日期:2011-08-02 11:45:00 来源:本站整理
操纵nagios,监听处理linux下的特定服务和端口[Linux安全]
本文“操纵nagios,监听处理linux下的特定服务和端口[Linux安全]”是由七道奇为您精心收集,来源于网络转载,文章版权归文章作者所有,本站不对其观点以及内容做任何评价,请读者自行判断,以下是其具体内容:
这里主要讲通过nagios的监听和事件处理机制,对一些弊端服务举行远程处理.处理后假如还不正常,nagios启动邮件,短信报警.
1.首先启用邮件报警功效.
下载sendEmail软件,解压后直接将sendEmail复制到/usr/bin里
因为没有搞懂sendmail,所以下了个sendEmail
编辑/usr/local/nagios/etc/objects/commands.cfg
将本来/bin/mail -s 这一部份替换为
tail /usr/local/nagios/var/nagios.log | /usr/local/bin/sendEmail -f username@163.com -t $CONTACTEMAIL$ -s smtp.163.com -u "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" -xu username -xp 123
意思是用sendEmail客户端通过163邮箱的smtp服务,发送邮件.username 是你163邮箱名,123是163邮箱密码.$CONTACTEMAIL$ 是你要发送的目的邮箱,也就是nagios.cfg配置中系统管理员的邮箱.我是讲nagios.log的后十行作为邮件正文一同发送的.
这是我的配置
# 'notify-host-by-email' command definition
define command{
command_name notify-host-by-email
command_line /usr/bin/printf "%b" "***** Nagios ***** Notification Type: $NOTIFICATIONTYPE$ Host: $HOSTNAME$ State: $HOSTSTATE$ Address: $HOSTADDRESS$ Info: $HOSTOUTPUT$ Date/Time: $LONGDATETIME$ " | tail /usr/local/nagios/var/nagios.log | /usr/local/bin/sendEmail -f username@163.com -t $CONTACTEMAIL$ -s smtp.163.com -u "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" -xu username -xp 123
}
# 'notify-service-by-email' command definition
define command{
command_name notify-service-by-email
command_line /usr/bin/printf "%b" "***** Nagios ***** Notification Type: $NOTIFICATIONTYPE$ Service: $SERVICEDESC$ Host: $HOSTALIAS$ Address: $HOSTADDRESS$ State: $SERVICESTATE$ Date/Time: $LONGDATETIME$ Additional Info: $SERVICEOUTPUT$ " | tail /usr/local/nagios/var/nagios.log | /usr/local/bin/sendEmail -f username@163.com -t $CONTACTEMAIL$ -s smtp.163.com -u "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" -xu username -xp 123
}
配置好有,便可以将带有日记信息的邮件发送到指定邮箱.
2.操纵nagios的事件处理机制,监控Linux下指定进程.
编辑/usr/local/nagios/etc/objects/localhost.cfg
这是我配置的两个服务,一个是用TCP监听django的8000端口,一个是通过SNMP
监听django的 manage.py runserver 进程
#check_django_tcp
define service{
use local-service ; Name of service template to use
host_name RedHat-host
service_description Django_TCP
check_command check_django_tcp!8000
notifications_enabled 1
event_handler_enabled 1
event_handler python_action
}
#check_django_snmp
define service{
use local-service ; Name of service template to use
host_name RedHat-host
service_description Django_SNMP
check_command check_django_snmp!2c!public!.1.3.6.1.4.1.2021.54.101.2!"manage.py runserver"
notifications_enabled 1
event_handler_enabled 1
event_handler python_action
}
注意这两项
event_handler_enabled 1
event_handler python_action
事件使能翻开,处理方法是python_action
python_action 我是在command.cfg中定义的.
