这周闲得慌,就根据需求写了差不多20个脚本(部分是之前分享过的做了一些改进),今天主要分享一个给平时运维人员用的centos7系统巡检的脚本,或者排查问题检查系统情况也可以用..
实用脚本
#!/bin/bash
##############################################################
# File Name: CenOS7.sh
# Version: V1.0
# Author: hwb
# Created Time : date
# Description: xunjian for centos7
##############################################################
#参数定义
date=`date +"%Y-%m-%d-%H:%M:%S"`
centosVersion=$(awk '{print $(NF-1)}' /etc/redhat-release)
VERSION=`date +%F`
#日志相关
LOGPATH="/tmp/awr"
[ -e $LOGPATH ] || mkdir -p $LOGPATH
RESULTFILE="$LOGPATH/HostCheck-`hostname`-`date +%Y%m%d`.txt"
#调用函数库
[ -f /etc/init.d/functions ] && source /etc/init.d/functions
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
source /etc/profile
#root用户执行脚本
[ $(id -u) -gt 0 ] && echo "请用root用户执行此脚本!" && exit 1
function version(){
echo ""
echo ""
echo "[${date}] >>> `hostname -s` 主机巡检"
}
function getSystemStatus(){
echo ""
echo -e "\033[33m****************************************************系统检查****************************************************\033[0m"
if [ -e /etc/sysconfig/i18n ];then
default_LANG="$(grep "LANG=" /etc/sysconfig/i18n | grep -v "^#" | awk -F '"' '{print $2}')"
else
default_LANG=$LANG
fi
export LANG="en_US.UTF-8"
Release=$(cat /etc/redhat-release 2>/dev/null)
Kernel=$(uname -r)
OS=$(uname -o)
Hostname=$(uname -n)
SELinux=$(/usr/sbin/sestatus | grep "SELinux status: " | awk '{print $3}')
LastReboot=$(who -b | awk '{print $3,$4}')
uptime=$(uptime | sed 's/.*up \([^,]*\), .*/\1/')
echo " 系统:$OS"
echo " 发行版本:$Release"
echo " 内核:$Kernel"
echo " 主机名:$Hostname"
echo " SELinux:$SELinux"
echo "语言/编码:$default_LANG"
echo " 当前时间:$(date +'%F %T')"
echo " 最后启动:$LastReboot"
echo " 运行时间:$uptime"
export LANG="$default_LANG"
}
function getCpuStatus(){
echo ""
echo -e "\033[33m****************************************************CPU检查*****************************************************\033[0m"
Physical_CPUs=$(grep "physical id" /proc/cpuinfo| sort | uniq | wc -l)
Virt_CPUs=$(grep "processor" /proc/cpuinfo | wc -l)
CPU_Kernels=$(grep "cores" /proc/cpuinfo|uniq| awk -F ': ' '{print $2}')
CPU_Type=$(grep "model name" /proc/cpuinfo | awk -F ': ' '{print $2}' | sort | uniq)
CPU_Arch=$(uname -m)
echo "物理CPU个数:$Physical_CPUs"
echo "逻辑CPU个数:$Virt_CPUs"
echo "每CPU核心数:$CPU_Kernels"
echo " CPU型号:$CPU_Type"
echo " CPU架构:$CPU_Arch"
}
function getMemStatus(){
echo ""
echo -e "\033[33m**************************************************内存检查*****************************************************\033[0m"
if [[ $centosVersion < 7 ]];then
free -mo
else
free -h
fi
#报表信息
MemTotal=$(grep MemTotal /proc/meminfo| awk '{print $2}') #KB
MemFree=$(grep MemFree /proc/meminfo| awk '{print $2}') #KB
let MemUsed=MemTotal-MemFree
MemPercent=$(awk "BEGIN {if($MemTotal==0){printf 100}else{printf \"%.2f\",$MemUsed*100/$MemTotal}}")
}
function getDiskStatus(){
echo ""
echo -e "\033[33m**************************************************磁盘检查******************************************************\033[0m"
df -hiP | sed 's/Mounted on/Mounted/'> /tmp/inode
df -hTP | sed 's/Mounted on/Mounted/'> /tmp/disk
join /tmp/disk /tmp/inode | awk '{print $1,$2,"|",$3,$4,$5,$6,"|",$8,$9,$10,$11,"|",$12}'| column -t
#报表信息
diskdata=$(df -TP | sed '1d' | awk '$2!="tmpfs"{print}') #KB
disktotal=$(echo "$diskdata" | awk '{total+=$3}END{print total}') #KB
diskused=$(echo "$diskdata" | awk '{total+=$4}END{print total}') #KB
diskfree=$((disktotal-diskused)) #KB
diskusedpercent=$(echo $disktotal $diskused | awk '{if($1==0){printf 100}else{printf "%.2f",$2*100/$1}}')
inodedata=$(df -iTP | sed '1d' | awk '$2!="tmpfs"{print}')
inodetotal=$(echo "$inodedata" | awk '{total+=$3}END{print total}')
inodeused=$(echo "$inodedata" | awk '{total+=$4}END{print total}')
inodefree=$((inodetotal-inodeused))
inodeusedpercent=$(echo $inodetotal $inodeused | awk '{if($1==0){printf 100}else{printf "%.2f",$2*100/$1}}')
}
function get_resource(){
echo ""
echo -e "\033[33m**************************************************资源消耗统计**************************************************\033[0m"
echo -e "\033[36m*************带宽资源消耗统计*************\033[0m"
#用数组存放网卡名
nic=(`ifconfig | grep ^[a-z] | grep -vE 'lo|docker0'| awk -F: '{print $1}'`)
time=`date "+%Y-%m-%d %k:%M"`
num=0
for ((i=0;i<${#nic[@]};i++))
do
#循环五次,避免看到的是偶然的数据
while (( $num<5 ))
do
rx_before=$(cat /proc/net/dev | grep '${nic[$i]}' | tr : " " | awk '{print $2}')
