22 - awk基础应用案例

监控操作系统信息

  • 过滤内存信息
$ free
              total        used        free      shared  buff/cache   available
Mem:        3880248      338340     3145052        8780      396856     3317340
Swap:       3145724           0     3145724

$ free | awk '{print $7}'

3316936


$ free | awk '{print $NF}'
available
3317060
3145724

$ free | grep Mem | awk '{print $NF}'
3317168
  • 过滤磁盘信息
$ df
Filesystem              1K-blocks    Used Available Use% Mounted on
devtmpfs                  1928176       0   1928176   0% /dev
tmpfs                     1940124       0   1940124   0% /dev/shm
tmpfs                     1940124    8780   1931344   1% /run
tmpfs                     1940124       0   1940124   0% /sys/fs/cgroup
/dev/mapper/centos-root  27245572 6279508  20966064  24% /
/dev/sda1                 1038336  153444    884892  15% /boot
tmpfs                      388028       0    388028   0% /run/user/1000

$ df | grep "\/$" | awk '{print $4}'
20966064
  • 过滤CPU信息
$ LANG=C lscpu #避免输出中含有中文,临时切成英文
Architecture:          x86_64
CPU op-mode(s):        32-bit, 64-bit
Byte Order:            Little Endian
CPU(s):                2
On-line CPU(s) list:   0,1
Thread(s) per core:    1
Core(s) per socket:    2
Socket(s):             1
NUMA node(s):          1
Vendor ID:             GenuineIntel
CPU family:            6
Model:                 70
Model name:            Intel(R) Core(TM) i7-4770HQ CPU @ 2.20GHz
Stepping:              1
CPU MHz:               2194.918
BogoMIPS:              4389.83
Hypervisor vendor:     KVM
Virtualization type:   full
L1d cache:             32K
L1i cache:             32K
L2 cache:              256K
L3 cache:              6144K
L4 cache:              131072K
NUMA node0 CPU(s):     0,1
Flags:                 fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc eagerfpu pni pclmulqdq ssse3 cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx rdrand hypervisor lahf_lm abm invpcid_single fsgsbase avx2 invpcid md_clear flush_l1d

$ LANG=C lscpu | grep "Model name" | awk -F: '{print $2}'
            Intel(R) Core(TM) i7-4770HQ CPU @ 2.20GHz

$ LANG=C lscpu | grep "^CPU(s)" | awk -F: '{print $2}'
                2

$ uptime
 05:25:52 up  7:19,  2 users,  load average: 0.00, 0.01, 0.05

$ uptime | awk '{print $NF}'
0.05
  • 过滤网卡流量
$ ifconfig enp0s3
enp0s3: flags=4163  mtu 1500
        inet 192.168.0.125  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::6cbd:44ca:6298:e935  prefixlen 64  scopeid 0x20
        ether 08:00:27:4b:d3:af  txqueuelen 1000  (Ethernet)
        RX packets 14732  bytes 1384112 (1.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 8591  bytes 1365657 (1.3 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

$ ifconfig enp0s3 | grep "RX p" | awk '{print "进站流量为:"$5"字节"}'
进站流量为:1402349字节

$ ifconfig enp0s3 | grep "TX p" | awk '{print "出站流量为:"$5"字节"}'
出站流量为:1379797字节
  • 监控暴力破解的IP地址
# grep "Failed" /var/log/secure
Mar 22 05:30:26 localhost sudo:   caowg : TTY=pts/0 ; PWD=/home/caowg/shell/day05 ; USER=root ; COMMAND=/bin/grep Failed /var/log/secure
Mar 22 05:32:21 localhost sshd[2960]: Failed password for caowg from 192.168.0.155 port 65479 ssh2
Mar 22 05:32:25 localhost sshd[2960]: Failed password for caowg from 192.168.0.155 port 65479 ssh2

# grep "Failed" /var/log/secure | awk '{print $11}'
;
192.168.0.155
192.168.0.155

小结

  • 本文通过awk的灵活能力,展示了如何使用awk来对服务器进行基础监控
    • 过滤内存信息
    • 过滤硬盘信息
    • 过滤CPU信息
    • 过滤网卡信息
    • 过滤日志数据
  • 希望对你能有所帮助,谢谢

你可能感兴趣的:(22 - awk基础应用案例)