【Linux 服务器日常巡检脚本分享 #yyds干货盘点#】大鹏一日同风起,扶摇直上九万里。这篇文章主要讲述Linux 服务器日常巡检脚本分享 #yyds干货盘点#相关的知识,希望能为你提供帮助。
#!/bin/bash
#主机信息每日巡检IPADDR=$(ifconfig eth0|grep inet addr|awk -F [ :] print $13)
#环境变量PATH没设好,在cron里执行时有很多命令会找不到
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
source /etc/profile[ $(id -u) -gt 0 ] &
&
echo "请用root用户执行此脚本!" &
&
exit 1
centosVersion=$(awk print $(NF-1) /etc/redhat-release)
VERSION="2020-03-16"#日志相关
PROGPATH=`echo $0 | sed -e s,[\\\\/][^\\\\/][^\\\\/]*$,,`
[ -f $PROGPATH ] &
&
PROGPATH="."
LOGPATH="$PROGPATH/log"
[ -e $LOGPATH ] || mkdir $LOGPATH
RESULTFILE="$LOGPATH/HostDailyCheck-$IPADDR-`date +%Y%m%d`.txt"#定义报表的全局变量
report_DateTime="" #日期 ok
report_Hostname="" #主机名 ok
report_OSRelease="" #发行版本 ok
report_Kernel="" #内核 ok
report_Language="" #语言/编码 ok
report_LastReboot="" #最近启动时间 ok
report_Uptime="" #运行时间(天) ok
report_CPUs="" #CPU数量 ok
report_CPUType="" #CPU类型 ok
report_Arch="" #CPU架构 ok
report_MemTotal="" #内存总容量(MB) ok
report_MemFree="" #内存剩余(MB) ok
report_MemUsedPercent="" #内存使用率% ok
report_DiskTotal="" #硬盘总容量(GB) ok
report_DiskFree="" #硬盘剩余(GB) ok
report_DiskUsedPercent="" #硬盘使用率% ok
report_InodeTotal="" #Inode总量 ok
report_InodeFree="" #Inode剩余 ok
report_InodeUsedPercent="" #Inode使用率 ok
report_IP="" #IP地址 ok
report_MAC="" #MAC地址 ok
report_Gateway="" #默认网关 ok
report_DNS="" #DNS ok
report_Listen="" #监听 ok
report_Selinux="" #Selinux ok
report_Firewall="" #防火墙 ok
report_USERs="" #用户 ok
report_USEREmptyPassword="" #空密码用户 ok
report_USERTheSameUID="" #相同ID的用户 ok
report_PasswordExpiry="" #密码过期(天) ok
report_RootUser="" #root用户 ok
report_Sudoers="" #sudo授权 ok
report_SSHAuthorized="" #SSH信任主机 ok
report_SSHDProtocolVersion="" #SSH协议版本 ok
report_SSHDPermitRootLogin="" #允许root远程登录 ok
report_DefunctProsess="" #僵尸进程数量 ok
report_SelfInitiatedService="" #自启动服务数量 ok
report_SelfInitiatedProgram="" #自启动程序数量 ok
report_RuningService="" #运行中服务数 ok
report_Crontab="" #计划任务数 ok
report_Syslog="" #日志服务 ok
report_SNMP="" #SNMP OK
report_NTP="" #NTP ok
report_JDK="" #JDK版本 ok
function version()
echo ""
echo ""
echo "系统巡检脚本:Version $VERSION"function getCpuStatus()
echo ""
echo ""
echo "############################ CPU检查 #############################"
Physical_CPUs=$(grep "physical id" /proc/cpuinfo| sort | uniq | wc -l)
Virt_CPUs=$(grep "processor" /proc/cpuinfo | wc -l)
CPU_Kernels=$(grep "cores" /proc/cpuinfo|uniq| awk -F :print $2)
CPU_Type=$(grep "model name" /proc/cpuinfo | awk -F :print $2 | sort | uniq)
CPU_Arch=$(uname -m)
echo "物理CPU个数:$Physical_CPUs"
echo "逻辑CPU个数:$Virt_CPUs"
echo "每CPU核心数:$CPU_Kernels"
echo " CPU型号:$CPU_Type"
echo " CPU架构:$CPU_Arch"
#报表信息
report_CPUs=$Virt_CPUs #CPU数量
report_CPUType=$CPU_Type #CPU类型
report_Arch=$CPU_Arch #CPU架构function getMemStatus()
echo ""
echo ""
echo "############################ 内存检查 ############################"