tx_before=$(cat /proc/net/dev | grep '${nic[$i]}' | tr : " " | awk '{print $10}')
sleep 2
#用sed先获取第7列,再用awk获取第2列,再cut切割,从第7个到最后,即只切割网卡流量数字部分
rx_after=$(cat /proc/net/dev | grep '${nic[$i]}' | tr : " " | awk '{print $2}')
tx_after=$(cat /proc/net/dev | grep '${nic[$i]}' | tr : " " | awk '{print $10}')
#注意下面截取的相差2秒的两个时刻的累计和发送的bytes(即累计传送和接收的位)
rx_result=$[(rx_after-rx_before)/1024/1024/2*8]
tx_result=$[(tx_after-tx_before)/1024/1024/2*8]
echo "$time Now_In_Speed: $rx_result Mbps Now_OUt_Speed: $tx_result Mbps" >> /tmp/network.txt
let "num++"
done
#注意下面grep后面的$time变量要用双引号括起来
rx_result=$(cat /tmp/network.txt|grep "$time"|awk '{In+=$4}END{print In}')
tx_result=$(cat /tmp/network.txt|grep "$time"|awk '{Out+=$7}END{print Out}')
In_Speed=$(echo "scale=2;$rx_result/5"|bc)
Out_Speed=$(echo "scale=2;$tx_result/5"|bc)
echo -e "\033[32m In_Speed_average: $In_Speed Mbps Out_Speed_average: $Out_Speed Mbps! \033[0m"
done
echo -e "\033[36m*************CPU资源消耗统计*************\033[0m"
#使用vmstat 1 5命令统计5秒内的使用情况,再计算每秒使用情况
total=`vmstat 1 5|awk '{x+=$13;y+=$14}END{print x+y}'`
cpu_average=$(echo "scale=2;$total/5"|bc)
#判断CPU使用率(浮点数与整数比较)
if [ `echo "${cpu_average} > 70" | bc` -eq 1 ];then
echo -e "\033[31m Total CPU is already use: ${cpu_average}%,请及时处理!\033[0m"
else
echo -e "\033[32m Total CPU is already use: ${cpu_average}%! \033[0m"
fi
echo -e "\033[36m*************磁盘资源消耗统计*************\033[0m"
#磁盘使用情况(注意:需要用sed先进行格式化才能进行累加处理)
disk_used=$(df -m | sed '1d;/ /!N;s/\n//;s/ \+/ /;' | awk '{used+=$3} END{print used}')
disk_totalSpace=$(df -m | sed '1d;/ /!N;s/\n//;s/ \+/ /;' | awk '{totalSpace+=$2} END{print totalSpace}')
disk_all=$(echo "scale=4;$disk_used/$disk_totalSpace" | bc)
disk_percent1=$(echo $disk_all | cut -c 2-3)
disk_percent2=$(echo $disk_all | cut -c 4-5)
disk_warning=`df -m | sed '1d;/ /!N;s/\n//;s/ \+/ /;' | awk '{if ($5>85) print $6 "目录使用率:" $5;} '`
echo -e "\033[32m Total disk has used: $disk_percent1.$disk_percent2% \033[0m"
#echo -e "\t\t.." 表示换行
if [ -n "$disk_warning" ];then
echo -e "\033[31m${disk_warning} \n [Error]以上目录使用率超过85%,请及时处理!\033[0m"
fi
echo -e "\033[36m*************内存资源消耗统计*************\033[0m"
#获得系统总内存
memery_all=$(free -m | awk 'NR==2' | awk '{print $2}')
#获得占用内存(操作系统 角度)
system_memery_used=$(free -m | awk 'NR==2' | awk '{print $3}')
#获得buffer、cache占用内存,当内存不够时会及时回收,所以这两部分可用于可用内存的计算
buffer_used=$(free -m | awk 'NR==2' | awk '{print $6}')
cache_used=$(free -m | awk 'NR==2' | awk '{print $7}')
#获得被使用内存,所以这部分可用于可用内存的计算,注意计算方法
actual_used_all=$[memery_all-(free+buffer_used+cache_used)]
#获得实际占用的内存
actual_used_all=`expr $memery_all - $free + $buffer_used + $cache_used `
memery_percent=$(echo "scale=4;$system_memery_used / $memery_all" | bc)
memery_percent2=$(echo "scale=4; $actual_used_all / $memery_all" | bc)
percent_part1=$(echo $memery_percent | cut -c 2-3)
percent_part2=$(echo $memery_percent | cut -c 4-5)
percent_part11=$(echo $memery_percent2 | cut -c 2-3)
percent_part22=$(echo $memery_percent2 | cut -c 4-5)
#获得占用内存(操作系统角度)
echo -e "\033[32m system memery is already use: $percent_part1.$percent_part2% \033[0m"
#获得实际内存占用率
echo -e "\033[32m actual memery is already use: $percent_part11.$percent_part22% \033[0m"
echo -e "\033[32m buffer is already used : $buffer_used M \033[0m"
echo -e "\033[32m cache is already used : $cache_used M \033[0m"
}
function getServiceStatus(){
echo ""
echo -e "\033[33m*************************************************服务检查*******************************************************\033[0m"
echo ""
if [[ $centosVersion > 7 ]];then
conf=$(systemctl list-unit-files --type=service --state=enabled --no-pager | grep "enabled")
process=$(systemctl list-units --type=service --state=running --no-pager | grep ".service")
else
conf=$(/sbin/chkconfig | grep -E ":on|:启用")
process=$(/sbin/service --status-all 2>/dev/null | grep -E "is running|正在运行")
fi
echo -e "\033[36m******************服务配置******************\033[0m"
echo "$conf" | column -t
echo ""
echo -e "\033[36m**************正在运行的服务****************\033[0m"
echo "$process"
}
function getAutoStartStatus(){
echo ""
echo -e "\033[33m***********************************************自启动检查*******************************************************\033[0m"
echo -e "\033[36m****************自启动命令*****************\033[0m"
conf=$(grep -v "^#" /etc/rc.d/rc.local| sed '/^$/d')
echo "$conf"
}
function getLoginStatus(){
echo ""
