```文件名为:check_command.sh
#!/bin/bash
#
#检查是否为root权限,否则退出
[ $(id -u) -gt 0 ] && echo "please used the root or sudo " && exit 1
#设置参数
main_ipaddr=$1 #日志上传服务器IP
main_passwd=$2 #日志上传服务器密码
main_log_path="/tmp/checklog_directory" #日志上传路径
local_log_path="/tmp/local_serverlog_directory" #本地日志存储路径
LogName=`ifconfig | grep "inet"|sed '2,4d' |awk -F" " '{print $2}' ``echo "-"``date +%y%m%d%H%M%S` #构造日志名称
#获取系统信息
function get_status(){
echo -e "#系统基础信息:"
OS=` head -n 1 /etc/centos-release ` #系统版本
Kernel=` uname -r ` #系统内核
Hostname=` hostname ` #主机名称
Default_lang=` echo $LANG ` #默认语言
Time=$(date +'%Y-%m-%d %H:%M:%S') #当前时间
Logintime=$(who -b |awk '{print $3,$4}') #此用户登录时间
Uptime=$(uptime|awk '{print $3}'|awk -F "," '{print $1}') #系统已运行时间
Ipaddr=$(ifconfig |grep 'inet ' |awk {'print$2'}|grep -v '127.0.0.1') #IP地址
Netmask=$(ifconfig|grep "inet"|sed '2,4d'|awk -F " " '{print $4}') #掩码
cpu_info=$(cat /proc/cpuinfo|grep "name"|cut -d: -f2|awk '{print "*"$1,$2,$3,$4}'|uniq -c|sed 's/^[ ]*//g') #CPU信息
cpu_type=$(grep 'model name' /proc/cpuinfo | uniq | awk -F":" '{print $2}') #CPU型号
cpu_arch=$(uname -m) #CPU架构
cpu_number_physical=$(grep 'physical id' /proc/cpuinfo | sort | uniq | wc -l) #物理CPU数
cpu_number_vir=$(grep 'processor' /proc/cpuinfo | wc -l) #逻辑CPU数
cpu_cores=$(grep 'cores' /proc/cpuinfo | uniq | awk -F":" '{print $NF}' ) #每CPU核心数
Sigle_memory_capacity=$(dmidecode|grep -P -A5 "Memorys+Device"|grep "Size"|grep -v "Range"|grep '[0-9]'|awk -F ":" '{print $2}'|sed 's/^[ ]*//g') #单内存容量
Maximum_memory_capacity=$(dmidecode -t 16|grep "Maximum Capacity"|awk -F ":" '{print $2}'|sed 's/^[ ]*//g') #最大存储容量
Number_of_memory_slots=$(dmidecode -t 16|grep "Number Of Devices"|awk -F ":" '{print $2}'|sed 's/^[ ]*//g') #内存卡槽数
Memory_total=$(cat /proc/meminfo|grep "MemTotal"|awk '{printf("MemTotal:%1.0fGB
",$2/1024/1024)}'|awk -F ":" '{print $2}') #理论总内存
Product_name=$(dmidecode|grep -A10 "System Information"|grep "Product Name"|awk -F ":" '{print $2}'|sed 's/^[ ]*//g') #内存品牌
Process_numbers=$(top -d 2 -n 1 -b|grep "Tasks" |awk -F':' '{print $2}'|awk -F" " '{print $1}') #总进程数
Process_running=$(top -d 2 -n 1 -b|grep "Tasks"|awk -F "[: ,]" '{print $8}') #活跃进程数
Process_sleeping=$(top -d 2 -n 1 -b|grep "Tasks"|awk -F "[: ,]" '{print $11}') #睡眠进程数
Process_stoping=$(top -d 2 -n 1 -b|grep "Tasks"|awk -F "[: ,]" '{print $16}') #停止进程数
