「运维工程师」看懂巡检报告 运维巡检表
liebian365 2024-10-17 14:05 27 浏览 0 评论
【运维工程师】看懂巡检报告
#!/bin/bash
# @Author: HanWei
# @Date: 2020- 03- 1609: 56: 57
# @LastModified by: HanWei
# @LastModified time: 2020- 03- 1611: 06: 31
# @E-mail: han_wei_95@ 163.com
#!/bin/bash
#主机信息每日巡检
IPADDR=$(ifconfig eth0|grep 'inet addr'|awk -F '[ :]''{print $13}')
#环境变量PATH没设好,在cron里执行时有很多命令会找不到
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
source /etc/profile
[ $(id -u) -gt 0] && echo "请用root用户执行此脚本!"&& exit 1
centosVersion=$(awk '{print $(NF-1)}'/etc/redhat-release)
VERSION= "2020-03-16"
#日志相关
PROGPATH=`echo $ 0| sed -e 's,[\\/][^\\/][^\\/]*$,,'`
[ -f $PROGPATH ] && PROGPATH= "."
LOGPATH= "$PROGPATH/log"
[ -e $LOGPATH ] || mkdir $LOGPATH
RESULTFILE= "$LOGPATH/HostDailyCheck-$IPADDR-`date +%Y%m%d`.txt"
#定义报表的全局变量
report_DateTime= ""#日期 ok
report_Hostname= ""#主机名 ok
report_OSRelease= ""#发行版本 ok
report_Kernel= ""#内核 ok
report_Language= ""#语言/编码 ok
report_LastReboot= ""#最近启动时间 ok
report_Uptime= ""#运行时间(天) ok
report_CPUs= ""#CPU数量 ok
report_CPUType= ""#CPU类型 ok
report_Arch= ""#CPU架构 ok
report_MemTotal= ""#内存总容量(MB) ok
report_MemFree= ""#内存剩余(MB) ok
report_MemUsedPercent= ""#内存使用率% ok
report_DiskTotal= ""#硬盘总容量(GB) ok
report_DiskFree= ""#硬盘剩余(GB) ok
report_DiskUsedPercent= ""#硬盘使用率% ok
report_InodeTotal= ""#Inode总量 ok
report_InodeFree= ""#Inode剩余 ok
report_InodeUsedPercent= ""#Inode使用率 ok
report_IP= ""#IP地址 ok
report_MAC= ""#MAC地址 ok
report_Gateway= ""#默认网关 ok
report_DNS= ""#DNS ok
report_Listen= ""#监听 ok
report_Selinux= ""#Selinux ok
report_Firewall= ""#防火墙 ok
report_USERs= ""#用户 ok
report_USEREmptyPassword= ""#空密码用户 ok
report_USERTheSameUID= ""#相同ID的用户 ok
report_PasswordExpiry= ""#密码过期(天) ok
report_RootUser= ""#root用户 ok
report_Sudoers= ""#sudo授权 ok
report_SSHAuthorized= ""#SSH信任主机 ok
report_SSHDProtocolVersion= ""#SSH协议版本 ok
report_SSHDPermitRootLogin= ""#允许root远程登录 ok
report_DefunctProsess= ""#僵尸进程数量 ok
report_SelfInitiatedService= ""#自启动服务数量 ok
report_SelfInitiatedProgram= ""#自启动程序数量 ok
report_RuningService= ""#运行中服务数 ok
report_Crontab= ""#计划任务数 ok
report_Syslog= ""#日志服务 ok
report_SNMP= ""#SNMP OK
report_NTP= ""#NTP ok
report_JDK= ""#JDK版本 ok
function version{
echo ""
echo ""
echo "系统巡检脚本:Version $VERSION"
}
function getCpuStatus{
echo ""
echo ""
echo "############################ CPU检查 #############################"
Physical_CPUs=$(grep "physical id"/proc/cpuinfo| sort | uniq | wc -l)
Virt_CPUs=$(grep "processor"/proc/cpuinfo | wc -l)
CPU_Kernels=$(grep "cores"/proc/cpuinfo|uniq| awk -F ': ''{print $2}')
CPU_Type=$(grep "model name"/proc/cpuinfo | awk -F ': ''{print $2}'| sort | uniq)
CPU_Arch=$(uname -m)
echo "物理CPU个数:$Physical_CPUs"
echo "逻辑CPU个数:$Virt_CPUs"
echo "每CPU核心数:$CPU_Kernels"
echo " CPU型号:$CPU_Type"
echo " CPU架构:$CPU_Arch"
#报表信息
report_CPUs=$Virt_CPUs #CPU数量
report_CPUType=$CPU_Type #CPU类型
report_Arch=$CPU_Arch #CPU架构
}
function getMemStatus{
echo ""
echo ""