echo -e "\033[33m************************************************登录检查********************************************************\033[0m"
last | head
}
function getNetworkStatus(){
echo ""
echo -e "\033[33m************************************************网络检查********************************************************\033[0m"
if [[ $centosVersion < 7 ]];then
/sbin/ifconfig -a | grep -v packets | grep -v collisions | grep -v i
net6
else
#ip a
for i in $(ip link | grep BROADCAST | awk -F: '{print $2}');do ip add show $i | grep -E "BROADCAST|global"| awk '{print $2}' | tr '\n' ' ' ;echo "" ;done
fi
GATEWAY=$(ip route | grep default | awk '{print $3}')
DNS=$(grep nameserver /etc/resolv.conf| grep -v "#" | awk '{print $2}' | tr '\n' ',' | sed 's/,$//')
echo ""
echo "网关:$GATEWAY "
echo "DNS:$DNS"
#报表信息
IP=$(ip -f inet addr | grep -v 127.0.0.1 | grep inet | awk '{print $NF,$2}' | tr '\n' ',' | sed 's/,$//')
MAC=$(ip link | grep -v "LOOPBACK\|loopback" | awk '{print $2}' | sed 'N;s/\n//' | tr '\n' ',' | sed 's/,$//')
echo ""
ping -c 4 www.baidu.com >/dev/null 2>&1
if [ $? -eq 0 ];then
echo ""
echo -e "\033[32m网络连接:正常!\033[0m"
else
echo ""
echo -e "\033[31m网络连接:异常!\033[0m"
fi
}
function getListenStatus(){
echo ""
echo -e "\033[33m***********************************************监听检查********************************************************\033[0m"
TCPListen=$(ss -ntul | column -t)
echo "$TCPListen"
}
function getCronStatus(){
echo ""
echo -e "\033[33m**********************************************计划任务检查******************************************************\033[0m"
Crontab=0
for shell in $(grep -v "/sbin/nologin" /etc/shells);do
for user in $(grep "$shell" /etc/passwd| awk -F: '{print $1}');do
crontab -l -u $user >/dev/null 2>&1
status=$?
if [ $status -eq 0 ];then
echo -e "\033[36m************$user用户的定时任务**************\033[0m"
crontab -l -u $user
let Crontab=Crontab+$(crontab -l -u $user | wc -l)
echo ""
fi
done
done
#计划任务
#find /etc/cron* -type f | xargs -i ls -l {} | column -t
#let Crontab=Crontab+$(find /etc/cron* -type f | wc -l)
}
function getHowLongAgo(){
# 计算一个时间戳离现在有多久了
datetime="$*"
[ -z "$datetime" ] && echo `stat /etc/passwd|awk "NR==6"`
Timestamp=$(date +%s -d "$datetime")
Now_Timestamp=$(date +%s)
Difference_Timestamp=$(($Now_Timestamp-$Timestamp))
days=0;hours=0;minutes=0;
sec_in_day=$((60*60*24));
sec_in_hour=$((60*60));
sec_in_minute=60
while (( $(($Difference_Timestamp-$sec_in_day)) > 1 ))
do
let Difference_Timestamp=Difference_Timestamp-sec_in_day
let days++
done
while (( $(($Difference_Timestamp-$sec_in_hour)) > 1 ))
do
let Difference_Timestamp=Difference_Timestamp-sec_in_hour
let hours++
done
echo "$days 天 $hours 小时前"
}
function getUserLastLogin(){
# 获取用户最近一次登录的时间,含年份
# 很遗憾last命令不支持显示年份,只有"last -t YYYYMMDDHHMMSS"表示某个时间之间的登录,我
# 们只能用最笨的方法了,对比今天之前和今年元旦之前(或者去年之前和前年之前……)某个用户
# 登录次数,如果登录统计次数有变化,则说明最近一次登录是今年。
username=$1
: ${username:="`whoami`"}
thisYear=$(date +%Y)
oldesYear=$(last | tail -n1 | awk '{print $NF}')
while(( $thisYear >= $oldesYear));do
loginBeforeToday=$(last $username | grep $username | wc -l)
loginBeforeNewYearsDayOfThisYear=$(last $username -t $thisYear"0101000000" | grep $username | wc -l)
if [ $loginBeforeToday -eq 0 ];then
echo "从未登录过"
break
elif [ $loginBeforeToday -gt $loginBeforeNewYearsDayOfThisYear ];then
lastDateTime=$(last -i $username | head -n1 | awk '{for(i=4;i<(NF-2);i++)printf"%s ",$i}')" $thisYear"
lastDateTime=$(date "+%Y-%m-%d %H:%M:%S" -d "$lastDateTime")
echo "$lastDateTime"
break
else
thisYear=$((thisYear-1))
fi
done
}
function getUserStatus(){
echo ""
echo -e "\033[33m*************************************************用户检查*******************************************************\033[0m"
#/etc/passwd 最后修改时间
pwdfile="$(cat /etc/passwd)"
Modify=$(stat /etc/passwd | grep Modify | tr '.' ' ' | awk '{print $2,$3}')
echo "/etc/passwd: $Modify ($(getHowLongAgo $Modify))"
echo ""
echo -e "\033[36m******************特权用户******************\033[0m"
RootUser=""
for user in $(echo "$pwdfile" | awk -F: '{print $1}');do
if [ $(id -u $user) -eq 0 ];then
echo "$user"
RootUser="$RootUser,$user"
fi
done
echo ""
echo -e "\033[36m******************用户列表******************\033[0m"
USERs=0
echo "$(
echo "用户名 UID GID HOME SHELL 最后一次登录"
for shell in $(grep -v "/sbin/nologin" /etc/shells);do
for username in $(grep "$shell" /etc/passwd| awk -F: '{print $1}');do
userLastLogin="$(getUserLastLogin $username)"
echo "$pwdfile" | grep -w "$username" |grep -w "$shell"| awk -F: -v lastlogin="$(echo "$userLastLogin" | tr ' ' '_')" '{print $1,$3,$4,$6,$7,lastlogin}'
