zabbix自定义监控进程和日志
zabbix自定义监控进程
1.安装一个服务
[root@zabbix-agent ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 4096 0.0.0.0:10050 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
[root@zabbix-agent ~]# yum -y install httpd
Complete!
[root@zabbix-agent ~]# rpm -qa | grep httpd
httpd-tools-2.4.57-5.el9.x86_64
httpd-filesystem-2.4.57-5.el9.noarch
rocky-logos-httpd-90.14-2.el9.noarch
httpd-core-2.4.57-5.el9.x86_64
httpd-2.4.57-5.el9.x86_64
2.开启服务
[root@zabbix-agent ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@zabbix-agent ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; preset: disabled)
Active: active (running) since Mon 2024-01-08 14:19:42 CST; 38s ago
Docs: man:httpd.service(8)
Main PID: 33121 (httpd)
Status: "Total requests: 0; Idle/Busy workers 100/0;Requests/sec: 0; Bytes served/sec: 0 B/sec"
Tasks: 213 (limit: 10820)
Memory: 31.7M
CPU: 85ms
[root@zabbix-agent ~]# ps -ef | grep -v grep | grep httpd
root 33121 1 0 14:19 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
apache 34151 33121 0 14:19 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
apache 34152 33121 0 14:19 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
apache 34153 33121 0 14:19 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
apache 34154 33121 0 14:19 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
[root@zabbix-agent ~]# ps -ef | grep -v grep | grep httpd | wc -l
5
3.编写脚本
[root@zabbix-agent ~]# mkdir /scripts
[root@zabbix-agent ~]# touch /scripts/check_process.sh
[root@zabbix-agent ~]# chmod +x /scripts/check_process.sh
[root@zabbix-agent ~]# cd /scripts/
[root@zabbix-agent scripts]# ls
check_process.sh
[root@zabbix-agent scripts]# vim check_process.sh
[root@zabbix-agent scripts]# cat check_process.sh
#!/bin/bash
count=$(ps -ef | grep -Ev "grep|$0" | grep $1 | wc -l)
echo $count
[root@zabbix-agent scripts]# ./check_process.sh httpd
5
[root@zabbix-agent scripts]# ./check_process.sh mysql
0
[root@zabbix-agent scripts]# ./check_process.sh zabbix
6
4.设置自定义监控项
[root@zabbix-agent ~]# cd /usr/local/etc
[root@zabbix-agent etc]# ls
zabbix_agentd.conf zabbix_agentd.conf.d
[root@zabbix-agent etc]# vim zabbix_agentd.conf
UnsafeUserParameters=1 //取消注释并打开
UserParameter=check_process[*],/scripts/check_process.sh $1 //这一行在最后面加
[root@zabbix-agent etc]# systemctl restart zabbix
[root@zabbix-agent etc]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 4096 0.0.0.0:10050 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 511 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
//服务端
[root@zabbixserver ~]# zabbix_get -s 192.168.116.143 -k check_process["httpd"]
5
[root@zabbixserver ~]# zabbix_get -s 192.168.116.143 -k check_process["mysql"]
0
[root@zabbixserver ~]# zabbix_get -s 192.168.116.143 -k check_process["zabbix"]
8
添加监控项
添加触发器
查看监控
zabbix自定义监控日志
1.编写脚本
[root@zabbix-agent ~]# cd /scripts/
[root@zabbix-agent scripts]# ls
check_process.sh
[root@zabbix-agent scripts]# ls
check_process.sh log.py //log.py上传下载的或者自己写,这是个python脚本
[root@zabbix-agent scripts]# chmod +x log.py
[root@zabbix-agent scripts]# ll
total 8
-rwxr-xr-x 1 root root 82 Jan 8 15:11 check_process.sh
-rwxr-xr-x 1 root root 1854 Jan 8 15:39 log.py
[root@zabbix-agent ~]# python -V
Python 3.9.18
[root@zabbix-agent ~]# python /scripts/log.py /var/log/httpd/error_log
0
[root@zabbix-agent ~]# cd /tmp
[root@zabbix-agent tmp]# ls
abc systemd-private-27a401a2365446da8c54f5f7219f7645-systemd-logind.service-xJNsiZ
logseek vmware-root_738-2999591909
systemd-private-27a401a2365446da8c54f5f7219f7645-chronyd.service-VgLwe8 vmware-root_739-4248680507
systemd-private-27a401a2365446da8c54f5f7219f7645-dbus-broker.service-tjPlZ4 zabbix_agentd.log
systemd-private-27a401a2365446da8c54f5f7219f7645-httpd.service-hWPFCf zabbix_agentd.pid
