51工具盒子概述
为方便获取服务器系统及服务相关信息,根据业务实际以及系统相关情况特编写该脚本。
脚本功能
- 可查询服务器主板、BIOS、CPU、内存卡、网卡硬件信息;
- 可查询系统基础信息、SElinux状态、语言编码、启动时间等信息;
- 可查询默认网卡配置信息、外网地址、本地网卡地址等信息;
- 可检查OpenSSH服务版本、运行状态、协议版本、监听端口、信任主机等信息;
- 可查询Firewalld&IPtables防火墙状态、版本、规则信息;
- 可检查JAVA工具部署情况;
- 可检查Sudoers授权信息;
- 可查询UDP&TCP端口监听信息;
- 可查询系统自启动执行命令内容;
- 可查询历史用户登录窗口和时间等信息;
- 可查询最近10个软件安装信息;
- 可查询系统各用户所配置的计划任务;
- 可查询随系统自启动的服务以及当前系统运行的服务;
- 可查询僵尸进程、CPU&内存占用前十进程;
- 可检查SNMP服务运行状态;
- 可检查NTP服务运行状态;
- 可检查Syslog服务运行状态;
- 可检查用户密码过期时间、密码策略;
- 可检查特权用户、空密码用户、相同ID用户、可登录用户列表;
- 可检查磁盘分区、分区大小、可用率等信息;
- 可检查内存使用情况、缓存、交换分区等信息。
脚本内容
#!/bin/bash
# Centos7服务器系统及服务信息查询
# Author: admin@lolicp.com
# Date: 2021-12-10
# Version: 0.0.2
# Description: 该脚本用于查询服务器硬件及系统服务信息
设置脚本语言
======
Old_LANG=$LANG
LANG="en_US.utf8"
查看系统版本
======
System_Release_D=`sed -n 's/.*release[[:space:]]\([0-9]\)\.[0-9].*/\1/p' /etc/redhat-release`
Info_Header(){
echo -e "#==================== \\033\[33m ${1} !\\033\[0m ====================#"
}
Info_Echo(){
echo -e "#\\t${1}\\t: \\033\[33m${2}\\033\[0m"
}
Info_Echo_2(){
echo -e "#\\t\\t${1}\\t: \\033\[33m${2}\\033\[0m"
}
检查If判断是否为空
==========
Check_If_Not_Code_Null(){
if \[ ! -z "${2}" \];then
Info_Echo_2 "${1}" "${2}"
fi
}
检查服务状态
======
Check_Service_Status(){
if \[\[ ${System_Release_D} -eq 7 \]\];then
# 服务检查
systemctl is-active ${1}
else
if \[ -e "/etc/init.d/$1" \];then
if \[ `/etc/init.d/${1} status 2>/dev/null | grep -E "is running|正在运行" | wc -l` -ge 1 \];then
echo "active"
else
echo "inactive"
fi
else
echo "unknown"
fi
fi
}
安装必要的依赖
=======
Init_Install_Packages_Name_List=(pciutils nmap-ncat)
for Install_Packages_Name in ${Init_Install_Packages_Name_List\[@\]};do
Check_Install_Info=`rpm -q "${Install_Packages_Name}"`
if \[\[ "${Check_Install_Info}" =\~ "is not installed" \]\];then
yum -y install "${Install_Packages_Name}" \&\> /dev/null
fi
done
服务器硬件信息
=======
Hardware_Information(){
Info_Header "服务器设备信息"
# 服务器序列号
System_Serial_Number=`dmidecode -s system-serial-number`
if \[ -z "${System_Serial_Number}" \];then
System_Serial_Number=`cat /proc/device-tree/serial-number`
fi
# 服务器型号
System_Product_Name=`dmidecode -s system-product-name|egrep -v '^#|^$'|head -1`
if \[ -z "${System_Product_Name}" \];then
System_Product_Name=`cat /proc/device-tree/model`
fi
# 服务器制造商
System_Manufacturer=`dmidecode -s system-Manufacturer`
# 服务器硬件类型
System_Server_Hardware_Type=`dmesg |awk '/virtualized kernel on/ {if($8 == ""){print $7}else{print $7,$8}}'`
if \[ -z "${System_Server_Hardware_Type}" \];then
System_Server_Hardware_Type=`lscpu|awk -F'[: ]+' '/Virtualization/{print $2}'`
fi
Info_Echo "服务器序列号" "${System_Serial_Number}"
