• 巡检服务


    [root@zabbixwxsec server_check]# cat start.sh 
    #!/bin/bash
    #start server check
    #Tue Nov 13 17:47:03 CST 2018
    #diao
    #v1.0
    #>server.information
    #echo "server check start......"
    #echo "服务器基础资源检查:" >>/root/server_check/server.information
    #echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++" >>/root/server_check/server.information
    #cd /root/server_check/source_check;/usr/bin/python inspection.py >> /root/server_check/server.information
    #echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++" >> /root/server_check/server.information
    #echo >> /root/server_check/server.information
    #echo >> /root/server_check/server.information
    #echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++" >> /root/server_check/server.information
    #echo "服务器基础进程检查:" >> /root/server_check/server.information
    #cd /root/server_check/proc_check;/bin/bash check_proc.sh >> /root/server_check/server.information
    #echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++" >> /root/server_check/server.information
    #echo >> /root/server_check/server.information
    #echo >> /root/server_check/server.information
    #echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++" >> /root/server_check/server.information
    #echo "服务器日志信息检查:" >> /root/server_check/server.information
    #cd /root/server_check/log_check;/bin/bash log_analyse_test.sh >>  /root/server_check/server.information
    #echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++" >> /root/server_check/server.information
    #echo "server check finish......"
    
    
    
    echo "server check start......"
    echo "服务器基础资源检查:"
    echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++"
    cd /root/server_check/source_check;/usr/bin/python inspection.py
    echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++"
    echo ""
    echo ""
    echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++"
    echo "服务器基础进程检查:"
    cd /root/server_check/proc_check;/bin/bash check_proc.sh
    echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++"
    echo ""
    echo ""
    echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++"
    echo "服务器日志信息检查:"
    cd /root/server_check/log_check;/bin/bash log_analyse_test.sh
    echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++"
    echo "server check finish......"
    cd /root/server_check/source_check;/usr/bin/python inspection.py
    
    [root@zabbixwxsec source_check]# cat inspection.py 
    #!/usr/bin/env python
    # coding:utf8
    
    import ConfigParser
    import paramiko
    import re
    import threading
    import time
    import zipfile
    import shutil
    import os
    import sys
    
    #用来处理ssh连接
    class Inspection(threading.Thread):
        #用于获取一个IP列表和备份应用列表
        def __init__(self):
            threading.Thread.__init__(self)
            cp = ConfigParser.SafeConfigParser()
            cp.read('cfg') 
            self.ip_list = cp.sections()
            self.backup_file = ["nginx", "oracle", "mysql", "tomcat"]
        
        #用于处理ssh连接
        def ssh_connection(self, host, port, user, pwd):
        try:
                ssh = paramiko.SSHClient()
                ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
                ssh.connect(host, port, username=user, password=pwd)
                return ssh 
        except:
            print host,"无法登陆, 请在配置列表中将其删除后重试!"
            sys.exit(3)
    
        #用于命令执行
        def SSH_Command_execution(self, conn, cmd):
            stdin,stdout,stderr = conn.exec_command(cmd)
            return stdout.read()
    
        #用于日志文件传输
        def Log_file_transfer(self, ip, port, username, password, spath, dpath):
            ssh = paramiko.Transport((ip, int(port)))
        ssh.connect(username=username, password=password)
        sftp = paramiko.SFTPClient.from_transport(ssh)
        sftp.get(spath,dpath)
            ssh.close()        
            
        
        #用于读取配置文件的用户名和密码
        def Conf(self, ip):
            cp = ConfigParser.SafeConfigParser()
            cp.read('cfg')
            port = cp.get(ip,"port")
            user = cp.get(ip,"user")
            passwd = cp.get(ip,"password")
            return ip, port, user, passwd
        
        #用于巡检功能整合
        def scaffold(self, ip,  cmd):
            ip, port, user, passwd = self.Conf(ip)
            conn = self.ssh_connection(ip, int(port), user, passwd)
            res = self.SSH_Command_execution(conn, cmd)
        conn.close()
            return res
    
        #用于日志功能整合
        def Log_shipping(self, ip, spath, dpath):
        ip, port, user, passwd = self.Conf(ip)
        self.Log_file_transfer(ip, port, user, passwd, spath, dpath)
    