echo "############################ 内存检查 ############################"
if[[ $centosVersion < 7]];then
free -mo
else
free -h
fi
#报表信息
MemTotal=$(grep MemTotal /proc/meminfo| awk '{print $2}') #KB
MemFree=$(grep MemFree /proc/meminfo| awk '{print $2}') #KB
let MemUsed=MemTotal-MemFree
MemPercent=$(awk "BEGIN {if($MemTotal==0){printf 100}else{printf \"%.2f\",$MemUsed*100/$MemTotal}}")
report_MemTotal= "$((MemTotal/1024))""MB"#内存总容量(MB)
report_MemFree= "$((MemFree/1024))""MB"#内存剩余(MB)
report_MemUsedPercent= "$(awk "BEGIN { if($MemTotal== 0){printf 100} else{printf \ "%.2f\",$MemUsed*100/$MemTotal}}") ""% " #内存使用率%
}
function getDiskStatus{
echo ""
echo ""
echo " ############################ 磁盘检查 ############################ "
df -hiP | sed 's/Mounted on/Mounted/'> /tmp/inode
df -hTP | sed 's/Mounted on/Mounted/'> /tmp/disk
join /tmp/disk /tmp/inode | awk '{print $1,$2," | ",$3,$4,$5,$6,"| ",$8,$9,$10,$11,"| ",$12}'| column -t
#报表信息
diskdata=$(df -TP | sed '1d' | awk '$2!=" tmpfs "{print}') #KB
disktotal=$(echo " $diskdata " | awk '{total+=$3}END{print total}') #KB
diskused=$(echo " $diskdata " | awk '{total+=$4}END{print total}') #KB
diskfree=$((disktotal-diskused)) #KB
diskusedpercent=$(echo $disktotal $diskused | awk '{if($1==0){printf 100}else{printf " %. 2f",$2*100/$1}}')
inodedata=$(df -iTP | sed '1d' | awk '$2!=" tmpfs "{print}')
inodetotal=$(echo " $inodedata " | awk '{total+=$3}END{print total}')
inodeused=$(echo " $inodedata " | awk '{total+=$4}END{print total}')
inodefree=$((inodetotal-inodeused))
inodeusedpercent=$(echo $inodetotal $inodeused | awk '{if($1==0){printf 100}else{printf " %. 2f",$2*100/$1}}')
report_DiskTotal=$((disktotal/1024/1024))" GB " #硬盘总容量(GB)
report_DiskFree=$((diskfree/1024/1024))" GB " #硬盘剩余(GB)
report_DiskUsedPercent=" $diskusedpercent ""% " #硬盘使用率%
report_InodeTotal=$((inodetotal/1000))" K " #Inode总量
report_InodeFree=$((inodefree/1000))" K " #Inode剩余
report_InodeUsedPercent=" $inodeusedpercent ""% " #Inode使用率%
}
function getSystemStatus{
echo ""
echo ""
echo " ############################ 系统检查 ############################ "
if [ -e /etc/sysconfig/i18n ];then
default_LANG=" $(grep "LANG="/etc/sysconfig/i18n | grep -v "^#"| awk -F '"''{print $2}') "
else
default_LANG=$LANG
fi
export LANG=" en_US.UTF- 8"
Release=$(cat /etc/redhat-release 2>/dev/null)
Kernel=$(uname -r)
OS=$(uname -o)
Hostname=$(uname -n)
SELinux=$(/usr/sbin/sestatus | grep " SELinux status: " | awk '{print $3}')
LastReboot=$(who -b | awk '{print $3,$4}')
uptime=$(uptime | sed 's/.*up \([^,]*\), .*/\1/')
echo " 系统:$OS "
echo " 发行版本:$Release "
echo " 内核:$Kernel "
echo " 主机名:$Hostname "
echo " SELinux:$SELinux "
echo " 语言/编码:$default_LANG "
echo " 当前时间:$(date + '%F %T') "
echo " 最后启动:$LastReboot "
echo " 运行时间:$uptime "
#报表信息
report_DateTime=$(date +" %F %T ") #日期
report_Hostname=" $Hostname " #主机名
report_OSRelease=" $Release " #发行版本
report_Kernel=" $Kernel " #内核
report_Language=" $default_LANG " #语言/编码
