributesMatch, event, notifyConfig)
+	return timeMatch && severityMatch && tagMatch && attributesMatch
+}
+
+func GetNotifyConfigParams(notifyConfig *models.NotifyConfig, contactKey string, userCache *memsto.UserCacheType, userGroupCache *memsto.UserGroupCacheType) ([]string, []int64, map[string]string) {
+	customParams := make(map[string]string)
+	var flashDutyChannelIDs []int64
+	var userInfoParams models.CustomParams
+
+	for key, value := range notifyConfig.Params {
+		switch key {
+		case "user_ids", "user_group_ids", "ids":
+			if data, err := json.Marshal(value); err == nil {
+				var ids []int64
+				if json.Unmarshal(data, &ids) == nil {
+					if key == "user_ids" {
+						userInfoParams.UserIDs = ids
+					} else if key == "user_group_ids" {
+						userInfoParams.UserGroupIDs = ids
+					} else if key == "ids" {
+						flashDutyChannelIDs = ids
+					}
+				}
+			}
+		default:
+			customParams[key] = value.(string)
+		}
+	}
+
+	if len(userInfoParams.UserIDs) == 0 && len(userInfoParams.UserGroupIDs) == 0 {
+		return []string{}, flashDutyChannelIDs, customParams
+	}
+
+	userIds := make([]int64, 0)
+	userIds = append(userIds, userInfoParams.UserIDs...)
+
+	if len(userInfoParams.UserGroupIDs) > 0 {
+		userGroups := userGroupCache.GetByUserGroupIds(userInfoParams.UserGroupIDs)
+		for _, userGroup := range userGroups {
+			userIds = append(userIds, userGroup.UserIds...)
+		}
+	}
+
+	users := userCache.GetByUserIds(userIds)
+	visited := make(map[int64]bool)
+	sendtos := make([]string, 0)
+	for _, user := range users {
+		if visited[user.Id] {
+			continue
+		}
+		var sendto string
+		if contactKey == "phone" {
+			sendto = user.Phone
+		} else if contactKey == "email" {
+			sendto = user.Email
+		} else {
+			sendto, _ = user.ExtractToken(contactKey)
+		}
+
+		if sendto == "" {
+			continue
+		}
+		sendtos = append(sendtos, sendto)
+		visited[user.Id] = true
+	}
+
+	return sendtos, flashDutyChannelIDs, customParams
+}
+
+func (e *Dispatch) sendV2(events []*models.AlertCurEvent, notifyRuleId int64, notifyConfig *models.NotifyConfig, notifyChannel *models.NotifyChannelConfig, messageTemplate *models.MessageTemplate) {
+	if len(events) == 0 {
+		logger.Errorf("notify_id: %d events is empty", notifyRuleId)
+		return
+	}
+
+	tplContent := make(map[string]interface{})
+	if notifyChannel.RequestType != "flashduty" {
+		tplContent = messageTemplate.RenderEvent(events)
+	}
+
+	var contactKey string
+	if notifyChannel.ParamConfig != nil && notifyChannel.ParamConfig.UserInfo != nil {
+		contactKey = notifyChannel.ParamConfig.UserInfo.ContactKey
+	}
+
+	sendtos, flashDutyChannelIDs, customParams := GetNotifyConfigParams(notifyConfig, contactKey, e.userCache, e.userGroupCache)
+
+	e.Astats.GaugeNotifyRecordQueueSize.Inc()
+	defer e.Astats.GaugeNotifyRecordQueueSize.Dec()
+
+	switch notifyChannel.RequestType {
+	case "flashduty":
+		if len(flashDutyChannelIDs) == 0 {
+			flashDutyChannelIDs = []int64{0} // 如果 flashduty 通道没有配置，则使用 0, 给 SendFlashDuty 判断使用, 不给 flashduty 传 channel_id 参数
+		}
+
+		for i := range flashDutyChannelIDs {
+			respBody, err := notifyChannel.SendFlashDuty(events, flashDutyChannelIDs[i], e.notifyChannelCache.GetHttpClient(notifyChannel.ID))
+			logger.Infof("notify_id: %d, channel_name: %v, event:%+v, IntegrationUrl: %v dutychannel_id: %v, respBody: %v, err: %v", notifyRuleId, notifyChannel.Name, events[0], notifyChannel.RequestConfig.FlashDutyRequestConfig.IntegrationUrl, flashDutyChannelIDs[i], respBody, err)
+			sender.NotifyRecord(e.ctx, events, notifyRuleId, notifyChannel.Name, strconv.FormatInt(flashDutyChannelIDs[i], 10), respBody, err)
+		}
+		return
+	case "http":
+		if e.notifyChannelCache.HttpConcurrencyAdd(notifyChannel.ID) {
+			defer e.notifyChannelCache.HttpConcurrencyDone(notifyChannel.ID)
+		}
+		if notifyChannel.RequestConfig == nil {
+			logger.Warningf("notify_id: %d, channel_name: %v, event:%+v, request config not found", notifyRuleId, notifyChannel.Name, events[0])
+		}
+
+		if notifyChannel.RequestConfig.HTTPRequestConfig == nil {
+			logger.Warningf("notify_id: %d, channel_name: %v, event:%+v, http request config not found", notifyRuleId, notifyChannel.Name, events[0])
+		}
+
+		if NeedBatchContacts(notifyChannel.RequestConfig.HTTPRequestConfig) || len(sendtos) == 0 {
+			resp, err := notifyChannel.SendHTTP(events, tplContent, customParams, sendtos, e.notifyChannelCache.GetHttpClient(notifyChannel.ID))
+			logger.Infof("notify_id: %d, channel_name: %v, event:%+v, tplContent:%s, customParams:%v, userInfo:%+v, respBody: %v, err: %v", notifyRuleId, notifyChannel.Name, events[0], tplContent, customParams, sendtos, resp, err)
+
+			sender.NotifyRecord(e.ctx, events, notifyRuleId, notifyChannel.Name, getSendTarget(customParams, sendtos), resp, err)
+		} else {
+			for i := range sendtos {
+				resp, err := notifyChannel.SendHTTP(events, tplContent, customParams, []string{sendtos[i]}, e.notifyChannelCache.GetHttpClient(notifyChannel.ID))
+				logger.Infof("notify_id: %d, channel_name: %v, event:%+v, tplContent:%s, customParams:%v, userInfo:%+v, respBody: %v, err: %v", notifyRuleId, notifyChannel.Name, events[0], tplContent, customParams, sendtos[i], resp, err)
+				sender.NotifyRecord(e.ctx, events, notifyRuleId, notifyChannel.Name, getSendTarget(customParams, []string{sendtos[i]}), resp, err)
+			}
+		}
+
+	case "smtp":
+		notifyChannel.SendEmail(notifyRuleId, events, tplContent, sendtos, e.notifyChannelCache.GetSmtpClient(notifyChannel.ID))
+
+	case "script":
+		target, res, err := notifyChannel.SendScript(events, tplContent, customParams, sendtos)
+		logger.Infof("notify_id: %d, channel_name: %v, event:%+v, tplContent:%s, customParams:%v, target:%s, res:%s, err:%v", notifyRuleId, notifyChannel.Name, events[0], tplContent, customParams, target, res, err)
+		sender.NotifyRecord(e.ctx, events, notifyRuleId, notifyChannel.Name, target, res, err)
+	default:
+		logger.Warningf("notify_id: %d, channel_name: %v, event:%+v send type not found", notifyRuleId, notifyChannel.Name, events[0])
+	}
+}
+
+func NeedBatchContacts(requestConfig *models.HTTPRequestConfig) bool {
+	b, _ := json.Marshal(requestConfig)
+	return strings.Contains(string(b), "$sendtos")
+}
+
 // HandleEventNotify 处理event事件的主逻辑
 // event: 告警/恢复事件
 // isSubscribe: 告警事件是否由subscribe的配置产生
@@ -139,6 +502,7 @@ func (e *Dispatch) HandleEventNotify(event *models.AlertCurEvent, isSubscribe bo
 	if rule == nil {
 		return
 	}
+
 	fillUsers(event, e.userCache, e.userGroupCache)

 	var (
@@ -166,8 +530,8 @@ func (e *Dispatch) HandleEventNotify(event *models.AlertCurEvent, isSubscribe bo
 		notifyTarget.AndMerge(handler(rule, event, notifyTarget, e))
 	}

-	// 处理事件发送,这里用一个goroutine处理一个event的所有发送事件
-	go e.Send(rule, event, notifyTarget)
+	go e.HandleEventWithNotifyRule(event)
+	go e.Send(rule, event, notifyTarget, isSubscribe)

 	// 如果是不是订阅规则出现的event, 则需要处理订阅规则的event
 	if !isSubscribe {
@@ -238,11 +602,12 @@ func (e *Dispatch) handleSub(sub *models.AlertSubscribe, event models.AlertCurEv
 	e.HandleEventNotify(&event, true)
 }

-func (e *Dispatch) Send(rule *models.AlertRule, event *models.AlertCurEvent, notifyTarget *NotifyTarget) {
+func (e *Dispatch) Send(rule *models.AlertRule, event *models.AlertCurEvent, notifyTarget *NotifyTarget, isSubscribe bool) {
 	needSend := e.BeforeSenderHook(event)
 	if needSend {
 		for channel, uids := range notifyTarget.ToChannelUserMap() {
-			msgCtx := sender.BuildMessageContext(rule, []*models.AlertCurEvent{event}, uids, e.userCache, e.Astats)
+			msgCtx := sender.BuildMessageContext(e.ctx, rule, []*models.AlertCurEvent{event},
+				uids, e.userCache, e.Astats)
 			e.RwLock.RLock()
 			s := e.Senders[channel]
 			e.RwLock.RUnlock()
@@ -265,22 +630,40 @@ func (e *Dispatch) Send(rule *models.AlertRule, event *models.AlertCurEvent, not
 	e.SendCallbacks(rule, notifyTarget, event)

 	// handle global webhooks
-	sender.SendWebhooks(notifyTarget.ToWebhookList(), event, e.Astats)
+	if !event.OverrideGlobalWebhook() {
+		if e.alerting.WebhookBatchSend {
+			sender.BatchSendWebhooks(e.ctx, notifyTarget.ToWebhookMap(), event, e.Astats)
+		} else {
+			sender.SingleSendWebhooks(e.ctx, notifyTarget.ToWebhookMap(), event, e.Astats)
+		}
+	}

 	// handle plugin call
-	go sender.MayPluginNotify(e.genNoticeBytes(event), e.notifyConfigCache.GetNotifyScript(), e.Astats)
+	go sender.MayPluginNotify(e.ctx, e.genNoticeBytes(event), e.notifyConfigCache.
+		GetNotifyScript(), e.Astats, event)
+
+	if !isSubscribe {
+		// handle ibex callbacks
+		e.HandleIbex(rule, event)
+	}
 }

 func (e *Dispatch) SendCallbacks(rule *models.AlertRule, notifyTarget *NotifyTarget, event *models.AlertCurEvent) {
-
 	uids := notifyTarget.ToUidList()
 	urls := notifyTarget.ToCallbackList()
+	whMap := notifyTarget.ToWebhookMap()
+	ogw := event.OverrideGlobalWebhook()
 	for _, urlStr := range urls {
 		if len(urlStr) == 0 {
 			continue
 		}

-		cbCtx := sender.BuildCallBackContext(e.ctx, urlStr, rule, []*models.AlertCurEvent{event}, uids, e.userCache, e.Astats)
+		cbCtx := sender.BuildCallBackContext(e.ctx, urlStr, rule, []*models.AlertCurEvent{event}, uids, e.userCache, e.alerting.WebhookBatchSend, e.Astats)
+
+		if wh, ok := whMap[cbCtx.CallBackURL]; !ogw && ok && wh.Enable {
+			logger.Debugf("SendCallbacks: webhook[%s] is in global conf.", cbCtx.CallBackURL)
+			continue
+		}

 		if strings.HasPrefix(urlStr, "${ibex}") {
 			e.CallBacks[models.IbexDomain].CallBack(cbCtx)
@@ -318,6 +701,35 @@ func (e *Dispatch) SendCallbacks(rule *models.AlertRule, notifyTarget *NotifyTar
 	}
 }

+func (e *Dispatch) HandleIbex(rule *models.AlertRule, event *models.AlertCurEvent) {
+	// 解析 RuleConfig 字段
+	var ruleConfig struct {
+		TaskTpls []*models.Tpl `json:"task_tpls"`
+	}
+	json.Unmarshal([]byte(rule.RuleConfig), &ruleConfig)
+
+	if event.IsRecovered {
+		// 恢复事件不需要走故障自愈的逻辑
+		return
+	}
+
+	for _, t := range ruleConfig.TaskTpls {
+		if t.TplId == 0 {
+			continue
+		}
+
+		if len(t.Host) == 0 {
+			sender.CallIbex(e.ctx, t.TplId, event.TargetIdent,
+				e.taskTplsCache, e.targetCache, e.userCache, event)
+			continue
+		}
+		for _, host := range t.Host {
+			sender.CallIbex(e.ctx, t.TplId, host,
+				e.taskTplsCache, e.targetCache, e.userCache, event)
+		}
+	}
+}
+
 type Notice struct {
 	Event *models.AlertCurEvent `json:"event"`
 	Tpls  map[string]string     `json:"tpls"`
@@ -379,3 +791,22 @@ func mapKeys(m map[int64]struct{}) []int64 {
 	}
 	return lst
 }
+
+func getSendTarget(customParams map[string]string, sendtos []string) string {
+	if len(customParams) == 0 {
+		return strings.Join(sendtos, ",")
+	}
+
+	values := make([]string, 0)
+	for _, value := range customParams {
+		runes := []rune(value)
+		if len(runes) <= 4 {
+			values = append(values, value)
+		} else {
+			maskedValue := string(runes[:len(runes)-4]) + "****"
+			values = append(values, maskedValue)
+		}
+	}
+
+	return strings.Join(values, ",")
+}
--- a/alert/dispatch/log.go
+++ b/alert/dispatch/log.go
@@ -18,12 +18,13 @@ func LogEvent(event *models.AlertCurEvent, location string, err ...error) {
 	}

 	logger.Infof(
-		"event(%s %s) %s: rule_id=%d sub_id:%d cluster:%s %v%s@%d %s",
+		"event(%s %s) %s: rule_id=%d sub_id:%d notify_rule_ids:%v cluster:%s %v%s@%d %s",
 		event.Hash,
 		status,
 		location,
 		event.RuleId,
 		event.SubRuleId,
+		event.NotifyRuleIds,
 		event.Cluster,
 		event.TagsJSON,
 		event.TriggerValue,
--- a/alert/dispatch/notify_target.go
+++ b/alert/dispatch/notify_target.go
@@ -76,16 +76,12 @@ func (s *NotifyTarget) ToCallbackList() []string {
 	return callbacks
 }

-func (s *NotifyTarget) ToWebhookList() []*models.Webhook {
-	webhooks := make([]*models.Webhook, 0, len(s.webhooks))
-	for _, wh := range s.webhooks {
-		webhooks = append(webhooks, wh)
-	}
-	return webhooks
+func (s *NotifyTarget) ToWebhookMap() map[string]*models.Webhook {
+	return s.webhooks
 }

 func (s *NotifyTarget) ToUidList() []int64 {
-	uids := make([]int64, len(s.userMap))
+	uids := make([]int64, 0, len(s.userMap))
 	for uid, _ := range s.userMap {
 		uids = append(uids, uid)
 	}
--- a/alert/eval/alert_rule.go
+++ b/alert/eval/alert_rule.go
@@ -10,11 +10,10 @@ import (
 	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/alert/naming"
 	"github.com/ccfos/nightingale/v6/alert/process"
+	"github.com/ccfos/nightingale/v6/datasource/commons/eslike"
 	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/pkg/ctx"
 	"github.com/ccfos/nightingale/v6/prom"
-	"github.com/ccfos/nightingale/v6/tdengine"
-
 	"github.com/toolkits/pkg/logger"
 )

@@ -33,8 +32,7 @@ type Scheduler struct {
 	alertMuteCache          *memsto.AlertMuteCacheType
 	datasourceCache         *memsto.DatasourceCacheType

-	promClients     *prom.PromClientMap
-	tdengineClients *tdengine.TdengineClientMap
+	promClients *prom.PromClientMap

 	naming *naming.Naming

@@ -45,7 +43,7 @@ type Scheduler struct {
 func NewScheduler(aconf aconf.Alert, externalProcessors *process.ExternalProcessorsType, arc *memsto.AlertRuleCacheType,
 	targetCache *memsto.TargetCacheType, toarc *memsto.TargetsOfAlertRuleCacheType,
 	busiGroupCache *memsto.BusiGroupCacheType, alertMuteCache *memsto.AlertMuteCacheType, datasourceCache *memsto.DatasourceCacheType,
-	promClients *prom.PromClientMap, tdengineClients *tdengine.TdengineClientMap, naming *naming.Naming, ctx *ctx.Context, stats *astats.Stats) *Scheduler {
+	promClients *prom.PromClientMap, naming *naming.Naming, ctx *ctx.Context, stats *astats.Stats) *Scheduler {
 	scheduler := &Scheduler{
 		aconf:      aconf,
 		alertRules: make(map[string]*AlertRuleWorker),
@@ -59,13 +57,13 @@ func NewScheduler(aconf aconf.Alert, externalProcessors *process.ExternalProcess
 		alertMuteCache:          alertMuteCache,
 		datasourceCache:         datasourceCache,

-		promClients:     promClients,
-		tdengineClients: tdengineClients,
-		naming:          naming,
+		promClients: promClients,
+		naming:      naming,

 		ctx:   ctx,
 		stats: stats,
 	}
+	eslike.SetEsIndexPatternCacheType(memsto.NewEsIndexPatternCacheType(ctx))

 	go scheduler.LoopSyncRules(context.Background())
 	return scheduler
@@ -95,9 +93,8 @@ func (s *Scheduler) syncAlertRules() {
 		}

 		ruleType := rule.GetRuleType()
-		if rule.IsPrometheusRule() || rule.IsLokiRule() || rule.IsTdengineRule() {
-			datasourceIds := s.promClients.Hit(rule.DatasourceIdsJson)
-			datasourceIds = append(datasourceIds, s.tdengineClients.Hit(rule.DatasourceIdsJson)...)
+		if rule.IsPrometheusRule() || rule.IsInnerRule() {
+			datasourceIds := s.datasourceCache.GetIDsByDsCateAndQueries(rule.Cate, rule.DatasourceQueries)
 			for _, dsId := range datasourceIds {
 				if !naming.DatasourceHashRing.IsHit(strconv.FormatInt(dsId, 10), fmt.Sprintf("%d", rule.Id), s.aconf.Heartbeat.Endpoint) {
 					continue
@@ -119,7 +116,7 @@ func (s *Scheduler) syncAlertRules() {
 				}
 				processor := process.NewProcessor(s.aconf.Heartbeat.EngineName, rule, dsId, s.alertRuleCache, s.targetCache, s.targetsOfAlertRuleCache, s.busiGroupCache, s.alertMuteCache, s.datasourceCache, s.ctx, s.stats)

-				alertRule := NewAlertRuleWorker(rule, dsId, processor, s.promClients, s.tdengineClients, s.ctx)
+				alertRule := NewAlertRuleWorker(rule, dsId, processor, s.promClients, s.ctx)
 				alertRuleWorkers[alertRule.Hash()] = alertRule
 			}
 		} else if rule.IsHostRule() {
@@ -128,12 +125,13 @@ func (s *Scheduler) syncAlertRules() {
 				continue
 			}
 			processor := process.NewProcessor(s.aconf.Heartbeat.EngineName, rule, 0, s.alertRuleCache, s.targetCache, s.targetsOfAlertRuleCache, s.busiGroupCache, s.alertMuteCache, s.datasourceCache, s.ctx, s.stats)
-			alertRule := NewAlertRuleWorker(rule, 0, processor, s.promClients, s.tdengineClients, s.ctx)
+			alertRule := NewAlertRuleWorker(rule, 0, processor, s.promClients, s.ctx)
 			alertRuleWorkers[alertRule.Hash()] = alertRule
 		} else {
 			// 如果 rule 不是通过 prometheus engine 来告警的，则创建为 externalRule
 			// if rule is not processed by prometheus engine, create it as externalRule
-			for _, dsId := range rule.DatasourceIdsJson {
+			dsIds := s.datasourceCache.GetIDsByDsCateAndQueries(rule.Cate, rule.DatasourceQueries)
+			for _, dsId := range dsIds {
 				ds := s.datasourceCache.GetById(dsId)
 				if ds == nil {
 					logger.Debugf("datasource %d not found", dsId)
@@ -153,6 +151,7 @@ func (s *Scheduler) syncAlertRules() {
 	for hash, rule := range alertRuleWorkers {
 		if _, has := s.alertRules[hash]; !has {
 			rule.Prepare()
+			time.Sleep(time.Duration(20) * time.Millisecond)
 			rule.Start()
 			s.alertRules[hash] = rule
 		}
--- a/alert/eval/eval.go
+++ b/alert/eval/eval.go
--- a/alert/eval/eval_test.go
+++ b/alert/eval/eval_test.go
@@ -0,0 +1,458 @@
+package eval
+
+import (
+	"reflect"
+	"testing"
+
+	"golang.org/x/exp/slices"
+)
+
+var (
+	reHashTagIndex1 = map[uint64][][]uint64{
+		1: {
+			{1, 2}, {3, 4},
+		},
+		2: {
+			{5, 6}, {7, 8},
+		},
+	}
+	reHashTagIndex2 = map[uint64][][]uint64{
+		1: {
+			{9, 10}, {11, 12},
+		},
+		3: {
+			{13, 14}, {15, 16},
+		},
+	}
+	seriesTagIndex1 = map[uint64][]uint64{
+		1: {1, 2, 3, 4},
+		2: {5, 6, 7, 8},
+	}
+	seriesTagIndex2 = map[uint64][]uint64{
+		1: {9, 10, 11, 12},
+		3: {13, 14, 15, 16},
+	}
+)
+
+func Test_originalJoin(t *testing.T) {
+	type args struct {
+		seriesTagIndex1 map[uint64][]uint64
+		seriesTagIndex2 map[uint64][]uint64
+	}
+	tests := []struct {
+		name string
+		args args
+		want map[uint64][]uint64
+	}{
+		{
+			name: "original join",
+			args: args{
+				seriesTagIndex1: map[uint64][]uint64{
+					1: {1, 2, 3, 4},
+					2: {5, 6, 7, 8},
+				},
+				seriesTagIndex2: map[uint64][]uint64{
+					1: {9, 10, 11, 12},
+					3: {13, 14, 15, 16},
+				},
+			},
+			want: map[uint64][]uint64{
+				1: {1, 2, 3, 4, 9, 10, 11, 12},
+				2: {5, 6, 7, 8},
+				3: {13, 14, 15, 16},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := originalJoin(tt.args.seriesTagIndex1, tt.args.seriesTagIndex2); !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("originalJoin() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func Test_exclude(t *testing.T) {
+	type args struct {
+		reHashTagIndex1 map[uint64][][]uint64
+		reHashTagIndex2 map[uint64][][]uint64
+	}
+	tests := []struct {
+		name string
+		args args
+		want map[uint64][]uint64
+	}{
+		{
+			name: "left exclude",
+			args: args{
+				reHashTagIndex1: reHashTagIndex1,
+				reHashTagIndex2: reHashTagIndex2,
+			},
+			want: map[uint64][]uint64{
+				0: {5, 6},
+				1: {7, 8},
+			},
+		},
+		{
+			name: "right exclude",
+			args: args{
+				reHashTagIndex1: reHashTagIndex2,
+				reHashTagIndex2: reHashTagIndex1,
+			},
+			want: map[uint64][]uint64{
+				3: {13, 14},
+				4: {15, 16},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := exclude(tt.args.reHashTagIndex1, tt.args.reHashTagIndex2); !allValueDeepEqual(flatten(got), tt.want) {
+				t.Errorf("exclude() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func Test_noneJoin(t *testing.T) {
+	type args struct {
+		seriesTagIndex1 map[uint64][]uint64
+		seriesTagIndex2 map[uint64][]uint64
+	}
+	tests := []struct {
+		name string
+		args args
+		want map[uint64][]uint64
+	}{
+		{
+			name: "none join, direct splicing",
+			args: args{
+				seriesTagIndex1: seriesTagIndex1,
+				seriesTagIndex2: seriesTagIndex2,
+			},
+			want: map[uint64][]uint64{
+				0: {1, 2, 3, 4},
+				1: {5, 6, 7, 8},
+				2: {9, 10, 11, 12},
+				3: {13, 14, 15, 16},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := noneJoin(tt.args.seriesTagIndex1, tt.args.seriesTagIndex2); !allValueDeepEqual(got, tt.want) {
+				t.Errorf("noneJoin() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func Test_cartesianJoin(t *testing.T) {
+	type args struct {
+		seriesTagIndex1 map[uint64][]uint64
+		seriesTagIndex2 map[uint64][]uint64
+	}
+	tests := []struct {
+		name string
+		args args
+		want map[uint64][]uint64
+	}{
+		{
+			name: "cartesian join",
+			args: args{
+				seriesTagIndex1: seriesTagIndex1,
+				seriesTagIndex2: seriesTagIndex2,
+			},
+			want: map[uint64][]uint64{
+				0: {1, 2, 3, 4, 9, 10, 11, 12},
+				1: {5, 6, 7, 8, 9, 10, 11, 12},
+				2: {5, 6, 7, 8, 13, 14, 15, 16},
+				3: {1, 2, 3, 4, 13, 14, 15, 16},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := cartesianJoin(tt.args.seriesTagIndex1, tt.args.seriesTagIndex2); !allValueDeepEqual(got, tt.want) {
+				t.Errorf("cartesianJoin() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func Test_onJoin(t *testing.T) {
+	type args struct {
+		reHashTagIndex1 map[uint64][][]uint64
+		reHashTagIndex2 map[uint64][][]uint64
+		joinType        JoinType
+	}
+	tests := []struct {
+		name string
+		args args
+		want map[uint64][]uint64
+	}{
+		{
+			name: "left join",
+			args: args{
+				reHashTagIndex1: reHashTagIndex1,
+				reHashTagIndex2: reHashTagIndex2,
+				joinType:        Left,
+			},
+			want: map[uint64][]uint64{
+				1: {1, 2, 9, 10},
+				2: {3, 4, 9, 10},
+				3: {1, 2, 11, 12},
+				4: {3, 4, 11, 12},
+				5: {5, 6},
+				6: {7, 8},
+			},
+		},
+		{
+			name: "right join",
+			args: args{
+				reHashTagIndex1: reHashTagIndex2,
+				reHashTagIndex2: reHashTagIndex1,
+				joinType:        Right,
+			},
+			want: map[uint64][]uint64{
+				1: {1, 2, 9, 10},
+				2: {3, 4, 9, 10},
+				3: {1, 2, 11, 12},
+				4: {3, 4, 11, 12},
+				5: {13, 14},
+				6: {15, 16},
+			},
+		},
+
+		{
+			name: "inner join",
+			args: args{
+				reHashTagIndex1: reHashTagIndex1,
+				reHashTagIndex2: reHashTagIndex2,
+				joinType:        Inner,
+			},
+			want: map[uint64][]uint64{
+				1: {1, 2, 9, 10},
+				2: {3, 4, 9, 10},
+				3: {1, 2, 11, 12},
+				4: {3, 4, 11, 12},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := onJoin(tt.args.reHashTagIndex1, tt.args.reHashTagIndex2, tt.args.joinType); !allValueDeepEqual(flatten(got), tt.want) {
+				t.Errorf("onJoin() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+// allValueDeepEqual 判断 map 的 value 是否相同，不考虑 key
+func allValueDeepEqual(got, want map[uint64][]uint64) bool {
+	if len(got) != len(want) {
+		return false
+	}
+	for _, v1 := range got {
+		curEqual := false
+		slices.Sort(v1)
+		for _, v2 := range want {
+			slices.Sort(v2)
+			if reflect.DeepEqual(v1, v2) {
+				curEqual = true
+				break
+			}
+		}
+		if !curEqual {
+			return false
+		}
+	}
+	return true
+}
+
+// allValueDeepEqualOmitOrder 判断两个字符串切片是否相等，不考虑顺序
+func allValueDeepEqualOmitOrder(got, want []string) bool {
+	if len(got) != len(want) {
+		return false
+	}
+	slices.Sort(got)
+	slices.Sort(want)
+	for i := range got {
+		if got[i] != want[i] {
+			return false
+		}
+	}
+	return true
+}
+
+func Test_removeVal(t *testing.T) {
+	type args struct {
+		promql string
+	}
+	tests := []struct {
+		name string
+		args args
+		want string
+	}{
+		// TODO: Add test cases.
+		{
+			name: "removeVal1",
+			args: args{
+				promql: "mem{test1=\"$test1\",test2=\"$test2\",test3=\"$test3\"} > $val",
+			},
+			want: "mem{} > $val",
+		},
+		{
+			name: "removeVal2",
+			args: args{
+				promql: "mem{test1=\"test1\",test2=\"$test2\",test3=\"$test3\"} > $val",
+			},
+			want: "mem{test1=\"test1\"} > $val",
+		},
+		{
+			name: "removeVal3",
+			args: args{
+				promql: "mem{test1=\"$test1\",test2=\"test2\",test3=\"$test3\"} > $val",
+			},
+			want: "mem{test2=\"test2\"} > $val",
+		},
+		{
+			name: "removeVal4",
+			args: args{
+				promql: "mem{test1=\"$test1\",test2=\"$test2\",test3=\"test3\"} > $val",
+			},
+			want: "mem{test3=\"test3\"} > $val",
+		},
+		{
+			name: "removeVal5",
+			args: args{
+				promql: "mem{test1=\"$test1\",test2=\"test2\",test3=\"test3\"} > $val",
+			},
+			want: "mem{test2=\"test2\",test3=\"test3\"} > $val",
+		},
+		{
+			name: "removeVal6",
+			args: args{
+				promql: "mem{test1=\"test1\",test2=\"$test2\",test3=\"test3\"} > $val",
+			},
+			want: "mem{test1=\"test1\",test3=\"test3\"} > $val",
+		},
+		{
+			name: "removeVal7",
+			args: args{
+				promql: "mem{test1=\"test1\",test2=\"test2\",test3='$test3'} > $val",
+			},
+			want: "mem{test1=\"test1\",test2=\"test2\"} > $val",
+		},
+		{
+			name: "removeVal8",
+			args: args{
+				promql: "mem{test1=\"test1\",test2=\"test2\",test3=\"test3\"} > $val",
+			},
+			want: "mem{test1=\"test1\",test2=\"test2\",test3=\"test3\"} > $val",
+		},
+		{
+			name: "removeVal9",
+			args: args{
+				promql: "mem{test1=\"$test1\",test2=\"test2\"} > $val1 and mem{test3=\"test3\",test4=\"test4\"} > $val2",
+			},
+			want: "mem{test2=\"test2\"} > $val1 and mem{test3=\"test3\",test4=\"test4\"} > $val2",
+		},
+		{
+			name: "removeVal10",
+			args: args{
+				promql: "mem{test1=\"test1\",test2='$test2'} > $val1 and mem{test3=\"test3\",test4=\"test4\"} > $val2",
+			},
+			want: "mem{test1=\"test1\"} > $val1 and mem{test3=\"test3\",test4=\"test4\"} > $val2",
+		},
+		{
+			name: "removeVal11",
+			args: args{
+				promql: "mem{test1='test1',test2=\"test2\"} > $val1 and mem{test3=\"$test3\",test4=\"test4\"} > $val2",
+			},
+			want: "mem{test1='test1',test2=\"test2\"} > $val1 and mem{test4=\"test4\"} > $val2",
+		},
+		{
+			name: "removeVal12",
+			args: args{
+				promql: "mem{test1=\"test1\",test2=\"test2\"} > $val1 and mem{test3=\"test3\",test4=\"$test4\"} > $val2",
+			},
+			want: "mem{test1=\"test1\",test2=\"test2\"} > $val1 and mem{test3=\"test3\"} > $val2",
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := removeVal(tt.args.promql); got != tt.want {
+				t.Errorf("removeVal() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestExtractVarMapping(t *testing.T) {
+	tests := []struct {
+		name   string
+		promql string
+		want   map[string]string
+	}{
+		{
+			name:   "单个花括号单个变量",
+			promql: `mem_used_percent{host="$my_host"} > $val`,
+			want:   map[string]string{"my_host": "host"},
+		},
+		{
+			name:   "单个花括号多个变量",
+			promql: `mem_used_percent{host="$my_host",region="$region",env="prod"} > $val`,
+			want:   map[string]string{"my_host": "host", "region": "region"},
+		},
+		{
+			name:   "多个花括号多个变量",
+			promql: `sum(rate(mem_used_percent{host="$my_host"})) by (instance) + avg(node_load1{region="$region"}) > $val`,
+			want:   map[string]string{"my_host": "host", "region": "region"},
+		},
+		{
+			name:   "相同变量出现多次",
+			promql: `sum(rate(mem_used_percent{host="$my_host"})) + avg(node_load1{host="$my_host"}) > $val`,
+			want:   map[string]string{"my_host": "host"},
+		},
+		{
+			name:   "没有变量",
+			promql: `mem_used_percent{host="localhost",region="cn"} > 80`,
+			want:   map[string]string{},
+		},
+		{
+			name:   "没有花括号",
+			promql: `80 > $val`,
+			want:   map[string]string{},
+		},
+		{
+			name:   "格式不规范的标签",
+			promql: `mem_used_percent{host=$my_host,region = $region} > $val`,
+			want:   map[string]string{"my_host": "host", "region": "region"},
+		},
+		{
+			name:   "空花括号",
+			promql: `mem_used_percent{} > $val`,
+			want:   map[string]string{},
+		},
+		{
+			name:   "不完整的花括号",
+			promql: `mem_used_percent{host="$my_host"`,
+			want:   map[string]string{},
+		},
+		{
+			name:   "复杂表达式",
+			promql: `sum(rate(http_requests_total{handler="$handler",code="$code"}[5m])) by (handler) / sum(rate(http_requests_total{handler="$handler"}[5m])) by (handler) * 100 > $threshold`,
+			want:   map[string]string{"handler": "handler", "code": "code"},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got := ExtractVarMapping(tt.promql)
+			if !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("ExtractVarMapping() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
--- a/alert/mute/mute.go
+++ b/alert/mute/mute.go
@@ -12,28 +12,29 @@ import (
 	"github.com/toolkits/pkg/logger"
 )

-func IsMuted(rule *models.AlertRule, event *models.AlertCurEvent, targetCache *memsto.TargetCacheType, alertMuteCache *memsto.AlertMuteCacheType) (bool, string) {
+func IsMuted(rule *models.AlertRule, event *models.AlertCurEvent, targetCache *memsto.TargetCacheType, alertMuteCache *memsto.AlertMuteCacheType) (bool, string, int64) {
 	if rule.Disabled == 1 {
-		return true, "rule disabled"
+		return true, "rule disabled", 0
 	}

 	if TimeSpanMuteStrategy(rule, event) {
-		return true, "rule is not effective for period of time"
+		return true, "rule is not effective for period of time", 0
 	}

 	if IdentNotExistsMuteStrategy(rule, event, targetCache) {
-		return true, "ident not exists mute"
+		return true, "ident not exists mute", 0
 	}

 	if BgNotMatchMuteStrategy(rule, event, targetCache) {
-		return true, "bg not match mute"
+		return true, "bg not match mute", 0
 	}

-	if EventMuteStrategy(event, alertMuteCache) {
-		return true, "match mute rule"
+	hit, muteId := EventMuteStrategy(event, alertMuteCache)
+	if hit {
+		return true, "match mute rule", muteId
 	}

-	return false, ""
+	return false, "", 0
 }

 // TimeSpanMuteStrategy 根据规则配置的告警生效时间段过滤,如果产生的告警不在规则配置的告警生效时间段内,则不告警,即被mute
@@ -43,6 +44,12 @@ func TimeSpanMuteStrategy(rule *models.AlertRule, event *models.AlertCurEvent) b
 	triggerTime := tm.Format("15:04")
 	triggerWeek := strconv.Itoa(int(tm.Weekday()))

+	if rule.EnableDaysOfWeek == "" {
+		// 如果规则没有配置生效时间，则默认全天生效
+
+		return false
+	}
+
 	enableStime := strings.Fields(rule.EnableStime)
 	enableEtime := strings.Fields(rule.EnableEtime)
 	enableDaysOfWeek := strings.Split(rule.EnableDaysOfWeek, ";")
@@ -114,37 +121,33 @@ func BgNotMatchMuteStrategy(rule *models.AlertRule, event *models.AlertCurEvent,
 	target, exists := targetCache.Get(ident)
 	// 对于包含ident的告警事件，check一下ident所属bg和rule所属bg是否相同
 	// 如果告警规则选择了只在本BG生效，那其他BG的机器就不能因此规则产生告警
-	if exists && target.GroupId != rule.GroupId {
+	if exists && !target.MatchGroupId(rule.GroupId) {
 		logger.Debugf("[%s] mute: rule_eval:%d cluster:%s", "BgNotMatchMuteStrategy", rule.Id, event.Cluster)
 		return true
 	}
 	return false
 }

-func EventMuteStrategy(event *models.AlertCurEvent, alertMuteCache *memsto.AlertMuteCacheType) bool {
+func EventMuteStrategy(event *models.AlertCurEvent, alertMuteCache *memsto.AlertMuteCacheType) (bool, int64) {
 	mutes, has := alertMuteCache.Gets(event.GroupId)
 	if !has || len(mutes) == 0 {
-		return false
+		return false, 0
 	}

 	for i := 0; i < len(mutes); i++ {
-		if matchMute(event, mutes[i]) {
-			return true
+		if MatchMute(event, mutes[i]) {
+			return true, mutes[i].Id
 		}
 	}

-	return false
+	return false, 0
 }

-// matchMute 如果传入了clock这个可选参数，就表示使用这个clock表示的时间，否则就从event的字段中取TriggerTime
-func matchMute(event *models.AlertCurEvent, mute *models.AlertMute, clock ...int64) bool {
+// MatchMute 如果传入了clock这个可选参数，就表示使用这个clock表示的时间，否则就从event的字段中取TriggerTime
+func MatchMute(event *models.AlertCurEvent, mute *models.AlertMute, clock ...int64) bool {
 	if mute.Disabled == 1 {
 		return false
 	}
-	ts := event.TriggerTime
-	if len(clock) > 0 {
-		ts = clock[0]
-	}

 	// 如果不是全局的，判断 匹配的 datasource id
 	if len(mute.DatasourceIdsJson) != 0 && mute.DatasourceIdsJson[0] != 0 && event.DatasourceId != 0 {
@@ -159,37 +162,21 @@ func matchMute(event *models.AlertCurEvent, mute *models.AlertMute, clock ...int
 		}
 	}

-	var matchTime bool
 	if mute.MuteTimeType == models.TimeRange {
-		if ts < mute.Btime || ts > mute.Etime {
+		if !mute.IsWithinTimeRange(event.TriggerTime) {
 			return false
 		}
-		matchTime = true
 	} else if mute.MuteTimeType == models.Periodic {
-		tm := time.Unix(event.TriggerTime, 0)
-		triggerTime := tm.Format("15:04")
-		triggerWeek := strconv.Itoa(int(tm.Weekday()))
-
-		for i := 0; i < len(mute.PeriodicMutesJson); i++ {
-			if strings.Contains(mute.PeriodicMutesJson[i].EnableDaysOfWeek, triggerWeek) {
-				if mute.PeriodicMutesJson[i].EnableStime == mute.PeriodicMutesJson[i].EnableEtime || (mute.PeriodicMutesJson[i].EnableStime == "00:00" && mute.PeriodicMutesJson[i].EnableEtime == "23:59") {
-					matchTime = true
-					break
-				} else if mute.PeriodicMutesJson[i].EnableStime < mute.PeriodicMutesJson[i].EnableEtime {
-					if triggerTime >= mute.PeriodicMutesJson[i].EnableStime && triggerTime < mute.PeriodicMutesJson[i].EnableEtime {
-						matchTime = true
-						break
-					}
-				} else {
-					if triggerTime >= mute.PeriodicMutesJson[i].EnableStime || triggerTime < mute.PeriodicMutesJson[i].EnableEtime {
-						matchTime = true
-						break
-					}
-				}
-			}
+		ts := event.TriggerTime
+		if len(clock) > 0 {
+			ts = clock[0]
 		}
-	}
-	if !matchTime {
+
+		if !mute.IsWithinPeriodicMute(ts) {
+			return false
+		}
+	} else {
+		logger.Warningf("mute time type invalid, %d", mute.MuteTimeType)
 		return false
 	}

--- a/alert/pipeline/pipeline.go
+++ b/alert/pipeline/pipeline.go
@@ -0,0 +1,11 @@
+package pipeline
+
+import (
+	_ "github.com/ccfos/nightingale/v6/alert/pipeline/processor/callback"
+	_ "github.com/ccfos/nightingale/v6/alert/pipeline/processor/eventdrop"
+	_ "github.com/ccfos/nightingale/v6/alert/pipeline/processor/eventupdate"
+	_ "github.com/ccfos/nightingale/v6/alert/pipeline/processor/relabel"
+)
+
+func Init() {
+}
--- a/alert/pipeline/processor/callback/callback.go
+++ b/alert/pipeline/processor/callback/callback.go
@@ -0,0 +1,106 @@
+package callback
+
+import (
+	"crypto/tls"
+	"encoding/json"
+	"io"
+	"net/http"
+	"net/url"
+	"strings"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/alert/pipeline/processor/common"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/toolkits/pkg/logger"
+)
+
+type HTTPConfig struct {
+	URL           string            `json:"url"`
+	Method        string            `json:"method,omitempty"`
+	Body          string            `json:"body,omitempty"`
+	Headers       map[string]string `json:"header"`
+	AuthUsername  string            `json:"auth_username"`
+	AuthPassword  string            `json:"auth_password"`
+	Timeout       int               `json:"timeout"` // 单位:ms
+	SkipSSLVerify bool              `json:"skip_ssl_verify"`
+	Proxy         string            `json:"proxy"`
+	Client        *http.Client      `json:"-"`
+}
+
+// RelabelConfig
+type CallbackConfig struct {
+	HTTPConfig
+}
+
+func init() {
+	models.RegisterProcessor("callback", &CallbackConfig{})
+}
+
+func (c *CallbackConfig) Init(settings interface{}) (models.Processor, error) {
+	result, err := common.InitProcessor[*CallbackConfig](settings)
+	return result, err
+}
+
+func (c *CallbackConfig) Process(ctx *ctx.Context, event *models.AlertCurEvent) *models.AlertCurEvent {
+	if c.Client == nil {
+		transport := &http.Transport{
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: c.SkipSSLVerify},
+		}
+
+		if c.Proxy != "" {
+			proxyURL, err := url.Parse(c.Proxy)
+			if err != nil {
+				logger.Errorf("failed to parse proxy url: %v", err)
+			} else {
+				transport.Proxy = http.ProxyURL(proxyURL)
+			}
+		}
+
+		c.Client = &http.Client{
+			Timeout:   time.Duration(c.Timeout) * time.Millisecond,
+			Transport: transport,
+		}
+	}
+
+	headers := make(map[string]string)
+	headers["Content-Type"] = "application/json"
+	for k, v := range c.Headers {
+		headers[k] = v
+	}
+
+	body, err := json.Marshal(event)
+	if err != nil {
+		logger.Errorf("failed to marshal event: %v", err)
+		return event
+	}
+
+	req, err := http.NewRequest("POST", c.URL, strings.NewReader(string(body)))
+	if err != nil {
+		logger.Errorf("failed to create request: %v event: %v", err, event)
+		return event
+	}
+
+	for k, v := range headers {
+		req.Header.Set(k, v)
+	}
+
+	if c.AuthUsername != "" && c.AuthPassword != "" {
+		req.SetBasicAuth(c.AuthUsername, c.AuthPassword)
+	}
+
+	resp, err := c.Client.Do(req)
+	if err != nil {
+		logger.Errorf("failed to send request: %v event: %v", err, event)
+		return event
+	}
+
+	b, err := io.ReadAll(resp.Body)
+	if err != nil {
+		logger.Errorf("failed to read response body: %v event: %v", err, event)
+		return event
+	}
+
+	logger.Infof("response body: %s", string(b))
+	return event
+}
--- a/alert/pipeline/processor/common/common.go
+++ b/alert/pipeline/processor/common/common.go
@@ -0,0 +1,24 @@
+package common
+
+import (
+	"encoding/json"
+)
+
+// InitProcessor 是一个通用的初始化处理器的方法
+// 使用泛型简化处理器初始化逻辑
+// T 必须是 models.Processor 接口的实现
+func InitProcessor[T any](settings interface{}) (T, error) {
+	var zero T
+	b, err := json.Marshal(settings)
+	if err != nil {
+		return zero, err
+	}
+
+	var result T
+	err = json.Unmarshal(b, &result)
+	if err != nil {
+		return zero, err
+	}
+
+	return result, nil
+}
--- a/alert/pipeline/processor/eventdrop/event_drop.go
+++ b/alert/pipeline/processor/eventdrop/event_drop.go
@@ -0,0 +1,61 @@
+package eventdrop
+
+import (
+	"bytes"
+	"strings"
+	texttemplate "text/template"
+
+	"github.com/ccfos/nightingale/v6/alert/pipeline/processor/common"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/ccfos/nightingale/v6/pkg/tplx"
+	"github.com/toolkits/pkg/logger"
+)
+
+type EventDropConfig struct {
+	Content string `json:"content"`
+}
+
+func init() {
+	models.RegisterProcessor("event_drop", &EventDropConfig{})
+}
+
+func (c *EventDropConfig) Init(settings interface{}) (models.Processor, error) {
+	result, err := common.InitProcessor[*EventDropConfig](settings)
+	return result, err
+}
+
+func (c *EventDropConfig) Process(ctx *ctx.Context, event *models.AlertCurEvent) *models.AlertCurEvent {
+	// 使用背景是可以根据此处理器，实现对事件进行更加灵活的过滤的逻辑
+	// 在标签过滤和属性过滤都不满足需求时可以使用
+	// 如果模板执行结果为 true，则删除该事件
+
+	var defs = []string{
+		"{{ $event := . }}",
+		"{{ $labels := .TagsMap }}",
+		"{{ $value := .TriggerValue }}",
+	}
+
+	text := strings.Join(append(defs, c.Content), "")
+
+	tpl, err := texttemplate.New("eventdrop").Funcs(tplx.TemplateFuncMap).Parse(text)
+	if err != nil {
+		logger.Errorf("processor failed to parse template: %v event: %v", err, event)
+		return event
+	}
+
+	var body bytes.Buffer
+	if err = tpl.Execute(&body, event); err != nil {
+		logger.Errorf("processor failed to execute template: %v event: %v", err, event)
+		return event
+	}
+
+	result := strings.TrimSpace(body.String())
+	logger.Infof("processor eventdrop result: %v", result)
+	if result == "true" {
+		logger.Infof("processor eventdrop drop event: %v", event)
+		return nil
+	}
+
+	return event
+}
--- a/alert/pipeline/processor/eventupdate/event_update.go
+++ b/alert/pipeline/processor/eventupdate/event_update.go
@@ -0,0 +1,100 @@
+package eventupdate
+
+import (
+	"crypto/tls"
+	"encoding/json"
+	"io"
+	"net/http"
+	"net/url"
+	"strings"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/alert/pipeline/processor/callback"
+	"github.com/ccfos/nightingale/v6/alert/pipeline/processor/common"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/toolkits/pkg/logger"
+)
+
+// RelabelConfig
+type EventUpdateConfig struct {
+	callback.HTTPConfig
+}
+
+func init() {
+	models.RegisterProcessor("event_update", &EventUpdateConfig{})
+}
+
+func (c *EventUpdateConfig) Init(settings interface{}) (models.Processor, error) {
+	result, err := common.InitProcessor[*EventUpdateConfig](settings)
+	return result, err
+}
+
+func (c *EventUpdateConfig) Process(ctx *ctx.Context, event *models.AlertCurEvent) *models.AlertCurEvent {
+	if c.Client == nil {
+		transport := &http.Transport{
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: c.SkipSSLVerify},
+		}
+
+		if c.Proxy != "" {
+			proxyURL, err := url.Parse(c.Proxy)
+			if err != nil {
+				logger.Errorf("failed to parse proxy url: %v", err)
+			} else {
+				transport.Proxy = http.ProxyURL(proxyURL)
+			}
+		}
+
+		c.Client = &http.Client{
+			Timeout:   time.Duration(c.Timeout) * time.Millisecond,
+			Transport: transport,
+		}
+	}
+
+	headers := make(map[string]string)
+	headers["Content-Type"] = "application/json"
+	for k, v := range c.Headers {
+		headers[k] = v
+	}
+
+	body, err := json.Marshal(event)
+	if err != nil {
+		logger.Errorf("failed to marshal event: %v", err)
+		return event
+	}
+
+	req, err := http.NewRequest("POST", c.URL, strings.NewReader(string(body)))
+	if err != nil {
+		logger.Errorf("failed to create request: %v event: %v", err, event)
+		return event
+	}
+
+	for k, v := range headers {
+		req.Header.Set(k, v)
+	}
+
+	if c.AuthUsername != "" && c.AuthPassword != "" {
+		req.SetBasicAuth(c.AuthUsername, c.AuthPassword)
+	}
+
+	resp, err := c.Client.Do(req)
+	if err != nil {
+		logger.Errorf("failed to send request: %v event: %v", err, event)
+		return event
+	}
+
+	b, err := io.ReadAll(resp.Body)
+	if err != nil {
+		logger.Errorf("failed to read response body: %v event: %v", err, event)
+		return event
+	}
+	logger.Infof("response body: %s", string(b))
+
+	err = json.Unmarshal(b, &event)
+	if err != nil {
+		logger.Errorf("failed to unmarshal response body: %v event: %v", err, event)
+		return event
+	}
+
+	return event
+}
--- a/alert/pipeline/processor/relabel/relabel.go
+++ b/alert/pipeline/processor/relabel/relabel.go
@@ -0,0 +1,107 @@
+package relabel
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+
+	"github.com/ccfos/nightingale/v6/alert/pipeline/processor/common"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/ccfos/nightingale/v6/pushgw/pconf"
+	"github.com/ccfos/nightingale/v6/pushgw/writer"
+
+	"github.com/prometheus/common/model"
+	"github.com/prometheus/prometheus/prompb"
+)
+
+const (
+	REPLACE_DOT = "___"
+)
+
+// RelabelConfig
+type RelabelConfig struct {
+	SourceLabels  []string `json:"source_labels"`
+	Separator     string   `json:"separator"`
+	Regex         string   `json:"regex"`
+	RegexCompiled *regexp.Regexp
+	If            string `json:"if"`
+	IfRegex       *regexp.Regexp
+	Modulus       uint64 `json:"modulus"`
+	TargetLabel   string `json:"target_label"`
+	Replacement   string `json:"replacement"`
+	Action        string `json:"action"`
+}
+
+func init() {
+	models.RegisterProcessor("relabel", &RelabelConfig{})
+}
+
+func (r *RelabelConfig) Init(settings interface{}) (models.Processor, error) {
+	result, err := common.InitProcessor[*RelabelConfig](settings)
+	return result, err
+}
+
+func (r *RelabelConfig) Process(ctx *ctx.Context, event *models.AlertCurEvent) *models.AlertCurEvent {
+	sourceLabels := make([]model.LabelName, len(r.SourceLabels))
+	for i := range r.SourceLabels {
+		sourceLabels[i] = model.LabelName(strings.ReplaceAll(r.SourceLabels[i], ".", REPLACE_DOT))
+	}
+
+	relabelConfigs := []*pconf.RelabelConfig{
+		{
+			SourceLabels:  sourceLabels,
+			Separator:     r.Separator,
+			Regex:         r.Regex,
+			RegexCompiled: r.RegexCompiled,
+			If:            r.If,
+			IfRegex:       r.IfRegex,
+			Modulus:       r.Modulus,
+			TargetLabel:   r.TargetLabel,
+			Replacement:   r.Replacement,
+			Action:        r.Action,
+		},
+	}
+
+	EventRelabel(event, relabelConfigs)
+	return event
+}
+
+func EventRelabel(event *models.AlertCurEvent, relabelConfigs []*pconf.RelabelConfig) {
+	labels := make([]prompb.Label, len(event.TagsJSON))
+	event.OriginalTagsJSON = make([]string, len(event.TagsJSON))
+	for i, tag := range event.TagsJSON {
+		label := strings.SplitN(tag, "=", 2)
+		if len(label) != 2 {
+			continue
+		}
+		event.OriginalTagsJSON[i] = tag
+
+		label[0] = strings.ReplaceAll(string(label[0]), ".", REPLACE_DOT)
+		labels[i] = prompb.Label{Name: label[0], Value: label[1]}
+	}
+
+	for i := 0; i < len(relabelConfigs); i++ {
+		if relabelConfigs[i].Replacement == "" {
+			relabelConfigs[i].Replacement = "$1"
+		}
+
+		if relabelConfigs[i].Separator == "" {
+			relabelConfigs[i].Separator = ";"
+		}
+
+		if relabelConfigs[i].Regex == "" {
+			relabelConfigs[i].Regex = "(.*)"
+		}
+	}
+
+	gotLabels := writer.Process(labels, relabelConfigs...)
+	event.TagsJSON = make([]string, len(gotLabels))
+	event.TagsMap = make(map[string]string, len(gotLabels))
+	for i, label := range gotLabels {
+		label.Name = strings.ReplaceAll(string(label.Name), REPLACE_DOT, ".")
+		event.TagsJSON[i] = fmt.Sprintf("%s=%s", label.Name, label.Value)
+		event.TagsMap[label.Name] = label.Value
+	}
+	event.Tags = strings.Join(event.TagsJSON, ",,")
+}
--- a/alert/process/process.go
+++ b/alert/process/process.go
@@ -2,6 +2,7 @@ package process

 import (
 	"bytes"
+	"encoding/json"
 	"fmt"
 	"html/template"
 	"sort"
@@ -13,14 +14,14 @@ import (
 	"github.com/ccfos/nightingale/v6/alert/common"
 	"github.com/ccfos/nightingale/v6/alert/dispatch"
 	"github.com/ccfos/nightingale/v6/alert/mute"
+	"github.com/ccfos/nightingale/v6/alert/pipeline/processor/relabel"
 	"github.com/ccfos/nightingale/v6/alert/queue"
 	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/models"
 	"github.com/ccfos/nightingale/v6/pkg/ctx"
 	"github.com/ccfos/nightingale/v6/pkg/tplx"
-	"github.com/ccfos/nightingale/v6/pushgw/writer"