    #各种巡检项
    class Main_body(Inspection):
        def __init__(self):
            Inspection.__init__(self)
       
        def Log_Check(self, ip):
        now_time  = time.strftime('%Y%m%d')
            self.scaffold(ip, "/usr/bin/python /root/log.py")
        self.Log_shipping(ip, "/root/error_log/"+now_time+".zip", "/root/error_log/"+ip+".zip")
        z = zipfile.ZipFile("/root/error_log/"+ip+".zip", 'r')
        f = z.namelist()
        for name in f: 
                f_handle=open("/root/error_log/"+name,"wb") 
                   f_handle.write(z.read(name))       
                f_handle.close() 
        z.close()
        shutil.move("/root/error_log/root/error_log/"+now_time+".log", "/root/error_log/"+ip+".log")
        os.remove("/root/error_log/"+ip+".zip")
        return "/root/error_log/"+ip+".log"
    
        def Cpu_Check(self, ip):
            _cmd = self.scaffold(ip, "top -b -n 1")
            used = re.search('(d.d)(s|\%)',_cmd).group(1)
            return used
    
        def Memory_Check(self, ip):
            _cmd = self.scaffold(ip, "free -m")
            if re.search('(.[a-z]+)(6|7)',self.scaffold(ip, "uname -a")).group(2) == "6":
                used = re.search('(buffers/cache:s+)([0-9]+)',_cmd).group(2)
                total = re.search('(Mem:s+)([0-9]+)',_cmd).group(2)
                count = float(used) / float( total) * 100
                return count
            elif re.search('(.[a-z]+)(6|7)',self.scaffold(ip, "uname -a")).group(2) == "7":
                used = re.search('(Mem:)s+(d+)s+(d+)',_cmd).group(3)
                total = re.search('(Mem:)s+(d+)s+(d+)',_cmd).group(2)
                count = float(used) / float(total) * 100
                return count
    
        def Disk_Check(self, ip):
            _cmd = self.scaffold(ip, "df -h")
            gen_used = re.search('(d+\%) (/)',_cmd).group(1)
            return gen_used
            
        def Backup_Check(self, ip):
            cp = ConfigParser.SafeConfigParser()
            cp.read('cfg')
        time_nowadays = time.strftime('%Y%m%d')
        for path in self.backup_file:
            try:
            if cp.get(ip, path):
                tmp_1 = cp.get(ip, path)
                file_path = tmp_1.format(time = time_nowadays)
                _cmd = self.scaffold(ip, "[ -e %s ] && echo $?" %file_path)
    
                if _cmd:
                        return True, path
                else:
                    return False, path
            else:
                        pass
                except Exception as e:
                continue
    
        #数据库检查
        def Oracle_Check(self, ip): 
            pass
            
        #用于主体运行
        def run(self):
            for ip in self.ip_list:
                print ">>>"+ip
                print "+  cpu使用率为" + self.Cpu_Check(ip) + "%"
                print "+  内存使用率为%.1f" %self.Memory_Check(ip) + "%"
                print "+  磁盘使用率为" + self.Disk_Check(ip)
    
            try :
                status,path = self.Backup_Check(ip)
                if status:
                print "+  今天的%s备份文件存在" %path
                else:
                print "+  今天的%s备份文件不存在" %path
            except Exception as e:
                pass
            print  "+  错误日志存放在 %s" %self.Log_Check(ip)
            print
        print "当前时间是 %s" %(time.strftime('%Y-%m-%d %H:%m:%S'))
    
    
    if __name__ == "__main__":
        s = Main_body()
        s.start()
        for t in threading.enumerate():  
            if t is threading.currentThread():
                continue
            t.join() 



    [root@zabbixwxsec source_check]# cat cfg
    #[10.16.183.191]
    #user = root
    #password = xxxxx
    #port = 22
    #oracle = "/opt/bak/file/10.191-tomcat7-{time}.tar.gz"
    
    [10.12.16.7]
    user = root
    password = xxx
    port = 22
    mysql = "/home/bak/usms-db{time}.dmp"
    
    [10.12.16.8]
    user = root
    password = xxxx
    port = 22
    mysql = "/home/bak/usms-db{time}.dmp"
    
    [10.12.16.9]
    user = root
    password = xxxx
    port = 22
    tomcat = "/opt/bak/file/10.32-tomcat-{time}.tar.gz"
    
    
    
     
     

