当前位置:七道奇文章资讯系统安全Linux安全
日期:2011-08-02 11:45:00  来源:本站整理

操纵nagios,监听处理linux下的特定服务和端口[Linux安全]

赞助商链接



  本文“操纵nagios,监听处理linux下的特定服务和端口[Linux安全]”是由七道奇为您精心收集,来源于网络转载,文章版权归文章作者所有,本站不对其观点以及内容做任何评价,请读者自行判断,以下是其具体内容:
  这里主要讲通过nagios的监听和事件处理机制,对一些弊端服务举行远程处理.处理后假如还不正常,nagios启动邮件,短信报警.
  1.首先启用邮件报警功效.
  下载sendEmail软件,解压后直接将sendEmail复制到/usr/bin里
  因为没有搞懂sendmail,所以下了个sendEmail
  编辑/usr/local/nagios/etc/objects/commands.cfg
  将本来/bin/mail -s 这一部份替换为
  tail /usr/local/nagios/var/nagios.log | /usr/local/bin/sendEmail -f username@163.com -t $CONTACTEMAIL$ -s smtp.163.com -u "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" -xu username -xp 123
  意思是用sendEmail客户端通过163邮箱的smtp服务,发送邮件.username  是你163邮箱名,123是163邮箱密码.$CONTACTEMAIL$ 是你要发送的目的邮箱,也就是nagios.cfg配置中系统管理员的邮箱.我是讲nagios.log的后十行作为邮件正文一同发送的.
  这是我的配置
  # 'notify-host-by-email' command definition
  define command{
  command_name    notify-host-by-email
  command_line    /usr/bin/printf "%b" "***** Nagios ***** Notification Type: $NOTIFICATIONTYPE$ Host: $HOSTNAME$ State: $HOSTSTATE$ Address: $HOSTADDRESS$ Info: $HOSTOUTPUT$ Date/Time: $LONGDATETIME$ " | tail /usr/local/nagios/var/nagios.log | /usr/local/bin/sendEmail -f username@163.com -t $CONTACTEMAIL$ -s smtp.163.com -u "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" -xu username -xp 123
  }
  # 'notify-service-by-email' command definition
  define command{
  command_name    notify-service-by-email
  command_line    /usr/bin/printf "%b" "***** Nagios ***** Notification Type: $NOTIFICATIONTYPE$ Service: $SERVICEDESC$ Host: $HOSTALIAS$ Address: $HOSTADDRESS$ State: $SERVICESTATE$ Date/Time: $LONGDATETIME$ Additional Info: $SERVICEOUTPUT$ " | tail /usr/local/nagios/var/nagios.log | /usr/local/bin/sendEmail -f username@163.com -t $CONTACTEMAIL$ -s smtp.163.com -u "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" -xu username -xp 123
  }
  配置好有,便可以将带有日记信息的邮件发送到指定邮箱.
  2.操纵nagios的事件处理机制,监控Linux下指定进程.
  编辑/usr/local/nagios/etc/objects/localhost.cfg
  这是我配置的两个服务,一个是用TCP监听django的8000端口,一个是通过SNMP
  监听django的 manage.py runserver 进程
  #check_django_tcp
  define service{
  use                             local-service         ; Name of service template to use
  host_name                       RedHat-host
  service_description             Django_TCP
  check_command            check_django_tcp!8000
  notifications_enabled        1
  event_handler_enabled 1
  event_handler python_action
  }
  #check_django_snmp
  define service{
  use                             local-service         ; Name of service template to use
  host_name                       RedHat-host
  service_description             Django_SNMP
  check_command            check_django_snmp!2c!public!.1.3.6.1.4.1.2021.54.101.2!"manage.py runserver"
  notifications_enabled        1
  event_handler_enabled 1
  event_handler python_action
  }
  注意这两项
  event_handler_enabled 1
  event_handler python_action
  事件使能翻开,处理方法是python_action
  python_action 我是在command.cfg中定义的.
  #'python_action'
  define command{
  command_name    python_action
  command_line    $USER1$/python_action.sh "$HOSTNAME$,$SERVICEDESC$,$SERVICESTATE$,$SERVICESTATETYPE$,$SERVICEATTEMPT$"
  }
  #'check_django_tcp'
  define command{
  command_name    check_django_tcp
  command_line    $USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ $ARG2$
  }
  #'check_django_snmp'
  define command{
  command_name    check_django_snmp
  command_line    $USER1$/check_snmp -H $HOSTADDRESS$ -P $ARG1$ -C $ARG2$ -o $ARG3$ -r $ARG4$
  }
  python_action.sh是自己写的脚本,调用python_action.py
  要讲python_action.sh和python_action.py复制到
  /usr/local/nagios/libexec/
  改权限为chown -R nagios:nagios /usr/local/nagios/*
  python_action.sh 代码
  #!/bin/bash
  cd /usr/local/nagios/libexec
  if [ $# -ne 2 ]; then
  service_info="$1"
  #echo $msg
  #echo $pcode
  /usr/bin/python /usr/local/nagios/libexec/python_action.py "$service_info"
  fi
  python_action.py 代码