-	"github.com/prometheus/prometheus/prompb"
+	"github.com/robfig/cron/v3"
 	"github.com/toolkits/pkg/logger"
 	"github.com/toolkits/pkg/str"
 )
@@ -53,16 +54,15 @@ type Processor struct {
 	datasourceId int64
 	EngineName   string

-	rule     *models.AlertRule
-	fires    *AlertCurEventMap
-	pendings *AlertCurEventMap
-	inhibit  bool
+	rule                 *models.AlertRule
+	fires                *AlertCurEventMap
+	pendings             *AlertCurEventMap
+	pendingsUseByRecover *AlertCurEventMap
+	inhibit              bool

-	tagsMap    map[string]string
-	tagsArr    []string
-	target     string
-	targetNote string
-	groupName  string
+	tagsMap   map[string]string
+	tagsArr   []string
+	groupName string

 	alertRuleCache          *memsto.AlertRuleCacheType
 	TargetCache             *memsto.TargetCacheType
@@ -77,6 +77,9 @@ type Processor struct {
 	HandleFireEventHook    HandleEventFunc
 	HandleRecoverEventHook HandleEventFunc
 	EventMuteHook          EventMuteHookFunc
+
+	ScheduleEntry    cron.Entry
+	PromEvalInterval int
 }

 func (p *Processor) Key() string {
@@ -88,9 +91,9 @@ func (p *Processor) DatasourceId() int64 {
 }

 func (p *Processor) Hash() string {
-	return str.MD5(fmt.Sprintf("%d_%d_%s_%d",
+	return str.MD5(fmt.Sprintf("%d_%s_%s_%d",
 		p.rule.Id,
-		p.rule.PromEvalInterval,
+		p.rule.CronPattern,
 		p.rule.RuleConfig,
 		p.datasourceId,
 	))
@@ -125,7 +128,7 @@ func NewProcessor(engineName string, rule *models.AlertRule, datasourceId int64,
 	return p
 }

-func (p *Processor) Handle(anomalyPoints []common.AnomalyPoint, from string, inhibit bool) {
+func (p *Processor) Handle(anomalyPoints []models.AnomalyPoint, from string, inhibit bool) {
 	// 有可能rule的一些配置已经发生变化，比如告警接收人、callbacks等
 	// 这些信息的修改是不会引起worker restart的，但是确实会影响告警处理逻辑
 	// 所以，这里直接从memsto.AlertRuleCache中获取并覆盖
@@ -133,10 +136,13 @@ func (p *Processor) Handle(anomalyPoints []common.AnomalyPoint, from string, inh
 	cachedRule := p.alertRuleCache.Get(p.rule.Id)
 	if cachedRule == nil {
 		logger.Errorf("rule not found %+v", anomalyPoints)
-		p.Stats.CounterRuleEvalErrorTotal.WithLabelValues(fmt.Sprintf("%v", p.DatasourceId()), "handle_event").Inc()
+		p.Stats.CounterRuleEvalErrorTotal.WithLabelValues(fmt.Sprintf("%v", p.DatasourceId()), "handle_event", p.BusiGroupCache.GetNameByBusiGroupId(p.rule.GroupId), fmt.Sprintf("%v", p.rule.Id)).Inc()
 		return
 	}

+	// 在 rule 变化之前取到 ruleHash
+	ruleHash := p.rule.Hash()
+
 	p.rule = cachedRule
 	now := time.Now().Unix()
 	alertingKeys := map[string]struct{}{}
@@ -144,20 +150,31 @@ func (p *Processor) Handle(anomalyPoints []common.AnomalyPoint, from string, inh
 	// 根据 event 的 tag 将 events 分组，处理告警抑制的情况
 	eventsMap := make(map[string][]*models.AlertCurEvent)
 	for _, anomalyPoint := range anomalyPoints {
-		event := p.BuildEvent(anomalyPoint, from, now)
+		event := p.BuildEvent(anomalyPoint, from, now, ruleHash)
+		event.NotifyRuleIds = cachedRule.NotifyRuleIds
 		// 如果 event 被 mute 了,本质也是 fire 的状态,这里无论如何都添加到 alertingKeys 中,防止 fire 的事件自动恢复了
 		hash := event.Hash
 		alertingKeys[hash] = struct{}{}
-		isMuted, detail := mute.IsMuted(cachedRule, event, p.TargetCache, p.alertMuteCache)
+		isMuted, detail, muteId := mute.IsMuted(cachedRule, event, p.TargetCache, p.alertMuteCache)
 		if isMuted {
-			p.Stats.CounterMuteTotal.WithLabelValues(event.GroupName).Inc()
 			logger.Debugf("rule_eval:%s event:%v is muted, detail:%s", p.Key(), event, detail)
+			p.Stats.CounterMuteTotal.WithLabelValues(
+				fmt.Sprintf("%v", event.GroupName),
+				fmt.Sprintf("%v", p.rule.Id),
+				fmt.Sprintf("%v", muteId),
+				fmt.Sprintf("%v", p.datasourceId),
+			).Inc()
 			continue
 		}

 		if p.EventMuteHook(event) {
-			p.Stats.CounterMuteTotal.WithLabelValues(event.GroupName).Inc()
 			logger.Debugf("rule_eval:%s event:%v is muted by hook", p.Key(), event)
+			p.Stats.CounterMuteTotal.WithLabelValues(
+				fmt.Sprintf("%v", event.GroupName),
+				fmt.Sprintf("%v", p.rule.Id),
+				fmt.Sprintf("%v", 0),
+				fmt.Sprintf("%v", p.datasourceId),
+			).Inc()
 			continue
 		}

@@ -169,12 +186,14 @@ func (p *Processor) Handle(anomalyPoints []common.AnomalyPoint, from string, inh
 		p.handleEvent(events)
 	}

-	p.HandleRecover(alertingKeys, now, inhibit)
+	if from == "inner" {
+		p.HandleRecover(alertingKeys, now, inhibit)
+	}
 }

-func (p *Processor) BuildEvent(anomalyPoint common.AnomalyPoint, from string, now int64) *models.AlertCurEvent {
+func (p *Processor) BuildEvent(anomalyPoint models.AnomalyPoint, from string, now int64, ruleHash string) *models.AlertCurEvent {
 	p.fillTags(anomalyPoint)
-	p.mayHandleIdent()
+
 	hash := Hash(p.rule.Id, p.datasourceId, anomalyPoint)
 	ds := p.datasourceCache.GetById(p.datasourceId)
 	var dsName string
@@ -194,22 +213,36 @@ func (p *Processor) BuildEvent(anomalyPoint common.AnomalyPoint, from string, no
 	event.DatasourceId = p.datasourceId
 	event.Cluster = dsName
 	event.Hash = hash
-	event.TargetIdent = p.target
-	event.TargetNote = p.targetNote
 	event.TriggerValue = anomalyPoint.ReadableValue()
 	event.TriggerValues = anomalyPoint.Values
+	event.TriggerValuesJson = models.EventTriggerValues{ValuesWithUnit: anomalyPoint.ValuesUnit}
 	event.TagsJSON = p.tagsArr
 	event.Tags = strings.Join(p.tagsArr, ",,")
 	event.IsRecovered = false
 	event.Callbacks = p.rule.Callbacks
 	event.CallbacksJSON = p.rule.CallbacksJSON
 	event.Annotations = p.rule.Annotations
-	event.AnnotationsJSON = make(map[string]string)
 	event.RuleConfig = p.rule.RuleConfig
 	event.RuleConfigJson = p.rule.RuleConfigJson
 	event.Severity = anomalyPoint.Severity
 	event.ExtraConfig = p.rule.ExtraConfigJSON
 	event.PromQl = anomalyPoint.Query
+	event.RecoverConfig = anomalyPoint.RecoverConfig
+	event.RuleHash = ruleHash
+
+	if anomalyPoint.TriggerType == models.TriggerTypeNodata {
+		event.TriggerValue = "nodata"
+		ruleConfig := models.RuleQuery{}
+		json.Unmarshal([]byte(p.rule.RuleConfig), &ruleConfig)
+		ruleConfig.TriggerType = anomalyPoint.TriggerType
+		b, _ := json.Marshal(ruleConfig)
+		event.RuleConfig = string(b)
+	}
+
+	if err := json.Unmarshal([]byte(p.rule.Annotations), &event.AnnotationsJSON); err != nil {
+		event.AnnotationsJSON = make(map[string]string) // 解析失败时使用空 map
+		logger.Warningf("unmarshal annotations json failed: %v, rule: %d", err, p.rule.Id)
+	}

 	if event.TriggerValues != "" && strings.Count(event.TriggerValues, "$") > 1 {
 		// TriggerValues 有多个变量，将多个变量都放到 TriggerValue 中
@@ -224,6 +257,19 @@ func (p *Processor) BuildEvent(anomalyPoint common.AnomalyPoint, from string, no

 	// 生成事件之后，立马进程 relabel 处理
 	Relabel(p.rule, event)
+
+	// 放到 Relabel(p.rule, event) 下面，为了处理 relabel 之后，标签里才出现 ident 的情况
+	p.mayHandleIdent(event)
+
+	if event.TargetIdent != "" {
+		if pt, exist := p.TargetCache.Get(event.TargetIdent); exist {
+			pt.GroupNames = p.BusiGroupCache.GetNamesByBusiGroupIds(pt.GroupIds)
+			event.Target = pt
+		} else {
+			logger.Infof("fill event target error, ident: %s doesn't exist in cache.", event.TargetIdent)
+		}
+	}
+
 	return event
 }

@@ -234,42 +280,13 @@ func Relabel(rule *models.AlertRule, event *models.AlertCurEvent) {

 	// need to keep the original label
 	event.OriginalTags = event.Tags
-	event.OriginalTagsJSON = make([]string, len(event.TagsJSON))
+	event.OriginalTagsJSON = event.TagsJSON

-	labels := make([]prompb.Label, len(event.TagsJSON))
-	for i, tag := range event.TagsJSON {
-		label := strings.Split(tag, "=")
-		if len(label) != 2 {
-			logger.Errorf("event%+v relabel: the label length is not 2:%v", event, label)
-			continue
-		}
-		event.OriginalTagsJSON[i] = tag
-		labels[i] = prompb.Label{Name: label[0], Value: label[1]}
+	if len(rule.EventRelabelConfig) == 0 {
+		return
 	}

-	for i := 0; i < len(rule.EventRelabelConfig); i++ {
-		if rule.EventRelabelConfig[i].Replacement == "" {
-			rule.EventRelabelConfig[i].Replacement = "$1"
-		}
-
-		if rule.EventRelabelConfig[i].Separator == "" {
-			rule.EventRelabelConfig[i].Separator = ";"
-		}
-
-		if rule.EventRelabelConfig[i].Regex == "" {
-			rule.EventRelabelConfig[i].Regex = "(.*)"
-		}
-	}
-
-	// relabel process
-	relabels := writer.Process(labels, rule.EventRelabelConfig...)
-	event.TagsJSON = make([]string, len(relabels))
-	event.TagsMap = make(map[string]string, len(relabels))
-	for i, label := range relabels {
-		event.TagsJSON[i] = fmt.Sprintf("%s=%s", label.Name, label.Value)
-		event.TagsMap[label.Name] = label.Value
-	}
-	event.Tags = strings.Join(event.TagsJSON, ",,")
+	relabel.EventRelabel(event, rule.EventRelabelConfig)
 }

 func (p *Processor) HandleRecover(alertingKeys map[string]struct{}, now int64, inhibit bool) {
@@ -281,7 +298,7 @@ func (p *Processor) HandleRecover(alertingKeys map[string]struct{}, now int64, i
 	}

 	hashArr := make([]string, 0, len(alertingKeys))
-	for hash := range p.fires.GetAll() {
+	for hash, _ := range p.fires.GetAll() {
 		if _, has := alertingKeys[hash]; has {
 			continue
 		}
@@ -300,7 +317,7 @@ func (p *Processor) HandleRecoverEvent(hashArr []string, now int64, inhibit bool

 	if !inhibit {
 		for _, hash := range hashArr {
-			p.RecoverSingle(hash, now, nil)
+			p.RecoverSingle(false, hash, now, nil)
 		}
 		return
 	}
@@ -328,11 +345,11 @@ func (p *Processor) HandleRecoverEvent(hashArr []string, now int64, inhibit bool
 	}

 	for _, event := range eventMap {
-		p.RecoverSingle(event.Hash, now, nil)
+		p.RecoverSingle(false, event.Hash, now, nil)
 	}
 }

-func (p *Processor) RecoverSingle(hash string, now int64, value *string, values ...string) {
+func (p *Processor) RecoverSingle(byRecover bool, hash string, now int64, value *string, values ...string) {
 	cachedRule := p.rule
 	if cachedRule == nil {
 		return
@@ -342,11 +359,28 @@ func (p *Processor) RecoverSingle(hash string, now int64, value *string, values
 	if !has {
 		return
 	}
+
 	// 如果配置了留观时长，就不能立马恢复了
-	if cachedRule.RecoverDuration > 0 && now-event.LastEvalTime < cachedRule.RecoverDuration {
+	if cachedRule.RecoverDuration > 0 {
+		lastPendingEvent, has := p.pendingsUseByRecover.Get(hash)
+		if !has {
+			// 说明没有产生过异常点，就不需要恢复了
+			logger.Debugf("rule_eval:%s event:%v do not has pending event, not recover", p.Key(), event)
+			return
+		}
+
+		if now-lastPendingEvent.LastEvalTime < cachedRule.RecoverDuration {
+			logger.Debugf("rule_eval:%s event:%v not recover", p.Key(), event)
+			return
+		}
+	}
+
+	// 如果设置了恢复条件，则不能在此处恢复，必须依靠 recoverPoint 来恢复
+	if event.RecoverConfig.JudgeType != models.Origin && !byRecover {
 		logger.Debugf("rule_eval:%s event:%v not recover", p.Key(), event)
 		return
 	}
+
 	if value != nil {
 		event.TriggerValue = *value
 		if len(values) > 0 {
@@ -358,6 +392,7 @@ func (p *Processor) RecoverSingle(hash string, now int64, value *string, values
 	// 我确实无法分辨，是prom中有值但是未满足阈值所以没返回，还是prom中确实丢了一些点导致没有数据可以返回，尴尬
 	p.fires.Delete(hash)
 	p.pendings.Delete(hash)
+	p.pendingsUseByRecover.Delete(hash)

 	// 可能是因为调整了promql才恢复的，所以事件里边要体现最新的promql，否则用户会比较困惑
 	// 当然，其实rule的各个字段都可能发生变化了，都更新一下吧
@@ -371,12 +406,20 @@ func (p *Processor) RecoverSingle(hash string, now int64, value *string, values

 func (p *Processor) handleEvent(events []*models.AlertCurEvent) {
 	var fireEvents []*models.AlertCurEvent
-	// severity 初始为 4, 一定为遇到比自己优先级高的事件
-	severity := 4
+	// severity 初始为最低优先级, 一定为遇到比自己优先级高的事件
+	severity := models.SeverityLowest
 	for _, event := range events {
 		if event == nil {
 			continue
 		}
+
+		if _, has := p.pendingsUseByRecover.Get(event.Hash); has {
+			p.pendingsUseByRecover.UpdateLastEvalTime(event.Hash, event.LastEvalTime)
+		} else {
+			p.pendingsUseByRecover.Set(event.Hash, event)
+		}
+
+		event.PromEvalInterval = p.PromEvalInterval
 		if p.rule.PromForDuration == 0 {
 			fireEvents = append(fireEvents, event)
 			if severity > event.Severity {
@@ -385,7 +428,7 @@ func (p *Processor) handleEvent(events []*models.AlertCurEvent) {
 			continue
 		}

-		var preTriggerTime int64
+		var preTriggerTime int64 // 第一个 pending event 的触发时间
 		preEvent, has := p.pendings.Get(event.Hash)
 		if has {
 			p.pendings.UpdateLastEvalTime(event.Hash, event.LastEvalTime)
@@ -471,23 +514,31 @@ func (p *Processor) pushEventToQueue(e *models.AlertCurEvent) {
 	dispatch.LogEvent(e, "push_queue")
 	if !queue.EventQueue.PushFront(e) {
 		logger.Warningf("event_push_queue: queue is full, event:%+v", e)
-		p.Stats.CounterRuleEvalErrorTotal.WithLabelValues(fmt.Sprintf("%v", p.DatasourceId()), "push_event_queue").Inc()
+		p.Stats.CounterRuleEvalErrorTotal.WithLabelValues(fmt.Sprintf("%v", p.DatasourceId()), "push_event_queue", p.BusiGroupCache.GetNameByBusiGroupId(p.rule.GroupId), fmt.Sprintf("%v", p.rule.Id)).Inc()
 	}
 }

 func (p *Processor) RecoverAlertCurEventFromDb() {
 	p.pendings = NewAlertCurEventMap(nil)
+	p.pendingsUseByRecover = NewAlertCurEventMap(nil)

 	curEvents, err := models.AlertCurEventGetByRuleIdAndDsId(p.ctx, p.rule.Id, p.datasourceId)
 	if err != nil {
 		logger.Errorf("recover event from db for rule:%s failed, err:%s", p.Key(), err)
-		p.Stats.CounterRuleEvalErrorTotal.WithLabelValues(fmt.Sprintf("%v", p.DatasourceId()), "get_recover_event").Inc()
+		p.Stats.CounterRuleEvalErrorTotal.WithLabelValues(fmt.Sprintf("%v", p.DatasourceId()), "get_recover_event", p.BusiGroupCache.GetNameByBusiGroupId(p.rule.GroupId), fmt.Sprintf("%v", p.rule.Id)).Inc()
 		p.fires = NewAlertCurEventMap(nil)
 		return
 	}

 	fireMap := make(map[string]*models.AlertCurEvent)
+	pendingsUseByRecoverMap := make(map[string]*models.AlertCurEvent)
 	for _, event := range curEvents {
+		alertRule := p.alertRuleCache.Get(event.RuleId)
+		if alertRule == nil {
+			continue
+		}
+		event.NotifyRuleIds = alertRule.NotifyRuleIds
+
 		if event.Cate == models.HOST {
 			target, exists := p.TargetCache.Get(event.TargetIdent)
 			if exists && target.EngineName != p.EngineName && !(p.ctx.IsCenter && target.EngineName == "") {
@@ -497,13 +548,24 @@ func (p *Processor) RecoverAlertCurEventFromDb() {
 		}

 		event.DB2Mem()
+		target, exists := p.TargetCache.Get(event.TargetIdent)
+		if exists {
+			target.GroupNames = p.BusiGroupCache.GetNamesByBusiGroupIds(target.GroupIds)
+			event.Target = target
+		}
+
 		fireMap[event.Hash] = event
+		e := *event
+		pendingsUseByRecoverMap[event.Hash] = &e
 	}

 	p.fires = NewAlertCurEventMap(fireMap)
+
+	// 修改告警规则，或者进程重启之后，需要重新加载 pendingsUseByRecover
+	p.pendingsUseByRecover = NewAlertCurEventMap(pendingsUseByRecoverMap)
 }

-func (p *Processor) fillTags(anomalyPoint common.AnomalyPoint) {
+func (p *Processor) fillTags(anomalyPoint models.AnomalyPoint) {
 	// handle series tags
 	tagsMap := make(map[string]string)
 	for label, value := range anomalyPoint.Labels {
@@ -549,19 +611,19 @@ func (p *Processor) fillTags(anomalyPoint common.AnomalyPoint) {
 	p.tagsArr = labelMapToArr(tagsMap)
 }

-func (p *Processor) mayHandleIdent() {
+func (p *Processor) mayHandleIdent(event *models.AlertCurEvent) {
 	// handle ident
-	if ident, has := p.tagsMap["ident"]; has {
+	if ident, has := event.TagsMap["ident"]; has {
 		if target, exists := p.TargetCache.Get(ident); exists {
-			p.target = target.Ident
-			p.targetNote = target.Note
+			event.TargetIdent = target.Ident
+			event.TargetNote = target.Note
 		} else {
-			p.target = ident
-			p.targetNote = ""
+			event.TargetIdent = ident
+			event.TargetNote = ""
 		}
 	} else {
-		p.target = ""
-		p.targetNote = ""
+		event.TargetIdent = ""
+		event.TargetNote = ""
 	}
 }

@@ -576,6 +638,7 @@ func (p *Processor) mayHandleGroup() {
 func (p *Processor) DeleteProcessEvent(hash string) {
 	p.fires.Delete(hash)
 	p.pendings.Delete(hash)
+	p.pendingsUseByRecover.Delete(hash)
 }

 func labelMapToArr(m map[string]string) []string {
@@ -592,10 +655,10 @@ func labelMapToArr(m map[string]string) []string {
 	return labelStrings
 }

-func Hash(ruleId, datasourceId int64, vector common.AnomalyPoint) string {
+func Hash(ruleId, datasourceId int64, vector models.AnomalyPoint) string {
 	return str.MD5(fmt.Sprintf("%d_%s_%d_%d_%s", ruleId, vector.Labels.String(), datasourceId, vector.Severity, vector.Query))
 }

-func TagHash(vector common.AnomalyPoint) string {
+func TagHash(vector models.AnomalyPoint) string {
 	return str.MD5(vector.Labels.String())
 }
--- a/alert/record/prom_rule.go
+++ b/alert/record/prom_rule.go
@@ -39,7 +39,7 @@ func NewRecordRuleContext(rule *models.RecordingRule, datasourceId int64, promCl
 		rule.CronPattern = fmt.Sprintf("@every %ds", rule.PromEvalInterval)
 	}

-	rrc.scheduler = cron.New(cron.WithSeconds())
+	rrc.scheduler = cron.New(cron.WithSeconds(), cron.WithChain(cron.SkipIfStillRunning(cron.DefaultLogger)))
 	_, err := rrc.scheduler.AddFunc(rule.CronPattern, func() {
 		rrc.Eval()
 	})
@@ -56,11 +56,13 @@ func (rrc *RecordRuleContext) Key() string {
 }

 func (rrc *RecordRuleContext) Hash() string {
-	return str.MD5(fmt.Sprintf("%d_%s_%s_%d",
+	return str.MD5(fmt.Sprintf("%d_%s_%s_%d_%s_%s",
 		rrc.rule.Id,
 		rrc.rule.CronPattern,
 		rrc.rule.PromQl,
 		rrc.datasourceId,
+		rrc.rule.AppendTags,
+		rrc.rule.Name,
 	))
 }

--- a/alert/record/scheduler.go
+++ b/alert/record/scheduler.go
@@ -26,9 +26,11 @@ type Scheduler struct {
 	writers     *writer.WritersType

 	stats *astats.Stats
+
+	datasourceCache *memsto.DatasourceCacheType
 }

-func NewScheduler(aconf aconf.Alert, rrc *memsto.RecordingRuleCacheType, promClients *prom.PromClientMap, writers *writer.WritersType, stats *astats.Stats) *Scheduler {
+func NewScheduler(aconf aconf.Alert, rrc *memsto.RecordingRuleCacheType, promClients *prom.PromClientMap, writers *writer.WritersType, stats *astats.Stats, datasourceCache *memsto.DatasourceCacheType) *Scheduler {
 	scheduler := &Scheduler{
 		aconf:       aconf,
 		recordRules: make(map[string]*RecordRuleContext),
@@ -39,6 +41,8 @@ func NewScheduler(aconf aconf.Alert, rrc *memsto.RecordingRuleCacheType, promCli
 		writers:     writers,

 		stats: stats,
+
+		datasourceCache: datasourceCache,
 	}

 	go scheduler.LoopSyncRules(context.Background())
@@ -67,7 +71,7 @@ func (s *Scheduler) syncRecordRules() {
 			continue
 		}

-		datasourceIds := s.promClients.Hit(rule.DatasourceIdsJson)
+		datasourceIds := s.datasourceCache.GetIDsByDsCateAndQueries("prometheus", rule.DatasourceQueries)
 		for _, dsId := range datasourceIds {
 			if !naming.DatasourceHashRing.IsHit(strconv.FormatInt(dsId, 10), fmt.Sprintf("%d", rule.Id), s.aconf.Heartbeat.Endpoint) {
 				continue
--- a/alert/router/router_event.go
+++ b/alert/router/router_event.go
@@ -6,7 +6,6 @@ import (
 	"strings"
 	"time"

-	"github.com/ccfos/nightingale/v6/alert/common"
 	"github.com/ccfos/nightingale/v6/alert/dispatch"
 	"github.com/ccfos/nightingale/v6/alert/mute"
 	"github.com/ccfos/nightingale/v6/alert/naming"
@@ -34,15 +33,15 @@ func (rt *Router) pushEventToQueue(c *gin.Context) {
 			continue
 		}

-		arr := strings.Split(pair, "=")
+		arr := strings.SplitN(pair, "=", 2)
 		if len(arr) != 2 {
 			continue
 		}

 		event.TagsMap[arr[0]] = arr[1]
 	}
-
-	if mute.EventMuteStrategy(event, rt.AlertMuteCache) {
+	hit, _ :=  mute.EventMuteStrategy(event, rt.AlertMuteCache)
+	if hit {
 		logger.Infof("event_muted: rule_id=%d %s", event.RuleId, event.Hash)
 		ginx.NewRender(c).Message(nil)
 		return
@@ -92,7 +91,7 @@ func (rt *Router) eventPersist(c *gin.Context) {

 type eventForm struct {
 	Alert         bool                  `json:"alert"`
-	AnomalyPoints []common.AnomalyPoint `json:"vectors"`
+	AnomalyPoints []models.AnomalyPoint `json:"vectors"`
 	RuleId        int64                 `json:"rule_id"`
 	DatasourceId  int64                 `json:"datasource_id"`
 	Inhibit       bool                  `json:"inhibit"`
@@ -129,7 +128,7 @@ func (rt *Router) makeEvent(c *gin.Context) {
 		} else {
 			for _, vector := range events[i].AnomalyPoints {
 				readableString := vector.ReadableValue()
-				go ruleWorker.RecoverSingle(process.Hash(events[i].RuleId, events[i].DatasourceId, vector), vector.Timestamp, &readableString)
+				go ruleWorker.RecoverSingle(false, process.Hash(events[i].RuleId, events[i].DatasourceId, vector), vector.Timestamp, &readableString)
 			}
 		}
 	}
--- a/alert/sender/callback.go
+++ b/alert/sender/callback.go
@@ -29,13 +29,14 @@ type (
 		Rule        *models.AlertRule
 		Events      []*models.AlertCurEvent
 		Stats       *astats.Stats
+		BatchSend   bool
 	}

 	DefaultCallBacker struct{}
 )

 func BuildCallBackContext(ctx *ctx.Context, callBackURL string, rule *models.AlertRule, events []*models.AlertCurEvent,
-	uids []int64, userCache *memsto.UserCacheType, stats *astats.Stats) CallBackContext {
+	uids []int64, userCache *memsto.UserCacheType, batchSend bool, stats *astats.Stats) CallBackContext {
 	users := userCache.GetByUserIds(uids)

 	newCallBackUrl, _ := events[0].ParseURL(callBackURL)
@@ -45,6 +46,7 @@ func BuildCallBackContext(ctx *ctx.Context, callBackURL string, rule *models.Ale
 		Rule:        rule,
 		Events:      events,
 		Users:       users,
+		BatchSend:   batchSend,
 		Stats:       stats,
 	}
 }
@@ -112,31 +114,94 @@ func (c *DefaultCallBacker) CallBack(ctx CallBackContext) {

 	event := ctx.Events[0]

-	ctx.Stats.AlertNotifyTotal.WithLabelValues("rule_callback").Inc()
-	resp, code, err := poster.PostJSON(ctx.CallBackURL, 5*time.Second, event, 3)
-	if err != nil {
-		logger.Errorf("event_callback_fail(rule_id=%d url=%s), event:%+v, resp: %s, err: %v, code: %d",
-			event.RuleId, ctx.CallBackURL, event, string(resp), err, code)
-		ctx.Stats.AlertNotifyErrorTotal.WithLabelValues("rule_callback").Inc()
-	} else {
-		logger.Infof("event_callback_succ(rule_id=%d url=%s), event:%+v, resp: %s, code: %d",
-			event.RuleId, ctx.CallBackURL, event, string(resp), code)
+	if ctx.BatchSend {
+		webhookConf := &models.Webhook{
+			Type:          models.RuleCallback,
+			Enable:        true,
+			Url:           ctx.CallBackURL,
+			Timeout:       5,
+			RetryCount:    3,
+			RetryInterval: 10,
+			Batch:         1000,
+		}
+
+		PushCallbackEvent(ctx.Ctx, webhookConf, event, ctx.Stats)
+		return
 	}
+
+	doSendAndRecord(ctx.Ctx, ctx.CallBackURL, ctx.CallBackURL, event, "callback", ctx.Stats, ctx.Events)
 }

-func doSend(url string, body interface{}, channel string, stats *astats.Stats) {
+func doSendAndRecord(ctx *ctx.Context, url, token string, body interface{}, channel string,
+	stats *astats.Stats, events []*models.AlertCurEvent) {
+	res, err := doSend(url, body, channel, stats)
+	NotifyRecord(ctx, events, 0, channel, token, res, err)
+}
+
+func NotifyRecord(ctx *ctx.Context, evts []*models.AlertCurEvent, notifyRuleID int64, channel, target, res string, err error) {
+	// 一个通知可能对应多个 event，都需要记录
+	notis := make([]*models.NotificaitonRecord, 0, len(evts))
+	for _, evt := range evts {
+		noti := models.NewNotificationRecord(evt, notifyRuleID, channel, target)
+		if err != nil {
+			noti.SetStatus(models.NotiStatusFailure)
+			noti.SetDetails(err.Error())
+		} else if res != "" {
+			noti.SetDetails(string(res))
+		}
+		notis = append(notis, noti)
+	}
+
+	if !ctx.IsCenter {
+		err := poster.PostByUrls(ctx, "/v1/n9e/notify-record", notis)
+		if err != nil {
+			logger.Errorf("add notis:%v failed, err: %v", notis, err)
+		}
+		return
+	}
+
+	PushNotifyRecords(notis)
+}
+
+func doSend(url string, body interface{}, channel string, stats *astats.Stats) (string, error) {
 	stats.AlertNotifyTotal.WithLabelValues(channel).Inc()

 	res, code, err := poster.PostJSON(url, time.Second*5, body, 3)
 	if err != nil {
 		logger.Errorf("%s_sender: result=fail url=%s code=%d error=%v req:%v response=%s", channel, url, code, err, body, string(res))
 		stats.AlertNotifyErrorTotal.WithLabelValues(channel).Inc()
-	} else {
-		logger.Infof("%s_sender: result=succ url=%s code=%d req:%v response=%s", channel, url, code, body, string(res))
+		return "", err
 	}
+
+	logger.Infof("%s_sender: result=succ url=%s code=%d req:%v response=%s", channel, url, code, body, string(res))
+	return string(res), nil
 }

 type TaskCreateReply struct {
 	Err string `json:"err"`
 	Dat int64  `json:"dat"` // task.id
 }
+
+func PushCallbackEvent(ctx *ctx.Context, webhook *models.Webhook, event *models.AlertCurEvent, stats *astats.Stats) {
+	CallbackEventQueueLock.RLock()
+	queue := CallbackEventQueue[webhook.Url]
+	CallbackEventQueueLock.RUnlock()
+
+	if queue == nil {
+		queue = &WebhookQueue{
+			eventQueue: NewSafeEventQueue(QueueMaxSize),
+			closeCh:    make(chan struct{}),
+		}
+
+		CallbackEventQueueLock.Lock()
+		CallbackEventQueue[webhook.Url] = queue
+		CallbackEventQueueLock.Unlock()
+
+		StartConsumer(ctx, queue, webhook.Batch, webhook, stats)
+	}
+
+	succ := queue.eventQueue.Push(event)
+	if !succ {
+		logger.Warningf("Write channel(%s) full, current channel size: %d event:%v", webhook.Url, queue.eventQueue.Len(), event)
+	}
+}
--- a/alert/sender/dingtalk.go
+++ b/alert/sender/dingtalk.go
@@ -1,9 +1,10 @@
 package sender

 import (
-	"github.com/ccfos/nightingale/v6/models"
 	"html/template"
 	"strings"
+
+	"github.com/ccfos/nightingale/v6/models"
 )

 type dingtalkMarkdown struct {
@@ -35,13 +36,13 @@ func (ds *DingtalkSender) Send(ctx MessageContext) {
 		return
 	}

-	urls, ats := ds.extract(ctx.Users)
+	urls, ats, tokens := ds.extract(ctx.Users)
 	if len(urls) == 0 {
 		return
 	}
 	message := BuildTplMessage(models.Dingtalk, ds.tpl, ctx.Events)

-	for _, url := range urls {
+	for i, url := range urls {
 		var body dingtalk
 		// NoAt in url
 		if strings.Contains(url, "noat=1") {
@@ -66,7 +67,7 @@ func (ds *DingtalkSender) Send(ctx MessageContext) {
 			}
 		}

-		doSend(url, body, models.Dingtalk, ctx.Stats)
+		doSendAndRecord(ctx.Ctx, url, tokens[i], body, models.Dingtalk, ctx.Stats, ctx.Events)
 	}
 }

@@ -96,15 +97,14 @@ func (ds *DingtalkSender) CallBack(ctx CallBackContext) {
 		body.Markdown.Text = message
 	}

-	doSend(ctx.CallBackURL, body, models.Dingtalk, ctx.Stats)
-
-	ctx.Stats.AlertNotifyTotal.WithLabelValues("rule_callback").Inc()
+	doSendAndRecord(ctx.Ctx, ctx.CallBackURL, ctx.CallBackURL, body, "callback", ctx.Stats, ctx.Events)
 }

 // extract urls and ats from Users
-func (ds *DingtalkSender) extract(users []*models.User) ([]string, []string) {
+func (ds *DingtalkSender) extract(users []*models.User) ([]string, []string, []string) {
 	urls := make([]string, 0, len(users))
 	ats := make([]string, 0, len(users))
+	tokens := make([]string, 0, len(users))

 	for _, user := range users {
 		if user.Phone != "" {
@@ -116,7 +116,8 @@ func (ds *DingtalkSender) extract(users []*models.User) ([]string, []string) {
 				url = "https://oapi.dingtalk.com/robot/send?access_token=" + token
 			}
 			urls = append(urls, url)
+			tokens = append(tokens, token)
 		}
 	}
-	return urls, ats
+	return urls, ats, tokens
 }
--- a/alert/sender/email.go
+++ b/alert/sender/email.go
@@ -9,13 +9,14 @@ import (
 	"github.com/ccfos/nightingale/v6/alert/aconf"
 	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"

 	"github.com/toolkits/pkg/logger"

 	"gopkg.in/gomail.v2"
 )

-var mailch chan *gomail.Message
+var mailch chan *EmailContext

 type EmailSender struct {
 	subjectTpl *template.Template
@@ -23,6 +24,11 @@ type EmailSender struct {
 	smtp       aconf.SMTPConfig
 }

+type EmailContext struct {
+	events []*models.AlertCurEvent
+	mail   *gomail.Message
+}
+
 func (es *EmailSender) Send(ctx MessageContext) {
 	if len(ctx.Users) == 0 || len(ctx.Events) == 0 {
 		return
@@ -36,7 +42,7 @@ func (es *EmailSender) Send(ctx MessageContext) {
 		subject = ctx.Events[0].RuleName
 	}
 	content := BuildTplMessage(models.Email, es.contentTpl, ctx.Events)
-	es.WriteEmail(subject, content, tos)
+	es.WriteEmail(subject, content, tos, ctx.Events)

 	ctx.Stats.AlertNotifyTotal.WithLabelValues(models.Email).Add(float64(len(tos)))
 }
@@ -73,7 +79,7 @@ func SendEmail(subject, content string, tos []string, stmp aconf.SMTPConfig) err
 	return nil
 }

-func (es *EmailSender) WriteEmail(subject, content string, tos []string) {
+func (es *EmailSender) WriteEmail(subject, content string, tos []string, events []*models.AlertCurEvent) {
 	m := gomail.NewMessage()

 	m.SetHeader("From", es.smtp.From)
@@ -81,7 +87,7 @@ func (es *EmailSender) WriteEmail(subject, content string, tos []string) {
 	m.SetHeader("Subject", subject)
 	m.SetBody("text/html", content)

-	mailch <- m
+	mailch <- &EmailContext{events, m}
 }

 func dialSmtp(d *gomail.Dialer) gomail.SendCloser {
@@ -104,22 +110,22 @@ func dialSmtp(d *gomail.Dialer) gomail.SendCloser {

 var mailQuit = make(chan struct{})

-func RestartEmailSender(smtp aconf.SMTPConfig) {
+func RestartEmailSender(ctx *ctx.Context, smtp aconf.SMTPConfig) {
 	// Notify internal start exit
 	mailQuit <- struct{}{}
-	startEmailSender(smtp)
+	startEmailSender(ctx, smtp)
 }

 var smtpConfig aconf.SMTPConfig

-func InitEmailSender(ncc *memsto.NotifyConfigCacheType) {
-	mailch = make(chan *gomail.Message, 100000)
-	go updateSmtp(ncc)
+func InitEmailSender(ctx *ctx.Context, ncc *memsto.NotifyConfigCacheType) {
+	mailch = make(chan *EmailContext, 100000)
+	go updateSmtp(ctx, ncc)
 	smtpConfig = ncc.GetSMTP()
-	startEmailSender(smtpConfig)
+	go startEmailSender(ctx, smtpConfig)
 }

-func updateSmtp(ncc *memsto.NotifyConfigCacheType) {
+func updateSmtp(ctx *ctx.Context, ncc *memsto.NotifyConfigCacheType) {
 	for {
 		time.Sleep(1 * time.Minute)
 		smtp := ncc.GetSMTP()
@@ -127,15 +133,16 @@ func updateSmtp(ncc *memsto.NotifyConfigCacheType) {
 			smtpConfig.Pass != smtp.Pass || smtpConfig.User != smtp.User || smtpConfig.Port != smtp.Port ||
 			smtpConfig.InsecureSkipVerify != smtp.InsecureSkipVerify { //diff
 			smtpConfig = smtp
-			RestartEmailSender(smtp)
+			RestartEmailSender(ctx, smtp)
 		}
 	}
 }

-func startEmailSender(smtp aconf.SMTPConfig) {
+func startEmailSender(ctx *ctx.Context, smtp aconf.SMTPConfig) {
 	conf := smtp
 	if conf.Host == "" || conf.Port == 0 {
 		logger.Warning("SMTP configurations invalid")
+		<-mailQuit
 		return
 	}
 	logger.Infof("start email sender... conf.Host:%+v,conf.Port:%+v", conf.Host, conf.Port)
@@ -167,7 +174,8 @@ func startEmailSender(smtp aconf.SMTPConfig) {
 				}
 				open = true
 			}
-			if err := gomail.Send(s, m); err != nil {
+			var err error
+			if err = gomail.Send(s, m.mail); err != nil {
 				logger.Errorf("email_sender: failed to send: %s", err)

 				// close and retry
@@ -184,11 +192,20 @@ func startEmailSender(smtp aconf.SMTPConfig) {
 				}
 				open = true

-				if err := gomail.Send(s, m); err != nil {
+				if err = gomail.Send(s, m.mail); err != nil {
 					logger.Errorf("email_sender: failed to retry send: %s", err)
 				}
 			} else {
-				logger.Infof("email_sender: result=succ subject=%v to=%v", m.GetHeader("Subject"), m.GetHeader("To"))
+				logger.Infof("email_sender: result=succ subject=%v to=%v",
+					m.mail.GetHeader("Subject"), m.mail.GetHeader("To"))
+			}
+
+			for _, to := range m.mail.GetHeader("To") {
+				msg := ""
+				if err == nil {
+					msg = "ok"
+				}
+				NotifyRecord(ctx, m.events, 0, models.Email, to, msg, err)
 			}

 			size++
--- a/alert/sender/feishu.go
+++ b/alert/sender/feishu.go
@@ -54,17 +54,16 @@ func (fs *FeishuSender) CallBack(ctx CallBackContext) {
 		},
 	}

-	doSend(ctx.CallBackURL, body, models.Feishu, ctx.Stats)
-	ctx.Stats.AlertNotifyTotal.WithLabelValues("rule_callback").Inc()
+	doSendAndRecord(ctx.Ctx, ctx.CallBackURL, ctx.CallBackURL, body, "callback", ctx.Stats, ctx.Events)
 }

 func (fs *FeishuSender) Send(ctx MessageContext) {
 	if len(ctx.Users) == 0 || len(ctx.Events) == 0 {
 		return
 	}
-	urls, ats := fs.extract(ctx.Users)
+	urls, ats, tokens := fs.extract(ctx.Users)
 	message := BuildTplMessage(models.Feishu, fs.tpl, ctx.Events)
-	for _, url := range urls {
+	for i, url := range urls {
 		body := feishu{
 			Msgtype: "text",
 			Content: feishuContent{
@@ -77,13 +76,14 @@ func (fs *FeishuSender) Send(ctx MessageContext) {
 				IsAtAll:   false,
 			}
 		}
-		doSend(url, body, models.Feishu, ctx.Stats)
+		doSendAndRecord(ctx.Ctx, url, tokens[i], body, models.Feishu, ctx.Stats, ctx.Events)
 	}
 }

-func (fs *FeishuSender) extract(users []*models.User) ([]string, []string) {
+func (fs *FeishuSender) extract(users []*models.User) ([]string, []string, []string) {
 	urls := make([]string, 0, len(users))
 	ats := make([]string, 0, len(users))
+	tokens := make([]string, 0, len(users))

 	for _, user := range users {
 		if user.Phone != "" {
@@ -95,7 +95,8 @@ func (fs *FeishuSender) extract(users []*models.User) ([]string, []string) {
 				url = "https://open.feishu.cn/open-apis/bot/v2/hook/" + token
 			}
 			urls = append(urls, url)
+			tokens = append(tokens, token)
 		}
 	}
-	return urls, ats
+	return urls, ats, tokens
 }
--- a/alert/sender/feishucard.go
+++ b/alert/sender/feishucard.go
@@ -56,8 +56,8 @@ const (
 	Triggered = "triggered"
 )

-var (
-	body = feishuCard{
+func createFeishuCardBody() feishuCard {
+	return feishuCard{
 		feishu: feishu{Msgtype: "interactive"},
 		Card: Cards{
 			Config: Conf{
@@ -90,7 +90,7 @@ var (
 			},
 		},
 	}
-)
+}

 func (fs *FeishuCardSender) CallBack(ctx CallBackContext) {
 	if len(ctx.Events) == 0 || len(ctx.CallBackURL) == 0 {
@@ -121,6 +121,7 @@ func (fs *FeishuCardSender) CallBack(ctx CallBackContext) {
 	}

 	SendTitle := fmt.Sprintf("🔔 %s", ctx.Events[0].RuleName)
+	body := createFeishuCardBody()
 	body.Card.Header.Title.Content = SendTitle
 	body.Card.Header.Template = color
 	body.Card.Elements[0].Text.Content = message
@@ -134,14 +135,14 @@ func (fs *FeishuCardSender) CallBack(ctx CallBackContext) {
 	}
 	parsedURL.RawQuery = ""

-	doSend(parsedURL.String(), body, models.FeishuCard, ctx.Stats)
+	doSendAndRecord(ctx.Ctx, parsedURL.String(), parsedURL.String(), body, "callback", ctx.Stats, ctx.Events)
 }

 func (fs *FeishuCardSender) Send(ctx MessageContext) {
 	if len(ctx.Users) == 0 || len(ctx.Events) == 0 {
 		return
 	}
-	urls, _ := fs.extract(ctx.Users)
+	urls, tokens := fs.extract(ctx.Users)
 	message := BuildTplMessage(models.FeishuCard, fs.tpl, ctx.Events)
 	color := "red"
 	lowerUnicode := strings.ToLower(message)
@@ -152,18 +153,19 @@ func (fs *FeishuCardSender) Send(ctx MessageContext) {
 	}