report_LastReboot=" $LastReboot " #最近启动时间
report_Uptime=" $uptime " #运行时间(天)
report_Selinux=" $SELinux "
export LANG=" $default_LANG "
}
function getServiceStatus{
echo ""
echo ""
echo " ############################ 服务检查 ############################ "
echo ""
if [[ $centosVersion > 7 ]];then
conf=$(systemctl list-unit-files --type=service --state=enabled --no-pager | grep " enabled ")
process=$(systemctl list-units --type=service --state=running --no-pager | grep " .service ")
#报表信息
report_SelfInitiatedService=" $(echo "$conf"| wc -l) " #自启动服务数量
report_RuningService=" $(echo "$process"| wc -l) " #运行中服务数量
else
conf=$(/sbin/chkconfig | grep -E " :on|:启用 ")
process=$(/sbin/service --status-all 2>/dev/null | grep -E " is running|正在运行 ")
#报表信息
report_SelfInitiatedService=" $(echo "$conf"| wc -l) " #自启动服务数量
report_RuningService=" $(echo "$process"| wc -l) " #运行中服务数量
fi
echo " 服务配置 "
echo " -------- "
echo " $conf " | column -t
echo ""
echo " 正在运行的服务 "
echo " -------------- "
echo " $process "
}
function getAutoStartStatus{
echo ""
echo ""
echo " ############################ 自启动检查 ########################## "
conf=$(grep -v " ^# " /etc/rc.d/rc.local| sed '/^$/d')
echo " $conf "
#报表信息
report_SelfInitiatedProgram=" $(echo $conf | wc -l) " #自启动程序数量
}
function getLoginStatus{
echo ""
echo ""
echo " ############################ 登录检查 ############################ "
last | head
}
function getNetworkStatus{
echo ""
echo ""
echo " ############################ 网络检查 ############################ "
if [[ $centosVersion < 7 ]];then
/sbin/ifconfig -a | grep -v packets | grep -v collisions | grep -v inet6
else
#ip a
for i in $(ip link | grep BROADCAST | awk -F: '{print $2}');do ip add show $i | grep -E " BROADCAST|global "| awk '{print $2}' | tr '\n' ' ' ;echo "" ;done
fi
GATEWAY=$(ip route | grep default | awk '{print $3}')
DNS=$(grep nameserver /etc/resolv.conf| grep -v " # " | awk '{print $2}' | tr '\n' ',' | sed 's/,$//')
echo ""
echo " 网关:$GATEWAY "
echo " DNS:$DNS "
#报表信息
IP=$(ip -f inet addr | grep -v 127.0.0.1 | grep inet | awk '{print $NF,$2}' | tr '\n' ',' | sed 's/,$//')
MAC=$(ip link | grep -v " LOOPBACK\|loopback " | awk '{print $2}' | sed 'N;s/\n//' | tr '\n' ',' | sed 's/,$//')
report_IP=" $IP " #IP地址
report_MAC=$MAC #MAC地址
report_Gateway=" $GATEWAY " #默认网关
report_DNS=" $DNS " #DNS
}
function getListenStatus{
echo ""
echo ""
echo " ############################ 监听检查 ############################ "
TCPListen=$(ss -ntul | column -t)
echo " $TCPListen "
#报表信息
report_Listen=" $(echo "$TCPListen"| sed '1d'| awk '/tcp/ {print $5}'| awk -F: '{print $NF}'| sort | uniq | wc -l) "
}
function getCronStatus{
echo ""
echo ""
echo " ############################ 计划任务检查 ######################## "
Crontab=0
for shell in $(grep -v " /sbin/nologin " /etc/shells);do
for user in $(grep " $shell " /etc/passwd| awk -F: '{print $1}');do
crontab -l -u $user >/dev/null 2>&1
status=$?
