当前位置:网站首页>zabbix自定义监控项
zabbix自定义监控项
2022-07-27 10:52:00 【吴爃 (运维也就图一乐!)】
前段时间需要自己写zabbix自定义监控项,脚本,,就简单的写上几个,分享给大家.
#!/bin/bash
#监控cpu的负载率
function avage ( ){
fir=`uptime | awk -F ':' '{print $NF }' | awk "{print $load}" | tr ',' ' '`
sleep 3
fir1=`uptime | awk -F ':' '{print $NF }' | awk "{print $load}" | tr ',' ' '`
avage=`echo "($fir1 - $fir)*100" | bc -l`
echo $avage
}
load=$1
# 根据这个参数,判断去哪一列的值
avage $load
############
# 监控防火墙的状态()
#iptables
#!/bin/bash
# 判断防火墙规则状态,如果没有规则,则默认是没有启用,开始告警.
function Status ( ) {
rules=`iptables -nvL| grep -vE "Chain|target" | grep -v '^$'| wc -l`
if [[ $rules = 0 ]]
then
echo 1
# 1表示防火墙关闭,或异常没有规则了;
else
echo 0
fi
}
# 判断防火墙是否被更新
function Edit ( ) {
# 通过比对id值
first1=`iptables -L -n|md5sum | awk '{print $1}'` > ./first1.txt
sleep 5s
first2=`iptables -L -n|md5sum | awk '{print $1}'` > ./first2.txt
num=`diff -c ./first1.txt ./first2.txt | wc -l`
if [[ $num = 0 ]]
then
echo 1
else
echo 0
#防火墙被修改,开始告警
fi
}
#获取参数
case $1 in
Edit)
Edit
;;
Status)
Status
;;
*)
echo "fail"
;;
esac
#监控messages日志:
num=`tail -n 100 /var/log/messages |grep -i 'error' |wc -l`
echo $num
##监控http进程
#监控进程状态
function Status ( ){
num=`netstat -anlp | grep 80|grep httpd |wc -l `
if [[ $num = 0 ]]
then
echo 0
#表示进程不存在告警
else
echo 1
fi
}
#监控http日志中GET访问次数
function GET_num( ) {
num=`cat /var/log/httpd/access_log | grep GET | wc -l`
echo $num
}
#监控http错误日志
#监控单个ip的访问次数
function ip_num ( ){
num=`cat /var/log/httpd/access_log | awk '{print $1}' | sort -n | uniq -c| awk '{print $1}' | sort -n | tail -n 1 `
echo $num
}
case $1 in
Status)
Status
;;
GET_num)
GET_num
;;
ip_num )
ip_num
;;
*)
echo "fail"
;;
esac
####################################
#监控单个ip链接ssh次数,大于10次就告警
link_num=$(tail -n 100 /var/log/secure | grep 'Failed password'| awk '{print $11}' | sort -n | uniq -c | awk '{print $1}' | sort -n | tail -n 1 )
if [ $link_num -gt 10 ]
then
echo 1 #d但
else
echo 0
fi
#暴力破解10次后,就触发脚本,通过防火墙,将ip禁用
# 优化脚本
link_ip=$(cat /var/log/secure | grep 'Failed password'| awk '{print $11}' | sort -n | uniq -c | awk '{print $2}')
for i in $link_ip
do
# echo "$i"
#过滤出其中ip对应的次数
ssh_num=`cat /var/log/secure | grep 'Failed password'| awk '{print $11}' | sort -n | uniq -c | grep "$i" | awk '{print $1}'`
if [ $ssh_num -gt 10 ]
then
#超过10次,直接告警,然后执行命令,将ip拉黑,加入ssh黑名单中,这里设置触发一次脚本就可以,脚本只触发一次,然后将ip写入
echo 1
deny=`cat /etc/hosts.deny | grep $i| wc -l`
if [[ $deny = 0 ]]
then
echo "sshd:$i:deny" >> /etc/hosts.deny
systemctl restart sshd
fi
fi
done
##检测磁盘cpu中io等待率
#!/bin/bash
num=`iostat -c 5 1 | grep -v "avg-cpu" | awk -F ' ' '{print $12}' |grep -v '^$'`
# if [[ $num > 0.05 ]]
then
echo 1
else
num1=`iostat -c 5 1 | grep -v "avg-cpu" | awk -F ' ' '{print $12}' |grep -v '^$'`