 	SendTitle := fmt.Sprintf("🔔 %s", ctx.Events[0].RuleName)
+	body := createFeishuCardBody()
 	body.Card.Header.Title.Content = SendTitle
 	body.Card.Header.Template = color
 	body.Card.Elements[0].Text.Content = message
 	body.Card.Elements[2].Elements[0].Content = SendTitle
-	for _, url := range urls {
-		doSend(url, body, models.FeishuCard, ctx.Stats)
+	for i, url := range urls {
+		doSendAndRecord(ctx.Ctx, url, tokens[i], body, models.FeishuCard, ctx.Stats, ctx.Events)
 	}
 }

 func (fs *FeishuCardSender) extract(users []*models.User) ([]string, []string) {
 	urls := make([]string, 0, len(users))
-	ats := make([]string, 0)
+	tokens := make([]string, 0, len(users))
 	for i := range users {
 		if token, has := users[i].ExtractToken(models.FeishuCard); has {
 			url := token
@@ -171,7 +173,8 @@ func (fs *FeishuCardSender) extract(users []*models.User) ([]string, []string) {
 				url = "https://open.feishu.cn/open-apis/bot/v2/hook/" + strings.TrimSpace(token)
 			}
 			urls = append(urls, url)
+			tokens = append(tokens, token)
 		}
 	}
-	return urls, ats
+	return urls, tokens
 }
--- a/alert/sender/ibex.go
+++ b/alert/sender/ibex.go
@@ -30,12 +30,14 @@ type IbexCallBacker struct {

 func (c *IbexCallBacker) CallBack(ctx CallBackContext) {
 	if len(ctx.CallBackURL) == 0 || len(ctx.Events) == 0 {
+		logger.Warningf("event_callback_ibex: url or events is empty, url: %s, events: %+v", ctx.CallBackURL, ctx.Events)
 		return
 	}

 	event := ctx.Events[0]

 	if event.IsRecovered {
+		logger.Infof("event_callback_ibex: event is recovered, event: %+v", event)
 		return
 	}

@@ -43,8 +45,9 @@ func (c *IbexCallBacker) CallBack(ctx CallBackContext) {
 }

 func (c *IbexCallBacker) handleIbex(ctx *ctx.Context, url string, event *models.AlertCurEvent) {
+	logger.Infof("event_callback_ibex: url: %s, event: %+v", url, event)
 	if imodels.DB() == nil && ctx.IsCenter {
-		logger.Warning("event_callback_ibex: db is nil")
+		logger.Warningf("event_callback_ibex: db is nil, event: %+v", event)
 		return
 	}

@@ -63,36 +66,49 @@ func (c *IbexCallBacker) handleIbex(ctx *ctx.Context, url string, event *models.

 	id, err := strconv.ParseInt(idstr, 10, 64)
 	if err != nil {
-		logger.Errorf("event_callback_ibex: failed to parse url: %s", url)
+		logger.Errorf("event_callback_ibex: failed to parse url: %s event: %+v", url, event)
 		return
 	}

 	if host == "" {
 		// 用户在callback url中没有传入host，就从event中解析
 		host = event.TargetIdent
+
+		if host == "" {
+			if ident, has := event.TagsMap["ident"]; has {
+				host = ident
+			}
+		}
 	}

 	if host == "" {
-		logger.Error("event_callback_ibex: failed to get host")
+		logger.Errorf("event_callback_ibex: failed to get host, id: %d, event: %+v", id, event)
 		return
 	}

-	tpl := c.taskTplCache.Get(id)
+	CallIbex(ctx, id, host, c.taskTplCache, c.targetCache, c.userCache, event)
+}
+
+func CallIbex(ctx *ctx.Context, id int64, host string,
+	taskTplCache *memsto.TaskTplCache, targetCache *memsto.TargetCacheType,
+	userCache *memsto.UserCacheType, event *models.AlertCurEvent) {
+	logger.Infof("event_callback_ibex: id: %d, host: %s, event: %+v", id, host, event)
+
+	tpl := taskTplCache.Get(id)
 	if tpl == nil {
-		logger.Errorf("event_callback_ibex: no such tpl(%d)", id)
+		logger.Errorf("event_callback_ibex: no such tpl(%d), event: %+v", id, event)
 		return
 	}
-
 	// check perm
 	// tpl.GroupId - host - account 三元组校验权限
-	can, err := canDoIbex(tpl.UpdateBy, tpl, host, c.targetCache, c.userCache)
+	can, err := canDoIbex(tpl.UpdateBy, tpl, host, targetCache, userCache)
 	if err != nil {
-		logger.Errorf("event_callback_ibex: check perm fail: %v", err)
+		logger.Errorf("event_callback_ibex: check perm fail: %v, event: %+v", err, event)
 		return
 	}

 	if !can {
-		logger.Errorf("event_callback_ibex: user(%s) no permission", tpl.UpdateBy)
+		logger.Errorf("event_callback_ibex: user(%s) no permission, event: %+v", tpl.UpdateBy, event)
 		return
 	}

@@ -103,7 +119,7 @@ func (c *IbexCallBacker) handleIbex(ctx *ctx.Context, url string, event *models.
 			continue
 		}

-		arr := strings.Split(pair, "=")
+		arr := strings.SplitN(pair, "=", 2)
 		if len(arr) != 2 {
 			continue
 		}
@@ -113,10 +129,11 @@ func (c *IbexCallBacker) handleIbex(ctx *ctx.Context, url string, event *models.
 	// 附加告警级别  告警触发值标签
 	tagsMap["alert_severity"] = strconv.Itoa(event.Severity)
 	tagsMap["alert_trigger_value"] = event.TriggerValue
+	tagsMap["is_recovered"] = strconv.FormatBool(event.IsRecovered)

 	tags, err := json.Marshal(tagsMap)
 	if err != nil {
-		logger.Errorf("event_callback_ibex: failed to marshal tags to json: %v", tagsMap)
+		logger.Errorf("event_callback_ibex: failed to marshal tags to json: %v, event: %+v", tagsMap, event)
 		return
 	}

@@ -139,7 +156,7 @@ func (c *IbexCallBacker) handleIbex(ctx *ctx.Context, url string, event *models.

 	id, err = TaskAdd(in, tpl.UpdateBy, ctx.IsCenter)
 	if err != nil {
-		logger.Errorf("event_callback_ibex: call ibex fail: %v", err)
+		logger.Errorf("event_callback_ibex: call ibex fail: %v, event: %+v", err, event)
 		return
 	}

@@ -161,7 +178,7 @@ func (c *IbexCallBacker) handleIbex(ctx *ctx.Context, url string, event *models.
 	}

 	if err = record.Add(ctx); err != nil {
-		logger.Errorf("event_callback_ibex: persist task_record fail: %v", err)
+		logger.Errorf("event_callback_ibex: persist task_record fail: %v, event: %+v", err, event)
 	}
 }

@@ -176,10 +193,15 @@ func canDoIbex(username string, tpl *models.TaskTpl, host string, targetCache *m
 		return false, nil
 	}

-	return target.GroupId == tpl.GroupId, nil
+	return target.MatchGroupId(tpl.GroupId), nil
 }

 func TaskAdd(f models.TaskForm, authUser string, isCenter bool) (int64, error) {
+	if storage.Cache == nil {
+		logger.Warningf("event_callback_ibex: redis cache is nil, task: %+v", f)
+		return 0, fmt.Errorf("redis cache is nil")
+	}
+
 	hosts := cleanHosts(f.Hosts)
 	if len(hosts) == 0 {
 		return 0, fmt.Errorf("arg(hosts) empty")
--- a/alert/sender/lark.go
+++ b/alert/sender/lark.go
@@ -27,29 +27,29 @@ func (lk *LarkSender) CallBack(ctx CallBackContext) {
 		},
 	}

-	doSend(ctx.CallBackURL, body, models.Lark, ctx.Stats)
-	ctx.Stats.AlertNotifyTotal.WithLabelValues("rule_callback").Inc()
+	doSendAndRecord(ctx.Ctx, ctx.CallBackURL, ctx.CallBackURL, body, "callback", ctx.Stats, ctx.Events)
 }

 func (lk *LarkSender) Send(ctx MessageContext) {
 	if len(ctx.Users) == 0 || len(ctx.Events) == 0 {
 		return
 	}
-	urls := lk.extract(ctx.Users)
+	urls, tokens := lk.extract(ctx.Users)
 	message := BuildTplMessage(models.Lark, lk.tpl, ctx.Events)
-	for _, url := range urls {
+	for i, url := range urls {
 		body := feishu{
 			Msgtype: "text",
 			Content: feishuContent{
 				Text: message,
 			},
 		}
-		doSend(url, body, models.Lark, ctx.Stats)
+		doSendAndRecord(ctx.Ctx, url, tokens[i], body, models.Lark, ctx.Stats, ctx.Events)
 	}
 }

-func (lk *LarkSender) extract(users []*models.User) []string {
+func (lk *LarkSender) extract(users []*models.User) ([]string, []string) {
 	urls := make([]string, 0, len(users))
+	tokens := make([]string, 0, len(users))

 	for _, user := range users {
 		if token, has := user.ExtractToken(models.Lark); has {
@@ -58,7 +58,8 @@ func (lk *LarkSender) extract(users []*models.User) []string {
 				url = "https://open.larksuite.com/open-apis/bot/v2/hook/" + token
 			}
 			urls = append(urls, url)
+			tokens = append(tokens, token)
 		}
 	}
-	return urls
+	return urls, tokens
 }
--- a/alert/sender/larkcard.go
+++ b/alert/sender/larkcard.go
@@ -42,6 +42,7 @@ func (fs *LarkCardSender) CallBack(ctx CallBackContext) {
 	}

 	SendTitle := fmt.Sprintf("🔔 %s", ctx.Events[0].RuleName)
+	body := createFeishuCardBody()
 	body.Card.Header.Title.Content = SendTitle
 	body.Card.Header.Template = color
 	body.Card.Elements[0].Text.Content = message
@@ -55,14 +56,14 @@ func (fs *LarkCardSender) CallBack(ctx CallBackContext) {
 	}
 	parsedURL.RawQuery = ""

-	doSend(parsedURL.String(), body, models.LarkCard, ctx.Stats)
+	doSendAndRecord(ctx.Ctx, ctx.CallBackURL, ctx.CallBackURL, body, "callback", ctx.Stats, ctx.Events)
 }

 func (fs *LarkCardSender) Send(ctx MessageContext) {
 	if len(ctx.Users) == 0 || len(ctx.Events) == 0 {
 		return
 	}
-	urls, _ := fs.extract(ctx.Users)
+	urls, tokens := fs.extract(ctx.Users)
 	message := BuildTplMessage(models.LarkCard, fs.tpl, ctx.Events)
 	color := "red"
 	lowerUnicode := strings.ToLower(message)
@@ -73,18 +74,19 @@ func (fs *LarkCardSender) Send(ctx MessageContext) {
 	}

 	SendTitle := fmt.Sprintf("🔔 %s", ctx.Events[0].RuleName)
+	body := createFeishuCardBody()
 	body.Card.Header.Title.Content = SendTitle
 	body.Card.Header.Template = color
 	body.Card.Elements[0].Text.Content = message
 	body.Card.Elements[2].Elements[0].Content = SendTitle
-	for _, url := range urls {
-		doSend(url, body, models.LarkCard, ctx.Stats)
+	for i, url := range urls {
+		doSendAndRecord(ctx.Ctx, url, tokens[i], body, models.LarkCard, ctx.Stats, ctx.Events)
 	}
 }

 func (fs *LarkCardSender) extract(users []*models.User) ([]string, []string) {
 	urls := make([]string, 0, len(users))
-	ats := make([]string, 0)
+	tokens := make([]string, 0)
 	for i := range users {
 		if token, has := users[i].ExtractToken(models.Lark); has {
 			url := token
@@ -92,7 +94,8 @@ func (fs *LarkCardSender) extract(users []*models.User) ([]string, []string) {
 				url = "https://open.larksuite.com/open-apis/bot/v2/hook/" + strings.TrimSpace(token)
 			}
 			urls = append(urls, url)
+			tokens = append(tokens, token)
 		}
 	}
-	return urls, ats
+	return urls, tokens
 }
--- a/alert/sender/mm.go
+++ b/alert/sender/mm.go
@@ -7,6 +7,7 @@ import (

 	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"

 	"github.com/toolkits/pkg/logger"
 )
@@ -38,11 +39,11 @@ func (ms *MmSender) Send(ctx MessageContext) {
 	}
 	message := BuildTplMessage(models.Mm, ms.tpl, ctx.Events)

-	SendMM(MatterMostMessage{
+	SendMM(ctx.Ctx, MatterMostMessage{
 		Text:   message,
 		Tokens: urls,
 		Stats:  ctx.Stats,
-	})
+	}, ctx.Events, models.Mm)
 }

 func (ms *MmSender) CallBack(ctx CallBackContext) {
@@ -51,13 +52,11 @@ func (ms *MmSender) CallBack(ctx CallBackContext) {
 	}
 	message := BuildTplMessage(models.Mm, ms.tpl, ctx.Events)

-	SendMM(MatterMostMessage{
+	SendMM(ctx.Ctx, MatterMostMessage{
 		Text:   message,
 		Tokens: []string{ctx.CallBackURL},
 		Stats:  ctx.Stats,
-	})
-
-	ctx.Stats.AlertNotifyTotal.WithLabelValues("rule_callback").Inc()
+	}, ctx.Events, "callback")
 }

 func (ms *MmSender) extract(users []*models.User) []string {
@@ -70,11 +69,12 @@ func (ms *MmSender) extract(users []*models.User) []string {
 	return tokens
 }

-func SendMM(message MatterMostMessage) {
+func SendMM(ctx *ctx.Context, message MatterMostMessage, events []*models.AlertCurEvent, channel string) {
 	for i := 0; i < len(message.Tokens); i++ {
 		u, err := url.Parse(message.Tokens[i])
 		if err != nil {
 			logger.Errorf("mm_sender: failed to parse error=%v", err)
+			NotifyRecord(ctx, events, 0, channel, message.Tokens[i], "", err)
 			continue
 		}

@@ -103,7 +103,7 @@ func SendMM(message MatterMostMessage) {
 				Username: username,
 				Text:     txt + message.Text,
 			}
-			doSend(ur, body, models.Mm, message.Stats)
+			doSendAndRecord(ctx, ur, message.Tokens[i], body, channel, message.Stats, events)
 		}
 	}
 }
--- a/alert/sender/notify_record_queue.go
+++ b/alert/sender/notify_record_queue.go
@@ -0,0 +1,75 @@
+package sender
+
+import (
+	"errors"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/alert/astats"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/toolkits/pkg/container/list"
+	"github.com/toolkits/pkg/logger"
+)
+
+// 通知记录队列，最大长度 1000000
+var NotifyRecordQueue = list.NewSafeListLimited(1000000)
+
+// 每秒上报通知记录队列大小
+func ReportNotifyRecordQueueSize(stats *astats.Stats) {
+	for {
+		time.Sleep(time.Second)
+		stats.GaugeNotifyRecordQueueSize.Set(float64(NotifyRecordQueue.Len()))
+	}
+}
+
+// 推送通知记录到队列
+// 若队列满 则返回 error
+func PushNotifyRecords(records []*models.NotificaitonRecord) error {
+	for _, record := range records {
+		if ok := NotifyRecordQueue.PushFront(record); !ok {
+			logger.Warningf("notify record queue is full, record: %+v", record)
+			return errors.New("notify record queue is full")
+		}
+	}
+
+	return nil
+}
+
+type NotifyRecordConsumer struct {
+	ctx *ctx.Context
+}
+
+func NewNotifyRecordConsumer(ctx *ctx.Context) *NotifyRecordConsumer {
+	return &NotifyRecordConsumer{
+		ctx: ctx,
+	}
+}
+
+// 消费通知记录队列 每 100ms 检测一次队列是否为空
+func (c *NotifyRecordConsumer) LoopConsume() {
+	duration := time.Duration(100) * time.Millisecond
+	for {
+		// 无论队列是否为空 都需要等待
+		time.Sleep(duration)
+
+		inotis := NotifyRecordQueue.PopBackBy(100)
+
+		if len(inotis) == 0 {
+			continue
+		}
+
+		// 类型转换，不然 CreateInBatches 会报错
+		notis := make([]*models.NotificaitonRecord, 0, len(inotis))
+		for _, inoti := range inotis {
+			notis = append(notis, inoti.(*models.NotificaitonRecord))
+		}
+
+		c.consume(notis)
+	}
+}
+
+func (c *NotifyRecordConsumer) consume(notis []*models.NotificaitonRecord) {
+	if err := models.DB(c.ctx).CreateInBatches(notis, 100).Error; err != nil {
+		logger.Errorf("add notis:%v failed, err: %v", notis, err)
+	}
+}
--- a/alert/sender/plugin.go
+++ b/alert/sender/plugin.go
@@ -2,26 +2,31 @@ package sender

 import (
 	"bytes"
+	"fmt"
 	"os"
 	"os/exec"
 	"time"
+	"unicode/utf8"

 	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"

 	"github.com/toolkits/pkg/file"
 	"github.com/toolkits/pkg/logger"
 	"github.com/toolkits/pkg/sys"
 )

-func MayPluginNotify(noticeBytes []byte, notifyScript models.NotifyScript, stats *astats.Stats) {
+func MayPluginNotify(ctx *ctx.Context, noticeBytes []byte, notifyScript models.NotifyScript,
+	stats *astats.Stats, event *models.AlertCurEvent) {
 	if len(noticeBytes) == 0 {
 		return
 	}
-	alertingCallScript(noticeBytes, notifyScript, stats)
+	alertingCallScript(ctx, noticeBytes, notifyScript, stats, event)
 }

-func alertingCallScript(stdinBytes []byte, notifyScript models.NotifyScript, stats *astats.Stats) {
+func alertingCallScript(ctx *ctx.Context, stdinBytes []byte, notifyScript models.NotifyScript,
+	stats *astats.Stats, event *models.AlertCurEvent) {
 	// not enable or no notify.py? do nothing
 	config := notifyScript
 	if !config.Enable || config.Content == "" {
@@ -82,6 +87,25 @@ func alertingCallScript(stdinBytes []byte, notifyScript models.NotifyScript, sta

 	err, isTimeout := sys.WrapTimeout(cmd, time.Duration(config.Timeout)*time.Second)

+	res := buf.String()
+
+	// 截断超出长度的输出
+	if len(res) > 512 {
+		// 确保在有效的UTF-8字符边界处截断
+		validLen := 0
+		for i := 0; i < 512 && i < len(res); {
+			_, size := utf8.DecodeRuneInString(res[i:])
+			if i+size > 512 {
+				break
+			}
+			i += size
+			validLen = i
+		}
+		res = res[:validLen] + "..."
+	}
+
+	NotifyRecord(ctx, []*models.AlertCurEvent{event}, 0, channel, cmd.String(), res, buildErr(err, isTimeout))
+
 	if isTimeout {
 		if err == nil {
 			logger.Errorf("event_script_notify_fail: timeout and killed process %s", fpath)
@@ -95,10 +119,18 @@ func alertingCallScript(stdinBytes []byte, notifyScript models.NotifyScript, sta
 	}

 	if err != nil {
-		logger.Errorf("event_script_notify_fail: exec script %s occur error: %v, output: %s", fpath, err, buf.String())
+		logger.Errorf("event_script_notify_fail: exec script %s occur error: %v, output: %s", fpath, err, res)
 		stats.AlertNotifyErrorTotal.WithLabelValues(channel).Inc()
 		return
 	}

-	logger.Infof("event_script_notify_ok: exec %s output: %s", fpath, buf.String())
+	logger.Infof("event_script_notify_ok: exec %s output: %s", fpath, res)
+}
+
+func buildErr(err error, isTimeout bool) error {
+	if err == nil && !isTimeout {
+		return nil
+	} else {
+		return fmt.Errorf("is_timeout: %v, err: %v", isTimeout, err)
+	}
 }
--- a/alert/sender/sender.go
+++ b/alert/sender/sender.go
@@ -8,6 +8,7 @@ import (
 	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
 )

 type (
@@ -22,6 +23,7 @@ type (
 		Rule   *models.AlertRule
 		Events []*models.AlertCurEvent
 		Stats  *astats.Stats
+		Ctx    *ctx.Context
 	}
 )

@@ -49,13 +51,15 @@ func NewSender(key string, tpls map[string]*template.Template, smtp ...aconf.SMT
 	return nil
 }

-func BuildMessageContext(rule *models.AlertRule, events []*models.AlertCurEvent, uids []int64, userCache *memsto.UserCacheType, stats *astats.Stats) MessageContext {
+func BuildMessageContext(ctx *ctx.Context, rule *models.AlertRule, events []*models.AlertCurEvent,
+	uids []int64, userCache *memsto.UserCacheType, stats *astats.Stats) MessageContext {
 	users := userCache.GetByUserIds(uids)
 	return MessageContext{
 		Rule:   rule,
 		Events: events,
 		Users:  users,
 		Stats:  stats,
+		Ctx:    ctx,
 	}
 }

--- a/alert/sender/telegram.go
+++ b/alert/sender/telegram.go
@@ -1,11 +1,13 @@
 package sender

 import (
+	"errors"
 	"html/template"
 	"strings"

 	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"

 	"github.com/toolkits/pkg/logger"
 )
@@ -35,13 +37,11 @@ func (ts *TelegramSender) CallBack(ctx CallBackContext) {
 	}

 	message := BuildTplMessage(models.Telegram, ts.tpl, ctx.Events)
-	SendTelegram(TelegramMessage{
+	SendTelegram(ctx.Ctx, TelegramMessage{
 		Text:   message,
 		Tokens: []string{ctx.CallBackURL},
 		Stats:  ctx.Stats,
-	})
-
-	ctx.Stats.AlertNotifyTotal.WithLabelValues("rule_callback").Inc()
+	}, ctx.Events, "callback")
 }

 func (ts *TelegramSender) Send(ctx MessageContext) {
@@ -51,11 +51,11 @@ func (ts *TelegramSender) Send(ctx MessageContext) {
 	tokens := ts.extract(ctx.Users)
 	message := BuildTplMessage(models.Telegram, ts.tpl, ctx.Events)

-	SendTelegram(TelegramMessage{
+	SendTelegram(ctx.Ctx, TelegramMessage{
 		Text:   message,
 		Tokens: tokens,
 		Stats:  ctx.Stats,
-	})
+	}, ctx.Events, models.Telegram)
 }

 func (ts *TelegramSender) extract(users []*models.User) []string {
@@ -68,10 +68,11 @@ func (ts *TelegramSender) extract(users []*models.User) []string {
 	return tokens
 }

-func SendTelegram(message TelegramMessage) {
+func SendTelegram(ctx *ctx.Context, message TelegramMessage, events []*models.AlertCurEvent, channel string) {
 	for i := 0; i < len(message.Tokens); i++ {
 		if !strings.Contains(message.Tokens[i], "/") && !strings.HasPrefix(message.Tokens[i], "https://") {
 			logger.Errorf("telegram_sender: result=fail invalid token=%s", message.Tokens[i])
+			NotifyRecord(ctx, events, 0, channel, message.Tokens[i], "", errors.New("invalid token"))
 			continue
 		}
 		var url string
@@ -92,6 +93,6 @@ func SendTelegram(message TelegramMessage) {
 			Text:      message.Text,
 		}

-		doSend(url, body, models.Telegram, message.Stats)
+		doSendAndRecord(ctx, url, message.Tokens[i], body, channel, message.Stats, events)
 	}
 }
--- a/alert/sender/webhook.go
+++ b/alert/sender/webhook.go
@@ -4,33 +4,41 @@ import (
 	"bytes"
 	"crypto/tls"
 	"encoding/json"
+	"fmt"
 	"io"
 	"net/http"
+	"sync"
 	"time"

 	"github.com/ccfos/nightingale/v6/alert/astats"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"

 	"github.com/toolkits/pkg/logger"
 )

-func sendWebhook(webhook *models.Webhook, event *models.AlertCurEvent, stats *astats.Stats) bool {
+func sendWebhook(webhook *models.Webhook, event interface{}, stats *astats.Stats) (bool, string, error) {
+	channel := "webhook"
+	if webhook.Type == models.RuleCallback {
+		channel = "callback"
+	}
+
 	conf := webhook
 	if conf.Url == "" || !conf.Enable {
-		return false
+		return false, "", nil
 	}
 	bs, err := json.Marshal(event)
 	if err != nil {
-		logger.Errorf("alertingWebhook failed to marshal event:%+v err:%v", event, err)
-		return false
+		logger.Errorf("%s alertingWebhook failed to marshal event:%+v err:%v", channel, event, err)
+		return false, "", err
 	}

 	bf := bytes.NewBuffer(bs)

 	req, err := http.NewRequest("POST", conf.Url, bf)
 	if err != nil {
-		logger.Warningf("alertingWebhook failed to new reques event:%+v err:%v", event, err)
-		return true
+		logger.Warningf("%s alertingWebhook failed to new reques event:%s err:%v", channel, string(bs), err)
+		return true, "", err
 	}

 	req.Header.Set("Content-Type", "application/json")
@@ -51,42 +59,48 @@ func sendWebhook(webhook *models.Webhook, event *models.AlertCurEvent, stats *as
 	if webhook != nil {
 		insecureSkipVerify = webhook.SkipVerify
 	}
-	client := http.Client{
-		Timeout: time.Duration(conf.Timeout) * time.Second,
-		Transport: &http.Transport{
-			TLSClientConfig: &tls.Config{InsecureSkipVerify: insecureSkipVerify},
-		},
+
+	if conf.Client == nil {
+		logger.Warningf("event_%s, event:%s, url: [%s], error: [%s]", channel, string(bs), conf.Url, "client is nil")
+		conf.Client = &http.Client{
+			Timeout: time.Duration(conf.Timeout) * time.Second,
+			Transport: &http.Transport{
+				TLSClientConfig: &tls.Config{InsecureSkipVerify: insecureSkipVerify},
+			},
+		}
 	}

-	stats.AlertNotifyTotal.WithLabelValues("webhook").Inc()
+	stats.AlertNotifyTotal.WithLabelValues(channel).Inc()
 	var resp *http.Response
-	resp, err = client.Do(req)
+	var body []byte
+	resp, err = conf.Client.Do(req)
+
 	if err != nil {
-		stats.AlertNotifyErrorTotal.WithLabelValues("webhook").Inc()
-		logger.Errorf("event_webhook_fail, ruleId: [%d], eventId: [%d], event:%+v, url: [%s], error: [%s]", event.RuleId, event.Id, event, conf.Url, err)
-		return true
+		stats.AlertNotifyErrorTotal.WithLabelValues(channel).Inc()
+		logger.Errorf("event_%s_fail, event:%s, url: [%s], error: [%s]", channel, string(bs), conf.Url, err)
+		return true, "", err
 	}

-	var body []byte
 	if resp.Body != nil {
 		defer resp.Body.Close()
 		body, _ = io.ReadAll(resp.Body)
 	}

 	if resp.StatusCode == 429 {
-		logger.Errorf("event_webhook_fail, url: %s, response code: %d, body: %s event:%+v", conf.Url, resp.StatusCode, string(body), event)
-		return true
+		logger.Errorf("event_%s_fail, url: %s, response code: %d, body: %s event:%s", channel, conf.Url, resp.StatusCode, string(body), string(bs))
+		return true, string(body), fmt.Errorf("status code is 429")
 	}

-	logger.Debugf("event_webhook_succ, url: %s, response code: %d, body: %s event:%+v", conf.Url, resp.StatusCode, string(body), event)
-	return false
+	logger.Debugf("event_%s_succ, url: %s, response code: %d, body: %s event:%s", channel, conf.Url, resp.StatusCode, string(body), string(bs))
+	return false, string(body), nil
 }

-func SendWebhooks(webhooks []*models.Webhook, event *models.AlertCurEvent, stats *astats.Stats) {
+func SingleSendWebhooks(ctx *ctx.Context, webhooks map[string]*models.Webhook, event *models.AlertCurEvent, stats *astats.Stats) {
 	for _, conf := range webhooks {
 		retryCount := 0
 		for retryCount < 3 {
-			needRetry := sendWebhook(conf, event, stats)
+			needRetry, res, err := sendWebhook(conf, event, stats)
+			NotifyRecord(ctx, []*models.AlertCurEvent{event}, 0, "webhook", conf.Url, res, err)
 			if !needRetry {
 				break
 			}
@@ -95,3 +109,74 @@ func SendWebhooks(webhooks []*models.Webhook, event *models.AlertCurEvent, stats
 		}
 	}
 }
+
+func BatchSendWebhooks(ctx *ctx.Context, webhooks map[string]*models.Webhook, event *models.AlertCurEvent, stats *astats.Stats) {
+	for _, conf := range webhooks {
+		logger.Infof("push event:%+v to queue:%v", event, conf)
+		PushEvent(ctx, conf, event, stats)
+	}
+}
+
+var EventQueue = make(map[string]*WebhookQueue)
+var CallbackEventQueue = make(map[string]*WebhookQueue)
+var CallbackEventQueueLock sync.RWMutex
+var EventQueueLock sync.RWMutex
+
+const QueueMaxSize = 100000
+
+type WebhookQueue struct {
+	eventQueue *SafeEventQueue
+	closeCh    chan struct{}
+}
+
+func PushEvent(ctx *ctx.Context, webhook *models.Webhook, event *models.AlertCurEvent, stats *astats.Stats) {
+	EventQueueLock.RLock()
+	queue := EventQueue[webhook.Url]
+	EventQueueLock.RUnlock()
+
+	if queue == nil {
+		queue = &WebhookQueue{
+			eventQueue: NewSafeEventQueue(QueueMaxSize),
+			closeCh:    make(chan struct{}),
+		}
+
+		EventQueueLock.Lock()
+		EventQueue[webhook.Url] = queue
+		EventQueueLock.Unlock()
+
+		StartConsumer(ctx, queue, webhook.Batch, webhook, stats)
+	}
+
+	succ := queue.eventQueue.Push(event)
+	if !succ {
+		stats.AlertNotifyErrorTotal.WithLabelValues("push_event_queue").Inc()
+		logger.Warningf("Write channel(%s) full, current channel size: %d event:%v", webhook.Url, queue.eventQueue.Len(), event)
+	}
+}
+
+func StartConsumer(ctx *ctx.Context, queue *WebhookQueue, popSize int, webhook *models.Webhook, stats *astats.Stats) {
+	for {
+		select {
+		case <-queue.closeCh:
+			logger.Infof("event queue:%v closed", queue)
+			return
+		default:
+			events := queue.eventQueue.PopN(popSize)
+			if len(events) == 0 {
+				time.Sleep(time.Millisecond * 400)
+				continue
+			}
+
+			retryCount := 0
+			for retryCount < webhook.RetryCount {
+				needRetry, res, err := sendWebhook(webhook, events, stats)
+				go NotifyRecord(ctx, events, 0, "webhook", webhook.Url, res, err)
+				if !needRetry {
+					break
+				}
+				retryCount++
+				time.Sleep(time.Second * time.Duration(webhook.RetryInterval) * time.Duration(retryCount))
+			}
+		}
+	}
+}
--- a/alert/sender/webhook_event_queue.go
+++ b/alert/sender/webhook_event_queue.go
@@ -0,0 +1,109 @@
+package sender
+
+import (
+	"container/list"
+	"sync"
+
+	"github.com/ccfos/nightingale/v6/models"
+)
+
+type SafeEventQueue struct {
+	lock        sync.RWMutex
+	maxSize     int
+	queueHigh   *list.List
+	queueMiddle *list.List
+	queueLow    *list.List
+}
+
+const (
+	High   = 1
+	Middle = 2
+	Low    = 3
+)
+
+func NewSafeEventQueue(maxSize int) *SafeEventQueue {
+	return &SafeEventQueue{
+		maxSize:     maxSize,
+		lock:        sync.RWMutex{},
+		queueHigh:   list.New(),
+		queueMiddle: list.New(),
+		queueLow:    list.New(),
+	}
+}
+
+func (spq *SafeEventQueue) Len() int {
+	spq.lock.RLock()
+	defer spq.lock.RUnlock()
+	return spq.queueHigh.Len() + spq.queueMiddle.Len() + spq.queueLow.Len()
+}
+
+// len 无锁读取长度，不要在本文件外调用
+func (spq *SafeEventQueue) len() int {
+	return spq.queueHigh.Len() + spq.queueMiddle.Len() + spq.queueLow.Len()
+}
+
+func (spq *SafeEventQueue) Push(event *models.AlertCurEvent) bool {
+	spq.lock.Lock()
+	defer spq.lock.Unlock()
+
+	for spq.len() > spq.maxSize {
+		return false
+	}
+
+	switch event.Severity {
+	case High:
+		spq.queueHigh.PushBack(event)
+	case Middle:
+		spq.queueMiddle.PushBack(event)
+	case Low:
+		spq.queueLow.PushBack(event)
+	default:
+		return false
+	}
+
+	return true
+}
+
+// pop 无锁弹出事件，不要在本文件外调用
+func (spq *SafeEventQueue) pop() *models.AlertCurEvent {
+	if spq.len() == 0 {
+		return nil
+	}
+
+	var elem interface{}
+
+	if spq.queueHigh.Len() > 0 {
+		elem = spq.queueHigh.Remove(spq.queueHigh.Front())
+	} else if spq.queueMiddle.Len() > 0 {
+		elem = spq.queueMiddle.Remove(spq.queueMiddle.Front())
+	} else {
+		elem = spq.queueLow.Remove(spq.queueLow.Front())
+	}
+	event, ok := elem.(*models.AlertCurEvent)
+	if !ok {
+		return nil
+	}
+	return event
+}
+
+func (spq *SafeEventQueue) Pop() *models.AlertCurEvent {
+	spq.lock.Lock()
+	defer spq.lock.Unlock()
+	return spq.pop()
+}
+
+func (spq *SafeEventQueue) PopN(n int) []*models.AlertCurEvent {
+	spq.lock.Lock()
+	defer spq.lock.Unlock()
+
+	events := make([]*models.AlertCurEvent, 0, n)
+	count := 0
+	for count < n && spq.len() > 0 {
+		event := spq.pop()
+		if event != nil {
+			events = append(events, event)
+		}
+		count++
+	}
+	return events
+}
--- a/alert/sender/webhook_event_queue_test.go
+++ b/alert/sender/webhook_event_queue_test.go
@@ -0,0 +1,157 @@
+package sender
+
+import (
+	"sync"
+	"testing"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestSafePriorityQueue_ConcurrentPushPop(t *testing.T) {
+	spq := NewSafeEventQueue(100000)
+
+	var wg sync.WaitGroup
+	numGoroutines := 100
+	numEvents := 1000
+
+	// 并发 Push
+	wg.Add(numGoroutines)
+	for i := 0; i < numGoroutines; i++ {
+		go func(goroutineID int) {
+			defer wg.Done()
+			for j := 0; j < numEvents; j++ {
+				event := &models.AlertCurEvent{
+					Severity:    goroutineID%3 + 1,
+					TriggerTime: time.Now().UnixNano(),
+				}
+				spq.Push(event)
+			}
+		}(i)
+	}
+	wg.Wait()
+
+	// 检查队列长度是否正确
+	expectedLen := numGoroutines * numEvents
+	assert.Equal(t, expectedLen, spq.Len(), "Queue length mismatch after concurrent pushes")
+
+	// 并发 Pop
+	wg.Add(numGoroutines)
+	for i := 0; i < numGoroutines; i++ {
+		go func() {
+			defer wg.Done()
+			for {
+				event := spq.Pop()
+				if event == nil {
+					return
+				}
+			}
+		}()
+	}
+	wg.Wait()
+
+	// 最终队列应该为空
+	assert.Equal(t, 0, spq.Len(), "Queue should be empty after concurrent pops")
+}
+
+func TestSafePriorityQueue_ConcurrentPopMax(t *testing.T) {
+	spq := NewSafeEventQueue(100000)
+
+	// 添加初始数据
+	for i := 0; i < 1000; i++ {
+		spq.Push(&models.AlertCurEvent{
+			Severity:    i%3 + 1,
+			TriggerTime: time.Now().UnixNano(),
+		})
+	}
+
+	var wg sync.WaitGroup
+	numGoroutines := 10
+	popMax := 100
+
+	// 并发 PopN
+	wg.Add(numGoroutines)
+	for i := 0; i < numGoroutines; i++ {
+		go func() {
+			defer wg.Done()
+			events := spq.PopN(popMax)
+			assert.LessOrEqual(t, len(events), popMax, "PopN exceeded maximum")
+		}()
+	}
+	wg.Wait()
+
+	// 检查队列长度是否正确
+	expectedRemaining := 1000 - (numGoroutines * popMax)
+	if expectedRemaining < 0 {
+		expectedRemaining = 0
+	}
+	assert.Equal(t, expectedRemaining, spq.Len(), "Queue length mismatch after concurrent PopN")
+}
+
+func TestSafePriorityQueue_ConcurrentPushPopWithDifferentSeverities(t *testing.T) {
+	spq := NewSafeEventQueue(100000)
+
+	var wg sync.WaitGroup
+	numGoroutines := 50
+	numEvents := 500
+
+	// 并发 Push 不同优先级的事件
+	wg.Add(numGoroutines)
+	for i := 0; i < numGoroutines; i++ {
+		go func(goroutineID int) {
+			defer wg.Done()
+			for j := 0; j < numEvents; j++ {
+				event := &models.AlertCurEvent{
+					Severity:    goroutineID%3 + 1, // 模拟不同的 Severity
+					TriggerTime: time.Now().UnixNano(),
+				}
+				spq.Push(event)
+			}
+		}(i)
+	}
+	wg.Wait()
+
+	// 检查队列长度是否正确
+	expectedLen := numGoroutines * numEvents
+	assert.Equal(t, expectedLen, spq.Len(), "Queue length mismatch after concurrent pushes")
+
+	// 检查事件的顺序是否按照优先级排列
+	var lastEvent *models.AlertCurEvent
+	for spq.Len() > 0 {
+		event := spq.Pop()
+		if lastEvent != nil {
+			assert.LessOrEqual(t, lastEvent.Severity, event.Severity, "Events are not in correct priority order")
+		}
+		lastEvent = event
+	}
+}
+
+func TestSafePriorityQueue_ExceedMaxSize(t *testing.T) {
+	spq := NewSafeEventQueue(5)
+
+	// 插入超过最大容量的事件
+	for i := 0; i < 10; i++ {
+		spq.Push(&models.AlertCurEvent{
+			Severity:    i % 3,
+			TriggerTime: int64(i),
+		})
+	}
+
+	// 验证队列的长度是否不超过 maxSize
+	assert.LessOrEqual(t, spq.Len(), spq.maxSize)
+
+	// 验证队列中剩余事件的内容
+	expectedEvents := 5
+	if spq.Len() < 5 {
+		expectedEvents = spq.Len()
+	}
+
+	// 检查最后存入的事件是否是按优先级排序
+	for i := 0; i < expectedEvents; i++ {
+		event := spq.Pop()
+		if event != nil {
+			assert.LessOrEqual(t, event.Severity, 2)
+		}
+	}
+}
--- a/alert/sender/webhook_queue.go
+++ b/alert/sender/webhook_queue.go
@@ -0,0 +1,111 @@
+package sender
+
+import (
+	"container/list"
+	"sync"
+
+	"github.com/ccfos/nightingale/v6/models"
+)
+
+type SafeList struct {
+	sync.RWMutex
+	L *list.List
+}
+
+func NewSafeList() *SafeList {
+	return &SafeList{L: list.New()}
+}
+
+func (sl *SafeList) PushFront(v interface{}) *list.Element {
+	sl.Lock()
+	e := sl.L.PushFront(v)
+	sl.Unlock()
+	return e
+}
+
+func (sl *SafeList) PushFrontBatch(vs []interface{}) {
+	sl.Lock()
+	for _, item := range vs {
+		sl.L.PushFront(item)
+	}
+	sl.Unlock()
+}
+
+func (sl *SafeList) PopBack(max int) []*models.AlertCurEvent {
+	sl.Lock()
+
+	count := sl.L.Len()
+	if count == 0 {
+		sl.Unlock()
+		return []*models.AlertCurEvent{}
+	}
+
+	if count > max {
+		count = max
+	}
+
+	items := make([]*models.AlertCurEvent, 0, count)
+	for i := 0; i < count; i++ {
+		item := sl.L.Remove(sl.L.Back())
+		sample, ok := item.(*models.AlertCurEvent)
+		if ok {
+			items = append(items, sample)
+		}
+	}
+
+	sl.Unlock()
+	return items
+}
+
+func (sl *SafeList) RemoveAll() {
+	sl.Lock()
+	sl.L.Init()
+	sl.Unlock()
+}
+
+func (sl *SafeList) Len() int {
+	sl.RLock()
+	size := sl.L.Len()
+	sl.RUnlock()
+	return size
+}
+
+// SafeList with Limited Size
+type SafeListLimited struct {
+	maxSize int
+	SL      *SafeList
+}
+
+func NewSafeListLimited(maxSize int) *SafeListLimited {
+	return &SafeListLimited{SL: NewSafeList(), maxSize: maxSize}
+}
+
+func (sll *SafeListLimited) PopBack(max int) []*models.AlertCurEvent {
+	return sll.SL.PopBack(max)
+}
+
+func (sll *SafeListLimited) PushFront(v interface{}) bool {
+	if sll.SL.Len() >= sll.maxSize {
+		return false
+	}
+
+	sll.SL.PushFront(v)
+	return true
+}
+
+func (sll *SafeListLimited) PushFrontBatch(vs []interface{}) bool {
+	if sll.SL.Len() >= sll.maxSize {
+		return false
+	}
+
+	sll.SL.PushFrontBatch(vs)
+	return true
+}
+
+func (sll *SafeListLimited) RemoveAll() {
+	sll.SL.RemoveAll()
+}
+
+func (sll *SafeListLimited) Len() int {
+	return sll.SL.Len()
+}
--- a/alert/sender/wecom.go
+++ b/alert/sender/wecom.go
@@ -37,29 +37,29 @@ func (ws *WecomSender) CallBack(ctx CallBackContext) {
 		},
 	}

-	doSend(ctx.CallBackURL, body, models.Wecom, ctx.Stats)
-	ctx.Stats.AlertNotifyTotal.WithLabelValues("rule_callback").Inc()
+	doSendAndRecord(ctx.Ctx, ctx.CallBackURL, ctx.CallBackURL, body, "callback", ctx.Stats, ctx.Events)
 }

 func (ws *WecomSender) Send(ctx MessageContext) {
 	if len(ctx.Users) == 0 || len(ctx.Events) == 0 {
 		return
 	}
-	urls := ws.extract(ctx.Users)
+	urls, tokens := ws.extract(ctx.Users)
 	message := BuildTplMessage(models.Wecom, ws.tpl, ctx.Events)
-	for _, url := range urls {
+	for i, url := range urls {
 		body := wecom{
 			Msgtype: "markdown",
 			Markdown: wecomMarkdown{
 				Content: message,
 			},
 		}
-		doSend(url, body, models.Wecom, ctx.Stats)
+		doSendAndRecord(ctx.Ctx, url, tokens[i], body, models.Wecom, ctx.Stats, ctx.Events)
 	}
 }

-func (ws *WecomSender) extract(users []*models.User) []string {
+func (ws *WecomSender) extract(users []*models.User) ([]string, []string) {
 	urls := make([]string, 0, len(users))
+	tokens := make([]string, 0, len(users))
 	for _, user := range users {
 		if token, has := user.ExtractToken(models.Wecom); has {
 			url := token
@@ -67,7 +67,8 @@ func (ws *WecomSender) extract(users []*models.User) []string {
 				url = "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=" + token
 			}
 			urls = append(urls, url)
+			tokens = append(tokens, token)
 		}
 	}
-	return urls
+	return urls, tokens
 }
--- a/center/cconf/conf.go
+++ b/center/cconf/conf.go
@@ -13,6 +13,8 @@ type Center struct {
 	UseFileAssets          bool
 	FlashDuty              FlashDuty
 	EventHistoryGroupView  bool
+	CleanNotifyRecordDay   int
+	MigrateBusiGroupLabel  bool
 }

 type Plugin struct {
--- a/center/cconf/ops.go
+++ b/center/cconf/ops.go
@@ -15,9 +15,25 @@ type Operation struct {
 }

 type Ops struct {
-	Name  string   `yaml:"name" json:"name"`
-	Cname string   `yaml:"cname" json:"cname"`
-	Ops   []string `yaml:"ops" json:"ops"`
+	Name  string     `yaml:"name" json:"name"`
+	Cname string     `yaml:"cname" json:"cname"`
+	Ops   []SingleOp `yaml:"ops" json:"ops"`
+}
+
+// SingleOp Name 为 op 名称；Cname 为展示名称，默认英文
+type SingleOp struct {
+	Name  string `yaml:"name" json:"name"`
+	Cname string `yaml:"cname" json:"cname"`
+}
+
+func TransformNames(name []string, nameToName map[string]string) []string {
+	var ret []string
+	for _, n := range name {
+		if v, has := nameToName[n]; has {
+			ret = append(ret, v)
+		}
+	}
+	return ret
 }

 func LoadOpsYaml(configDir string, opsYamlFile string) error {
@@ -39,8 +55,8 @@ func LoadOpsYaml(configDir string, opsYamlFile string) error {
 	return file.ReadYaml(fp, &Operations)
 }

-func GetAllOps(ops []Ops) []string {
-	var ret []string
+func GetAllOps(ops []Ops) []SingleOp {
+	var ret []SingleOp
 	for _, op := range ops {
 		ret = append(ret, op.Ops...)
 	}
@@ -48,7 +64,7 @@ func GetAllOps(ops []Ops) []string {
 }

 func MergeOperationConf() error {
-	opsBuiltIn := Operation{}
+	var opsBuiltIn Operation
 	err := yaml.Unmarshal([]byte(builtInOps), &opsBuiltIn)
 	if err != nil {
 		return fmt.Errorf("cannot parse builtInOps: %s", err.Error())
@@ -69,138 +85,221 @@ func MergeOperationConf() error {
 const (
 	builtInOps = `
 ops:
- name: dashboards
-  cname: 仪表盘
+- name: Infrastructure
+  cname: Infrastructure
  ops:
-    - "/dashboards"
-    - "/dashboards/add"
-    - "/dashboards/put"
-    - "/dashboards/del"
-    - "/embedded-dashboards/put"
-    - "/embedded-dashboards"
-    - "/public-dashboards"
+    - name: /targets
+      cname: Host - View
+    - name: /targets/put
+      cname: Host - Modify
+    - name: /targets/del
+      cname: Host - Delete
+    - name: /targets/bind
+      cname: Host - Bind Uncategorized

- name: alert
-  cname: 告警规则
+- name: Explorer
+  cname: Explorer
  ops:
-    - "/alert-rules"
-    - "/alert-rules/add"
-    - "/alert-rules/put"
-    - "/alert-rules/del"
+    - name: /metric/explorer
+      cname: Metrics Explorer
+    - name: /object/explorer
+      cname: Quick View
+    - name: /metrics-built-in
+      cname: Built-in Metric - View
+    - name: /builtin-metrics/add
+      cname: Built-in Metric - Add
+    - name: /builtin-metrics/put
+      cname: Built-in Metric - Modify
+    - name: /builtin-metrics/del
+      cname: Built-in Metric - Delete
+    - name: /recording-rules
+      cname: Recording Rule - View
+    - name: /recording-rules/add
+      cname: Recording Rule - Add
+    - name: /recording-rules/put
+      cname: Recording Rule - Modify
+    - name: /recording-rules/del
+      cname: Recording Rule - Delete
+    - name: /log/explorer
+      cname: Logs Explorer
+    - name: /log/index-patterns # 前端有个管理索引模式的页面，所以需要一个权限点来控制，后面应该改成侧拉板
+      cname: Index Pattern - View
+    - name: /log/index-patterns/add
+      cname: Index Pattern - Add
+    - name: /log/index-patterns/put
+      cname: Index Pattern - Modify
+    - name: /log/index-patterns/del
+      cname: Index Pattern - Delete
+    - name: /dashboards
+      cname: Dashboard - View
+    - name: /dashboards/add
+      cname: Dashboard - Add
+    - name: /dashboards/put
+      cname: Dashboard - Modify
+    - name: /dashboards/del
+      cname: Dashboard - Delete
+    - name: /public-dashboards
+      cname: Dashboard - View Public