if [ $status -eq 0 ];then
echo " $user "
echo " -------- "
crontab -l -u $user
let Crontab=Crontab+$(crontab -l -u $user | wc -l)
echo ""
fi
done
done
#计划任务
find /etc/cron* -type f | xargs -i ls -l {} | column -t
let Crontab=Crontab+$(find /etc/cron* -type f | wc -l)
#报表信息
report_Crontab=" $Crontab " #计划任务数
}
function getHowLongAgo{
# 计算一个时间戳离现在有多久了
datetime=" $* "
[ -z " $datetime " ] && echo "错误的参数:getHowLongAgo $* "
Timestamp=$(date +%s -d " $datetime ") #转化为时间戳
Now_Timestamp=$(date +%s)
Difference_Timestamp=$(($Now_Timestamp-$Timestamp))
days=0;hours=0;minutes=0;
sec_in_day=$((60*60*24));
sec_in_hour=$((60*60));
sec_in_minute=60
while (( $(($Difference_Timestamp-$sec_in_day)) > 1 ))
do
let Difference_Timestamp=Difference_Timestamp-sec_in_day
let days++
done
while (( $(($Difference_Timestamp-$sec_in_hour)) > 1 ))
do
let Difference_Timestamp=Difference_Timestamp-sec_in_hour
let hours++
done
echo " $days 天 $hours 小时前 "
}
function getUserLastLogin{
# 获取用户最近一次登录的时间,含年份
# 很遗憾last命令不支持显示年份,只有" last -t YYYYMMDDHHMMSS "表示某个时间之间的登录,我
# 们只能用最笨的方法了,对比今天之前和今年元旦之前(或者去年之前和前年之前……)某个用户
# 登录次数,如果登录统计次数有变化,则说明最近一次登录是今年。
username=$1
: ${username:=" `whoami` "}
thisYear=$(date +%Y)
oldesYear=$(last | tail -n1 | awk '{print $NF}')
while(( $thisYear >= $oldesYear));do
loginBeforeToday=$(last $username | grep $username | wc -l)
loginBeforeNewYearsDayOfThisYear=$(last $username -t $thisYear" 0101000000" | grep $username | wc -l)
if [ $loginBeforeToday -eq 0 ];then
echo " 从未登录过 "
break
elif [ $loginBeforeToday -gt $loginBeforeNewYearsDayOfThisYear ];then
lastDateTime=$(last -i $username | head -n1 | awk '{for(i=4;i<(NF-2);i++)printf" %s ",$i}')"$thisYear " #格式如: Sat Nov 2 20:33 2015
lastDateTime=$(date " +%Y-%m-%d %H:%M:%S " -d "$lastDateTime ")
echo " $lastDateTime "
break
else
thisYear=$((thisYear-1))
fi
done
}
function getUserStatus{
echo ""
echo ""
echo " ############################ 用户检查 ############################ "
#/etc/passwd 最后修改时间
pwdfile=" $(cat /etc/passwd) "
Modify=$(stat /etc/passwd | grep Modify | tr '.' ' ' | awk '{print $2,$3}')
echo " /etc/passwd 最后修改时间:$Modify ($(getHowLongAgo $Modify)) "
echo ""
echo " 特权用户 "
echo " -------- "
RootUser=""
for user in $(echo " $pwdfile " | awk -F: '{print $1}');do
if [ $(id -u $user) -eq 0 ];then
echo " $user "
RootUser=" $RootUser,$user "
fi
done
echo ""
echo " 用户列表 "
echo " -------- "
USERs=0
echo " $(
echo "用户名 UID GID HOME SHELL 最后一次登录"
forshell in $(grep -v "/sbin/nologin"/etc/shells); do
forusername in $(grep "$shell"/etc/passwd| awk -F: '{print $1}'); do
userLastLogin= "$(getUserLastLogin $username)"
echo "$pwdfile"| grep -w "$username"|grep -w "$shell"| awk -F: -v lastlogin= "$(echo "$userLastLogin " | tr ' ' '_')"'{print $1,$3,$4,$6,$7,lastlogin}'
done
let USERs=USERs+$(echo "$pwdfile"| grep "$shell"| wc -l)
done
) " | column -t
echo ""
echo " 空密码用户 "
echo " ---------- "
USEREmptyPassword=""
for shell in $(grep -v " /sbin/nologin " /etc/shells);do
for user in $(echo " $pwdfile " | grep "$shell " | cut -d: -f1);do
r=$(awk -F: '$2==" !! "{print $1}' /etc/shadow | grep -w $user)
if [ ! -z $r ];then
echo $r
USEREmptyPassword=" $USEREmptyPassword, "$r
fi
done
done
echo ""
echo " 相同ID的用户 "
echo " ------------ "
USERTheSameUID=""
UIDs=$(cut -d: -f3 /etc/passwd | sort | uniq -c | awk '$1>1{print $2}')