if [[ $centosVersion <
7 ]];
then
free -mo
else
free -h
fi
#报表信息
MemTotal=$(grep MemTotal /proc/meminfo| awk print $2) #KB
MemFree=$(grep MemFree /proc/meminfo| awk print $2) #KB
let MemUsed=MemTotal-MemFree
MemPercent=$(awk "BEGIN if($MemTotal==0)printf 100elseprintf \\"%.2f\\",$MemUsed*100/$MemTotal")
report_MemTotal="$((MemTotal/1024))""MB" #内存总容量(MB)
report_MemFree="$((MemFree/1024))""MB" #内存剩余(MB)
report_MemUsedPercent="$(awk "BEGIN if($MemTotal==0)printf 100elseprintf \\"%.2f\\",$MemUsed*100/$MemTotal")""%" #内存使用率%function getDiskStatus()
echo ""
echo ""
echo "############################ 磁盘检查 ############################"
df -hiP | sed s/Mounted on/Mounted/>
/tmp/inode
df -hTP | sed s/Mounted on/Mounted/>
/tmp/disk
join /tmp/disk /tmp/inode | awk print $1,$2,"|",$3,$4,$5,$6,"|",$8,$9,$10,$11,"|",$12| column -t
#报表信息
diskdata=https://www.songbingjia.com/android/$(df -TP | sed 1d | awk $2!="tmpfs"print) #KB
disktotal=$(echo "$diskdata" | awk total+=$3ENDprint total) #KB
diskused=$(echo "$diskdata" | awk total+=$4ENDprint total) #KB
diskfree=$((disktotal-diskused)) #KB
diskusedpercent=$(echo $disktotal $diskused | awk if($1==0)printf 100elseprintf "%.2f",$2*100/$1)
inodedata=https://www.songbingjia.com/android/$(df -iTP | sed 1d | awk $2!="tmpfs"print)
inodetotal=$(echo "$inodedata" | awk total+=$3ENDprint total)
inodeused=$(echo "$inodedata" | awk total+=$4ENDprint total)
inodefree=$((inodetotal-inodeused))
inodeusedpercent=$(echo $inodetotal $inodeused | awk if($1==0)printf 100elseprintf "%.2f",$2*100/$1)
report_DiskTotal=$((disktotal/1024/1024))"GB" #硬盘总容量(GB)
report_DiskFree=$((diskfree/1024/1024))"GB" #硬盘剩余(GB)
report_DiskUsedPercent="$diskusedpercent""%" #硬盘使用率%
report_InodeTotal=$((inodetotal/1000))"K" #Inode总量
report_InodeFree=$((inodefree/1000))"K" #Inode剩余
report_InodeUsedPercent="$inodeusedpercent""%" #Inode使用率%function getSystemStatus()
echo ""
echo ""
echo "############################ 系统检查 ############################"
if [ -e /etc/sysconfig/i18n ];
then
default_LANG="$(grep "LANG=" /etc/sysconfig/i18n | grep -v "^#" | awk -F " print $2)"
else
default_LANG=$LANG
fi
export LANG="en_US.UTF-8"
Release=$(cat /etc/redhat-release 2>
/dev/null)
Kernel=$(uname -r)
OS=$(uname -o)
Hostname=$(uname -n)
SELinux=$(/usr/sbin/sestatus | grep "SELinux status: " | awk print $3)
LastReboot=$(who -b | awk print $3,$4)
uptime=$(uptime | sed s/.*up \\([^,]*\\), .*/\\1/)
echo " 系统:$OS"
echo " 发行版本:$Release"
echo " 内核:$Kernel"
echo " 主机名:$Hostname"
echo " SELinux:$SELinux"
echo "语言/编码:$default_LANG"
echo " 当前时间:$(date +%F %T)"
echo " 最后启动:$LastReboot"
echo " 运行时间:$uptime"
#报表信息
report_DateTime=$(date +"%F %T") #日期
report_Hostname="$Hostname" #主机名
report_OSRelease="$Release" #发行版本
report_Kernel="$Kernel" #内核
report_Language="$default_LANG" #语言/编码