cha=`echo "$num1-$num" | bc `
# if [[ $cha > 0.03 ]]
then
echo 1
else
echo 0
fi
fi
#监控磁盘剩余
#!/bin/bash
size=`df -h | awk '{print $5}'| tail -n 7 | tr '%' ' '| sort -n | tail -n 1`
if [[ $size > 80 ]]
then
echo 1
else
echo 0
fi
#
#监测CPU、内存、虚拟内存使用超过80%报警 ration.sh
#/bin/bash
cpu=`iostat -c 5 1 | grep -v "avg-cpu" | awk -F ' ' '{print $6}' |grep -v '^$' `
cpu_use= `echo "$cpu * 100" | bc`
use=`free -m | grep Mem | awk '{print $3}'| tr 'M' ' '`
total=`free -m | grep Mem | awk '{print $2}'| tr 'M' ' ' `
ratio=`awk 'BEGIN{printf "%.2f\n",('$use'/'$total')}'`
mem=`echo "$ratio*100" | bc`
Total=`cat /proc/meminfo | grep -i "VmallocTotal" | awk '{print $2}'`
Use=`cat /proc/meminfo | grep -i "VmallocUsed" | awk '{print $2}' `
ratio1=`awk 'BEGIN{printf "%.4f\n",('$Use'/'$Total')}'`
vmal=`echo "$ratio1*100" |bc`
if [[ $cpu_use > 80 $vmal > 80 -o $mem > 80 ]]
then
echo 1
else
echo 0
fi
#########监控 crontab服务监控,是否正常执行
#/bin/bash
last_mofidy_timestamps="$(stat -c %Y /var/log/cron)"
echo $last_mofidy_timestamps
sleep 3600
current_timestamps="$(stat -c %Y /var/log/cron)"
echo $current_timestamps
if (($current_timestamps - $last_mofidy_timestamps > 3600)); then
echo 1 #如果时间差大于1小时,就告警
else
echo 0
fi
########
###监控home分区,读写
mkdir -p /home/test
echo "text" >> /home/test
if [[ $? = 0 ]]
then
echo 0
else
echo 1
fi
######服务器SSH服务新增加222监听端口
num=`netstat -anltp | grep 222 | wc -l `
if [[ $num >0 ]]
then
echo 0
else
echo 1
fi
######ssh客户端与ssh服务端,连通性监控
#!/bin/bash
num=`telnet 192.168.136.3 22 | grep -o "Escape character" | wc -l`
if [[ $num != 1 ]]
then
echo 1 #告警
fi
# 磁盘io监控,当磁盘的IOPS大于1000进行报警
# 网卡流量监控,当网卡流量超过100M/s进行报警;
#!/bin/bash
RX=`cat /sys/class/net/ens33/statistics/rx_bytes` #收到的数据包数据
TX=`cat /sys/class/net/ens33/statistics/tx_bytes ` #传输的数据包数量
RMBPS=` echo "$RX/1048576" | bc `
TMBPS=` echo "$TX/1048576" | bc`
if [[ $RMBPS -ge 100 || $TMBPS -ge 100 ]]
then
echo 1
else
echo 0
fi
# sar使用,每个5秒抓一次,抓5次,磁盘IO和CPU使用情况报警
#!/bin/bash
cpu=`sar -p 5 5 | awk '{print $4}'| tail -n +5 | sort -n | tail -n 1 `
io=`sar -d 5 5 | awk '{print $4}'| tail -n +5 | sort -n | tail -n 1`
cpu_status=`awk 'BEGIN{printf($cpu * 100)}' `
io_status=`awk 'BEGIN{printf($io * 100)}' `
if [[ $cpu_status -ge 80 || $io_status -ge 80 ]]
then
echo 1
else
echo 0
fi
# iostat,每个5秒抓一次,抓5次,磁盘IO和CPU使用情况报警
#!/bin/bash
cpu=`iostat -c 5 5 | grep -v "avg-cpu" | awk '{print $1}' | grep '[0-9]' |sort -n |tail -n 1 `
io=`iostat -d 5 5 | grep sda | awk '{print $2}' | sort -n |tail -n 1`
cpu_status=`awk 'BEGIN{printf($cpu * 100)}' `
io_status=`awk 'BEGIN{printf($io * 100)}' `
if [[ $cpu_status -ge 80 || $io_status -ge 80 ]]
then
echo 1
else
echo 0
fi