for uid in $UIDs;do
echo -n " $uid ";
USERTheSameUID=" $uid "
r=$(awk -F: 'ORS="";$3=='" $uid "'{print ": ",$1}' /etc/passwd)
echo " $r "
echo ""
USERTheSameUID=" $USERTheSameUID $r, "
done
#报表信息
report_USERs=" $USERs " #用户
report_USEREmptyPassword=$(echo $USEREmptyPassword | sed 's/^,//')
report_USERTheSameUID=$(echo $USERTheSameUID | sed 's/,$//')
report_RootUser=$(echo $RootUser | sed 's/^,//') #特权用户
}
function getPasswordStatus {
echo ""
echo ""
echo " ############################ 密码检查 ############################ "
pwdfile=" $(cat /etc/passwd) "
echo ""
echo " 密码过期检查 "
echo " ------------ "
result=""
for shell in $(grep -v " /sbin/nologin " /etc/shells);do
for user in $(echo " $pwdfile " | grep "$shell " | cut -d: -f1);do
get_expiry_date=$(/usr/bin/chage -l $user | grep 'Password expires' | cut -d: -f2)
if [[ $get_expiry_date = ' never' || $get_expiry_date = 'never' ]];then
printf " %- 15s 永不过期\n " $user
result=" $result,$user:never "
else
password_expiry_date=$(date -d " $get_expiry_date " "+%s ")
current_date=$(date " +%s ")
diff=$(($password_expiry_date-$current_date))
let DAYS=$(($diff/(60*60*24)))
printf " %- 15s %s天后过期\n " $user $DAYS
result=" $result,$user:$DAYS days "
fi
done
done
report_PasswordExpiry=$(echo $result | sed 's/^,//')
echo ""
echo " 密码策略检查 "
echo " ------------ "
grep -v " # " /etc/login.defs | grep -E "PASS_MAX_DAYS|PASS_MIN_DAYS|PASS_MIN_LEN|PASS_WARN_AGE "
}
function getSudoersStatus{
echo ""
echo ""
echo " ############################ Sudoers检查 ######################### "
conf=$(grep -v " ^# " /etc/sudoers| grep -v "^Defaults " | sed '/^$/d')
echo " $conf "
echo ""
#报表信息
report_Sudoers=" $(echo $conf | wc -l) "
}
function getInstalledStatus{
echo ""
echo ""
echo " ############################ 软件检查 ############################ "
rpm -qa --last | head | column -t
}
function getProcessStatus{
echo ""
echo ""
echo " ############################ 进程检查 ############################ "
if [ $(ps -ef | grep defunct | grep -v grep | wc -l) -ge 1 ];then
echo ""
echo " 僵尸进程 ";
echo " -------- "
ps -ef | head -n1
ps -ef | grep defunct | grep -v grep
fi
echo ""
echo " 内存占用TOP10 "
echo " ------------- "
echo -e " PID %MEM RSS COMMAND
$(ps aux | awk '{print $2, $4, $6, $11}'| sort -k3rn | head -n 10) "| column -t
echo ""
echo " CPU占用TOP10 "
echo " ------------ "
top b -n1 | head -17 | tail -11
#报表信息
report_DefunctProsess=" $(ps -ef | grep defunct | grep -v grep|wc -l) "
}
function getJDKStatus{
echo ""
echo ""
echo " ############################ JDK检查 ############################# "
java -version 2>/dev/null
if [ $? -eq 0 ];then
java -version 2>&1
fi
echo " JAVA_HOME=\ "$JAVA_HOME\""
#报表信息
report_JDK= "$(java -version 2>&1 | grep version | awk '{print $1,$3}' | tr -d '"')"
}
function getSyslogStatus{
echo ""
echo ""
echo "############################ syslog检查 ##########################"
echo "服务状态:$(getState rsyslog)"
echo ""
echo "/etc/rsyslog.conf"
echo "-----------------"
cat /etc/rsyslog.conf 2>/dev/null | grep -v "^#" | grep -v "^\\#34; | sed ' /^$/d ' | column -t
#报表信息
report_Syslog="$(getState rsyslog)"
}
function getFirewallStatus{
echo ""
echo ""
echo "############################ 防火墙检查 ##########################"
#防火墙状态,策略等
if [[ $centosVersion < 7 ]];then
/etc/init.d/iptables status >/dev/null 2>&1
status=$?
