江苏龙网

  1. 主页 > 生活百科 > >

Linux 系统日常巡检脚本( 三 )

巡检脚本

< 7 ]];then/etc/init.d/iptables status >/dev/null 2>&1status=$?if [ $status -eq 0 ];thens="active"elif [ $status -eq 3 ];thens="inactive"elif [ $status -eq 4 ];thens="permission denied"elses="unknown"fielses="$(getState iptables)"fiecho "iptables: $s"echo ""echo "/etc/sysconfig/iptables"echo "-----------------------"cat /etc/sysconfig/iptables 2>/dev/null#报表信息report_Firewall="$s"}function getSNMPStatus(){#SNMP服务状态 , 配置等echo ""echo ""echo "############################ SNMP检查 ############################"status="$(getState snmpd)"echo "服务状态:$status"echo ""if [ -e /etc/snmp/snmpd.conf ];thenecho "/etc/snmp/snmpd.conf"echo "--------------------"cat /etc/snmp/snmpd.conf 2>/dev/null | grep -v "^#" | sed '/^$/d'fi#报表信息report_SNMP="$(getState snmpd)"}function getState(){if [[ $centosVersion < 7 ]];thenif [ -e "/etc/init.d/$1" ];thenif [ `/etc/init.d/$1 status 2>/dev/null | grep -E "is running|正在运行" | wc -l` -ge 1 ];thenr="active"elser="inactive"fielser="unknown"fielse#CentOS 7+r="$(systemctl is-active $1 2>&1)"fiecho "$r"}function getSSHStatus(){#SSHD服务状态 , 配置,受信任主机等echo ""echo ""echo "############################ SSH检查 #############################"#检查受信任主机pwdfile="$(cat /etc/passwd)"echo "服务状态:$(getState sshd)"Protocol_Version=$(cat /etc/ssh/sshd_config | grep Protocol | awk '{print $2}')echo "SSH协议版本:$Protocol_Version"echo ""echo "信任主机"echo "--------"authorized=0for user in $(echo "$pwdfile" | grep /bin/bash | awk -F: '{print $1}');doauthorize_file=$(echo "$pwdfile" | grep -w $user | awk -F: '{printf $6"/.ssh/authorized_keys"}')authorized_host=$(cat $authorize_file 2>/dev/null | awk '{print $3}' | tr 'n' ',' | sed 's/,$//')if [ ! -z $authorized_host ];thenecho "$user 授权 "$authorized_host" 无密码访问"filet authorized=authorized+$(cat $authorize_file 2>/dev/null | awk '{print $3}'|wc -l)doneecho ""echo "是否允许ROOT远程登录"echo "--------------------"config=$(cat /etc/ssh/sshd_config | grep PermitRootLogin)firstChar=${config:0:1}if [ $firstChar == "#" ];thenPermitRootLogin="yes" #默认是允许ROOT远程登录的elsePermitRootLogin=$(echo $config | awk '{print $2}')fiecho "PermitRootLogin $PermitRootLogin"echo ""echo "/etc/ssh/sshd_config"echo "--------------------"cat /etc/ssh/sshd_config | grep -v "^#" | sed '/^$/d'#报表信息report_SSHAuthorized="$authorized" #SSH信任主机report_SSHDProtocolVersion="$Protocol_Version" #SSH协议版本report_SSHDPermitRootLogin="$PermitRootLogin" #允许root远程登录}function getNTPStatus(){#NTP服务状态 , 当前时间 , 配置等echo ""echo ""echo "############################ NTP检查 #############################"if [ -e /etc/ntp.conf ];thenecho "服务状态:$(getState ntpd)"echo ""echo "/etc/ntp.conf"echo "-------------"cat /etc/ntp.conf 2>/dev/null | grep -v "^#" | sed '/^$/d'fi#报表信息report_NTP="$(getState ntpd)"}function uploadHostDailyCheckReport(){json="{"DateTime":"$report_DateTime","Hostname":"$report_Hostname","OSRelease":"$report_OSRelease","Kernel":"$report_Kernel","Language":"$report_Language","LastReboot":"$report_LastReboot","Uptime":"$report_Uptime","CPUs":"$report_CPUs","CPUType":"$report_CPUType","Arch":"$report_Arch","MemTotal":"$report_MemTotal","MemFree":"$report_MemFree","MemUsedPercent":"$report_MemUsedPercent","DiskTotal":"$report_DiskTotal","DiskFree":"$report_DiskFree","DiskUsedPercent":"$report_DiskUsedPercent","InodeTotal":"$report_InodeTotal","InodeFree":"$report_InodeFree","InodeUsedPercent":"$report_InodeUsedPercent","IP":"$report_IP","MAC":"$report_MAC","Gateway":"$report_Gateway","DNS":"$report_DNS","Listen":"$report_Listen","Selinux":"$report_Selinux","Firewall":"$report_Firewall","USERs":"$report_USERs","USEREmptyPassword":"$report_USEREmptyPassword","USERTheSameUID":"$report_USERTheSameUID","PasswordExpiry":"$report_PasswordExpiry","RootUser":"$report_RootUser","Sudoers":"$report_Sudoers","SSHAuthorized":"$report_SSHAuthorized","SSHDProtocolVersion":"$report_SSHDProtocolVersion","SSHDPermitRootLogin":"$report_SSHDPermitRootLogin","DefunctProsess":"$report_DefunctProsess","SelfInitiatedService":"$report_SelfInitiatedService","SelfInitiatedProgram":"$report_SelfInitiatedProgram","RuningService":"$report_RuningService","Crontab":"$report_Crontab","Syslog":"$report_Syslog","SNMP":"$report_SNMP","NTP":"$report_NTP","JDK":"$report_JDK"}"#echo "$json" curl -l -H "Content-type: Application/json" -X POST -d "$json" "$uploadHostDailyCheckReportApi" 2>/dev/null}function getchage_file_24h(){echo "############################ 文件检查 #############################"check2=$(find / -name '*.sh' -mtime -1)check21=$(find / -name '*.asp' -mtime -1)check22=$(find / -name '*.php' -mtime -1)check23=$(find / -name '*.aspx' -mtime -1)check24=$(find / -name '*.jsp' -mtime -1)check25=$(find / -name '*.html' -mtime -1)check26=$(find / -name '*.htm' -mtime -1)check9=$(find / -name core -exec ls -l {} ;)check10=$(cat /etc/crontab)check12=$(ls -alt /usr/bin | head -10)cat < $RESULTFILEecho "检查结果:$RESULTFILE"echo -e "`date "+%Y-%m-%d %H:%M:%S"` 阿里云PHP企业平台巡检报告"| mail -a $RESULTFILE -s "阿里云PHP企业平台巡检报告" h@163.comEND


推荐阅读


上一篇:Notifier 一文搞懂Linux内核通知链

下一篇:Windows查看端口占用、查看PID对应的进程、并终止进程