- name: alert-mutes
-  cname: 告警静默管理
+- name: alerting
+  cname: Alerting
  ops:
-    - "/alert-mutes"
-    - "/alert-mutes/add"
-    - "/alert-mutes/put"
-    - "/alert-mutes/del"
-  
- name: alert-subscribes
-  cname: 告警订阅管理
-  ops:
-    - "/alert-subscribes"
-    - "/alert-subscribes/add"
-    - "/alert-subscribes/put"
-    - "/alert-subscribes/del"
+    - name: /alert-rules
+      cname: Alerting Rule - View
+    - name: /alert-rules/add
+      cname: Alerting Rule - Add
+    - name: /alert-rules/put
+      cname: Alerting Rule - Modify
+    - name: /alert-rules/del
+      cname: Alerting Rule - Delete
+    - name: /alert-mutes
+      cname: Mutting Rule - View
+    - name: /alert-mutes/add
+      cname: Mutting Rule - Add
+    - name: /alert-mutes/put
+      cname: Mutting Rule - Modify
+    - name: /alert-mutes/del
+      cname: Mutting Rule - Delete
+    - name: /alert-subscribes
+      cname: Subscribing Rule - View
+    - name: /alert-subscribes/add
+      cname: Subscribing Rule - Add
+    - name: /alert-subscribes/put
+      cname: Subscribing Rule - Modify
+    - name: /alert-subscribes/del
+      cname: Subscribing Rule - Delete
+    - name: /job-tpls
+      cname: Self-healing-Script - View
+    - name: /job-tpls/add
+      cname: Self-healing-Script - Add
+    - name: /job-tpls/put
+      cname: Self-healing-Script - Modify
+    - name: /job-tpls/del
+      cname: Self-healing-Script - Delete
+    - name: /job-tasks
+      cname: Self-healing-Job - View
+    - name: /job-tasks/add
+      cname: Self-healing-Job - Add
+    - name: /job-tasks/put
+      cname: Self-healing-Job - Modify
+    - name: /alert-cur-events
+      cname: Active Event - View
+    - name: /alert-cur-events/del
+      cname: Active Event - Delete
+    - name: /alert-his-events
+      cname: Historical Event - View

- name: alert-events  
-  cname: 告警事件管理
+- name: Notification
+  cname: Notification
  ops:
-    - "/alert-cur-events"
-    - "/alert-cur-events/del"
-    - "/alert-his-events" 
+    - name: /notification-rules
+      cname: Notification Rule - View
+    - name: /notification-rules/add
+      cname: Notification Rule - Add
+    - name: /notification-rules/put
+      cname: Notification Rule - Modify
+    - name: /notification-rules/del
+      cname: Notification Rule - Delete
+    - name: /notification-channels
+      cname: Media Type - View
+    - name: /notification-channels/add
+      cname: Media Type - Add
+    - name: /notification-channels/put
+      cname: Media Type - Modify
+    - name: /notification-channels/del
+      cname: Media Type - Delete
+    - name: /notification-templates
+      cname: Message Template - View
+    - name: /notification-templates/add
+      cname: Message Template - Add
+    - name: /notification-templates/put
+      cname: Message Template - Modify
+    - name: /notification-templates/del
+      cname: Message Template - Delete
+    - name: /event-pipelines
+      cname: Event Pipeline - View
+    - name: /event-pipelines/add
+      cname: Event Pipeline - Add
+    - name: /event-pipelines/put
+      cname: Event Pipeline - Modify
+    - name: /event-pipelines/del
+      cname: Event Pipeline - Delete
+    - name: /help/notification-settings # 用于控制老版本的通知设置菜单是否展示
+      cname: Notification Settings - View
+    - name: /help/notification-tpls # 用于控制老版本的通知模板菜单是否展示
+      cname: Notification Templates - View

- name: recording-rules
-  cname: 记录规则管理
+- name: Integrations
+  cname: Integrations
  ops:
-    - "/recording-rules"
-    - "/recording-rules/add"
-    - "/recording-rules/put"
-    - "/recording-rules/del"
+    - name: /datasources # 用于控制能否看到数据源列表页面的菜单。只有 Admin 才能修改、删除数据源
+      cname: Data Source - View
+    - name: /components
+      cname: Component - View
+    - name: /components/add
+      cname: Component - Add
+    - name: /components/put
+      cname: Component - Modify
+    - name: /components/del
+      cname: Component - Delete
+    - name: /embedded-products
+      cname: Embedded Product - View
+    - name: /embedded-product/add
+      cname: Embedded Product - Add
+    - name: /embedded-product/put
+      cname: Embedded Product - Modify
+    - name: /embedded-product/delete
+      cname: Embedded Product - Delete

- name: metric
-  cname: 时序指标
+- name: Organization
+  cname: Organization
  ops:
-  - "/metric/explorer"
-  - "/object/explorer"
+    - name: /users
+      cname: User - View
+    - name: /users/add
+      cname: User - Add
+    - name: /users/put
+      cname: User - Modify
+    - name: /users/del
+      cname: User - Delete
+    - name: /user-groups
+      cname: Team - View
+    - name: /user-groups/add
+      cname: Team - Add
+    - name: /user-groups/put
+      cname: Team - Modify
+    - name: /user-groups/del
+      cname: Team - Delete
+    - name: /busi-groups
+      cname: Business Group - View
+    - name: /busi-groups/add
+      cname: Business Group - Add
+    - name: /busi-groups/put
+      cname: Business Group - Modify
+    - name: /busi-groups/del
+      cname: Business Group - Delete
+    - name: /roles
+      cname: Role - View
+    - name: /roles/add
+      cname: Role - Add
+    - name: /roles/put
+      cname: Role - Modify
+    - name: /roles/del
+      cname: Role - Delete

- name: log
-  cname: 日志分析
+- name: System Settings
+  cname: System Settings
  ops:
-  - "/log/explorer"
-  - "/log/index-patterns"
+    - name: /system/site-settings # 仅用于控制能否展示菜单，只有 Admin 才能修改、删除
+      cname: View Site Settings
+    - name: /system/variable-settings
+      cname: View Variable Settings
+    - name: /system/sso-settings
+      cname: View SSO Settings
+    - name: /system/alerting-engines
+      cname: View Alerting Engines
+    - name: /system/version
+      cname: View Product Version

- name: targets
-  cname: 基础设施
-  ops:
-    - "/targets"
-    - "/targets/add"
-    - "/targets/put"
-    - "/targets/del"
-    - "/targets/bind"
-
- name: job
-  cname: 任务管理
-  ops:
-    - "/job-tpls"
-    - "/job-tpls/add"
-    - "/job-tpls/put"
-    - "/job-tpls/del"
-    - "/job-tasks"
-    - "/job-tasks/add"
-    - "/job-tasks/put"
-    - "/ibex-settings"
-
- name: user
-  cname: 用户管理
-  ops:
-  - "/users"
-  - "/user-groups"
-  - "/user-groups/add"
-  - "/user-groups/put"
-  - "/user-groups/del"
-
- name: permissions
-  cname: 权限管理
-  ops:
-  - "/permissions"
-
- name: busi-groups
-  cname: 业务分组管理
-  ops:
-  - "/busi-groups"
-  - "/busi-groups/add"
-  - "/busi-groups/put"
-  - "/busi-groups/del"
-
- name: builtin-metrics
-  cname: 指标视图
-  ops:
-    - "/metrics-built-in"
-    - "/builtin-metrics/add"
-    - "/builtin-metrics/put"
-    - "/builtin-metrics/del"
-
- name: built-in-components
-  cname: 模版中心
-  ops:
-    - "/built-in-components"
-    - "/built-in-components/add"
-    - "/built-in-components/put"
-    - "/built-in-components/del"
-
- name: system
-  cname: 系统信息
-  ops:
-  - "/help/variable-configs"
-  - "/help/version"
-  - "/help/servers"
-  - "/help/source"
-  - "/help/sso"
-  - "/help/notification-tpls"
-  - "/help/notification-settings"
-  - "/help/migrate"
-  - "/site-settings"
 `
 )
--- a/center/cconf/plugin.go
+++ b/center/cconf/plugin.go
@@ -25,4 +25,22 @@ var Plugins = []Plugin{
 		Type:     "tdengine",
 		TypeName: "TDengine",
 	},
+	{
+		Id:       5,
+		Category: "logging",
+		Type:     "ck",
+		TypeName: "ClickHouse",
+	},
+	{
+		Id:       6,
+		Category: "timeseries",
+		Type:     "mysql",
+		TypeName: "MySQL",
+	},
+	{
+		Id:       7,
+		Category: "timeseries",
+		Type:     "pgsql",
+		TypeName: "PostgreSQL",
+	},
 }
--- a/center/center.go
+++ b/center/center.go
@@ -4,18 +4,21 @@ import (
 	"context"
 	"fmt"

+	"github.com/ccfos/nightingale/v6/dscache"
+
 	"github.com/ccfos/nightingale/v6/alert"
 	"github.com/ccfos/nightingale/v6/alert/astats"
+	"github.com/ccfos/nightingale/v6/alert/dispatch"
 	"github.com/ccfos/nightingale/v6/alert/process"
 	alertrt "github.com/ccfos/nightingale/v6/alert/router"
 	"github.com/ccfos/nightingale/v6/center/cconf"
 	"github.com/ccfos/nightingale/v6/center/cconf/rsa"
-	"github.com/ccfos/nightingale/v6/center/cstats"
 	"github.com/ccfos/nightingale/v6/center/integration"
 	"github.com/ccfos/nightingale/v6/center/metas"
 	centerrt "github.com/ccfos/nightingale/v6/center/router"
 	"github.com/ccfos/nightingale/v6/center/sso"
 	"github.com/ccfos/nightingale/v6/conf"
+	"github.com/ccfos/nightingale/v6/cron"
 	"github.com/ccfos/nightingale/v6/dumper"
 	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/models"
@@ -25,14 +28,13 @@ import (
 	"github.com/ccfos/nightingale/v6/pkg/httpx"
 	"github.com/ccfos/nightingale/v6/pkg/i18nx"
 	"github.com/ccfos/nightingale/v6/pkg/logx"
+	"github.com/ccfos/nightingale/v6/pkg/macros"
 	"github.com/ccfos/nightingale/v6/pkg/version"
 	"github.com/ccfos/nightingale/v6/prom"
 	"github.com/ccfos/nightingale/v6/pushgw/idents"
 	pushgwrt "github.com/ccfos/nightingale/v6/pushgw/router"
 	"github.com/ccfos/nightingale/v6/pushgw/writer"
 	"github.com/ccfos/nightingale/v6/storage"
-	"github.com/ccfos/nightingale/v6/tdengine"
-
 	"github.com/flashcatcloud/ibex/src/cmd/ibex"
 )

@@ -47,13 +49,16 @@ func Initialize(configDir string, cryptoKey string) (func(), error) {

 	cconf.MergeOperationConf()

+	if config.Alert.Heartbeat.EngineName == "" {
+		config.Alert.Heartbeat.EngineName = "default"
+	}
+
 	logxClean, err := logx.Init(config.Log)
 	if err != nil {
 		return nil, err
 	}

 	i18nx.Init(configDir)
-	cstats.Init()
 	flashduty.Init(config.Center.FlashDuty)

 	db, err := storage.New(config.DB)
@@ -62,7 +67,7 @@ func Initialize(configDir string, cryptoKey string) (func(), error) {
 	}
 	ctx := ctx.NewContext(context.Background(), db, true)
 	migrate.Migrate(db)
-	models.InitRoot(ctx)
+	isRootInit := models.InitRoot(ctx)

 	config.HTTP.JWTAuth.SigningKey = models.InitJWTSigningKey(ctx)

@@ -71,7 +76,7 @@ func Initialize(configDir string, cryptoKey string) (func(), error) {
 		return nil, err
 	}

-	integration.Init(ctx, config.Center.BuiltinIntegrationsDir)
+	go integration.Init(ctx, config.Center.BuiltinIntegrationsDir)
 	var redis storage.Redis
 	redis, err = storage.NewRedis(config.Redis)
 	if err != nil {
@@ -79,11 +84,18 @@ func Initialize(configDir string, cryptoKey string) (func(), error) {
 	}

 	metas := metas.New(redis)
-	idents := idents.New(ctx, redis)
+	idents := idents.New(ctx, redis, config.Pushgw)

 	syncStats := memsto.NewSyncStats()
 	alertStats := astats.NewSyncStats()

+	if config.Center.MigrateBusiGroupLabel || models.CanMigrateBg(ctx) {
+		models.MigrateBg(ctx, config.Pushgw.BusiGroupLabelKey)
+	}
+	if models.CanMigrateEP(ctx) {
+		models.MigrateEP(ctx)
+	}
+
 	configCache := memsto.NewConfigCache(ctx, syncStats, config.HTTP.RSA.RSAPrivateKey, config.HTTP.RSA.RSAPassWord)
 	busiGroupCache := memsto.NewBusiGroupCache(ctx, syncStats)
 	targetCache := memsto.NewTargetCache(ctx, syncStats, redis)
@@ -94,24 +106,36 @@ func Initialize(configDir string, cryptoKey string) (func(), error) {
 	userCache := memsto.NewUserCache(ctx, syncStats)
 	userGroupCache := memsto.NewUserGroupCache(ctx, syncStats)
 	taskTplCache := memsto.NewTaskTplCache(ctx)
+	configCvalCache := memsto.NewCvalCache(ctx, syncStats)
+	notifyRuleCache := memsto.NewNotifyRuleCache(ctx, syncStats)
+	notifyChannelCache := memsto.NewNotifyChannelCache(ctx, syncStats)
+	messageTemplateCache := memsto.NewMessageTemplateCache(ctx, syncStats)
+	userTokenCache := memsto.NewUserTokenCache(ctx, syncStats)

 	sso := sso.Init(config.Center, ctx, configCache)
 	promClients := prom.NewPromClient(ctx)
-	tdengineClients := tdengine.NewTdengineClient(ctx, config.Alert.Heartbeat)
+
+	dispatch.InitRegisterQueryFunc(promClients)

 	externalProcessors := process.NewExternalProcessors()
-	alert.Start(config.Alert, config.Pushgw, syncStats, alertStats, externalProcessors, targetCache, busiGroupCache, alertMuteCache, alertRuleCache, notifyConfigCache, taskTplCache, dsCache, ctx, promClients, tdengineClients, userCache, userGroupCache)
+
+	macros.RegisterMacro(macros.MacroInVain)
+	dscache.Init(ctx, false)
+	alert.Start(config.Alert, config.Pushgw, syncStats, alertStats, externalProcessors, targetCache, busiGroupCache, alertMuteCache, alertRuleCache, notifyConfigCache, taskTplCache, dsCache, ctx, promClients, userCache, userGroupCache, notifyRuleCache, notifyChannelCache, messageTemplateCache)

 	writers := writer.NewWriters(config.Pushgw)

 	go version.GetGithubVersion()

+	go cron.CleanNotifyRecord(ctx, config.Center.CleanNotifyRecordDay)
+
 	alertrtRouter := alertrt.New(config.HTTP, config.Alert, alertMuteCache, targetCache, busiGroupCache, alertStats, ctx, externalProcessors)
-	centerRouter := centerrt.New(config.HTTP, config.Center, config.Alert, config.Ibex, cconf.Operations, dsCache, notifyConfigCache, promClients, tdengineClients,
-		redis, sso, ctx, metas, idents, targetCache, userCache, userGroupCache)
+	centerRouter := centerrt.New(config.HTTP, config.Center, config.Alert, config.Ibex,
+		cconf.Operations, dsCache, notifyConfigCache, promClients,
+		redis, sso, ctx, metas, idents, targetCache, userCache, userGroupCache, userTokenCache)
 	pushgwRouter := pushgwrt.New(config.HTTP, config.Pushgw, config.Alert, targetCache, busiGroupCache, idents, metas, writers, ctx)

-	r := httpx.GinEngine(config.Global.RunMode, config.HTTP)
+	r := httpx.GinEngine(config.Global.RunMode, config.HTTP, configCvalCache.PrintBodyPaths, configCvalCache.PrintAccessLog)

 	centerRouter.Config(r)
 	alertrtRouter.Config(r)
@@ -125,6 +149,11 @@ func Initialize(configDir string, cryptoKey string) (func(), error) {

 	httpClean := httpx.Init(config.HTTP, r)

+	fmt.Printf("please view n9e at  http://%v:%v\n", config.Alert.Heartbeat.IP, config.HTTP.Port)
+	if isRootInit {
+		fmt.Println("username/password: root/root.2020")
+	}
+
 	return func() {
 		logxClean()
 		httpClean()
--- a/center/cstats/stats.go
+++ b/center/cstats/stats.go
@@ -6,40 +6,49 @@ import (
 	"github.com/prometheus/client_golang/prometheus"
 )

-const Service = "n9e-center"
+const (
+	namespace = "n9e"
+	subsystem = "center"
+)

 var (
-	labels = []string{"service", "code", "path", "method"}
-
-	uptime = prometheus.NewCounterVec(
+	uptime = prometheus.NewCounter(
 		prometheus.CounterOpts{
-			Name: "uptime",
-			Help: "HTTP service uptime.",
-		}, []string{"service"},
-	)
-
-	RequestCounter = prometheus.NewCounterVec(
-		prometheus.CounterOpts{
-			Name: "http_request_count_total",
-			Help: "Total number of HTTP requests made.",
-		}, labels,
+			Namespace: namespace,
+			Subsystem: subsystem,
+			Name:      "uptime",
+			Help:      "HTTP service uptime.",
+		},
 	)

 	RequestDuration = prometheus.NewHistogramVec(
 		prometheus.HistogramOpts{
-			Buckets: []float64{.01, .1, 1, 10},
-			Name:    "http_request_duration_seconds",
-			Help:    "HTTP request latencies in seconds.",
-		}, labels,
+			Namespace: namespace,
+			Subsystem: subsystem,
+			Buckets:   prometheus.DefBuckets,
+			Name:      "http_request_duration_seconds",
+			Help:      "HTTP request latencies in seconds.",
+		}, []string{"code", "path", "method"},
+	)
+
+	RedisOperationLatency = prometheus.NewHistogramVec(
+		prometheus.HistogramOpts{
+			Namespace: namespace,
+			Subsystem: subsystem,
+			Name:      "redis_operation_latency_seconds",
+			Help:      "Histogram of latencies for Redis operations",
+			Buckets:   []float64{.005, .01, .025, .05, .1, .25, .5, 1, 2.5, 5},
+		},
+		[]string{"operation", "status"},
 	)
 )

-func Init() {
+func init() {
 	// Register the summary and the histogram with Prometheus's default registry.
 	prometheus.MustRegister(
 		uptime,
-		RequestCounter,
 		RequestDuration,
+		RedisOperationLatency,
 	)

 	go recordUptime()
@@ -48,6 +57,6 @@ func Init() {
 // recordUptime increases service uptime per second.
 func recordUptime() {
 	for range time.Tick(time.Second) {
-		uptime.WithLabelValues(Service).Inc()
+		uptime.Inc()
 	}
 }
--- a/center/integration/init.go
+++ b/center/integration/init.go
@@ -16,6 +16,20 @@ import (
 const SYSTEM = "system"

 func Init(ctx *ctx.Context, builtinIntegrationsDir string) {
+	err := models.InitBuiltinPayloads(ctx)
+	if err != nil {
+		logger.Warning("init old builtinPayloads fail ", err)
+		return
+	}
+
+	if res, err := models.ConfigsSelectByCkey(ctx, "disable_integration_init"); err != nil {
+		logger.Error("fail to get value 'disable_integration_init' from configs", err)
+		return
+	} else if len(res) != 0 {
+		logger.Info("disable_integration_init is set, skip integration init")
+		return
+	}
+
 	fp := builtinIntegrationsDir
 	if fp == "" {
 		fp = path.Join(runner.Cwd, "integrations")
@@ -92,6 +106,7 @@ func Init(ctx *ctx.Context, builtinIntegrationsDir string) {
 					logger.Warning("update builtin component fail ", old, err)
 				}
 			}
+			component.ID = old.ID
 		}

 		// delete uuid is emtpy
@@ -106,6 +121,12 @@ func Init(ctx *ctx.Context, builtinIntegrationsDir string) {
 			logger.Warning("delete builtin metrics fail ", err)
 		}

+		// 删除 uuid%1000 不为 0 uuid > 1000000000000000000 且 type 为 dashboard 的记录
+		err = models.DB(ctx).Exec("delete from builtin_payloads where uuid%1000 != 0 and uuid > 1000000000000000000 and type = 'dashboard' and updated_by = 'system'").Error
+		if err != nil {
+			logger.Warning("delete builtin payloads fail ", err)
+		}
+
 		// alerts
 		files, err = file.FilesUnder(componentDir + "/alerts")
 		if err == nil && len(files) > 0 {
@@ -141,13 +162,13 @@ func Init(ctx *ctx.Context, builtinIntegrationsDir string) {

 					cate := strings.Replace(f, ".json", "", -1)
 					builtinAlert := models.BuiltinPayload{
-						Component: component.Ident,
-						Type:      "alert",
-						Cate:      cate,
-						Name:      alert.Name,
-						Tags:      alert.AppendTags,
-						Content:   string(content),
-						UUID:      alert.UUID,
+						ComponentID: component.ID,
+						Type:        "alert",
+						Cate:        cate,
+						Name:        alert.Name,
+						Tags:        alert.AppendTags,
+						Content:     string(content),
+						UUID:        alert.UUID,
 					}

 					old, err := models.BuiltinPayloadGet(ctx, "uuid = ?", alert.UUID)
@@ -165,6 +186,7 @@ func Init(ctx *ctx.Context, builtinIntegrationsDir string) {
 					}

 					if old.UpdatedBy == SYSTEM {
+						old.ComponentID = component.ID
 						old.Content = string(content)
 						old.Name = alert.Name
 						old.Tags = alert.AppendTags
@@ -210,7 +232,8 @@ func Init(ctx *ctx.Context, builtinIntegrationsDir string) {
 				}

 				if dashboard.UUID == 0 {
-					dashboard.UUID = time.Now().UnixNano()
+					time.Sleep(time.Microsecond)
+					dashboard.UUID = time.Now().UnixMicro()
 					// 补全文件中的 uuid
 					bs, err = json.MarshalIndent(dashboard, "", "    ")
 					if err != nil {
@@ -231,13 +254,13 @@ func Init(ctx *ctx.Context, builtinIntegrationsDir string) {
 				}

 				builtinDashboard := models.BuiltinPayload{
-					Component: component.Ident,
-					Type:      "dashboard",
-					Cate:      "",
-					Name:      dashboard.Name,
-					Tags:      dashboard.Tags,
-					Content:   string(content),
-					UUID:      dashboard.UUID,
+					ComponentID: component.ID,
+					Type:        "dashboard",
+					Cate:        "",
+					Name:        dashboard.Name,
+					Tags:        dashboard.Tags,
+					Content:     string(content),
+					UUID:        dashboard.UUID,
 				}

 				old, err := models.BuiltinPayloadGet(ctx, "uuid = ?", dashboard.UUID)
@@ -255,6 +278,7 @@ func Init(ctx *ctx.Context, builtinIntegrationsDir string) {
 				}

 				if old.UpdatedBy == SYSTEM {
+					old.ComponentID = component.ID
 					old.Content = string(content)
 					old.Name = dashboard.Name
 					old.Tags = dashboard.Tags
--- a/center/metas/metas.go
+++ b/center/metas/metas.go
@@ -6,6 +6,7 @@ import (
 	"sync"
 	"time"

+	"github.com/ccfos/nightingale/v6/center/cstats"
 	"github.com/ccfos/nightingale/v6/models"
 	"github.com/ccfos/nightingale/v6/storage"

@@ -115,15 +116,23 @@ func (s *Set) updateTargets(m map[string]models.HostMeta) error {
 		}
 		newMap[models.WrapIdent(ident)] = meta
 	}
+
+	start := time.Now()
 	err := storage.MSet(context.Background(), s.redis, newMap)
 	if err != nil {
+		cstats.RedisOperationLatency.WithLabelValues("mset_target_meta", "fail").Observe(time.Since(start).Seconds())
 		return err
+	} else {
+		cstats.RedisOperationLatency.WithLabelValues("mset_target_meta", "success").Observe(time.Since(start).Seconds())
 	}

 	if len(extendMap) > 0 {
 		err = storage.MSet(context.Background(), s.redis, extendMap)
 		if err != nil {
+			cstats.RedisOperationLatency.WithLabelValues("mset_target_extend", "fail").Observe(time.Since(start).Seconds())
 			return err
+		} else {
+			cstats.RedisOperationLatency.WithLabelValues("mset_target_extend", "success").Observe(time.Since(start).Seconds())
 		}
 	}

--- a/center/router/router.go
+++ b/center/router/router.go
@@ -16,6 +16,7 @@ import (
 	"github.com/ccfos/nightingale/v6/conf"
 	_ "github.com/ccfos/nightingale/v6/front/statik"
 	"github.com/ccfos/nightingale/v6/memsto"
+	"github.com/ccfos/nightingale/v6/models"
 	"github.com/ccfos/nightingale/v6/pkg/aop"
 	"github.com/ccfos/nightingale/v6/pkg/ctx"
 	"github.com/ccfos/nightingale/v6/pkg/httpx"
@@ -23,7 +24,7 @@ import (
 	"github.com/ccfos/nightingale/v6/prom"
 	"github.com/ccfos/nightingale/v6/pushgw/idents"
 	"github.com/ccfos/nightingale/v6/storage"
-	"github.com/ccfos/nightingale/v6/tdengine"
+	"gorm.io/gorm"

 	"github.com/gin-gonic/gin"
 	"github.com/rakyll/statik/fs"
@@ -41,7 +42,6 @@ type Router struct {
 	DatasourceCache   *memsto.DatasourceCacheType
 	NotifyConfigCache *memsto.NotifyConfigCacheType
 	PromClients       *prom.PromClientMap
-	TdendgineClients  *tdengine.TdengineClientMap
 	Redis             storage.Redis
 	MetaSet           *metas.Set
 	IdentSet          *idents.Set
@@ -49,30 +49,40 @@ type Router struct {
 	Sso               *sso.SsoClient
 	UserCache         *memsto.UserCacheType
 	UserGroupCache    *memsto.UserGroupCacheType
+	UserTokenCache    *memsto.UserTokenCacheType
 	Ctx               *ctx.Context
-	HeartbeatHook     HeartbeatHookFunc
+
+	HeartbeatHook       HeartbeatHookFunc
+	TargetDeleteHook    models.TargetDeleteHookFunc
+	AlertRuleModifyHook AlertRuleModifyHookFunc
 }

-func New(httpConfig httpx.Config, center cconf.Center, alert aconf.Alert, ibex conf.Ibex, operations cconf.Operation, ds *memsto.DatasourceCacheType, ncc *memsto.NotifyConfigCacheType, pc *prom.PromClientMap, tdendgineClients *tdengine.TdengineClientMap, redis storage.Redis, sso *sso.SsoClient, ctx *ctx.Context, metaSet *metas.Set, idents *idents.Set, tc *memsto.TargetCacheType, uc *memsto.UserCacheType, ugc *memsto.UserGroupCacheType) *Router {
+func New(httpConfig httpx.Config, center cconf.Center, alert aconf.Alert, ibex conf.Ibex,
+	operations cconf.Operation, ds *memsto.DatasourceCacheType, ncc *memsto.NotifyConfigCacheType,
+	pc *prom.PromClientMap, redis storage.Redis,
+	sso *sso.SsoClient, ctx *ctx.Context, metaSet *metas.Set, idents *idents.Set,
+	tc *memsto.TargetCacheType, uc *memsto.UserCacheType, ugc *memsto.UserGroupCacheType, utc *memsto.UserTokenCacheType) *Router {
 	return &Router{
-		HTTP:              httpConfig,
-		Center:            center,
-		Alert:             alert,
-		Ibex:              ibex,
-		Operations:        operations,
-		DatasourceCache:   ds,
-		NotifyConfigCache: ncc,
-		PromClients:       pc,
-		TdendgineClients:  tdendgineClients,
-		Redis:             redis,
-		MetaSet:           metaSet,
-		IdentSet:          idents,
-		TargetCache:       tc,
-		Sso:               sso,
-		UserCache:         uc,
-		UserGroupCache:    ugc,
-		Ctx:               ctx,
-		HeartbeatHook:     func(ident string) map[string]interface{} { return nil },
+		HTTP:                httpConfig,
+		Center:              center,
+		Alert:               alert,
+		Ibex:                ibex,
+		Operations:          operations,
+		DatasourceCache:     ds,
+		NotifyConfigCache:   ncc,
+		PromClients:         pc,
+		Redis:               redis,
+		MetaSet:             metaSet,
+		IdentSet:            idents,
+		TargetCache:         tc,
+		Sso:                 sso,
+		UserCache:           uc,
+		UserGroupCache:      ugc,
+		UserTokenCache:      utc,
+		Ctx:                 ctx,
+		HeartbeatHook:       func(ident string) map[string]interface{} { return nil },
+		TargetDeleteHook:    func(tx *gorm.DB, idents []string) error { return nil },
+		AlertRuleModifyHook: func(ar *models.AlertRule) {},
 	}
 }

@@ -83,10 +93,9 @@ func stat() gin.HandlerFunc {

 		code := fmt.Sprintf("%d", c.Writer.Status())
 		method := c.Request.Method
-		labels := []string{cstats.Service, code, c.FullPath(), method}
+		labels := []string{code, c.FullPath(), method}

-		cstats.RequestCounter.WithLabelValues(labels...).Inc()
-		cstats.RequestDuration.WithLabelValues(labels...).Observe(float64(time.Since(start).Seconds()))
+		cstats.RequestDuration.WithLabelValues(labels...).Observe(time.Since(start).Seconds())
 	}
 }

@@ -173,26 +182,53 @@ func (rt *Router) Config(r *gin.Engine) {
 			pages.POST("/query-range-batch", rt.promBatchQueryRange)
 			pages.POST("/query-instant-batch", rt.promBatchQueryInstant)
 			pages.GET("/datasource/brief", rt.datasourceBriefs)
+			pages.POST("/datasource/query", rt.datasourceQuery)

 			pages.POST("/ds-query", rt.QueryData)
-			pages.POST("/logs-query", rt.QueryLog)
+			pages.POST("/logs-query", rt.QueryLogV2)

 			pages.POST("/tdengine-databases", rt.tdengineDatabases)
 			pages.POST("/tdengine-tables", rt.tdengineTables)
 			pages.POST("/tdengine-columns", rt.tdengineColumns)

+			pages.POST("/log-query-batch", rt.QueryLogBatch)
+
+			// 数据库元数据接口
+			pages.POST("/db-databases", rt.ShowDatabases)
+			pages.POST("/db-tables", rt.ShowTables)
+			pages.POST("/db-desc-table", rt.DescribeTable)
+
+			// es 专用接口
+			pages.POST("/indices", rt.auth(), rt.user(), rt.QueryIndices)
+			pages.POST("/es-variable", rt.auth(), rt.user(), rt.QueryESVariable)
+			pages.POST("/fields", rt.auth(), rt.user(), rt.QueryFields)
+			pages.POST("/log-query", rt.auth(), rt.user(), rt.QueryLog)
 		} else {
 			pages.Any("/proxy/:id/*url", rt.auth(), rt.dsProxy)
 			pages.POST("/query-range-batch", rt.auth(), rt.promBatchQueryRange)
 			pages.POST("/query-instant-batch", rt.auth(), rt.promBatchQueryInstant)
 			pages.GET("/datasource/brief", rt.auth(), rt.user(), rt.datasourceBriefs)
+			pages.POST("/datasource/query", rt.auth(), rt.user(), rt.datasourceQuery)

 			pages.POST("/ds-query", rt.auth(), rt.QueryData)
-			pages.POST("/logs-query", rt.auth(), rt.QueryLog)
+			pages.POST("/logs-query", rt.auth(), rt.QueryLogV2)

 			pages.POST("/tdengine-databases", rt.auth(), rt.tdengineDatabases)
 			pages.POST("/tdengine-tables", rt.auth(), rt.tdengineTables)
 			pages.POST("/tdengine-columns", rt.auth(), rt.tdengineColumns)
+
+			pages.POST("/log-query-batch", rt.auth(), rt.user(), rt.QueryLogBatch)
+
+			// 数据库元数据接口
+			pages.POST("/db-databases", rt.auth(), rt.user(), rt.ShowDatabases)
+			pages.POST("/db-tables", rt.auth(), rt.user(), rt.ShowTables)
+			pages.POST("/db-desc-table", rt.auth(), rt.user(), rt.DescribeTable)
+
+			// es 专用接口
+			pages.POST("/indices", rt.auth(), rt.user(), rt.QueryIndices)
+			pages.POST("/es-variable", rt.QueryESVariable)
+			pages.POST("/fields", rt.QueryFields)
+			pages.POST("/log-query", rt.QueryLog)
 		}

 		pages.GET("/sql-template", rt.QuerySqlTemplate)
@@ -223,13 +259,16 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.GET("/self/profile", rt.auth(), rt.user(), rt.selfProfileGet)
 		pages.PUT("/self/profile", rt.auth(), rt.user(), rt.selfProfilePut)
 		pages.PUT("/self/password", rt.auth(), rt.user(), rt.selfPasswordPut)
+		pages.GET("/self/token", rt.auth(), rt.user(), rt.getToken)
+		pages.POST("/self/token", rt.auth(), rt.user(), rt.addToken)
+		pages.DELETE("/self/token/:id", rt.auth(), rt.user(), rt.deleteToken)

 		pages.GET("/users", rt.auth(), rt.user(), rt.perm("/users"), rt.userGets)
-		pages.POST("/users", rt.auth(), rt.admin(), rt.userAddPost)
+		pages.POST("/users", rt.auth(), rt.user(), rt.perm("/users/add"), rt.userAddPost)
 		pages.GET("/user/:id/profile", rt.auth(), rt.userProfileGet)
-		pages.PUT("/user/:id/profile", rt.auth(), rt.admin(), rt.userProfilePut)
-		pages.PUT("/user/:id/password", rt.auth(), rt.admin(), rt.userPasswordPut)
-		pages.DELETE("/user/:id", rt.auth(), rt.admin(), rt.userDel)
+		pages.PUT("/user/:id/profile", rt.auth(), rt.user(), rt.perm("/users/put"), rt.userProfilePut)
+		pages.PUT("/user/:id/password", rt.auth(), rt.user(), rt.perm("/users/put"), rt.userPasswordPut)
+		pages.DELETE("/user/:id", rt.auth(), rt.user(), rt.perm("/users/del"), rt.userDel)

 		pages.GET("/metric-views", rt.auth(), rt.metricViewGets)
 		pages.DELETE("/metric-views", rt.auth(), rt.user(), rt.metricViewDel)
@@ -267,6 +306,7 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.DELETE("/busi-group/:id/members", rt.auth(), rt.user(), rt.perm("/busi-groups/put"), rt.bgrw(), rt.busiGroupMemberDel)
 		pages.DELETE("/busi-group/:id", rt.auth(), rt.user(), rt.perm("/busi-groups/del"), rt.bgrw(), rt.busiGroupDel)
 		pages.GET("/busi-group/:id/perm/:perm", rt.auth(), rt.user(), rt.checkBusiGroupPerm)
+		pages.GET("/busi-groups/tags", rt.auth(), rt.user(), rt.busiGroupsGetTags)

 		pages.GET("/targets", rt.auth(), rt.user(), rt.targetGets)
 		pages.GET("/target/extra-meta", rt.auth(), rt.user(), rt.targetExtendInfoByIdent)
@@ -276,7 +316,7 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.POST("/targets/tags", rt.auth(), rt.user(), rt.perm("/targets/put"), rt.targetBindTagsByFE)
 		pages.DELETE("/targets/tags", rt.auth(), rt.user(), rt.perm("/targets/put"), rt.targetUnbindTagsByFE)
 		pages.PUT("/targets/note", rt.auth(), rt.user(), rt.perm("/targets/put"), rt.targetUpdateNote)
-		pages.PUT("/targets/bgid", rt.auth(), rt.user(), rt.perm("/targets/put"), rt.targetUpdateBgid)
+		pages.PUT("/targets/bgids", rt.auth(), rt.user(), rt.perm("/targets/put"), rt.targetBindBgids)

 		pages.POST("/builtin-cate-favorite", rt.auth(), rt.user(), rt.builtinCateFavoriteAdd)
 		pages.DELETE("/builtin-cate-favorite/:name", rt.auth(), rt.user(), rt.builtinCateFavoriteDel)
@@ -297,6 +337,7 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.POST("/busi-group/:id/board/:bid/clone", rt.auth(), rt.user(), rt.perm("/dashboards/add"), rt.bgrw(), rt.boardClone)
 		pages.POST("/busi-groups/boards/clones", rt.auth(), rt.user(), rt.perm("/dashboards/add"), rt.boardBatchClone)

+		pages.GET("/boards", rt.auth(), rt.user(), rt.boardGetsByBids)
 		pages.GET("/board/:bid", rt.boardGet)
 		pages.GET("/board/:bid/pure", rt.boardPureGet)
 		pages.PUT("/board/:bid", rt.auth(), rt.user(), rt.perm("/dashboards/put"), rt.boardPut)
@@ -307,6 +348,11 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.GET("/share-charts", rt.chartShareGets)
 		pages.POST("/share-charts", rt.auth(), rt.chartShareAdd)

+		pages.POST("/dashboard-annotations", rt.auth(), rt.user(), rt.perm("/dashboards/put"), rt.dashAnnotationAdd)
+		pages.GET("/dashboard-annotations", rt.dashAnnotationGets)
+		pages.PUT("/dashboard-annotation/:id", rt.auth(), rt.user(), rt.perm("/dashboards/put"), rt.dashAnnotationPut)
+		pages.DELETE("/dashboard-annotation/:id", rt.auth(), rt.user(), rt.perm("/dashboards/del"), rt.dashAnnotationDel)
+
 		// pages.GET("/alert-rules/builtin/alerts-cates", rt.auth(), rt.user(), rt.builtinAlertCateGets)
 		// pages.GET("/alert-rules/builtin/list", rt.auth(), rt.user(), rt.builtinAlertRules)
 		pages.GET("/alert-rules/callbacks", rt.auth(), rt.user(), rt.alertRuleCallbacks)
@@ -315,6 +361,8 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.GET("/busi-group/:id/alert-rules", rt.auth(), rt.user(), rt.perm("/alert-rules"), rt.alertRuleGets)
 		pages.POST("/busi-group/:id/alert-rules", rt.auth(), rt.user(), rt.perm("/alert-rules/add"), rt.bgrw(), rt.alertRuleAddByFE)
 		pages.POST("/busi-group/:id/alert-rules/import", rt.auth(), rt.user(), rt.perm("/alert-rules/add"), rt.bgrw(), rt.alertRuleAddByImport)
+		pages.POST("/busi-group/:id/alert-rules/import-prom-rule", rt.auth(),
+			rt.user(), rt.perm("/alert-rules/add"), rt.bgrw(), rt.alertRuleAddByImportPromRule)
 		pages.DELETE("/busi-group/:id/alert-rules", rt.auth(), rt.user(), rt.perm("/alert-rules/del"), rt.bgrw(), rt.alertRuleDel)
 		pages.PUT("/busi-group/:id/alert-rules/fields", rt.auth(), rt.user(), rt.perm("/alert-rules/put"), rt.bgrw(), rt.alertRulePutFields)
 		pages.PUT("/busi-group/:id/alert-rule/:arid", rt.auth(), rt.user(), rt.perm("/alert-rules/put"), rt.alertRulePutByFE)
@@ -322,6 +370,8 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.GET("/alert-rule/:arid/pure", rt.auth(), rt.user(), rt.perm("/alert-rules"), rt.alertRulePureGet)
 		pages.PUT("/busi-group/alert-rule/validate", rt.auth(), rt.user(), rt.perm("/alert-rules/put"), rt.alertRuleValidation)
 		pages.POST("/relabel-test", rt.auth(), rt.user(), rt.relabelTest)
+		pages.POST("/busi-group/:id/alert-rules/clone", rt.auth(), rt.user(), rt.perm("/alert-rules/add"), rt.bgrw(), rt.cloneToMachine)
+		pages.POST("/busi-groups/alert-rules/clones", rt.auth(), rt.user(), rt.perm("/alert-rules/add"), rt.batchAlertRuleClone)

 		pages.GET("/busi-groups/recording-rules", rt.auth(), rt.user(), rt.perm("/recording-rules"), rt.recordingRuleGetsByGids)
 		pages.GET("/busi-group/:id/recording-rules", rt.auth(), rt.user(), rt.perm("/recording-rules"), rt.recordingRuleGets)
@@ -339,6 +389,7 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.PUT("/busi-group/:id/alert-mute/:amid", rt.auth(), rt.user(), rt.perm("/alert-mutes/put"), rt.alertMutePutByFE)
 		pages.GET("/busi-group/:id/alert-mute/:amid", rt.auth(), rt.user(), rt.perm("/alert-mutes"), rt.alertMuteGet)
 		pages.PUT("/busi-group/:id/alert-mutes/fields", rt.auth(), rt.user(), rt.perm("/alert-mutes/put"), rt.bgrw(), rt.alertMutePutFields)
+		pages.POST("/alert-mute-tryrun", rt.auth(), rt.user(), rt.perm("/alert-mutes/add"), rt.alertMuteTryRun)

 		pages.GET("/busi-groups/alert-subscribes", rt.auth(), rt.user(), rt.perm("/alert-subscribes"), rt.alertSubscribeGetsByGids)
 		pages.GET("/busi-group/:id/alert-subscribes", rt.auth(), rt.user(), rt.perm("/alert-subscribes"), rt.bgro(), rt.alertSubscribeGets)
@@ -347,19 +398,16 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.PUT("/busi-group/:id/alert-subscribes", rt.auth(), rt.user(), rt.perm("/alert-subscribes/put"), rt.bgrw(), rt.alertSubscribePut)
 		pages.DELETE("/busi-group/:id/alert-subscribes", rt.auth(), rt.user(), rt.perm("/alert-subscribes/del"), rt.bgrw(), rt.alertSubscribeDel)

-		if rt.Center.AnonymousAccess.AlertDetail {
-			pages.GET("/alert-cur-event/:eid", rt.alertCurEventGet)
-			pages.GET("/alert-his-event/:eid", rt.alertHisEventGet)
-		} else {
-			pages.GET("/alert-cur-event/:eid", rt.auth(), rt.user(), rt.alertCurEventGet)
-			pages.GET("/alert-his-event/:eid", rt.auth(), rt.user(), rt.alertHisEventGet)
-		}
+		pages.GET("/alert-cur-event/:eid", rt.alertCurEventGet)
+		pages.GET("/alert-his-event/:eid", rt.alertHisEventGet)
+		pages.GET("/event-notify-records/:eid", rt.notificationRecordList)

 		// card logic
 		pages.GET("/alert-cur-events/list", rt.auth(), rt.user(), rt.alertCurEventsList)
 		pages.GET("/alert-cur-events/card", rt.auth(), rt.user(), rt.alertCurEventsCard)
 		pages.POST("/alert-cur-events/card/details", rt.auth(), rt.alertCurEventsCardDetails)
 		pages.GET("/alert-his-events/list", rt.auth(), rt.user(), rt.alertHisEventsList)
+		pages.DELETE("/alert-his-events", rt.auth(), rt.admin(), rt.alertHisEventsDelete)
 		pages.DELETE("/alert-cur-events", rt.auth(), rt.user(), rt.perm("/alert-cur-events/del"), rt.alertCurEventDel)
 		pages.GET("/alert-cur-events/stats", rt.auth(), rt.alertCurEventsStatistics)

@@ -391,13 +439,13 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.POST("/datasource/status/update", rt.auth(), rt.admin(), rt.datasourceUpdataStatus)
 		pages.DELETE("/datasource/", rt.auth(), rt.admin(), rt.datasourceDel)

-		pages.GET("/roles", rt.auth(), rt.admin(), rt.roleGets)
-		pages.POST("/roles", rt.auth(), rt.admin(), rt.roleAdd)
-		pages.PUT("/roles", rt.auth(), rt.admin(), rt.rolePut)
-		pages.DELETE("/role/:id", rt.auth(), rt.admin(), rt.roleDel)
+		pages.GET("/roles", rt.auth(), rt.user(), rt.perm("/roles"), rt.roleGets)
+		pages.POST("/roles", rt.auth(), rt.user(), rt.perm("/roles/add"), rt.roleAdd)
+		pages.PUT("/roles", rt.auth(), rt.user(), rt.perm("/roles/put"), rt.rolePut)
+		pages.DELETE("/role/:id", rt.auth(), rt.user(), rt.perm("/roles/del"), rt.roleDel)

-		pages.GET("/role/:id/ops", rt.auth(), rt.admin(), rt.operationOfRole)
-		pages.PUT("/role/:id/ops", rt.auth(), rt.admin(), rt.roleBindOperation)
+		pages.GET("/role/:id/ops", rt.auth(), rt.user(), rt.perm("/roles"), rt.operationOfRole)
+		pages.PUT("/role/:id/ops", rt.auth(), rt.user(), rt.perm("/roles/put"), rt.roleBindOperation)
 		pages.GET("/operation", rt.operations)

 		pages.GET("/notify-tpls", rt.auth(), rt.user(), rt.notifyTplGets)
@@ -419,7 +467,7 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.GET("/notify-channel", rt.auth(), rt.user(), rt.perm("/help/notification-settings"), rt.notifyChannelGets)
 		pages.PUT("/notify-channel", rt.auth(), rt.admin(), rt.notifyChannelPuts)

-		pages.GET("/notify-contact", rt.auth(), rt.user(), rt.perm("/help/notification-settings"), rt.notifyContactGets)
+		pages.GET("/notify-contact", rt.auth(), rt.user(), rt.notifyContactGets)
 		pages.PUT("/notify-contact", rt.auth(), rt.admin(), rt.notifyContactPuts)

 		pages.GET("/notify-config", rt.auth(), rt.user(), rt.perm("/help/notification-settings"), rt.notifyConfigGet)
@@ -428,13 +476,20 @@ func (rt *Router) Config(r *gin.Engine) {

 		pages.GET("/es-index-pattern", rt.auth(), rt.esIndexPatternGet)
 		pages.GET("/es-index-pattern-list", rt.auth(), rt.esIndexPatternGetList)
-		pages.POST("/es-index-pattern", rt.auth(), rt.admin(), rt.esIndexPatternAdd)
-		pages.PUT("/es-index-pattern", rt.auth(), rt.admin(), rt.esIndexPatternPut)
-		pages.DELETE("/es-index-pattern", rt.auth(), rt.admin(), rt.esIndexPatternDel)
+		pages.POST("/es-index-pattern", rt.auth(), rt.user(), rt.perm("/log/index-patterns/add"), rt.esIndexPatternAdd)
+		pages.PUT("/es-index-pattern", rt.auth(), rt.user(), rt.perm("/log/index-patterns/put"), rt.esIndexPatternPut)
+		pages.DELETE("/es-index-pattern", rt.auth(), rt.user(), rt.perm("/log/index-patterns/del"), rt.esIndexPatternDel)

 		pages.GET("/embedded-dashboards", rt.auth(), rt.user(), rt.perm("/embedded-dashboards"), rt.embeddedDashboardsGet)
 		pages.PUT("/embedded-dashboards", rt.auth(), rt.user(), rt.perm("/embedded-dashboards/put"), rt.embeddedDashboardsPut)

+		// 获取 embedded-product 列表
+		pages.GET("/embedded-product", rt.auth(), rt.user(), rt.embeddedProductGets)
+		pages.GET("/embedded-product/:id", rt.auth(), rt.user(), rt.embeddedProductGet)
+		pages.POST("/embedded-product", rt.auth(), rt.user(), rt.perm("/embedded-product/add"), rt.embeddedProductAdd)
+		pages.PUT("/embedded-product/:id", rt.auth(), rt.user(), rt.perm("/embedded-product/put"), rt.embeddedProductPut)
+		pages.DELETE("/embedded-product/:id", rt.auth(), rt.user(), rt.perm("/embedded-product/delete"), rt.embeddedProductDelete)
+
 		pages.GET("/user-variable-configs", rt.auth(), rt.user(), rt.perm("/help/variable-configs"), rt.userVariableConfigGets)
 		pages.POST("/user-variable-config", rt.auth(), rt.user(), rt.perm("/help/variable-configs"), rt.userVariableConfigAdd)
 		pages.PUT("/user-variable-config/:id", rt.auth(), rt.user(), rt.perm("/help/variable-configs"), rt.userVariableConfigPut)
@@ -444,20 +499,59 @@ func (rt *Router) Config(r *gin.Engine) {
 		pages.PUT("/config", rt.auth(), rt.admin(), rt.configPutByKey)
 		pages.GET("/site-info", rt.siteInfo)