Info_Echo "服务器制造商" "${System_Manufacturer}"
Info_Echo "服务器型号" "${System_Product_Name}"
Info_Echo "服务器硬件类型" "${System_Server_Hardware_Type}"
Info_Header "BIOS信息"
# Bios信息
System_Bios_Info=`dmidecode -t bios`
# Bios厂商
System_Bios_Vendor_Info=`echo "${System_Bios_Info}" |awk -F':[[:space:]]' '/Vendor/ {print $2}'|sort|uniq`
# Bios版本
System_Bios_Version_Info=`echo "${System_Bios_Info}" |awk -F':[[:space:]]' '/Version/ {print $2}'|sort|uniq`
# Bios发布时间
System_Bios_Release_Date_Info=`echo "${System_Bios_Info}" |awk -F':[[:space:]]' '/Release Date/ {print $2}'|sort|uniq`
Info_Echo "Bios厂商" "${System_Bios_Vendor_Info}"
Info_Echo "Bios版本" "${System_Bios_Version_Info}"
Info_Echo "Bios发布时间" "${System_Bios_Release_Date_Info}"
Info_Header "CPU硬件信息"
CPU_Info=`cat /proc/cpuinfo`
# CPU架构
CPU_Arch_Info=`uname -m`
# 物理CPU数量
CPU_Physical_Sum_Info=`echo "${CPU_Info}"|grep "^physical id"| sort | uniq | wc -l`
# CPU物理线程数
CPU_Cores_Sum_Info=`echo "${CPU_Info}"|grep "^cpu cores"|uniq| awk -F':[[:space:]]' '{print $2}'`
# CPU逻辑线程数
CPU_Processor_Info=`echo "${CPU_Info}"|awk '/^processor/ {processor[$2]++} END { for (sum in processor) {print processor[sum]}}'`
if [ "${CPU_Physical_Sum_Info}" = 0 -a "${CPU_Processor_Info}" -gt 0 -a -z "${CPU_Cores_Sum_Info}" ];then
# CPU物理线程数
CPU_Physical_Sum_Info=1
CPU_Cores_Sum_Info=$CPU_Processor_Info
fi
Info_Echo "CPU架构类型" "${CPU_Arch_Info}"
Info_Echo "物理CPU数量" "${CPU_Physical_Sum_Info}"
Info_Echo "CPU总物理核心数" "${CPU_Physical_Sum_Info} * ${CPU_Cores_Sum_Info}"
Info_Echo "CPU总逻辑线程数" "${CPU_Processor_Info}"
# CPU物理ID列表
CPU_Device_Physical_Id_List=`echo "${CPU_Info}"|awk -F':[[:space:]]' '/^physical id/ {print $2}'|sort |uniq`
if [ -z "${CPU_Device_Physical_Id_List}" ];then
Info_Echo "CPU硬件型号" "`echo "${CPU_Info}"|awk -F':[[:space:]]' '/^Hardware/ {print $2}'`"
fi
for CPU_Device_Physical_Id in ${CPU_Device_Physical_Id_List};do
# CPU硬件信息
CPU_Device_All_Info=`echo "${CPU_Info}"|grep -A 15 -B 9 "^physical id.*${CPU_Device_Physical_Id}"`
# CPU设备型号
CPU_Device_Model_Name_Info=`echo "${CPU_Device_All_Info}" |awk -F':[[:space:]]' '/^model name/ {print $2}'|sort|uniq`
# CPU缓存大小
CPU_Device_Cache_Size_Info=`echo "${CPU_Device_All_Info}" |awk -F':[[:space:]]' '/^cache size/ {print $2}'|sort|uniq`
# CPU逻辑线程数
CPU_Device_Siblings_Info=`echo "${CPU_Device_All_Info}" |awk -F':[[:space:]]' '/^siblings/ {print $2}'|sort|uniq`
# CPU物理核心数
CPU_Device_Cpu_Cores_Info=`echo "${CPU_Device_All_Info}" |awk -F':[[:space:]]' '/^cpu cores/ {print $2}'|sort|uniq`
# CPU硬件查询
CPU_Device_Processor_Info=`dmidecode -t processor|grep -v '[[:space:]][[:space:]]' |grep -A 22 -B2 "CPU.$((${CPU_Device_Physical_Id}+1))"|grep -B 30 "^$"`
