当前位置:网站首页>zabbix自定义监控项
zabbix自定义监控项
2022-07-27 10:52:00 【吴爃 (运维也就图一乐!)】
前段时间需要自己写zabbix自定义监控项,脚本,,就简单的写上几个,分享给大家.
#!/bin/bash
#监控cpu的负载率
function avage ( ){
fir=`uptime | awk -F ':' '{print $NF }' | awk "{print $load}" | tr ',' ' '`
sleep 3
fir1=`uptime | awk -F ':' '{print $NF }' | awk "{print $load}" | tr ',' ' '`
avage=`echo "($fir1 - $fir)*100" | bc -l`
echo $avage
}
load=$1
# 根据这个参数,判断去哪一列的值
avage $load
############
# 监控防火墙的状态()
#iptables
#!/bin/bash
# 判断防火墙规则状态,如果没有规则,则默认是没有启用,开始告警.
function Status ( ) {
rules=`iptables -nvL| grep -vE "Chain|target" | grep -v '^$'| wc -l`
if [[ $rules = 0 ]]
then
echo 1
# 1表示防火墙关闭,或异常没有规则了;
else
echo 0
fi
}
# 判断防火墙是否被更新
function Edit ( ) {
# 通过比对id值
first1=`iptables -L -n|md5sum | awk '{print $1}'` > ./first1.txt
sleep 5s
first2=`iptables -L -n|md5sum | awk '{print $1}'` > ./first2.txt
num=`diff -c ./first1.txt ./first2.txt | wc -l`
if [[ $num = 0 ]]
then
echo 1
else
echo 0
#防火墙被修改,开始告警
fi
}
#获取参数
case $1 in
Edit)
Edit
;;
Status)
Status
;;
*)
echo "fail"
;;
esac
#监控messages日志:
num=`tail -n 100 /var/log/messages |grep -i 'error' |wc -l`
echo $num
##监控http进程
#监控进程状态
function Status ( ){
num=`netstat -anlp | grep 80|grep httpd |wc -l `
if [[ $num = 0 ]]
then
echo 0
#表示进程不存在告警
else
echo 1
fi
}
#监控http日志中GET访问次数
function GET_num( ) {
num=`cat /var/log/httpd/access_log | grep GET | wc -l`
echo $num
}
#监控http错误日志
#监控单个ip的访问次数
function ip_num ( ){
num=`cat /var/log/httpd/access_log | awk '{print $1}' | sort -n | uniq -c| awk '{print $1}' | sort -n | tail -n 1 `
echo $num
}
case $1 in
Status)
Status
;;
GET_num)
GET_num
;;
ip_num )
ip_num
;;
*)
echo "fail"
;;
esac
####################################
#监控单个ip链接ssh次数,大于10次就告警
link_num=$(tail -n 100 /var/log/secure | grep 'Failed password'| awk '{print $11}' | sort -n | uniq -c | awk '{print $1}' | sort -n | tail -n 1 )
if [ $link_num -gt 10 ]
then
echo 1 #d但
else
echo 0
fi
#暴力破解10次后,就触发脚本,通过防火墙,将ip禁用
# 优化脚本
link_ip=$(cat /var/log/secure | grep 'Failed password'| awk '{print $11}' | sort -n | uniq -c | awk '{print $2}')
for i in $link_ip
do
# echo "$i"
#过滤出其中ip对应的次数
ssh_num=`cat /var/log/secure | grep 'Failed password'| awk '{print $11}' | sort -n | uniq -c | grep "$i" | awk '{print $1}'`
if [ $ssh_num -gt 10 ]
then
#超过10次,直接告警,然后执行命令,将ip拉黑,加入ssh黑名单中,这里设置触发一次脚本就可以,脚本只触发一次,然后将ip写入
echo 1
deny=`cat /etc/hosts.deny | grep $i| wc -l`
if [[ $deny = 0 ]]
then
echo "sshd:$i:deny" >> /etc/hosts.deny
systemctl restart sshd
fi
fi
done
##检测磁盘cpu中io等待率
#!/bin/bash
num=`iostat -c 5 1 | grep -v "avg-cpu" | awk -F ' ' '{print $12}' |grep -v '^$'`
# if [[ $num > 0.05 ]]
then
echo 1
else
num1=`iostat -c 5 1 | grep -v "avg-cpu" | awk -F ' ' '{print $12}' |grep -v '^$'`