+		// source token 相关路由
+		pages.POST("/source-token", rt.auth(), rt.user(), rt.sourceTokenAdd)
+
 		// for admin api
 		pages.GET("/user/busi-groups", rt.auth(), rt.admin(), rt.userBusiGroupsGets)

 		pages.GET("/builtin-components", rt.auth(), rt.user(), rt.builtinComponentsGets)
-		pages.POST("/builtin-components", rt.auth(), rt.user(), rt.perm("/built-in-components/add"), rt.builtinComponentsAdd)
-		pages.PUT("/builtin-components", rt.auth(), rt.user(), rt.perm("/built-in-components/put"), rt.builtinComponentsPut)
-		pages.DELETE("/builtin-components", rt.auth(), rt.user(), rt.perm("/built-in-components/del"), rt.builtinComponentsDel)
+		pages.POST("/builtin-components", rt.auth(), rt.user(), rt.perm("/components/add"), rt.builtinComponentsAdd)
+		pages.PUT("/builtin-components", rt.auth(), rt.user(), rt.perm("/components/put"), rt.builtinComponentsPut)
+		pages.DELETE("/builtin-components", rt.auth(), rt.user(), rt.perm("/components/del"), rt.builtinComponentsDel)

 		pages.GET("/builtin-payloads", rt.auth(), rt.user(), rt.builtinPayloadsGets)
 		pages.GET("/builtin-payloads/cates", rt.auth(), rt.user(), rt.builtinPayloadcatesGet)
-		pages.POST("/builtin-payloads", rt.auth(), rt.user(), rt.perm("/built-in-components/add"), rt.builtinPayloadsAdd)
-		pages.GET("/builtin-payload/:id", rt.auth(), rt.user(), rt.perm("/built-in-components"), rt.builtinPayloadGet)
-		pages.PUT("/builtin-payloads", rt.auth(), rt.user(), rt.perm("/built-in-components/put"), rt.builtinPayloadsPut)
-		pages.DELETE("/builtin-payloads", rt.auth(), rt.user(), rt.perm("/built-in-components/del"), rt.builtinPayloadsDel)
+		pages.POST("/builtin-payloads", rt.auth(), rt.user(), rt.perm("/components/add"), rt.builtinPayloadsAdd)
+		pages.GET("/builtin-payload/:id", rt.auth(), rt.user(), rt.perm("/components"), rt.builtinPayloadGet)
+		pages.PUT("/builtin-payloads", rt.auth(), rt.user(), rt.perm("/components/put"), rt.builtinPayloadsPut)
+		pages.DELETE("/builtin-payloads", rt.auth(), rt.user(), rt.perm("/components/del"), rt.builtinPayloadsDel)
+		pages.GET("/builtin-payload", rt.auth(), rt.user(), rt.builtinPayloadsGetByUUIDOrID)
+
+		pages.POST("/message-templates", rt.auth(), rt.user(), rt.perm("/notification-templates/add"), rt.messageTemplatesAdd)
+		pages.DELETE("/message-templates", rt.auth(), rt.user(), rt.perm("/notification-templates/del"), rt.messageTemplatesDel)
+		pages.PUT("/message-template/:id", rt.auth(), rt.user(), rt.perm("/notification-templates/put"), rt.messageTemplatePut)
+		pages.GET("/message-template/:id", rt.auth(), rt.user(), rt.perm("/notification-templates"), rt.messageTemplateGet)
+		pages.GET("/message-templates", rt.auth(), rt.user(), rt.messageTemplatesGet)
+		pages.POST("/events-message", rt.auth(), rt.user(), rt.eventsMessage)
+
+		pages.POST("/notify-rules", rt.auth(), rt.user(), rt.perm("/notification-rules/add"), rt.notifyRulesAdd)
+		pages.DELETE("/notify-rules", rt.auth(), rt.user(), rt.perm("/notification-rules/del"), rt.notifyRulesDel)
+		pages.PUT("/notify-rule/:id", rt.auth(), rt.user(), rt.perm("/notification-rules/put"), rt.notifyRulePut)
+		pages.GET("/notify-rule/:id", rt.auth(), rt.user(), rt.perm("/notification-rules"), rt.notifyRuleGet)
+		pages.GET("/notify-rules", rt.auth(), rt.user(), rt.perm("/notification-rules"), rt.notifyRulesGet)
+		pages.POST("/notify-rule/test", rt.auth(), rt.user(), rt.perm("/notification-rules"), rt.notifyTest)
+		pages.GET("/notify-rule/custom-params", rt.auth(), rt.user(), rt.perm("/notification-rules"), rt.notifyRuleCustomParamsGet)
+		pages.POST("/notify-rule/event-pipelines-tryrun", rt.auth(), rt.user(), rt.perm("/notification-rules/add"), rt.tryRunEventProcessorByNotifyRule)
+
+		// 事件Pipeline相关路由
+		pages.GET("/event-pipelines", rt.auth(), rt.user(), rt.perm("/event-pipelines"), rt.eventPipelinesList)
+		pages.POST("/event-pipeline", rt.auth(), rt.user(), rt.perm("/event-pipelines/add"), rt.addEventPipeline)
+		pages.PUT("/event-pipeline", rt.auth(), rt.user(), rt.perm("/event-pipelines/put"), rt.updateEventPipeline)
+		pages.GET("/event-pipeline/:id", rt.auth(), rt.user(), rt.perm("/event-pipelines"), rt.getEventPipeline)
+		pages.DELETE("/event-pipelines", rt.auth(), rt.user(), rt.perm("/event-pipelines/del"), rt.deleteEventPipelines)
+		pages.POST("/event-pipeline-tryrun", rt.auth(), rt.user(), rt.perm("/event-pipelines"), rt.tryRunEventPipeline)
+		pages.POST("/event-processor-tryrun", rt.auth(), rt.user(), rt.perm("/event-pipelines"), rt.tryRunEventProcessor)
+
+		pages.POST("/notify-channel-configs", rt.auth(), rt.user(), rt.perm("/notification-channels/add"), rt.notifyChannelsAdd)
+		pages.DELETE("/notify-channel-configs", rt.auth(), rt.user(), rt.perm("/notification-channels/del"), rt.notifyChannelsDel)
+		pages.PUT("/notify-channel-config/:id", rt.auth(), rt.user(), rt.perm("/notification-channels/put"), rt.notifyChannelPut)
+		pages.GET("/notify-channel-config/:id", rt.auth(), rt.user(), rt.perm("/notification-channels"), rt.notifyChannelGet)
+		pages.GET("/notify-channel-configs", rt.auth(), rt.user(), rt.perm("/notification-channels"), rt.notifyChannelsGet)
+		pages.GET("/simplified-notify-channel-configs", rt.notifyChannelsGetForNormalUser)
+		pages.GET("/flashduty-channel-list/:id", rt.auth(), rt.user(), rt.flashDutyNotifyChannelsGet)
+		pages.GET("/notify-channel-config", rt.auth(), rt.user(), rt.notifyChannelGetBy)
+		pages.GET("/notify-channel-config/idents", rt.notifyChannelIdentsGet)
 	}

 	r.GET("/api/n9e/versions", func(c *gin.Context) {
@@ -500,6 +594,8 @@ func (rt *Router) Config(r *gin.Engine) {
 			service.PUT("/targets/note", rt.targetUpdateNoteByService)
 			service.PUT("/targets/bgid", rt.targetUpdateBgidByService)

+			service.POST("/targets-of-host-query", rt.targetsOfHostQuery)
+
 			service.POST("/alert-rules", rt.alertRuleAddByService)
 			service.POST("/alert-rule-add", rt.alertRuleAddOneByService)
 			service.DELETE("/alert-rules", rt.alertRuleDelByService)
@@ -534,6 +630,7 @@ func (rt *Router) Config(r *gin.Engine) {
 			service.GET("/config/:id", rt.configGet)
 			service.GET("/configs", rt.configsGet)
 			service.GET("/config", rt.configGetByKey)
+			service.GET("/all-configs", rt.configGetAll)
 			service.PUT("/configs", rt.configsPut)
 			service.POST("/configs", rt.configsPost)
 			service.DELETE("/configs", rt.configsDel)
@@ -551,6 +648,21 @@ func (rt *Router) Config(r *gin.Engine) {

 			service.GET("/targets-of-alert-rule", rt.targetsOfAlertRule)

+			service.POST("/notify-record", rt.notificationRecordAdd)
+
+			service.GET("/alert-cur-events-del-by-hash", rt.alertCurEventDelByHash)
+
+			service.POST("/center/heartbeat", rt.heartbeat)
+
+			service.GET("/es-index-pattern-list", rt.esIndexPatternGetList)
+
+			service.GET("/notify-rules", rt.notifyRulesGetByService)
+
+			service.GET("/notify-channels", rt.notifyChannelConfigGets)
+
+			service.GET("/message-templates", rt.messageTemplateGets)
+
+			service.GET("/event-pipelines", rt.eventPipelinesListByService)
 		}
 	}

--- a/center/router/router_alert_cur_event.go
+++ b/center/router/router_alert_cur_event.go
@@ -1,50 +1,54 @@
 package router

 import (
+	"fmt"
 	"net/http"
 	"sort"
 	"strings"
 	"time"

 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
 )

-func parseAggrRules(c *gin.Context) []*models.AggrRule {
-	aggrRules := strings.Split(ginx.QueryStr(c, "rule", ""), "::") // e.g. field:group_name::field:severity::tagkey:ident
-
-	if len(aggrRules) == 0 {
-		ginx.Bomb(http.StatusBadRequest, "rule empty")
+func getUserGroupIds(ctx *gin.Context, rt *Router, myGroups bool) ([]int64, error) {
+	if !myGroups {
+		return nil, nil
 	}
-
-	rules := make([]*models.AggrRule, len(aggrRules))
-	for i := 0; i < len(aggrRules); i++ {
-		pair := strings.Split(aggrRules[i], ":")
-		if len(pair) != 2 {
-			ginx.Bomb(http.StatusBadRequest, "rule invalid")
-		}
-
-		if !(pair[0] == "field" || pair[0] == "tagkey") {
-			ginx.Bomb(http.StatusBadRequest, "rule invalid")
-		}
-
-		rules[i] = &models.AggrRule{
-			Type:  pair[0],
-			Value: pair[1],
-		}
-	}
-
-	return rules
+	me := ctx.MustGet("user").(*models.User)
+	return models.MyGroupIds(rt.Ctx, me.Id)
 }

 func (rt *Router) alertCurEventsCard(c *gin.Context) {
 	stime, etime := getTimeRange(c)
-	severity := ginx.QueryInt(c, "severity", -1)
+	severity := strx.IdsInt64ForAPI(ginx.QueryStr(c, "severity", ""), ",")
 	query := ginx.QueryStr(c, "query", "")
+	myGroups := ginx.QueryBool(c, "my_groups", false) // 是否只看自己组，默认false
+
+	var gids []int64
+	var err error
+	if myGroups {
+		gids, err = getUserGroupIds(c, rt, myGroups)
+		ginx.Dangerous(err)
+		if len(gids) == 0 {
+			gids = append(gids, -1)
+		}
+	}
+
+	viewId := ginx.QueryInt64(c, "view_id")
+
+	alertView, err := models.GetAlertAggrViewByViewID(rt.Ctx, viewId)
+	ginx.Dangerous(err)
+
+	if alertView == nil {
+		ginx.Bomb(http.StatusNotFound, "alert aggr view not found")
+	}
+
 	dsIds := queryDatasourceIds(c)
-	rules := parseAggrRules(c)

 	prod := ginx.QueryStr(c, "prods", "")
 	if prod == "" {
@@ -61,16 +65,18 @@ func (rt *Router) alertCurEventsCard(c *gin.Context) {
 		cates = strings.Split(cate, ",")
 	}

-	bgids, err := GetBusinessGroupIds(c, rt.Ctx, rt.Center.EventHistoryGroupView)
+	bgids, err := GetBusinessGroupIds(c, rt.Ctx, rt.Center.EventHistoryGroupView, myGroups)
 	ginx.Dangerous(err)

 	// 最多获取50000个，获取太多也没啥意义
-	list, err := models.AlertCurEventGets(rt.Ctx, prods, bgids, stime, etime, severity, dsIds, cates, query, 50000, 0)
+	list, err := models.AlertCurEventsGet(rt.Ctx, prods, bgids, stime, etime, severity, dsIds,
+		cates, 0, query, 50000, 0, []int64{})
 	ginx.Dangerous(err)

 	cardmap := make(map[string]*AlertCard)
 	for _, event := range list {
-		title := event.GenCardTitle(rules)
+		title, err := event.GenCardTitle(alertView.Rule)
+		ginx.Dangerous(err)
 		if _, has := cardmap[title]; has {
 			cardmap[title].Total++
 			cardmap[title].EventIds = append(cardmap[title].EventIds, event.Id)
@@ -85,6 +91,10 @@ func (rt *Router) alertCurEventsCard(c *gin.Context) {
 				Severity: event.Severity,
 			}
 		}
+
+		if cardmap[title].Severity < 1 {
+			cardmap[title].Severity = 3
+		}
 	}

 	titles := make([]string, 0, len(cardmap))
@@ -141,11 +151,15 @@ func (rt *Router) alertCurEventsGetByRid(c *gin.Context) {
 // 列表方式，拉取活跃告警
 func (rt *Router) alertCurEventsList(c *gin.Context) {
 	stime, etime := getTimeRange(c)
-	severity := ginx.QueryInt(c, "severity", -1)
+	severity := strx.IdsInt64ForAPI(ginx.QueryStr(c, "severity", ""), ",")
 	query := ginx.QueryStr(c, "query", "")
 	limit := ginx.QueryInt(c, "limit", 20)
+	myGroups := ginx.QueryBool(c, "my_groups", false) // 是否只看自己组，默认false
+
 	dsIds := queryDatasourceIds(c)

+	eventIds := strx.IdsInt64ForAPI(ginx.QueryStr(c, "event_ids", ""), ",")
+
 	prod := ginx.QueryStr(c, "prods", "")
 	if prod == "" {
 		prod = ginx.QueryStr(c, "rule_prods", "")
@@ -162,16 +176,21 @@ func (rt *Router) alertCurEventsList(c *gin.Context) {
 		cates = strings.Split(cate, ",")
 	}

-	bgids, err := GetBusinessGroupIds(c, rt.Ctx, rt.Center.EventHistoryGroupView)
+	ruleId := ginx.QueryInt64(c, "rid", 0)
+
+	bgids, err := GetBusinessGroupIds(c, rt.Ctx, rt.Center.EventHistoryGroupView, myGroups)
 	ginx.Dangerous(err)

-	total, err := models.AlertCurEventTotal(rt.Ctx, prods, bgids, stime, etime, severity, dsIds, cates, query)
+	total, err := models.AlertCurEventTotal(rt.Ctx, prods, bgids, stime, etime, severity, dsIds,
+		cates, ruleId, query, eventIds)
 	ginx.Dangerous(err)

-	list, err := models.AlertCurEventGets(rt.Ctx, prods, bgids, stime, etime, severity, dsIds, cates, query, limit, ginx.Offset(c, limit))
+	list, err := models.AlertCurEventsGet(rt.Ctx, prods, bgids, stime, etime, severity, dsIds,
+		cates, ruleId, query, limit, ginx.Offset(c, limit), eventIds)
 	ginx.Dangerous(err)

 	cache := make(map[int64]*models.UserGroup)
+
 	for i := 0; i < len(list); i++ {
 		list[i].FillNotifyGroups(rt.Ctx, cache)
 	}
@@ -201,7 +220,9 @@ func (rt *Router) checkCurEventBusiGroupRWPermission(c *gin.Context, ids []int64
 	for i := 0; i < len(ids); i++ {
 		event, err := models.AlertCurEventGetById(rt.Ctx, ids[i])
 		ginx.Dangerous(err)
-
+		if event == nil {
+			continue
+		}
 		if _, has := set[event.GroupId]; !has {
 			rt.bgrwCheck(c, event.GroupId)
 			set[event.GroupId] = struct{}{}
@@ -211,21 +232,76 @@ func (rt *Router) checkCurEventBusiGroupRWPermission(c *gin.Context, ids []int64

 func (rt *Router) alertCurEventGet(c *gin.Context) {
 	eid := ginx.UrlParamInt64(c, "eid")
-	event, err := models.AlertCurEventGetById(rt.Ctx, eid)
-	ginx.Dangerous(err)
+	event, err := GetCurEventDetail(rt.Ctx, eid)

-	if event == nil {
-		ginx.Bomb(404, "No such active event")
-	}
-
-	if !rt.Center.AnonymousAccess.AlertDetail && rt.Center.EventHistoryGroupView {
+	hasPermission := HasPermission(rt.Ctx, c, "event", fmt.Sprintf("%d", eid), rt.Center.AnonymousAccess.AlertDetail)
+	if !hasPermission {
+		rt.auth()(c)
+		rt.user()(c)
 		rt.bgroCheck(c, event.GroupId)
 	}

-	ginx.NewRender(c).Data(event, nil)
+	ginx.NewRender(c).Data(event, err)
+}
+
+func GetCurEventDetail(ctx *ctx.Context, eid int64) (*models.AlertCurEvent, error) {
+	event, err := models.AlertCurEventGetById(ctx, eid)
+	if err != nil {
+		return nil, err
+	}
+
+	if event == nil {
+		return nil, fmt.Errorf("no such active event")
+	}
+
+	ruleConfig, needReset := models.FillRuleConfigTplName(ctx, event.RuleConfig)
+	if needReset {
+		event.RuleConfigJson = ruleConfig
+	}
+
+	event.LastEvalTime = event.TriggerTime
+	event.NotifyVersion, err = GetEventNotifyVersion(ctx, event.RuleId, event.NotifyRuleIds)
+	ginx.Dangerous(err)
+
+	event.NotifyRules, err = GetEventNorifyRuleNames(ctx, event.NotifyRuleIds)
+	return event, err
+}
+
+func GetEventNorifyRuleNames(ctx *ctx.Context, notifyRuleIds []int64) ([]*models.EventNotifyRule, error) {
+	notifyRuleNames := make([]*models.EventNotifyRule, 0)
+	notifyRules, err := models.NotifyRulesGet(ctx, "id in ?", notifyRuleIds)
+	if err != nil {
+		return nil, err
+	}
+
+	for _, notifyRule := range notifyRules {
+		notifyRuleNames = append(notifyRuleNames, &models.EventNotifyRule{
+			Id:   notifyRule.ID,
+			Name: notifyRule.Name,
+		})
+	}
+	return notifyRuleNames, nil
+}
+
+func GetEventNotifyVersion(ctx *ctx.Context, ruleId int64, notifyRuleIds []int64) (int, error) {
+	if len(notifyRuleIds) != 0 {
+		// 如果存在 notify_rule_ids，则认为使用新的告警通知方式
+		return 1, nil
+	}
+
+	rule, err := models.AlertRuleGetById(ctx, ruleId)
+	if err != nil {
+		return 0, err
+	}
+	return rule.NotifyVersion, nil
 }

 func (rt *Router) alertCurEventsStatistics(c *gin.Context) {

 	ginx.NewRender(c).Data(models.AlertCurEventStatistics(rt.Ctx, time.Now()), nil)
 }
+
+func (rt *Router) alertCurEventDelByHash(c *gin.Context) {
+	hash := ginx.QueryStr(c, "hash")
+	ginx.NewRender(c).Message(models.AlertCurEventDelByHash(rt.Ctx, hash))
+}
--- a/center/router/router_alert_his_event.go
+++ b/center/router/router_alert_his_event.go
@@ -2,6 +2,7 @@ package router

 import (
 	"fmt"
+	"net/http"
 	"strings"
 	"time"

@@ -10,6 +11,7 @@ import (

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/logger"
 	"golang.org/x/exp/slices"
 )

@@ -54,13 +56,17 @@ func (rt *Router) alertHisEventsList(c *gin.Context) {
 		cates = strings.Split(cate, ",")
 	}

-	bgids, err := GetBusinessGroupIds(c, rt.Ctx, rt.Center.EventHistoryGroupView)
+	ruleId := ginx.QueryInt64(c, "rid", 0)
+
+	bgids, err := GetBusinessGroupIds(c, rt.Ctx, rt.Center.EventHistoryGroupView, false)
 	ginx.Dangerous(err)

-	total, err := models.AlertHisEventTotal(rt.Ctx, prods, bgids, stime, etime, severity, recovered, dsIds, cates, query)
+	total, err := models.AlertHisEventTotal(rt.Ctx, prods, bgids, stime, etime, severity,
+		recovered, dsIds, cates, ruleId, query)
 	ginx.Dangerous(err)

-	list, err := models.AlertHisEventGets(rt.Ctx, prods, bgids, stime, etime, severity, recovered, dsIds, cates, query, limit, ginx.Offset(c, limit))
+	list, err := models.AlertHisEventGets(rt.Ctx, prods, bgids, stime, etime, severity, recovered,
+		dsIds, cates, ruleId, query, limit, ginx.Offset(c, limit))
 	ginx.Dangerous(err)

 	cache := make(map[int64]*models.UserGroup)
@@ -74,59 +80,112 @@ func (rt *Router) alertHisEventsList(c *gin.Context) {
 	}, nil)
 }

+type alertHisEventsDeleteForm struct {
+	Severities []int `json:"severities"`
+	Timestamp  int64 `json:"timestamp" binding:"required"`
+}
+
+func (rt *Router) alertHisEventsDelete(c *gin.Context) {
+	var f alertHisEventsDeleteForm
+	ginx.BindJSON(c, &f)
+	// 校验
+	if f.Timestamp == 0 {
+		ginx.Bomb(http.StatusBadRequest, "timestamp parameter is required")
+		return
+	}
+
+	user := c.MustGet("user").(*models.User)
+
+	// 启动后台清理任务
+	go func() {
+		limit := 100
+		for {
+			n, err := models.AlertHisEventBatchDelete(rt.Ctx, f.Timestamp, f.Severities, limit)
+			if err != nil {
+				logger.Errorf("Failed to delete alert history events: operator=%s, timestamp=%d, severities=%v, error=%v",
+					user.Username, f.Timestamp, f.Severities, err)
+				break
+			}
+			logger.Debugf("Successfully deleted alert history events: operator=%s, timestamp=%d, severities=%v, deleted=%d",
+				user.Username, f.Timestamp, f.Severities, n)
+			if n < int64(limit) {
+				break // 已经删完
+			}
+
+			time.Sleep(100 * time.Millisecond) // 防止锁表
+		}
+	}()
+	ginx.NewRender(c).Message("Alert history events deletion started")
+}
+
 func (rt *Router) alertHisEventGet(c *gin.Context) {
 	eid := ginx.UrlParamInt64(c, "eid")
 	event, err := models.AlertHisEventGetById(rt.Ctx, eid)
 	ginx.Dangerous(err)
-
 	if event == nil {
 		ginx.Bomb(404, "No such alert event")
 	}

-	if !rt.Center.AnonymousAccess.AlertDetail && rt.Center.EventHistoryGroupView {
+	hasPermission := HasPermission(rt.Ctx, c, "event", fmt.Sprintf("%d", eid), rt.Center.AnonymousAccess.AlertDetail)
+	if !hasPermission {
+		rt.auth()(c)
+		rt.user()(c)
 		rt.bgroCheck(c, event.GroupId)
 	}

+	ruleConfig, needReset := models.FillRuleConfigTplName(rt.Ctx, event.RuleConfig)
+	if needReset {
+		event.RuleConfigJson = ruleConfig
+	}
+
+	event.NotifyVersion, err = GetEventNotifyVersion(rt.Ctx, event.RuleId, event.NotifyRuleIds)
+	ginx.Dangerous(err)
+
+	event.NotifyRules, err = GetEventNorifyRuleNames(rt.Ctx, event.NotifyRuleIds)
 	ginx.NewRender(c).Data(event, err)
 }

-func GetBusinessGroupIds(c *gin.Context, ctx *ctx.Context, eventHistoryGroupView bool) ([]int64, error) {
+func GetBusinessGroupIds(c *gin.Context, ctx *ctx.Context, onlySelfGroupView bool, myGroups bool) ([]int64, error) {
 	bgid := ginx.QueryInt64(c, "bgid", 0)
 	var bgids []int64

-	if !eventHistoryGroupView || strings.HasPrefix(c.Request.URL.Path, "/v1") {
+	if strings.HasPrefix(c.Request.URL.Path, "/v1") {
+		// 如果请求路径以 /v1 开头，不查询用户信息
 		if bgid > 0 {
 			return []int64{bgid}, nil
 		}
+
 		return bgids, nil
 	}

 	user := c.MustGet("user").(*models.User)
-	if user.IsAdmin() {
+	if myGroups || (onlySelfGroupView && !user.IsAdmin()) {
+		// 1. 页面上勾选了我的业务组，需要查询用户所属的业务组
+		// 2. 如果 onlySelfGroupView 为 true，表示只允许查询用户所属的业务组
+		bussGroupIds, err := models.MyBusiGroupIds(ctx, user.Id)
+		if err != nil {
+			return nil, err
+		}
+
+		if len(bussGroupIds) == 0 {
+			// 如果没查到用户属于任何业务组，需要返回一个0，否则会导致查询到全部告警历史
+			return []int64{0}, nil
+		}
+
 		if bgid > 0 {
+			if !slices.Contains(bussGroupIds, bgid) && !user.IsAdmin() {
+				return nil, fmt.Errorf("business group ID not allowed")
+			}
+
 			return []int64{bgid}, nil
 		}
-		return bgids, nil
-	}

-	bussGroupIds, err := models.MyBusiGroupIds(ctx, user.Id)
-	if err != nil {
-		return nil, err
-	}
-
-	if len(bussGroupIds) == 0 {
-		// 如果没查到用户属于任何业务组，需要返回一个0，否则会导致查询到全部告警历史
-		return []int64{0}, nil
-	}
-
-	if bgid > 0 && !slices.Contains(bussGroupIds, bgid) {
-		return nil, fmt.Errorf("business group ID not allowed")
+		return bussGroupIds, nil
 	}

 	if bgid > 0 {
-		// Pass filter parameters, priority to use
 		return []int64{bgid}, nil
 	}

-	return bussGroupIds, nil
+	return bgids, nil
 }
--- a/center/router/router_alert_rule.go
+++ b/center/router/router_alert_rule.go
@@ -1,23 +1,30 @@
 package router

 import (
+	"encoding/json"
 	"fmt"
 	"net/http"
+	"regexp"
 	"strconv"
 	"strings"
 	"time"

+	"gopkg.in/yaml.v2"
+
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/strx"
 	"github.com/ccfos/nightingale/v6/pushgw/pconf"
 	"github.com/ccfos/nightingale/v6/pushgw/writer"

 	"github.com/gin-gonic/gin"
+	"github.com/jinzhu/copier"
 	"github.com/prometheus/prometheus/prompb"
 	"github.com/toolkits/pkg/ginx"
 	"github.com/toolkits/pkg/i18n"
-	"github.com/toolkits/pkg/str"
 )

+type AlertRuleModifyHookFunc func(ar *models.AlertRule)
+
 // Return all, front-end search and paging
 func (rt *Router) alertRuleGets(c *gin.Context) {
 	busiGroupId := ginx.UrlParamInt64(c, "id")
@@ -32,8 +39,20 @@ func (rt *Router) alertRuleGets(c *gin.Context) {
 	ginx.NewRender(c).Data(ars, err)
 }

+func getAlertCueEventTimeRange(c *gin.Context) (stime, etime int64) {
+	stime = ginx.QueryInt64(c, "stime", 0)
+	etime = ginx.QueryInt64(c, "etime", 0)
+	if etime == 0 {
+		etime = time.Now().Unix()
+	}
+	if stime == 0 || stime >= etime {
+		stime = etime - 30*24*int64(time.Hour.Seconds())
+	}
+	return
+}
+
 func (rt *Router) alertRuleGetsByGids(c *gin.Context) {
-	gids := str.IdsInt64(ginx.QueryStr(c, "gids", ""), ",")
+	gids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "gids", ""), ",")
 	if len(gids) > 0 {
 		for _, gid := range gids {
 			rt.bgroCheck(c, gid)
@@ -55,9 +74,35 @@ func (rt *Router) alertRuleGetsByGids(c *gin.Context) {
 	ars, err := models.AlertRuleGetsByBGIds(rt.Ctx, gids)
 	if err == nil {
 		cache := make(map[int64]*models.UserGroup)
+		rids := make([]int64, 0, len(ars))
+		names := make([]string, 0, len(ars))
 		for i := 0; i < len(ars); i++ {
 			ars[i].FillNotifyGroups(rt.Ctx, cache)
 			ars[i].FillSeverities()
+
+			if len(ars[i].DatasourceQueries) != 0 {
+				ars[i].DatasourceIdsJson = rt.DatasourceCache.GetIDsByDsCateAndQueries(ars[i].Cate, ars[i].DatasourceQueries)
+			}
+
+			rids = append(rids, ars[i].Id)
+			names = append(names, ars[i].UpdateBy)
+		}
+
+		stime, etime := getAlertCueEventTimeRange(c)
+		cnt := models.AlertCurEventCountByRuleId(rt.Ctx, rids, stime, etime)
+		if cnt != nil {
+			for i := 0; i < len(ars); i++ {
+				ars[i].CurEventCount = cnt[ars[i].Id]
+			}
+		}
+
+		users := models.UserMapGet(rt.Ctx, "username in (?)", names)
+		if users != nil {
+			for i := 0; i < len(ars); i++ {
+				if user, exist := users[ars[i].UpdateBy]; exist {
+					ars[i].UpdateByNickname = user.Nickname
+				}
+			}
 		}
 	}
 	ginx.NewRender(c).Data(ars, err)
@@ -85,6 +130,10 @@ func (rt *Router) alertRulesGetByService(c *gin.Context) {
 		cache := make(map[int64]*models.UserGroup)
 		for i := 0; i < len(ars); i++ {
 			ars[i].FillNotifyGroups(rt.Ctx, cache)
+
+			if len(ars[i].DatasourceQueries) != 0 {
+				ars[i].DatasourceIdsJson = rt.DatasourceCache.GetIDsByDsCateAndQueries(ars[i].Cate, ars[i].DatasourceQueries)
+			}
 		}
 	}
 	ginx.NewRender(c).Data(ars, err)
@@ -119,12 +168,48 @@ func (rt *Router) alertRuleAddByImport(c *gin.Context) {
 		ginx.Bomb(http.StatusBadRequest, "input json is empty")
 	}

+	for i := range lst {
+		if len(lst[i].DatasourceQueries) == 0 {
+			lst[i].DatasourceQueries = []models.DatasourceQuery{
+				models.DataSourceQueryAll,
+			}
+		}
+	}
+
 	bgid := ginx.UrlParamInt64(c, "id")
 	reterr := rt.alertRuleAdd(lst, username, bgid, c.GetHeader("X-Language"))

 	ginx.NewRender(c).Data(reterr, nil)
 }

+type promRuleForm struct {
+	Payload           string                   `json:"payload" binding:"required"`
+	DatasourceQueries []models.DatasourceQuery `json:"datasource_queries" binding:"required"`
+	Disabled          int                      `json:"disabled" binding:"gte=0,lte=1"`
+}
+
+func (rt *Router) alertRuleAddByImportPromRule(c *gin.Context) {
+	var f promRuleForm
+	ginx.Dangerous(c.BindJSON(&f))
+
+	var pr struct {
+		Groups []models.PromRuleGroup `yaml:"groups"`
+	}
+	err := yaml.Unmarshal([]byte(f.Payload), &pr)
+	if err != nil {
+		ginx.Bomb(http.StatusBadRequest, "invalid yaml format, please use the example format. err: %v", err)
+	}
+
+	if len(pr.Groups) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "input yaml is empty")
+	}
+
+	lst := models.DealPromGroup(pr.Groups, f.DatasourceQueries, f.Disabled)
+	username := c.MustGet("username").(string)
+	bgid := ginx.UrlParamInt64(c, "id")
+	ginx.NewRender(c).Data(rt.alertRuleAdd(lst, username, bgid, c.GetHeader("X-Language")), nil)
+}
+
 func (rt *Router) alertRuleAddByService(c *gin.Context) {
 	var lst []models.AlertRule
 	ginx.BindJSON(c, &lst)
@@ -275,6 +360,43 @@ func (rt *Router) alertRulePutFields(c *gin.Context) {
 			continue
 		}

+		if f.Action == "update_triggers" {
+			if triggers, has := f.Fields["triggers"]; has {
+				originRule := ar.RuleConfigJson.(map[string]interface{})
+				originRule["triggers"] = triggers
+				b, err := json.Marshal(originRule)
+				ginx.Dangerous(err)
+				ginx.Dangerous(ar.UpdateFieldsMap(rt.Ctx, map[string]interface{}{"rule_config": string(b)}))
+				continue
+			}
+		}
+
+		if f.Action == "annotations_add" {
+			if annotations, has := f.Fields["annotations"]; has {
+				annotationsMap := annotations.(map[string]interface{})
+				for k, v := range annotationsMap {
+					ar.AnnotationsJSON[k] = v.(string)
+				}
+				b, err := json.Marshal(ar.AnnotationsJSON)
+				ginx.Dangerous(err)
+				ginx.Dangerous(ar.UpdateFieldsMap(rt.Ctx, map[string]interface{}{"annotations": string(b)}))
+				continue
+			}
+		}
+
+		if f.Action == "annotations_del" {
+			if annotations, has := f.Fields["annotations"]; has {
+				annotationsKeys := annotations.(map[string]interface{})
+				for key := range annotationsKeys {
+					delete(ar.AnnotationsJSON, key)
+				}
+				b, err := json.Marshal(ar.AnnotationsJSON)
+				ginx.Dangerous(err)
+				ginx.Dangerous(ar.UpdateFieldsMap(rt.Ctx, map[string]interface{}{"annotations": string(b)}))
+				continue
+			}
+		}
+
 		if f.Action == "callback_add" {
 			// 增加一个 callback 地址
 			if callbacks, has := f.Fields["callbacks"]; has {
@@ -295,8 +417,27 @@ func (rt *Router) alertRulePutFields(c *gin.Context) {
 			}
 		}

+		if f.Action == "datasource_change" {
+			// 修改数据源
+			if datasourceQueries, has := f.Fields["datasource_queries"]; has {
+				bytes, err := json.Marshal(datasourceQueries)
+				ginx.Dangerous(err)
+				ginx.Dangerous(ar.UpdateFieldsMap(rt.Ctx, map[string]interface{}{"datasource_queries": bytes}))
+				continue
+			}
+		}
+
 		for k, v := range f.Fields {
-			ginx.Dangerous(ar.UpdateColumn(rt.Ctx, k, v))
+			// 检查 v 是否为各种切片类型
+			switch v.(type) {
+			case []interface{}, []int64, []int, []string:
+				// 将切片转换为 JSON 字符串
+				bytes, err := json.Marshal(v)
+				ginx.Dangerous(err)
+				ginx.Dangerous(ar.UpdateColumn(rt.Ctx, k, string(bytes)))
+			default:
+				ginx.Dangerous(ar.UpdateColumn(rt.Ctx, k, v))
+			}
 		}
 	}

@@ -314,9 +455,14 @@ func (rt *Router) alertRuleGet(c *gin.Context) {
 		return
 	}

+	if len(ar.DatasourceQueries) != 0 {
+		ar.DatasourceIdsJson = rt.DatasourceCache.GetIDsByDsCateAndQueries(ar.Cate, ar.DatasourceQueries)
+	}
+
 	err = ar.FillNotifyGroups(rt.Ctx, make(map[int64]*models.UserGroup))
 	ginx.Dangerous(err)

+	rt.AlertRuleModifyHook(ar)
 	ginx.NewRender(c).Data(ar, err)
 }

@@ -422,7 +568,7 @@ func (rt *Router) relabelTest(c *gin.Context) {

 	labels := make([]prompb.Label, len(f.Tags))
 	for i, tag := range f.Tags {
-		label := strings.Split(tag, "=")
+		label := strings.SplitN(tag, "=", 2)
 		if len(label) != 2 {
 			ginx.Bomb(http.StatusBadRequest, "tag:%s format error", tag)
 		}
@@ -453,3 +599,137 @@ func (rt *Router) relabelTest(c *gin.Context) {

 	ginx.NewRender(c).Data(tags, nil)
 }
+
+type identListForm struct {
+	Ids       []int64  `json:"ids"`
+	IdentList []string `json:"ident_list"`
+}
+
+func containsIdentOperator(s string) bool {
+	pattern := `ident\s*(!=|!~|=~)`
+	matched, err := regexp.MatchString(pattern, s)
+	if err != nil {
+		return false
+	}
+	return matched
+}
+
+func (rt *Router) cloneToMachine(c *gin.Context) {
+	var f identListForm
+	ginx.BindJSON(c, &f)
+
+	if len(f.IdentList) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "ident_list is empty")
+	}
+
+	alertRules, err := models.AlertRuleGetsByIds(rt.Ctx, f.Ids)
+	ginx.Dangerous(err)
+
+	re := regexp.MustCompile(`ident\s*=\s*\\".*?\\"`)
+
+	user := c.MustGet("username").(string)
+	now := time.Now().Unix()
+
+	newRules := make([]*models.AlertRule, 0)
+
+	reterr := make(map[string]map[string]string)
+
+	for i := range alertRules {
+		errMsg := make(map[string]string)
+
+		if alertRules[i].Cate != "prometheus" {
+			errMsg["all"] = "Only Prometheus rule can be cloned to machines"
+			reterr[alertRules[i].Name] = errMsg
+			continue
+		}
+
+		if containsIdentOperator(alertRules[i].RuleConfig) {
+			errMsg["all"] = "promql is missing ident"
+			reterr[alertRules[i].Name] = errMsg
+			continue
+		}
+
+		for j := range f.IdentList {
+			alertRules[i].RuleConfig = re.ReplaceAllString(alertRules[i].RuleConfig, fmt.Sprintf(`ident=\"%s\"`, f.IdentList[j]))
+
+			newRule := &models.AlertRule{}
+			if err := copier.Copy(newRule, alertRules[i]); err != nil {
+				errMsg[f.IdentList[j]] = fmt.Sprintf("fail to clone rule, err: %s", err)
+				continue
+			}
+
+			newRule.Id = 0
+			newRule.Name = alertRules[i].Name + "_" + f.IdentList[j]
+			newRule.CreateBy = user
+			newRule.UpdateBy = user
+			newRule.UpdateAt = now
+			newRule.CreateAt = now
+			newRule.RuleConfig = alertRules[i].RuleConfig
+
+			exist, err := models.AlertRuleExists(rt.Ctx, 0, newRule.GroupId, newRule.Name)
+			if err != nil {
+				errMsg[f.IdentList[j]] = err.Error()
+				continue
+			}
+
+			if exist {
+				errMsg[f.IdentList[j]] = fmt.Sprintf("rule already exists, ruleName: %s", newRule.Name)
+				continue
+			}
+
+			newRules = append(newRules, newRule)
+		}
+
+		if len(errMsg) > 0 {
+			reterr[alertRules[i].Name] = errMsg
+		}
+	}
+
+	ginx.NewRender(c).Data(reterr, models.InsertAlertRule(rt.Ctx, newRules))
+}
+
+type alertBatchCloneForm struct {
+	RuleIds []int64 `json:"rule_ids"`
+	Bgids   []int64 `json:"bgids"`
+}
+
+// 批量克隆告警规则
+func (rt *Router) batchAlertRuleClone(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+
+	var f alertBatchCloneForm
+	ginx.BindJSON(c, &f)
+
+	// 校验 bgids 操作权限
+	for _, bgid := range f.Bgids {
+		rt.bgrwCheck(c, bgid)
+	}
+
+	reterr := make(map[string]string, len(f.RuleIds))
+	lang := c.GetHeader("X-Language")
+
+	for _, arid := range f.RuleIds {
+		ar, err := models.AlertRuleGetById(rt.Ctx, arid)
+		for _, bgid := range f.Bgids {
+			// 为了让 bgid 和 arid 对应，将上面的 err 放到这里处理
+			if err != nil {
+				reterr[fmt.Sprintf("%d-%d", arid, bgid)] = i18n.Sprintf(lang, err.Error())
+				continue
+			}
+
+			if ar == nil {
+				reterr[fmt.Sprintf("%d-%d", arid, bgid)] = i18n.Sprintf(lang, "alert rule not found")
+				continue
+			}
+
+			newAr := ar.Clone(me.Username, bgid)
+			err = newAr.Add(rt.Ctx)
+			if err != nil {
+				reterr[fmt.Sprintf("%d-%d", arid, bgid)] = i18n.Sprintf(lang, err.Error())
+				continue
+			}
+		}
+	}
+
+	ginx.NewRender(c).Data(reterr, nil)
+}
--- a/center/router/router_alert_subscribe.go
+++ b/center/router/router_alert_subscribe.go
@@ -5,10 +5,10 @@ import (
 	"time"

 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
-	"github.com/toolkits/pkg/str"
 )

 // Return all, front-end search and paging
@@ -31,7 +31,7 @@ func (rt *Router) alertSubscribeGets(c *gin.Context) {
 }

 func (rt *Router) alertSubscribeGetsByGids(c *gin.Context) {
-	gids := str.IdsInt64(ginx.QueryStr(c, "gids", ""), ",")
+	gids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "gids", ""), ",")
 	if len(gids) > 0 {
 		for _, gid := range gids {
 			rt.bgroCheck(c, gid)
@@ -141,6 +141,7 @@ func (rt *Router) alertSubscribePut(c *gin.Context) {
 			"extra_config",
 			"busi_groups",
 			"note",
+			"notify_rule_ids",
 		))
 	}

--- a/center/router/router_board.go
+++ b/center/router/router_board.go
@@ -6,11 +6,11 @@ import (
 	"time"

 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
 	"github.com/toolkits/pkg/i18n"
-	"github.com/toolkits/pkg/str"
 )

 type boardForm struct {
@@ -51,9 +51,14 @@ func (rt *Router) boardAdd(c *gin.Context) {

 func (rt *Router) boardGet(c *gin.Context) {
 	bid := ginx.UrlParamStr(c, "bid")
-	board, err := models.BoardGet(rt.Ctx, "id = ? or ident = ?", bid, bid)
+	board, err := models.BoardGet(rt.Ctx, "ident = ?", bid)
 	ginx.Dangerous(err)

+	if board == nil {
+		board, err = models.BoardGet(rt.Ctx, "id = ?", bid)
+		ginx.Dangerous(err)
+	}
+
 	if board == nil {
 		ginx.Bomb(http.StatusNotFound, "No such dashboard")
 	}
@@ -94,6 +99,14 @@ func (rt *Router) boardGet(c *gin.Context) {
 	ginx.NewRender(c).Data(board, nil)
 }

+// 根据 bids 参数，获取多个 board
+func (rt *Router) boardGetsByBids(c *gin.Context) {
+	bids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "bids", ""), ",")
+	boards, err := models.BoardGetsByBids(rt.Ctx, bids)
+	ginx.Dangerous(err)
+	ginx.NewRender(c).Data(boards, err)
+}
+
 func (rt *Router) boardPureGet(c *gin.Context) {
 	board, err := models.BoardGetByID(rt.Ctx, ginx.UrlParamInt64(c, "bid"))
 	ginx.Dangerous(err)
@@ -257,7 +270,7 @@ func (rt *Router) publicBoardGets(c *gin.Context) {
 }

 func (rt *Router) boardGetsByGids(c *gin.Context) {
-	gids := str.IdsInt64(ginx.QueryStr(c, "gids", ""), ",")
+	gids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "gids", ""), ",")
 	query := ginx.QueryStr(c, "query", "")

 	if len(gids) > 0 {
--- a/center/router/router_builtin_componet.go
+++ b/center/router/router_builtin_componet.go
@@ -4,10 +4,15 @@ import (
 	"net/http"

 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+
 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
+	"gorm.io/gorm"
 )

+const SYSTEM = "system"
+
 func (rt *Router) builtinComponentsAdd(c *gin.Context) {
 	var lst []models.BuiltinComponent
 	ginx.BindJSON(c, &lst)
@@ -31,8 +36,9 @@ func (rt *Router) builtinComponentsAdd(c *gin.Context) {

 func (rt *Router) builtinComponentsGets(c *gin.Context) {
 	query := ginx.QueryStr(c, "query", "")
+	disabled := ginx.QueryInt(c, "disabled", -1)

-	bc, err := models.BuiltinComponentGets(rt.Ctx, query)
+	bc, err := models.BuiltinComponentGets(rt.Ctx, query, disabled)
 	ginx.Dangerous(err)

 	ginx.NewRender(c).Data(bc, nil)
@@ -50,10 +56,31 @@ func (rt *Router) builtinComponentsPut(c *gin.Context) {
 		return
 	}

+	if bc.CreatedBy == SYSTEM {
+		req.Ident = bc.Ident
+	}
+
 	username := Username(c)
 	req.UpdatedBy = username

-	ginx.NewRender(c).Message(bc.Update(rt.Ctx, req))
+	err = models.DB(rt.Ctx).Transaction(func(tx *gorm.DB) error {
+		tCtx := &ctx.Context{
+			DB: tx,
+		}
+
+		txErr := models.BuiltinMetricBatchUpdateColumn(tCtx, "typ", bc.Ident, req.Ident, req.UpdatedBy)
+		if txErr != nil {
+			return txErr
+		}
+
+		txErr = bc.Update(tCtx, req)
+		if txErr != nil {
+			return txErr
+		}
+		return nil
+	})
+
+	ginx.NewRender(c).Message(err)
 }

 func (rt *Router) builtinComponentsDel(c *gin.Context) {
--- a/center/router/router_builtin_metric_filter.go
+++ b/center/router/router_builtin_metric_filter.go
@@ -57,7 +57,7 @@ func (rt *Router) metricFilterDel(c *gin.Context) {
 			ginx.Dangerous(err)

 			if !HasPerm(gids, old.GroupsPerm, true) {
-				ginx.NewRender(c).Message("no permission")
+				ginx.NewRender(c).Message("forbidden")
 				return
 			}
 		}
@@ -79,7 +79,7 @@ func (rt *Router) metricFilterPut(c *gin.Context) {
 		ginx.Dangerous(err)

 		if !HasPerm(gids, old.GroupsPerm, true) {
-			ginx.NewRender(c).Message("no permission")
+			ginx.NewRender(c).Message("forbidden")
 			return
 		}
 	}
--- a/center/router/router_builtin_metrics.go
+++ b/center/router/router_builtin_metrics.go
@@ -86,15 +86,11 @@ func (rt *Router) builtinMetricsDel(c *gin.Context) {
 func (rt *Router) builtinMetricsDefaultTypes(c *gin.Context) {
 	lst := []string{
 		"Linux",
+		"Procstat",
 		"cAdvisor",
 		"Ping",
 		"MySQL",
-		"Redis",
-		"Kafka",
-		"Elasticsearch",
-		"PostgreSQL",
-		"MongoDB",
-		"Memcached",
+		"ClickHouse",
 	}
 	ginx.NewRender(c).Data(lst, nil)
 }
@@ -104,7 +100,8 @@ func (rt *Router) builtinMetricsTypes(c *gin.Context) {
 	query := ginx.QueryStr(c, "query", "")
 	lang := c.GetHeader("X-Language")

-	ginx.NewRender(c).Data(models.BuiltinMetricTypes(rt.Ctx, lang, collector, query))
+	metricTypeList, err := models.BuiltinMetricTypes(rt.Ctx, lang, collector, query)
+	ginx.NewRender(c).Data(metricTypeList, err)
 }

 func (rt *Router) builtinMetricsCollectors(c *gin.Context) {
--- a/center/router/router_builtin_payload.go
+++ b/center/router/router_builtin_payload.go
@@ -6,6 +6,7 @@ import (
 	"strings"
 	"time"

