zabbix监控进程和监控日志
文章目录
- zabbix监控进程和监控日志
- 一、自定义监控进程
- 1、新建脚本存放目录
- 2、修改zabbix_agentd.conf文件
- 3、zabbix server端进行测试脚本
- 4、zabbix web平台配置
- 5、配置触发器
- 6、测试--关闭httpd服务,测试告警信息
- 二、自定义监控日志
- 1、将log.py上传到/etc/zabbix/script/目录下,然后给执行权限,修改所有者和所属组为zabbix
- 2、httpd服务的日志文件在/var/log/httpd/目录下,首先我们需要给这个目录设置一个ACL权限,让zabbix用户有权限去访问该目录
- 3、下载python3来执行log.py脚本
- 4、修改zabbix_agentd.conf文件,并重启服务
- 5、测试脚本
- 6、配置监控项
- 7、创建触发器
- 8、测试,echo Error >> /var/log/httpd/error_log
一、自定义监控进程
以httpd服务为例,在agent1中安装httpd
[root@agent1 ~]# yum -y install httpd
[root@agent1 ~]# systemctl restart httpd
[root@agent1 ~]# systemctl enable httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@agent1 ~]#
[root@agent1 ~]# ps -ef |grep httpd
root 1845 1 0 14:41 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
apache 1846 1845 0 14:41 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
apache 1847 1845 0 14:41 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
apache 1848 1845 0 14:41 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
apache 1849 1845 0 14:41 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
root 2080 1786 0 14:41 pts/0 00:00:00 grep --color=auto httpd
[root@agent1 ~]# ps -ef | grep httpd | grep -v grep | wc -l
5
[root@agent1 ~]#
1、新建脚本存放目录
[root@agent1 ~]# cd /etc/zabbix/
[root@agent1 zabbix]# mkdir script
[root@agent1 zabbix]# ls
script zabbix_agentd.conf zabbix_agentd.d
[root@agent1 zabbix]# cd script/
[root@agent1 script]# vim check_httpd.sh
#!/bin/bash
count=$(ps -ef | grep -Ev "grep|$0" | grep -c httpd)
if [ $count -eq 0 ];then
echo '1'
else
echo '0'
fi
[root@agent1 script]# chown -R zabbix.zabbix /etc/zabbix/script/
[root@agent1 script]# chmod +x check_httpd.sh
[root@agent1 script]#
测试脚本--0是httpd服务开启,1为关闭
[root@agent1 script]# ./check_httpd.sh
0
[root@agent1 script]# systemctl stop httpd
[root@agent1 script]# ./check_httpd.sh
1
[root@agent1 script]#
2、修改zabbix_agentd.conf文件
[root@agent1 script]# vim /etc/zabbix/zabbix_agentd.conf
318 UserParameter=logusers,who |wc -l
319 UserParameter=check_httpd,/bin/bash /etc/zabbix/script/check_httpd.sh
[root@agent1 script]# systemctl restart zabbix-agent.service
3、zabbix server端进行测试脚本
[root@server ~]# zabbix_get -s 192.168.89.150 -k check_httpd
bash: zabbix_get: command not found...
Packages providing this file are:
'zabbix40'
'zabbix-get'
[root@server ~]# dnf -y install zabbix-get
[root@server ~]# zabbix_get -s 192.168.89.150 -k check_httpd
0
0代表httpd服务已启动
4、zabbix web平台配置
新建监控项
5、配置触发器
6、测试–关闭httpd服务,测试告警信息
[root@agent1 script]# systemctl stop httpd
- 1
二、自定义监控日志
下载log.py来协助我们进行测试,以httpd服务为例
1、将log.py上传到/etc/zabbix/script/目录下,然后给执行权限,修改所有者和所属组为zabbix
- 作用:检查日志文件中是否有指定的关键字
- 第一个参数为日志文件名(必须有,相对路径、绝对路径均可)
- 第二个参数为seek position文件的路径(可选项,若不设置则默认为/tmp/logseek文件。相对路径、绝对路径均可)
- 第三个参数为搜索关键字,默认为 Error
[root@agent1 script]# ls
check_httpd.sh
上传文件...
