bash编程 - 巡检项目 - 《运维》

脚本巡检，并保存为csv
RED="\E[1;31m"
GREEN="\E[1;32m"
END="\E[0m"
file_save_result=sys_info.csv
server_list="nginx mysql php-fpm"
web_url="10.0.0.61/status"
# 结果文件重命名/格式转换----------------------------------------
res_file_manage() {
  date=$(date +%F)
  [[ -f sys_info.csv ]] && {
    iconv -f utf8 -t gbk $file_save_result -o iconv
    mv gbk-$file_save_result ${date}-gbk-${file_save_result}
  }
}
# 判断机器是否可以访问公网------------------------------------------
host_pubnet_check() {
  if_pubnet=0
  # -c 指定次数，-W 指定超时时间
  ping -c 1 -W 1 www.baidu.com &>/dev/null
  if [ $? -ne 0 ]; then
    echo -e "$RED 没有公网 $END"
    if_pubnet=1
  fi
  return if_pubnet
}
sys_basic() {
  name="基础指标检查"
  hostname=$(hostname)
  ip_nei=$(hostname -I)
  source /etc/os-release                        #这条也可以用awk取值 取出centos和7这样的信息
  kernel_version=$(uname -r)                    # hostnamectl uname -a
  lang=$(awk -F= '{print $2}' /etc/locale.conf) # 或者echo $LANG
  #如果函数host_pubnet_check返回值是0 则运行curl命令
  if host_pubnet_check; then
    pubnet_ip=$(curl -s ifconfig.io) # -s 不输出错误信息和进度
  else
    pubnet_ip="没有公网"
  fi
  cat >>$file_save_result <<-EOF
  $name,主机名,$hostname
  $name,ip地址,$ip_nei
  $name,系统,$NAME $VERSION
  $name,内核版本,$kernel_version
  $name,系统字符集与语言,$lang
  $name,公网ip,$pubnet_ip
EOF
  echo -e "$GREEN $name 检查完成 $END"
}
# cpu信息检查---------------------------------------
sys_cpu() {
  name="系统cpu信息"
  cpu_arch=$(uname -i)
  cpu_model=$(lscpu | grep 'Model name:' | sed -r 's#.*: +##g')
  cpu_num=$(lscpu | awk '/Socket/{print $2}')
  cpu_core=$(lscpu | awk '/^CPU\(s\)/{print $2}')
  cpu_idle_percent=$(top -bn1 | grep Cpu | awk -F'[, ]+' '{print $8}')
  cpu_user_percent=$(top -bn1 | grep Cpu | awk -F'[, ]+' '{print $2}')
  cpu_sys_percent=$(top -bn1 | grep Cpu | awk -F'[, ]+' '{print $4}')
  cpu_iowait_percent=$(top -bn1 | grep Cpu | awk -F'[, ]+' '{print $10}')
  load_avg=$(uptime | sed 's#^.*: ##g')
  cat >>$file_save_result <<-EOF
  $name,cpu架构,$cpu_arch
  $name,cpu型号,$cpu_model
  $name,cpu颗数,$cpu_num
  $name,cpu核心总数,$cpu_core
  $name,cpu空闲率,$cpu_idle_percent
  $name,cpu用户态使用率,$cpu_user_percent
  $name,cpu系统态使用率,$cpu_sys_percent
  $name,cpu io使用率,$cpu_iowait_percent
  $name,系统负载信息,$load_avg
EOF
  echo -e "$GREEN $name  获取完成$END"
}
# 内存信息----------------------------------------------
sys_mem() {
  name="系统内存信息"
  mem_total=$(free -h | awk 'NR==2{print $2}')
  mem_free=$(free -h | awk 'NR==2{print $NF}')
  mem_used=$(free -h | awk 'NR==2{print $3}')
  mem_free_percent=$(free | awk 'NR==2{print $NF/$2*100"%"}')
  #检查是否有swap
  if [ $(free | awk 'NR==3{print $2}') -eq 0 ]; then
    echo -e "$RED没有swap$END"
    if_has_swap=no
  else
    if_has_swap=yes
  fi
  #如果swap存在获取值
  [ $if_has_swap = "yes" ] && {
    mem_swap_total=$(free -h | awk 'NR==3{print $2}')
    mem_swap_used=$(free -h | awk 'NR==3{print $3}')
  }
  #如果swap存在 输出内容....