if [ -z "${CPU_Device_Processor_Info}" ];then
# CPU硬件查询
CPU_Device_Processor_Info=`dmidecode -t processor|grep -v '[[:space:]][[:space:]]' |grep -A 22 -B2 "CPU.$((${CPU_Device_Physical_Id}+1))"`
if [ -z "${CPU_Device_Processor_Info}" ];then
# CPU硬件查询
CPU_Device_Processor_Info=`dmidecode -t processor|grep -v '[[:space:]][[:space:]]' |grep -A 22 -B2 "Socket.$((${CPU_Device_Physical_Id}+1))"`
if [ -z "${CPU_Device_Processor_Info}" ];then
# CPU硬件查询
CPU_Device_Processor_Info=`dmidecode -t processor|grep -v '[[:space:]][[:space:]]' |grep -A 22 -B2 "CPU.${CPU_Device_Physical_Id}"`
fi
fi
fi
# CPU最大速率
CPU_Device_Processor_Max_Speed=`echo "${CPU_Device_Processor_Info}" |awk -F':[[:space:]]' '/Max Speed:/ {print $2}'`
# CPU当前速率
CPU_Device_Processor_Current_Speed=`echo "${CPU_Device_Processor_Info}" |awk -F':[[:space:]]' '/Current Speed:/ {print $2}'`
# CPU序列号
CPU_Device_Processor_ID=`echo "${CPU_Device_Processor_Info}" |awk -F':[[:space:]]' '/[[:space:]]ID:/ {print $2}'`
Info_Echo "CPU硬件型号" "${CPU_Device_Model_Name_Info}"
Info_Echo_2 "CPU物理ID" "${CPU_Device_Physical_Id}"
Check_If_Not_Code_Null "CPU序列号" "${CPU_Device_Processor_ID}"
Info_Echo_2 "CPU缓存大小" "${CPU_Device_Cache_Size_Info}"
Info_Echo_2 "CPU物理核心数" "${CPU_Device_Cpu_Cores_Info}"
Info_Echo_2 "CPU逻辑线程数" "${CPU_Device_Siblings_Info}"
Check_If_Not_Code_Null "CPU最大速率" "${CPU_Device_Processor_Max_Speed}"
Check_If_Not_Code_Null "CPU当前速率" "${CPU_Device_Processor_Current_Speed}"
done
Info_Header "内存硬件信息"
# 总内存数
System_Memory_Total_Number=`awk -F":[[:space:]]" '/^MemTotal:/ {print $2}' /proc/meminfo|awk '{print $1/1024/1024}'`
Info_Echo "当前内存" "${System_Memory_Total_Number} G"
# 最大支持内存
System_Memory_Maximum_Capacity=`dmidecode -t memory |awk -F':[[:space:]]' '/Maximum Capacity:/ {print $2}'|uniq`
Info_Echo "最大支持内存" "${System_Memory_Maximum_Capacity}"
# 内存条总插槽数
System_Memory_Number_Of_Devices=`dmidecode -t memory |awk -F':[[:space:]]' '/Number Of Devices:/ {print $2}'|uniq`
Info_Echo "内存条总插槽数" "${System_Memory_Number_Of_Devices}"
# 内存条序列号列表
Memory_Device_Serial_Number_List=`dmidecode -t memory |awk -F':[[:space:]]' '/Serial Number/{print $2}'|egrep -v 'NO[[:space:]]|_SerNum|Not'`
# 内存条数量
Memory_Device_Number=`echo "${Memory_Device_Serial_Number_List}"|wc -l`
Info_Echo "已插内存条条数" "${Memory_Device_Number}"
Old_IFS=$IFS
IFS=$'\n'
for Memory_Device_Serial_Number in ${Memory_Device_Serial_Number_List};do
# 内存条硬件信息
Memory_Device_Info=`dmidecode -t memory |grep -A '7' -B '15' "${Memory_Device_Serial_Number}"`
# 存储大小
Memory_Device_Size_Info=`echo "${Memory_Device_Info}"|awk -F':[[:space:]]' '/Size:/ {print $2}'`
