自定义监控进程.日志

自定义监控进程.日志

主机说明

服务端	192.168.1.22
客户端	192.168.1.23

自定义监控进程

root@ubuntu:/# mkdir /c-s                    #创建目录以存放脚本 

root@ubuntu:/c-s# vim process.sh      #编写一个查看进程的脚本
#! /bin/bash 
process=$(ps -ef | grep "$1" |grep -Ev "grep | $0" | wc -l)

if [ $process -eq 0 ];then 
    echo "1" 
else 
    echo "0" 
fi    

将脚本写入agent.cnf文件中

root@ubuntu:/c-s# vim /etc/zabbix/zabbix_agentd.conf 
UserParameter=process_everything[*] , /bin/bash /c-s/process.sh $1
####  重启agent服务
~~~ 2
root@ubuntu:/c-s# systemctl restart zabbix-agent.service 

配置监控项

配置触发器

验证

停止vsftpd服务

root@ubuntu:/c-s# systemctl stop vsftpd

恢复服务

root@ubuntu:/c-s# systemctl start vsftpd
root@ubuntu:/c-s# systemctl status vsftpd
● vsftpd.service - vsftpd FTP server
     Loaded: loaded (/lib/systemd/system/vsftpd.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2023-10-06 14:47:47 UTC; 9s ago
    Process: 2448 ExecStartPre=/bin/mkdir -p /var/run/vsftpd/empty (code=exited, status=0/SUCCESS)
   Main PID: 2449 (vsftpd)
      Tasks: 1 (limit: 4538)
     Memory: 848.0K
        CPU: 5ms
     CGroup: /system.slice/vsftpd.service
             └─2449 /usr/sbin/vsftpd /etc/vsftpd.conf

监控日志

编写一个日志脚本

root@ubuntu:/c-s# vim log.sh 

#!/usr/bin/env python3
import sys
import re

def prePos(seekfile):
    global curpos
    try:
        cf = open(seekfile)
    except IOError:
        curpos = 0
        return curpos
    except FileNotFoundError:
        curpos = 0
        return curpos
    else:
        try:
            curpos = int(cf.readline().strip())
        except ValueError:
            curpos = 0
            cf.close()
            return curpos
        cf.close()
    return curpos

def lastPos(filename):
    with open(filename) as lfile:
        if lfile.readline():
            lfile.seek(0,2)
        else:
            return 0
        lastPos = lfile.tell()
    return lastPos

def getSeekFile():
    try:
        seekfile = sys.argv[2]
    except IndexError:
        seekfile = '/tmp/logseek'
    return seekfile

def getKey():
    try:
        tagKey = str(sys.argv[3])
    except IndexError:
        tagKey = 'Error'
    return tagKey

def getResult(filename,seekfile,tagkey):
    destPos = prePos(seekfile)
    curPos = lastPos(filename)

    if curPos < destPos:
        curpos = 0

    try:
        f = open(filename)
    except IOError:
        print('Could not open file: %s' % filename)
    except FileNotFoundError:
        print('Could not open file: %s' % filename)
    else:
        f.seek(destPos)

        while curPos != 0 and f.tell() < curPos:
            rresult = f.readline().strip()
            global result
            if re.search(tagkey, rresult):
                result = 1
                break
            else:
                result = 0

        with open(seekfile,'w') as sf:
            sf.write(str(curPos))
    finally:
        f.close()
    return result

if __name__ == "__main__":
    result = 0
    curpos = 0
    tagkey = getKey()
    seekfile = getSeekFile()
    result = getResult(sys.argv[1],seekfile,tagkey)
    print(result)

创建一个日志文件

root@ubuntu:/c-s# vim /tmp/log-1.log
wqs
d
qw
d
qw
d
wq
d
r

qd
wq
f
qw
root@ubuntu:/c-s# python3 log.py /tmp/log-1.log                         #执行脚本 
0                                                                      #为0这表示为没有错误信息 

####  将脚本放置与agent.cnf配置文件中  
~~~ 2
root@ubuntu:/c-s# vim /etc/zabbix/zabbix_agentd.conf 
UserParameter=log_everything[*],python3  /c-s/log.py $1 $2 $3

重启服务

root@ubuntu:/c-s# systemctl restart zabbix-agent.service 

配置监控项

配置触发器

验证

root@ubuntu:/c-s# echo Error >> /tmp/log-1.log 
root@ubuntu:/c-s# python3 log.py /tmp/log-1.log 
1