该Shell脚本旨在针对大量Linux服务器的巡检提供一种相对自动化的解决方案。脚本组成有三部分:shellsh.sh、checksh.sh、file.txt;这三个文件需放在一个文件夹下以root权限执行,缺一不可。
将要巡检的服务器的IP地址和对应的密码全部放入file.txt中保存,每行一个IP对应一个密码即可。然后用如下命令运行:
#./ shellsh.sh file.txt192.168.182.143 123456
其中file.txt可以更换文件名,192.168.182.143为你想保存巡检日志的到哪个服务器的服务器IP,123456为该服务器的密码。
运行完后会在192.168.182.143服务器的/tmp目录下升成一个目录,即:GatherLogDirectory这个目录下即存放的是被巡检的服务器的巡检日志,这些日志以被巡检的服务器的IP命名,形如:192.168.182.146.log。在被巡检的服务器上会升成两个目录即:CheckScript、 LocalServerLogDirectory;其中CheckScript中是checksh.sh脚本,LocalServerLogDirectory中存放的是checksh.sh在该服务器上运行后升成的日志。
我只在虚拟机上的三台Linux系统上测试过,分别是Ubuntu、RedHat、Kali。运行正常,平均巡检一个服务器花费3分钟。
shellsh.sh:
#!/bin/bash login_info=$1 gather_server_ip=$2 gather_server_password=$3 grep_ip=`ifconfig | grep '\([[:digit:]]\{1,3\}\.\)\{3\}[[:digit:]]\{1,3\}' --color=auto -o | sed -e '2,5d'` GatherPath="/tmp/GatherLogDirectory" CheckScriptPath="/tmp/CheckScript" if [ $# -ne 3 ]; then echo -e "Parameters if fault!\n" echo -e "Please using:$0 login_info gather_server_ip\n" echo -e "For example: $0 IpAndPassword.txt $grep_ip\n" exit; fi if [ ! -x "$GatherPath" ];then mkdir "$GatherPath" echo -e "The log's path is: $GatherPath" fi cat $login_info | while read line do server_ip=`echo $line|awk '{print $1}'` server_password=`echo $line|awk '{print $2}'` login_server_command="ssh -o StrictHostKeyChecking=no root@$server_ip" scp_gather_server_checksh="scp checksh.sh root@$server_ip:$CheckScriptPath" /usr/bin/expect<<EOF set timeout 20 spawn $login_server_command expect { "*yes/no" { send "yes\r"; exp_continue } "*password:" { send "$server_password\r" } } expect "Permission denied, please try again." {exit} expect "#" { send "mkdir $CheckScriptPath\r"} expect eof exit EOF /usr/bin/expect<<EOF set timeout 20 spawn $scp_gather_server_checksh expect { "*yes/no" { send "yes\r"; exp_continue } "*password:" { send "$server_password\r" } } expect "Permission denied, please try again." {exit} expect "Connection refused" {exit} expect "100%" expect eof exit EOF /usr/bin/expect<<EOF set timeout 60 spawn $login_server_command expect { "*yes/no" { send "yes\r"; exp_continue } "*password:" { send "$server_password\r" } } expect "Permission denied, please try again." {exit} expect "#" { send "cd $CheckScriptPath;./checksh.sh $gather_server_ip $gather_server_password\r"} expect eof exit EOF done
checksh.sh
#!/bin/bash ######################################################################################## #Function: #This script checks the system's information,disks's information,performance,etc...of the #server # #Author: #By Jack Wang # #Company: #ShaanXi Great Wall Information Co.,Ltd. ######################################################################################## ######################################################################################## # #GatherServerIpAddress is the server's IP address that gather the checking log #GatherServerPassword is the server's IP address that gather the checking log # ######################################################################################## GatherServerIpAddress=$1 GatherServerPassword=$2 ######################################################################################## #GetTheIpCommand is a command that you can get the IP address ######################################################################################## GetTheIpCommand=`ifconfig | grep '\([[:digit:]]\{1,3\}\.\)\{3\}[[:digit:]]\{1,3\}' --color=auto -o | sed -e '2,5d'` ######################################################################################## #LogName is a command that Your logs'name ######################################################################################## LogName=`ifconfig|grep '\([[:digit:]]\{1,3\}\.