Linux 运维常用服务器脚本

最新推荐文章于 2024-04-29 07:30:00 发布

张耘华

最新推荐文章于 2024-04-29 07:30:00 发布

阅读量457

点赞数

分类专栏： python运维

本文链接：https://blog.csdn.net/oqzuser12345678999q/article/details/109718302

版权

python运维专栏收录该内容

8 篇文章 1 订阅

订阅专栏

一、分析日志IP把可疑ip加入防火墙脚本

crontab -e 添加定时检查
检测
----------------------------
#!/bin/bash
#2017-11-22
#xxx
GREP_STR=`date +%Y:%H:%M -d '-1  minute'`;
GREP_URL1=/carorder/index/send_sms.html
GREP_URL2=/index/login/getMobileVerify
LOG_NAME=www.xxxxxx.access.log
WORK_DIR=/usr/local/openresty/nginx/logs
DATE=$(date +%Y-%m-%d\ %H:%M -d '-1 minute')
cd ${WORK_DIR}
grep ${GREP_STR} ${LOG_NAME} |egrep "${GREP_URL1}|${GREP_URL2}" | awk '{ print $1}' | sort | uniq -c | awk '{if ($1 > 2 ) print $1,$2}' | while read line
do
        count=`echo $line | awk '{print $1}'`
        ip=`echo $line | awk '{print $2}'`
        flag=`firewall-cmd --list-rich-rules | grep $ip | wc -l`
        if [ $flag -gt 0 ];then
                echo -e  "攻击ip:${ip}\t攻击次数:${count}\t时间:${DATE}\t已拦截"
                continue;
        fi
        if [ $count -gt 30 ];then
                firewall-cmd --add-rich-rule="rule family='ipv4' source address='$ip' reject"
#               firewall-cmd --add-rich-rule="rule family='ipv4' source address='$ip' reject" --permanent
                echo -e  "攻击ip:${ip}\t攻击次数:${count}\t时间:${DATE}\t永久拦截 "
        elif [ $count -gt 10 ];then
                firewall-cmd --add-rich-rule="rule family='ipv4' source address='$ip' reject" --timeout=86400
                echo -e  "攻击ip:${ip}\t攻击次数:${count}\t时间:${DATE}\t拦截一天 "
        else
                firewall-cmd --add-rich-rule="rule family='ipv4' source address='$ip' reject" --timeout=7200
                echo -e  "攻击ip:${ip}\t攻击次数:${count}\t时间:${DATE}\t拦截一小时"
        fi
#       firewall-cmd --add-rich-rule="rule family='ipv4' source address='$ip' reject" --timeout=3600 >/dev/null
#       echo -e  "攻击ip:${ip}\t攻击次数:${count}\t时间:${GREP_STR}"
done

----------------------
添加
#!/bin/sh
while inotifywait -e modify /usr/local/openresty/nginx/logs/mobileverify.access.log; do
   for i in `tail -n 3 /usr/local/openresty/nginx/logs/mobileverify.access.log | awk '{ips[$1]+=1} END{for(ip in ips) print ip}' | sort -nr`
   do
      echo "rule family='ipv4' source address='$i' reject"
      firewall-cmd --add-rich-rule="rule family='ipv4' source address='$i' reject"
      echo "end";
   done
done