if [ $status -eq 0 ];then
s="active"
elif [ $status -eq 3 ];then
s="inactive"
elif [ $status -eq 4 ];then
s="permission denied"
else
s="unknown"
fi
else
s="$(getState iptables)"
fi
echo "iptables: $s"
echo ""
echo "/etc/sysconfig/iptables"
echo "-----------------------"
cat /etc/sysconfig/iptables 2>/dev/null
#报表信息
report_Firewall="$s"
}
function getSNMPStatus{
#SNMP服务状态,配置等
echo ""
echo ""
echo "############################ SNMP检查 ############################"
status="$(getState snmpd)"
echo "服务状态:$status"
echo ""
if [ -e /etc/snmp/snmpd.conf ];then
echo "/etc/snmp/snmpd.conf"
echo "--------------------"
cat /etc/snmp/snmpd.conf 2>/dev/null | grep -v "^#" | sed ' /^$/d '
fi
#报表信息
report_SNMP="$(getState snmpd)"
}
function getState{
if [[ $centosVersion < 7 ]];then
if [ -e "/etc/init.d/$1" ];then
if [ `/etc/init.d/$1 status 2>/dev/null | grep -E "is running|正在运行" | wc -l` -ge 1 ];then
r="active"
else
r="inactive"
fi
else
r="unknown"
fi
else
#CentOS 7+
r="$(systemctl is-active $1 2>&1)"
fi
echo "$r"
}
function getSSHStatus{
#SSHD服务状态,配置,受信任主机等
echo ""
echo ""
echo "############################ SSH检查 #############################"
#检查受信任主机
pwdfile="$(cat /etc/passwd)"
echo "服务状态:$(getState sshd)"
Protocol_Version=$(cat /etc/ssh/sshd_config | grep Protocol | awk ' {print $ 2} ')
echo "SSH协议版本:$Protocol_Version"
echo ""
echo "信任主机"
echo "--------"
authorized=0
for user in $(echo "$pwdfile" | grep /bin/bash | awk -F: ' {print $ 1} ');do
authorize_file=$(echo "$pwdfile" | grep -w $user | awk -F: ' {printf $ 6"/.ssh/authorized_keys"} ')
authorized_host=$(cat $authorize_file 2>/dev/null | awk ' {print $ 3} ' | tr '\n ' ', ' | sed 's/,$ //')
if[ ! -z $authorized_host ];then
echo "$user 授权 \"$authorized_host\" 无密码访问"
fi
let authorized=authorized+$(cat $authorize_file 2>/dev/ null| awk '{print $3}'|wc -l)
done
echo ""
echo "是否允许ROOT远程登录"
echo "--------------------"
config=$(cat /etc/ssh/sshd_config | grep PermitRootLogin)
firstChar=${config: 0: 1}
if[ $firstChar == "#"];then
PermitRootLogin= "yes"#默认是允许ROOT远程登录的
else
PermitRootLogin=$(echo $config | awk '{print $2}')
fi
echo "PermitRootLogin $PermitRootLogin"
echo ""
echo "/etc/ssh/sshd_config"
echo "--------------------"
cat /etc/ssh/sshd_config | grep -v "^#"| sed '/^$/d'
#报表信息
report_SSHAuthorized= "$authorized"#SSH信任主机
report_SSHDProtocolVersion= "$Protocol_Version"#SSH协议版本
report_SSHDPermitRootLogin= "$PermitRootLogin"#允许root远程登录
}
function getNTPStatus{
#NTP服务状态,当前时间,配置等
echo ""
echo ""
echo "############################ NTP检查 #############################"
if[ -e /etc/ntp.conf ];then
echo "服务状态:$(getState ntpd)"
echo ""
echo "/etc/ntp.conf"
echo "-------------"
cat /etc/ntp.conf 2>/dev/ null| grep -v "^#"| sed '/^$/d'
fi
#报表信息
report_NTP= "$(getState ntpd)"
}
function uploadHostDailyCheckReport{
json= "{
\"DateTime\":\"$report_DateTime\",
\"Hostname\":\"$report_Hostname\",
\"OSRelease\":\"$report_OSRelease\",
\"Kernel\":\"$report_Kernel\",
\"Language\":\"$report_Language\",
\"LastReboot\":\"$report_LastReboot\",
\"Uptime\":\"$report_Uptime\",
\"CPUs\":\"$report_CPUs\",
\"CPUType\":\"$report_CPUType\",
\"Arch\":\"$report_Arch\",
\"MemTotal\":\"$report_MemTotal\",
\"MemFree\":\"$report_MemFree\",
\"MemUsedPercent\":\"$report_MemUsedPercent\",
\"DiskTotal\":\"$report_DiskTotal\",
\"DiskFree\":\"$report_DiskFree\",