cha=`echo "$num1-$num" | bc `
# if [[ $cha > 0.03 ]]
then
echo 1
else
echo 0
fi
fi
#监控磁盘剩余
#!/bin/bash
size=`df -h | awk '{print $5}'| tail -n 7 | tr '%' ' '| sort -n | tail -n 1`
if [[ $size > 80 ]]
then
echo 1
else
echo 0
fi
#
#监测CPU、内存、虚拟内存使用超过80%报警 ration.sh
#/bin/bash
cpu=`iostat -c 5 1 | grep -v "avg-cpu" | awk -F ' ' '{print $6}' |grep -v '^$' `
cpu_use= `echo "$cpu * 100" | bc`
use=`free -m | grep Mem | awk '{print $3}'| tr 'M' ' '`
total=`free -m | grep Mem | awk '{print $2}'| tr 'M' ' ' `
ratio=`awk 'BEGIN{printf "%.2f\n",('$use'/'$total')}'`
mem=`echo "$ratio*100" | bc`
Total=`cat /proc/meminfo | grep -i "VmallocTotal" | awk '{print $2}'`
Use=`cat /proc/meminfo | grep -i "VmallocUsed" | awk '{print $2}' `
ratio1=`awk 'BEGIN{printf "%.4f\n",('$Use'/'$Total')}'`
vmal=`echo "$ratio1*100" |bc`
if [[ $cpu_use > 80 $vmal > 80 -o $mem > 80 ]]
then
echo 1
else
echo 0
fi
#########监控 crontab服务监控,是否正常执行
#/bin/bash
last_mofidy_timestamps="$(stat -c %Y /var/log/cron)"
echo $last_mofidy_timestamps
sleep 3600
current_timestamps="$(stat -c %Y /var/log/cron)"
echo $current_timestamps
if (($current_timestamps - $last_mofidy_timestamps > 3600)); then
echo 1 #如果时间差大于1小时,就告警
else
echo 0
fi
########
###监控home分区,读写
mkdir -p /home/test
echo "text" >> /home/test
if [[ $? = 0 ]]
then
echo 0
else
echo 1
fi
######服务器SSH服务新增加222监听端口
num=`netstat -anltp | grep 222 | wc -l `
if [[ $num >0 ]]
then
echo 0
else
echo 1
fi
######ssh客户端与ssh服务端,连通性监控
#!/bin/bash
num=`telnet 192.168.136.3 22 | grep -o "Escape character" | wc -l`
if [[ $num != 1 ]]
then
echo 1 #告警
fi
# 磁盘io监控,当磁盘的IOPS大于1000进行报警
# 网卡流量监控,当网卡流量超过100M/s进行报警;
#!/bin/bash
RX=`cat /sys/class/net/ens33/statistics/rx_bytes` #收到的数据包数据
TX=`cat /sys/class/net/ens33/statistics/tx_bytes ` #传输的数据包数量
RMBPS=` echo "$RX/1048576" | bc `
TMBPS=` echo "$TX/1048576" | bc`
if [[ $RMBPS -ge 100 || $TMBPS -ge 100 ]]
then
echo 1
else
echo 0
fi
# sar使用,每个5秒抓一次,抓5次,磁盘IO和CPU使用情况报警
#!/bin/bash
cpu=`sar -p 5 5 | awk '{print $4}'| tail -n +5 | sort -n | tail -n 1 `
io=`sar -d 5 5 | awk '{print $4}'| tail -n +5 | sort -n | tail -n 1`
cpu_status=`awk 'BEGIN{printf($cpu * 100)}' `
io_status=`awk 'BEGIN{printf($io * 100)}' `
if [[ $cpu_status -ge 80 || $io_status -ge 80 ]]
then
echo 1
else
echo 0
fi
# iostat,每个5秒抓一次,抓5次,磁盘IO和CPU使用情况报警
#!/bin/bash
cpu=`iostat -c 5 5 | grep -v "avg-cpu" | awk '{print $1}' | grep '[0-9]' |sort -n |tail -n 1 `
io=`iostat -d 5 5 | grep sda | awk '{print $2}' | sort -n |tail -n 1`
cpu_status=`awk 'BEGIN{printf($cpu * 100)}' `
io_status=`awk 'BEGIN{printf($io * 100)}' `
if [[ $cpu_status -ge 80 || $io_status -ge 80 ]]
then
