系统检查监控脚本

凤舞飘伶

已于 2023-01-12 15:37:53 修改

阅读量244

点赞数

分类专栏： Monitor 文章标签： linux unix bash Powered by 金山文档

于 2023-01-12 15:36:56 首次发布

本文链接：https://blog.csdn.net/woshaguayi/article/details/128660784

版权

Monitor 专栏收录该内容

12 篇文章 0 订阅

订阅专栏

# Emulating built-in agent parameter 'system.users.num'
UserParameter=system.test,who | wc -l

# Get size of a directory
# Defaults to /tmp
#UserParameter=vfs.dir.size[*],dir="$1"; du -s -B 1 "${dir:-/tmp}" | cut -f1

# Total CPU utilisation by all processes with a given name.
# Returns empty value if no such processes are present, numeric items will turn unsupported
# Defaults to zabbix_agentd
#UserParameter=proc.cpu[*],proc="$1"; ps -o pcpu= -C "${proc:-zabbix_agentd}" | awk '{sum += $$1} END {print sum}'

# Mail queue length from mailq
#UserParameter=unix_mail.queue,mailq | grep -v "Mail queue is empty" | grep -c '^[0-9A-Z]'

# Partition discovery on Linux
#UserParameter=vfs.partitions.discovery.linux,for partition in $(awk 'NR > 2 {print $4}' /proc/partitions); do partitionlist="$partitionlist,"'{"{#PARTITION}":"'$partition'"}'; done; echo '{"data":['${partitionlist#,}']}'

# Partition discovery on Solaris (using iostat output)
# On Solaris bash usually is not the one linked from /bin/sh, so a wrapper script is suggested
#UserParameter=vfs.partitions.discovery.solaris,/somewhere/solaris_partitions.sh
# Wrapper script (solaris_partitions.sh) contents:
##!/bin/bash
#for partition in $(iostat -x | tail +3 | awk '{print $1}'); do
#  partitionlist="$partitionlist,"'{"{#PARTITION}":"'$partition'"}'
#done
#echo '{"data":['${partitionlist#,}']}'
UserParameter=sys.HISTSIZE[*],sh /usr/local/zabbix/conf/zabbix_agentd/system.sh $1
UserParameter=sys.passmin[*],sh /usr/local/zabbix/conf/zabbix_agentd/system.sh $1
UserParameter=sys.passlen[*],sh /usr/local/zabbix/conf/zabbix_agentd/system.sh $1
UserParameter=sys.passmax[*],sh /usr/local/zabbix/conf/zabbix_agentd/system.sh $1
UserParameter=sys.passage[*],sh /usr/local/zabbix/conf/zabbix_agentd/system.sh $1
UserParameter=sys.isRoot[*],sh /usr/local/zabbix/conf/zabbix_agentd/system.sh $1
UserParameter=sys.FirewallStatus[*],sh /usr/local/zabbix/conf/zabbix_agentd/system.sh $1
UserParameter=sys.getLoginStatus[*],sh /usr/local/zabbix/conf/zabbix_agentd/system.sh $1
UserParameter=sys.getCronStatus[*],sh /usr/local/zabbix/conf/zabbix_agentd/system.sh $1
UserParameter=sys.getJdk[*],sh /usr/local/zabbix/conf/zabbix_agentd/system.sh $1
UserParameter=sys.getSystemStatus[*],sh /usr/local/zabbix/conf/zabbix_agentd/system.sh $1

#!/bin/bash
shdir=$(cd `dirname $0`; pwd)
agent_start_user=$1
zabbix_agent_dir=$2
echo $zabbix_agent_dir
cat $zabbix_agent_dir/conf/zabbix_agentd.conf | grep "^Include=/usr/local/zabbix/conf/zabbix_agentd/*.conf" > /dev/null
        if [ $? -ne 0 ]
         then
            cat $zabbix_agent_dir/conf/zabbix_agentd.conf | grep "^Include=.*" > /dev/null
                if [ $? -eq 0 ]
                 then
                  
                  sed -i "/^Include=.*/d "$zabbix_agent_dir/conf/zabbix_agentd.conf
                  
                  echo "Include= $zabbix_agent_dir/conf/zabbix_agentd/*.conf">> $zabbix_agent_dir/conf/zabbix_agentd.conf
                  else 
                  echo "Include= $zabbix_agent_dir/conf/zabbix_agentd/*.conf">> $zabbix_agent_dir/conf/zabbix_agentd.conf
                 fi
fi
chown -R $agent_start_user:$agent_start_user $zabbix_agent_dir