# vmstat,每个5秒抓一次,抓5次,磁盘IO和CPU使用情况报警
io=`vmstat 5 5 |awk '{print $10}'| grep [0-9]|sort -n| tail -n 1`
cpu=`vmstat 5 5 |awk '{print $13}'| grep [0-9]|sort -n| tail -n 1 `
cpu_status=`awk 'BEGIN{printf($cpu * 100)}' `
io_status=`awk 'BEGIN{printf($io * 100)}' `
if [[ $cpu_status -ge 80 || $io_status -ge 80 ]]
then
echo 1
else
echo 0
fi
#监控网卡流量图
#!/bin/bash
RX=`cat /sys/class/net/ens33/statistics/rx_bytes` #收到的数据包数据
RMBPS=` echo "$RX/1048576" | bc `
echo $RMBPS
TX=`cat /sys/class/net/ens33/statistics/tx_bytes ` #传输的数据包数量
TMBPS=` echo "$TX/1048576" | bc`
echo $TMBPS
###监控失败登录次数大于5次就告警
#!/bin/bash
num=`lastb | awk '{print $3}' | sort -n | uniq -c |awk '{print $1}'`
for i in $num
do
if [[ $i -gt 5 ]]
then
ip=`lastb | awk '{print $3}' | sort -n | uniq -c |grep -w "$i" | awk '{print $2}'`
cat /etc/hosts.allow | grep -q $ip
if [[ $? -eq 0 ]]
then
echo 0
else
echo 1
fi
fi
done
边栏推荐
- State compression DP acwing 91. shortest Hamilton path
- 最长上升子序列模型 AcWing 482. 合唱队形
- 力扣——10. 正则表达式匹配
- Knapsack model acwing 423. Picking herbs
- WGet warning: unable to verify
- Today's code farmer girl summarized her notes about NPM package management and URL module
- Introduction to software vulnerability analysis (I)
- 01 BTC cryptology principle
- A deep analysis of the soul of C language -- pointer
- Pat (Grade B) 2022 summer exam
猜你喜欢
The longest ascending subsequence model acwing 1017. The glider wing of the strange thief Kidd
Knapsack problem acwing 9. grouping knapsack problem
求组合数 AcWing 887. 求组合数 III
中国剩余定理 AcWing 204. 表达整数的奇怪方式
What is private traffic?
求组合数 AcWing 885. 求组合数 I
Find the combination number acwing 888. find the combination number IV
Moveit2 - 4. robot model and robot state
Longest ascending subsequence model acwing 1012. Sister Cities
背包问题 AcWing 9. 分组背包问题
随机推荐
Digital triangle model acwing 1027. Grid retrieval
Luogu p1896 non aggression
中国剩余定理 AcWing 204. 表达整数的奇怪方式
Redis simple to use
背包模型 AcWing 1024. 装箱问题
Caused by:org.gradle.api.internal. plugins . PluginApplicationException: Failed to apply plugin
洛谷P1441 砝码称重
The C programming language (2nd) -- Notes -- 1.9
Modelarts image classification and object detection
The article will not keep VIP charges all the time. It will be open for a period of time
数字三角形模型 AcWing 1018. 最低通行费
Gaussian elimination acwing 883. solving linear equations with Gaussian elimination
The C programming language (2nd) -- Notes -- 1.7
最长上升子序列模型 AcWing 482. 合唱队形
Find the combination number acwing 886. find the combination number II
力扣——10. 正则表达式匹配
Kepserver configuration
(5) Printf (instead of echo)
Knapsack model acwing 423. Picking herbs
Longest ascending subsequence model acwing 1010. Interceptor missile