    cd /root/server_check/proc_check;/bin/bash check_proc.sh


    [root@zabbixwxsec proc_check]# cat check_proc.sh #
    !/bin/bash #check server proc #author #Sun Jul 22 10:31:34 CST 2018 #Tue Nov 13 15:00:00 CST 2018(changed) #v1.0--->v1.1 #get ip list and server information /usr/bin/python /root/server_check/proc_check/ssh_server.py >proc.txt cat /root/server_check/proc_check/proc.txt |awk -F"[" '{print $1}' >ip.txt #output server information by regulation while read line do #get current server information by "grep" commond and output $line file cat proc.txt |grep "$line" > ${line}.txt #defining output format echo ">>>>IP地址:$line" echo -e "proc status" #get process nums nums=`cat /root/server_check/proc_check/proc| grep "$line" |awk -F" " '{print $2 }'` #proc 1 proc_name=`cat /root/server_check/proc_check/proc| grep "$line" |awk -F" " '{print $3 }'` echo -ne "${proc_name} " resu_name=`cat /root/server_check/proc_check/${line}.txt| grep $proc_name` &>/dev/null if [ $? -eq 0 ]; then echo "running" else echo "not running" fi if [ $nums -eq 1 ]; then continue fi #exit #proc 2 proc_name=`cat /root/server_check/proc_check/proc| grep "$line" |awk -F" " '{print $4 }'` echo -ne "${proc_name} " resu_name=`cat /root/server_check/proc_check/${line}.txt| grep $proc_name` &>/dev/null if [ $? -eq 0 ]; then echo "running" else echo "not running" fi if [ $nums -eq 2 ]; then continue fi #proc 3 proc_name=`cat /root/server_check/proc_check/proc| grep "$line" |awk -F" " '{print $5 }'` echo -ne "${proc_name} " resu_name=`cat /root/server_check/proc_check/${line}.txt| grep $proc_name` &>/dev/null if [ $? -eq 0 ]; then echo "running" else echo "not running" fi if [ $nums -eq 3 ]; then continue fi #proc 4 proc_name=`cat /root/server_check/proc_check/proc| grep "$line" |awk -F" " '{print $6 }'` echo -ne "${proc_name} " resu_name=`cat /root/server_check/proc_check/${line}.txt| grep $proc_name` &>/dev/null if [ $? -eq 0 ]; then echo "running" else echo "not running" fi if [ $nums -eq 4 ]; then continue fi #proc 5 proc_name=`cat /root/server_check/proc_check/proc| grep "$line" |awk -F" " '{print $7 }'` echo -ne "${proc_name} " resu_name=`cat /root/server_check/proc_check/${line}.txt| grep $proc_name` &>/dev/null if [ $? -eq 0 ]; then echo "running" else echo "not running" fi if [ $nums -eq 5 ]; then continue fi done < ip.txt rm -rf *.txt



    [root@zabbixwxsec proc_check]# cat ssh_server.py 
    #!/usr/bin/python
    #encoding=utf8
    #功能:实现服务器进程监控
    #作者:彼岸花的微笑
    #时间:Sun Jul 22 10:31:34 CST 2018
    #版本:v1.0
    import paramiko
    import sys
    import os
    
    #读取服务器信息文件
    def Check_proc(ipaddr,username,password):
        try:
            ssh=paramiko.SSHClient()
            ssh.load_system_host_keys()
            ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
            ssh.connect(hostname=ipaddr,username=username,password=password,timeout=5)
            stdin, stdout, stderr = ssh.exec_command('ps -ef |egrep "tomcat|mongodb|oracle|grid|mysql|java" |grep -v "grep"')
            sys.stdout.write(ipaddr);print stdout.readlines()
            ssh.close()
        except:
            print ipaddr,"无法登录,请在配置文件中删除后重试!"
            sys.exit()
    
    
    if __name__ == "__main__":
    #    ret1 = Check_proc('10.16.183.191','root','xxx}')
        ret1 = Check_proc('10.12.16.7','root','xxx')
        ret1 = Check_proc('10.12.16.8','root','xxx')
        ret1 = Check_proc('10.12.16.9','root','xxx')
    [root@zabbixwxsec proc_check]# cat proc 
    #10.16.183.191 5 tomcat mongodb oracle mysql java
    10.12.16.7   1 mysql
    10.12.16.8   1 mysql
    10.12.16.9   3 tomcat mongodb java
    cd /root/server_check/log_check;/bin/bash log_analyse_test.sh
    
    [root@zabbixwxsec log_check]# cat log_analyse_test.sh 
    #!/bin/bash
    #logs analyse
    #Tue Nov 13 14:27:49 CST 2018
    #diao
    #get log messages and ip list
    /usr/bin/python get_log_message.py >message.log
    cat message.log |awk -F" " '{print $1}' |sort |uniq > ip.txt
    