#!/bin/bash
#----将需要监控的的服务器ip配置到server_ip，多个服务器换行输入即可
#示例配置：
#server_ip=(

#    )
#如果将此脚本在数据库本机运行的话，无需配置上述ip，脚本自动判断，数据库服务器多的话不建议单机一个一个跑此脚本
#配置完运行此脚本的服务器需要和其他服务器需要免密登陆 只需要运行此脚本即可，
shdir=$(cd `dirname $0`; pwd)
server_ip=(
    )
#被监控的数据库的用户和密码，建议在数据库增加可读账号    
mysql_user=root
mysql_password=12
#被监控主机的zabbix-agent安装目录
zabbix_agent_dir=/usr/local/zabbix
#被监控主机的zabbix自定义key的脚本存放目录
zabbix_custom_sh=/app/zabbixsh
#agent   xshell端使用端口号默认22和登陆账号默认22  账号是root
port_romote=22
user_romote=root
#zabbix-agent启动用户默认zabbix用户组zabbix
agent_start_user=zabbix
agent_start_group=zabbix
#agent端监控过程任务运行的数据库脚本
cunstom_sh=$shdir/conf/bim-task.sh
#处理agent配置文件的脚本
remote_sh=$shdir/conf/config.sh
#自定义zabbix-agent的key配置文件
cunstom_conf=$shdir/conf/userparameter_bim.conf
length=${#server_ip[@]}
#echo $length
stop_agent(){
 
   for ip in ${server_ip[*]};
      do
      ssh -p${port_romote}  $user_romote@$ip -C "systemctl stop zabbix"
      done
}
sed -i "s#^USER=.*#USER=$mysql_user#g" $shdir/conf/bim-task.sh
sed -i "s#^PASSWD=.*#PASSWD=$mysql_password#g" $shdir/conf/bim-task.sh
scp_conf(){

if [ $length -eq 0 ];then
  sh $shdir/conf/config.sh $agent_start_user $zabbix_agent_dir $agent_start_group $zabbix_custom_sh
  cp -r $shdir/conf/bim-task.sh  $zabbix_custom_sh
  cp -r $shdir/conf/userparameter_bim.conf  $zabbix_agent_dir/conf/zabbix_agentd
  rm -rf  $zabbix_agent_dir/conf/zabbix_agentd/userparameter_examples.conf
  chown -R $agent_start_user:$agent_start_group $zabbix_agent_dir
else
  for ip in ${server_ip[*]};
      do
      scp -r -P${port_romote} $remote_sh $user_romote@$ip:$zabbix_agent_dir/conf
      ssh -p${port_romote} $user_romote@$ip -C "source $zabbix_agent_dir/conf/config.sh $agent_start_user $zabbix_agent_dir $agent_start_group $zabbix_custom_sh"
      scp -r -P${port_romote} $cunstom_sh $user_romote@$ip:$zabbix_custom_sh
      scp -r -P${port_romote} $cunstom_conf $user_romote@$ip:$zabbix_agent_dir/conf/zabbix_agentd
       ssh -p${port_romote} $user_romote@$ip -C "chown -R $agent_start_user:$agent_start_group $zabbix_agent_dir  $zabbix_custom_sh;rm -rf  $zabbix_agent_dir/conf/zabbix_agentd/userparameter_examples.conf"
      
      done
fi
}
star_agent(){
for ip in ${server_ip[*]};
      do
     ssh -p${port_romote} $user_romote@$ip -C 'systemctl restart zabbix'
     done
}
#stop_agent
scp_conf
star_agent