  #如果swap不存在
  if [ ${if_has_swap}x = "yes"x ]; then
    cat >>$file_save_result <<-EOF
  $name,内存大小,$mem_total
  $name,已用内存,$mem_used
  $name,剩余内存,$mem_free
  $name,内存空闲率,$mem_free_percent
  $name,是否存在swap,$if_has_swap
  $name,swap大小,$mem_swap_total     
  $name,swap使用大小,$mem_swap_used  
EOF
  else
    cat >>$file_save_result <<-EOF
  $name,内存大小,$mem_total
  $name,已用内存,$mem_used
  $name,剩余内存,$mem_free
  $name,内存空闲率,$mem_free_percent
  $name,是否存在swap,$if_has_swap
EOF
  fi
  echo -e "$GREEN$name 检查完成$END"
}
# 磁盘信息--------------------------------------------------------
sys_disk() {
  name="磁盘信息统计"
  disk_count=$(fdisk -l | grep -c '/dev/[sv]d[a-z]:')
  disk_size=$(fdisk -l | grep '/dev/[sv]d[a-z]:' | awk '{print $2,$3,$4}')
  cat >>$file_save_result <<-EOF
  $name,磁盘数量,$disk_count
  $name,磁盘大小,$disk_size
EOF
  for part in $(awk '!/swap|^$|#/{print $2}' /etc/fstab); do
    disk_fs_size=$(df -h $part | awk 'NR==2{print $2}')
    disk_fs_used_percent=$(df -h $part | awk 'NR==2{print $(NF-1)}')
    disk_fs_inode_used_percent=$(df -i $part | awk 'NR==2{print $(NF-1)}')
    cat >>$file_save_result <<-EOF
       $name,磁盘分区$part大小,$disk_fs_size 
       $name,磁盘分区$part使用率,$disk_fs_used_percent
       $name,磁盘分区inode$part使用率,$disk_fs_inode_used_percent
EOF
  done
  echo -e "$GREEN$name 统计完成$END"
}
# 用户信息-------------------------------------------------------------
user_info() {
  name="系统用户信息"
  user_login_count=$(grep -c '/bin/bash' /etc/passwd)
  user_login_list=$(grep '/bin/bash' /etc/passwd | awk -F: '{print $1}')
  user_nologin_count=$(grep -cv '/bin/bash' /etc/passwd)
  cat >>$file_save_result <<-EOF
    $name,可登录的用户数,$user_login_count
    $name,可登录的用户名字,$user_login_list
    $name,虚拟用户数量,$user_nologin_count
EOF
  echo -e "$GREEN$name 统计完成$END"
}
###5.网络信息------------------------------------
network_info() {
  name="网络信息"
  # 获取dns，或者看ifcfg-eth0
  net_dns=$(awk '/nameserver/{print $2}' /etc/resolv.conf)
  #dns 是否可用，或者ping
  dig +timeout=1 baidu.com &>/dev/null
  if [ $? -eq 0 ]; then
    if_dns_work=yes
  else
    if_dns_work=no
  fi
  #epel 源
  if [ $(yum repolist | grep -c epel) -eq 1 ]; then
    if_yum_epel=yes
  else
    if_yum_epel=no
  fi
  #源是否还从默认地址下载
  if [ $(grep -v '#' /etc/yum.repos.d/{CentOS-Base,epel}.repo | grep -c 'centos.org') -eq 0 ]; then
    if_yum_download_url_changed=yes
  else
    if_yum_download_url_changed=no
  fi
  cat >>$file_save_result <<-EOF
    $name,当前使用的DNS,$net_dns
    $name,dns是否可用,$if_dns_work
    $name,是否配置额外yum源,$if_yum_epel
    $name,是否优化yum下载地址,$if_yum_download_url_changed
EOF
  echo -e "$GREEN$name 检查完成$END"
}
####6.服务信息##################----------------------
