zabbix监控
主机名 | IP地址 | 角色 |
---|---|---|
zabbix-server | 192.168.100.114 | 监控端 |
zabbix-client | 192.168.100.116 | 被监控端 |
在上一章中配置了zabbix的监控端
https://blog.youkuaiyun.com/weixin_43120459/article/details/82937300
客户端安装agent端
- 安装依赖包
[root@zabbix-client ~]# yum install -y net-snmp-devel libevent-devel
- 安装
[root@zabbix-client ~]# cd /usr/src/
[root@zabbix-client src]# wget https://nchc.dl.sourceforge.net/project/zabbix/ZABBIX%20Latest%20Stable/3.4.12/zabbix-3.4.12.tar.gz
[root@zabbix-client src]# tar xf zabbix-3.4.12.tar.gz
[root@zabbix-client src]# cd zabbix-3.4.12/
[root@zabbix-client zabbix-3.4.12]# ./configure --enable-agent
[root@zabbix-client zabbix-3.4.12]# make install
- 创建Zabbix用户和组
[root@zabbix-client zabbix-3.4.12]# groupadd -r zabbix
[root@zabbix-client zabbix-3.4.12]# useradd -r -M -s /sbin/nologin -g zabbix zabbix
- 启动zabbix
[root@zabbix-client zabbix-3.4.12]# zabbix_agentd
[root@zabbix-client zabbix-3.4.12]# ss -lnpt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:* users:(("sshd",pid=1137,fd=3))
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=1300,fd=13))
LISTEN 0 128 *:10050 *:* users:(("zabbix_agentd",pid=18490,fd=4),("zabbix_agentd",pid=18489,fd=4),("zabbix_agentd",pid=18488,fd=4),("zabbix_agentd",pid=18487,fd=4),("zabbix_agentd",pid=18486,fd=4),("zabbix_agentd",pid=18485,fd=4))
LISTEN 0 128 :::22 :::* users:(("sshd",pid=1137,fd=4))
LISTEN 0 100 ::1:25 :::* users:(("master",pid=1300,fd=14))
- 服务端配置
[root@zabbix-client ~]# vim /usr/local/etc/zabbix_agentd.conf
#Server=127.0.0.1
Server=192.168.100.114 //服务端的IP地址 主动模式
#ServerActive=127.0.0.1
ServerActive=192.168.100.114 //服务端的IP地址 被动模式
#Hostname=Zabbix server
Hostname=192.168.100.116
- 重启服务
[root@zabbix-client ~]# pkill zabbix
[root@zabbix-client ~]# zabbix_agentd
在web页面添加监控项
1.添加主机组
2.添加主机
3.添加模块,(可不添加)
自定义监控项
//监控文件
//然后点击创建监控项
//在键值选择中选择此项
添加触发器
//然后点击创建触发器
//表达式的效果
- 验证
在客户端主机上修改/opt/passwd文件
[root@zabbix-client ~]# echo "123" >> /opt/passwd
//监控服务
监听服务的端口号
在客户端主机下载httpd服务,并开启
[root@zabbix-client ~]# yum -y install httpd
[root@zabbix-client ~]# systemctl start httpd
[root@zabbix-client ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 *:10050 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
在web页面添加监控项,然后点击创建监控项
在客户端关闭apache服务
[root@zabbix-client ~]# systemctl stop httpd.service
自定义key值
监听vsftpd
客户端下载vsftpd
[root@zabbix-client ~]# yum -y install vsftpd
[root@zabbix-client yum.repos.d]# systemctl start vsftpd
[root@zabbix-client yum.repos.d]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 *:10050 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 32 :::21 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
- 书写脚本
[root@zabbix-client opt]# vim ckftp.sh
[root@zabbix-client opt]# cat ckftp.sh
#!/bin/bash
name=$1
stat=$(ps -ef | grep vsftpd | egrep -v "grep|$0" | wc -l)
if [ $stat -ne 0 ];then
echo "1"
else
echo "0"
fi
- 在客户端配置文件定义Key值,然后重启客户端zabbix服务
[root@zabbix-client opt]# tail -n1 /usr/local/etc/zabbix_agentd.conf
UserParameter=ckftp,/bin/bash /opt/ckftp.sh vsftpd
[root@zabbix-client opt]# pkill zabbix
[root@zabbix-client opt]# zabbix_agentd
- 在服务端检测
[root@zabbix-server ~]# zabbix_get -s 192.168.100.116 -p 10050 -k "ckftp"
1
然后在web页面添加监控项
然后添加触发器
//在客户端关掉vsftpd服务检测
[root@zabbix-client opt]# systemctl stop vsftpd
报警邮件发送
直接在web页面上配置
/添加报警媒介
/创建动作
//然后点击操作
监控日志
- 书写脚本
[root@xiefei ~]# cat /opt/log.py
#!/bin/bash
#!/usr/bin/env python3
import sys
import re
def prePos(seekfile):
global curpos
try:
cf = open(seekfile)
except IOError:
curpos = 0
return curpos
except FileNotFoundError:
curpos = 0
return curpos
else:
try:
curpos = int(cf.readline().strip())
except ValueError:
curpos = 0
cf.close()
return curpos
cf.close()
return curpos
def lastPos(filename):
with open(filename) as lfile:
if lfile.readline():
lfile.seek(0,2)
else:
return 0
lastPos = lfile.tell()
return lastPos
def getSeekFile():
try:
seekfile = sys.argv[2]
except IndexError:
seekfile = '/tmp/logseek'
return seekfile
def getKey():
try:
tagKey = str(sys.argv[3])
except IndexError:
tagKey = 'Error'
return tagKey
def getResult(filename,seekfile,tagkey):
destPos = prePos(seekfile)
curPos = lastPos(filename)
if curPos < destPos:
curpos = 0
try:
f = open(filename)
except IOError:
print('Could not open file: %s' % filename)
except FileNotFoundError:
print('Could not open file: %s' % filename)
else:
f.seek(destPos)
while curPos != 0 and f.tell() < curPos:
rresult = f.readline().strip()
global result
if re.search(tagkey, rresult):
result = 1
break
else:
result = 0
with open(seekfile,'w') as sf:
sf.write(str(curPos))
finally:
f.close()
return result
if __name__ == "__main__":
result = 0
curpos = 0
tagkey = getKey()
seekfile = getSeekFile()
result = getResult(sys.argv[1],seekfile,tagkey)
print(result)
//需要传三个参数
$1:日志文件
$2:阅读记录文件,若不设置,默认路径为/tmp/logseek
$3:搜索关键字:如error
- 脚本检测
[root@xiefei ~]# cat /tmp/a.log
dadsdda
dingxiaoke
dingxiaoke
dingxiaole
error
dasdsd
[root@xiefei ~]# python /opt/log.py /tmp/a.log /tmp/logseek error
1
- 添加客户端配置文件
[root@xiefei ~]# tail -1 /usr/local/etc/zabbix_agentd.conf
UserParameter=cklog,/usr/bin/python /opt/log.py /tmp/a.log /tmp/logseek error
- 服务端检测
[root@xiefei ~]# zabbix_get -s 192.168.100.116 -p 10050 -k 'cklog'
1
- 设置web页面警告
//添加监控项
.
//然后创建监控项
//添加触发器
//然后创建监控项
- 测试
[root@xiefei ~]# >/tmp/logseek
//可以查看最新数据