\"DiskUsedPercent\":\"$report_DiskUsedPercent\",
\"InodeTotal\":\"$report_InodeTotal\",
\"InodeFree\":\"$report_InodeFree\",
\"InodeUsedPercent\":\"$report_InodeUsedPercent\",
\"IP\":\"$report_IP\",
\"MAC\":\"$report_MAC\",
\"Gateway\":\"$report_Gateway\",
\"DNS\":\"$report_DNS\",
\"Listen\":\"$report_Listen\",
\"Selinux\":\"$report_Selinux\",
\"Firewall\":\"$report_Firewall\",
\"USERs\":\"$report_USERs\",
\"USEREmptyPassword\":\"$report_USEREmptyPassword\",
\"USERTheSameUID\":\"$report_USERTheSameUID\",
\"PasswordExpiry\":\"$report_PasswordExpiry\",
\"RootUser\":\"$report_RootUser\",
\"Sudoers\":\"$report_Sudoers\",
\"SSHAuthorized\":\"$report_SSHAuthorized\",
\"SSHDProtocolVersion\":\"$report_SSHDProtocolVersion\",
\"SSHDPermitRootLogin\":\"$report_SSHDPermitRootLogin\",
\"DefunctProsess\":\"$report_DefunctProsess\",
\"SelfInitiatedService\":\"$report_SelfInitiatedService\",
\"SelfInitiatedProgram\":\"$report_SelfInitiatedProgram\",
\"RuningService\":\"$report_RuningService\",
\"Crontab\":\"$report_Crontab\",
\"Syslog\":\"$report_Syslog\",
\"SNMP\":\"$report_SNMP\",
\"NTP\":\"$report_NTP\",
\"JDK\":\"$report_JDK\"
}"
#echo "$json"
curl -l -H "Content-type: application/json"-X POST -d "$json""$uploadHostDailyCheckReportApi"2>/dev/ null
}
function getchage_file_24h
{
echo "############################ 文件检查 #############################"
check2=$(find / -name '*.sh'-mtime - 1)
check21=$(find / -name '*.asp'-mtime - 1)
check22=$(find / -name '*.php'-mtime - 1)
check23=$(find / -name '*.aspx'-mtime - 1)
check24=$(find / -name '*.jsp'-mtime - 1)
check25=$(find / -name '*.html'-mtime - 1)
check26=$(find / -name '*.htm'-mtime - 1)
check9=$(find / -name core -exec ls -l {} \;)
check10=$(cat /etc/crontab)
check12=$(ls -alt /usr/bin | head - 10)
cat <<EOF
############################查看所有被修改过的文件返回最近 24小时内的############################
${check2}
${check21}
${check22}
${check23}
${check24}
${check25}
${check26}
${line}
############################检查定时文件的完整性############################
${check10}
${line}
############################查看系统命令是否被替换############################
${check12}
${line}
EOF
}
function check{
version
getSystemStatus
getCpuStatus
getMemStatus
getDiskStatus
getNetworkStatus
getListenStatus
getProcessStatus
getServiceStatus
getAutoStartStatus
getLoginStatus
getCronStatus
getUserStatus
getPasswordStatus
getSudoersStatus
getJDKStatus
getFirewallStatus
getSSHStatus
getSyslogStatus
getSNMPStatus
getNTPStatus
getInstalledStatus
getchage_file_24h
}
#执行检查并保存检查结果
check > $RESULTFILE
echo "检查结果:$RESULTFILE"
echo -e "`date "+%Y-%m-%d %H:%M:%S "` 阿里云PHP企业平台巡检报告"| mail -a $RESULTFILE -s "
相关推荐
- “版本末期”了?下周平衡补丁!国服最强5套牌!上分首选
-
明天,酒馆战棋就将迎来大更新,也聊了很多天战棋相关的内容了,趁此机会,给兄弟们穿插一篇构筑模式的卡组推荐!老规矩,我们先来看10职业胜率。目前10职业胜率排名与一周前基本类似,没有太多的变化。平衡补丁...
- VS2017 C++ 程序报错“error C2065:“M_PI”: 未声明的标识符"
-
首先,程序中头文件的选择,要选择头文件,在文件中是没有对M_PI的定义的。选择:项目——>”XXX属性"——>配置属性——>C/C++——>预处理器——>预处理器定义,...
- 东营交警实名曝光一批酒驾人员名单 88人受处罚
-
齐鲁网·闪电新闻5月24日讯酒后驾驶是对自己和他人生命安全极不负责的行为,为守护大家的平安出行路,东营交警一直将酒驾作为重点打击对象。5月23日,东营交警公布最新一批饮酒、醉酒名单。对以下驾驶人醉酒...
- Qt界面——搭配QCustomPlot(qt platform)
-
这是我第一个使用QCustomPlot控件的上位机,通过串口精确的5ms发送一次数据,再将读取的数据绘制到图表中。界面方面,尝试卡片式设计,外加QSS简单的配了个色。QCustomPlot官网:Qt...
- 大话西游2分享赢取种族坐骑手办!PK趣闻录由你书写
-
老友相聚,仗剑江湖!《大话西游2》2021全民PK季4月激燃打响,各PK玩法鏖战齐开,零门槛参与热情高涨。PK季期间,不仅各种玩法奖励丰厚,参与PK趣闻录活动,投稿自己在PK季遇到的趣事,还有机会带走...