Process_zombie=$(top -d 2 -n 1 -b|grep "Tasks"|awk -F "[: ,]" '{print $21}') #僵尸进程数
cpu_load=$(uptime | awk '{for(i=6;i<=NF;i++) printf $i""FS;print ""}') #系统负载
cpu_load_number=$(uptime | awk -F"load average:" '{print $2}' | awk -F"," '{print $1}' | awk -F"." '{print $1}' |sed 's/^[ ]*//g') #获取近1分钟占用CPU内核数
cpu_user_space=$(top -d 2 -n 1 -b|grep 'C[Pp][Uu]'|head -1|awk -F "[:,]" '{print $2}'|awk -F" " '{print $1}') #用户空间占用CPU的百分比
cpu_system_space=$(top -d 2 -n 1 -b|grep 'C[Pp][Uu]'|head -1|awk -F "[:,]" '{print $3}'|awk -F" " '{print $1}') #内核空间占用CPU的百分比
cpu_idle=$(top -d 2 -n 1 -b|grep C[Pp][Uu]|grep id|awk -F"," '{print $4}'|awk -F" " '{print $1}') #空闲CPU
cpu_wait=$(top -d 2 -n 1 -b|grep 'C[Pp][Uu]'|head -1|awk -F "[:,]" '{print $6}'|awk -F" " '{print $1}') #等待占用CPU的百分比
Pem_totle_m=$(free -m |grep "Mem" |awk -F" " '{print $2"M"}') #实际总物理内存M
Mem_free_m=$(free -m |grep "Mem" |awk -F" " '{print $4"M"}') #实际可用内存M
Mem_used=$(top -d 2 -n 1 -b|grep "Mem"|head -1|sed 's/[:,]/ /g'|awk -F" " '{print $7}'|awk '{printf("%dM
",$1/1024)}') #用户缓存容量
Mem_free=$( top -d 2 -n 1 -b|grep "Mem"|head -1|sed 's/[:,]/ /g'|awk -F" " '{print $5}'|awk '{printf("%dM
",$1/1024)}') #空闲缓存容量
Mem_buffer=$(top -d 2 -n 1 -b|grep "Mem"|head -1|sed 's/[:,]/ /g'|awk -F" " '{print $9}'|awk '{printf("%dM
",$1/1024)}') #缓冲缓存容量
Swap_total=$(top -d 2 -n 1 -b|grep "Swap"|awk -F" " '{print $3}'|awk '{printf("%dM
",$1/1024)}') #交换分区总容量
Swap_free=$(top -d 2 -n 1 -b|grep "Swap"|awk -F" " '{print $5}'|awk '{printf("%dM
",$1/1024)}') #交换分区空闲容量
Swap_used=$(top -d 2 -n 1 -b|grep "Swap"|awk -F" " '{print $7}'|awk '{printf("%dM
",$1/1024)}') #交换分区占用容量
Swap_avail=$(top -d 2 -n 1 -b|grep "Swap"|awk -F" " '{print $9}'|awk '{printf("%dM
",$1/1024)}') #交换分区可用容量
rx_pck=$(sar -n DEV 1 1 |sed '1,4d'|sed '2,$d'|awk -F" " '{print $3}') #网卡1每秒接收数据包数
tx_pck=$(sar -n DEV 1 1 |sed '1,4d'|sed '2,$d'|awk -F" " '{print $4}') #网卡1每秒发送数据包数
rx_kB=$(sar -n DEV 1 1 |sed '1,4d'|sed '2,$d'|awk -F" " '{print $5}') #网卡1每秒接收字节数
tx_kB=$(sar -n DEV 1 1 |sed '1,4d'|sed '2,$d'|awk -F" " '{print $6}') #网卡1每秒发送字节数
echo -e "系统版本|$OS
系统内核|$Kernel
主机名称|$Hostname
默认语言|$Default_lang
当前时间|$Time
此用户登录时间|$Logintime
系统已运行时间|$Uptime
IP地址|$Ipaddr
掩码|$Netmask
CPU信息|$cpu_info
CPU型号|$cpu_type
CPU架构|$cpu_arch
物理CPU数|$cpu_number_physical
逻辑CPU数|$cpu_number_vir