service_info() {
  name="服务信息"
  selinux_status=`getenforce`
  if [ `systemctl is-active iptables` = "active" ];then
      iptables_status="运行中"
      # iptables -nL 只有filter的规则
      iptables_rules=`iptalbes-save`
  else
      iptables_status="没有运行"
      iptables_rules="空"
  fi
  #未来可以优化，本地访问呢的端口，外部端口
  #统计如果端口数量为0，提示没有开放服务
  port_list=`ss -lntup  |awk 'NR>1{print $5}' |sed 's#.*:##g'|sort |uniq |xargs`
  zombie_process_count=`ps aux   |awk 'NR>1 && $8=="Z"' |wc -l`
  zombie_process_list=`ps aux   |awk 'NR>1 && $8=="Z"' |xargs`
  stopped_process_count=`ps aux   |awk 'NR>1 && $8=="T"' |wc -l`
  startup_server_count=`systemctl list-unit-files |grep -wc enabled `
  startup_server_list=`systemctl list-unit-files |grep -w enabled |awk '{print $1}' |xargs`
  cat >>$file_save_result<<-EOF
  $name,selinux是否关闭,$selinux_status
  $name,iptables防火墙状态,$iptables_status
  $name,iptables防火墙状态,$iptables_rules
  $name,开启的端口列表,$port_list
  $name,僵尸进程数量,$zombie_process_count
  $name,僵尸进程名字,$zombie_process_list
  $name,后台挂起进程数量,$stopped_process_count
  $name,开机自启服务数量,$startup_server_count
  $name,开机自启服务,$startup_server_list
EOF
  #检查指定服务的状态
  for  srv_name in $server_list 
  do
      server_count=`ps -ef |grep -w "$srv_name"|grep -v grep|wc -l `
      if [ $server_count -gt 0  ];then
          server_status="运行中"
      else
          server_status="没有运行中"
      fi
      cat >>$file_save_result<<-EOF
      $name,$srv_name状态,$server_status
EOF
  done
  echo -e "$GREEN $name 检查完成$END"
}
###7.web#-------------------------------------------------
web_info() {
  name="web检查"  
  #    尝试3次   超时时间  安静模式    --不下载文件
  wget -t 3      -T 1     -q        --spider $web_url
  if [ $? -eq 0 ];then
  #             不输出错误  指定输出内容        指定输出文件
     status_code=`curl -s -w "%{http_code}\n" -o /dev/null $web_url`
  else
     status_code="网站无法访问"
  fi
  port_80_conn_count=` ss -ant |awk '$4~/:80$/' |wc -l`
  port_80_bingfa_count=`ss -ant |awk '$4~/:80$/ && $1~/ESTAB/'  |wc -l`
  cat >>$file_save_result<<-EOF
  $name,网站状态码,$status_code
  $name,80端口的连接数(各种状态),$port_80_conn_count
  $name,80端口的并发数,$port_80_bingfa_count
EOF
  echo -e "$GREEN $name 检查完成$END"
}
####8.other-------------------------------------------
other_info() {
  name="其他检查"
  if_has_backup=`crontab -l|grep -c backup`
  if_has_ntpdate=`crontab -l|grep -c ntpdate`
  cat >>$file_save_result<<-EOF
  $name,是否有定时备份,$if_has_backup
  $name,是否有时间同步,$if_has_ntpdate
EOF
  echo -e "$GREEN $name 检查完成$END"
}
main() {
  sys_basic
  sys_cpu 
  sys_mem
  sys_disk
  user_info
  network_info
  service_info
  web_info
  other_info 
  res_file_process
}
main