#!/bin/bash

HISTSIZE(){
HISTSIZE=`cat /etc/profile|grep HISTSIZE|head -1|awk -F[=] '{print $2}'`
if test -z "$HISTSIZE"
then
   echo 0
else
   echo $HISTSIZE
fi
}
passmax(){
passmax=`cat /etc/login.defs | grep PASS_MAX_DAYS | grep -v ^# | awk '{print $2}'`
passmin=`cat /etc/login.defs | grep PASS_MIN_DAYS | grep -v ^# | awk '{print $2}'`
passlen=`cat /etc/login.defs | grep PASS_MIN_LEN | grep -v ^# | awk '{print $2}'`
passage=`cat /etc/login.defs | grep PASS_WARN_AGE | grep -v ^# | awk '{print $2}'`

if test -z "$passmax"
then
   echo 0
else
   echo $passmax
fi
}
passmax(){
passmax=`cat /etc/login.defs | grep PASS_MAX_DAYS | grep -v ^# | awk '{print $2}'`
passmin=`cat /etc/login.defs | grep PASS_MIN_DAYS | grep -v ^# | awk '{print $2}'`
passlen=`cat /etc/login.defs | grep PASS_MIN_LEN | grep -v ^# | awk '{print $2}'`
passage=`cat /etc/login.defs | grep PASS_WARN_AGE | grep -v ^# | awk '{print $2}'`

if test -z "$passmax"
then
   echo 0
else
   echo $passmax
fi
}
passmin(){
passmax=`cat /etc/login.defs | grep PASS_MAX_DAYS | grep -v ^# | awk '{print $2}'`
passmin=`cat /etc/login.defs | grep PASS_MIN_DAYS | grep -v ^# | awk '{print $2}'`
passlen=`cat /etc/login.defs | grep PASS_MIN_LEN | grep -v ^# | awk '{print $2}'`
passage=`cat /etc/login.defs | grep PASS_WARN_AGE | grep -v ^# | awk '{print $2}'`

if test -z "$passmin"
then
   echo 0
else
   echo $passmin
fi
}
passlen(){
passmax=`cat /etc/login.defs | grep PASS_MAX_DAYS | grep -v ^# | awk '{print $2}'`
passmin=`cat /etc/login.defs | grep PASS_MIN_DAYS | grep -v ^# | awk '{print $2}'`
passlen=`cat /etc/login.defs | grep PASS_MIN_LEN | grep -v ^# | awk '{print $2}'`
passage=`cat /etc/login.defs | grep PASS_WARN_AGE | grep -v ^# | awk '{print $2}'`

if test -z "$passlen"
then
   echo 0
else
   echo $passlen
fi
}
passage(){
passmax=`cat /etc/login.defs | grep PASS_MAX_DAYS | grep -v ^# | awk '{print $2}'`
passmin=`cat /etc/login.defs | grep PASS_MIN_DAYS | grep -v ^# | awk '{print $2}'`
passlen=`cat /etc/login.defs | grep PASS_MIN_LEN | grep -v ^# | awk '{print $2}'`
passage=`cat /etc/login.defs | grep PASS_WARN_AGE | grep -v ^# | awk '{print $2}'`

if test -z "$passage"
then
   echo 0
else
   echo $passage
fi
}
isRoot(){
config=$(cat /etc/ssh/sshd_config | grep PermitRootLogin)
firstChar=${config:0:1}
if [ $firstChar == "#" ];then
PermitRootLogin="yes" #默认是允许ROOT远程登录的
else
PermitRootLogin=$(echo $config | awk '{print $2}')
fi
if test -z "$PermitRootLogin"
then
   echo 0
else
   echo $PermitRootLogin
fi
}
FirewallStatus(){
 firewall-cmd --state >/dev/null 
     if [ $? -eq  0 ] ; then
        firewalldStatus="yes" 
        fi
 if test -n "$firewalldStatus"
then
   echo $firewalldStatus
fi
}
function getUserLastLogin(){
# 获取用户最近一次登录的时间，含年份
# 很遗憾last命令不支持显示年份，只有"last -t YYYYMMDDHHMMSS"表示某个时间之间的登录，我
# 们只能用最笨的方法了，对比今天之前和今年元旦之前（或者去年之前和前年之前……）某个用户
# 登录次数，如果登录统计次数有变化，则说明最近一次登录是今年。
username=$1
: ${username:="`whoami`"}
thisYear=$(date +%Y)
oldesYear=$(last | tail -n1 | awk '{print $NF}')
while(( $thisYear >= $oldesYear));do
loginBeforeToday=$(last $username | grep $username | wc -l)
loginBeforeNewYearsDayOfThisYear=$(last $username -t $thisYear"0101000000" | grep $username | wc -l)
if [ $loginBeforeToday -eq 0 ];then
echo "从未登录过"
break
elif [ $loginBeforeToday -gt $loginBeforeNewYearsDayOfThisYear ];then
lastDateTime=$(last -i $username | head -n1 | awk '{for(i=4;i<(NF-2);i++)printf"%s ",$i}')" $thisYear" #格式如: Sat Nov 2 20:33 2015
lastDateTime=$(date "+%Y-%m-%d %H:%M:%S" -d "$lastDateTime")
echo "$lastDateTime"
break
else
thisYear=$((thisYear-1))
fi
done
 