  # -*- coding: utf-8 -*-
  import pxssh, time, os,sys,pexpect
  from time import sleep, ctime
  machine_name_list = {"ubuntu-host":["192.168.15.67", "root", "123"],
  "localhost":["172.172.10.100", "root", "123"],
  "RedHat-host":["192.168.15.67", "root", "123"]
  }
  server_command_list = {"Django_TCP":"/usr/bin/python /root/dmdu_manage/manage.py runserver &",
  "SMTP":"/etc/init.d/sendmail restart",
  "Django_SNMP":"/usr/bin/python /root/dmdu_manage/manage.py runserver &"
  }
  def write_opt_log(service_info='None',command='None'):
  try:
  f = open("service_opt_info.txt",'a')
  info=[]
  info.append(service_info)
  info.append(command)
  print info
  f.write("%s,%s " % (info[0],ctime()))
  f.write("%s " % (info[1]))
  f.write(" ")
  f.close
  except Exception , e:
  print "Exception is ",e
  def ssh_cmd(hostIP='172.172.10.101', user, password="kk",command=""):
  print "Now connecting %s" % (hostIP)
  print "Please Wait… … "
  #import pdb;pdb.set_trace()
  s = pxssh.pxssh()
  s.login(hostIP, username, password, login_timeout=30, original_prompt="[$#>]", auto_prompt_reset="['Password','password: ', 'continue connecting (yes/no)?']")
  print "Start OS "
  s.sendline(command)
  #sleep(10)
  s.prompt()
  print s.before
  s.sendline("exit")
  s.prompt()
  print s.before
  #s.logout()
  print "End OS "
  def pexpect_cmd(hostIP='172.172.10.101', user, password="kk",command=""):
  print "Start OS "
  print "Please Wait… … "
  ssh = pexpect.spawn('ssh -l %s %s %s'%(username, hostIP, command))
  r = ''
  try:
  i = ssh.expect(['[Pp]assword: ', 'continue connecting (yes/no)?', pexpect.EOF, pexpect.TIMEOUT])
  if i == 0 :
  ssh.sendline(password)
  elif i == 1:
  ssh.sendline('yes')
  except pexpect.EOF:
  ssh.close()
  else:
  r = ssh.read()
  ssh.expect(pexpect.EOF)
  ssh.close()
  print "End OS "
  return r
  def restart_opt(service_info='None'):
  #import pdb;pdb.set_trace
  info_detail=[]
  info_detail = service_info.split(',')
  hostname=info_detail[0]
  service_desc=info_detail[1]
  service_state=info_detail[2]
  service_state_type=info_detail[3]
  service_attempt=info_detail[4]
  hostIP = machine_name_list[hostname][0]
  username = machine_name_list[hostname][1]
  password = machine_name_list[hostname][2]
  command = server_command_list[service_desc]
  if service_state == "CRITICAL" and int(service_attempt) >= 3 :
  try:
  write_opt_log(service_info,command)
  ssh_cmd(hostIP,username,password,command)
  #pexpect_cmd(hostIP,username,password,command)
  service_opt="up"
  except pxssh.ExceptionPxssh, e:
  print "ExceptionPxssh is", e
  if __name__ == '__main__':
  service_info = sys.argv[1]
  restart_opt(service_info)
  由于调用了pexpect库,所以在监控机械上要装pexpect-2.3这个可以到网上下.
  tar -zxvf pexpect-2.3.tar.gz
  cd pexpect-2.3.tar.gz
  python setup.py install
  改正 vim
  /usr/local/lib/python2.6/dist-packages/pxssh.py
  /usr/lib/python2.6/dist-packages/pxssh.py
  第134行.在第一个
  self.read_nonblocking(size=10000,timeout=1) # GAS: Clear out the cache before getting the prompt
  前加入
  self.sendline()
  time.sleep(0.5)
  改正后为
  self.sendline()
  time.sleep(0.5)
  self.read_nonblocking(size=10000,timeout=1) # GAS: Clear out the cache before getting the prompt
  不改用脚本时,会报pxssh错误.
  装好后,便可以履行带有pxssh 的python脚本.
  3.开始配置受控端的snmp
  要想监控Linux服务器下的指定进程,可以采纳这种办法.
  配置受控端的/etc/snmp/snmpd.conf
  找到这一行
  exec .1.3.6.1.4.1.2021.54
  将其改成
  exec .1.3.6.1.4.1.2021.54  /bin/sh  /root/test.sh
  成立/root/test.sh文件
  编辑为以下内容,假定我要监测django的 manage.py runserver 进程.
  #!/bin/bash
  /bin/ps x | grep manage.py | awk '{print $6 " " $7;}'
  保存撤退出.<
  以上是“操纵nagios,监听处理linux下的特定服务和端口[Linux安全]”的内容,如果你对以上该文章内容感兴趣,你可以看看七道奇为您推荐以下文章:
  • 操纵nagios,监听处理linux下的特定服务和端口
  • 操纵native办法扩大Java程序的功效详解
  • 本文地址: 与您的QQ/BBS好友分享!
    • 好的评价 如果您觉得此文章好,就请您
        0%(0)
    • 差的评价 如果您觉得此文章差,就请您
        0%(0)

    文章评论评论内容只代表网友观点,与本站立场无关!

       评论摘要(共 0 条,得分 0 分,平均 0 分) 查看完整评论
    Copyright © 2020-2022 www.xiamiku.com. All Rights Reserved .