done
let USERs=USERs+$(echo "$pwdfile" | grep "$shell"| wc -l)
done
)" | column -t
echo ""
echo -e "\033[36m******************空密码用户****************\033[0m"
USEREmptyPassword=""
for shell in $(grep -v "/sbin/nologin" /etc/shells);do
for user in $(echo "$pwdfile" | grep "$shell" | cut -d: -f1);do
r=$(awk -F: '$2=="!!"{print $1}' /etc/shadow | grep -w $user)
if [ ! -z $r ];then
echo $r
USEREmptyPassword="$USEREmptyPassword,"$r
fi
done
done
echo ""
echo -e "\033[36m*****************相同ID用户*****************\033[0m"
USERTheSameUID=""
UIDs=$(cut -d: -f3 /etc/passwd | sort | uniq -c | awk '$1>1{print $2}')
for uid in $UIDs;do
echo -n "$uid";
USERTheSameUID="$uid"
r=$(awk -F: 'ORS="";$3=='"$uid"'{print ":",$1}' /etc/passwd)
echo "$r"
echo ""
USERTheSameUID="$USERTheSameUID $r,"
done
}
function getPasswordStatus {
echo ""
echo -e "\033[33m*************************************************密码检查*******************************************************\033[0m"
pwdfile="$(cat /etc/passwd)"
echo ""
echo -e "\033[36m****************密码过期检查****************\033[0m"
result=""
for shell in $(grep -v "/sbin/nologin" /etc/shells);do
for user in $(echo "$pwdfile" | grep "$shell" | cut -d: -f1);do
get_expiry_date=$(/usr/bin/chage -l $user | grep 'Password expires' | cut -d: -f2)
if [[ $get_expiry_date = ' never' || $get_expiry_date = 'never' ]];then
printf "%-15s 永不过期\n" $user
result="$result,$user:never"
else
password_expiry_date=$(date -d "$get_expiry_date" "+%s")
current_date=$(date "+%s")
diff=$(($password_expiry_date-$current_date))
let DAYS=$(($diff/(60*60*24)))
printf "%-15s %s天后过期\n" $user $DAYS
result="$result,$user:$DAYS days"
fi
done
done
report_PasswordExpiry=$(echo $result | sed 's/^,//')
echo ""
echo -e "\033[36m****************密码策略检查****************\033[0m"
grep -v "#" /etc/login.defs | grep -E "PASS_MAX_DAYS|PASS_MIN_DAYS|PASS_MIN_LEN|PASS_WARN_AGE"
}
function getSudoersStatus(){
echo ""
echo -e "\033[33m**********************************************Sudoers检查*******************************************************\033[0m"
conf=$(grep -v "^#" /etc/sudoers| grep -v "^Defaults" | sed '/^$/d')
echo "$conf"
echo ""
}
function getInstalledStatus(){
echo ""
echo -e "\033[33m*************************************************软件检查*******************************************************\033[0m"
rpm -qa --last | head | column -t
}
function getProcessStatus(){
echo ""
echo -e "\033[33m*************************************************进程检查*******************************************************\033[0m"
if [ $(ps -ef | grep defunct | grep -v grep | wc -l) -ge 1 ];then
echo ""
echo -e "\033[36m***************僵尸进程***************\033[0m"
ps -ef | head -n1
ps -ef | grep defunct | grep -v grep
fi
echo ""
echo -e "\033[36m************CPU占用TOP 10进程*************\033[0m"
echo -e "用户 进程ID %CPU 命令
$(ps aux | awk '{print $1, $2, $3, $11}' | sort -k3rn | head -n 10 )"| column -t
echo ""
echo -e "\033[36m************内存占用TOP 10进程*************\033[0m"
echo -e "用户 进程ID %MEM 虚拟内存 常驻内存 命令
$(ps aux | awk '{print $1, $2, $4, $5, $6, $11}' | sort -k3rn | head -n 10 )"| column -t
#echo ""
#echo -e "\033[36m************SWAP占用TOP 10进程*************\033[0m"
#awk: fatal: cannot open file `/proc/18713/smaps' for reading (No such file or directory)
#for i in `cd /proc;ls |grep "^[0-9]"|awk ' $0 >100'`;do awk '{if (-f /proc/$i/smaps) print "$i file is not exist"; else print "$i"}';done
# for i in `cd /proc;ls |grep "^[0-9]"|awk ' $0 >100'` ;do awk '/Swap:/{a=a+$2}END{print '"$i"',a/1024"M"}' /proc/$i/smaps ;done |sort -k2nr > /tmp/swap.txt
#echo -e "进程ID SWAP使用 $(cat /tmp/swap.txt|grep -v awk | head -n 10)"| column -t
}
function getSyslogStatus(){
echo ""
echo -e "\033[33m***********************************************syslog检查*******************************************************\033[0m"
echo "SYSLOG服务状态:$(getState rsyslog)"
echo ""
echo -e "\033[36m***************rsyslog配置******************\033[0m"
cat /etc/rsyslog.conf 2>/dev/null | grep -v "^#" | grep -v "^\\$" | sed '/^$/d' | column -t
}
function getFirewallStatus(){
echo ""
echo -e "\033[33m***********************************************防火墙检查*******************************************************\033[0m"
echo -e "\033[36m****************防火墙状态******************\033[0m"
if [[ $centosVersion = 7 ]];then
systemctl status firewalld >/dev/null 2>&1
status=$?
