伺服器巡檢
阿新 • • 發佈:2020-11-28
#!/bin/bash echo "You are logged in as `whoami`"; if [ `whoami` != root ]; then echo "Must be logged on as root to run this script." exit fi CHECK_DATE=`date +%F` echo "Running script at `date`" CHECK_REPORT_PATH=/tmp/getinfo ls -d $CHECK_REPORT_PATH if [ $? -gt 0 ] then mkdir $CHECK_REPORT_PATH fi chmod -R 777 $CHECK_REPORT_PATH CURRENT_DIR=`pwd` echo "#################### Check Start ####################" HOST=`hostname` echo "********Hostname Check**********" >$CHECK_REPORT_PATH/Report_$CHECK_DATE echo "Hostname is $HOSTNAME" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #系統版本檢查 echo "********OS Level**********" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE uname -a >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #系統日誌檢查 echo "********System log*******" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE cat /var/log/messages >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #檢查軟體安裝情況 echo "********Yum*******" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE history | grep yum && history | grep rpm >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #檔案系統檢查 echo "********File System**********" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE df -h >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo "over 75%" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE df -h |grep '[7-9][5-9]%'>>$CHECK_REPORT_PATH/Report_$CHECK_DATE #網路地址配置資訊 echo "********System /etc/hosts********" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE cat /etc/hosts >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #檢視記憶體使用情況 echo "**********mem check************" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE free >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE vmstat >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #檢視磁碟讀寫情況 echo "********io check**********" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE iostat >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #網路檢查 echo "********network route check**********" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE netstat -rn >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo "********network check**********" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE ifconfig -a >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #環境變數檢查 echo "********env info****************" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE env >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #使用者組檢查 echo "********group info****************" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE cat /etc/group >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #使用者密碼檢查 echo "********user info****************" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE cat /etc/passwd >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #檢查作業系統定時任務 echo "********System crontab info****************" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE crontab -l >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #檢查系統裸裝置屬主 echo "******** RAW****************" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE ls -l /dev/sd* >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #檢查關機重啟 echo "********REBOOT****************" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE last | grep reboot && last | grep shutdown >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #登入使用者檢查及遠端登入 echo "********USER****************" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE who && who | wc -l >>$CHECK_REPORT_PATH/Report_$CHECK_DATE netstat -anp | grep 22 >> $CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #系統執行時間及平均負載 echo "********Uptime****************" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE uptime >>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #檢查系統佔用cpu,記憶體,磁碟io最大的程序 echo "********Dstat cpu****************" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE dstat -c -y -l --proc-count --top-cpu 2 3 >> $CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo "********Dstat mem****************" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE dstat -g -l -m -s --top-mem 2 3 >> $CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE echo "********Dstat io****************" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE dstat --top-io 2 3 >> $CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #程序總數 echo "********Dstat proc****************" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE dstat --proc-count 3 3 >> $CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE #檢查selinux echo "********SELINUX****************" >>$CHECK_REPORT_PATH/Report_$CHECK_DATE getenforce >> $CHECK_REPORT_PATH/Report_$CHECK_DATE echo -e "----------------------------------------------------\n">>$CHECK_REPORT_PATH/Report_$CHECK_DATE