51工具盒子

依楼听风雨
笑看云卷云舒,淡观潮起潮落

zabbix 监控TCP状态连接数

1、zabbix客户端,监控TCP状态脚本,并保存到的定路径。(/usr/local/zabbix-agent/shells)

[sourcecode language="plain"]

cat zabbix_linux_plugin.sh

#!/bin/bash
############################################################

$Name: zabbix_linux_plugins.sh

$Version: v1.0

$Function: zabbix plugins

$Create Date: 2014-08-10

$Description: Monitor Linux Service Status

############################################################
tcp_status_fun(){
TCP_STAT=$1
ss -ant | awk 'NR>1 {++s[$1]} END {for(k in s) print k,s[k]}' > /tmp/netstat.tmp
TCP_STAT_VALUE=$(grep "$TCP_STAT" /tmp/netstat.tmp | cut -d ' ' -f2)
if [ -z $TCP_STAT_VALUE ];then
TCP_STAT_VALUE=0
fi
echo $TCP_STAT_VALUE
}

main(){
case $1 in
tcp_status)
tcp_status_fun $2;
;;
*)
echo $"Usage: $0 {tcp_status key}"
esac
}

main $1 $2 $3
[/sourcecode]

2、在客户端中修改zabbix_agentd.conf配置文件(/usr/local/zabbix-agent/etc/zabbix_agentd.conf)

[sourcecode language="plain"]

Option: Include

You may include individual files or all files in a directory in the configuration file.

Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time.

Mandatory: no

Default:

Include=

Include=/usr/local/etc/zabbix_agentd.userparams.conf

Include=/usr/local/etc/zabbix_agentd.conf.d/

Include=/usr/local/zabbix-agent/etc/zabbix_agentd.conf.d/*.conf # 启用Include,在zabbix_agentd.conf.d目录下的所有.conf文件被引用
用来引用自定义key的配置文件。
[/sourcecode]

3、在客户端中配置自定义KEY配置文件(/usr/local/zabbix-agent/etc/zabbix_agentd.conf.d/zabbix-linux-plugin.conf)

[sourcecode language="plain"]

cat zabbix-linux-plugin.conf

UserParameter=linux_status[*],/usr/local/zabbix-agent/shells/zabbix_linux_plugin.sh "$1" "$2" "$3"
[/sourcecode]

4、以上配置完成,重启zabbix agent服务

[sourcecode language="plain"]

/etc/init.d/zabbix_agentd restart

[/sourcecode]

5、tcp连接状态模板,这是配置好的模板,包括了TCP连接的11种状态,如果模板就需要一个一个的创建了。

[sourcecode language="plain"]