report_LastReboot="$LastReboot" #最近启动时间
report_Uptime="$uptime" #运行时间(天)
report_Selinux="$SELinux"
export LANG="$default_LANG"function getServiceStatus()
echo ""
echo ""
echo "############################ 服务检查 ############################"
echo ""
if [[ $centosVersion >
7 ]];
then
conf=$(systemctl list-unit-files --type=service --state=enabled --no-pager | grep "enabled")
process=$(systemctl list-units --type=service --state=running --no-pager | grep ".service")
#报表信息
report_SelfInitiatedService="$(echo "$conf" | wc -l)" #自启动服务数量
report_RuningService="$(echo "$process" | wc -l)" #运行中服务数量
else
conf=$(/sbin/chkconfig | grep -E ":on|:启用")
process=$(/sbin/service --status-all 2>
/dev/null | grep -E "is running|正在运行")
#报表信息
report_SelfInitiatedService="$(echo "$conf" | wc -l)" #自启动服务数量
report_RuningService="$(echo "$process" | wc -l)" #运行中服务数量
fi
echo "服务配置"
echo "--------"
echo "$conf" | column -t
echo ""
echo "正在运行的服务"
echo "--------------"
echo "$process"function getAutoStartStatus()
echo ""
echo ""
echo "############################ 自启动检查 ##########################"
conf=$(grep -v "^#" /etc/rc.d/rc.local| sed /^$/d)
echo "$conf"
#报表信息
report_SelfInitiatedProgram="$(echo $conf | wc -l)" #自启动程序数量function getLoginStatus()
echo ""
echo ""
echo "############################ 登录检查 ############################"
last | headfunction getNetworkStatus()
echo ""
echo ""
echo "############################ 网络检查 ############################"
if [[ $centosVersion <
7 ]];
then
/sbin/ifconfig -a | grep -v packets | grep -v collisions | grep -v inet6
else
#ip a
for i in $(ip link | grep BROADCAST | awk -F: print $2);
do ip add show $i | grep -E "BROADCAST|global"| awk print $2 | tr \\n;
echo "" ;
done
fi
GATEWAY=$(ip route | grep default | awk print $3)
DNS=$(grep nameserver /etc/resolv.conf| grep -v "#" | awk print $2 | tr \\n , | sed s/,$//)
echo ""
echo "网关:$GATEWAY "
echo " DNS:$DNS"
#报表信息
IP=$(ip -f inet addr | grep -v 127.0.0.1 | grep inet | awk print $NF,$2 | tr \\n , | sed s/,$//)
MAC=$(ip link | grep -v "LOOPBACK\\|loopback" | awk print $2 | sed N;
s/\\n// | tr \\n , | sed s/,$//)
report_IP="$IP" #IP地址
report_MAC=$MAC #MAC地址
report_Gateway="$GATEWAY" #默认网关
report_DNS="$DNS" #DNSfunction getListenStatus()
echo ""
echo ""
echo "############################ 监听检查 ############################"
TCPListen=$(ss -ntul | column -t)
echo "$TCPListen"
#报表信息
report_Listen="$(echo "$TCPListen"| sed 1d | awk /tcp/ print $5 | awk -F: print $NF | sort | uniq | wc -l)"function getCronStatus()
echo ""
echo ""
echo "############################ 计划任务检查 ########################"
Crontab=0
for shell in $(grep -v "/sbin/nologin" /etc/shells);
do
for user in $(grep "$shell" /etc/passwd| awk -F: print $1);
do
crontab -l -u $user >
/dev/null 2>
&
1
status=$?