# 设备制造商
Memory_Device_Manufacturer_Info=`echo "${Memory_Device_Info}"|awk -F':[[:space:]]' '/Manufacturer:/ {print $2}'`
# 设备部件序号
Memory_Device_Part_Number_Info=`echo "${Memory_Device_Info}"|awk -F':[[:space:]]' '/Part Number:/ {print $2}'`
# 设备部件序号
Memory_Device_Speed_Info=`echo "${Memory_Device_Info}"|awk -F':[[:space:]]' '/^[[:space:]]Speed:/ {print $2}'`
Info_Echo "内存条序列号" "${Memory_Device_Serial_Number}"
Info_Echo_2 "内存条频率" "${Memory_Device_Speed_Info}"
Info_Echo_2 "内存条大小" "${Memory_Device_Size_Info}"
Info_Echo_2 "内存条制造商" "${Memory_Device_Manufacturer_Info}"
Info_Echo_2 "设备部件序号" "${Memory_Device_Part_Number_Info}"
done
IFS=$Old_IFS
Info_Header "网卡硬件信息"
# 网卡名称列表
Network_Device_Name_List=`ls /sys/class/net/`
for Network_Device_Name in ${Network_Device_Name_List};do
Info_Echo "网卡设备名称" "${Network_Device_Name}"
# 网卡设备信息
Network_Device_Info=`ethtool ${Network_Device_Name} 2>&1`
# 网卡开启状态
Network_Device_Link_Detected_Info=`echo "${Network_Device_Info}"|awk -F':[[:space:]]' '/Link detected:/{print $2}'`
# 网卡接口类型
Network_Device_Port_Info=`echo "${Network_Device_Info}"|awk -F':[[:space:]]' '/Port:/{print $2}'`
# 网卡工作速率
Network_Device_Speed_Info=`echo "${Network_Device_Info}"|awk -F':[[:space:]]' '/Speed:/{print $2}'`
# 网卡工作模式
Network_Device_Duplex_Info=`echo "${Network_Device_Info}"|awk -F':[[:space:]]' '/Duplex:/{print $2}'`
# 网卡设备驱动信息
Network_Device_Driver_Info=`ethtool -i ${Network_Device_Name} 2>&1`
# 网卡设备驱动类型
Network_Device_Driver_Type_Info=`echo "${Network_Device_Driver_Info}"|awk -F':[[:space:]]' '/^driver:/{print $2}'`
# 网卡设备驱动版本
Network_Device_Driver_Version_Info=`echo "${Network_Device_Driver_Info}"|awk -F':[[:space:]]' '/^version:/{print $2}'`
# 网卡设备总线信息
Network_Device_Driver_Bus_Info_Info=`echo "${Network_Device_Driver_Info}"|awk -F':[[:space:]]' '/^bus-info:/{print $2}'|grep -Ev 'N/A|^tap'`
Check_If_Not_Code_Null "网卡接口类型" "${Network_Device_Port_Info}"
Check_If_Not_Code_Null "网卡工作模式" "${Network_Device_Duplex_Info}"
Info_Echo_2 "网卡开启状态" "${Network_Device_Link_Detected_Info}"
Check_If_Not_Code_Null "网卡工作速率" "${Network_Device_Speed_Info}"
Check_If_Not_Code_Null "网卡驱动类型" "${Network_Device_Driver_Type_Info}"
Check_If_Not_Code_Null "网卡驱动版本" "${Network_Device_Driver_Version_Info}"
Check_If_Not_Code_Null "网卡总线信息" "${Network_Device_Driver_Bus_Info_Info}"
if [ ! -z "${Network_Device_Driver_Bus_Info_Info}" ];then
Network_Device_All_Info=`lspci -s "${Network_Device_Driver_Bus_Info_Info}" -vv 2>&1`
# 网卡设备名称
Network_Device_Name_Info=`echo "${Network_Device_All_Info}" |awk -F':[[:space:]]' '/Ethernet controller:/ {print $2}'`
