type
Post
status
Published
slug
2018/10/27/1564656234672
summary
服务器日常运行状态报告脚本
tags
运维
工具
Linux
category
Linux
icon
password
new update day
Property
Oct 22, 2023 01:31 PM
created days
Last edited time
Oct 22, 2023 01:31 PM

服务器日常运行状态报告脚本

此脚本是在使用的 鸟哥 Linux 私房菜的 CentOs 7 的状态报告脚本

使用方法

$ sudo tar -zxvf logfile_centos7.tar.gz -C / # 没错就是解压到根目录 # 此脚本会在 `/etc/cron.d/` 新建 `vbirdlogfile` 文件 此文件的作用是添加定时任务 # 新建 `/root/bin/logfile` 目录 此目录是脚本执行环境

主脚本介绍

脚本的一些繁体字我翻译成简体中文了、具体每个步骤的作用你可以参考一下
#!/bin/bash # ########################################################################################## # YOU MUST KEYIN SOME PARAMETERS HERE!! # 底下的资料是您必須要填写的! email="youremail@example.com" # 这是你想将 logfile 邮寄的 email 地址 # 你也可以将这些资料寄给许多邮件地址,可以使用底下的格式: # email="root@localhost,yourID@hostname" # 每个 email 用逗号隔开,不要加空白鍵! basedir="/dev/shm/logfile/" # 这个是 logfile.sh 生成的 logfile_mail.txt 存放目录 funcdir="/root/bin/logfile" # 这个是 logfile.sh 这个脚本的存放目录 outputall="no" # 这个是『是否要將所有的登录档內容都印出來? # 对于一般新手來說,只要看汇整的资讯即可, # 所以这里选择 "no" ,如果想要知道所有的登陆讯息,则可以设定为 "yes" ########################################################################################## # 底下的资料看看就好,因为不需要更动,程式已经设计好了! # 如果您有其他的额外发现,可以进行进一步的修改喔! ^_^ export email basedir outputall funcdir [ ! -d $basedir ] && mkdir $basedir ########################################################################################## # 0. 设定一些基本的变数內容与检验 basedir 是否存在 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin #LANG=zh_TW.utf8 LANG=C export PATH LANG LANGUAGE LC_TIME localhostname=$(hostname) # 修改使用者邮件位址! temp=$(echo $email | cut -d '@' -f2) if [ "$temp" == "localhost" ]; then email=$(echo $email | cut -d '@' -f1)\\@"$localhostname" fi # 检测 awk 与 sed 与 egrep 等会使用到的程式 是否存在 errormesg="" programs="awk sed egrep ps cat cut tee netstat df uptime journalctl" for profile in $programs do which $profile > /dev/null 2>&1 if [ "$?" != "0" ]; then echo -e "您的系统并沒有包含 $profile 程式;(Your system do not have $profile )" errormesg="yes" fi done if [ "$errormesg" == "yes" ]; then echo "您的系统缺乏本程式执行所需要的系统执行档, $0 将停止作业" exit 1 fi # 测验暂存目录是否存在! temp=$(ps -aux 2> /dev/null | grep systemd-journal | grep -v grep) if [ "$temp" == "" ]; then echo -e "您的系统沒有启动 systemd-journald 这个 daemon ," echo -e "本程式主要针对 systemd-journald 产生的 logfile 來分析," echo -e "因此,沒有 systemd-journald 则本程式沒有执行之必要。" exit 0 fi # 測驗暫存目錄是否存在! if [ ! -d "$basedir" ]; then echo -e "$basedir 此目录并不存在,本程式 $0 无法进行工作!" exit 1 fi ########################################################################################## # 0.1 设定版本咨询,以及相关的 log files 內容表格! lastdate="2015-08-20" versions="Version 0.3" hosthome=$(hostname) logfile="$basedir/logfile_mail.txt" declare -i datenu=$(date +%k) if [ "$datenu" -le "6" ]; then date --date='1 day ago' +%b' '%e > "$basedir/dattime" date --date='1 day ago' +%Y-%m-%d > "$basedir/dattime2" else date +%b' '%e > "$basedir/dattime" date +%Y-%m-%d > "$basedir/dattime2" fi y="`cat $basedir/dattime`" y2="`cat $basedir/dattime2`" export lastdate hosthome logfile y # 0.1.1 