二、python上传日志到oss

#!/bin/bash
#auth:zyh
#date:2020-11-09
#上传昨天日志到oss

cd /data/tiger/master
nohup /usr/bin/python ./put_logs.py >nohup.out 2>&1 &
#/usr/bin/python ./put_logs.py >/dev/null
#删除昨天的日志
#dir_logs="/data/xxx/xxxx/runtime/logs_org"
#y_day="`date -d \"1 day ago\" +%Y-%m-%d`"
#delfile=$dir_logs/PHP_org_$y_day".log"
#echo $delfile
#rm -f $delfile
[root@kcwc4 conf.d]# cat /xxx/xxx/xxxx/put_logs.py
#! /usr/bin/env python
# ! -*- coding:utf8 -*-
""" aliyujn oss2 python sdk 上传静态资源!!"""
from __future__ import print_function
import shutil
import oss2
import os, sys
import datetime
# 首先初始化AccessKeyId、AccessKeySecret、Endpoint等信息。
# 通过环境变量获取，或者把诸如“<你的AccessKeyId>”替换成真实的AccessKeyId等。
#
# 以杭州区域为例，Endpoint可以是：
#   http://oss-cn-xxx.aliyuncs.com
#   https://oss-cn-xxxx.aliyuncs.com
# 分别以HTTP、HTTPS协议访问。
access_key_id = os.getenv('OSS_TEST_ACCESS_KEY_ID', 'xxxx')
access_key_secret = os.getenv('OSS_TEST_ACCESS_KEY_SECRET', 'xxx')
bucket_name = os.getenv('OSS_TEST_BUCKET', 'kcwc')
endpoint = os.getenv('OSS_TEST_ENDPOINT', 'oss-cn-xxxxxx-internal.aliyuncs.com')


# 确认上面的参数都填写正确了
for param in (access_key_id, access_key_secret, bucket_name, endpoint):
    assert '<' not in param, '请设置参数：' + param


# 创建Bucket对象，所有Object相关的接口都可以通过Bucket对象来进行
bucket = oss2.Bucket(oss2.Auth(access_key_id, access_key_secret), endpoint, bucket_name)

#进度条功能
def percentage(consumed_bytes, total_bytes):
    if total_bytes:
        rate = int(100 * (float(consumed_bytes) / float(total_bytes)))
        print('\r{0}% '.format(rate), end='')
        sys.stdout.flush()


# 上传一段字符串。Object名是motto.txt，内容是一段名言。
#bucket.put_object('f-car-pc/fonts/motto.txt', 'Never give up. - Jack Ma')

#bucket.put_object_from_file('f-car-pc/fonts/111/motto.txt', '/tmp/index7.html',progress_callback=percentage)
#定义根目录
local_dir = "/data/xxxxx/xxx/runtime/logs_org"
remote_dir = "orglogs"
#本地文件列表
local_files = []

# 文件归类,获取要上传的图片的本地res的所有文件的绝对路径
def getLocalFiles(local_dir):
    if os.path.exists(local_dir):
        for res in os.listdir(local_dir):
            file_dir = local_dir + os.sep + res
            if os.path.isfile(file_dir):
                local_files.append(file_dir)
            if os.path.isdir(file_dir):
                getLocalFiles(file_dir)
#上传函数
def putFileToBucket(local_files):
    now = datetime.datetime.now()
    date2 = now + datetime.timedelta(days = -1)
    temp_date2 =  (date2.strftime("%Y-%m-%d"))
    file2 = local_dir + "/PHP_org_"+str(temp_date2)+".log"
    #print (file)
    tempbasename=os.path.basename(file2)
    remote_file_path = remote_dir + "/k4/"+tempbasename
    #bucket.put_object_from_file(remote_file_path, file2)
    if os.path.exists(file2):
        bucket.put_object_from_file(remote_file_path, file2)
        os.unlink(file2)
        print (file2)
    #for local_file_path in local_files:
        #tempbasename=os.path.basename(local_file_path);
        #remote_file_path = remote_dir + "/k2/"+tempbasename #local_file_path[(local_file_path.find('dist') + 4):]
        #bucket.put_object_from_file(remote_file_path, local_file_path)
        #now = datetime.datetime.now()
        #date2 = now + datetime.timedelta(days = -1)
        #print (date2.year)
        # 删除昨天的文件
        #delfile = local_dir + "/PHP_org_"+str(date2.year)+"-"+str(date2.month)+"-"+str(date2.day)+".log"
        #print (delfile)
        #if os.path.exists(delfile):
        #       os.unlink(delfile)

if __name__ == "__main__":
#生成文件列表
    getLocalFiles(local_dir)
#上传文件
    putFileToBucket(local_files)