# 网卡设备序列号
Network_Device_Device_Serial_Number_Info=`echo "${Network_Device_All_Info}" |awk -F'Device Serial Number[[:space:]]' '/Device Serial Number/ {print $2}'`
Info_Echo_2 "网卡硬件型号" "${Network_Device_Name_Info}"
Check_If_Not_Code_Null "网卡设备序列号" "${Network_Device_Device_Serial_Number_Info}"
fi
done
}
基础系统信息
======
System_Info(){
Info_Header "系统信息"
# 获取当前主机名
Host_Name=`uname -n`
# 操作系统
Operating_System=`uname -o`
# 系统内核
System_Kernel=`uname -r`
# 操作系统发行版本
System_Release=`cat /etc/redhat-release`
# SElinux状态
SELinux_Status=`/usr/sbin/sestatus | awk '/^SELinux status:/ {print $3}'`
# 系统启动时间
System_Start=`who -b|awk '{print $3,$4}'`
Info_Echo "主机名称" "${Host_Name}"
Info_Echo "操作系统" "${Operating_System}"
Info_Echo "系统内核" "${System_Kernel}"
Info_Echo "发行版本" "${System_Release}"
Info_Echo "SElinux状态" "${SELinux_Status}"
Info_Echo "语言/编码" "${Old_LANG}"
Info_Echo "启动时间" "${System_Start}"
}
网络信息
====
Network_Info(){
Info_Header "网络信息"
# 默认网卡名称
Network_Device_Default_Name=`route -n |awk '/^0.0.0.0/ {print $8}'`
# 获取外网IP
External_Network_Address=`curl -s --connect-timeout 2 http://ip.42.pl/raw`
Info_Echo "默认出口网卡" "${Network_Device_Default_Name}"
Info_Echo "外网地址" "${External_Network_Address}"
# DNS服务器地址
Network_Resolv=`awk '/^nameserver/ {print $2}' /etc/resolv.conf| tr '\n' ',' | sed 's/,$//'`
# 网关IP
Network_Getway_Address=`route -n|awk '/^0/ {print $2}'`
Info_Echo "DNS地址" "${Network_Resolv}"
Info_Echo "网关地址" "${Network_Getway_Address}"
# 网卡名称列表
Network_Device_Name_List=`ls /sys/class/net/`
for Network_Device_Name in ${Network_Device_Name_List};do
Info_Echo "网卡名称" "${Network_Device_Name}"
# 获取默认网卡IPv4\&IPv6地址
Domanin_Server_Ip_List=`ip addr show ${Network_Device_Name}|awk -F'[ ]+' '/inet/{print $3}'`
for Domanin_Server_Ip in ${Domanin_Server_Ip_List};do
Info_Echo_2 "本地地址" "${Domanin_Server_Ip}"
done
done
}
SSH检查信息
=======
SSH_Check_Info(){
Info_Header "OpenSSH检查"
# SSH服务版本
Sshd_Service_Version=`ssh -V 2>&1|awk -F'[ ,]+' '{print $1}'`
# SSH监听端口
Sshd_Port=`sshd -T 2>&1|awk '/^port/ {print $2}'`
# SSH允许远程ROOT登录
Sshd_Permit_Root_Login=`sshd -T 2>&1|awk '/^permitrootlogin/ {print $2}'`
# SSH运行状态
Server_Sshd_Running_Status=`Check_Service_Status "sshd"`
# SSH协议版本
Sshd_Protocol_Version=`nc -v -i 0.01 127.0.0.1 ${Sshd_Port} 2>&1|awk -F'-' '/^SSH/{print $2}'`
# SSH密码登陆
Sshd_Password_Authentication=`sshd -T 2>&1|awk '/^passwordauthentication/ {print $2}'`
# 信任主机配置
Sshd_Authorized_Keys_File=`sshd -T 2>&1|awk '/^authorizedkeysfile/ {print $2}'`
# 空密码登陆
Sshd_Permit_Empty_Passwords=`sshd -T 2>&1|awk '/^permitemptypasswords/ {print $2}'`
Info_Echo "SSHD服务版本" "${Sshd_Service_Version}"