if [ $status -eq 0 ];
then
echo "$user"
echo "--------"
crontab -l -u $user
let Crontab=Crontab+$(crontab -l -u $user | wc -l)
echo ""
fi
done
done
#计划任务
find /etc/cron* -type f | xargs -i ls -l| column -t
let Crontab=Crontab+$(find /etc/cron* -type f | wc -l)
#报表信息
report_Crontab="$Crontab" #计划任务数function getHowLongAgo()
# 计算一个时间戳离现在有多久了
datetime="$*"
[ -z "$datetime" ] &
&
echo "错误的参数:getHowLongAgo() $*"
Timestamp=$(date +%s -d "$datetime") #转化为时间戳
Now_Timestamp=$(date +%s)
Difference_Timestamp=$(($Now_Timestamp-$Timestamp))
days=0;
hours=0;
minutes=0;
sec_in_day=$((60*60*24));
sec_in_hour=$((60*60));
sec_in_minute=60
while (( $(($Difference_Timestamp-$sec_in_day)) >
1 ))
do
let Difference_Timestamp=Difference_Timestamp-sec_in_day
let days++
done
while (( $(($Difference_Timestamp-$sec_in_hour)) >
1 ))
do
let Difference_Timestamp=Difference_Timestamp-sec_in_hour
let hours++
done
echo "$days 天 $hours 小时前"function getUserLastLogin()
# 获取用户最近一次登录的时间,含年份
# 很遗憾last命令不支持显示年份,只有"last -t YYYYMMDDHHMMSS"表示某个时间之间的登录,我们只能用最笨的方法了,对比今天之前和今年元旦之前(或者去年之前和前年之前……)某个用户登录次数,如果登录统计次数有变化,则说明最近一次登录是今年。
username=$1
: $username:="`whoami`"
thisYear=$(date +%Y)
oldesYear=$(last | tail -n1 | awk print $NF)
while(( $thisYear >
= $oldesYear));
do
loginBeforeToday=$(last $username | grep $username | wc -l)
loginBeforeNewYearsDayOfThisYear=$(last $username -t $thisYear"0101000000" | grep $username | wc -l)
if [ $loginBeforeToday -eq 0 ];
then
echo "从未登录过"
break
elif [ $loginBeforeToday -gt $loginBeforeNewYearsDayOfThisYear ];
then
lastDateTime=$(last -i $username | head -n1 | awk for(i=4;
i<
(NF-2);
i++)printf"%s ",$i)" $thisYear" #格式如: Sat Nov 2 20:33 2015
lastDateTime=$(date "+%Y-%m-%d %H:%M:%S" -d "$lastDateTime")
echo "$lastDateTime"
break
else
thisYear=$((thisYear-1))
fi
donefunction getUserStatus()
echo ""
echo ""
echo "############################ 用户检查 ############################"
#/etc/passwd 最后修改时间
pwdfile="$(cat /etc/passwd)"
Modify=$(stat /etc/passwd | grep Modify | tr .| awk print $2,$3)echo "/etc/passwd 最后修改时间:$Modify ($(getHowLongAgo $Modify))"
echo ""
echo "特权用户"
echo "--------"
RootUser=""
for user in $(echo "$pwdfile" | awk -F: print $1);
do
if [ $(id -u $user) -eq 0 ];
then
echo "$user"
RootUser="$RootUser,$user"
fi
done
echo ""
echo "用户列表"
echo "--------"
USERs=0
echo "$(
echo "用户名 UID GID HOME SHELL 最后一次登录"
for shell in $(grep -v "/sbin/nologin" /etc/shells);
do
for username in $(grep "$shell" /etc/passwd| awk -F: print $1);
do
userLastLogin="$(getUserLastLogin $username)"
echo "$pwdfile" | grep -w "$username" |grep -w "$shell"| awk -F: -v lastlogin="$(echo "$userLastLogin" | tr_)" print $1,$3,$4,$6,$7,lastlogin
done
let USERs=USERs+$(echo "$pwdfile" | grep "$shell"| wc -l)
done
)" | column -t
echo ""
echo "空密码用户"
echo "----------"
USEREmptyPassword=""
for shell in $(grep -v "/sbin/nologin" /etc/shells);
do
for user in $(echo "$pwdfile" | grep "$shell" | cut -d: -f1);
do
r=$(awk -F: $2=="!!"print $1 /etc/shadow | grep -w $user)
if [ ! -z $r ];
then
echo $r
USEREmptyPassword="$USEREmptyPassword,"$r
fi
done
done
echo ""
echo "相同ID的用户"
echo "------------"
USERTheSameUID=""
UIDs=$(cut -d: -f3 /etc/passwd | sort | uniq -c | awk $1>
1print $2)