systemd-private-27a401a2365446da8c54f5f7219f7645-kdump.service-2tRvwA
[root@zabbix-agent tmp]# cat logseek //logseek用来记录,上一次读到什么地方
1590[root@zabbix-agent tmp]# //1590是日志的位置
2.编辑配置文件
[root@zabbix-agent ~]# vim /usr/local/etc/zabbix_agentd.conf
UnsafeUserParameters=1
UserParameter=check_log[*],/scripts/log.py $1 //最后面加
[root@zabbix-agent ~]# systemctl restart zabbix
[root@zabbix-agent ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 4096 0.0.0.0:10050 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 511 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
3.授权
[root@zabbix-agent ~]# setfacl -m u:zabbix:rwx /var/log/httpd/
[root@zabbix-agent ~]# getfacl /var/log/httpd/
getfacl: Removing leading '/' from absolute path names
# file: var/log/httpd/
# owner: root
# group: root
user::rwx
user:zabbix:rwx
group::---
mask::rwx
other::---
[root@zabbix-agent ~]# cd /tmp //先删除前面测试的logseek文件
[root@zabbix-agent tmp]# ll
total 32
-rw-r--r--. 1 root root 84 Jan 6 16:32 abc
-rw-r--r-- 1 root root 4 Jan 8 15:42 logseek
drwx------ 3 root root 17 Jan 8 14:05 systemd-private-27a401a2365446da8c54f5f7219f7645-chronyd.service-VgLwe8
drwx------ 3 root root 17 Jan 8 14:05 systemd-private-27a401a2365446da8c54f5f7219f7645-dbus-broker.service-tjPlZ4
drwx------ 3 root root 17 Jan 8 15:33 systemd-private-27a401a2365446da8c54f5f7219f7645-httpd.service-hWPFCf
drwx------ 3 root root 17 Jan 8 14:05 systemd-private-27a401a2365446da8c54f5f7219f7645-kdump.service-2tRvwA
drwx------ 3 root root 17 Jan 8 14:05 systemd-private-27a401a2365446da8c54f5f7219f7645-systemd-logind.service-xJNsiZ
drwx------. 2 root root 6 Jan 5 14:05 vmware-root_738-2999591909
drwx------ 2 root root 6 Jan 8 14:05 vmware-root_739-4248680507
-rw-rw-r--. 1 zabbix zabbix 20145 Jan 8 16:05 zabbix_agentd.log
-rw-rw-r-- 1 zabbix zabbix 6 Jan 8 16:05 zabbix_agentd.pid
[root@zabbix-agent tmp]# rm -f logseek
4.获取
//服务端
[root@zabbixserver ~]# zabbix_get -s 192.168.116.143 -k check_log["/var/log/httpd/error_log"]
0
//客户端
[root@zabbix-agent ~]# cd /tmp
[root@zabbix-agent tmp]# ll
total 32
-rw-r--r--. 1 root root 84 Jan 6 16:32 abc
-rw-rw-r-- 1 zabbix zabbix 4 Jan 8 16:06 logseek
drwx------ 3 root root 17 Jan 8 14:05 systemd-private-27a401a2365446da8c54f5f7219f7645-chronyd.service-VgLwe8
drwx------ 3 root root 17 Jan 8 14:05 systemd-private-27a401a2365446da8c54f5f7219f7645-dbus-broker.service-tjPlZ4
drwx------ 3 root root 17 Jan 8 15:33 systemd-private-27a401a2365446da8c54f5f7219f7645-httpd.service-hWPFCf
drwx------ 3 root root 17 Jan 8 14:05 systemd-private-27a401a2365446da8c54f5f7219f7645-kdump.service-2tRvwA
drwx------ 3 root root 17 Jan 8 14:05 systemd-private-27a401a2365446da8c54f5f7219f7645-systemd-logind.service-xJNsiZ
drwx------. 2 root root 6 Jan 5 14:05 vmware-root_738-2999591909
drwx------ 2 root root 6 Jan 8 14:05 vmware-root_739-4248680507
-rw-rw-r--. 1 zabbix zabbix 20145 Jan 8 16:05 zabbix_agentd.log
-rw-rw-r-- 1 zabbix zabbix 6 Jan 8 16:05 zabbix_agentd.pid
5.测试
//客户端
[root@zabbix-agent ~]# echo 'Error' >> /var/log/httpd/error_log
[root@zabbix-agent ~]# tail -5 /var/log/httpd/error_log
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::20c:29ff:fe7b:5e5c%ens33. Set the 'ServerName' directive globally to suppress this message
[Mon Jan 08 15:34:05.076074 2024] [lbmethod_heartbeat:notice] [pid 214776:tid 214776] AH02282: No slotmem from mod_heartmonitor
[Mon Jan 08 15:34:05.078402 2024] [mpm_event:notice] [pid 214776:tid 214776] AH00489: Apache/2.4.57 (Rocky Linux) configured -- resuming normal operations
[Mon Jan 08 15:34:05.078461 2024] [core:notice] [pid 214776:tid 214776] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
Error
//服务端
[root@zabbixserver ~]# zabbix_get -s 192.168.116.143 -k check_log["/var/log/httpd/error_log"]
1 //为1代表日志文件有错误
添加监控项
添加触发器
查看监控