}
autoServiceStatus(){
conf=$(systemctl list-unit-files --type=service --state=enabled --no-pager | grep "enabled")
process=$(systemctl list-units --type=service --state=running --no-pager | grep ".service")
#报表信息
SelfInitiatedService="$(echo "$conf" | wc -l)" #自启动服务数量
RuningService="$(echo "$process" | wc -l)" #运行中服务数量
if test -z "$SelfInitiatedService"
then
   echo 0
else
   echo $SelfInitiatedService
fi
}
RunService(){
conf=$(systemctl list-unit-files --type=service --state=enabled --no-pager | grep "enabled")
process=$(systemctl list-units --type=service --state=running --no-pager | grep ".service")
#报表信息
SelfInitiatedService="$(echo "$conf" | wc -l)" #自启动服务数量
RuningService="$(echo "$process" | wc -l)" #运行中服务数量
if test -z "$RuningService"
then
   echo 0
else
   echo $RuningService
fi
}
function getLoginStatus(){
last | head
}
function getCronStatus(){
Crontab=0
for shell in $(grep -v "/sbin/nologin" /etc/shells);do
for user in $(grep "$shell" /etc/passwd| awk -F: '{print $1}');do
crontab -l -u $user >/dev/null 2>&1
status=$?
if [ $status -eq 0 ];then
echo "任务用户:$user"
echo "---------------"
let Crontab=Crontab+$(crontab -l -u $user | wc -l)
echo "计划任务数:$Crontab\n"
echo "---------------"
echo "计划任务:"
crontab -l -u $user
fi
done
done
}
getJdk(){
java -version 2>&1 | grep version | awk '{print $1,$3}' | tr -d '"'
status=$?
if [ $status -eq 0 ];then
echo $JAVA_HOME
echo "---"
$JAVA_HOME/java -version 2>&1 | grep version | awk '{print $1,$3}' | tr -d '"'
fi
}
function getSystemStatus(){
    echo ""
    echo -e "****************************************************系统检查****************************************************"
    if [ -e /etc/sysconfig/i18n ];then
        default_LANG="$(grep "LANG=" /etc/sysconfig/i18n | grep -v "^#" | awk -F '"' '{print $2}')"
    else
        default_LANG=$LANG
    fi
    export LANG="en_US.UTF-8"
    Release=$(cat /etc/redhat-release 2>/dev/null)
    Kernel=$(uname -r)
    OS=$(uname -o)
    Hostname=$(uname -n)
    SELinux=$(/usr/sbin/sestatus | grep "SELinux status: " | awk '{print $3}')
    LastReboot=$(who -b | awk '{print $3,$4}')
    uptime=$(uptime | sed 's/.*up \([^,]*\), .*/\1/')
    echo "     系统：$OS"
    echo " 发行版本：$Release"
    echo "     内核：$Kernel"
    echo "   主机名：$Hostname"
    echo "  SELinux：$SELinux"
    echo "语言/编码：$default_LANG"
    echo " 当前时间：$(date +'%F %T')"
    echo " 最后启动：$LastReboot"
    echo " 运行时间：$uptime"
    export LANG="$default_LANG"
}
function getProcessStatus(){
    echo ""
    echo -e "*************************************************进程检查*******************************************************"
    if [ $(ps -ef | grep defunct | grep -v grep | wc -l) -ge 1 ];then
        echo ""
        echo -e "***************僵尸进程***************"
        ps -ef | head -n1
        ps -ef | grep defunct | grep -v grep
    fi
    echo ""
    echo -e "************CPU占用TOP 10进程*************"
    echo -e "用户 进程ID %CPU 命令 
    $(ps aux | awk '{print $1, $2, $3, $11}' | sort -k3rn | head -n 10 )"| column -t 
    echo ""
    echo -e "************内存占用TOP 10进程*************"
    echo -e "用户 进程ID %MEM 虚拟内存  常驻内存 命令 
    $(ps aux | awk '{print $1, $2, $4, $5, $6, $11}' | sort -k3rn | head -n 10 )"| column -t 
    #echo ""
    #echo -e "************SWAP占用TOP 10进程*************"
    #awk: fatal: cannot open file `/proc/18713/smaps' for reading (No such file or directory)
    #for i in `cd /proc;ls |grep "^[0-9]"|awk ' $0 >100'`;do awk '{if (-f /proc/$i/smaps) print "$i file is not exist"; else print "$i"}';done
    #    for i in `cd /proc;ls |grep "^[0-9]"|awk ' $0 >100'` ;do awk '/Swap:/{a=a+$2}END{print '"$i"',a/1024"M"}' /proc/$i/smaps ;done |sort -k2nr > /tmp/swap.txt
    #echo -e "进程ID SWAP使用 $(cat /tmp/swap.txt|grep -v awk | head -n 10)"| column -t
}
function getHowLongAgo(){
# 计算一个时间戳离现在有多久了
datetime="$*"
[ -z "$datetime" ] && echo "错误的参数：getHowLongAgo() $*"
Timestamp=$(date +%s -d "$datetime") #转化为时间戳
Now_Timestamp=$(date +%s)
Difference_Timestamp=$(($Now_Timestamp-$Timestamp))
days=0;hours=0;minutes=0;
sec_in_day=$((60*60*24));
sec_in_hour=$((60*60));
sec_in_minute=60
while (( $(($Difference_Timestamp-$sec_in_day)) > 1 ))
do
let Difference_Timestamp=Difference_Timestamp-sec_in_day
let days++
done
while (( $(($Difference_Timestamp-$sec_in_hour)) > 1 ))
do
let Difference_Timestamp=Difference_Timestamp-sec_in_hour
let hours++
done
echo "$days 天 $hours 小时前"
}