for uid in $UIDs;
do
echo -n "$uid";
USERTheSameUID="$uid"
r=$(awk -F: ORS="";
$3=="$uid"print ":",$1 /etc/passwd)
echo "$r"
echo ""
USERTheSameUID="$USERTheSameUID $r,"
done
#报表信息
report_USERs="$USERs" #用户
report_USEREmptyPassword=$(echo $USEREmptyPassword | sed s/^,//)
report_USERTheSameUID=$(echo $USERTheSameUID | sed s/,$//)
report_RootUser=$(echo $RootUser | sed s/^,//) #特权用户function getPasswordStatus
echo ""
echo ""
echo "############################ 密码检查 ############################"
pwdfile="$(cat /etc/passwd)"
echo ""
echo "密码过期检查"
echo "------------"
result=""
for shell in $(grep -v "/sbin/nologin" /etc/shells);
do
for user in $(echo "$pwdfile" | grep "$shell" | cut -d: -f1);
do
get_expiry_date=$(/usr/bin/chage -l $user | grep Password expires | cut -d: -f2)
if [[ $get_expiry_date =never || $get_expiry_date = never ]];
then
printf "%-15s 永不过期\\n" $user
result="$result,$user:never"
else
password_expiry_date=$(date -d "$get_expiry_date" "+%s")
current_date=$(date "+%s")
diff=$(($password_expiry_date-$current_date))
let DAYS=$(($diff/(60*60*24)))
printf "%-15s %s天后过期\\n" $user $DAYS
result="$result,$user:$DAYS days"
fi
done
done
report_PasswordExpiry=$(echo $result | sed s/^,//)echo ""
echo "密码策略检查"
echo "------------"
grep -v "#" /etc/login.defs | grep -E "PASS_MAX_DAYS|PASS_MIN_DAYS|PASS_MIN_LEN|PASS_WARN_AGE"function getSudoersStatus()
echo ""
echo ""
echo "############################ Sudoers检查 #########################"
conf=$(grep -v "^#" /etc/sudoers| grep -v "^Defaults" | sed /^$/d)
echo "$conf"
echo ""
#报表信息
report_Sudoers="$(echo $conf | wc -l)"function getInstalledStatus()
echo ""
echo ""
echo "############################ 软件检查 ############################"
rpm -qa --last | head | column -t function getProcessStatus()
echo ""
echo ""
echo "############################ 进程检查 ############################"
if [ $(ps -ef | grep defunct | grep -v grep | wc -l) -ge 1 ];
then
echo ""
echo "僵尸进程";
echo "--------"
ps -ef | head -n1
ps -ef | grep defunct | grep -v grep
fi
echo ""
echo "内存占用TOP10"
echo "-------------"
echo -e "PID %MEM RSS COMMAND
$(ps aux | awk print $2, $4, $6, $11 | sort -k3rn | head -n 10 )"| column -t
echo ""
echo "CPU占用TOP10"
echo "------------"
top b -n1 | head -17 | tail -11
#报表信息
report_DefunctProsess="$(ps -ef | grep defunct | grep -v grep|wc -l)"function getJDKStatus()
echo ""
echo ""
echo "############################ JDK检查 #############################"
java -version 2>
/dev/null
if [ $? -eq 0 ];
then
java -version 2>
&
1
fi
echo "JAVA_HOME=\\"$JAVA_HOME\\""
#报表信息
report_JDK="$(java -version 2>
&
1 | grep version | awk print $1,$3 | tr -d ")"function getSyslogStatus()
echo ""
echo ""
echo "############################ syslog检查 ##########################"
echo "服务状态:$(getState rsyslog)"
echo ""
echo "/etc/rsyslog.conf"
echo "-----------------"
cat /etc/rsyslog.conf 2>
/dev/null | grep -v "^#" | grep -v "^\\\\$" | sed /^$/d | column -t
#报表信息
report_Syslog="$(getState rsyslog)"function getFirewallStatus()
echo ""
echo ""
echo "############################ 防火墙检查 ##########################"
#防火墙状态,策略等
if [[ $centosVersion <
7 ]];
then
/etc/init.d/iptables status >
/dev/null 2>
&
1
status=$?