Info_Echo "SSHD运行状态" "${Server_Sshd_Running_Status}"
Info_Echo "SSHD协议版本" "${Sshd_Protocol_Version}"
Info_Echo "监听端口" "${Sshd_Port}"
Info_Echo "ROOT远程登录" "${Sshd_Permit_Root_Login}"
Info_Echo "SSH密码登陆" "${Sshd_Password_Authentication}"
Info_Echo "空密码登陆" "${Sshd_Permit_Empty_Passwords}"
Info_Echo "信任主机配置" "${Sshd_Authorized_Keys_File}"
# 主机登陆用户列表
Passwd_List_Info=`cat /etc/passwd`
# 信任主机列表
Sshd_Login_Bash_User_List=`echo "${Passwd_List_Info}"|awk -F':' '/\/bin\/bash/ {print $1}'`
for Sshd_Login_Bash_User in ${Sshd_Login_Bash_User_List};do
# 信任主机配置文件绝对路径
Sshd_Authorize_File=`echo "${Passwd_List_Info}"|awk -F':' "/^${Sshd_Login_Bash_User}/ {print \\$6\"/${Sshd_Authorized_Keys_File}\"}"`
if \[ -f "${Sshd_Authorize_File}" \];then
# 信任主机名称
Sshd_Authorized_Host=`awk '{print $3}' $Sshd_Authorize_File 2>/dev/null | tr '\n' ',' | sed 's/,$//'`
Check_If_Not_Code_Null "${Sshd_Login_Bash_User}免密授权" "${Sshd_Authorized_Host}"
fi
done
}
防火墙检查
=====
Firewall_Check(){
Info_Header "防火墙检查"
# Firewalld版本
Firewalld_Version=`firewall-cmd --version 2>&1`
# Firewalld防火墙运行状态
Server_Firewalld_Running_Status=`Check_Service_Status "firewalld"`
# Firewalld默认节点
Firewalld_Default_Zone=`firewall-cmd --get-default-zone 2>&1`
# Firewalld地址伪装功能
Firewalld_Masquerade=`firewall-cmd --zone=${Firewalld_Default_Zone} --list-all 2>&1|awk -F':[[:space:]]' '/masquerade:/ {print $2}'`
Info_Echo "Firewalld防火墙运行状态" "${Server_Firewalld_Running_Status}"
if \[ "${Server_Firewalld_Running_Status}" = 'active' \];then
Info_Echo "Firewalld版本" "${Firewalld_Version}"
Check_If_Not_Code_Null "Firewalld地址伪装功能" "${Firewalld_Masquerade}"
Info_Echo "Firewalld默认节点" "${Firewalld_Default_Zone}"
# Firewalld服务端口
Firewalld_Ports_List=`firewall-cmd --zone=${Firewalld_Default_Zone} --list-ports 2>&1`
Check_If_Not_Code_Null "Firewalld开放端口" "${Firewalld_Ports_List}"
# Firewalld高级规则
Firewalld_Rich_Rules_List=`firewall-cmd --zone=${Firewalld_Default_Zone} --list-rich-rules 2>&1`
Old_IFS=$IFS
IFS=$'\\n'
for Firewalld_Rich_Rules in ${Firewalld_Rich_Rules_List};do
Info_Echo_2 "Firewalld高级规则" "${Firewalld_Rich_Rules}"
done
# 还原分隔符
IFS=$Old_IFS
fi
# IPtables_版本
IPtables_Version=`iptables --version 2>&1|awk '{print $2}'`
# iptables防火墙运行状态
Server_IPtables_Running_Status=`Check_Service_Status "iptables"`
# Input列表
IPtables_Input_List=`iptables -n -L INPUT 2>&1`
# Input开放列表
IPtables_Input_ACCEPT_List=`echo "${IPtables_Input_List}" |awk -F'[ :.]+' '/^ACCEPT/ {if ($4 == "0"){print}}'`
# IPtables开放端口
IPtables_Input_ACCEPT_Port=`echo "${IPtables_Input_ACCEPT_List}"|awk -F'[[:space:]]dpt:' '{print $2}'|sort |uniq|grep -v '^$'| tr '\n' ',' | sed 's/,$//'`