cat TCP_export_templates.3.0.xml

<?xml version="1.0" encoding="UTF-8"?>
<zabbix_export>
<version>3.0</version>
<date>2016-06-18T06:34:48Z</date>
<groups>
<group>
<name>Templates</name>
</group>
</groups>
<templates>
<template>
<template>Template Linux TCP Status</template>
<name>Template Linux TCP Status</name>
<description/>
<groups>
<group>
<name>Templates</name>
</group>
</groups>
<applications>
<application>
<name>TCP Stauts</name>
</application>
</applications>
<items>
<item>
<name>TCP Status CLOSE_WAIT</name>
<type>0</type>
<snmp_community/>
<multiplier>0</multiplier>
<snmp_oid/>
<key>linux_status[tcp_status,CLOSE-WAIT]</key>
<delay>300</delay>
<history>30</history>
<trends>90</trends>
<status>0</status>
<value_type>3</value_type>
<allowed_hosts/>
<units/>
<delta>0</delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula>1</formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type>0</data_type>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>TCP Stauts</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>TCP Status CLOSED</name>
<type>0</type>
<snmp_community/>
<multiplier>0</multiplier>
<snmp_oid/>
<key>linux_status[tcp_status,CLOSED]</key>
<delay>300</delay>
<history>30</history>
<trends>90</trends>
<status>0</status>
<value_type>3</value_type>
<allowed_hosts/>
<units/>
<delta>0</delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula>1</formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type>0</data_type>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>TCP Stauts</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>TCP Status CLOSING</name>
<type>0</type>
<snmp_community/>
<multiplier>0</multiplier>
<snmp_oid/>
<key>linux_status[tcp_status,CLOSING]</key>
<delay>300</delay>
<history>30</history>
<trends>90</trends>
<status>0</status>
<value_type>3</value_type>
<allowed_hosts/>
<units/>
<delta>0</delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula>1</formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type>0</data_type>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>TCP Stauts</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item> # ESTABLISHED状态模板,我们通过zabbix_get命令获取这个KEY,看是否可以正常获取
<name>TCP Status ESTABLISHED</name>
<type>0</type>
<snmp_community/>
<multiplier>0</multiplier>
<snmp_oid/>
<key>linux_status[tcp_status,ESTAB]</key> # 这就是Key哦
<delay>300</delay>
<history>30</history>
<trends>90</trends>
<status>0</status>
<value_type>3</value_type>
<allowed_hosts/>
<units/>
<delta>0</delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula>1</formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type>0</data_type>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>TCP Stauts</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>TCP Status FIN_WAIT1</name>
<type>0</type>
<snmp_community/>
<multiplier>0</multiplier>
<snmp_oid/>
<key>linux_status[tcp_status,FIN-WAIT-1]</key>
<delay>300</delay>
<history>30</history>
<trends>90</trends>
<status>0</status>
<value_type>3</value_type>
<allowed_hosts/>
<units/>
<delta>0</delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula>1</formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type>0</data_type>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>TCP Stauts</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>TCP Status FIN_WAIT2</name>
<type>0</type>
<snmp_community/>
<multiplier>0</multiplier>
<snmp_oid/>
<key>linux_status[tcp_status,FIN-WAIT-2]</key>
<delay>300</delay>
<history>30</history>
<trends>90</trends>
<status>0</status>
<value_type>3</value_type>
<allowed_hosts/>
<units/>
<delta>0</delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula>1</formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type>0</data_type>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>TCP Stauts</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>TCP Status LAST_ACK</name>
<type>0</type>
<snmp_community/>
<multiplier>0</multiplier>
<snmp_oid/>
<key>linux_status[tcp_status,LAST-ACK]</key>
<delay>300</delay>
<history>30</history>
<trends>90</trends>
<status>0</status>
<value_type>3</value_type>
<allowed_hosts/>
<units/>
<delta>0</delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula>1</formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type>0</data_type>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>TCP Stauts</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>TCP Status LISTEN</name>
<type>0</type>
<snmp_community/>
<multiplier>0</multiplier>
<snmp_oid/>
<key>linux_status[tcp_status,LISTEN]</key>
<delay>300</delay>
<history>30</history>
<trends>90</trends>
<status>0</status>
<value_type>3</value_type>
<allowed_hosts/>
<units/>
<delta>0</delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula>1</formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type>0</data_type>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>TCP Stauts</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>TCP Status SYN_RCVD</name>
<type>0</type>
<snmp_community/>
<multiplier>0</multiplier>
<snmp_oid/>
<key>linux_status[tcp_status,SYN-RECV]</key>
<delay>300</delay>
<history>30</history>
<trends>90</trends>
<status>0</status>
<value_type>3</value_type>
<allowed_hosts/>
<units/>
<delta>0</delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula>1</formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type>0</data_type>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>TCP Stauts</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>TCP Status SYN_SENT</name>
<type>0</type>
<snmp_community/>
<multiplier>0</multiplier>
<snmp_oid/>
<key>linux_status[tcp_status,SYN-SENT]</key>
<delay>300</delay>
<history>30</history>
<trends>90</trends>
<status>0</status>
<value_type>3</value_type>
<allowed_hosts/>
<units/>
<delta>0</delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula>1</formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type>0</data_type>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>TCP Stauts</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>TCP Status TIME_WAIT</name>
<type>0</type>
<snmp_community/>
<multiplier>0</multiplier>
<snmp_oid/>
<key>linux_status[tcp_status,TIME-WAIT]</key>
<delay>300</delay>
<history>30</history>
<trends>90</trends>
<status>0</status>
<value_type>3</value_type>
<allowed_hosts/>
<units/>
<delta>0</delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula>1</formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type>0</data_type>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>TCP Stauts</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
</items>
<discovery_rules/>
<macros/>
<templates/>
<screens/>
</template>
</templates>
<graphs>
<graph>
<name>TCP Status Statistics</name>
<width>900</width>
<height>200</height>
<yaxismin>0.0000</yaxismin>
<yaxismax>100.0000</yaxismax>
<show_work_period>1</show_work_period>
<show_triggers>1</show_triggers>
<type>0</type>
<show_legend>1</show_legend>
<show_3d>0</show_3d>
<percent_left>0.0000</percent_left>
<percent_right>0.0000</percent_right>
<ymin_type_1>0</ymin_type_1>
<ymax_type_1>0</ymax_type_1>
<ymin_item_1>0</ymin_item_1>
<ymax_item_1>0</ymax_item_1>
<graph_items>
<graph_item>
<sortorder>0</sortorder>
<drawtype>0</drawtype>
<color>C80000</color>
<yaxisside>0</yaxisside>
<calc_fnc>2</calc_fnc>
<type>0</type>
<item>
<host>Template Linux TCP Status</host>
<key>linux_status[tcp_status,CLOSED]</key>
</item>
</graph_item>
<graph_item>
<sortorder>1</sortorder>
<drawtype>0</drawtype>
<color>00C800</color>
<yaxisside>0</yaxisside>
<calc_fnc>2</calc_fnc>
<type>0</type>
<item>
<host>Template Linux TCP Status</host>
<key>linux_status[tcp_status,CLOSE-WAIT]</key>
</item>
</graph_item>
<graph_item>
<sortorder>2</sortorder>
<drawtype>0</drawtype>
<color>0000C8</color>
<yaxisside>0</yaxisside>
<calc_fnc>2</calc_fnc>
<type>0</type>
<item>
<host>Template Linux TCP Status</host>
<key>linux_status[tcp_status,CLOSING]</key>
</item>
</graph_item>
<graph_item>
<sortorder>3</sortorder>
<drawtype>0</drawtype>
<color>C800C8</color>
<yaxisside>0</yaxisside>
<calc_fnc>2</calc_fnc>
<type>0</type>
<item>
<host>Template Linux TCP Status</host>
<key>linux_status[tcp_status,ESTAB]</key>
</item>
</graph_item>
<graph_item>
<sortorder>4</sortorder>
<drawtype>0</drawtype>
<color>00C8C8</color>
<yaxisside>0</yaxisside>
<calc_fnc>2</calc_fnc>
<type>0</type>
<item>
<host>Template Linux TCP Status</host>
<key>linux_status[tcp_status,FIN-WAIT-1]</key>
</item>
</graph_item>
<graph_item>
<sortorder>5</sortorder>
<drawtype>0</drawtype>
<color>C8C800</color>
<yaxisside>0</yaxisside>
<calc_fnc>2</calc_fnc>
<type>0</type>
<item>
<host>Template Linux TCP Status</host>
<key>linux_status[tcp_status,FIN-WAIT-2]</key>
</item>
</graph_item>
<graph_item>
<sortorder>6</sortorder>
<drawtype>0</drawtype>
<color>C8C8C8</color>
<yaxisside>0</yaxisside>
<calc_fnc>2</calc_fnc>
<type>0</type>
<item>
<host>Template Linux TCP Status</host>
<key>linux_status[tcp_status,LAST-ACK]</key>
</item>
</graph_item>
<graph_item>
<sortorder>7</sortorder>
<drawtype>0</drawtype>
<color>960000</color>
<yaxisside>0</yaxisside>
<calc_fnc>2</calc_fnc>
<type>0</type>
<item>
<host>Template Linux TCP Status</host>
<key>linux_status[tcp_status,LISTEN]</key>
</item>
</graph_item>
<graph_item>
<sortorder>8</sortorder>
<drawtype>0</drawtype>
<color>009600</color>
<yaxisside>0</yaxisside>
<calc_fnc>2</calc_fnc>
<type>0</type>
<item>
<host>Template Linux TCP Status</host>
<key>linux_status[tcp_status,SYN-RECV]</key>
</item>
</graph_item>
<graph_item>
<sortorder>9</sortorder>
<drawtype>0</drawtype>
<color>000096</color>
<yaxisside>0</yaxisside>
<calc_fnc>2</calc_fnc>
<type>0</type>
<item>
<host>Template Linux TCP Status</host>
<key>linux_status[tcp_status,SYN-SENT]</key>
</item>
</graph_item>
<graph_item>
<sortorder>10</sortorder>
<drawtype>0</drawtype>
<color>960096</color>
<yaxisside>0</yaxisside>
<calc_fnc>2</calc_fnc>
<type>0</type>
<item>
<host>Template Linux TCP Status</host>
<key>linux_status[tcp_status,TIME-WAIT]</key>
</item>
</graph_item>
</graph_items>
</graph>
</graphs>
</zabbix_export>
[/sourcecode]