if [ $status -eq 0 ];then
s="active"
elif [ $status -eq 3 ];then
s="inactive"
elif [ $status -eq 4 ];then
s="permission denied"
else
s="unknown"
fi
else
s="$(getState iptables)"
fi
echo "firewalld: $s"
echo ""
echo -e "\033[36m****************防火墙配置******************\033[0m"
cat /etc/sysconfig/firewalld 2>/dev/null
}
function getSNMPStatus(){
#SNMP服务状态,配置等
echo ""
echo -e "\033[33m***********************************************SNMP检查*********************************************************\033[0m"
status="$(getState snmpd)"
echo "SNMP服务状态:$status"
echo ""
if [ -e /etc/snmp/snmpd.conf ];then
echo "/etc/snmp/snmpd.conf"
echo "--------------------"
cat /etc/snmp/snmpd.conf 2>/dev/null | grep -v "^#" | sed '/^$/d'
fi
}
function getState(){
if [[ $centosVersion < 7 ]];then
if [ -e "/etc/init.d/$1" ];then
if [ `/etc/init.d/$1 status 2>/dev/null | grep -E "is running|正在运行" | wc -l` -ge 1 ];then
r="active"
else
r="inactive"
fi
else
r="unknown"
fi
else
#CentOS 7+
r="$(systemctl is-active $1 2>&1)"
fi
echo "$r"
}
function getSSHStatus(){
#SSHD服务状态,配置,受信任主机等
echo ""
echo -e "\033[33m************************************************SSH检查*********************************************************\033[0m"
#检查受信任主机
pwdfile="$(cat /etc/passwd)"
echo "SSH服务状态:$(getState sshd)"
Protocol_Version=$(cat /etc/ssh/sshd_config | grep Protocol | awk '{print $2}')
echo "SSH协议版本:$Protocol_Version"
echo ""
echo -e "\033[36m****************信任主机******************\033[0m"
authorized=0
for user in $(echo "$pwdfile" | grep /bin/bash | awk -F: '{print $1}');do
authorize_file=$(echo "$pwdfile" | grep -w $user | awk -F: '{printf $6"/.ssh/authorized_keys"}')
authorized_host=$(cat $authorize_file 2>/dev/null | awk '{print $3}' | tr '\n' ',' | sed 's/,$//')
if [ ! -z $authorized_host ];then
echo "$user 授权 \"$authorized_host\" 无密码访问"
fi
let authorized=authorized+$(cat $authorize_file 2>/dev/null | awk '{print $3}'|wc -l)
done
echo ""
echo -e "\033[36m*******是否允许ROOT远程登录***************\033[0m"
config=$(cat /etc/ssh/sshd_config | grep PermitRootLogin)
firstChar=${config:0:1}
if [ $firstChar == "#" ];then
PermitRootLogin="yes"
else
PermitRootLogin=$(echo $config | awk '{print $2}')
fi
echo "PermitRootLogin $PermitRootLogin"
echo ""
echo -e "\033[36m*************ssh服务配置******************\033[0m"
cat /etc/ssh/sshd_config | grep -v "^#" | sed '/^$/d'
}
function getNTPStatus(){
#NTP服务状态,当前时间,配置等
echo ""
echo -e "\033[33m***********************************************NTP检查**********************************************************\033[0m"
if [ -e /etc/ntp.conf ];then
echo "NTP服务状态:$(getState ntpd)"
echo ""
echo -e "\033[36m*************NTP服务配置******************\033[0m"
cat /etc/ntp.conf 2>/dev/null | grep -v "^#" | sed '/^$/d'
fi
}
function check(){
version
getSystemStatus
get_resource
getCpuStatus
getMemStatus
getDiskStatus
getNetworkStatus
getListenStatus
getProcessStatus
getServiceStatus
getAutoStartStatus
getLoginStatus
getCronStatus
getUserStatus
getPasswordStatus
getSudoersStatus
getFirewallStatus
getSSHStatus
getSyslogStatus
getSNMPStatus
getNTPStatus
getInstalledStatus
}
#执行检查并保存检查结果
check > $RESULTFILE
echo -e "\033[44;37m 主机巡检结果存放在:$RESULTFILE \033[0m"
#上传检查结果的文件
#curl -F "filename=@$RESULTFILE" "$uploadHostDailyCheckApi" 2>/dev/null
cat $RESULTFILE
执行脚本结果:
[2020-11-10-14:54:03] >>> HNGC-SVR-QCCBigDataSvr-Dev1 主机巡检
****************************************************系统检查****************************************************
系统:GNU/Linux
发行版本:CentOS Linux release 7.4.1708 (Core)
内核:3.10.0-693.el7.x86_64
主机名:HNGC-SVR-QCCBigDataSvr-Dev1
SELinux:disabled
语言/编码:zh_CN.UTF-8
当前时间:2020-11-10 14:54:04
最后启动:2020-02-06 23:35
运行时间:277 days
**************************************************资源消耗统计**************************************************
*************带宽资源消耗统计*************
In_Speed_average: 0 Mbps Out_Speed_average: 0 Mbps!