每CPU核心数|$cpu_cores
单内存容量|$Sigle_memory_capacity
最大存储容量|$Maximum_memory_capacity
内存卡槽数|$Number_of_memory_slots
理论总内存|$Memory_total
内存品牌|$Product_name
总进程数|$Process_numbers
活跃进程数|$Process_running
睡眠进程数|$Process_sleeping
停止进程数|$Process_stoping
僵尸进程数|$Process_zombie
系统负载|$cpu_load
获取近1分钟占用CPU内核数|$cpu_load_number
用户空间占用CPU的百分比|$cpu_user_space
内核空间占用CPU的百分比|$cpu_system_space
空闲CPU|$cpu_idle
等待占用CPU的百分比|$cpu_wait
实际总物理内存M|$Pem_totle_m
实际可用内存M|$Mem_free_m
用户缓存容量|$Mem_used
空闲缓存容量|$Mem_free
缓冲缓存容量|$Mem_buffer
交换分区总容量|$Swap_total
交换分区空闲容量|$Swap_free
交换分区占用容量|$Swap_used
交换分区可用容量|$Swap_avail
网卡1每秒接收数据包数|$rx_pck
网卡1每秒发送数据包数|$tx_pck
网卡1每秒接收字节数|$rx_kB
网卡1每秒发送字节数|$tx_kB"
}
#获取磁盘状态信息
function get_disk_status(){
echo -e "#磁盘使用情况:"
IFS="
"
for i in ` df -iP | sed 1d | awk '{print $(NF-1)" "$NF" "$(NF-2)}'`;do
DISK_UTILIZ=$( echo $i |awk '{print $1}') #利用率
MOUNT_DISK=$(echo $i |awk '{print $2}') #挂载点
DISK_FREE=$(echo $i |awk '{print $3}') #分区大小
if [[ $(echo $MOUNT_DISK | sed s/%//g) -gt 70 ]];then
echo "异常""("$MOUNT_DISK"使用率为"$DISK_UTILIZ",超过70%)"
else
continue
fi
done
df -hP |sed 1d |awk '{print $NF" ""分区"" ""剩余空间"" "$(NF-2),"使用率"" "$(NF-1)}'
}
#获取CPU状态
function get_cup_status(){
echo -e "#CPU状态"
cpu_number=$(cat /proc/cpuinfo |grep name |cut -d: -f2 |uniq -c |awk '{print $1}') #提取CPU核数
cpu_load_number=$(uptime | awk -F"load average:" '{print $2}' | awk -F"," '{print $1}' | awk -F"." '{print $1}' |sed 's/^[ ]*//g') #获取近1分钟占用CPU内核数
if [[ $cpu_load_number -lt $cpu_number ]];then
CPU_STATUS=正常
else
CPU_STATUS=异常
fi
}
#获取内存状态
function get_memory_status(){
echo -e "#内存状态:"
MEM_TOTLE=$(free -m |grep "Mem" |awk -F" " '{print $2}') #总物理内存
MEM_FREE=$(free -m |grep "Mem" |awk -F" " '{print $4}') #可用内存
MEM_TOTLE_M=$(free -m |grep "Mem" |awk -F" " '{print $2"M"}') #总物理内存M
MEM_FREE_M=$(free -m |grep "Mem" |awk -F" " '{print $4"M"}') #可用内存M
MEM_USED=$(echo $(($MEM_TOTLE-$MEM_FREE))) #总占用内存
PERCENT=$(printf "%d%%" $(($MEM_USED*100/$MEM_TOTLE))) #内存占用率
PERCENT_N=$(echo $PERCENT|sed s/%//g) #内存占用率数值
if [[ $PERCENT_N -lt 80 ]];then
MEM_STATUS=正常
else
MEM_STATUS=异常
fi
echo -e "$MEM_STATUS
"总内存大小:"$MEM_TOTLE_M,"剩余内存大小:"$MEM_FREE_M,"内存使用率"$PERCENT"
}
#检测是否存在暴力破解密码
function get_ssh_deny(){
echo -e "#是否存在暴力破解密码:"
SYSTEM_TYPE=$(head -n 1 /etc/os-release |awk -F"=" '{print $2}'|awk -F" " '{print $1}'|sed 's/"//g') #获取系统类型