+	"github.com/BurntSushi/toml"
 	"github.com/ccfos/nightingale/v6/models"
 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
@@ -42,7 +43,7 @@ func (rt *Router) builtinPayloadsAdd(c *gin.Context) {

 				for _, rule := range alertRules {
 					if rule.UUID == 0 {
-						rule.UUID = time.Now().UnixNano()
+						rule.UUID = time.Now().UnixMicro()
 					}

 					contentBytes, err := json.Marshal(rule)
@@ -52,15 +53,15 @@ func (rt *Router) builtinPayloadsAdd(c *gin.Context) {
 					}

 					bp := models.BuiltinPayload{
-						Type:      lst[i].Type,
-						Component: lst[i].Component,
-						Cate:      lst[i].Cate,
-						Name:      rule.Name,
-						Tags:      rule.AppendTags,
-						UUID:      rule.UUID,
-						Content:   string(contentBytes),
-						CreatedBy: username,
-						UpdatedBy: username,
+						Type:        lst[i].Type,
+						ComponentID: lst[i].ComponentID,
+						Cate:        lst[i].Cate,
+						Name:        rule.Name,
+						Tags:        rule.AppendTags,
+						UUID:        rule.UUID,
+						Content:     string(contentBytes),
+						CreatedBy:   username,
+						UpdatedBy:   username,
 					}

 					if err := bp.Add(rt.Ctx, username); err != nil {
@@ -77,19 +78,25 @@ func (rt *Router) builtinPayloadsAdd(c *gin.Context) {
 			}

 			if alertRule.UUID == 0 {
-				alertRule.UUID = time.Now().UnixNano()
+				alertRule.UUID = time.Now().UnixMicro()
+			}
+
+			contentBytes, err := json.Marshal(alertRule)
+			if err != nil {
+				reterr[alertRule.Name] = err.Error()
+				continue
 			}

 			bp := models.BuiltinPayload{
-				Type:      lst[i].Type,
-				Component: lst[i].Component,
-				Cate:      lst[i].Cate,
-				Name:      alertRule.Name,
-				Tags:      alertRule.AppendTags,
-				UUID:      alertRule.UUID,
-				Content:   lst[i].Content,
-				CreatedBy: username,
-				UpdatedBy: username,
+				Type:        lst[i].Type,
+				ComponentID: lst[i].ComponentID,
+				Cate:        lst[i].Cate,
+				Name:        alertRule.Name,
+				Tags:        alertRule.AppendTags,
+				UUID:        alertRule.UUID,
+				Content:     string(contentBytes),
+				CreatedBy:   username,
+				UpdatedBy:   username,
 			}

 			if err := bp.Add(rt.Ctx, username); err != nil {
@@ -105,7 +112,7 @@ func (rt *Router) builtinPayloadsAdd(c *gin.Context) {

 				for _, dashboard := range dashboards {
 					if dashboard.UUID == 0 {
-						dashboard.UUID = time.Now().UnixNano()
+						dashboard.UUID = time.Now().UnixMicro()
 					}

 					contentBytes, err := json.Marshal(dashboard)
@@ -115,15 +122,15 @@ func (rt *Router) builtinPayloadsAdd(c *gin.Context) {
 					}

 					bp := models.BuiltinPayload{
-						Type:      lst[i].Type,
-						Component: lst[i].Component,
-						Cate:      lst[i].Cate,
-						Name:      dashboard.Name,
-						Tags:      dashboard.Tags,
-						UUID:      dashboard.UUID,
-						Content:   string(contentBytes),
-						CreatedBy: username,
-						UpdatedBy: username,
+						Type:        lst[i].Type,
+						ComponentID: lst[i].ComponentID,
+						Cate:        lst[i].Cate,
+						Name:        dashboard.Name,
+						Tags:        dashboard.Tags,
+						UUID:        dashboard.UUID,
+						Content:     string(contentBytes),
+						CreatedBy:   username,
+						UpdatedBy:   username,
 					}

 					if err := bp.Add(rt.Ctx, username); err != nil {
@@ -140,25 +147,39 @@ func (rt *Router) builtinPayloadsAdd(c *gin.Context) {
 			}

 			if dashboard.UUID == 0 {
-				dashboard.UUID = time.Now().UnixNano()
+				dashboard.UUID = time.Now().UnixMicro()
+			}
+
+			contentBytes, err := json.Marshal(dashboard)
+			if err != nil {
+				reterr[dashboard.Name] = err.Error()
+				continue
 			}

 			bp := models.BuiltinPayload{
-				Type:      lst[i].Type,
-				Component: lst[i].Component,
-				Cate:      lst[i].Cate,
-				Name:      dashboard.Name,
-				Tags:      dashboard.Tags,
-				UUID:      dashboard.UUID,
-				Content:   lst[i].Content,
-				CreatedBy: username,
-				UpdatedBy: username,
+				Type:        lst[i].Type,
+				ComponentID: lst[i].ComponentID,
+				Cate:        lst[i].Cate,
+				Name:        dashboard.Name,
+				Tags:        dashboard.Tags,
+				UUID:        dashboard.UUID,
+				Content:     string(contentBytes),
+				CreatedBy:   username,
+				UpdatedBy:   username,
 			}

 			if err := bp.Add(rt.Ctx, username); err != nil {
 				reterr[bp.Name] = i18n.Sprintf(c.GetHeader("X-Language"), err.Error())
 			}
 		} else {
+			if lst[i].Type == "collect" {
+				c := make(map[string]interface{})
+				if _, err := toml.Decode(lst[i].Content, &c); err != nil {
+					reterr[lst[i].Name] = err.Error()
+					continue
+				}
+			}
+
 			if err := lst[i].Add(rt.Ctx, username); err != nil {
 				reterr[lst[i].Name] = i18n.Sprintf(c.GetHeader("X-Language"), err.Error())
 			}
@@ -171,19 +192,20 @@ func (rt *Router) builtinPayloadsAdd(c *gin.Context) {

 func (rt *Router) builtinPayloadsGets(c *gin.Context) {
 	typ := ginx.QueryStr(c, "type", "")
-	component := ginx.QueryStr(c, "component", "")
+	ComponentID := ginx.QueryInt64(c, "component_id", 0)
+
 	cate := ginx.QueryStr(c, "cate", "")
 	query := ginx.QueryStr(c, "query", "")

-	lst, err := models.BuiltinPayloadGets(rt.Ctx, typ, component, cate, query)
+	lst, err := models.BuiltinPayloadGets(rt.Ctx, uint64(ComponentID), typ, cate, query)
 	ginx.NewRender(c).Data(lst, err)
 }

 func (rt *Router) builtinPayloadcatesGet(c *gin.Context) {
 	typ := ginx.QueryStr(c, "type", "")
-	component := ginx.QueryStr(c, "component", "")
+	ComponentID := ginx.QueryInt64(c, "component_id", 0)

-	cates, err := models.BuiltinPayloadCates(rt.Ctx, typ, component)
+	cates, err := models.BuiltinPayloadCates(rt.Ctx, typ, uint64(ComponentID))
 	ginx.NewRender(c).Data(cates, err)
 }

@@ -229,6 +251,11 @@ func (rt *Router) builtinPayloadsPut(c *gin.Context) {

 		req.Name = dashboard.Name
 		req.Tags = dashboard.Tags
+	} else if req.Type == "collect" {
+		c := make(map[string]interface{})
+		if _, err := toml.Decode(req.Content, &c); err != nil {
+			ginx.Bomb(http.StatusBadRequest, err.Error())
+		}
 	}

 	username := Username(c)
@@ -245,3 +272,15 @@ func (rt *Router) builtinPayloadsDel(c *gin.Context) {

 	ginx.NewRender(c).Message(models.BuiltinPayloadDels(rt.Ctx, req.Ids))
 }
+
+func (rt *Router) builtinPayloadsGetByUUIDOrID(c *gin.Context) {
+	uuid := ginx.QueryInt64(c, "uuid", 0)
+	// 优先以 uuid 为准
+	if uuid != 0 {
+		ginx.NewRender(c).Data(models.BuiltinPayloadGet(rt.Ctx, "uuid = ?", uuid))
+		return
+	}
+
+	id := ginx.QueryInt64(c, "id", 0)
+	ginx.NewRender(c).Data(models.BuiltinPayloadGet(rt.Ctx, "id = ?", id))
+}
--- a/center/router/router_busi_group.go
+++ b/center/router/router_busi_group.go
@@ -4,11 +4,11 @@ import (
 	"net/http"

 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
 	"github.com/toolkits/pkg/logger"
-	"github.com/toolkits/pkg/str"
 )

 type busiGroupForm struct {
@@ -131,7 +131,7 @@ func (rt *Router) busiGroupGetsByService(c *gin.Context) {
 // 这个接口只有在活跃告警页面才调用，获取各个BG的活跃告警数量
 func (rt *Router) busiGroupAlertingsGets(c *gin.Context) {
 	ids := ginx.QueryStr(c, "ids", "")
-	ret, err := models.AlertNumbers(rt.Ctx, str.IdsInt64(ids))
+	ret, err := models.AlertNumbers(rt.Ctx, strx.IdsInt64ForAPI(ids))
 	ginx.NewRender(c).Data(ret, err)
 }

@@ -140,3 +140,12 @@ func (rt *Router) busiGroupGet(c *gin.Context) {
 	ginx.Dangerous(bg.FillUserGroups(rt.Ctx))
 	ginx.NewRender(c).Data(bg, nil)
 }
+
+func (rt *Router) busiGroupsGetTags(c *gin.Context) {
+	bgids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "gids", ""), ",")
+	targetIdents, err := models.TargetIndentsGetByBgids(rt.Ctx, bgids)
+	ginx.Dangerous(err)
+	tags, err := models.TargetGetTags(rt.Ctx, targetIdents, true, "busigroup")
+	ginx.Dangerous(err)
+	ginx.NewRender(c).Data(tags, nil)
+}
--- a/center/router/router_chart_share.go
+++ b/center/router/router_chart_share.go
@@ -4,15 +4,15 @@ import (
 	"time"

 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
-	"github.com/toolkits/pkg/str"
 )

 func (rt *Router) chartShareGets(c *gin.Context) {
 	ids := ginx.QueryStr(c, "ids", "")
-	lst, err := models.ChartShareGetsByIds(rt.Ctx, str.IdsInt64(ids, ","))
+	lst, err := models.ChartShareGetsByIds(rt.Ctx, strx.IdsInt64ForAPI(ids, ","))
 	ginx.NewRender(c).Data(lst, err)
 }

--- a/center/router/router_configs.go
+++ b/center/router/router_configs.go
@@ -24,6 +24,11 @@ func (rt *Router) configGet(c *gin.Context) {
 	ginx.NewRender(c).Data(configs, err)
 }

+func (rt *Router) configGetAll(c *gin.Context) {
+	config, err := models.ConfigsGetAll(rt.Ctx)
+	ginx.NewRender(c).Data(config, err)
+}
+
 func (rt *Router) configGetByKey(c *gin.Context) {
 	config, err := models.ConfigsGet(rt.Ctx, ginx.QueryStr(c, "key"))
 	ginx.NewRender(c).Data(config, err)
--- a/center/router/router_dash_annotation.go
+++ b/center/router/router_dash_annotation.go
@@ -0,0 +1,99 @@
+package router
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+)
+
+func checkAnnotationPermission(c *gin.Context, ctx *ctx.Context, dashboardId int64) {
+	dashboard, err := models.BoardGetByID(ctx, dashboardId)
+	if err != nil {
+		ginx.Bomb(http.StatusInternalServerError, "failed to get dashboard: %v", err)
+	}
+
+	if dashboard == nil {
+		ginx.Bomb(http.StatusNotFound, "dashboard not found")
+	}
+
+	bg := BusiGroup(ctx, dashboard.GroupId)
+	me := c.MustGet("user").(*models.User)
+	can, err := me.CanDoBusiGroup(ctx, bg, "rw")
+	ginx.Dangerous(err)
+
+	if !can {
+		ginx.Bomb(http.StatusForbidden, "forbidden")
+	}
+}
+
+func (rt *Router) dashAnnotationAdd(c *gin.Context) {
+	var f models.DashAnnotation
+	ginx.BindJSON(c, &f)
+
+	username := c.MustGet("username").(string)
+	now := time.Now().Unix()
+
+	checkAnnotationPermission(c, rt.Ctx, f.DashboardId)
+
+	f.CreateBy = username
+	f.CreateAt = now
+	f.UpdateBy = username
+	f.UpdateAt = now
+
+	ginx.NewRender(c).Data(f.Id, f.Add(rt.Ctx))
+}
+
+func (rt *Router) dashAnnotationGets(c *gin.Context) {
+	dashboardId := ginx.QueryInt64(c, "dashboard_id")
+	from := ginx.QueryInt64(c, "from")
+	to := ginx.QueryInt64(c, "to")
+	limit := ginx.QueryInt(c, "limit", 100)
+
+	lst, err := models.DashAnnotationGets(rt.Ctx, dashboardId, from, to, limit)
+	ginx.NewRender(c).Data(lst, err)
+}
+
+func (rt *Router) dashAnnotationPut(c *gin.Context) {
+	var f models.DashAnnotation
+	ginx.BindJSON(c, &f)
+
+	id := ginx.UrlParamInt64(c, "id")
+	annotation, err := getAnnotationById(rt.Ctx, id)
+	ginx.Dangerous(err)
+
+	checkAnnotationPermission(c, rt.Ctx, annotation.DashboardId)
+
+	f.Id = id
+	f.UpdateAt = time.Now().Unix()
+	f.UpdateBy = c.MustGet("username").(string)
+
+	ginx.NewRender(c).Message(f.Update(rt.Ctx))
+}
+
+func (rt *Router) dashAnnotationDel(c *gin.Context) {
+	id := ginx.UrlParamInt64(c, "id")
+
+	annotation, err := getAnnotationById(rt.Ctx, id)
+	ginx.Dangerous(err)
+	checkAnnotationPermission(c, rt.Ctx, annotation.DashboardId)
+
+	ginx.NewRender(c).Message(models.DashAnnotationDel(rt.Ctx, id))
+}
+
+// 可以提取获取注释的通用方法
+func getAnnotationById(ctx *ctx.Context, id int64) (*models.DashAnnotation, error) {
+	annotation, err := models.DashAnnotationGet(ctx, "id=?", id)
+	if err != nil {
+		return nil, err
+	}
+	if annotation == nil {
+		return nil, fmt.Errorf("annotation not found")
+	}
+	return annotation, nil
+}
--- a/center/router/router_datasource.go
+++ b/center/router/router_datasource.go
@@ -57,15 +57,21 @@ func (rt *Router) datasourceBriefs(c *gin.Context) {

 	for _, item := range list {
 		item.AuthJson.BasicAuthPassword = ""
-		if item.PluginType != models.PROMETHEUS {
-			item.SettingsJson = nil
-		} else {
+		if item.PluginType == models.PROMETHEUS {
 			for k, v := range item.SettingsJson {
 				if strings.HasPrefix(k, "prometheus.") {
 					item.SettingsJson[strings.TrimPrefix(k, "prometheus.")] = v
 					delete(item.SettingsJson, k)
 				}
 			}
+		} else if item.PluginType == "cloudwatch" {
+			for k := range item.SettingsJson {
+				if !strings.Contains(k, "region") {
+					delete(item.SettingsJson, k)
+				}
+			}
+		} else {
+			item.SettingsJson = nil
 		}
 		dss = append(dss, item)
 	}
@@ -92,10 +98,14 @@ func (rt *Router) datasourceUpsert(c *gin.Context) {
 	var err error
 	var count int64

-	err = DatasourceCheck(req)
-	if err != nil {
-		Dangerous(c, err)
-		return
+	if !req.ForceSave {
+		if req.PluginType == models.PROMETHEUS || req.PluginType == models.LOKI || req.PluginType == models.TDENGINE {
+			err = DatasourceCheck(req)
+			if err != nil {
+				Dangerous(c, err)
+				return
+			}
+		}
 	}

 	if req.Id == 0 {
@@ -113,19 +123,21 @@ func (rt *Router) datasourceUpsert(c *gin.Context) {
 		}
 		err = req.Add(rt.Ctx)
 	} else {
-		err = req.Update(rt.Ctx, "name", "description", "cluster_name", "settings", "http", "auth", "updated_by", "updated_at", "is_default")
+		err = req.Update(rt.Ctx, "name", "identifier", "description", "cluster_name", "settings", "http", "auth", "updated_by", "updated_at", "is_default")
 	}

 	Render(c, nil, err)
 }

 func DatasourceCheck(ds models.Datasource) error {
-	if ds.HTTPJson.Url == "" {
-		return fmt.Errorf("url is empty")
-	}
+	if ds.PluginType == models.PROMETHEUS || ds.PluginType == models.LOKI || ds.PluginType == models.TDENGINE {
+		if ds.HTTPJson.Url == "" {
+			return fmt.Errorf("url is empty")
+		}

-	if !strings.HasPrefix(ds.HTTPJson.Url, "http") {
-		return fmt.Errorf("url must start with http or https")
+		if !strings.HasPrefix(ds.HTTPJson.Url, "http") {
+			return fmt.Errorf("url must start with http or https")
+		}
 	}

 	client := &http.Client{
@@ -136,11 +148,12 @@ func DatasourceCheck(ds models.Datasource) error {
 		},
 	}

-	fullURL := ds.HTTPJson.Url
-	req, err := http.NewRequest("GET", fullURL, nil)
+	ds.HTTPJson.Url = strings.TrimRight(ds.HTTPJson.Url, "/")
+	var fullURL string
+	req, err := ds.HTTPJson.NewReq(&fullURL)
 	if err != nil {
 		logger.Errorf("Error creating request: %v", err)
-		return fmt.Errorf("request url:%s failed", fullURL)
+		return fmt.Errorf("request urls:%v failed: %v", ds.HTTPJson.GetUrls(), err)
 	}

 	if ds.PluginType == models.PROMETHEUS {
@@ -156,14 +169,14 @@ func DatasourceCheck(ds models.Datasource) error {
 		req, err = http.NewRequest("GET", fullURL, nil)
 		if err != nil {
 			logger.Errorf("Error creating request: %v", err)
-			return fmt.Errorf("request url:%s failed", fullURL)
+			return fmt.Errorf("request url:%s failed: %v", fullURL, err)
 		}
 	} else if ds.PluginType == models.TDENGINE {
 		fullURL = fmt.Sprintf("%s/rest/sql", ds.HTTPJson.Url)
 		req, err = http.NewRequest("POST", fullURL, strings.NewReader("show databases"))
 		if err != nil {
 			logger.Errorf("Error creating request: %v", err)
-			return fmt.Errorf("request url:%s failed", fullURL)
+			return fmt.Errorf("request url:%s failed: %v", fullURL, err)
 		}
 	}

@@ -175,7 +188,7 @@ func DatasourceCheck(ds models.Datasource) error {
 		req, err = http.NewRequest("GET", fullURL, nil)
 		if err != nil {
 			logger.Errorf("Error creating request: %v", err)
-			return fmt.Errorf("request url:%s failed", fullURL)
+			return fmt.Errorf("request url:%s failed: %v", fullURL, err)
 		}
 	}

@@ -190,7 +203,7 @@ func DatasourceCheck(ds models.Datasource) error {
 	resp, err := client.Do(req)
 	if err != nil {
 		logger.Errorf("Error making request: %v\n", err)
-		return fmt.Errorf("request url:%s failed", fullURL)
+		return fmt.Errorf("request url:%s failed: %v", fullURL, err)
 	}
 	defer resp.Body.Close()

@@ -247,3 +260,37 @@ func (rt *Router) getDatasourceIds(c *gin.Context) {

 	ginx.NewRender(c).Data(datasourceIds, err)
 }
+
+type datasourceQueryForm struct {
+	Cate              string                   `json:"datasource_cate"`
+	DatasourceQueries []models.DatasourceQuery `json:"datasource_queries"`
+}
+
+type datasourceQueryResp struct {
+	ID   int64  `json:"id"`
+	Name string `json:"name"`
+}
+
+func (rt *Router) datasourceQuery(c *gin.Context) {
+	var dsf datasourceQueryForm
+	ginx.BindJSON(c, &dsf)
+	datasources, err := models.GetDatasourcesGetsByTypes(rt.Ctx, []string{dsf.Cate})
+	ginx.Dangerous(err)
+
+	nameToID := make(map[string]int64)
+	IDToName := make(map[int64]string)
+	for _, ds := range datasources {
+		nameToID[ds.Name] = ds.Id
+		IDToName[ds.Id] = ds.Name
+	}
+
+	ids := models.GetDatasourceIDsByDatasourceQueries(dsf.DatasourceQueries, IDToName, nameToID)
+	var req []datasourceQueryResp
+	for _, id := range ids {
+		req = append(req, datasourceQueryResp{
+			ID:   id,
+			Name: IDToName[id],
+		})
+	}
+	ginx.NewRender(c).Data(req, err)
+}
--- a/center/router/router_datasource_db.go
+++ b/center/router/router_datasource_db.go
@@ -0,0 +1,101 @@
+package router
+
+import (
+	"context"
+
+	"github.com/ccfos/nightingale/v6/dscache"
+	"github.com/ccfos/nightingale/v6/dskit/types"
+	"github.com/ccfos/nightingale/v6/models"
+
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/logger"
+)
+
+func (rt *Router) ShowDatabases(c *gin.Context) {
+	var f models.QueryParam
+	ginx.BindJSON(c, &f)
+
+	plug, exists := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+	if !exists {
+		logger.Warningf("cluster:%d not exists", f.DatasourceId)
+		ginx.Bomb(200, "cluster not exists")
+	}
+
+	var databases []string
+	var err error
+	type DatabaseShower interface {
+		ShowDatabases(context.Context) ([]string, error)
+	}
+	switch plug.(type) {
+	case DatabaseShower:
+		databases, err = plug.(DatabaseShower).ShowDatabases(c.Request.Context())
+		ginx.Dangerous(err)
+	default:
+		ginx.Bomb(200, "datasource not exists")
+	}
+
+	if len(databases) == 0 {
+		databases = make([]string, 0)
+	}
+
+	ginx.NewRender(c).Data(databases, nil)
+}
+
+func (rt *Router) ShowTables(c *gin.Context) {
+	var f models.QueryParam
+	ginx.BindJSON(c, &f)
+
+	plug, exists := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+	if !exists {
+		logger.Warningf("cluster:%d not exists", f.DatasourceId)
+		ginx.Bomb(200, "cluster not exists")
+	}
+
+	// 只接受一个入参
+	tables := make([]string, 0)
+	var err error
+	type TableShower interface {
+		ShowTables(ctx context.Context, database string) ([]string, error)
+	}
+	switch plug.(type) {
+	case TableShower:
+		if len(f.Querys) > 0 {
+			database, ok := f.Querys[0].(string)
+			if ok {
+				tables, err = plug.(TableShower).ShowTables(c.Request.Context(), database)
+			}
+		}
+	default:
+		ginx.Bomb(200, "datasource not exists")
+	}
+	ginx.NewRender(c).Data(tables, err)
+}
+
+func (rt *Router) DescribeTable(c *gin.Context) {
+	var f models.QueryParam
+	ginx.BindJSON(c, &f)
+
+	plug, exists := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+	if !exists {
+		logger.Warningf("cluster:%d not exists", f.DatasourceId)
+		ginx.Bomb(200, "cluster not exists")
+	}
+	// 只接受一个入参
+	columns := make([]*types.ColumnProperty, 0)
+	var err error
+	type TableDescriber interface {
+		DescribeTable(context.Context, interface{}) ([]*types.ColumnProperty, error)
+	}
+	switch plug.(type) {
+	case TableDescriber:
+		client := plug.(TableDescriber)
+		if len(f.Querys) > 0 {
+			columns, err = client.DescribeTable(c.Request.Context(), f.Querys[0])
+		}
+	default:
+		ginx.Bomb(200, "datasource not exists")
+	}
+
+	ginx.NewRender(c).Data(columns, err)
+}
--- a/center/router/router_embedded.go
+++ b/center/router/router_embedded.go
@@ -0,0 +1,141 @@
+package router
+
+import (
+	"time"
+
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+)
+
+func (rt *Router) embeddedProductGets(c *gin.Context) {
+	products, err := models.EmbeddedProductGets(rt.Ctx)
+	ginx.Dangerous(err)
+	// 获取当前用户可访问的Group ID 列表
+	me := c.MustGet("user").(*models.User)
+
+	if me.IsAdmin() {
+		ginx.NewRender(c).Data(products, err)
+		return
+	}
+
+	gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+	bgSet := make(map[int64]struct{}, len(gids))
+	for _, id := range gids {
+		bgSet[id] = struct{}{}
+	}
+
+	// 过滤出公开或有权限访问的私有 product link
+	var result []*models.EmbeddedProduct
+	for _, product := range products {
+		if !product.IsPrivate {
+			result = append(result, product)
+			continue
+		}
+
+		for _, tid := range product.TeamIDs {
+			if _, ok := bgSet[tid]; ok {
+				result = append(result, product)
+				break
+			}
+		}
+	}
+
+	ginx.NewRender(c).Data(result, err)
+}
+
+func (rt *Router) embeddedProductGet(c *gin.Context) {
+	id := ginx.UrlParamInt64(c, "id")
+	if id <= 0 {
+		ginx.Bomb(400, "invalid id")
+	}
+
+	data, err := models.GetEmbeddedProductByID(rt.Ctx, id)
+	ginx.Dangerous(err)
+
+	me := c.MustGet("user").(*models.User)
+	hashPermission, err := hasEmbeddedProductAccess(rt.Ctx, me, data)
+	ginx.Dangerous(err)
+
+	if !hashPermission {
+		ginx.Bomb(403, "forbidden")
+	}
+
+	ginx.NewRender(c).Data(data, nil)
+}
+
+func (rt *Router) embeddedProductAdd(c *gin.Context) {
+	var eps []models.EmbeddedProduct
+	ginx.BindJSON(c, &eps)
+
+	me := c.MustGet("user").(*models.User)
+
+	for i := range eps {
+		eps[i].CreateBy = me.Nickname
+		eps[i].UpdateBy = me.Nickname
+	}
+
+	err := models.AddEmbeddedProduct(rt.Ctx, eps)
+	ginx.NewRender(c).Message(err)
+}
+
+func (rt *Router) embeddedProductPut(c *gin.Context) {
+	var ep models.EmbeddedProduct
+	id := ginx.UrlParamInt64(c, "id")
+	ginx.BindJSON(c, &ep)
+
+	if id <= 0 {
+		ginx.Bomb(400, "invalid id")
+	}
+
+	oldProduct, err := models.GetEmbeddedProductByID(rt.Ctx, id)
+	ginx.Dangerous(err)
+	me := c.MustGet("user").(*models.User)
+
+	now := time.Now().Unix()
+	oldProduct.Name = ep.Name
+	oldProduct.URL = ep.URL
+	oldProduct.IsPrivate = ep.IsPrivate
+	oldProduct.TeamIDs = ep.TeamIDs
+	oldProduct.UpdateBy = me.Username
+	oldProduct.UpdateAt = now
+
+	err = models.UpdateEmbeddedProduct(rt.Ctx, oldProduct)
+	ginx.NewRender(c).Message(err)
+}
+
+func (rt *Router) embeddedProductDelete(c *gin.Context) {
+	id := ginx.UrlParamInt64(c, "id")
+	if id <= 0 {
+		ginx.Bomb(400, "invalid id")
+	}
+
+	err := models.DeleteEmbeddedProduct(rt.Ctx, id)
+	ginx.NewRender(c).Message(err)
+}
+
+func hasEmbeddedProductAccess(ctx *ctx.Context, user *models.User, ep *models.EmbeddedProduct) (bool, error) {
+	if user.IsAdmin() || !ep.IsPrivate {
+		return true, nil
+	}
+
+	gids, err := models.MyGroupIds(ctx, user.Id)
+	if err != nil {
+		return false, err
+	}
+
+	groupSet := make(map[int64]struct{}, len(gids))
+	for _, gid := range gids {
+		groupSet[gid] = struct{}{}
+	}
+
+	for _, tid := range ep.TeamIDs {
+		if _, ok := groupSet[tid]; ok {
+			return true, nil
+		}
+	}
+
+	return false, nil
+}
--- a/center/router/router_es.go
+++ b/center/router/router_es.go
@@ -0,0 +1,77 @@
+package router
+
+import (
+	"github.com/ccfos/nightingale/v6/datasource/es"
+	"github.com/ccfos/nightingale/v6/dscache"
+
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/logger"
+)
+
+type IndexReq struct {
+	Cate         string `json:"cate"`
+	DatasourceId int64  `json:"datasource_id"`
+	Index        string `json:"index"`
+}
+
+type FieldValueReq struct {
+	Cate         string   `json:"cate"`
+	DatasourceId int64    `json:"datasource_id"`
+	Index        string   `json:"index"`
+	Query        FieldObj `json:"query"`
+}
+
+type FieldObj struct {
+	Find  string `json:"find"`
+	Field string `json:"field"`
+	Query string `json:"query"`
+}
+
+func (rt *Router) QueryIndices(c *gin.Context) {
+	var f IndexReq
+	ginx.BindJSON(c, &f)
+
+	plug, exists := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+	if !exists {
+		logger.Warningf("cluster:%d not exists", f.DatasourceId)
+		ginx.Bomb(200, "cluster not exists")
+	}
+
+	indices, err := plug.(*es.Elasticsearch).QueryIndices()
+	ginx.Dangerous(err)
+
+	ginx.NewRender(c).Data(indices, nil)
+}
+
+func (rt *Router) QueryFields(c *gin.Context) {
+	var f IndexReq
+	ginx.BindJSON(c, &f)
+
+	plug, exists := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+	if !exists {
+		logger.Warningf("cluster:%d not exists", f.DatasourceId)
+		ginx.Bomb(200, "cluster not exists")
+	}
+
+	fields, err := plug.(*es.Elasticsearch).QueryFields([]string{f.Index})
+	ginx.Dangerous(err)
+
+	ginx.NewRender(c).Data(fields, nil)
+}
+
+func (rt *Router) QueryESVariable(c *gin.Context) {
+	var f FieldValueReq
+	ginx.BindJSON(c, &f)
+
+	plug, exists := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+	if !exists {
+		logger.Warningf("cluster:%d not exists", f.DatasourceId)
+		ginx.Bomb(200, "cluster not exists")
+	}
+
+	fields, err := plug.(*es.Elasticsearch).QueryFieldValue([]string{f.Index}, f.Query.Field, f.Query.Query)
+	ginx.Dangerous(err)
+
+	ginx.NewRender(c).Data(fields, nil)
+}
--- a/center/router/router_event_pipeline.go
+++ b/center/router/router_event_pipeline.go
@@ -0,0 +1,228 @@
+package router
+
+import (
+	"net/http"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/models"
+
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/logger"
+)
+
+// 获取事件Pipeline列表
+func (rt *Router) eventPipelinesList(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+	pipelines, err := models.ListEventPipelines(rt.Ctx)
+	ginx.Dangerous(err)
+
+	allTids := make([]int64, 0)
+	for _, pipeline := range pipelines {
+		allTids = append(allTids, pipeline.TeamIds...)
+	}
+	ugMap, err := models.UserGroupIdAndNameMap(rt.Ctx, allTids)
+	ginx.Dangerous(err)
+	for _, pipeline := range pipelines {
+		for _, tid := range pipeline.TeamIds {
+			pipeline.TeamNames = append(pipeline.TeamNames, ugMap[tid])
+		}
+	}
+
+	gids, err := models.MyGroupIdsMap(rt.Ctx, me.Id)
+	ginx.Dangerous(err)
+
+	if me.IsAdmin() {
+		ginx.NewRender(c).Data(pipelines, nil)
+		return
+	}
+
+	res := make([]*models.EventPipeline, 0)
+	for _, pipeline := range pipelines {
+		for _, tid := range pipeline.TeamIds {
+			if _, ok := gids[tid]; ok {
+				res = append(res, pipeline)
+				break
+			}
+		}
+	}
+
+	ginx.NewRender(c).Data(res, nil)
+}
+
+// 获取单个事件Pipeline详情
+func (rt *Router) getEventPipeline(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+	id := ginx.UrlParamInt64(c, "id")
+	pipeline, err := models.GetEventPipeline(rt.Ctx, id)
+	ginx.Dangerous(err)
+	ginx.Dangerous(me.CheckGroupPermission(rt.Ctx, pipeline.TeamIds))
+
+	err = pipeline.FillTeamNames(rt.Ctx)
+	ginx.Dangerous(err)
+
+	ginx.NewRender(c).Data(pipeline, nil)
+}
+
+// 创建事件Pipeline
+func (rt *Router) addEventPipeline(c *gin.Context) {
+	var pipeline models.EventPipeline
+	ginx.BindJSON(c, &pipeline)
+
+	user := c.MustGet("user").(*models.User)
+	now := time.Now().Unix()
+	pipeline.CreateBy = user.Username
+	pipeline.CreateAt = now
+	pipeline.UpdateAt = now
+	pipeline.UpdateBy = user.Username
+
+	err := pipeline.Verify()
+	if err != nil {
+		ginx.Bomb(http.StatusBadRequest, err.Error())
+	}
+
+	ginx.Dangerous(user.CheckGroupPermission(rt.Ctx, pipeline.TeamIds))
+	err = models.CreateEventPipeline(rt.Ctx, &pipeline)
+	ginx.NewRender(c).Message(err)
+}
+
+// 更新事件Pipeline
+func (rt *Router) updateEventPipeline(c *gin.Context) {
+	var f models.EventPipeline
+	ginx.BindJSON(c, &f)
+
+	me := c.MustGet("user").(*models.User)
+	f.UpdateBy = me.Username
+	f.UpdateAt = time.Now().Unix()
+
+	pipeline, err := models.GetEventPipeline(rt.Ctx, f.ID)
+	if err != nil {
+		ginx.Bomb(http.StatusNotFound, "No such event pipeline")
+	}
+	ginx.Dangerous(me.CheckGroupPermission(rt.Ctx, pipeline.TeamIds))
+
+	ginx.NewRender(c).Message(pipeline.Update(rt.Ctx, &f))
+}
+
+// 删除事件Pipeline
+func (rt *Router) deleteEventPipelines(c *gin.Context) {
+	var f struct {
+		Ids []int64 `json:"ids"`
+	}
+	ginx.BindJSON(c, &f)
+
+	if len(f.Ids) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "ids required")
+	}
+
+	me := c.MustGet("user").(*models.User)
+	for _, id := range f.Ids {
+		pipeline, err := models.GetEventPipeline(rt.Ctx, id)
+		ginx.Dangerous(err)
+		ginx.Dangerous(me.CheckGroupPermission(rt.Ctx, pipeline.TeamIds))
+	}
+
+	err := models.DeleteEventPipelines(rt.Ctx, f.Ids)
+	ginx.NewRender(c).Message(err)
+}
+
+// 测试事件Pipeline
+func (rt *Router) tryRunEventPipeline(c *gin.Context) {
+	var f struct {
+		EventId        int64                `json:"event_id"`
+		PipelineConfig models.EventPipeline `json:"pipeline_config"`
+	}
+	ginx.BindJSON(c, &f)
+
+	hisEvent, err := models.AlertHisEventGetById(rt.Ctx, f.EventId)
+	if err != nil || hisEvent == nil {
+		ginx.Bomb(http.StatusBadRequest, "event not found")
+	}
+	event := hisEvent.ToCur()
+
+	for _, p := range f.PipelineConfig.ProcessorConfigs {
+		processor, err := models.GetProcessorByType(p.Typ, p.Config)
+		if err != nil {
+			ginx.Bomb(http.StatusBadRequest, "get processor: %+v err: %+v", p, err)
+		}
+		event = processor.Process(rt.Ctx, event)
+		if event == nil {
+			ginx.Bomb(http.StatusBadRequest, "event is dropped")
+		}
+	}
+
+	ginx.NewRender(c).Data(event, nil)
+}
+
+// 测试事件处理器
+func (rt *Router) tryRunEventProcessor(c *gin.Context) {
+	var f struct {
+		EventId         int64                  `json:"event_id"`
+		ProcessorConfig models.ProcessorConfig `json:"processor_config"`
+	}
+	ginx.BindJSON(c, &f)
+
+	hisEvent, err := models.AlertHisEventGetById(rt.Ctx, f.EventId)
+	if err != nil || hisEvent == nil {
+		ginx.Bomb(http.StatusBadRequest, "event not found")
+	}
+	event := hisEvent.ToCur()
+
+	processor, err := models.GetProcessorByType(f.ProcessorConfig.Typ, f.ProcessorConfig.Config)
+	if err != nil {
+		ginx.Bomb(http.StatusBadRequest, "get processor err: %+v", err)
+	}
+	event = processor.Process(rt.Ctx, event)
+	logger.Infof("processor %+v result: %+v", f.ProcessorConfig, event)
+	if event == nil {
+		ginx.Bomb(http.StatusBadRequest, "event is dropped")
+	}
+
+	ginx.NewRender(c).Data(event, nil)
+}
+
+func (rt *Router) tryRunEventProcessorByNotifyRule(c *gin.Context) {
+	var f struct {
+		EventId         int64                   `json:"event_id"`
+		PipelineConfigs []models.PipelineConfig `json:"pipeline_configs"`
+	}
+	ginx.BindJSON(c, &f)
+
+	hisEvent, err := models.AlertHisEventGetById(rt.Ctx, f.EventId)
+	if err != nil || hisEvent == nil {
+		ginx.Bomb(http.StatusBadRequest, "event not found")
+	}
+	event := hisEvent.ToCur()
+
+	pids := make([]int64, 0)
+	for _, pc := range f.PipelineConfigs {
+		if pc.Enable {
+			pids = append(pids, pc.PipelineId)
+		}
+	}
+
+	pipelines, err := models.GetEventPipelinesByIds(rt.Ctx, pids)
+	if err != nil {
+		ginx.Bomb(http.StatusBadRequest, "processors not found")
+	}
+
+	for _, pl := range pipelines {
+		for _, p := range pl.ProcessorConfigs {
+			processor, err := models.GetProcessorByType(p.Typ, p.Config)
+			if err != nil {
+				ginx.Bomb(http.StatusBadRequest, "get processor: %+v err: %+v", p, err)
+			}
+			event = processor.Process(rt.Ctx, event)
+			if event == nil {
+				ginx.Bomb(http.StatusBadRequest, "event is dropped")
+			}
+		}
+	}
+
+	ginx.NewRender(c).Data(event, nil)
+}
+
+func (rt *Router) eventPipelinesListByService(c *gin.Context) {
+	pipelines, err := models.ListEventPipelines(rt.Ctx)
+	ginx.NewRender(c).Data(pipelines, err)
+}
--- a/center/router/router_funcs.go
+++ b/center/router/router_funcs.go
@@ -36,6 +36,14 @@ func (rt *Router) statistic(c *gin.Context) {
 		model = models.User{}
 	case "user_group":
 		model = models.UserGroup{}
+	case "notify_rule":
+		model = models.NotifyRule{}
+	case "notify_channel":
+		model = models.NotifyChannel{}
+	case "event_pipeline":
+		statistics, err = models.EventPipelineStatistics(rt.Ctx)
+		ginx.NewRender(c).Data(statistics, err)
+		return
 	case "datasource":
 		// datasource update_at is different from others
 		statistics, err = models.DatasourceStatistics(rt.Ctx)
@@ -45,6 +53,14 @@ func (rt *Router) statistic(c *gin.Context) {
 		statistics, err = models.ConfigsUserVariableStatistics(rt.Ctx)
 		ginx.NewRender(c).Data(statistics, err)
 		return
+	case "cval":
+		statistics, err = models.ConfigCvalStatistics(rt.Ctx)
+		ginx.NewRender(c).Data(statistics, err)
+		return
+	case "message_template":
+		statistics, err = models.MessageTemplateStatistics(rt.Ctx)
+		ginx.NewRender(c).Data(statistics, err)
+		return
 	default:
 		ginx.Bomb(http.StatusBadRequest, "invalid name")
 	}
@@ -65,6 +81,23 @@ func queryDatasourceIds(c *gin.Context) []int64 {
 	return ids
 }

+func queryStrListField(c *gin.Context, fieldName string, sep ...string) []string {
+	str := ginx.QueryStr(c, fieldName, "")
+	if str == "" {
+		return nil
+	}
+
+	lst := []string{str}
+	for _, s := range sep {
+		var newLst []string
+		for _, str := range lst {
+			newLst = append(newLst, strings.Split(str, s)...)
+		}
+		lst = newLst
+	}
+	return lst
+}
+
 type idsForm struct {
 	Ids               []int64 `json:"ids"`
 	IsSyncToFlashDuty bool    `json:"is_sync_to_flashduty"`
@@ -140,3 +173,38 @@ func Username(c *gin.Context) string {
 	}
 	return username
 }
+
+func HasPermission(ctx *ctx.Context, c *gin.Context, sourceType, sourceId string, isAnonymousAccess bool) bool {
+	if sourceType == "event" && isAnonymousAccess {
+		return true
+	}
+
+	// 尝试从请求中获取 __token 参数
+	token := ginx.QueryStr(c, "__token", "")
+
+	// 如果有 __token 参数，验证其合法性
+	if token != "" {
+		return ValidateSourceToken(ctx, sourceType, sourceId, token)
+	}
+
+	return false
+}
+
+func ValidateSourceToken(ctx *ctx.Context, sourceType, sourceId, token string) bool {
+	if token == "" {
+		return false
+	}
+
+	// 根据源类型、源ID和令牌获取源令牌记录
+	sourceToken, err := models.GetSourceTokenBySource(ctx, sourceType, sourceId, token)
+	if err != nil {
+		return false
+	}
+
+	// 检查令牌是否过期
+	if sourceToken.IsExpired() {
+		return false
+	}
+
+	return true
+}
--- a/center/router/router_heartbeat.go
+++ b/center/router/router_heartbeat.go
@@ -3,8 +3,10 @@ package router
 import (
 	"compress/gzip"
 	"encoding/json"
-	"fmt"
+	"errors"
 	"io/ioutil"
+	"sort"
+	"strconv"
 	"strings"
 	"time"

@@ -57,7 +59,7 @@ func HandleHeartbeat(c *gin.Context, ctx *ctx.Context, engineName string, metaSe
 	}

 	if req.Hostname == "" {
-		return req, fmt.Errorf("hostname is required", 400)
+		return req, errors.New("hostname is required")
 	}

 	// maybe from pushgw
@@ -79,55 +81,122 @@ func HandleHeartbeat(c *gin.Context, ctx *ctx.Context, engineName string, metaSe
 	identSet.MSet(items)

 	if target, has := targetCache.Get(req.Hostname); has && target != nil {
-		gid := ginx.QueryInt64(c, "gid", 0)
+		gidsStr := ginx.QueryStr(c, "gid", "")
+		overwriteGids := ginx.QueryBool(c, "overwrite_gids", false)
 		hostIp := strings.TrimSpace(req.HostIp)
+		gids := strings.Split(gidsStr, ",")

-		field := make(map[string]interface{})
-		if gid != 0 && gid != target.GroupId {
-			field["group_id"] = gid
+		if overwriteGids {
+			groupIds := make([]int64, 0)
+			for i := range gids {
+				if gids[i] == "" {
+					continue
+				}
+				groupId, err := strconv.ParseInt(gids[i], 10, 64)
+				if err != nil {
+					logger.Warningf("update target:%s group ids failed, err: %v", req.Hostname, err)
+					continue
+				}
+				groupIds = append(groupIds, groupId)
+			}
+
+			err := models.TargetOverrideBgids(ctx, []string{target.Ident}, groupIds, nil)
+			if err != nil {
+				logger.Warningf("update target:%s group ids failed, err: %v", target.Ident, err)
+			}
+		} else if gidsStr != "" {
+			for i := range gids {
+				groupId, err := strconv.ParseInt(gids[i], 10, 64)
+				if err != nil {
+					logger.Warningf("update target:%s group ids failed, err: %v", req.Hostname, err)
+					continue
+				}
+
+				if !target.MatchGroupId(groupId) {
+					err := models.TargetBindBgids(ctx, []string{target.Ident}, []int64{groupId}, nil)
+					if err != nil {
+						logger.Warningf("update target:%s group ids failed, err: %v", target.Ident, err)
+					}
+				}
+			}
 		}

+		newTarget := models.Target{}
+		targetNeedUpdate := false
 		if hostIp != "" && hostIp != target.HostIp {
-			field["host_ip"] = hostIp
+			newTarget.HostIp = hostIp
+			targetNeedUpdate = true
 		}

-		tagsMap := target.GetTagsMap()
-		tagNeedUpdate := false
-		for k, v := range req.GlobalLabels {
+		hostTagsMap := target.GetHostTagsMap()
+		hostTagNeedUpdate := false
+		if len(hostTagsMap) != len(req.GlobalLabels) {
+			hostTagNeedUpdate = true
+		} else {
+			for k, v := range req.GlobalLabels {
+				if v == "" {
+					continue
+				}
+
+				if tagv, ok := hostTagsMap[k]; !ok || tagv != v {
+					hostTagNeedUpdate = true
+					break
+				}
+			}
+		}
+
+		if hostTagNeedUpdate {
+			lst := []string{}
+			for k, v := range req.GlobalLabels {
+				lst = append(lst, k+"="+v)
+			}
+			sort.Strings(lst)
+			newTarget.HostTags = lst
+			targetNeedUpdate = true
+		}
+
+		userTagsMap := target.GetTagsMap()
+		userTagNeedUpdate := false
+		userTags := []string{}
+		for k, v := range userTagsMap {
 			if v == "" {
 				continue
 			}

-			if tagv, ok := tagsMap[k]; !ok || tagv != v {
-				tagNeedUpdate = true
-				tagsMap[k] = v
+			if _, ok := req.GlobalLabels[k]; !ok {
+				userTags = append(userTags, k+"="+v)
+			} else { // 该key在hostTags中已经存在
+				userTagNeedUpdate = true
 			}
 		}

-		if tagNeedUpdate {
-			lst := []string{}
-			for k, v := range tagsMap {
-				lst = append(lst, k+"="+v)
-			}
-			labels := strings.Join(lst, " ") + " "
-			field["tags"] = labels
+		if userTagNeedUpdate {
+			newTarget.Tags = strings.Join(userTags, " ") + " "
+			targetNeedUpdate = true
 		}

 		if req.EngineName != "" && req.EngineName != target.EngineName {
-			field["engine_name"] = req.EngineName
+			newTarget.EngineName = req.EngineName
+			targetNeedUpdate = true
 		}

 		if req.AgentVersion != "" && req.AgentVersion != target.AgentVersion {
-			field["agent_version"] = req.AgentVersion
+			newTarget.AgentVersion = req.AgentVersion
+			targetNeedUpdate = true
 		}

-		if len(field) > 0 {
-			err := target.UpdateFieldsMap(ctx, field)
+		if req.OS != "" && req.OS != target.OS {
+			newTarget.OS = req.OS
+			targetNeedUpdate = true
+		}
+
+		if targetNeedUpdate {
+			err := models.DB(ctx).Model(&target).Updates(newTarget).Error
 			if err != nil {
 				logger.Errorf("update target fields failed, err: %v", err)
 			}
 		}
-		logger.Debugf("heartbeat field:%+v target: %v", field, *target)
+		logger.Debugf("heartbeat field:%+v target: %v", newTarget, *target)
 	}

 	return req, nil
--- a/center/router/router_login.go
+++ b/center/router/router_login.go
@@ -152,6 +152,13 @@ func (rt *Router) refreshPost(c *gin.Context) {
 			return
 		}