In_Speed_average: 0 Mbps Out_Speed_average: 0 Mbps!
*************CPU资源消耗统计*************
Total CPU is already use: 3.20%!
*************磁盘资源消耗统计*************
Total disk has used: 07.82%
/目录使用率:91%
[Error]以上目录使用率超过85%,请及时处理!
*************内存资源消耗统计*************
system memery is already use: 92.70%
actual memery is already use: 97.69%
buffer is already used : 1869 M
cache is already used : 1132 M
****************************************************CPU检查*****************************************************
物理CPU个数:4
逻辑CPU个数:4
每CPU核心数:1
CPU型号:Intel(R) Xeon(R) CPU E7-4809 v4 @ 2.10GHz
CPU架构:x86_64
**************************************************内存检查*****************************************************
total used free shared buff/cache available
Mem: 31G 28G 466M 734M 1.8G 1.1G
Swap: 31G 9.4G 22G
**************************************************磁盘检查******************************************************
文件系统 类型 | 容量 已用 可用 已用% | Inode 已用(I) 可用(I) 已用(I)% | 挂载点
/dev/mapper/centos-root xfs | 50G 46G 4.9G 91% | 10M 281K 9.8M 3% | /
devtmpfs devtmpfs | 16G 0 16G 0% | 4.0M 371 4.0M 1% | /dev
tmpfs tmpfs | 16G 0 16G 0% | 4.0M 1 4.0M 1% | /dev/shm
tmpfs tmpfs | 16G 0 16G 0% | 4.0M 670 4.0M 1% | /run
tmpfs tmpfs | 16G 0 16G 0% | 4.0M 16 4.0M 1% | /sys/fs/cgroup
tmpfs tmpfs | 16G 1.6G 15G 10% | 4.0M 1 4.0M 1% | /dev/shm
tmpfs tmpfs | 16G 1.6G 15G 10% | 4.0M 670 4.0M 1% | /run
tmpfs tmpfs | 16G 1.6G 15G 10% | 4.0M 16 4.0M 1% | /sys/fs/cgroup
tmpfs tmpfs | 16G 0 16G 0% | 4.0M 1 4.0M 1% | /dev/shm
tmpfs tmpfs | 16G 0 16G 0% | 4.0M 670 4.0M 1% | /run
tmpfs tmpfs | 16G 0 16G 0% | 4.0M 16 4.0M 1% | /sys/fs/cgroup
/dev/sda1 xfs | 1014M 179M 836M 18% | 512K 328 512K 1% | /boot
/dev/mapper/centos-home xfs | 518G 3.7G 514G 1% | 259M 591 259M 1% | /home
tmpfs tmpfs | 3.2G 0 3.2G 0% | 4.0M 1 4.0M 1% | /run/user/0
cm_processes tmpfs | 16G 405M 16G 3% | 4.0M 3.1K 4.0M 1% | /opt/cm-5.16.1/run/cloudera-scm-agent/process
************************************************网络检查********************************************************
ens192: 10.213.120.12/24
virbr0: 192.168.122.1/24
virbr0-nic:
网关:10.213.120.254
DNS:10.213.103.1
网络连接:正常!
***********************************************监听检查********************************************************
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 *:5353 *:*
udp UNCONN 0 0 *:55432 *:*
udp UNCONN 0 0 192.168.122.1:53 *:*
udp UNCONN 0 0 * %virbr0:67 *:*
udp UNCONN 0 0 *:111 *:*
udp UNCONN 0 0 127.0.0.1:323 *:*
udp UNCONN 0 0 *:724 *:*
udp UNCONN 0 0 :::111 :::*
udp UNCONN 0 0 ::1:323 :::*
udp UNCONN 0 0 :::724 :::*
tcp LISTEN 0 50 *:7180 *:*
tcp LISTEN 0 128 *:9100 *:*
tcp LISTEN 0 50 *:7182 *:*
tcp LISTEN 0 128 *:111 *:*
tcp LISTEN 0 5 192.168.122.1:53 *:*
tcp LISTEN 0 128 *:22 *:*
tcp LISTEN 0 128 127.0.0.1:631 *:*
tcp LISTEN 0 100 127.0.0.1:25 *:*
tcp LISTEN 0 100 :::10251 :::*
tcp LISTEN 0 100 :::9036 :::*
tcp LISTEN 0 100 :::10221 :::*
tcp LISTEN 0 128 :::5678 :::*
tcp LISTEN 0 128 :::111 :::*
tcp LISTEN 0 100 :::9040 :::*
tcp LISTEN 0 128 ::ffff:10.213.120.12:9200 :::*
tcp LISTEN 0 100 :::9042 :::*
tcp LISTEN 0 100 :::9044 :::*
tcp LISTEN 0 100 :::10228 :::*
tcp LISTEN 0 128 ::ffff:10.213.120.12:9300 :::*
tcp LISTEN 0 100 :::10229 :::*
tcp LISTEN 0 128 :::22 :::*
tcp LISTEN 0 100 :::9015 :::*
tcp LISTEN 0 128 ::1:631 :::*
tcp LISTEN 0 100 :::9016 :::*
tcp LISTEN 0 100 :::10232 :::*
tcp LISTEN 0 100 :::19032 :::*
tcp LISTEN 0 128 :::3000 :::*
tcp LISTEN 0 100 :::9017 :::*
tcp LISTEN 0 128 :::3001 :::*
tcp LISTEN 0 100 ::1:25 :::*
tcp LISTEN 0 100 :::9050 :::*
tcp LISTEN 0 100 :::10170 :::*
tcp LISTEN 0 100 :::10171 :::*
tcp LISTEN 0 100 :::9051 :::*
tcp LISTEN 0 100 :::10236 :::*
tcp LISTEN 0 100 :::9085 :::*
tcp LISTEN 0 100 :::10240 :::*
tcp LISTEN 0 100 :::10244 :::*
tcp LISTEN 0 100 :::9030 :::*
tcp LISTEN 0 100 :::9032 :::*
tcp LISTEN 0 100 :::19050 :::*
*************************************************进程检查*******************************************************
************CPU占用TOP 10进程*************
用户 进程ID %CPU 命令
root 14664 21.9 /opt/jdk1.8.0_171/bin/java
root 16429 9.3 /opt/jdk1.8.0_171/bin/java
root 17862 5.5 /opt/jdk1.8.0_171/bin/java
root 11472 1.4 /opt/jdk1.8.0_171/bin/java
root 26368 1.3 /opt/jdk1.8.0_171/bin/java
root 11562 1.2 /opt/jdk1.8.0_171/bin/java
root 21121 1.2 /opt/jdk1.8.0_171/bin/java
root 13636 1.0 /opt/jdk1.8.0_171/bin/java
root 21461 1.0 /opt/jdk1.8.0_171/bin/java
root 30492 1.0 /opt/jdk1.8.0_171/bin/java
************内存占用TOP 10进程*************
用户 进程ID %MEM 虚拟内存 常驻内存 命令