echo 1
else
echo 0
fi
# vmstat,每个5秒抓一次,抓5次,磁盘IO和CPU使用情况报警
io=`vmstat 5 5 |awk '{print $10}'| grep [0-9]|sort -n| tail -n 1`
cpu=`vmstat 5 5 |awk '{print $13}'| grep [0-9]|sort -n| tail -n 1 `
cpu_status=`awk 'BEGIN{printf($cpu * 100)}' `
io_status=`awk 'BEGIN{printf($io * 100)}' `
if [[ $cpu_status -ge 80 || $io_status -ge 80 ]]
then
echo 1
else
echo 0
fi
#监控网卡流量图
#!/bin/bash
RX=`cat /sys/class/net/ens33/statistics/rx_bytes` #收到的数据包数据
RMBPS=` echo "$RX/1048576" | bc `
echo $RMBPS
TX=`cat /sys/class/net/ens33/statistics/tx_bytes ` #传输的数据包数量
TMBPS=` echo "$TX/1048576" | bc`
echo $TMBPS
###监控失败登录次数大于5次就告警
#!/bin/bash
num=`lastb | awk '{print $3}' | sort -n | uniq -c |awk '{print $1}'`
for i in $num
do
if [[ $i -gt 5 ]]
then
ip=`lastb | awk '{print $3}' | sort -n | uniq -c |grep -w "$i" | awk '{print $2}'`
cat /etc/hosts.allow | grep -q $ip
if [[ $? -eq 0 ]]
then
echo 0
else
echo 1
fi
fi
done
边栏推荐
- 容斥原理 AcWing 890. 能被整除的数
- Game theory acwing 892. Step Nim game
- Moveit2 -- 2. Quick start of moveit in rviz
- 第13章 IO流
- Inclusion exclusion principle acwing 890. divisible numbers
- 2022 Niuke multi school training (3) a-ancestor topic translation
- Maker Hongmeng application development training notes 03
- 背包模型 AcWing 1024. 装箱问题
- The C programming language (2nd) -- Notes -- 1.10
- Bus error problem of MMAP and its solution
猜你喜欢
Codeforces round #664C
properties文件
求组合数 AcWing 889. 满足条件的01序列
Remember an experience of using canvas to make the banner streamer effect of Tencent cloud homepage
![[shader realizes shake random shaking effect _shader effect Chapter 10]](/img/49/99669ebc3ba59a0277bb8bc928f576.png)
[shader realizes shake random shaking effect _shader effect Chapter 10]
15 design movie rental system
Knapsack model acwing 1024. Packing problem
最长上升子序列模型 AcWing 1016. 最大上升子序列和
状态压缩DP AcWing 91. 最短Hamilton路径
Game theory acwing 894. Split Nim game
随机推荐
深析C语言的灵魂 -- 指针
Why choose smart TV?
Digital triangle model acwing 1018. Minimum toll
ACM warm-up Exercise 2 in 2022 summer vacation (summary)
Smart pointer (shared_ptr, unique_ptr, weak_ptr)
Moveit2 - 5. Scenario Planning
C programming language (2nd Edition) -- Reading Notes -- 1.5.4
PAT(乙级)2022年夏季考试
"My" bug collection (Reprinted)
最长上升子序列模型 AcWing 1017. 怪盗基德的滑翔翼
Redis simple to use
力扣——10. 正则表达式匹配
最长上升子序列模型 AcWing 1016. 最大上升子序列和
Longest ascending subsequence model acwing 482. Chorus formation
数字三角形模型 AcWing 1015. 摘花生
Longest ascending subsequence model acwing 1010. Interceptor missile
When std:: bind meets this
[shader realizes shake random shaking effect _shader effect Chapter 10]
ACM warm-up Exercise 1 in 2022 summer vacation (summary)
(4) Operator