+		// 看这个 token 是否还存在 redis 中
+		val, err := rt.fetchAuth(c.Request.Context(), refreshUuid)
+		if err != nil || val == "" {
+			ginx.NewRender(c, http.StatusUnauthorized).Message("refresh token expired")
+			return
+		}
+
 		userIdentity, ok := claims["user_identity"].(string)
 		if !ok {
 			// Theoretically impossible
--- a/center/router/router_message_template.go
+++ b/center/router/router_message_template.go
@@ -0,0 +1,219 @@
+package router
+
+import (
+	"bytes"
+	"fmt"
+	"html/template"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/slice"
+	"github.com/ccfos/nightingale/v6/pkg/strx"
+	"github.com/ccfos/nightingale/v6/pkg/tplx"
+
+	"github.com/gin-gonic/gin"
+	"github.com/google/uuid"
+	"github.com/toolkits/pkg/ginx"
+)
+
+func (rt *Router) messageTemplatesAdd(c *gin.Context) {
+	var lst []*models.MessageTemplate
+	ginx.BindJSON(c, &lst)
+	if len(lst) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "input json is empty")
+	}
+
+	me := c.MustGet("user").(*models.User)
+	isAdmin := me.IsAdmin()
+	idents := make([]string, 0, len(lst))
+	gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+	ginx.Dangerous(err)
+	now := time.Now().Unix()
+	for _, tpl := range lst {
+		// 生成一个唯一的标识符，以后也不允许修改，前端不需要传这个参数
+		tpl.Ident = uuid.New().String()
+
+		ginx.Dangerous(tpl.Verify())
+		if !isAdmin && !slice.HaveIntersection(gids, tpl.UserGroupIds) {
+			ginx.Bomb(http.StatusForbidden, "forbidden")
+		}
+		idents = append(idents, tpl.Ident)
+
+		tpl.CreateBy = me.Username
+		tpl.CreateAt = now
+		tpl.UpdateBy = me.Username
+		tpl.UpdateAt = now
+	}
+
+	lstWithSameId, err := models.MessageTemplatesGet(rt.Ctx, "ident IN ?", idents)
+	ginx.Dangerous(err)
+	if len(lstWithSameId) > 0 {
+		ginx.Bomb(http.StatusBadRequest, "ident already exists")
+	}
+
+	ids := make([]int64, 0, len(lst))
+	for _, tpl := range lst {
+		err := models.Insert(rt.Ctx, tpl)
+		ginx.Dangerous(err)
+
+		ids = append(ids, tpl.ID)
+	}
+	ginx.NewRender(c).Data(ids, nil)
+}
+
+func (rt *Router) messageTemplatesDel(c *gin.Context) {
+	var f idsForm
+	ginx.BindJSON(c, &f)
+	f.Verify()
+
+	lst, err := models.MessageTemplatesGet(rt.Ctx, "id in (?)", f.Ids)
+	ginx.Dangerous(err)
+	notifyRuleIds, err := models.UsedByNotifyRule(rt.Ctx, models.MsgTplList(lst))
+	ginx.Dangerous(err)
+	if len(notifyRuleIds) > 0 {
+		ginx.NewRender(c).Message(fmt.Errorf("used by notify rule: %v", notifyRuleIds))
+		return
+	}
+	if me := c.MustGet("user").(*models.User); !me.IsAdmin() {
+		gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+		ginx.Dangerous(err)
+		for _, t := range lst {
+			if !slice.HaveIntersection(gids, t.UserGroupIds) {
+				ginx.Bomb(http.StatusForbidden, "forbidden")
+			}
+		}
+	}
+
+	ginx.NewRender(c).Message(models.DB(rt.Ctx).Delete(
+		&models.MessageTemplate{}, "id in (?)", f.Ids).Error)
+}
+
+func (rt *Router) messageTemplatePut(c *gin.Context) {
+	var f models.MessageTemplate
+	ginx.BindJSON(c, &f)
+
+	mt, err := models.MessageTemplateGet(rt.Ctx, "id <> ? and ident = ?", ginx.UrlParamInt64(c, "id"), f.Ident)
+	ginx.Dangerous(err)
+	if mt != nil {
+		ginx.Bomb(http.StatusBadRequest, "message template ident already exists")
+	}
+
+	mt, err = models.MessageTemplateGet(rt.Ctx, "id = ?", ginx.UrlParamInt64(c, "id"))
+	ginx.Dangerous(err)
+	if mt == nil {
+		ginx.Bomb(http.StatusNotFound, "message template not found")
+	}
+
+	me := c.MustGet("user").(*models.User)
+	if !me.IsAdmin() {
+		gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+		ginx.Dangerous(err)
+		if !slice.HaveIntersection(gids, mt.UserGroupIds) {
+			ginx.Bomb(http.StatusForbidden, "forbidden")
+		}
+	}
+
+	f.UpdateBy = me.Username
+	ginx.NewRender(c).Message(mt.Update(rt.Ctx, f))
+}
+
+func (rt *Router) messageTemplateGet(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+	gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+	ginx.Dangerous(err)
+
+	tid := ginx.UrlParamInt64(c, "id")
+	mt, err := models.MessageTemplateGet(rt.Ctx, "id = ?", tid)
+	ginx.Dangerous(err)
+	if mt == nil {
+		ginx.Bomb(http.StatusNotFound, "message template not found")
+	}
+	if mt.Private == 1 && !slice.HaveIntersection(gids, mt.UserGroupIds) {
+		ginx.Bomb(http.StatusForbidden, "forbidden")
+	}
+
+	ginx.NewRender(c).Data(mt, nil)
+}
+
+func (rt *Router) messageTemplatesGet(c *gin.Context) {
+	var notifyChannelIdents []string
+	if tmp := ginx.QueryStr(c, "notify_channel_idents", ""); tmp != "" {
+		notifyChannelIdents = strings.Split(tmp, ",")
+	}
+	notifyChannelIds := strx.IdsInt64ForAPI(ginx.QueryStr(c, "notify_channel_ids", ""))
+	if len(notifyChannelIds) > 0 {
+		ginx.Dangerous(models.DB(rt.Ctx).Model(models.NotifyChannelConfig{}).
+			Where("id in (?)", notifyChannelIds).Pluck("ident", &notifyChannelIdents).Error)
+	}
+
+	me := c.MustGet("user").(*models.User)
+	gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+	ginx.Dangerous(err)
+
+	lst, err := models.MessageTemplatesGetBy(rt.Ctx, notifyChannelIdents)
+	ginx.Dangerous(err)
+
+	if me.IsAdmin() {
+		ginx.NewRender(c).Data(lst, nil)
+		return
+	}
+
+	res := make([]*models.MessageTemplate, 0)
+	for _, t := range lst {
+		if slice.HaveIntersection[int64](gids, t.UserGroupIds) || t.Private == 0 {
+			res = append(res, t)
+		}
+	}
+	ginx.NewRender(c).Data(res, nil)
+}
+
+type evtMsgReq struct {
+	EventIds []int64 `json:"event_ids"`
+	Tpl      struct {
+		Content map[string]string `json:"content"`
+	} `json:"tpl"`
+}
+
+func (rt *Router) eventsMessage(c *gin.Context) {
+	var req evtMsgReq
+	ginx.BindJSON(c, &req)
+
+	hisEvents, err := models.AlertHisEventGetByIds(rt.Ctx, req.EventIds)
+	ginx.Dangerous(err)
+
+	if len(hisEvents) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "event not found")
+	}
+
+	ginx.Dangerous(err)
+	events := make([]*models.AlertCurEvent, len(hisEvents))
+	for i, he := range hisEvents {
+		events[i] = he.ToCur()
+	}
+
+	var defs = []string{
+		"{{$events := .}}",
+		"{{$event := index . 0}}",
+	}
+	ret := make(map[string]string, len(req.Tpl.Content))
+	for k, v := range req.Tpl.Content {
+		text := strings.Join(append(defs, v), "")
+		tpl, err := template.New(k).Funcs(tplx.TemplateFuncMap).Parse(text)
+		if err != nil {
+			ret[k] = err.Error()
+			continue
+		}
+
+		var buf bytes.Buffer
+		err = tpl.Execute(&buf, events)
+		if err != nil {
+			ret[k] = err.Error()
+			continue
+		}
+
+		ret[k] = buf.String()
+	}
+	ginx.NewRender(c).Data(ret, nil)
+}
--- a/center/router/router_mute.go
+++ b/center/router/router_mute.go
@@ -1,16 +1,18 @@
 package router

 import (
+	"math"
 	"net/http"
 	"strings"
 	"time"

 	"github.com/ccfos/nightingale/v6/alert/common"
+	"github.com/ccfos/nightingale/v6/alert/mute"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
-	"github.com/toolkits/pkg/str"
 )

 // Return all, front-end search and paging
@@ -22,7 +24,7 @@ func (rt *Router) alertMuteGetsByBG(c *gin.Context) {
 }

 func (rt *Router) alertMuteGetsByGids(c *gin.Context) {
-	gids := str.IdsInt64(ginx.QueryStr(c, "gids", ""), ",")
+	gids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "gids", ""), ",")
 	if len(gids) > 0 {
 		for _, gid := range gids {
 			rt.bgroCheck(c, gid)
@@ -50,7 +52,8 @@ func (rt *Router) alertMuteGets(c *gin.Context) {
 	prods := strings.Fields(ginx.QueryStr(c, "prods", ""))
 	bgid := ginx.QueryInt64(c, "bgid", -1)
 	query := ginx.QueryStr(c, "query", "")
-	lst, err := models.AlertMuteGets(rt.Ctx, prods, bgid, query)
+	disabled := ginx.QueryInt(c, "disabled", -1)
+	lst, err := models.AlertMuteGets(rt.Ctx, prods, bgid, disabled, query)

 	ginx.NewRender(c).Data(lst, err)
 }
@@ -62,10 +65,45 @@ func (rt *Router) alertMuteAdd(c *gin.Context) {

 	username := c.MustGet("username").(string)
 	f.CreateBy = username
+	f.UpdateBy = username
 	f.GroupId = ginx.UrlParamInt64(c, "id")
 	ginx.NewRender(c).Message(f.Add(rt.Ctx))
 }

+type MuteTestForm struct {
+	EventId   int64            `json:"event_id" binding:"required"`
+	AlertMute models.AlertMute `json:"mute_config" binding:"required"`
+}
+
+func (rt *Router) alertMuteTryRun(c *gin.Context) {
+
+	var f MuteTestForm
+	ginx.BindJSON(c, &f)
+
+	hisEvent, err := models.AlertHisEventGetById(rt.Ctx, f.EventId)
+	ginx.Dangerous(err)
+
+	if hisEvent == nil {
+		ginx.Bomb(http.StatusNotFound, "event not found")
+	}
+
+	curEvent := *hisEvent.ToCur()
+	curEvent.SetTagsMap()
+
+	// 绕过时间范围检查：设置时间范围为全量（0 到 int64 最大值），仅验证其他匹配条件（如标签、策略类型等）
+	f.AlertMute.MuteTimeType = models.TimeRange
+	f.AlertMute.Btime = 0             // 最小可能值（如 Unix 时间戳起点）
+	f.AlertMute.Etime = math.MaxInt64 // 最大可能值（int64 上限）
+
+	if !mute.MatchMute(&curEvent, &f.AlertMute) {
+		ginx.NewRender(c).Data("not match", nil)
+		return
+	}
+
+	ginx.NewRender(c).Data("mute test match", nil)
+
+}
+
 // Preview events (alert_cur_event) that match the mute strategy based on the following criteria:
 // business group ID (group_id, group_id), product (prod, rule_prod),
 // alert event severity (severities, severity), and event tags (tags, tags).
--- a/center/router/router_mw.go
+++ b/center/router/router_mw.go
@@ -9,6 +9,7 @@ import (
 	"strings"
 	"time"

+	"github.com/ccfos/nightingale/v6/center/cstats"
 	"github.com/ccfos/nightingale/v6/models"

 	"github.com/gin-gonic/gin"
@@ -17,6 +18,10 @@ import (
 	"github.com/toolkits/pkg/ginx"
 )

+const (
+	DefaultTokenKey = "X-User-Token"
+)
+
 type AccessDetails struct {
 	AccessUuid   string
 	UserIdentity string
@@ -62,8 +67,29 @@ func (rt *Router) proxyAuth() gin.HandlerFunc {
 	}
 }

-func (rt *Router) jwtAuth() gin.HandlerFunc {
+// tokenAuth 支持两种方式的认证，固定 token 和 jwt token
+// 因为不太好区分用户使用哪个方式，所以两种方式放在一个中间件里
+func (rt *Router) tokenAuth() gin.HandlerFunc {
 	return func(c *gin.Context) {
+		// 先验证固定 token
+		if rt.HTTP.TokenAuth.Enable {
+			tokenKey := rt.HTTP.TokenAuth.HeaderUserTokenKey
+			if tokenKey == "" {
+				tokenKey = DefaultTokenKey
+			}
+			token := c.GetHeader(tokenKey)
+			if token != "" {
+				user := rt.UserTokenCache.GetByToken(token)
+				if user != nil && user.Username != "" {
+					c.Set("userid", user.Id)
+					c.Set("username", user.Username)
+					c.Next()
+					return
+				}
+			}
+		}
+
+		// 再验证 jwt token
 		metadata, err := rt.extractTokenMetadata(c.Request)
 		if err != nil {
 			ginx.Bomb(http.StatusUnauthorized, "unauthorized")
@@ -100,7 +126,7 @@ func (rt *Router) auth() gin.HandlerFunc {
 	if rt.HTTP.ProxyAuth.Enable {
 		return rt.proxyAuth()
 	} else {
-		return rt.jwtAuth()
+		return rt.tokenAuth()
 	}
 }

@@ -130,9 +156,9 @@ func (rt *Router) User() gin.HandlerFunc {

 func (rt *Router) user() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		userid := c.MustGet("userid").(int64)
+		username := c.MustGet("username").(string)

-		user, err := models.UserGetById(rt.Ctx, userid)
+		user, err := models.UserGetByUsername(rt.Ctx, username)
 		if err != nil {
 			ginx.Bomb(http.StatusUnauthorized, "unauthorized")
 		}
@@ -310,6 +336,12 @@ func (rt *Router) extractTokenMetadata(r *http.Request) (*AccessDetails, error)
 			return nil, errors.New("failed to parse access_uuid from jwt")
 		}

+		// accessUuid 在 redis 里存在才放行
+		val, err := rt.fetchAuth(r.Context(), accessUuid)
+		if err != nil || val == "" {
+			return nil, errors.New("unauthorized")
+		}
+
 		return &AccessDetails{
 			AccessUuid:   accessUuid,
 			UserIdentity: claims["user_identity"].(string),
@@ -330,29 +362,72 @@ func (rt *Router) extractToken(r *http.Request) string {
 }

 func (rt *Router) createAuth(ctx context.Context, userIdentity string, td *TokenDetails) error {
+	username := strings.Split(userIdentity, "-")[1]
+
+	// 如果只能有一个账号登录，那么就删除之前的 token
+	if rt.HTTP.JWTAuth.SingleLogin {
+		delKeys, err := rt.Redis.SMembers(ctx, rt.wrapJwtKey(username)).Result()
+		if err != nil {
+			return err
+		}
+
+		if len(delKeys) > 0 {
+			errDel := rt.Redis.Del(ctx, delKeys...).Err()
+			if errDel != nil {
+				return errDel
+			}
+		}
+
+		if errDel := rt.Redis.Del(ctx, rt.wrapJwtKey(username)).Err(); errDel != nil {
+			return errDel
+		}
+	}
+
 	at := time.Unix(td.AtExpires, 0)
 	rte := time.Unix(td.RtExpires, 0)
 	now := time.Now()

-	errAccess := rt.Redis.Set(ctx, rt.wrapJwtKey(td.AccessUuid), userIdentity, at.Sub(now)).Err()
-	if errAccess != nil {
-		return errAccess
+	if err := rt.Redis.Set(ctx, rt.wrapJwtKey(td.AccessUuid), userIdentity, at.Sub(now)).Err(); err != nil {
+		cstats.RedisOperationLatency.WithLabelValues("set_token", "fail").Observe(time.Since(now).Seconds())
+		return err
 	}

-	errRefresh := rt.Redis.Set(ctx, rt.wrapJwtKey(td.RefreshUuid), userIdentity, rte.Sub(now)).Err()
-	if errRefresh != nil {
-		return errRefresh
+	if err := rt.Redis.Set(ctx, rt.wrapJwtKey(td.RefreshUuid), userIdentity, rte.Sub(now)).Err(); err != nil {
+		cstats.RedisOperationLatency.WithLabelValues("set_token", "fail").Observe(time.Since(now).Seconds())
+		return err
+	}
+
+	cstats.RedisOperationLatency.WithLabelValues("set_token", "success").Observe(time.Since(now).Seconds())
+
+	if rt.HTTP.JWTAuth.SingleLogin {
+		if err := rt.Redis.SAdd(ctx, rt.wrapJwtKey(username), rt.wrapJwtKey(td.AccessUuid), rt.wrapJwtKey(td.RefreshUuid)).Err(); err != nil {
+			return err
+		}
 	}

 	return nil
 }

 func (rt *Router) fetchAuth(ctx context.Context, givenUuid string) (string, error) {
-	return rt.Redis.Get(ctx, rt.wrapJwtKey(givenUuid)).Result()
+	now := time.Now()
+	ret, err := rt.Redis.Get(ctx, rt.wrapJwtKey(givenUuid)).Result()
+	if err != nil {
+		cstats.RedisOperationLatency.WithLabelValues("get_token", "fail").Observe(time.Since(now).Seconds())
+	} else {
+		cstats.RedisOperationLatency.WithLabelValues("get_token", "success").Observe(time.Since(now).Seconds())
+	}
+
+	return ret, err
 }

 func (rt *Router) deleteAuth(ctx context.Context, givenUuid string) error {
-	return rt.Redis.Del(ctx, rt.wrapJwtKey(givenUuid)).Err()
+	err := rt.Redis.Del(ctx, rt.wrapJwtKey(givenUuid)).Err()
+	if err != nil {
+		cstats.RedisOperationLatency.WithLabelValues("del_token", "fail").Observe(time.Since(time.Now()).Seconds())
+	} else {
+		cstats.RedisOperationLatency.WithLabelValues("del_token", "success").Observe(time.Since(time.Now()).Seconds())
+	}
+	return err
 }

 func (rt *Router) deleteTokens(ctx context.Context, authD *AccessDetails) error {
--- a/center/router/router_notification_record.go
+++ b/center/router/router_notification_record.go
@@ -0,0 +1,206 @@
+package router
+
+import (
+	"strings"
+
+	"github.com/ccfos/nightingale/v6/alert/sender"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/logger"
+)
+
+type NotificationResponse struct {
+	SubRules []SubRule           `json:"sub_rules"`
+	Notifies map[string][]Record `json:"notifies"`
+}
+
+type SubRule struct {
+	SubID        int64               `json:"sub_id"`
+	NotifyRuleId int64               `json:"notify_rule_id"`
+	Notifies     map[string][]Record `json:"notifies"`
+}
+
+type Record struct {
+	NotifyRuleId int64  `json:"notify_rule_id"`
+	Target       string `json:"target"`
+	Username     string `json:"username"`
+	Status       int    `json:"status"`
+	Detail       string `json:"detail"`
+}
+
+// notificationRecordAdd
+func (rt *Router) notificationRecordAdd(c *gin.Context) {
+	var req []*models.NotificaitonRecord
+	ginx.BindJSON(c, &req)
+	err := sender.PushNotifyRecords(req)
+	ginx.Dangerous(err, 429)
+
+	ginx.NewRender(c).Data(nil, err)
+}
+
+func (rt *Router) notificationRecordList(c *gin.Context) {
+	eid := ginx.UrlParamInt64(c, "eid")
+	lst, err := models.NotificaitonRecordsGetByEventId(rt.Ctx, eid)
+	ginx.Dangerous(err)
+
+	response := buildNotificationResponse(rt.Ctx, lst)
+	ginx.NewRender(c).Data(response, nil)
+}
+
+func buildNotificationResponse(ctx *ctx.Context, nl []*models.NotificaitonRecord) NotificationResponse {
+	response := NotificationResponse{
+		SubRules: []SubRule{},
+		Notifies: make(map[string][]Record),
+	}
+
+	subRuleMap := make(map[int64]*SubRule)
+
+	// Collect all group IDs
+	groupIdSet := make(map[int64]struct{})
+
+	// map[SubId]map[Channel]map[Target]index
+	filter := make(map[int64]map[string]map[string]int)
+
+	for i, n := range nl {
+		// 对相同的 channel-target 进行合并
+		for _, gid := range n.GetGroupIds(ctx) {
+			groupIdSet[gid] = struct{}{}
+		}
+
+		if _, exists := filter[n.SubId]; !exists {
+			filter[n.SubId] = make(map[string]map[string]int)
+		}
+
+		if _, exists := filter[n.SubId][n.Channel]; !exists {
+			filter[n.SubId][n.Channel] = make(map[string]int)
+		}
+
+		idx, exists := filter[n.SubId][n.Channel][n.Target]
+		if !exists {
+			filter[n.SubId][n.Channel][n.Target] = i
+		} else {
+			if nl[idx].Status < n.Status {
+				nl[idx].Status = n.Status
+			}
+			nl[idx].Details = nl[idx].Details + ", " + n.Details
+			nl[i] = nil
+		}
+
+	}
+
+	// Fill usernames only once
+	usernameByTarget := fillUserNames(ctx, groupIdSet)
+
+	for _, n := range nl {
+		if n == nil {
+			continue
+		}
+
+		m := usernameByTarget[n.Target]
+		usernames := make([]string, 0, len(m))
+		for k := range m {
+			usernames = append(usernames, k)
+		}
+
+		if !checkChannel(n.Channel) {
+			// Hide sensitive information
+			n.Target = replaceLastEightChars(n.Target)
+		}
+		record := Record{
+			Target:       n.Target,
+			Status:       n.Status,
+			Detail:       n.Details,
+			NotifyRuleId: n.NotifyRuleID,
+		}
+
+		record.Username = strings.Join(usernames, ",")
+
+		if n.SubId > 0 {
+			// Handle SubRules
+			subRule, ok := subRuleMap[n.SubId]
+			if !ok {
+				newSubRule := &SubRule{
+					NotifyRuleId: n.NotifyRuleID,
+					SubID:        n.SubId,
+				}
+				newSubRule.Notifies = make(map[string][]Record)
+				newSubRule.Notifies[n.Channel] = []Record{record}
+
+				subRuleMap[n.SubId] = newSubRule
+			} else {
+				if _, exists := subRule.Notifies[n.Channel]; !exists {
+
+					subRule.Notifies[n.Channel] = []Record{record}
+				} else {
+					subRule.Notifies[n.Channel] = append(subRule.Notifies[n.Channel], record)
+				}
+			}
+			continue
+		}
+
+		if response.Notifies == nil {
+			response.Notifies = make(map[string][]Record)
+		}
+
+		if _, exists := response.Notifies[n.Channel]; !exists {
+			response.Notifies[n.Channel] = []Record{record}
+		} else {
+			response.Notifies[n.Channel] = append(response.Notifies[n.Channel], record)
+		}
+	}
+
+	for _, subRule := range subRuleMap {
+		response.SubRules = append(response.SubRules, *subRule)
+	}
+
+	return response
+}
+
+// check channel is one of the following:  tx-sms, tx-voice, ali-sms, ali-voice, email, script
+func checkChannel(channel string) bool {
+	switch channel {
+	case "tx-sms", "tx-voice", "ali-sms", "ali-voice", "email", "script":
+		return true
+	}
+	return false
+}
+
+func replaceLastEightChars(s string) string {
+	if len(s) <= 8 {
+		return strings.Repeat("*", len(s))
+	}
+	return s[:len(s)-8] + strings.Repeat("*", 8)
+}
+
+func fillUserNames(ctx *ctx.Context, groupIdSet map[int64]struct{}) map[string]map[string]struct{} {
+	userNameByTarget := make(map[string]map[string]struct{})
+
+	gids := make([]int64, 0, len(groupIdSet))
+	for gid := range groupIdSet {
+		gids = append(gids, gid)
+	}
+
+	users, err := models.UsersGetByGroupIds(ctx, gids)
+	if err != nil {
+		logger.Errorf("UsersGetByGroupIds failed, err: %v", err)
+		return userNameByTarget
+	}
+
+	for _, user := range users {
+		logger.Warningf("user: %s", user.Username)
+		for _, ch := range models.DefaultChannels {
+			target, exist := user.ExtractToken(ch)
+			if exist {
+				if _, ok := userNameByTarget[target]; !ok {
+					userNameByTarget[target] = make(map[string]struct{})
+				}
+				userNameByTarget[target][user.Username] = struct{}{}
+			}
+		}
+	}
+
+	return userNameByTarget
+}
--- a/center/router/router_notify_channel.go
+++ b/center/router/router_notify_channel.go
@@ -0,0 +1,268 @@
+package router
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"sort"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+)
+
+func (rt *Router) notifyChannelsAdd(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+
+	var lst []*models.NotifyChannelConfig
+	ginx.BindJSON(c, &lst)
+	if len(lst) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "input json is empty")
+	}
+
+	names := make([]string, 0, len(lst))
+	for i := range lst {
+		ginx.Dangerous(lst[i].Verify())
+		names = append(names, lst[i].Name)
+
+		lst[i].CreateBy = me.Username
+		lst[i].CreateAt = time.Now().Unix()
+		lst[i].UpdateBy = me.Username
+		lst[i].UpdateAt = time.Now().Unix()
+	}
+
+	lstWithSameName, err := models.NotifyChannelsGet(rt.Ctx, "name IN ?", names)
+	ginx.Dangerous(err)
+	if len(lstWithSameName) > 0 {
+		ginx.Bomb(http.StatusBadRequest, "name already exists")
+	}
+
+	ids := make([]int64, 0, len(lst))
+	for _, item := range lst {
+		err := models.Insert(rt.Ctx, item)
+		ginx.Dangerous(err)
+
+		ids = append(ids, item.ID)
+	}
+	ginx.NewRender(c).Data(ids, nil)
+}
+
+func (rt *Router) notifyChannelsDel(c *gin.Context) {
+	var f idsForm
+	ginx.BindJSON(c, &f)
+	f.Verify()
+
+	lst, err := models.NotifyChannelsGet(rt.Ctx, "id in (?)", f.Ids)
+	ginx.Dangerous(err)
+	notifyRuleIds, err := models.UsedByNotifyRule(rt.Ctx, models.NotiChList(lst))
+	ginx.Dangerous(err)
+	if len(notifyRuleIds) > 0 {
+		ginx.NewRender(c).Message(fmt.Errorf("used by notify rule: %v", notifyRuleIds))
+		return
+	}
+
+	ginx.NewRender(c).Message(models.DB(rt.Ctx).
+		Delete(&models.NotifyChannelConfig{}, "id in (?)", f.Ids).Error)
+}
+
+func (rt *Router) notifyChannelPut(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+
+	var f models.NotifyChannelConfig
+	ginx.BindJSON(c, &f)
+
+	lstWithSameName, err := models.NotifyChannelsGet(rt.Ctx, "name = ? and id <> ?", f.Name, f.ID)
+	ginx.Dangerous(err)
+	if len(lstWithSameName) > 0 {
+		ginx.Bomb(http.StatusBadRequest, "name already exists")
+	}
+
+	nc, err := models.NotifyChannelGet(rt.Ctx, "id = ?", ginx.UrlParamInt64(c, "id"))
+	ginx.Dangerous(err)
+	if nc == nil {
+		ginx.Bomb(http.StatusNotFound, "notify channel not found")
+	}
+
+	f.UpdateBy = me.Username
+	ginx.NewRender(c).Message(nc.Update(rt.Ctx, f))
+}
+
+func (rt *Router) notifyChannelGet(c *gin.Context) {
+	cid := ginx.UrlParamInt64(c, "id")
+	nc, err := models.NotifyChannelGet(rt.Ctx, "id = ?", cid)
+	ginx.Dangerous(err)
+	if nc == nil {
+		ginx.Bomb(http.StatusNotFound, "notify channel not found")
+	}
+
+	ginx.NewRender(c).Data(nc, nil)
+}
+
+func (rt *Router) notifyChannelGetBy(c *gin.Context) {
+	ident := ginx.QueryStr(c, "ident")
+	nc, err := models.NotifyChannelGet(rt.Ctx, "ident = ?", ident)
+	ginx.Dangerous(err)
+	if nc == nil {
+		ginx.Bomb(http.StatusNotFound, "notify channel not found")
+	}
+
+	nc.ParamConfig = &models.NotifyParamConfig{}
+	nc.RequestConfig = &models.RequestConfig{}
+
+	ginx.NewRender(c).Data(nc, nil)
+}
+
+func (rt *Router) notifyChannelsGet(c *gin.Context) {
+	lst, err := models.NotifyChannelsGet(rt.Ctx, "", nil)
+	ginx.NewRender(c).Data(lst, err)
+}
+
+func (rt *Router) notifyChannelsGetForNormalUser(c *gin.Context) {
+	lst, err := models.NotifyChannelsGet(rt.Ctx, "")
+	ginx.Dangerous(err)
+
+	newLst := make([]*models.NotifyChannelConfig, 0, len(lst))
+	for _, c := range lst {
+		newLst = append(newLst, &models.NotifyChannelConfig{
+			ID:          c.ID,
+			Name:        c.Name,
+			Ident:       c.Ident,
+			Enable:      c.Enable,
+			RequestType: c.RequestType,
+			ParamConfig: c.ParamConfig,
+		})
+	}
+	ginx.NewRender(c).Data(newLst, nil)
+}
+
+func (rt *Router) notifyChannelIdentsGet(c *gin.Context) {
+	// 获取所有通知渠道
+	channels, err := models.NotifyChannelsGet(rt.Ctx, "", nil)
+	ginx.Dangerous(err)
+
+	// ident 去重
+	idents := make(map[string]struct{})
+	for _, channel := range channels {
+		if channel.Ident != "" {
+			idents[channel.Ident] = struct{}{}
+		}
+	}
+
+	lst := make([]string, 0, len(idents))
+	for ident := range idents {
+		lst = append(lst, ident)
+	}
+
+	sort.Strings(lst)
+
+	ginx.NewRender(c).Data(lst, nil)
+}
+
+type flushDutyChannelsResponse struct {
+	Error struct {
+		Code    string `json:"code"`
+		Message string `json:"message"`
+	} `json:"error"`
+	Data struct {
+		Items []struct {
+			ChannelID   int    `json:"channel_id"`
+			ChannelName string `json:"channel_name"`
+			Status      string `json:"status"`
+		} `json:"items"`
+		Total int `json:"total"`
+	} `json:"data"`
+}
+
+func (rt *Router) flashDutyNotifyChannelsGet(c *gin.Context) {
+	cid := ginx.UrlParamInt64(c, "id")
+	nc, err := models.NotifyChannelGet(rt.Ctx, "id = ?", cid)
+	ginx.Dangerous(err)
+	if nc == nil {
+		ginx.Bomb(http.StatusNotFound, "notify channel not found")
+	}
+
+	configs, err := models.ConfigsSelectByCkey(rt.Ctx, "flashduty_app_key")
+	if err != nil {
+		ginx.Bomb(http.StatusInternalServerError, "failed to get flashduty app key")
+	}
+
+	jsonData := []byte("{}")
+	if len(configs) > 0 {
+		me := c.MustGet("user").(*models.User)
+		jsonData = []byte(fmt.Sprintf(`{"member_name":"%s","email":"%s","phone":"%s"}`, me.Username, me.Email, me.Phone))
+	}
+
+	items, err := getFlashDutyChannels(nc.RequestConfig.FlashDutyRequestConfig.IntegrationUrl, jsonData)
+	ginx.Dangerous(err)
+
+	ginx.NewRender(c).Data(items, nil)
+}
+
+// getFlashDutyChannels 从FlashDuty API获取频道列表
+func getFlashDutyChannels(integrationUrl string, jsonData []byte) ([]struct {
+	ChannelID   int    `json:"channel_id"`
+	ChannelName string `json:"channel_name"`
+	Status      string `json:"status"`
+}, error) {
+	// 解析URL，提取baseUrl和参数
+	baseUrl, integrationKey, err := parseIntegrationUrl(integrationUrl)
+	if err != nil {
+		return nil, err
+	}
+
+	if integrationKey == "" {
+		return nil, fmt.Errorf("integration_key not found in URL")
+	}
+
+	// 构建新的API URL，保持原始路径
+	url := fmt.Sprintf("%s/channel/list-by-integration?integration_key=%s", baseUrl, integrationKey)
+
+	req, err := http.NewRequest("POST", url, bytes.NewBuffer(jsonData))
+	if err != nil {
+		return nil, err
+	}
+
+	req.Header.Set("Content-Type", "application/json")
+	httpResp, err := (&http.Client{}).Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer httpResp.Body.Close()
+
+	body, err := io.ReadAll(httpResp.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	var res flushDutyChannelsResponse
+	if err := json.Unmarshal(body, &res); err != nil {
+		return nil, err
+	}
+
+	if res.Error.Message != "" {
+		return nil, fmt.Errorf(res.Error.Message)
+	}
+
+	return res.Data.Items, nil
+}
+
+// parseIntegrationUrl 从URL中提取baseUrl和参数
+func parseIntegrationUrl(urlStr string) (baseUrl string, integrationKey string, err error) {
+	// 解析URL
+	parsedUrl, err := url.Parse(urlStr)
+	if err != nil {
+		return "", "", err
+	}
+
+	host := fmt.Sprintf("%s://%s", parsedUrl.Scheme, parsedUrl.Host)
+
+	// 提取查询参数
+	queryParams := parsedUrl.Query()
+	integrationKey = queryParams.Get("integration_key")
+
+	return host, integrationKey, nil
+}
--- a/center/router/router_notify_channel_test.go
+++ b/center/router/router_notify_channel_test.go
@@ -0,0 +1,17 @@
+package router
+
+import (
+	"fmt"
+	"testing"
+)
+
+func TestGetFlashDutyChannels(t *testing.T) {
+	// 构造测试数据
+	integrationUrl := "https://api.flashcat.cloud/event/push/alert/n9e?integration_key=xxx"
+	jsonData := []byte(`{}`)
+
+	// 调用被测试的函数
+	channels, err := getFlashDutyChannels(integrationUrl, jsonData)
+
+	fmt.Println(channels, err)
+}
--- a/center/router/router_notify_config.go
+++ b/center/router/router_notify_config.go
@@ -111,7 +111,7 @@ func (rt *Router) notifyChannelPuts(c *gin.Context) {
 }

 func (rt *Router) notifyContactGets(c *gin.Context) {
-	var notifyContacts []models.NotifyContact
+	notifyContacts := []models.NotifyContact{}
 	cval, err := models.ConfigsGet(rt.Ctx, models.NOTIFYCONTACT)
 	ginx.Dangerous(err)
 	if cval == "" {
@@ -120,6 +120,7 @@ func (rt *Router) notifyContactGets(c *gin.Context) {
 	}

 	err = json.Unmarshal([]byte(cval), &notifyContacts)
+
 	ginx.NewRender(c).Data(notifyContacts, err)
 }

@@ -127,20 +128,6 @@ func (rt *Router) notifyContactPuts(c *gin.Context) {
 	var notifyContacts []models.NotifyContact
 	ginx.BindJSON(c, &notifyContacts)

-	keys := []string{models.DingtalkKey, models.WecomKey, models.FeishuKey, models.MmKey,
-		models.TelegramKey, models.LarkKey}
-
-	m := make(map[string]struct{})
-	for _, v := range notifyContacts {
-		m[v.Ident] = struct{}{}
-	}
-
-	for _, v := range keys {
-		if _, ok := m[v]; !ok {
-			ginx.Bomb(200, "contact %s ident can not modify", v)
-		}
-	}
-
 	data, err := json.Marshal(notifyContacts)
 	ginx.Dangerous(err)
 	username := c.MustGet("username").(string)
@@ -182,7 +169,7 @@ func (rt *Router) notifyConfigPut(c *gin.Context) {

 		smtp, errSmtp := SmtpValidate(text)
 		ginx.Dangerous(errSmtp)
-		go sender.RestartEmailSender(smtp)
+		go sender.RestartEmailSender(rt.Ctx, smtp)
 	}

 	ginx.NewRender(c).Message(nil)
@@ -226,3 +213,14 @@ func (rt *Router) attemptSendEmail(c *gin.Context) {
 	ginx.NewRender(c).Message(sender.SendEmail("Email test", "email content", []string{f.Email}, smtp))

 }
+
+func (rt *Router) notifyChannelConfigGets(c *gin.Context) {
+
+	id := ginx.QueryInt64(c, "id", 0)
+	name := ginx.QueryStr(c, "name", "")
+	ident := ginx.QueryStr(c, "ident", "")
+	eabled := ginx.QueryInt(c, "eabled", -1)
+
+	notifyChannels, err := models.NotifyChannelGets(rt.Ctx, id, name, ident, eabled)
+	ginx.NewRender(c).Data(notifyChannels, err)
+}
--- a/center/router/router_notify_rule.go
+++ b/center/router/router_notify_rule.go
@@ -0,0 +1,324 @@
+package router
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/alert/dispatch"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/slice"
+
+	"github.com/gin-gonic/gin"
+	"github.com/pkg/errors"
+	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/logger"
+)
+
+func (rt *Router) notifyRulesAdd(c *gin.Context) {
+	var lst []*models.NotifyRule
+	ginx.BindJSON(c, &lst)
+	if len(lst) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "input json is empty")
+	}
+
+	me := c.MustGet("user").(*models.User)
+	isAdmin := me.IsAdmin()
+	gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+	ginx.Dangerous(err)
+
+	now := time.Now().Unix()
+	for _, nr := range lst {
+		ginx.Dangerous(nr.Verify())
+		if !isAdmin && !slice.HaveIntersection(gids, nr.UserGroupIds) {
+			ginx.Bomb(http.StatusForbidden, "forbidden")
+		}
+
+		nr.CreateBy = me.Username
+		nr.CreateAt = now
+		nr.UpdateBy = me.Username
+		nr.UpdateAt = now
+
+		err := models.Insert(rt.Ctx, nr)
+		ginx.Dangerous(err)
+	}
+	ginx.NewRender(c).Data(lst, nil)
+}
+
+func (rt *Router) notifyRulesDel(c *gin.Context) {
+	var f idsForm
+	ginx.BindJSON(c, &f)
+	f.Verify()
+
+	if me := c.MustGet("user").(*models.User); !me.IsAdmin() {
+		lst, err := models.NotifyRulesGet(rt.Ctx, "id in (?)", f.Ids)
+		ginx.Dangerous(err)
+		gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+		ginx.Dangerous(err)
+		for _, t := range lst {
+			if !slice.HaveIntersection(gids, t.UserGroupIds) {
+				ginx.Bomb(http.StatusForbidden, "forbidden")
+			}
+		}
+	}
+
+	ginx.NewRender(c).Message(models.DB(rt.Ctx).
+		Delete(&models.NotifyRule{}, "id in (?)", f.Ids).Error)
+}
+
+func (rt *Router) notifyRulePut(c *gin.Context) {
+	var f models.NotifyRule
+	ginx.BindJSON(c, &f)
+
+	nr, err := models.NotifyRuleGet(rt.Ctx, "id = ?", ginx.UrlParamInt64(c, "id"))
+	ginx.Dangerous(err)
+	if nr == nil {
+		ginx.Bomb(http.StatusNotFound, "notify rule not found")
+	}
+
+	me := c.MustGet("user").(*models.User)
+	gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+	ginx.Dangerous(err)
+	if !slice.HaveIntersection(gids, nr.UserGroupIds) && !me.IsAdmin() {
+		ginx.Bomb(http.StatusForbidden, "forbidden")
+	}
+
+	f.UpdateBy = me.Username
+	ginx.NewRender(c).Message(nr.Update(rt.Ctx, f))
+}
+
+func (rt *Router) notifyRuleGet(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+	gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+	ginx.Dangerous(err)
+
+	tid := ginx.UrlParamInt64(c, "id")
+	nr, err := models.NotifyRuleGet(rt.Ctx, "id = ?", tid)
+	ginx.Dangerous(err)
+	if nr == nil {
+		ginx.Bomb(http.StatusNotFound, "notify rule not found")
+	}
+
+	if !slice.HaveIntersection(gids, nr.UserGroupIds) && !me.IsAdmin() {
+		ginx.Bomb(http.StatusForbidden, "forbidden")
+	}
+
+	ginx.NewRender(c).Data(nr, nil)
+}
+
+func (rt *Router) notifyRulesGetByService(c *gin.Context) {
+	ginx.NewRender(c).Data(models.NotifyRulesGet(rt.Ctx, "enable = ?", true))
+}
+
+func (rt *Router) notifyRulesGet(c *gin.Context) {
+	me := c.MustGet("user").(*models.User)
+	gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+	ginx.Dangerous(err)
+
+	lst, err := models.NotifyRulesGet(rt.Ctx, "", nil)
+	ginx.Dangerous(err)
+	if me.IsAdmin() {
+		ginx.NewRender(c).Data(lst, nil)
+		return
+	}
+
+	res := make([]*models.NotifyRule, 0)
+	for _, nr := range lst {
+		if slice.HaveIntersection[int64](gids, nr.UserGroupIds) {
+			res = append(res, nr)
+		}
+	}
+	ginx.NewRender(c).Data(res, nil)
+}
+
+type NotifyTestForm struct {
+	EventIDs     []int64             `json:"event_ids" binding:"required"`
+	NotifyConfig models.NotifyConfig `json:"notify_config" binding:"required"`
+}
+
+func (rt *Router) notifyTest(c *gin.Context) {
+	var f NotifyTestForm
+	ginx.BindJSON(c, &f)
+
+	hisEvents, err := models.AlertHisEventGetByIds(rt.Ctx, f.EventIDs)
+	ginx.Dangerous(err)
+
+	if len(hisEvents) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "event not found")
+	}
+
+	ginx.Dangerous(err)
+	events := []*models.AlertCurEvent{}
+	for _, he := range hisEvents {
+		event := he.ToCur()
+		event.SetTagsMap()
+		if dispatch.NotifyRuleApplicable(&f.NotifyConfig, event) {
+			events = append(events, event)
+		}
+	}
+
+	if len(events) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "not events applicable")
+	}
+
+	notifyChannels, err := models.NotifyChannelGets(rt.Ctx, f.NotifyConfig.ChannelID, "", "", -1)
+	ginx.Dangerous(err)
+	if len(notifyChannels) == 0 {
+		ginx.Bomb(http.StatusBadRequest, "notify channel not found")
+	}
+
+	notifyChannel := notifyChannels[0]
+
+	if !notifyChannel.Enable {
+		ginx.Bomb(http.StatusBadRequest, "notify channel not enabled, please enable it first")
+	}
+
+	tplContent := make(map[string]interface{})
+	if notifyChannel.RequestType != "flashtudy" {
+		messageTemplates, err := models.MessageTemplateGets(rt.Ctx, f.NotifyConfig.TemplateID, "", "")
+		ginx.Dangerous(err)
+		if len(messageTemplates) == 0 {
+			ginx.Bomb(http.StatusBadRequest, "message template not found")
+		}
+		tplContent = messageTemplates[0].RenderEvent(events)
+	}
+
+	var contactKey string
+	if notifyChannel.ParamConfig != nil && notifyChannel.ParamConfig.UserInfo != nil {
+		contactKey = notifyChannel.ParamConfig.UserInfo.ContactKey
+	}
+
+	sendtos, flashDutyChannelIDs, customParams := dispatch.GetNotifyConfigParams(&f.NotifyConfig, contactKey, rt.UserCache, rt.UserGroupCache)
+
+	var resp string
+	switch notifyChannel.RequestType {
+	case "flashduty":
+		client, err := models.GetHTTPClient(notifyChannel)
+		ginx.Dangerous(err)
+
+		for i := range flashDutyChannelIDs {
+			resp, err = notifyChannel.SendFlashDuty(events, flashDutyChannelIDs[i], client)
+			if err != nil {
+				break
+			}
+		}
+		logger.Infof("channel_name: %v, event:%+v, tplContent:%s, customParams:%v, respBody: %v, err: %v", notifyChannel.Name, events[0], tplContent, customParams, resp, err)
+		ginx.NewRender(c).Data(resp, err)
+	case "http":
+		client, err := models.GetHTTPClient(notifyChannel)
+		ginx.Dangerous(err)
+
+		if notifyChannel.RequestConfig == nil {
+			ginx.Bomb(http.StatusBadRequest, "request config not found")
+		}
+
+		if notifyChannel.RequestConfig.HTTPRequestConfig == nil {
+			ginx.Bomb(http.StatusBadRequest, "http request config not found")
+		}
+
+		if dispatch.NeedBatchContacts(notifyChannel.RequestConfig.HTTPRequestConfig) || len(sendtos) == 0 {
+			resp, err = notifyChannel.SendHTTP(events, tplContent, customParams, sendtos, client)
+			logger.Infof("channel_name: %v, event:%+v, sendtos:%+v, tplContent:%s, customParams:%v, respBody: %v, err: %v", notifyChannel.Name, events[0], sendtos, tplContent, customParams, resp, err)
+			if err != nil {
+				logger.Errorf("failed to send http notify: %v", err)
+			}
+			ginx.NewRender(c).Data(resp, err)
+		} else {
+			for i := range sendtos {
+				resp, err = notifyChannel.SendHTTP(events, tplContent, customParams, []string{sendtos[i]}, client)
+				logger.Infof("channel_name: %v, event:%+v,  tplContent:%s, customParams:%v, sendto:%+v, respBody: %v, err: %v", notifyChannel.Name, events[0], tplContent, customParams, sendtos[i], resp, err)
+				if err != nil {
+					logger.Errorf("failed to send http notify: %v", err)
+					ginx.NewRender(c).Message(err)
+					return
+				}
+			}
+			ginx.NewRender(c).Message(err)
+		}
+
+	case "smtp":
+		if len(sendtos) == 0 {
+			ginx.Bomb(http.StatusBadRequest, "No valid email address in the user and team")
+		}
+		err := notifyChannel.SendEmailNow(events, tplContent, sendtos)
+		ginx.NewRender(c).Message(err)
+	case "script":
+		resp, _, err := notifyChannel.SendScript(events, tplContent, customParams, sendtos)
+		logger.Infof("channel_name: %v, event:%+v, tplContent:%s, customParams:%v, respBody: %v, err: %v", notifyChannel.Name, events[0], tplContent, customParams, resp, err)
+		ginx.NewRender(c).Data(resp, err)
+	default:
+		logger.Errorf("unsupported request type: %v", notifyChannel.RequestType)
+		ginx.NewRender(c).Message(errors.New("unsupported request type"))
+	}
+}
+
+type paramList struct {
+	Name  string      `json:"name"`
+	CName string      `json:"cname"`
+	Value interface{} `json:"value"`
+}
+
+func (rt *Router) notifyRuleCustomParamsGet(c *gin.Context) {
+	notifyChannelID := ginx.QueryInt64(c, "notify_channel_id")
+
+	me := c.MustGet("user").(*models.User)
+	gids, err := models.MyGroupIds(rt.Ctx, me.Id)
+	ginx.Dangerous(err)
+
+	notifyChannel, err := models.NotifyChannelGet(rt.Ctx, "id=?", notifyChannelID)
+	ginx.Dangerous(err)
+
+	keyMap := make(map[string]string)
+	if notifyChannel == nil {
+		ginx.NewRender(c).Data([][]paramList{}, nil)
+		return
+	}
+
+	if notifyChannel.ParamConfig == nil {
+		ginx.NewRender(c).Data([][]paramList{}, nil)
+		return
+	}
+
+	for _, param := range notifyChannel.ParamConfig.Custom.Params {
+		keyMap[param.Key] = param.CName
+	}
+
+	lst, err := models.NotifyRulesGet(rt.Ctx, "", nil)
+	ginx.Dangerous(err)
+
+	res := make([][]paramList, 0)
+	filter := make(map[string]struct{})
+	for _, nr := range lst {
+		if !slice.HaveIntersection[int64](gids, nr.UserGroupIds) {
+			continue
+		}
+
+		for _, nc := range nr.NotifyConfigs {
+			if nc.ChannelID != notifyChannelID {
+				continue
+			}
+
+			list := make([]paramList, 0)
+			filterKey := ""
+			for key, value := range nc.Params {
+				// 找到在通知媒介中的自定义变量配置项，进行 cname 转换
+				cname, exsits := keyMap[key]
+				if exsits {
+					list = append(list, paramList{
+						Name:  key,
+						CName: cname,
+						Value: value,
+					})
+				}
+				filterKey += fmt.Sprintf("%s:%s,", key, value)
+			}
+			if _, ok := filter[filterKey]; ok {
+				continue
+			}
+			filter[filterKey] = struct{}{}
+			res = append(res, list)
+		}
+	}
+
+	ginx.NewRender(c).Data(res, nil)
+}
--- a/center/router/router_notify_tpl.go
+++ b/center/router/router_notify_tpl.go
@@ -45,7 +45,7 @@ func (rt *Router) notifyTplUpdateContent(c *gin.Context) {
 	ginx.Dangerous(err)

 	if notifyTpl.CreateBy != user.Username && !user.IsAdmin() {
-		ginx.Bomb(403, "no permission")
+		ginx.Bomb(403, "forbidden")
 	}

 	f.UpdateAt = time.Now().Unix()
@@ -64,11 +64,11 @@ func (rt *Router) notifyTplUpdate(c *gin.Context) {
 	ginx.Dangerous(err)

 	if notifyTpl.CreateBy != user.Username && !user.IsAdmin() {
-		ginx.Bomb(403, "no permission")
+		ginx.Bomb(403, "forbidden")
 	}

 	// get the count of the same channel and name but different id
-	count, err := models.Count(models.DB(rt.Ctx).Model(&models.NotifyTpl{}).Where("channel = ? or name = ? and id <> ?", f.Channel, f.Name, f.Id))
+	count, err := models.Count(models.DB(rt.Ctx).Model(&models.NotifyTpl{}).Where("(channel = ? or name = ?) and id <> ?", f.Channel, f.Name, f.Id))
 	ginx.Dangerous(err)
 	if count != 0 {
 		ginx.Bomb(200, "Refuse to create duplicate channel or name")
@@ -138,7 +138,7 @@ func (rt *Router) notifyTplPreview(c *gin.Context) {
 			continue
 		}

-		arr := strings.Split(pair, "=")
+		arr := strings.SplitN(pair, "=", 2)
 		if len(arr) != 2 {
 			continue
 		}
@@ -161,6 +161,10 @@ func (rt *Router) notifyTplPreview(c *gin.Context) {
 func (rt *Router) notifyTplAdd(c *gin.Context) {
 	var f models.NotifyTpl
 	ginx.BindJSON(c, &f)
+
+	user := c.MustGet("user").(*models.User)
+	f.CreateBy = user.Username
+
 	f.Channel = strings.TrimSpace(f.Channel)
 	ginx.Dangerous(templateValidate(f))

@@ -169,6 +173,8 @@ func (rt *Router) notifyTplAdd(c *gin.Context) {
 	if count != 0 {
 		ginx.Bomb(200, "Refuse to create duplicate channel(unique)")
 	}
+
+	f.CreateAt = time.Now().Unix()
 	ginx.NewRender(c).Message(f.Create(rt.Ctx))
 }

@@ -182,8 +188,18 @@ func (rt *Router) notifyTplDel(c *gin.Context) {
 	ginx.Dangerous(err)

 	if notifyTpl.CreateBy != user.Username && !user.IsAdmin() {
-		ginx.Bomb(403, "no permission")
+		ginx.Bomb(403, "forbidden")
 	}

 	ginx.NewRender(c).Message(f.NotifyTplDelete(rt.Ctx, id))
 }
+
+func (rt *Router) messageTemplateGets(c *gin.Context) {
+	id := ginx.QueryInt64(c, "id", 0)
+	name := ginx.QueryStr(c, "name", "")
+	ident := ginx.QueryStr(c, "ident", "")
+
+	tpls, err := models.MessageTemplateGets(rt.Ctx, id, name, ident)
+
+	ginx.NewRender(c).Data(tpls, err)
+}
--- a/center/router/router_proxy.go
+++ b/center/router/router_proxy.go
@@ -7,7 +7,6 @@ import (
 	"net"
 	"net/http"
 	"net/http/httputil"
-	"net/url"
 	"strings"
 	"sync"
 	"time"
@@ -112,9 +111,9 @@ func (rt *Router) dsProxy(c *gin.Context) {
 		return
 	}

-	target, err := url.Parse(ds.HTTPJson.Url)
+	target, err := ds.HTTPJson.ParseUrl()
 	if err != nil {
-		c.String(http.StatusInternalServerError, "invalid  url: %s", ds.HTTPJson.Url)
+		c.String(http.StatusInternalServerError, "invalid urls: %s", ds.HTTPJson.GetUrls())
 		return
 	}