root 14664 14.0 12573116 4607916 /opt/jdk1.8.0_171/bin/java
root 13636 9.8 12471352 3226696 /opt/jdk1.8.0_171/bin/java
root 22620 9.6 12197124 3150712 /opt/jdk1.8.0_171/bin/java
root 21461 9.4 12501464 3087064 /opt/jdk1.8.0_171/bin/java
root 11562 8.9 12517112 2919068 /opt/jdk1.8.0_171/bin/java
root 13295 8.9 12260592 2920060 /opt/jdk1.8.0_171/bin/java
root 16429 8.8 12394604 2897728 /opt/jdk1.8.0_171/bin/java
root 11472 7.0 12676872 2326028 /opt/jdk1.8.0_171/bin/java
root 21121 5.6 12233884 1865844 /opt/jdk1.8.0_171/bin/java
root 17862 3.6 6004648 1208716 /opt/jdk1.8.0_171/bin/java
*************************************************服务检查*******************************************************
******************服务配置******************
abrt-ccpp.service enabled
abrt-oops.service enabled
abrt-vmcore.service enabled
abrt-xorg.service enabled
abrtd.service enabled
accounts-daemon.service enabled
atd.service enabled
auditd.service enabled
autovt@.service enabled
avahi-daemon.service enabled
bluetooth.service enabled
chronyd.service enabled
crond.service enabled
cups.service enabled
dbus-org.bluez.service enabled
dbus-org.freedesktop.Avahi.service enabled
dbus-org.freedesktop.ModemManager1.service enabled
dbus-org.freedesktop.NetworkManager.service enabled
dbus-org.freedesktop.nm-dispatcher.service enabled
display-manager.service enabled
dmraid-activation.service enabled
gdm.service enabled
getty@.service enabled
irqbalance.service enabled
iscsi.service enabled
kdump.service enabled
ksm.service enabled
ksmtuned.service enabled
libstoragemgmt.service enabled
libvirtd.service enabled
lvm2-monitor.service enabled
mcelog.service enabled
mdmonitor.service enabled
microcode.service enabled
ModemManager.service enabled
multipathd.service enabled
NetworkManager-dispatcher.service enabled
NetworkManager.service enabled
postfix.service enabled
qemu-guest-agent.service enabled
rngd.service enabled
rsyslog.service enabled
rtkit-daemon.service enabled
smartd.service enabled
spice-vdagentd.service enabled
sshd.service enabled
sysstat.service enabled
systemd-readahead-collect.service enabled
systemd-readahead-drop.service enabled
systemd-readahead-replay.service enabled
tuned.service enabled
vgauthd.service enabled
vmtoolsd.service enabled
**************正在运行的服务****************
abrt-oops.service loaded active running ABRT kernel log watcher
abrt-xorg.service loaded active running ABRT Xorg log watcher
abrtd.service loaded active running ABRT Automated Bug Reporting Tool
alsa-state.service loaded active running Manage Sound Card State (restore and store)
atd.service loaded active running Job spooling tools
auditd.service loaded active running Security Auditing Service
avahi-daemon.service loaded active running Avahi mDNS/DNS-SD Stack
chronyd.service loaded active running NTP client/server
crond.service loaded active running Command Scheduler
cups.service loaded active running CUPS Printing Service
dbus.service loaded active running D-Bus System Message Bus
getty@tty1.service loaded active running Getty on tty1
gssproxy.service loaded active running GSSAPI Proxy Daemon
irqbalance.service loaded active running irqbalance daemon
ksmtuned.service loaded active running Kernel Samepage Merging (KSM) Tuning Daemon
libstoragemgmt.service loaded active running libstoragemgmt plug-in server daemon
libvirtd.service loaded active running Virtualization daemon
lvm2-lvmetad.service loaded active running LVM2 metadata daemon
mcelog.service loaded active running Machine Check Exception Logging Daemon
ModemManager.service loaded active running Modem Manager
NetworkManager.service loaded active running Network Manager
packagekit.service loaded active running PackageKit Daemon
polkit.service loaded active running Authorization Manager
postfix.service loaded active running Postfix Mail Transport Agent
rngd.service loaded active running Hardware RNG Entropy Gatherer Daemon
rpcbind.service loaded active running RPC bind service
rsyslog.service loaded active running System Logging Service
smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon
sshd.service loaded active running OpenSSH server daemon
systemd-journald.service loaded active running Journal Service
systemd-logind.service loaded active running Login Service
systemd-udevd.service loaded active running udev Kernel Device Manager
tuned.service loaded active running Dynamic System Tuning Daemon
vgauthd.service loaded active running VGAuth Service for open-vm-tools