secure file log=$(journalctl SYSLOG_FACILITY=4 SYSLOG_FACILITY=10 --since yesterday --until today | grep -v "^\\-\\-") if [ "$log" != "" ]; then journalctl SYSLOG_FACILITY=4 SYSLOG_FACILITY=10 --since yesterday --until today | grep -v "^\\-\\-" > "$basedir/securelog" fi # 0.1.2 maillog file log=$(journalctl SYSLOG_FACILITY=2 --since yesterday --until today | grep -v "^\\-\\-") if [ "$log" != "" ]; then journalctl SYSLOG_FACILITY=2 --since yesterday --until today | grep -v "^\\-\\-" > "$basedir/maillog" fi # 0.1.3 messages file journalctl SYSLOG_FACILITY=0 SYSLOG_FACILITY=1 SYSLOG_FACILITY=3 SYSLOG_FACILITY=5 \\ SYSLOG_FACILITY=6 SYSLOG_FACILITY=7 SYSLOG_FACILITY=8 SYSLOG_FACILITY=11 SYSLOG_FACILITY=16 \\ SYSLOG_FACILITY=17 SYSLOG_FACILITY=18 SYSLOG_FACILITY=19 SYSLOG_FACILITY=20 SYSLOG_FACILITY=21 \\ SYSLOG_FACILITY=22 SYSLOG_FACILITY=23 --since yesterday --until today | grep -v "^\\-\\-" > "$basedir/messageslog" touch "$basedir/securelog" touch "$basedir/maillog" touch "$basedir/messageslog" # The following lines are detecting your PC live? timeset1=`uptime | grep day` timeset2=`uptime | grep min` if [ "$timeset1" == "" ]; then if [ "$timeset2" == "" ]; then UPtime=`uptime | awk '{print $3}'` else UPtime=`uptime | awk '{print $3 " " $4}'` fi else if [ "$timeset2" == "" ]; then UPtime=`uptime | awk '{print $3 " " $4 " " $5}'` else UPtime=`uptime | awk '{print $3 " " $4 " " $5 " " $6}'` fi fi # 显示出本主机的 IP ! IPs=$(echo $(ifconfig | grep 'inet '| awk '{print $2}' | grep -v '127.0.0.')) ########################################################################################## # 1. 建立欢迎页面通知,以及系統的资料整理! echo "" > $logfile /sbin/restorecon -Rv $logfile echo "=============== system summary =================================" >> $logfile echo "Linux kernel : $(cat /proc/version | \\ awk '{print $1 " " $2 " " $3 " " $4}')" >> $logfile echo "CPU informatin: $(cat /proc/cpuinfo |grep 'model name' | sed 's/model name.*://' | \\ uniq -c | sed 's/[[:space:]][[:space:]]*/ /g')" >> $logfile echo "CPU speed : $( cat /proc/cpuinfo | grep "cpu MHz" | \\ sort | tail -n 1 | cut -d ':' -f2-) MHz" >> $logfile echo "hostname is : $(hostname)" >> $logfile echo "Network IP : ${IPs}" >> $logfile echo "Check time : $(date +%Y/%B/%d' '%H:%M:%S' '\\(' '%A' '\\))" >> $logfile echo "Summary date : $(cat $basedir/dattime)" >> $logfile echo "Up times : $(echo $UPtime)" >> $logfile echo "Filesystem summary: " >> $logfile df -Th | sed 's/^/ /' >> $logfile if [ -x /opt/MegaRAID/MegaCli/MegaCli64 ]; then cd /root echo >> $logfile echo "Test the RAID card Volumes informations:" >> $logfile /opt/MegaRAID/MegaCli/MegaCli64 -LDInfo -LALL -aAll | \\ grep -E '^Name|^Size|^State' >> $logfile echo >> $logfile echo "Test RAID devices" >> $logfile /opt/MegaRAID/MegaCli/MegaCli64 -PDList -aAll | \\ grep -E '^Firmware|^Slot|^Media Error|^Other Error' >> $logfile cd - fi echo " " >> $logfile echo " " >> $logfile # 1.1 Port 分析 if [ -f $funcdir/function/ports ]; then source $funcdir/function/ports