    while read line
    do
        cat message.log |grep "^${line}" > "$line"_message.txt
        echo ">>>>>$line"
        #secure log host
        message=`cat "$line"_message.txt |grep "sec1" |awk -F"[" '{print $2}'|awk -F"]" '{print $1}'`
        if [ "$message" != "" ]; then
            echo "安全主机:存在多个访问该主机的IP地址,请注意查看!"
        else
            echo "安全主机:未发现访问该主机的IP地址!"
        fi
        #secure log error
        message=`cat "$line"_message.txt |grep "sec2" |awk -F"[" '{print $2}'|awk -F"]" '{print $1}'`
        if [ "$message" = "" ]; then
            echo "安全日志:未发现日志错误信息!"
        else
            echo "安全日志:发现日志错误信息,请及时处理!"
        fi
        #messages log error
        message=`cat "$line"_message.txt |grep "system" |awk -F"[" '{print $2}'|awk -F"]" '{print $1}'`
        if [ "$message" = "" ]; then
            echo "系统日志:未发现日志错误信息!"
        else
            echo "系统日志:发现日志错误信息,请及时处理!"
        fi
        #kernel log error
        message=`cat "$line"_message.txt |grep "dmesg" |awk -F"[" '{print $2}'|awk -F"]" '{print $1}'`
        if [ "$message" = "" ]; then
            echo "内核日志:未发现日志错误信息!"
        else
            echo "内核日志:发现日志错误信息,请及时处理!"
        fi
        #mail log error
        message=`cat "$line"_message.txt |grep "mail" |awk -F"[" '{print $2}'|awk -F"]" '{print $1}'`
        if [ "$message" = "" ]; then
            echo "邮件日志:未发现日志错误信息!"
        else
            echo "安全日志:发现日志错误信息,请及时处理!"
        fi
        #cron log error
        message=`cat "$line"_message.txt |grep "cron" |awk -F"[" '{print $2}'|awk -F"]" '{print $1}'`
        if [ "$message" = "" ]; then
            echo "定时日志:未发现日志错误信息!"
        else
            echo "安全日志:发现日志错误信息,请及时处理!"
        fi
        #boot log error
        message=`cat "$line"_message.txt |grep "boot" |awk -F"[" '{print $2}'|awk -F"]" '{print $1}'`
        if [ "$message" = "" ]; then
            echo "启动日志:未发现日志错误信息!"
        else
            echo "安全日志:发现日志错误信息,请及时处理!"
        fi
    done < ip.txt
    rm -rf *.txt
    rm -rf message.log


    [root@zabbixwxsec log_check]# cat get_log_message.py 
    #!/usr/bin/python
    #encoding=utf8
    import sys
    import paramiko
    import os
    test_fail='result.fail'
    pass_file=open('passwd','r')
    for line in pass_file:
        inform=line.split()
        ipaddr=inform[0]
        username=inform[1]
        password=inform[2]
        try:
            ssh=paramiko.SSHClient()
            ssh.load_system_host_keys()
            ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
            ssh.connect(hostname=ipaddr,username=username,password=password,timeout=5)
            stdin, stdout, stderr = ssh.exec_command('egrep -o "([0-9]{1,3}.){3}[0-9]{1,3}" /var/log/secure |grep -v ":" |sort |uniq')
            sys.stdout.write(ipaddr+"	{sec1	}	");print stdout.readlines()
            stdin, stdout, stderr = ssh.exec_command('egrep "error|Error|Failed" /var/log/secure')
            sys.stdout.write(ipaddr+"	{sec2	}	");print stdout.readlines()
            stdin, stdout, stderr = ssh.exec_command('egrep "error|Error|Failed" /var/log/messages')
            sys.stdout.write(ipaddr+"	{system	}	");print stdout.readlines()
            stdin, stdout, stderr = ssh.exec_command('egrep "error|Error|Failed" /var/log/dmesg')
            sys.stdout.write(ipaddr+"	{dmesg	}	");print stdout.readlines()
            stdin, stdout, stderr = ssh.exec_command('egrep "error|Error|Failed|warn" /var/log/maillog')
            sys.stdout.write(ipaddr+"	{mail	}	");print stdout.readlines()
            stdin, stdout, stderr = ssh.exec_command('egrep "error|Error|Failed" /var/log/cron')
            sys.stdout.write(ipaddr+"	{cron	}	");print stdout.readlines()
            stdin, stdout, stderr = ssh.exec_command('egrep "error|Error|Failed" /var/log/boot.log')
            sys.stdout.write(ipaddr+"	{boot	}	");print stdout.readlines()
            ssh.close()
        except:
            print ipaddr,"无法登录,请在配置文件中删除后重试!"
            sys.exit()
    pass_file.close()
    [root@zabbixwxsec log_check]# cat passwd 
    10.16.183.191 root xxx
    10.12.16.7 root xx
    10.12.16.8 root xxx
    10.12.16.9 root xxx
  • 相关阅读:
    665. Non-decreasing Array
    35. Search Insert Position
    CompositePattern(组合模式)-----Java/.Net
    BridgePattern(桥接模式)-----Java/.Net
    AdapterPattern(适配器模式)-----Java/.Net
    设计模式系列:原型模式(Prototype Pattern)
    设计模式系列:抽象工厂模式(Abstract Factory Pattern)
    设计模式系列:工厂方法模式(Factory Method Pattern)
    设计模式系列:简单工厂模式(Simple Factory Pattern)
    设计模式系列:单例模式(Singleton Pattern)
  • 原文地址:https://www.cnblogs.com/itzhao/p/14392858.html
Copyright © 2020-2023  润新知