if [ $status -eq 0 ];
then
s="active"
elif [ $status -eq 3 ];
then
s="inactive"
elif [ $status -eq 4 ];
then
s="permission denied"
else
s="unknown"
fi
else
s="$(getState iptables)"
fi
echo "iptables: $s"
echo ""
echo "/etc/sysconfig/iptables"
echo "-----------------------"
cat /etc/sysconfig/iptables 2>
/dev/null
#报表信息
report_Firewall="$s"function getSNMPStatus()
#SNMP服务状态,配置等
echo ""
echo ""
echo "############################ SNMP检查 ############################"
status="$(getState snmpd)"
echo "服务状态:$status"
echo ""
if [ -e /etc/snmp/snmpd.conf ];
then
echo "/etc/snmp/snmpd.conf"
echo "--------------------"
cat /etc/snmp/snmpd.conf 2>
/dev/null | grep -v "^#" | sed /^$/d
fi
#报表信息
report_SNMP="$(getState snmpd)"function getState()
if [[ $centosVersion <
7 ]];
then
if [ -e "/etc/init.d/$1" ];
then
if [ `/etc/init.d/$1 status 2>
/dev/null | grep -E "is running|正在运行" | wc -l` -ge 1 ];
then
r="active"
else
r="inactive"
fi
else
r="unknown"
fi
else
#CentOS 7+
r="$(systemctl is-active $1 2>
&
1)"
fi
echo "$r"function getSSHStatus()
#SSHD服务状态,配置,受信任主机等
echo ""
echo ""
echo "############################ SSH检查 #############################"
#检查受信任主机
pwdfile="$(cat /etc/passwd)"
echo "服务状态:$(getState sshd)"
Protocol_Version=$(cat /etc/ssh/sshd_config | grep Protocol | awk print $2)
echo "SSH协议版本:$Protocol_Version"
echo ""
echo "信任主机"
echo "--------"
authorized=0
for user in $(echo "$pwdfile" | grep /bin/bash | awk -F: print $1);
do
authorize_file=$(echo "$pwdfile" | grep -w $user | awk -F: printf $6"/.ssh/authorized_keys")
authorized_host=$(cat $authorize_file 2>
/dev/null | awk print $3 | tr \\n , | sed s/,$//)
if [ ! -z $authorized_host ];
then
echo "$user 授权 \\"$authorized_host\\" 无密码访问"
fi
let authorized=authorized+$(cat $authorize_file 2>
/dev/null | awk print $3|wc -l)
doneecho ""
echo "是否允许ROOT远程登录"
echo "--------------------"
config=$(cat /etc/ssh/sshd_config | grep PermitRootLogin)
firstChar=$config:0:1
if [ $firstChar == "#" ];
then
PermitRootLogin="yes" #默认是允许ROOT远程登录的
else
PermitRootLogin=$(echo $config | awk print $2)
fi
echo "PermitRootLogin $PermitRootLogin"echo ""
echo "/etc/ssh/sshd_config"
echo "--------------------"
cat /etc/ssh/sshd_config | grep -v "^#" | sed /^$/d#报表信息
report_SSHAuthorized="$authorized" #SSH信任主机
report_SSHDProtocolVersion="$Protocol_Version" #SSH协议版本
report_SSHDPermitRootLogin="$PermitRootLogin" #允许root远程登录function getNTPStatus()
#NTP服务状态,当前时间,配置等
echo ""
echo ""
echo "############################ NTP检查 #############################"
if [ -e /etc/ntp.conf ];
then
echo "服务状态:$(getState ntpd)"
echo ""
echo "/etc/ntp.conf"
echo "-------------"
cat /etc/ntp.conf 2>
/dev/null | grep -v "^#" | sed /^$/d
fi
#报表信息
report_NTP="$(getState ntpd)"function uploadHostDailyCheckReport()
json="
\\"DateTime\\":\\"$report_DateTime\\",
\\"Hostname\\":\\"$report_Hostname\\",
\\"OSRelease\\":\\"$report_OSRelease\\",
\\"Kernel\\":\\"$report_Kernel\\",
\\"Language\\":\\"$report_Language\\",
\\"LastReboot\\":\\"$report_LastReboot\\",
\\"Uptime\\":\\"$report_Uptime\\",
\\"CPUs\\":\\"$report_CPUs\\",
\\"CPUType\\":\\"$report_CPUType\\",
\\"Arch\\":\\"$report_Arch\\",