--- a/center/router/router_query.go
+++ b/center/router/router_query.go
@@ -0,0 +1,266 @@
+package router
+
+import (
+	"fmt"
+	"sort"
+	"sync"
+
+	"github.com/ccfos/nightingale/v6/dscache"
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+	"github.com/toolkits/pkg/logger"
+)
+
+func CheckDsPerm(c *gin.Context, dsId int64, cate string, q interface{}) bool {
+	// todo: 后续需要根据 cate 判断是否需要权限
+	return true
+}
+
+type QueryFrom struct {
+	Queries []Query `json:"queries"`
+	Exps    []Exp   `json:"exps"`
+}
+
+type Query struct {
+	Ref    string      `json:"ref"`
+	Did    int64       `json:"ds_id"`
+	DsCate string      `json:"ds_cate"`
+	Query  interface{} `json:"query"`
+}
+
+type Exp struct {
+	Exp string `json:"exp"`
+	Ref string `json:"ref"`
+}
+
+type LogResp struct {
+	Total int64         `json:"total"`
+	List  []interface{} `json:"list"`
+}
+
+func QueryLogBatchConcurrently(anonymousAccess bool, ctx *gin.Context, f QueryFrom) (LogResp, error) {
+	var resp LogResp
+	var mu sync.Mutex
+	var wg sync.WaitGroup
+	var errs []error
+
+	for _, q := range f.Queries {
+		if !anonymousAccess && !CheckDsPerm(ctx, q.Did, q.DsCate, q) {
+			return LogResp{}, fmt.Errorf("forbidden")
+		}
+
+		plug, exists := dscache.DsCache.Get(q.DsCate, q.Did)
+		if !exists {
+			logger.Warningf("cluster:%d not exists query:%+v", q.Did, q)
+			return LogResp{}, fmt.Errorf("cluster not exists")
+		}
+
+		wg.Add(1)
+		go func(query Query) {
+			defer wg.Done()
+
+			data, total, err := plug.QueryLog(ctx.Request.Context(), query.Query)
+			mu.Lock()
+			defer mu.Unlock()
+			if err != nil {
+				errMsg := fmt.Sprintf("query data error: %v query:%v\n ", err, query)
+				logger.Warningf(errMsg)
+				errs = append(errs, err)
+				return
+			}
+
+			m := make(map[string]interface{})
+			m["ref"] = query.Ref
+			m["ds_id"] = query.Did
+			m["ds_cate"] = query.DsCate
+			m["data"] = data
+
+			resp.List = append(resp.List, m)
+			resp.Total += total
+		}(q)
+	}
+
+	wg.Wait()
+
+	if len(errs) > 0 {
+		return LogResp{}, errs[0]
+	}
+
+	if len(resp.List) == 0 {
+		return LogResp{}, fmt.Errorf("no data")
+	}
+
+	return resp, nil
+}
+
+func (rt *Router) QueryLogBatch(c *gin.Context) {
+	var f QueryFrom
+	ginx.BindJSON(c, &f)
+
+	resp, err := QueryLogBatchConcurrently(rt.Center.AnonymousAccess.PromQuerier, c, f)
+	if err != nil {
+		ginx.Bomb(200, "err:%v", err)
+	}
+
+	ginx.NewRender(c).Data(resp, nil)
+}
+
+func QueryDataConcurrently(anonymousAccess bool, ctx *gin.Context, f models.QueryParam) ([]models.DataResp, error) {
+	var resp []models.DataResp
+	var mu sync.Mutex
+	var wg sync.WaitGroup
+	var errs []error
+
+	for _, q := range f.Querys {
+		if !anonymousAccess && !CheckDsPerm(ctx, f.DatasourceId, f.Cate, q) {
+			return nil, fmt.Errorf("forbidden")
+		}
+
+		plug, exists := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+		if !exists {
+			logger.Warningf("cluster:%d not exists", f.DatasourceId)
+			return nil, fmt.Errorf("cluster not exists")
+		}
+
+		wg.Add(1)
+		go func(query interface{}) {
+			defer wg.Done()
+
+			datas, err := plug.QueryData(ctx.Request.Context(), query)
+			if err != nil {
+				logger.Warningf("query data error: req:%+v err:%v", query, err)
+				mu.Lock()
+				errs = append(errs, err)
+				mu.Unlock()
+				return
+			}
+
+			logger.Debugf("query data: req:%+v resp:%+v", query, datas)
+			mu.Lock()
+			resp = append(resp, datas...)
+			mu.Unlock()
+		}(q)
+	}
+
+	wg.Wait()
+
+	if len(errs) > 0 {
+		return nil, errs[0]
+	}
+
+	// 面向API的统一处理
+	// 按照 .Metric 排序
+	// 确保仪表盘中相同图例的曲线颜色相同
+	if len(resp) > 1 {
+		sort.Slice(resp, func(i, j int) bool {
+			if resp[i].Metric != nil && resp[j].Metric != nil {
+				return resp[i].Metric.String() < resp[j].Metric.String()
+			}
+			return false
+		})
+	}
+
+	return resp, nil
+}
+
+func (rt *Router) QueryData(c *gin.Context) {
+	var f models.QueryParam
+	ginx.BindJSON(c, &f)
+
+	resp, err := QueryDataConcurrently(rt.Center.AnonymousAccess.PromQuerier, c, f)
+	if err != nil {
+		ginx.Bomb(200, "err:%v", err)
+	}
+
+	ginx.NewRender(c).Data(resp, nil)
+}
+
+// QueryLogConcurrently 并发查询日志
+func QueryLogConcurrently(anonymousAccess bool, ctx *gin.Context, f models.QueryParam) (LogResp, error) {
+	var resp LogResp
+	var mu sync.Mutex
+	var wg sync.WaitGroup
+	var errs []error
+
+	for _, q := range f.Querys {
+		if !anonymousAccess && !CheckDsPerm(ctx, f.DatasourceId, f.Cate, q) {
+			return LogResp{}, fmt.Errorf("forbidden")
+		}
+
+		plug, exists := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+		if !exists {
+			logger.Warningf("cluster:%d not exists query:%+v", f.DatasourceId, f)
+			return LogResp{}, fmt.Errorf("cluster not exists")
+		}
+
+		wg.Add(1)
+		go func(query interface{}) {
+			defer wg.Done()
+
+			data, total, err := plug.QueryLog(ctx.Request.Context(), query)
+			logger.Debugf("query log: req:%+v resp:%+v", query, data)
+			if err != nil {
+				errMsg := fmt.Sprintf("query data error: %v query:%v\n ", err, query)
+				logger.Warningf(errMsg)
+				mu.Lock()
+				errs = append(errs, err)
+				mu.Unlock()
+				return
+			}
+
+			mu.Lock()
+			resp.List = append(resp.List, data...)
+			resp.Total += total
+			mu.Unlock()
+		}(q)
+	}
+
+	wg.Wait()
+
+	if len(errs) > 0 {
+		return LogResp{}, errs[0]
+	}
+
+	if len(resp.List) == 0 {
+		return LogResp{}, fmt.Errorf("no data")
+	}
+
+	return resp, nil
+}
+
+func (rt *Router) QueryLogV2(c *gin.Context) {
+	var f models.QueryParam
+	ginx.BindJSON(c, &f)
+
+	resp, err := QueryLogConcurrently(rt.Center.AnonymousAccess.PromQuerier, c, f)
+	ginx.NewRender(c).Data(resp, err)
+}
+
+func (rt *Router) QueryLog(c *gin.Context) {
+	var f models.QueryParam
+	ginx.BindJSON(c, &f)
+
+	var resp []interface{}
+	for _, q := range f.Querys {
+		if !rt.Center.AnonymousAccess.PromQuerier && !CheckDsPerm(c, f.DatasourceId, f.Cate, q) {
+			ginx.Bomb(200, "forbidden")
+		}
+
+		plug, exists := dscache.DsCache.Get("elasticsearch", f.DatasourceId)
+		if !exists {
+			logger.Warningf("cluster:%d not exists", f.DatasourceId)
+			ginx.Bomb(200, "cluster not exists")
+		}
+
+		data, _, err := plug.QueryLog(c.Request.Context(), q)
+		if err != nil {
+			logger.Warningf("query data error: %v", err)
+			ginx.Bomb(200, "err:%v", err)
+			continue
+		}
+		resp = append(resp, data...)
+	}
+
+	ginx.NewRender(c).Data(resp, nil)
+}
--- a/center/router/router_recording_rule.go
+++ b/center/router/router_recording_rule.go
@@ -3,15 +3,13 @@ package router
 import (
 	"encoding/json"
 	"net/http"
-	"strconv"
-	"strings"
 	"time"

 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
-	"github.com/toolkits/pkg/str"
 )

 func (rt *Router) recordingRuleGets(c *gin.Context) {
@@ -21,7 +19,7 @@ func (rt *Router) recordingRuleGets(c *gin.Context) {
 }

 func (rt *Router) recordingRuleGetsByGids(c *gin.Context) {
-	gids := str.IdsInt64(ginx.QueryStr(c, "gids", ""), ",")
+	gids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "gids", ""), ",")
 	if len(gids) > 0 {
 		for _, gid := range gids {
 			rt.bgroCheck(c, gid)
@@ -74,6 +72,14 @@ func (rt *Router) recordingRuleAddByFE(c *gin.Context) {
 		ginx.Bomb(http.StatusBadRequest, "input json is empty")
 	}

+	for i := range lst {
+		if len(lst[i].DatasourceQueries) == 0 {
+			lst[i].DatasourceQueries = []models.DatasourceQuery{
+				models.DataSourceQueryAll,
+			}
+		}
+	}
+
 	bgid := ginx.UrlParamInt64(c, "id")
 	reterr := make(map[string]string)
 	for i := 0; i < count; i++ {
@@ -137,23 +143,10 @@ func (rt *Router) recordingRulePutFields(c *gin.Context) {
 	f.Fields["update_by"] = c.MustGet("username").(string)
 	f.Fields["update_at"] = time.Now().Unix()

-	if _, ok := f.Fields["datasource_ids"]; ok {
-		// datasource_ids = "1 2 3"
-		idsStr := strings.Fields(f.Fields["datasource_ids"].(string))
-		ids := make([]int64, 0)
-		for _, idStr := range idsStr {
-			id, err := strconv.ParseInt(idStr, 10, 64)
-			if err != nil {
-				ginx.Bomb(http.StatusBadRequest, "datasource_ids error")
-			}
-			ids = append(ids, id)
-		}
-
-		bs, err := json.Marshal(ids)
-		if err != nil {
-			ginx.Bomb(http.StatusBadRequest, "datasource_ids error")
-		}
-		f.Fields["datasource_ids"] = string(bs)
+	if datasourceQueries, ok := f.Fields["datasource_queries"]; ok {
+		bytes, err := json.Marshal(datasourceQueries)
+		ginx.Dangerous(err)
+		f.Fields["datasource_queries"] = string(bytes)
 	}

 	for i := 0; i < len(f.Ids); i++ {
--- a/center/router/router_role.go
+++ b/center/router/router_role.go
@@ -21,7 +21,9 @@ func (rt *Router) permsGets(c *gin.Context) {
 	if user.IsAdmin() {
 		var lst []string
 		for _, ops := range cconf.Operations.Ops {
-			lst = append(lst, ops.Ops...)
+			for _, op := range ops.Ops {
+				lst = append(lst, op.Name)
+			}
 		}
 		ginx.NewRender(c).Data(lst, nil)
 		return
--- a/center/router/router_role_operation.go
+++ b/center/router/router_role_operation.go
@@ -11,24 +11,32 @@ import (
 )

 func (rt *Router) operationOfRole(c *gin.Context) {
+	var (
+		role           *models.Role
+		err            error
+		res            []string
+		roleOperations []string
+	)
+
 	id := ginx.UrlParamInt64(c, "id")
-	role, err := models.RoleGet(rt.Ctx, "id=?", id)
+	role, err = models.RoleGet(rt.Ctx, "id=?", id)
 	ginx.Dangerous(err)
 	if role == nil {
 		ginx.Bomb(http.StatusOK, "role not found")
 	}

 	if role.Name == "Admin" {
-		var lst []string
 		for _, ops := range cconf.Operations.Ops {
-			lst = append(lst, ops.Ops...)
+			for i := range ops.Ops {
+				res = append(res, ops.Ops[i].Name)
+			}
 		}
-		ginx.NewRender(c).Data(lst, nil)
-		return
+	} else {
+		roleOperations, err = models.OperationsOfRole(rt.Ctx, []string{role.Name})
+		res = roleOperations
 	}

-	ops, err := models.OperationsOfRole(rt.Ctx, []string{role.Name})
-	ginx.NewRender(c).Data(ops, err)
+	ginx.NewRender(c).Data(res, err)
 }

 func (rt *Router) roleBindOperation(c *gin.Context) {
@@ -52,9 +60,19 @@ func (rt *Router) roleBindOperation(c *gin.Context) {
 func (rt *Router) operations(c *gin.Context) {
 	var ops []cconf.Ops
 	for _, v := range rt.Operations.Ops {
-		v.Cname = i18n.Sprintf(c.GetHeader("X-Language"), v.Cname)
-		ops = append(ops, v)
+		newOp := cconf.Ops{
+			Name:  v.Name,
+			Cname: i18n.Sprintf(c.GetHeader("X-Language"), v.Cname),
+			Ops:   []cconf.SingleOp{},
+		}
+		for i := range v.Ops {
+			op := cconf.SingleOp{
+				Name:  v.Ops[i].Name,
+				Cname: i18n.Sprintf(c.GetHeader("X-Language"), v.Ops[i].Cname),
+			}
+			newOp.Ops = append(newOp.Ops, op)
+		}
+		ops = append(ops, newOp)
 	}
-
 	ginx.NewRender(c).Data(ops, nil)
 }
--- a/center/router/router_self.go
+++ b/center/router/router_self.go
@@ -5,6 +5,7 @@ import (
 	"github.com/ccfos/nightingale/v6/pkg/flashduty"
 	"github.com/ccfos/nightingale/v6/pkg/ormx"
 	"github.com/ccfos/nightingale/v6/pkg/secu"
+	"github.com/google/uuid"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
@@ -82,3 +83,48 @@ func (rt *Router) selfPasswordPut(c *gin.Context) {

 	ginx.NewRender(c).Message(user.ChangePassword(rt.Ctx, oldPassWord, newPassWord))
 }
+
+type tokenForm struct {
+	TokenName string `json:"token_name"`
+	Token     string `json:"token"`
+}
+
+func (rt *Router) getToken(c *gin.Context) {
+	username := c.MustGet("username").(string)
+	tokens, err := models.GetTokensByUsername(rt.Ctx, username)
+	ginx.NewRender(c).Data(tokens, err)
+}
+
+func (rt *Router) addToken(c *gin.Context) {
+	var f tokenForm
+	ginx.BindJSON(c, &f)
+
+	username := c.MustGet("username").(string)
+
+	tokens, err := models.GetTokensByUsername(rt.Ctx, username)
+	ginx.Dangerous(err)
+
+	for _, token := range tokens {
+		if token.TokenName == f.TokenName {
+			ginx.NewRender(c).Message("token name already exists")
+			return
+		}
+	}
+
+	token, err := models.AddToken(rt.Ctx, username, uuid.New().String(), f.TokenName)
+	ginx.NewRender(c).Data(token, err)
+}
+
+func (rt *Router) deleteToken(c *gin.Context) {
+	id := ginx.UrlParamInt64(c, "id")
+	username := c.MustGet("username").(string)
+	tokenCount, err := models.CountToken(rt.Ctx, username)
+	ginx.Dangerous(err)
+
+	if tokenCount <= 1 {
+		ginx.NewRender(c).Message("cannot delete the last token")
+		return
+	}
+
+	ginx.NewRender(c).Message(models.DeleteToken(rt.Ctx, id))
+}
--- a/center/router/router_source_token.go
+++ b/center/router/router_source_token.go
@@ -0,0 +1,36 @@
+package router
+
+import (
+	"net/http"
+	"time"
+
+	"github.com/ccfos/nightingale/v6/models"
+	"github.com/google/uuid"
+
+	"github.com/gin-gonic/gin"
+	"github.com/toolkits/pkg/ginx"
+)
+
+// sourceTokenAdd 生成新的源令牌
+func (rt *Router) sourceTokenAdd(c *gin.Context) {
+	var f models.SourceToken
+	ginx.BindJSON(c, &f)
+
+	if f.ExpireAt > 0 && f.ExpireAt <= time.Now().Unix() {
+		ginx.Bomb(http.StatusBadRequest, "expire time must be in the future")
+	}
+
+	token := uuid.New().String()
+
+	username := c.MustGet("username").(string)
+
+	f.Token = token
+	f.CreateBy = username
+	f.CreateAt = time.Now().Unix()
+
+	err := f.Add(rt.Ctx)
+	ginx.Dangerous(err)
+
+	go models.CleanupExpiredTokens(rt.Ctx)
+	ginx.NewRender(c).Data(token, nil)
+}
--- a/center/router/router_target.go
+++ b/center/router/router_target.go
@@ -9,13 +9,14 @@ import (
 	"time"

 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/ctx"
+	"github.com/ccfos/nightingale/v6/pkg/strx"
 	"github.com/ccfos/nightingale/v6/storage"

 	"github.com/gin-gonic/gin"
 	"github.com/prometheus/common/model"
 	"github.com/toolkits/pkg/ginx"
 	"github.com/toolkits/pkg/logger"
-	"github.com/toolkits/pkg/str"
 )

 type TargetQuery struct {
@@ -43,7 +44,7 @@ func (rt *Router) targetGetsByHostFilter(c *gin.Context) {
 }

 func (rt *Router) targetGets(c *gin.Context) {
-	bgids := str.IdsInt64(ginx.QueryStr(c, "gids", ""), ",")
+	bgids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "gids", ""), ",")
 	query := ginx.QueryStr(c, "query", "")
 	limit := ginx.QueryInt(c, "limit", 30)
 	downtime := ginx.QueryInt64(c, "downtime", 0)
@@ -52,8 +53,17 @@ func (rt *Router) targetGets(c *gin.Context) {
 	order := ginx.QueryStr(c, "order", "ident")
 	desc := ginx.QueryBool(c, "desc", false)

+	hosts := queryStrListField(c, "hosts", ",", " ", "\n")
+
 	var err error
-	if len(bgids) == 0 {
+	if len(bgids) > 0 {
+		// 如果用户当前查看的是未归组机器，会传入 bgids = [0]，此时是不需要校验的，故而排除这种情况
+		if !(len(bgids) == 1 && bgids[0] == 0) {
+			for _, gid := range bgids {
+				rt.bgroCheck(c, gid)
+			}
+		}
+	} else {
 		user := c.MustGet("user").(*models.User)
 		if !user.IsAdmin() {
 			// 如果是非 admin 用户，全部对象的情况，找到用户有权限的业务组
@@ -65,11 +75,13 @@ func (rt *Router) targetGets(c *gin.Context) {
 			bgids = append(bgids, 0)
 		}
 	}
+
 	options := []models.BuildTargetWhereOption{
 		models.BuildTargetWhereWithBgids(bgids),
 		models.BuildTargetWhereWithDsIds(dsIds),
 		models.BuildTargetWhereWithQuery(query),
 		models.BuildTargetWhereWithDowntime(downtime),
+		models.BuildTargetWhereWithHosts(hosts),
 	}
 	total, err := models.TargetTotal(rt.Ctx, options...)
 	ginx.Dangerous(err)
@@ -78,6 +90,13 @@ func (rt *Router) targetGets(c *gin.Context) {
 		ginx.Offset(c, limit), order, desc, options...)
 	ginx.Dangerous(err)

+	tgs, err := models.TargetBusiGroupsGetAll(rt.Ctx)
+	ginx.Dangerous(err)
+
+	for _, t := range list {
+		t.GroupIds = tgs[t.Ident]
+	}
+
 	if err == nil {
 		now := time.Now()
 		cache := make(map[int64]*models.BusiGroup)
@@ -157,7 +176,8 @@ func (rt *Router) targetGetsByService(c *gin.Context) {
 func (rt *Router) targetGetTags(c *gin.Context) {
 	idents := ginx.QueryStr(c, "idents", "")
 	idents = strings.ReplaceAll(idents, ",", " ")
-	lst, err := models.TargetGetTags(rt.Ctx, strings.Fields(idents))
+	ignoreHostTag := ginx.QueryBool(c, "ignore_host_tag", false)
+	lst, err := models.TargetGetTags(rt.Ctx, strings.Fields(idents), ignoreHostTag, "")
 	ginx.NewRender(c).Data(lst, err)
 }

@@ -262,7 +282,7 @@ func (rt *Router) validateTags(tags []string) error {
 func (rt *Router) addTagsToTarget(target *models.Target, tags []string) error {
 	for _, tag := range tags {
 		tagKey := strings.Split(tag, "=")[0]
-		if strings.Contains(target.Tags, tagKey+"=") {
+		if _, exist := target.TagsMap[tagKey]; exist {
 			return fmt.Errorf("duplicate tagkey(%s)", tagKey)
 		}
 	}
@@ -379,8 +399,31 @@ type targetBgidForm struct {
 	Bgid    int64    `json:"bgid"`
 }

-func (rt *Router) targetUpdateBgid(c *gin.Context) {
-	var f targetBgidForm
+type targetBgidsForm struct {
+	Idents  []string `json:"idents" binding:"required_without=HostIps"`
+	HostIps []string `json:"host_ips" binding:"required_without=Idents"`
+	Bgids   []int64  `json:"bgids"`
+	Tags    []string `json:"tags"`
+	Action  string   `json:"action"` // add del reset
+}
+
+func haveNeverGroupedIdent(ctx *ctx.Context, idents []string) (bool, error) {
+	for _, ident := range idents {
+		bgids, err := models.TargetGroupIdsGetByIdent(ctx, ident)
+		if err != nil {
+			return false, err
+		}
+
+		if len(bgids) <= 0 {
+			return true, nil
+		}
+	}
+
+	return false, nil
+}
+
+func (rt *Router) targetBindBgids(c *gin.Context) {
+	var f targetBgidsForm
 	var err error
 	var failedResults = make(map[string]string)
 	ginx.BindJSON(c, &f)
@@ -396,50 +439,53 @@ func (rt *Router) targetUpdateBgid(c *gin.Context) {
 	}

 	user := c.MustGet("user").(*models.User)
-	if user.IsAdmin() {
-		ginx.NewRender(c).Data(failedResults, models.TargetUpdateBgid(rt.Ctx, f.Idents, f.Bgid, false))
-		return
-	}
-
-	if f.Bgid > 0 {
-		// 把要操作的机器分成两部分，一部分是bgid为0，需要管理员分配，另一部分bgid>0，说明是业务组内部想调整
-		// 比如原来分配给didiyun的机器，didiyun的管理员想把部分机器调整到didiyun-ceph下
-		// 对于调整的这种情况，当前登录用户要对这批机器有操作权限，同时还要对目标BG有操作权限
-		orphans, err := models.IdentsFilter(rt.Ctx, f.Idents, "group_id = ?", 0)
+	if !user.IsAdmin() {
+		// 普通用户，检查用户是否有权限操作所有请求的业务组
+		existing, _, err := models.SeparateTargetIdents(rt.Ctx, f.Idents)
 		ginx.Dangerous(err)
+		rt.checkTargetPerm(c, existing)

-		// 机器里边存在未归组的，登录用户就需要是admin
-		if len(orphans) > 0 && !user.IsAdmin() {
-			can, err := user.CheckPerm(rt.Ctx, "/targets/bind")
+		var groupIds []int64
+		if f.Action == "reset" {
+			// 如果是复写，则需要检查用户是否有权限操作机器之前的业务组
+			bgids, err := models.TargetGroupIdsGetByIdents(rt.Ctx, f.Idents)
 			ginx.Dangerous(err)
-			if !can {
-				ginx.Bomb(http.StatusForbidden, "No permission. Only admin can assign BG")
-			}
+
+			groupIds = append(groupIds, bgids...)
 		}
+		groupIds = append(groupIds, f.Bgids...)

-		reBelongs, err := models.IdentsFilter(rt.Ctx, f.Idents, "group_id > ?", 0)
-		ginx.Dangerous(err)
-
-		if len(reBelongs) > 0 {
-			// 对于这些要重新分配的机器，操作者要对这些机器本身有权限，同时要对目标bgid有权限
-			rt.checkTargetPerm(c, f.Idents)
-
-			bg := BusiGroup(rt.Ctx, f.Bgid)
+		for _, bgid := range groupIds {
+			bg := BusiGroup(rt.Ctx, bgid)
 			can, err := user.CanDoBusiGroup(rt.Ctx, bg, "rw")
 			ginx.Dangerous(err)

 			if !can {
-				ginx.Bomb(http.StatusForbidden, "No permission. You are not admin of BG(%s)", bg.Name)
+				ginx.Bomb(http.StatusForbidden, "forbidden")
+			}
+		}
+		isNeverGrouped, checkErr := haveNeverGroupedIdent(rt.Ctx, f.Idents)
+		ginx.Dangerous(checkErr)
+
+		if isNeverGrouped {
+			can, err := user.CheckPerm(rt.Ctx, "/targets/bind")
+			ginx.Dangerous(err)
+			if !can {
+				ginx.Bomb(http.StatusForbidden, "forbidden")
 			}
 		}
-	} else if f.Bgid == 0 {
-		// 退还机器
-		rt.checkTargetPerm(c, f.Idents)
-	} else {
-		ginx.Bomb(http.StatusBadRequest, "invalid bgid")
 	}

-	ginx.NewRender(c).Data(failedResults, models.TargetUpdateBgid(rt.Ctx, f.Idents, f.Bgid, false))
+	switch f.Action {
+	case "add":
+		ginx.NewRender(c).Data(failedResults, models.TargetBindBgids(rt.Ctx, f.Idents, f.Bgids, f.Tags))
+	case "del":
+		ginx.NewRender(c).Data(failedResults, models.TargetUnbindBgids(rt.Ctx, f.Idents, f.Bgids))
+	case "reset":
+		ginx.NewRender(c).Data(failedResults, models.TargetOverrideBgids(rt.Ctx, f.Idents, f.Bgids, f.Tags))
+	default:
+		ginx.Bomb(http.StatusBadRequest, "invalid action")
+	}
 }

 func (rt *Router) targetUpdateBgidByService(c *gin.Context) {
@@ -458,7 +504,7 @@ func (rt *Router) targetUpdateBgidByService(c *gin.Context) {
 		ginx.Bomb(http.StatusBadRequest, err.Error())
 	}

-	ginx.NewRender(c).Data(failedResults, models.TargetUpdateBgid(rt.Ctx, f.Idents, f.Bgid, false))
+	ginx.NewRender(c).Data(failedResults, models.TargetOverrideBgids(rt.Ctx, f.Idents, []int64{f.Bgid}, nil))
 }

 type identsForm struct {
@@ -482,7 +528,7 @@ func (rt *Router) targetDel(c *gin.Context) {
 		ginx.Bomb(http.StatusBadRequest, err.Error())
 	}

-	ginx.NewRender(c).Data(failedResults, models.TargetDel(rt.Ctx, f.Idents))
+	ginx.NewRender(c).Data(failedResults, models.TargetDel(rt.Ctx, f.Idents, rt.TargetDeleteHook))
 }

 func (rt *Router) targetDelByService(c *gin.Context) {
@@ -501,7 +547,7 @@ func (rt *Router) targetDelByService(c *gin.Context) {
 		ginx.Bomb(http.StatusBadRequest, err.Error())
 	}

-	ginx.NewRender(c).Data(failedResults, models.TargetDel(rt.Ctx, f.Idents))
+	ginx.NewRender(c).Data(failedResults, models.TargetDel(rt.Ctx, f.Idents, rt.TargetDeleteHook))
 }

 func (rt *Router) checkTargetPerm(c *gin.Context, idents []string) {
@@ -510,7 +556,7 @@ func (rt *Router) checkTargetPerm(c *gin.Context, idents []string) {
 	ginx.Dangerous(err)

 	if len(nopri) > 0 {
-		ginx.Bomb(http.StatusForbidden, "No permission to operate the targets: %s", strings.Join(nopri, ", "))
+		ginx.Bomb(http.StatusForbidden, "forbidden")
 	}
 }

@@ -531,3 +577,27 @@ func (rt *Router) targetsOfAlertRule(c *gin.Context) {

 	ginx.NewRender(c).Data(ret, err)
 }
+
+func (rt *Router) checkTargetsExistByIndent(idents []string) {
+	notExists, err := models.TargetNoExistIdents(rt.Ctx, idents)
+	ginx.Dangerous(err)
+
+	if len(notExists) > 0 {
+		ginx.Bomb(http.StatusBadRequest, "targets not exist: %s", strings.Join(notExists, ", "))
+	}
+}
+
+func (rt *Router) targetsOfHostQuery(c *gin.Context) {
+	var queries []models.HostQuery
+	ginx.BindJSON(c, &queries)
+
+	hostsQuery := models.GetHostsQuery(queries)
+	session := models.TargetFilterQueryBuild(rt.Ctx, hostsQuery, 0, 0)
+	var lst []*models.Target
+	err := session.Find(&lst).Error
+	if err != nil {
+		ginx.Bomb(http.StatusInternalServerError, err.Error())
+	}
+
+	ginx.NewRender(c).Data(lst, nil)
+}
--- a/center/router/router_task.go
+++ b/center/router/router_task.go
@@ -1,15 +1,16 @@
 package router

 import (
+	"strings"
 	"time"

 	"github.com/ccfos/nightingale/v6/alert/sender"
 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
 	"github.com/toolkits/pkg/i18n"
-	"github.com/toolkits/pkg/str"
 )

 func (rt *Router) taskGets(c *gin.Context) {
@@ -40,7 +41,7 @@ func (rt *Router) taskGets(c *gin.Context) {
 }

 func (rt *Router) taskGetsByGids(c *gin.Context) {
-	gids := str.IdsInt64(ginx.QueryStr(c, "gids", ""), ",")
+	gids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "gids", ""), ",")
 	if len(gids) > 0 {
 		for _, gid := range gids {
 			rt.bgroCheck(c, gid)
@@ -84,20 +85,6 @@ func (rt *Router) taskGetsByGids(c *gin.Context) {
 	}, nil)
 }

-type taskForm struct {
-	Title     string   `json:"title" binding:"required"`
-	Account   string   `json:"account" binding:"required"`
-	Batch     int      `json:"batch"`
-	Tolerance int      `json:"tolerance"`
-	Timeout   int      `json:"timeout"`
-	Pause     string   `json:"pause"`
-	Script    string   `json:"script" binding:"required"`
-	Args      string   `json:"args"`
-	Action    string   `json:"action" binding:"required"`
-	Creator   string   `json:"creator"`
-	Hosts     []string `json:"hosts" binding:"required"`
-}
-
 func (rt *Router) taskRecordAdd(c *gin.Context) {
 	var f *models.TaskRecord
 	ginx.BindJSON(c, &f)
@@ -112,11 +99,21 @@ func (rt *Router) taskAdd(c *gin.Context) {

 	var f models.TaskForm
 	ginx.BindJSON(c, &f)
+	// 把 f.Hosts 中的空字符串过滤掉
+	hosts := make([]string, 0, len(f.Hosts))
+	for i := range f.Hosts {
+		if strings.TrimSpace(f.Hosts[i]) != "" {
+			hosts = append(hosts, strings.TrimSpace(f.Hosts[i]))
+		}
+	}
+	f.Hosts = hosts

 	bgid := ginx.UrlParamInt64(c, "id")
 	user := c.MustGet("user").(*models.User)
 	f.Creator = user.Username

+	rt.checkTargetsExistByIndent(f.Hosts)
+
 	err := f.Verify()
 	ginx.Dangerous(err)

--- a/center/router/router_task_tpl.go
+++ b/center/router/router_task_tpl.go
@@ -7,6 +7,7 @@ import (
 	"time"

 	"github.com/ccfos/nightingale/v6/models"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
@@ -35,7 +36,7 @@ func (rt *Router) taskTplGetsByGids(c *gin.Context) {
 	query := ginx.QueryStr(c, "query", "")
 	limit := ginx.QueryInt(c, "limit", 20)

-	gids := str.IdsInt64(ginx.QueryStr(c, "gids", ""), ",")
+	gids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "gids", ""), ",")
 	if len(gids) > 0 {
 		for _, gid := range gids {
 			rt.bgroCheck(c, gid)
@@ -118,6 +119,18 @@ type taskTplForm struct {
 	Hosts     []string `json:"hosts"`
 }

+func (f *taskTplForm) Verify() {
+	// 传入的 f.Hosts 可能是 []string{"", "a", "b"}，需要过滤掉空字符串
+	args := make([]string, 0, len(f.Hosts))
+	for _, ident := range f.Hosts {
+		if strings.TrimSpace(ident) != "" {
+			args = append(args, strings.TrimSpace(ident))
+		}
+	}
+
+	f.Hosts = args
+}
+
 func (rt *Router) taskTplAdd(c *gin.Context) {
 	if !rt.Ibex.Enable {
 		ginx.Bomb(400, i18n.Sprintf(c.GetHeader("X-Language"), "This functionality has not been enabled. Please contact the system administrator to activate it."))
@@ -126,10 +139,13 @@ func (rt *Router) taskTplAdd(c *gin.Context) {

 	var f taskTplForm
 	ginx.BindJSON(c, &f)
+	f.Verify()

 	user := c.MustGet("user").(*models.User)
 	now := time.Now().Unix()

+	rt.checkTargetsExistByIndent(f.Hosts)
+
 	sort.Strings(f.Tags)

 	tpl := &models.TaskTpl{
@@ -167,6 +183,9 @@ func (rt *Router) taskTplPut(c *gin.Context) {

 	var f taskTplForm
 	ginx.BindJSON(c, &f)
+	f.Verify()
+
+	rt.checkTargetsExistByIndent(f.Hosts)

 	sort.Strings(f.Tags)

@@ -196,6 +215,13 @@ func (rt *Router) taskTplDel(c *gin.Context) {
 		return
 	}

+	ids, err := models.GetAlertRuleIdsByTaskId(rt.Ctx, tid)
+	ginx.Dangerous(err)
+	if len(ids) > 0 {
+		ginx.NewRender(c).Message("can't del this task tpl, used by alert rule ids(%v) ", ids)
+		return
+	}
+
 	ginx.NewRender(c).Message(tpl.Del(rt.Ctx))
 }

--- a/center/router/router_tdengine.go
+++ b/center/router/router_tdengine.go
@@ -1,14 +1,14 @@
 package router

 import (
-	"net/http"
-
+	"fmt"
 	"github.com/ccfos/nightingale/v6/center/cconf"
+	"github.com/ccfos/nightingale/v6/datasource/tdengine"
+	"github.com/ccfos/nightingale/v6/dscache"
 	"github.com/ccfos/nightingale/v6/models"
-
 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
-	"github.com/toolkits/pkg/logger"
+	"net/http"
 )

 type databasesQueryForm struct {
@@ -20,13 +20,13 @@ func (rt *Router) tdengineDatabases(c *gin.Context) {
 	var f databasesQueryForm
 	ginx.BindJSON(c, &f)

-	tdClient := rt.TdendgineClients.GetCli(f.DatasourceId)
-	if tdClient == nil {
+	datasource, hit := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+	if _, ok := datasource.(*tdengine.TDengine); !hit || !ok {
 		ginx.NewRender(c, http.StatusNotFound).Message("No such datasource")
 		return
 	}

-	databases, err := tdClient.GetDatabases()
+	databases, err := datasource.(*tdengine.TDengine).ShowDatabases(rt.Ctx.Ctx)
 	ginx.NewRender(c).Data(databases, err)
 }

@@ -37,18 +37,29 @@ type tablesQueryForm struct {
 	IsStable     bool   `json:"is_stable"`
 }

+type Column struct {
+	Name string `json:"name"`
+	Type string `json:"type"`
+	Size int    `json:"size"`
+}
+
 // get tdengine tables
 func (rt *Router) tdengineTables(c *gin.Context) {
 	var f tablesQueryForm
 	ginx.BindJSON(c, &f)

-	tdClient := rt.TdendgineClients.GetCli(f.DatasourceId)
-	if tdClient == nil {
+	datasource, hit := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+	if _, ok := datasource.(*tdengine.TDengine); !hit || !ok {
 		ginx.NewRender(c, http.StatusNotFound).Message("No such datasource")
 		return
 	}

-	tables, err := tdClient.GetTables(f.Database, f.IsStable)
+	database := fmt.Sprintf("%s.tables", f.Database)
+	if f.IsStable {
+		database = fmt.Sprintf("%s.stables", f.Database)
+	}
+
+	tables, err := datasource.(*tdengine.TDengine).ShowTables(rt.Ctx.Ctx, database)
 	ginx.NewRender(c).Data(tables, err)
 }

@@ -59,50 +70,31 @@ type columnsQueryForm struct {
 	Table        string `json:"table"`
 }

-// get tdengine columns
 func (rt *Router) tdengineColumns(c *gin.Context) {
 	var f columnsQueryForm
 	ginx.BindJSON(c, &f)

-	tdClient := rt.TdendgineClients.GetCli(f.DatasourceId)
-	if tdClient == nil {
+	datasource, hit := dscache.DsCache.Get(f.Cate, f.DatasourceId)
+	if _, ok := datasource.(*tdengine.TDengine); !hit || !ok {
 		ginx.NewRender(c, http.StatusNotFound).Message("No such datasource")
 		return
 	}

-	columns, err := tdClient.GetColumns(f.Database, f.Table)
-	ginx.NewRender(c).Data(columns, err)
-}
-
-func (rt *Router) QueryData(c *gin.Context) {
-	var f models.QueryParam
-	ginx.BindJSON(c, &f)
-
-	var resp []models.DataResp
-	var err error
-	tdClient := rt.TdendgineClients.GetCli(f.DatasourceId)
-	for _, q := range f.Querys {
-		datas, err := tdClient.Query(q)
-		ginx.Dangerous(err)
-		resp = append(resp, datas...)
+	query := map[string]string{
+		"database": f.Database,
+		"table":    f.Table,
 	}

-	ginx.NewRender(c).Data(resp, err)
-}
-
-func (rt *Router) QueryLog(c *gin.Context) {
-	var f models.QueryParam
-	ginx.BindJSON(c, &f)
-
-	tdClient := rt.TdendgineClients.GetCli(f.DatasourceId)
-	if len(f.Querys) == 0 {
-		ginx.Bomb(200, "querys is empty")
-		return
+	columns, err := datasource.(*tdengine.TDengine).DescribeTable(rt.Ctx.Ctx, query)
+	// 对齐前端，后续可以将 tdEngine 的查数据的接口都统一
+	tdColumns := make([]Column, len(columns))
+	for i, column := range columns {
+		tdColumns[i] = Column{
+			Name: column.Field,
+			Type: column.Type,
+		}
 	}
-
-	data, err := tdClient.QueryLog(f.Querys[0])
-	logger.Debugf("tdengine query:%s result: %+v", f.Querys[0], data)
-	ginx.NewRender(c).Data(data, err)
+	ginx.NewRender(c).Data(tdColumns, err)
 }

 // query sql template
--- a/center/router/router_user.go
+++ b/center/router/router_user.go
@@ -47,12 +47,27 @@ func (rt *Router) userGets(c *gin.Context) {
 	query := ginx.QueryStr(c, "query", "")
 	order := ginx.QueryStr(c, "order", "username")
 	desc := ginx.QueryBool(c, "desc", false)
+	usernames := strings.Split(ginx.QueryStr(c, "usernames", ""), ",")
+	phones := strings.Split(ginx.QueryStr(c, "phones", ""), ",")
+	emails := strings.Split(ginx.QueryStr(c, "emails", ""), ",")

-	rt.UserCache.UpdateUsersLastActiveTime()
+	if len(usernames) == 1 && usernames[0] == "" {
+		usernames = []string{}
+	}
+
+	if len(phones) == 1 && phones[0] == "" {
+		phones = []string{}
+	}
+
+	if len(emails) == 1 && emails[0] == "" {
+		emails = []string{}
+	}
+
+	go rt.UserCache.UpdateUsersLastActiveTime()
 	total, err := models.UserTotal(rt.Ctx, query, stime, etime)
 	ginx.Dangerous(err)

-	list, err := models.UserGets(rt.Ctx, query, limit, ginx.Offset(c, limit), stime, etime, order, desc)
+	list, err := models.UserGets(rt.Ctx, query, limit, ginx.Offset(c, limit), stime, etime, order, desc, usernames, phones, emails)
 	ginx.Dangerous(err)

 	user := c.MustGet("user").(*models.User)
--- a/center/router/router_user_group.go
+++ b/center/router/router_user_group.go
@@ -6,11 +6,11 @@ import (

 	"github.com/ccfos/nightingale/v6/models"
 	"github.com/ccfos/nightingale/v6/pkg/flashduty"
+	"github.com/ccfos/nightingale/v6/pkg/strx"

 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/ginx"
 	"github.com/toolkits/pkg/logger"
-	"github.com/toolkits/pkg/str"
 )

 func (rt *Router) checkBusiGroupPerm(c *gin.Context) {
@@ -32,7 +32,7 @@ func (rt *Router) userGroupGets(c *gin.Context) {
 }

 func (rt *Router) userGroupGetsByService(c *gin.Context) {
-	ids := str.IdsInt64(ginx.QueryStr(c, "ids", ""))
+	ids := strx.IdsInt64ForAPI(ginx.QueryStr(c, "ids", ""))

 	if len(ids) == 0 {
 		lst, err := models.UserGroupGetAll(rt.Ctx)
@@ -111,7 +111,6 @@ func (rt *Router) userGroupPut(c *gin.Context) {

 	me := c.MustGet("user").(*models.User)
 	ug := c.MustGet("user_group").(*models.UserGroup)
-	oldUGName := ug.Name

 	if ug.Name != f.Name {
 		// name changed, check duplication
@@ -130,7 +129,7 @@ func (rt *Router) userGroupPut(c *gin.Context) {
 	if f.IsSyncToFlashDuty || flashduty.NeedSyncTeam(rt.Ctx) {
 		ugs, err := flashduty.NewUserGroupSyncer(rt.Ctx, ug)
 		ginx.Dangerous(err)
-		err = ugs.SyncUGPut(oldUGName)
+		err = ugs.SyncUGPut()
 		ginx.Dangerous(err)
 	}
 	ginx.NewRender(c).Message(ug.Update(rt.Ctx, "Name", "Note", "UpdateAt", "UpdateBy"))
@@ -159,8 +158,11 @@ func (rt *Router) userGroupDel(c *gin.Context) {
 	if isSyncToFlashDuty || flashduty.NeedSyncTeam(rt.Ctx) {
 		ugs, err := flashduty.NewUserGroupSyncer(rt.Ctx, ug)
 		ginx.Dangerous(err)
-		err = ugs.SyncUGDel(ug.Name)
-		ginx.Dangerous(err)
+		err = ugs.SyncUGDel()
+		// 如果team 在 duty 被引用或者已经删除，会报错，可以忽略报错
+		if err != nil {
+			logger.Warningf("failed to sync user group %s to flashduty's team: %v", ug.Name, err)
+		}
 	}
 	ginx.NewRender(c).Message(ug.Del(rt.Ctx))

--- a/center/router/router_user_variable_config.go
+++ b/center/router/router_user_variable_config.go
@@ -40,7 +40,7 @@ func (rt *Router) userVariableConfigPut(context *gin.Context) {
 	user := context.MustGet("user").(*models.User)
 	if !user.IsAdmin() && f.CreateBy != user.Username {
 		// only admin or creator can update
-		ginx.Bomb(403, "no permission")
+		ginx.Bomb(403, "forbidden")
 	}

 	ginx.NewRender(context).Message(models.ConfigsUserVariableUpdate(rt.Ctx, f))
@@ -54,7 +54,7 @@ func (rt *Router) userVariableConfigDel(context *gin.Context) {
 	user := context.MustGet("user").(*models.User)
 	if !user.IsAdmin() && configs.CreateBy != user.Username {
 		// only admin or creator can delete
-		ginx.Bomb(403, "no permission")
+		ginx.Bomb(403, "forbidden")
 	}

 	if configs != nil && configs.External == models.ConfigExternal {
--- a/center/sso/init.go
+++ b/center/sso/init.go
@@ -1,6 +1,7 @@
 package sso

 import (
+	"fmt"
 	"log"
 	"time"

@@ -145,7 +146,7 @@ func Init(center cconf.Center, ctx *ctx.Context, configCache *memsto.ConfigCache
 		}
 	}
 	if configCache == nil {
-		logger.Error("configCache is nil, sso initialization failed")
+		log.Fatalln(fmt.Errorf("configCache is nil, sso initialization failed"))
 	}
 	ssoClient.configCache = configCache
 	userVariableMap := configCache.Get()
--- a/cli/upgrade/config.go
+++ b/cli/upgrade/config.go
@@ -33,7 +33,7 @@ type ClusterOptions struct {
 	MaxIdleConnsPerHost int
 }

-func Parse(fpath string, configPtr interface{}) error {
+func Parse(fpath string, configPtr *Config) error {
 	var (
 		tBuf []byte
 	)
--- a/cmd/edge/edge.go
+++ b/cmd/edge/edge.go
@@ -7,22 +7,23 @@ import (

 	"github.com/ccfos/nightingale/v6/alert"
 	"github.com/ccfos/nightingale/v6/alert/astats"
+	"github.com/ccfos/nightingale/v6/alert/dispatch"
 	"github.com/ccfos/nightingale/v6/alert/process"
 	alertrt "github.com/ccfos/nightingale/v6/alert/router"
 	"github.com/ccfos/nightingale/v6/center/metas"
 	"github.com/ccfos/nightingale/v6/conf"
+	"github.com/ccfos/nightingale/v6/dscache"
 	"github.com/ccfos/nightingale/v6/dumper"
 	"github.com/ccfos/nightingale/v6/memsto"
 	"github.com/ccfos/nightingale/v6/pkg/ctx"
 	"github.com/ccfos/nightingale/v6/pkg/httpx"
 	"github.com/ccfos/nightingale/v6/pkg/logx"
+	"github.com/ccfos/nightingale/v6/pkg/macros"
 	"github.com/ccfos/nightingale/v6/prom"
 	"github.com/ccfos/nightingale/v6/pushgw/idents"
 	pushgwrt "github.com/ccfos/nightingale/v6/pushgw/router"
 	"github.com/ccfos/nightingale/v6/pushgw/writer"
 	"github.com/ccfos/nightingale/v6/storage"
-	"github.com/ccfos/nightingale/v6/tdengine"
-
 	"github.com/flashcatcloud/ibex/src/cmd/ibex"
 )

@@ -52,12 +53,16 @@ func Initialize(configDir string, cryptoKey string) (func(), error) {

 	targetCache := memsto.NewTargetCache(ctx, syncStats, redis)
 	busiGroupCache := memsto.NewBusiGroupCache(ctx, syncStats)
-	idents := idents.New(ctx, redis)
+	configCvalCache := memsto.NewCvalCache(ctx, syncStats)
+	idents := idents.New(ctx, redis, config.Pushgw)
 	metas := metas.New(redis)
 	writers := writer.NewWriters(config.Pushgw)
 	pushgwRouter := pushgwrt.New(config.HTTP, config.Pushgw, config.Alert, targetCache, busiGroupCache, idents, metas, writers, ctx)
-	r := httpx.GinEngine(config.Global.RunMode, config.HTTP)
+	r := httpx.GinEngine(config.Global.RunMode, config.HTTP, configCvalCache.PrintBodyPaths, configCvalCache.PrintAccessLog)
+
 	pushgwRouter.Config(r)
+	macros.RegisterMacro(macros.MacroInVain)
+	dscache.Init(ctx, false)

 	if !config.Alert.Disable {
 		configCache := memsto.NewConfigCache(ctx, syncStats, nil, "")
@@ -69,13 +74,18 @@ func Initialize(configDir string, cryptoKey string) (func(), error) {
 		userCache := memsto.NewUserCache(ctx, syncStats)
 		userGroupCache := memsto.NewUserGroupCache(ctx, syncStats)
 		taskTplsCache := memsto.NewTaskTplCache(ctx)
+		notifyRuleCache := memsto.NewNotifyRuleCache(ctx, syncStats)
+		notifyChannelCache := memsto.NewNotifyChannelCache(ctx, syncStats)
+		messageTemplateCache := memsto.NewMessageTemplateCache(ctx, syncStats)

 		promClients := prom.NewPromClient(ctx)
-		tdengineClients := tdengine.NewTdengineClient(ctx, config.Alert.Heartbeat)
+
+		dispatch.InitRegisterQueryFunc(promClients)
+
 		externalProcessors := process.NewExternalProcessors()

 		alert.Start(config.Alert, config.Pushgw, syncStats, alertStats, externalProcessors, targetCache, busiGroupCache, alertMuteCache,
-			alertRuleCache, notifyConfigCache, taskTplsCache, dsCache, ctx, promClients, tdengineClients, userCache, userGroupCache)
+			alertRuleCache, notifyConfigCache, taskTplsCache, dsCache, ctx, promClients, userCache, userGroupCache, notifyRuleCache, notifyChannelCache, messageTemplateCache)

 		alertrtRouter := alertrt.New(config.HTTP, config.Alert, alertMuteCache, targetCache, busiGroupCache, alertStats, ctx, externalProcessors)

--- a/Show More
+++ b/Show More