\)\{3\}[[:digit:]]\{1,3\}' --color=auto -o|sed -e '2,5d'``echo "-"``date +%Y%M%d` ######################################################################################## # #GatherLogPath is a path that collecting log path #LocalServerLogPath is local log path # ######################################################################################## GatherServerLogPath="/tmp/GatherLogDirectory" LocalServerLogPath="/tmp/LocalServerLogDirectory" ######################################################################################## #LinuxOsInformation is function that usege to collect OS's information ######################################################################################## LinuxOsInformation(){ Hostname=`hostname` UnameA=`uname -a` OsVersion=`cat /etc/issue | sed '2,4d'` Uptime=`uptime|awk '{print $3}'|awk -F "," '{print $1}'` ServerIp=`ifconfig|grep "inet"|sed '2,4d'|awk -F ":" '{print $2}'|awk '{print $1}'` ServerNetMask=`ifconfig|grep "inet"|sed '2,4d'|awk -F ":" '{print $4}'|awk '{print $1}'` ServerGateWay=`netstat -r|grep "default"|awk '{print $2}'` SigleMemoryCapacity=`dmidecode|grep -P -A5 "Memory\s+Device"|grep "Size"|grep -v "Range"|grep '[0-9]'|awk -F ":" '{print $2}'|sed 's/^[ \t]*//g'` MaximumMemoryCapacity=`dmidecode -t 16|grep "Maximum Capacity"|awk -F ":" '{print $2}'|sed 's/^[ \t]*//g'` NumberOfMemorySlots=`dmidecode -t 16|grep "Number Of Devices"|awk -F ":" '{print $2}'|sed 's/^[ \t]*//g'` MemoryTotal=`cat /proc/meminfo|grep "MemTotal"|awk '{printf("MemTotal:%1.0fGB\n",$2/1024/1024)}'|awk -F ":" '{print $2}'` PhysicalMemoryNumber=`dmidecode|grep -A16 "Memory Device"|grep "Size:"|grep -v "No Module Installed"|grep -v "Range Size:"|wc -l` ProductName=`dmidecode|grep -A10 "System Information"|grep "Product Name"|awk -F ":" '{print $2}'|sed 's/^[ \t]*//g'` SystemCPUInfomation=`cat /proc/cpuinfo|grep "name"|cut -d: -f2|awk '{print "*"$1,$2,$3,$4}'|uniq -c|sed 's/^[ \t]*//g'` echo -e "Hostname|$Hostname\nUnamea|$UnameA\nOsVersion|$OsVersion\nUptime|$Uptime\nServerIp|$ServerIp\nServerNetMask|$ServerNetMask\nServerGateWay|$ServerGateWay\nSigleMemoryCapacity|$SigleMemoryCapacity\nMaximumMemoryCapacity|$MaximumMemoryCapacity\nNumberOfMemorySlots|$NumberOfMemorySlots\nMemoryTotal|$MemoryTotal\nPhysicalMemoryNumber|$PhysicalMemoryNumber\nProductName|$ProductName\nSystemCPUInformation|$SystemCPUInfomation" } PerformanceInfomation (){ CPUIdle=`top -d 2 -n 1 -b|grep C[Pp][Uu]|grep id|awk '{print $5}'|awk -F "%" '{print $1}'` CPUloadAverage=`top -d 2 -n 1 -b|grep "load average:"|awk -F ":" '{print $5}'|sed 's/^[ \t]*//g'` ProcessNumbers=`top -d 2 -n 1 -b|grep "Tasks"|awk -F "[: ,]" '{print $3}'` ProcessRunning=`top -d 2 -n 1 -b|grep "Tasks"|awk -F "[: ,]" '{print $8}'` ProcessSleeping=`top -d 2 -n 1 -b|grep "Tasks"|awk -F "[: ,]" '{print $11}'` ProcessStoping=`top -d 2 -n 1 -b|grep "Tasks"|awk -F "[: ,]" '{print $16}'` ProcessZombie=`top -d 2 -n 1 -b|grep "Tasks"|awk -F "[: ,]" '{print $21}'` UserSpaceCPU=`top -d 2 -n 1 -b|grep 'C[Pp][Uu]'|head -1|awk -F "[: ,%]" '{print $4}'` SystemSpaceCPU=`top -d 2 -n 1 -b|grep 'C[Pp][Uu]'|head -1|awk -F "[: ,%]" '{print $8}'` ChangePriorityCPU=`top -d 2 -n 1 -b|grep 'C[Pp][Uu]'|head -1|awk -F "[: ,%]" '{print $12}'` WaitingCPU=`top -d 2 -n 1 -b|grep 'C[Pp][Uu]'|head -1|awk -F "[: ,%]" '{print $19}'` HardwareIRQCPU=`top -d 2 -n 1 -b|grep 'C[Pp][Uu]'|head -1|awk -F "[: ,%]" '{print $23}'` SoftwareIRQCPU=`top -d 2 -n 1 -b|grep 'C[Pp][Uu]'|head -1|awk -F "[: ,%]" '{print $27}'` MemUsed=`top -d 2 -n 1 -b|grep "Mem"|awk -F "[: ,]" '{print $11}'|tr -d "a-zA-Z"|awk '{printf("%dM\n",$1/1024)}'` MemFreeP=`top -d 2 -n 1 -b|grep "Mem"|awk -F "[: ,]" '{print $16}'|tr -d "a-zA-Z"|awk '{printf("%dM\n",$1/1024)}'` MemBuffersP=` top -d 2 -n 1 -b|grep "Mem"|awk -F "[: ,]" '{print $22}'|tr -d "a-zA-Z"|awk '{printf("%dM\n",$1/1024)}'` CacheCachedP=`top -d 2 -n 1 -b|grep "Swap"|awk -F "[: ,]" '{print $24}'|tr -d "a-zA-Z"|awk '{printf("%dM\n",$1/1024)}'` CacheTotal=`top -d 2 -n 1 -b|grep "Swap"|awk -F "[: ,]" '{print $4}'|tr -d "a-zA-Z"|awk '{printf("%dM\n",$1/1024)}'` CacheUsed=`top -d 2 -n 1 -b|grep "Swap"|awk -F "[: ,]" '{print $14}'|tr -d "a-zA-Z"|awk '{printf("%dM\n",$1/1024)}'` CacheFree=`top -d 2 -n 1 -b|grep "Swap"|awk -F "[: ,]" '{print $18}'|tr -d "a-zA-Z"|awk '{printf("%dM\n",$1/1024)}'` echo -e "CPUIdle|$CPUIdle\nCPUloadAverage|$CPUloadAverage\nProcessNumbers|$ProcessNumbers\nProcessRunning|$ProcessRunning\nProcessSleeping|$ProcessSleeping\nProcessStoping|$ProcessStoping\nProcessZombie|$ProcessZombie\nUserSpaceCPU|$UserSpaceCPU\nSystemSpaceCPU|$SystemSpaceCPU\nChangePriorityCPU|$ChangePriorityCPU\nWaitingCPU|$WaitingCPU\nHardwareIRQCPU|$HardwareIRQCPU\nSoftwareIRQCPU|$SoftwareIRQCPU\nMemUsed|$MemUsed\nMemFreeP|$MemFreeP\nMemBuffersP|$MemBuffersP\nCacheCachedP|$CacheCachedP\nCacheTotal|$CacheTotal\nCacheUsed|$CacheUsed\nCacheFree|$CacheFree\n" } OprateSystemSec () { echo '======================UserLogin======================' w echo '======================FileUsed=======================' df -ah echo '======================dmesgError=====================' dmesg | grep error echo '======================dmesgFail======================' dmesg | grep Fail echo '======================BootLog========================' more /var/log/boot.log | grep -V "OK" | sed '1,6d' echo '======================route -n=======================' route -n echo '======================iptables -L====================' iptables -L echo '======================netstat -lntp==================' netstat -lntp echo '======================netstat -antp==================' netstat -antp echo '======================BootLog========================' netstat -s echo '======================netstat -s=====================' last echo '======================du -sh /etc/===================' du -sh /etc/ echo '======================du -sh /boot/==================' du -sh /boot/ echo '======================du -sh /dev/===================' du -sh /dev/ echo '======================df -h==========================' df -h echo '======================mount | column -t==============' mount | column -t } TopAndVmstat(){ top -d 2 -n 1 -b vmstat 1 10 } CheckGatherLog(){ if [ -f "$LocalServerLogPath/$GetTheIpCommand.log" ];then rm -rf $LocalServerLogPath/$GetTheIpCommand.log fi if [ ! -x "$LocalServerLogPath" ];then mkdir "$LocalServerLogPath" fi if [ ! -f "$LocalServerLogPath/$GetTheIpCommand.log" ];then touch $LocalServerLogPath/$GetTheIpCommand.log LinuxOsInformation>>$LocalServerLogPath/$GetTheIpCommand.log PerformanceInfomation>>$LocalServerLogPath/$GetTheIpCommand.log OprateSystemSec>>$LocalServerLogPath/$GetTheIpCommand.log TopAndVmstat>>$LocalServerLogPath/$GetTheIpCommand.log fi } CheckGatherLog SCP_LOG_TO_GATHER_SERVER="scp $LocalServerLogPath/$GetTheIpCommand.log root@$GatherServerIpAddress:$GatherServerLogPath" /usr/bin/expect<<EOF set timeout 50 spawn $SCP_LOG_TO_GATHER_SERVER expect { "*yes/no)?" { send "yes\n" "*password:*" {send "GatherServerPassword\n"} } "*password:" { send "$GatherServerPassword\n" } } expect "*password:" { send "$GatherServerPassword\n" } expect "100%" expect eof EOF
file.txt内容形式
192.168.182.143 123456 192.168.182.129 123456 192.168.182.146 123456
注:192.168.182.143是被巡检的服务器ip,123456是被巡检的服务器密码。
声明:此脚本将巡检结果用awk和sed以及grep进行了过滤,以便格式化显示和excel进行处理。由于水平有限,如果有大神认为还有更好的解决方案或者这个脚本还有改进的地方,请指出。我们大家共同学习,共同进步。
个人QQ:1299039410