- 测试谷歌VS Code AI 编程插件 Gemini Code Assist
-
用ClaudeSonnet3.7的天气测试编码,让谷歌VSCodeAI编程插件GeminiCodeAssist自动编程。生成的文件在浏览器中的效果如下:(附源代码)VSCode...
- 顾爷想知道第4.5期 国服便利性到底需优化啥?
-
前段时间DNF国服推出了名为“阿拉德B计划”的系列改版计划,截至目前我们已经看到了两项实装。不过关于便利性上,国服似乎还有很多路要走。自从顾爷回归DNF以来,几乎每天都在跟我抱怨关于DNF里面各种各样...
- 掌握Visual Studio项目配置【基础篇】
-
1.前言VisualStudio是Windows上最常用的C++集成开发环境之一,简称VS。VS功能十分强大,对应的,其配置系统较为复杂。不管是对于初学者还是有一定开发经验的开发者来说,捋清楚VS...
- 还嫌LED驱动设计套路深?那就来看看这篇文章吧
-
随着LED在各个领域的不同应用需求,LED驱动电路也在不断进步和发展。本文从LED的特性入手,推导出适合LED的电源驱动类型,再进一步介绍各类LED驱动设计。设计必读:LED四个关键特性特性一:非线...
- Visual Studio Community 2022(VS2022)安装图文方法
-
直接上步骤:1,首先可以下载安装一个VisualStudio安装器,叫做VisualStudioinstaller。这个安装文件很小,很快就安装完成了。2,打开VisualStudioins...
- Qt添加MSVC构建套件的方法(qt添加c++11)
-
前言有些时候,在Windows下因为某些需求需要使用MSVC编译器对程序进行编译,假设我们安装Qt的时候又只是安装了MingW构建套件,那么此时我们该如何给现有的Qt添加一个MSVC构建套件呢?本文以...
- Qt为什么站稳c++GUI的top1(qt c)
-
为什么现在QT越来越成为c++界面编程的第一选择,从事QT编程多年,在这之前做C++界面都是基于MFC。当时为什么会从MFC转到QT?主要原因是MFC开发界面想做得好看一些十分困难,引用第三方基于MF...
- qt开发IDE应该选择VS还是qt creator
-
如果一个公司选择了qt来开发自己的产品,在面临IDE的选择时会出现vs或者qtcreator,选择qt的IDE需要结合产品需求、部署平台、项目定位、程序猿本身和公司战略,因为大的软件产品需要明确IDE...
- Qt 5.14.2超详细安装教程,不会来打我
-
Qt简介Qt(官方发音[kju:t],音同cute)是一个跨平台的C++开库,主要用来开发图形用户界面(GraphicalUserInterface,GUI)程序。Qt是纯C++开...
- Cygwin配置与使用(四)——VI字体和颜色的配置
-
简介:VI的操作模式,基本上VI可以分为三种状态,分别是命令模式(commandmode)、插入模式(Insertmode)和底行模式(lastlinemode),各模式的功能区分如下:1)...
欢迎 你 发表评论:
- 一周热门
- 最近发表
-
- “版本末期”了?下周平衡补丁!国服最强5套牌!上分首选
- VS2017 C++ 程序报错“error C2065:“M_PI”: 未声明的标识符"
- 东营交警实名曝光一批酒驾人员名单 88人受处罚
- Qt界面——搭配QCustomPlot(qt platform)
- 大话西游2分享赢取种族坐骑手办!PK趣闻录由你书写
- 测试谷歌VS Code AI 编程插件 Gemini Code Assist
- 顾爷想知道第4.5期 国服便利性到底需优化啥?
- 掌握Visual Studio项目配置【基础篇】
- 还嫌LED驱动设计套路深?那就来看看这篇文章吧
- Visual Studio Community 2022(VS2022)安装图文方法
- 标签列表
-
- wireshark怎么抓包 (75)
- qt sleep (64)
- cs1.6指令代码大全 (55)
- factory-method (60)
- sqlite3_bind_blob (52)
- hibernate update (63)
- c++ base64 (70)
- nc 命令 (52)
- wm_close (51)
- epollin (51)
- sqlca.sqlcode (57)
- lua ipairs (60)
- tv_usec (64)
- 命令行进入文件夹 (53)
- postgresql array (57)
- statfs函数 (57)
- .project文件 (54)
- lua require (56)
- for_each (67)
- c#工厂模式 (57)
- wxsqlite3 (66)
- dmesg -c (58)
- fopen参数 (53)
- tar -zxvf -c (55)
- 速递查询 (52)