6、zabbix server 端通过zabbix_get命令进行测试,验证是否可以正常获取TCP状态值

[sourcecode language="plain"]
[root@linux-node1 ~]# zabbix_get -s 172.16.10.152 -k linux_status[tcp_status,ESTAB]
2
[root@linux-node1 ~]# zabbix_get -s 172.16.10.152 -k linux_status[tcp_status,LISTEN]
6
通过测试,我们可以看到,已经可以正确获取到值了,那么我们接下来,就可以在web页面将模板进行导入了。
[/sourcecode]

7、zabbix web 监控页面导入tcp连接状态模板

zabbix 监控TCP状态连接数_https://www.tiejiang.org_Linux安全运维_第1张

zabbix 监控TCP状态连接数_https://www.tiejiang.org_Linux安全运维_第2张

模板(TCP_export_templates.3.0.xml)导入成功后,将模板链接到一台就机就可以了。

zabbix 监控TCP状态连接数_https://www.tiejiang.org_Linux安全运维_第3张

zabbix 监控TCP状态连接数_https://www.tiejiang.org_Linux安全运维_第4张

最后我们来看下TCP状态有没有监控上吧。

zabbix 监控TCP状态连接数_https://www.tiejiang.org_Linux安全运维_第5张

好了,数据也有了,图形展示也有了,监控TCP状态就介绍到这里了。

赞(0)
未经允许不得转载:工具盒子 » zabbix 监控TCP状态连接数