if [[ $SYSTEM_TYPE = 'CentOS' ]];then
SSH_SUM=$(cat /var/log/secure |grep "authentication failure" |wc -l)
SSH_DIY=10
if [[ $SSH_SUM -gt $SSH_DIY ]];then
echo ""请注意,密码尝试次数为"$SSH_SUM"
else
echo "正常"
fi
else
echo "系统类型不支持"
fi
}
#检查开机自启任务
function get_auto_start_status() {
echo -e "#开机自启任务"
conf=$(grep -v "^#" /etc/rc.d/rc.local | sed '/^$/d')
echo "$conf"
}
#检查可登陆用户与无密码的用户
function get_user(){
echo -e "#可登陆用户与无密码的用户:"
/usr/bin/w #当前在线用户信息
user=$(cat /etc/passwd|awk -F":" '$7 ~"/bin/bash"{print $1}') #可登陆用户
echo -e "可登陆用户:
$user"
echo "未设置密码用户:"
for i in $user ;do
cat /etc/shadow|grep $i|awk -F":" '$2 ~"!!"{print $1,$2}' #未设置密码的用户
done
}
#检查计划任务
function get_corn(){
echo -e "#计划任务:"
user=` cat /etc/passwd |awk -F":" '$7 ~"/bin/bash"{print $1}' ` #获取用户列表
for cronuser in $user;do
crontab -l -u $cronuser > /dev/null 2>&1
if [ $? -eq 0 ];then
echo "$cronuser"
echo "######"
crontab -l -u $cronuser | grep -vE "^#|^$"
echo "######"
else
echo "用户$cronuser不存在计划任务"
fi
done
}
#检查进程状态
function get_process(){
echo -e "#是否存在僵尸进程:"
if [[ $(ps -aux | grep Zs |grep -v grep | wc -l ) -ge 1 ]];then #检查僵尸进程是否存在
echo "存在僵尸进程"
ps -aux |grep Zs |grep -v grep #输出僵尸进程信息
else
echo "不存在僵尸进程"
fi
echo -e "内存占用率TOP10进行列表:"
ps aux | awk '{print $2, $4, $6, $11}' | sort -k3rn | head -n 10 #获取内存占用率TOP10进行列表
echo -e "CPU利用率TOP10进行列表:"
top b -n1 | head -17 | tail -11 #获取CPU利用率TOP10进行列表
}
#获取系统巡检信息并写入本地巡检日志
function check_gather_log(){
if [ ! -x "$local_log_path" ];then #判断本地日志存储路径是否存在
mkdir "$local_log_path" #创建本地日志存储路径
fi
if [ -f "$local_log_path/$LogName.log" ];then #判断日志文件是否存在
rm -rf $local_log_path/$LogName.log #删除已存在日志文件
fi
touch $local_log_path/$LogName.log #创建日志文件
get_status>>$local_log_path/$LogName.log #调用对应方法并将巡检结果写入日志文件
get_disk_status>>$local_log_path/$LogName.log
get_cup_status>>$local_log_path/$LogName.log
get_memory_status>>$local_log_path/$LogName.log
get_ssh_deny>>$local_log_path/$LogName.log
get_auto_start_status>>$local_log_path/$LogName.log
get_user>>$local_log_path/$LogName.log
get_corn>>$local_log_path/$LogName.log
get_process>>$local_log_path/$LogName.log
}
#执行巡检
check_gather_log
#执行日志回传
scp_log_to_main_server="scp $local_log_path/$LogName.log root@$main_ipaddr:$main_log_path"
#调用Expect工具辅助日志回传的密码验证过程
/usr/bin/expect<<EOF
set timeout 20
spawn $scp_log_to_main_server
expect {
"*yes/no)?"