vmtoolsd.service loaded active running Service for virtual machines hosted on VMware
***********************************************自启动检查*******************************************************
****************自启动命令*****************
touch /var/lock/subsys/local
echo never > /sys/kernel/mm/transparent_hugepage/defrag
echo never > /sys/kernel/mm/transparent_hugepage/enabled
************************************************登录检查********************************************************
**********************************************计划任务检查******************************************************
************root用户的定时任务**************
@reboot /opt/mysql/support-files/mysql.server start
@reboot /opt/cm-5.16.1/etc/init.d/cloudera-scm-server start
@reboot /opt/cm-5.16.1/etc/init.d/cloudera-scm-agent start
*************************************************用户检查*******************************************************
/etc/passwd: (最近更改:2019-04-22 21:56:57.498721360 +0800
0 天 14 小时前)
******************特权用户******************
root
******************用户列表******************
用户名 UID GID HOME SHELL 最后一次登录
root 0 0 /root /bin/bash
hngc 1000 1000 /home/hngc /bin/bash
mysql 1001 1001 /home/mysql /bin/bash
hdfs 989 983 /var/lib/hadoop-hdfs /bin/bash
llama 986 980 /var/lib/llama /bin/bash
httpfs 985 979 /var/lib/hadoop-httpfs /bin/bash
mapred 984 978 /var/lib/hadoop-mapreduce /bin/bash
yarn 982 976 /var/lib/hadoop-yarn /bin/bash
kms 981 975 /var/lib/hadoop-kms /bin/bash
impala 974 968 /var/lib/impala /bin/bash
es 1002 1002 /home/es /bin/bash
******************空密码用户****************
mysql
hdfs
llama
httpfs
mapred
yarn
kms
impala
es
*****************相同ID用户*****************
*************************************************密码检查*******************************************************
****************密码过期检查****************
root 0天后过期
hngc 0天后过期
mysql 0天后过期
hdfs 0天后过期
llama 0天后过期
httpfs 0天后过期
mapred 0天后过期
yarn 0天后过期
kms 0天后过期
impala 0天后过期
es 0天后过期
****************密码策略检查****************
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
PASS_WARN_AGE 7
**********************************************Sudoers检查*******************************************************
root ALL=(ALL) ALL
%wheel ALL=(ALL) ALL
***********************************************防火墙检查*******************************************************
****************防火墙状态******************
firewalld: inactive
****************防火墙配置******************
# firewalld command line args
# possible values: --debug
FIREWALLD_ARGS=
************************************************SSH检查*********************************************************
SSH服务状态:active
SSH协议版本:
****************信任主机******************
*******是否允许ROOT远程登录***************
PermitRootLogin yes
*************ssh服务配置******************
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
SyslogFacility AUTHPRIV
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication yes
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials no
UsePAM yes
X11Forwarding yes
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS
Subsystem sftp /usr/libexec/openssh/sftp-server
***********************************************syslog检查*******************************************************
SYSLOG服务状态:active
***************rsyslog配置******************
*.info;mail.none;authpriv.none;cron.none /var/log/messages
authpriv.* /var/log/secure
mail.* -/var/log/maillog
cron.* /var/log/cron
*.emerg :omusrmsg:*
uucp,news.crit /var/log/spooler
local7.* /var/log/boot.log
***********************************************SNMP检查*********************************************************
SNMP服务状态:unknown
***********************************************NTP检查**********************************************************
*************************************************软件检查*******************************************************
git-1.8.3.1-23.el7_8.x86_64 2020年07月03日 星期五 23时04分12秒
perl-Git-1.8.3.1-23.el7_8.noarch 2020年07月03日 星期五 23时04分09秒
gpg-pubkey-f4a80eb5-53a7ff4b 2020年07月03日 星期五 23时04分01秒
kibana-6.0.0-1.x86_64 2019年04月22日 星期一 21时56分56秒
words-3.0-22.el7.noarch 2018年05月07日 星期一 11时32分42秒
iwl7265-firmware-22.0.7.0-56.el7.noarch 2018年05月07日 星期一 11时32分42秒
iwl6050-firmware-41.28.5.1-56.el7.noarch 2018年05月07日 星期一 11时32分42秒
iwl6000g2b-firmware-17.168.5.2-56.el7.noarch 2018年05月07日 星期一 11时32分42秒
iwl6000g2a-firmware-17.168.5.3-56.el7.noarch 2018年05月07日 星期一 11时32分42秒
iwl6000-firmware-9.221.4.1-56.el7.noarch 2018年05月07日 星期一 11时32分42秒
[root@HNGC-SVR-QCCBigDataSvr-Dev1 ~]#