#'python_action'
define command{
command_name python_action
command_line $USER1$/python_action.sh "$HOSTNAME$,$SERVICEDESC$,$SERVICESTATE$,$SERVICESTATETYPE$,$SERVICEATTEMPT$"
}
#'check_django_tcp'
define command{
command_name check_django_tcp
command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ $ARG2$
}
#'check_django_snmp'
define command{
command_name check_django_snmp
command_line $USER1$/check_snmp -H $HOSTADDRESS$ -P $ARG1$ -C $ARG2$ -o $ARG3$ -r $ARG4$
}
python_action.sh是自己写的脚本,调用python_action.py
要讲python_action.sh和python_action.py复制到
/usr/local/nagios/libexec/
改权限为chown -R nagios:nagios /usr/local/nagios/*
python_action.sh 代码
#!/bin/bash
cd /usr/local/nagios/libexec
if [ $# -ne 2 ]; then
service_info="$1"
#echo $msg
#echo $pcode
/usr/bin/python /usr/local/nagios/libexec/python_action.py "$service_info"
fi
python_action.py 代码
# -*- coding: utf-8 -*-
import pxssh, time, os,sys,pexpect
from time import sleep, ctime
machine_name_list = {"ubuntu-host":["192.168.15.67", "root", "123"],
"localhost":["172.172.10.100", "root", "123"],
"RedHat-host":["192.168.15.67", "root", "123"]
}
server_command_list = {"Django_TCP":"/usr/bin/python /root/dmdu_manage/manage.py runserver &",
"SMTP":"/etc/init.d/sendmail restart",
"Django_SNMP":"/usr/bin/python /root/dmdu_manage/manage.py runserver &"
}
def write_opt_log(service_info='None',command='None'):
try:
f = open("service_opt_info.txt",'a')
info=[]
info.append(service_info)
info.append(command)
print info
f.write("%s,%s " % (info[0],ctime()))
f.write("%s " % (info[1]))
f.write(" ")
f.close
except Exception , e:
print "Exception is ",e
def ssh_cmd(hostIP='172.172.10.101', user, password="kk",command=""):
print "Now connecting %s" % (hostIP)
print "Please Wait… … "
#import pdb;pdb.set_trace()
s = pxssh.pxssh()
s.login(hostIP, username, password, login_timeout=30, original_prompt="[$#>]", auto_prompt_reset="['Password','password: ', 'continue connecting (yes/no)?']")
print "Start OS "
s.sendline(command)
#sleep(10)
s.prompt()
print s.before
s.sendline("exit")
s.prompt()
print s.before
#s.logout()
print "End OS "
def pexpect_cmd(hostIP='172.172.10.101', user, password="kk",command=""):
print "Start OS "
print "Please Wait… … "
ssh = pexpect.spawn('ssh -l %s %s %s'%(username, hostIP, command))
r = ''
try:
i = ssh.expect(['[Pp]assword: ', 'continue connecting (yes/no)?', pexpect.EOF, pexpect.TIMEOUT])
if i == 0 :
ssh.sendline(password)
elif i == 1:
ssh.sendline('yes')
except pexpect.EOF:
ssh.close()
else:
r = ssh.read()
ssh.expect(pexpect.EOF)
ssh.close()
print "End OS "
return r
def restart_opt(service_info='None'):
#import pdb;pdb.set_trace
info_detail=[]
info_detail = service_info.split(',')
hostname=info_detail[0]
service_desc=info_detail[1]
service_state=info_detail[2]
service_state_type=info_detail[3]
service_attempt=info_detail[4]
hostIP = machine_name_list[hostname][0]
username = machine_name_list[hostname][1]
password = machine_name_list[hostname][2]
command = server_command_list[service_desc]
if service_state == "CRITICAL" and int(service_attempt) >= 3 :
try:
write_opt_log(service_info,command)
ssh_cmd(hostIP,username,password,command)
#pexpect_cmd(hostIP,username,password,command)
service_opt="up"
except pxssh.ExceptionPxssh, e:
print "ExceptionPxssh is", e
if __name__ == '__main__':
service_info = sys.argv[1]
restart_opt(service_info)
由于调用了pexpect库,所以在监控机械上要装pexpect-2.3这个可以到网上下.
tar -zxvf pexpect-2.3.tar.gz
cd pexpect-2.3.tar.gz
python setup.py install
改正 vim
/usr/local/lib/python2.6/dist-packages/pxssh.py
/usr/lib/python2.6/dist-packages/pxssh.py
第134行.在第一个
self.read_nonblocking(size=10000,timeout=1) # GAS: Clear out the cache before getting the prompt
前加入
self.sendline()
time.sleep(0.5)
改正后为
self.sendline()
time.sleep(0.5)
self.read_nonblocking(size=10000,timeout=1) # GAS: Clear out the cache before getting the prompt
不改用脚本时,会报pxssh错误.
装好后,便可以履行带有pxssh 的python脚本.
3.开始配置受控端的snmp
要想监控Linux服务器下的指定进程,可以采纳这种办法.
配置受控端的/etc/snmp/snmpd.conf
找到这一行
exec .1.3.6.1.4.1.2021.54
将其改成
exec .1.3.6.1.4.1.2021.54 /bin/sh /root/test.sh
成立/root/test.sh文件
编辑为以下内容,假定我要监测django的 manage.py runserver 进程.
#!/bin/bash
/bin/ps x | grep manage.py | awk '{print $6 " " $7;}'
保存撤退出.<
以上是“操纵nagios,监听处理linux下的特定服务和端口[Linux安全]”的内容,如果你对以上该文章内容感兴趣,你可以看看七道奇为您推荐以下文章:
本文地址: | 与您的QQ/BBS好友分享! |
评论内容只代表网友观点,与本站立场无关!
评论摘要(共 0 条,得分 0 分,平均 0 分)
查看完整评论