{
send "yes
"
"*password:*" {send "main_passwd
"}
}
"*password:"
{
send "$main_passwd
"
}
}
expect "*password:" { send "$main_passwd
" }
expect "100%"
expect eof
EOF
4.2、脚本准备
设置文件可执行权限:chmod +x check_command.sh
复制文件至目标路径:cp check_command.sh /tmp/check_script/
image.png
image.png
5、下发脚本实现
5.1、在目标服务器上创建脚本存储路径
文件名:check_expect_mkdir.sh
#!/usr/bin/expect
set timeout 30
set server_ip [lindex $argv 0]
set server_passwd [lindex $argv 1]
set CheckScriptPath [lindex $argv 2]
spawn ssh -o StrictHostKeyChecking=no root@$server_ip
expect {
"*yes/no)?"
{
send "yes
"
"*password:*" {send "server_passwd
"}
}
"*password:*"
{
send "$server_passwd
"
}
}
expect "*password:*" { send "$server_passwd
" }
expect "*#" { send "mkdir $CheckScriptPath
"}
expect eof
exit
5.2、将巡检脚本下发至目标服务器
文件名:check_expect_upload.sh
#!/usr/bin/expect
set timeout 30
set server_ip [lindex $argv 0]
set server_passwd [lindex $argv 1]
set check_script_path [lindex $argv 2]
spawn scp $check_script_path/check_command.sh root@$server_ip:$check_script_path
expect {
"*yes/no)?"
{
send "yes
"
"*password:*" {send "server_passwd
"}
}
"*password:*"
{
send "$server_passwd
"
}
}
expect "*password:*" { send "$server_passwd
" }
expect "100%"
expect eof
exit
5.3、在目标服务器上执行巡检脚本
文件名:check_expect_do.sh
#!/usr/bin/expect
set timeout 20
set server_ip [lindex $argv 0]
set server_passwd [lindex $argv 1]
set check_script_path [lindex $argv 2]
set main_ipaddr [lindex $argv 3]
set main_passwd [lindex $argv 4]
spawn ssh -o StrictHostKeyChecking=no root@$server_ip
expect {
"*yes/no)?"
{
send "yes
"
"*password:*" {send "server_passwd
"}
}
"*password:"
{
send "$server_passwd
"
}
}
expect "*password:" { send "$server_passwd
" }
expect "*#" { send "cd $check_script_path;./check_command.sh $main_ipaddr $main_passwd
" }
expect eof
exit
5.4、控制脚本下发与执行
文件名:check_ctrl2.sh
#!/bin/bash
#
#加载参数
login_info=$1 #参数1,待巡检服务器文件
main_ipaddr=$2 #参数2,日志上传目标服务器IP地址
main_passwd=$3 #参数3,日志上传目标服务器登陆密码
main_log_path="/tmp/checklog_directory" #日志上传目标服务器日志存储路径
check_script_path="/tmp/check_script" #巡检脚本文件存储路径
#检测参数数量,如果参数数量异常则输出提示
if [ $# -ne 3 ];then
echo -e "parameters if fault!
"
exit;
fi
#解析登陆列表
cat $login_info |while read line
do
server_ip=` echo $line |awk '{print $1}' ` #读取目标服务器IP
server_passwd=` echo $line |awk '{print $2}' ` #读取目标服务器密码
echo -e "
######当前服务器:$server_ip######
"
./check_expect_mkdir.sh $server_ip $server_passwd $check_script_path #创建脚本存储路径
./check_expect_upload.sh $server_ip $server_passwd $check_script_path #下发测试脚本
./check_expect_do.sh $server_ip $server_passwd $check_script_path $main_ipaddr $main_passwd #执行巡检脚本
done
6、测试执行
脚本执行:./check_ctrl2.sh server_info_file.txt 192.168.52.3 123456
image.png
image.png
执行结果:
image.png
日志内容:
image.png