function getUserStatus(){
echo ""
echo ""
echo "############################ 用户检查 ############################"
#/etc/passwd 最后修改时间
pwdfile="$(cat /etc/passwd)"
Modify=$(stat /etc/passwd | grep Modify | tr '.' ' ' | awk '{print $2,$3}' )
status=$?
if [ $status -eq 0 ];then
 Modify=$(stat /etc/passwd | grep "最近更改" | tr '.' ' ' | awk '{print $1,$2}')
 echo "/etc/passwd $Modify "
else
echo "/etc/passwd 最后修改时间：$Modify "
fi

#echo "/etc/passwd 最后修改时间：$Modify ($(getHowLongAgo $Modify))"
echo ""
echo "特权用户"
echo "--------"
RootUser=""
for user in $(echo "$pwdfile" | awk -F: '{print $1}');do
if [ $(id -u $user) -eq 0 ];then
echo "$user"
RootUser="$RootUser,$user"
fi
done
echo ""
echo "用户列表"
echo "--------"
USERs=0
echo "$(
echo "用户名 UID GID HOME SHELL 最后一次登录"
for shell in $(grep -v "/sbin/nologin" /etc/shells);do
for username in $(grep "$shell" /etc/passwd| awk -F: '{print $1}');do
userLastLogin="$(getUserLastLogin $username)"
echo "$pwdfile" | grep -w "$username" |grep -w "$shell"| awk -F: -v lastlogin="$(echo "$userLastLogin" | tr ' ' '_')" '{print $1,$3,$4,$6,$7,lastlogin}'
done
let USERs=USERs+$(echo "$pwdfile" | grep "$shell"| wc -l)
done
)" | column -t
echo ""
echo "空密码用户"
echo "----------"
USEREmptyPassword=""
for shell in $(grep -v "/sbin/nologin" /etc/shells);do
for user in $(echo "$pwdfile" | grep "$shell" | cut -d: -f1);do
r=$(awk -F: '$2=="!!"{print $1}' /etc/shadow | grep -w $user)
if [ ! -z $r ];then
echo $r
USEREmptyPassword="$USEREmptyPassword,"$r
fi
done 
done
echo ""
echo "相同ID的用户"
echo "------------"
USERTheSameUID=""
UIDs=$(cut -d: -f3 /etc/passwd | sort | uniq -c | awk '$1>1{print $2}')
for uid in $UIDs;do
echo -n "$uid";
USERTheSameUID="$uid"
r=$(awk -F: 'ORS="";$3=='"$uid"'{print ":",$1}' /etc/passwd)

echo "$r"
echo ""
USERTheSameUID="$USERTheSameUID $r,"
done
}
$1