\\"MemTotal\\":\\"$report_MemTotal\\",
\\"MemFree\\":\\"$report_MemFree\\",
\\"MemUsedPercent\\":\\"$report_MemUsedPercent\\",
\\"DiskTotal\\":\\"$report_DiskTotal\\",
\\"DiskFree\\":\\"$report_DiskFree\\",
\\"DiskUsedPercent\\":\\"$report_DiskUsedPercent\\",
\\"InodeTotal\\":\\"$report_InodeTotal\\",
\\"InodeFree\\":\\"$report_InodeFree\\",
\\"InodeUsedPercent\\":\\"$report_InodeUsedPercent\\",
\\"IP\\":\\"$report_IP\\",
\\"MAC\\":\\"$report_MAC\\",
\\"Gateway\\":\\"$report_Gateway\\",
\\"DNS\\":\\"$report_DNS\\",
\\"Listen\\":\\"$report_Listen\\",
\\"Selinux\\":\\"$report_Selinux\\",
\\"Firewall\\":\\"$report_Firewall\\",
\\"USERs\\":\\"$report_USERs\\",
\\"USEREmptyPassword\\":\\"$report_USEREmptyPassword\\",
\\"USERTheSameUID\\":\\"$report_USERTheSameUID\\",
\\"PasswordExpiry\\":\\"$report_PasswordExpiry\\",
\\"RootUser\\":\\"$report_RootUser\\",
\\"Sudoers\\":\\"$report_Sudoers\\",
\\"SSHAuthorized\\":\\"$report_SSHAuthorized\\",
\\"SSHDProtocolVersion\\":\\"$report_SSHDProtocolVersion\\",
\\"SSHDPermitRootLogin\\":\\"$report_SSHDPermitRootLogin\\",
\\"DefunctProsess\\":\\"$report_DefunctProsess\\",
\\"SelfInitiatedService\\":\\"$report_SelfInitiatedService\\",
\\"SelfInitiatedProgram\\":\\"$report_SelfInitiatedProgram\\",
\\"RuningService\\":\\"$report_RuningService\\",
\\"Crontab\\":\\"$report_Crontab\\",
\\"Syslog\\":\\"$report_Syslog\\",
\\"SNMP\\":\\"$report_SNMP\\",
\\"NTP\\":\\"$report_NTP\\",
\\"JDK\\":\\"$report_JDK\\"
"
#echo "$json"
curl -l -H "Content-type: application/json" -X POST -d "$json" "$uploadHostDailyCheckReportApi" 2>
/dev/nullfunction getchage_file_24h()echo "############################ 文件检查 #############################"
check2=$(find / -name *.sh -mtime -1)
check21=$(find / -name *.asp -mtime -1)
check22=$(find / -name *.php -mtime -1)
check23=$(find / -name *.aspx -mtime -1)
check24=$(find / -name *.jsp -mtime -1)
check25=$(find / -name *.html -mtime -1)
check26=$(find / -name *.htm -mtime -1)
check9=$(find / -name core -exec ls -l\\;
)
check10=$(cat /etc/crontab)
check12=$(ls -alt /usr/bin | head -10)
cat <
<
EOF############################查看所有被修改过的文件返回最近24小时内的############################
$check2
$check21
$check22
$check23
$check24
$check25
$check26
$line############################检查定时文件的完整性############################
$check10
$line############################查看系统命令是否被替换############################
$check12
$line
EOFfunction check()
version
getSystemStatus
getCpuStatus
getMemStatus
getDiskStatus
getNetworkStatus
getListenStatus
getProcessStatus
getServiceStatus
getAutoStartStatus
getLoginStatus
getCronStatus
getUserStatus
getPasswordStatus
getSudoersStatus
getJDKStatus
getFirewallStatus
getSSHStatus
getSyslogStatus
getSNMPStatus
getNTPStatus
getInstalledStatus
getchage_file_24h#执行检查并保存检查结果
check >
$RESULTFILEecho "检查结果:$RESULTFILE"
echo -e "`date "+%Y-%m-%d %H:%M:%S"` 企业平台巡检报告"| mail -a $RESULTFILE -s "企业平台巡检报告" test@163.com
推荐阅读
- #yyds干货盘点#私有CA和证书申请
- 国际专线主要是能解决用户什么问题呢()
- #yyds干货盘点# 数字序列
- 阿里云镜像配置 PackMan 镜像
- 视频平台部署如何给软件包文件赋予对应的用户权限()
- docker部署单机版skywalking
- 运行时数据区中包含哪些区域(哪些线程共享?哪些线程独享?#yyds干货盘点#)
- 算法与正则表达式
- #yyds干货盘点#mybatis-plus学习与实践逻辑删除