操作系统是百度云提供的centos6.8
感觉是虚拟机管理的软件,里面有很多collectdctl collectd-nagios collectd-tg utils_vl_lookup_test 监控程序
/opt/bcm-agent/var/lib/bcm-agent/bcm-agent.upgrader –update-url=http://download.bcm.baidubce.com/packages/collectd-x86_64.sh –signature-url=http://download.bcm.baidubce.com/packages/collectd-x86_64.sh.sig –certificate=/opt/bcm-agent/var/lib/bcm-agent/cert.pem /opt/bcm-agent/var/lib/bcm-agent/collectd-x86_64.sh
这个应该是安全监控的
/opt/hosteye/bin/hosteye
好像是做了一些系统日志监控
/opt/hss/bin/hsa
opt/hss/bin/hsa.upgrader –update-url=http://download.bcm.baidubce.com/packages/hsa –signature-url=http://download.bcm.baidubce.com/packages/hsa.sig –certificate=/opt/hss/lib/cert.pem –max-executable-size=104857600 /opt/hss/bin/hsa
avalokita(未知,后续有分析) bcm-agent hosteye hss rh
init─┬─NetworkManager─┬─dhclient
│ └─{NetworkManager}
├─abrtd
├─acpid
├─agetty
├─atd
├─auditd───{auditd}
├─bcm-agent.upgra───collectd───10*[{collectd}]
├─console-kit-dae───63*[{console-kit-da}]
├─crond
├─dbus-daemon
├─hald─┬─hald-runner─┬─hald-addon-acpi
│ │ └─hald-addon-inpu
│ └─{hald}
├─hosteye─┬─hosteye───15*[{hosteye}]
│ └─{hosteye}
├─hsa.upgrader───hsa───5*[{hsa}]
├─irqbalance
├─login───bash
├─5*[mingetty]
├─modem-manager
├─ntpd
├─rsyslogd───3*[{rsyslogd}]
├─sshd───sshd───bash───bash───pstree
├─turnserver───6*[{turnserver}]
├─udevd───2*[udevd]
└─wpa_supplicant
Usage: avalokita [options] command_path [command options]
Options:
–restart-interval [seconds]
Interval of command restart. Can not less than 1. Default is 1.
–update-interval [seconds]
Interval of update URL check. Can not less than 1. Default is 300.
–update-url [URL]
Automatically fetch the newest version executable of the command from URL
and restart the command. This implies the argument --signature-url will
get a default value [URL + ".sig"] if --signature-url was not specified.
Thus, use --update-url without --signature-url is impossible.
–signature-url [URL]
Signature file for verify the executable which fetched from --update-url.
The certificate is specify by --certificate. Default is the URL specified
by --update-url and append ".sig".
The signature file was in PKCS#7 encoding and PEM format.
–certificate [filename]
Certificate(in PEM format) used for verify the signature. If this argument
absent, --signature-url and --update-url is ignored.
–max-executable-size [size]
The maximum executable size. If beyond the size, download will failed.
Default is 10485760(10MiB).
–file-lock [filename]
Singletonize the daemon by a file lock. If the file lock is locked, the
daemon will exit immediately. Default is "./daemon.pid".
–stdout-file [filename]
Redirect command's stdout to a file. Default is "./daemon.stdout.log".
–stderr-file [filename]
Redirect command's stderr to a file. Default is "./daemon.stderr.log".
–help
Print usage.
–version
Print version number.
Signals:
SIGTERM
kill command at first(first SIGTERM, then SIGKILL if command not exit in
several seconds), then quit.
SIGINT
just kill command(SIGTERM, after several seconds then SIGKILL), then
avalokita will run the command again.