51工具盒子本文基于Centos7系统,zabbix5.0验证通过,理论适用于其他版本。
本文不适用于纯小白,一点都不懂的不建议直接尝试!
1、在zabbix-agent主机上添加脚本
vi /etc/zabbix/tcp_connections.sh
|---|-----------------------------------| | 1 | vi /etc/zabbix/tcp_connections.sh |
#!/bin/bash stat() { netstat -an | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}' } case $1 in LAST_ACK) stat | grep 'LAST_ACK' | awk '{print $2}' ;; LISTEN) stat | grep 'LISTEN' | awk '{print $2}' ;; SYN_RECV) stat | grep 'SYN_RECV' | awk '{print $2}' ;; ESTABLISHED) stat | grep 'ESTABLISHED' | awk '{print $2}' ;; FIN_WAIT1) stat | grep 'FIN_WAIT1' | awk '{print $2}' ;; FIN_WAIT2) stat | grep 'FIN_WAIT2' | awk '{print $2}' ;; CLOSING) stat | grep 'CLOSING' | awk '{print $2}' ;; TIME_WAIT) stat | grep 'TIME_WAIT' | awk '{print $2}' ;; *) echo "Usage: LAST_ACK LISTEN SYN_RECV ESTABLISHED FIN_WAIT1 FIN_WAIT2 SYN_SENT CLOSING TIME_WAIT" ;; esac
|-------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 | #!/bin/bash stat() { netstat -an | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}' } case $1 in LAST_ACK) stat | grep 'LAST_ACK' | awk '{print $2}' ;; LISTEN) stat | grep 'LISTEN' | awk '{print $2}' ;; SYN_RECV) stat | grep 'SYN_RECV' | awk '{print $2}' ;; ESTABLISHED) stat | grep 'ESTABLISHED' | awk '{print $2}' ;; FIN_WAIT1) stat | grep 'FIN_WAIT1' | awk '{print $2}' ;; FIN_WAIT2) stat | grep 'FIN_WAIT2' | awk '{print $2}' ;; CLOSING) stat | grep 'CLOSING' | awk '{print $2}' ;; TIME_WAIT) stat | grep 'TIME_WAIT' | awk '{print $2}' ;; *) echo "Usage: LAST_ACK LISTEN SYN_RECV ESTABLISHED FIN_WAIT1 FIN_WAIT2 SYN_SENT CLOSING TIME_WAIT" ;; esac |
2、给予执行权限
chmod +x /etc/zabbix/tcp_connections.sh
|---|-----------------------------------------| | 1 | chmod +x /etc/zabbix/tcp_connections.sh |
3、测试脚本
/etc/zabbix/tcp_connections.sh TIME_WAIT
|---|------------------------------------------| | 1 | /etc/zabbix/tcp_connections.sh TIME_WAIT |
4、添加zabbix配置文件
vi /etc/zabbix/zabbix_agentd.d/userparameter_tcp_connections.conf
|---|-------------------------------------------------------------------| | 1 | vi /etc/zabbix/zabbix_agentd.d/userparameter_tcp_connections.conf |
#/etc/zabbix/tcp_connections.sh UserParameter=tcp.last_ack,/etc/zabbix/tcp_connections.sh LAST_ACK UserParameter=tcp.listen,/etc/zabbix/tcp_connections.sh LISTEN UserParameter=tcp.syn_recv,/etc/zabbix/tcp_connections.sh SYN_RECV UserParameter=tcp.established,/etc/zabbix/tcp_connections.sh ESTABLISHED UserParameter=tcp.fin_wait1,/etc/zabbix/tcp_connections.sh FIN_WAIT1 UserParameter=tcp.fin_wait2,/etc/zabbix/tcp_connections.sh FIN_WAIT2 UserParameter=tcp.closing,/etc/zabbix/tcp_connections.sh CLOSING UserParameter=tcp.time_wait,/etc/zabbix/tcp_connections.sh TIME_WAIT
|-------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | 1 2 3 4 5 6 7 8 9 | #/etc/zabbix/tcp_connections.sh UserParameter=tcp.last_ack,/etc/zabbix/tcp_connections.sh LAST_ACK UserParameter=tcp.listen,/etc/zabbix/tcp_connections.sh LISTEN UserParameter=tcp.syn_recv,/etc/zabbix/tcp_connections.sh SYN_RECV UserParameter=tcp.established,/etc/zabbix/tcp_connections.sh ESTABLISHED UserParameter=tcp.fin_wait1,/etc/zabbix/tcp_connections.sh FIN_WAIT1 UserParameter=tcp.fin_wait2,/etc/zabbix/tcp_connections.sh FIN_WAIT2 UserParameter=tcp.closing,/etc/zabbix/tcp_connections.sh CLOSING UserParameter=tcp.time_wait,/etc/zabbix/tcp_connections.sh TIME_WAIT |
5、重启zabbix-agent
systemctl restart zabbix-agent
|---|--------------------------------| | 1 | systemctl restart zabbix-agent |
6、zabbix_get进行验证
在zabbix-server主机上执行zabbix_get进行验证
zabbix_get -s IP -k tcp.time_wait
|---|-----------------------------------| | 1 | zabbix_get -s IP -k tcp.time_wait |
7、创建模板
当然你也可以选择不创建模板,直接添加,我这里使用添加模板方式。
模板名称我这里命名为tcp_connections
创建tcp_connections模板的监控项
tcp.closing
以下键值直接套上就行,此处不再截图了
tcp.last_ack
tcp.listen
tcp.syn_recv
tcp.established
tcp.fin_wait1
tcp.fin_wait2
tcp.time_wait
添加图形
最后在主机中关联模板即可