[root@agent1 script]# ls
check_httpd.sh log.py
[root@agent1 script]#
[root@agent1 script]# chown zabbix.zabbix log.py
[root@agent1 script]# chmod +x log.py
2、httpd服务的日志文件在/var/log/httpd/目录下,首先我们需要给这个目录设置一个ACL权限,让zabbix用户有权限去访问该目录
[root@agent1 script]# setfacl -m u:zabbix:r-x /var/log/httpd/
[root@agent1 script]# getfacl /var/log/httpd
getfacl: Removing leading '/' from absolute path names
# file: var/log/httpd
# owner: root
# group: root
user::rwx
user:zabbix:r-x
group::---
mask::r-x
other::---
[root@agent1 script]#
3、下载python3来执行log.py脚本
[root@agent1 script]# dnf -y install python3
Last metadata expiration check: 0:19:13 ago on Tue 06 Sep 2022 03:05:04 PM CST.
Dependencies resolved.
==========================================================================================================================================================================
Package Architecture Version Repository Size
==========================================================================================================================================================================
Installing:
python36 x86_64 3.6.8-38.module_el8.5.0+895+a459eca8 AppStream 19 k
Installing dependencies:
python3-pip noarch 9.0.3-20.el8 AppStream 20 k
python3-setuptools noarch 39.2.0-6.el8 base 163 k
Downgrading:
platform-python-pip noarch 9.0.3-20.el8 base 1.7 M
Enabling module streams:
python36 3.6
Transaction Summary
Install 3 Packages
Downgrade 1 Package
Total download size: 1.9 M
Downloading Packages:
(1/4): python3-pip-9.0.3-20.el8.noarch.rpm 67 kB/s | 20 kB 00:00
(2/4): python36-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64.rpm 90 kB/s | 19 kB 00:00
(3/4): python3-setuptools-39.2.0-6.el8.noarch.rpm 98 kB/s | 163 kB 00:01
(4/4): platform-python-pip-9.0.3-20.el8.noarch.rpm 99 kB/s | 1.7 MB 00:17
Total 111 kB/s | 1.9 MB 00:17
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : python3-setuptools-39.2.0-6.el8.noarch 1/5
Downgrading : platform-python-pip-9.0.3-20.el8.noarch 2/5
Installing : python36-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64 3/5
Running scriptlet: python36-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64 3/5
Installing : python3-pip-9.0.3-20.el8.noarch 4/5
Cleanup : platform-python-pip-9.0.3-22.el8.noarch 5/5
Running scriptlet: platform-python-pip-9.0.3-22.el8.noarch 5/5
Verifying : platform-python-pip-9.0.3-20.el8.noarch 1/5
Verifying : platform-python-pip-9.0.3-22.el8.noarch 2/5
Verifying : python3-setuptools-39.2.0-6.el8.noarch 3/5
Verifying : python3-pip-9.0.3-20.el8.noarch 4/5
Verifying : python36-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64 5/5
Downgraded:
platform-python-pip-9.0.3-20.el8.noarch
Installed:
python3-pip-9.0.3-20.el8.noarch python3-setuptools-39.2.0-6.el8.noarch python36-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64
Complete!
[root@agent1 script]#
4、修改zabbix_agentd.conf文件,并重启服务
[root@agent1 script]# vim /etc/zabbix/zabbix_agentd.conf
318 UserParameter=logusers,who |wc -l
319 UserParameter=check_httpd,/bin/bash /etc/zabbix/script/check_httpd.sh
320 UserParameter=check_logs[*],/usr/bin/python3 /etc/zabbix/script/log.py $1 $2 $3
[root@agent1 script]# systemctl restart zabbix-agent.service
5、测试脚本
[root@agent1 script]# python3 log.py /var/log/httpd/error_log
0
[root@agent1 script]# echo 'Error' >> /var/log/httpd/error_log
[root@agent1 script]# python3 log.py /var/log/httpd/error_log
1
[root@agent1 script]#
[root@agent1 script]# rm -rf /tmp/logseek
0为没有Error日志信息,1为有Error日志信息
测试完成后将写入的Error内容删除,而且因文件/tmp/logseek属于root账户,在web端写入写不进去,所以删除。
6、配置监控项
7、创建触发器
8、测试,echo Error >> /var/log/httpd/error_log
[root@agent1 script]# echo 'Error' >> /var/log/httpd/error_log
- 1
文章知识点与官方知识档案匹配,可进一步学习相关知识
CS入门技能树Linux入门初识Linux23142