fi ########################################################################################## # 2 开始测试需要进行的模组! # 2.1 测试 ssh 是否存在? input=`cat $basedir/netstat.tcp.output |egrep '(22|sshd)'` if [ "$input" != "" ]; then source $funcdir/function/ssh funcssh echo " " >> $logfile fi # 2.2 测试 FTP 的玩意儿~ input=`cat $basedir/netstat.tcp.output |egrep '(21|ftp)'` if [ "$input" != "" ]; then if [ -f /etc/ftpaccess ]; then source $funcdir/function/wuftp funcwuftp fi proftppro=`which proftpd 2> /dev/null` if [ "$proftppro" != "" ]; then source $funcdir/function/proftp funcproftp fi fi # 2.3 pop3 测试 input=`cat $basedir/netstat.tcp.output | grep 110` if [ "$input" != "" ]; then dovecot=`cat $basedir/netstat.tcp.output | grep dovecot` if [ "$dovecot" != "" ]; then source $funcdir/function/dovecot funcdovecot echo " " >> $logfile else source $funcdir/function/pop3 funcpop3 echo " " >> $logfile fi fi # 2.4 Mail 测试 input=`cat $basedir/netstat.tcp.output $basedir/netstat.tcp.local 2> /dev/null |grep 25` if [ "$input" != "" ]; then postfixtest=`netstat -tlnp 2> /dev/null |grep ':25'|grep master` #sendmailtest=`ps -aux 2> /dev/null |grep sendmail| grep -v 'grep'` if [ "$postfixtest" != "" ] ; then source $funcdir/function/postfix funcpost else source $funcdir/function/sendmail funcsendmail fi procmail=`/bin/ls /var/log| grep procmail| head -n 1` if [ "$procmail" != "" ] ; then source $funcdir/function/procmail funcprocmail fi openwebmail=`ls /var/log | grep openwebmail | head -n 1` if [ "$openwebmail" != "" ]; then source $funcdir/function/openwebmail funcopenwebmail fi fi # 2.5 samba 测试 input=`cat $basedir/netstat.tcp.output 2> /dev/null |grep 139|grep smbd` if [ "$input" != "" ]; then source $funcdir/function/samba funcsamba fi ##################################################################### # 10. 全部的资讯列出給人瞧一瞧! if [ "$outputall" == "yes" ] || [ "$outputall" == "YES" ] ; then echo " " >> $logfile echo "================= 全部的登录日志归档 =======================" >> $logfile echo "1. 重要的登录记录档 ( Secure file )" >> $logfile echo " 说明:已经取消了 pop3 的资讯!" >> $logfile grep -v 'pop3' $basedir/securelog >> $logfile echo " " >> $logfile echo "2. 使用 last 这个指令输出的结果" >> $logfile last -20 >> $logfile echo " " >> $logfile echo "3. 将特重要的 /var/log/messages 列出來瞧一瞧!" >> $logfile cat $basedir/messageslog >> $logfile echo " " >> $logfile if [ -f /var/log/knockd.log ]; then echo "4. 开始分析 knockd 这个服务的相关资料" >> $logfile echo "4.1 正常登入主机的指令运作" >> $logfile grep "$y2" /var/log/knockd.log | grep 'iptables' >> $logfile echo "" echo "4.2 因为某些原因,导致无法登入的 IP 与状态!" >> $logfile grep "$y2" /var/log/knockd.log | grep 'sequence timeout' >> $logfile fi fi # At last! we send this mail to you! export LANG=zh_TW.utf8 export LC_ALL=zh_TW.utf8 if [ -x /usr/bin/uuencode ]; then uuencode $logfile logfile.html | mail -s "$hosthome logfile analysis results" $email else mail -s "$hosthome logfile analysis results" $email < $logfile fi
 
欢迎加入喵星计算机技术研究院,原创技术文章第一时间推送。
notion image
 
服务器备份脚本---每天运行版本Git 常用命令