# IPtables开放端口范围
IPtables_Input_ACCEPT_Ports=`echo "${IPtables_Input_ACCEPT_List}"|awk -F'[[:space:]]dpts:' '{print $2}'|sort |uniq|grep -v '^$'| tr '\n' ',' | sed 's/,$//'`
Info_Echo "IPtables版本" "${IPtables_Version}"
Info_Echo "IPtables防火墙运行状态" "${Server_IPtables_Running_Status}"
Check_If_Not_Code_Null "IPtables开放端口" "${IPtables_Input_ACCEPT_Port}"
Check_If_Not_Code_Null "IPtables开放端口范围" "${IPtables_Input_ACCEPT_Ports}"
}
JAVA检查
======
Java_Check(){
Info_Header "JAVA检查"
# 检查java是否部署
Check_Java_Install_Info=`which java 2>&1`
if \[\[ "${Check_Java_Install_Info}" =\~ "which: no" \|\| -z "${Check_Java_Install_Info}" \]\];then
Check_Java_Install_Info_D='未部署'
else
Check_Java_Install_Info_D='已部署'
fi
# JAVA版本
Java_Version=`java -version 2>&1|awk -F'[ "]+' '/version/ {print $3}'`
Info_Echo "JAVA状态" "${Check_Java_Install_Info_D}"
Check_If_Not_Code_Null "JAVA版本" "${Java_Version}"
Check_If_Not_Code_Null "JAVA家目录" "${JAVA_HOME}"
}
Sudoers检查
=========
Sudoers_Check(){
Info_Header "Sudoers检查"
# Sudoers配置文件
Sudoers_Conf_Info=`egrep -v "^#|Defaults|^$" /etc/sudoers`
Old_IFS=$IFS
IFS=$'\\n'
for Sudoers_Conf in ${Sudoers_Conf_Info};do
# 授权用户
Sudoers_User=`echo "${Sudoers_Conf}"|awk '{print $1}'`
# 授权主机
Sudoers_Host=`echo "${Sudoers_Conf}"|awk '{print $2}'`
# 授权命令
Sudoers_Order=`echo "${Sudoers_Conf}"|awk '{print $3}'`
# 授权类型
Sudoers_Order_T=`echo "${Sudoers_Order}"|awk -F':' '{print $1}'`
# 授权命令列表
Sudoers_Order_D_List=`echo "${Sudoers_Order}"|awk -F':' '{print $2}'|sed -n 's/,/\n/gp'`
if \[ -z "${Sudoers_Order_T}" \];then
Sudoers_Order_T=$Sudoers_Order
fi
Info_Echo "授权用户" "${Sudoers_User}"
Info_Echo_2 "授权主机" "${Sudoers_Host}"
Info_Echo_2 "授权类型" "${Sudoers_Order_T}"
for Sudoers_Order_D in ${Sudoers_Order_D_List};do
Info_Echo_2 "授权命令" "${Sudoers_Order_D}"
done
done
# 还原分隔符
IFS=$Old_IFS
}
端口监听检查
======
Port_Answer_Check(){
Info_Header "端口监听检查"
# 端口接听列表
Network_Answer_Port_Info_List=`ss -ntxulp | column -t|awk 'NR>1'`
Old_IFS=$IFS
IFS=$'\\n'
for Network_Answer_Port_Info in ${Network_Answer_Port_Info_List};do
# 网络监听类型
Network_Answer_Type=`echo "${Network_Answer_Port_Info}"|awk '{print $1}'`
# 网络监听状态
Network_Answer_Status=`echo "${Network_Answer_Port_Info}"|awk '{print $2}'`
# 本地地址及端口
Network_Answer_Local_Port=`echo "${Network_Answer_Port_Info}"|awk '{print $5}'`
# 对端地址及端口
Network_Answer_Peer_Address_Port=`echo "${Network_Answer_Port_Info}"|awk '{print $6}'`
if \[ "${Network_Answer_Type}" = 'tcp' -o "${Network_Answer_Type}" = 'udp' \];then
# 显示监听端口的进程
Network_Answer_Peer_Process_Info=`echo "${Network_Answer_Port_Info}"|awk '{print $7}'`
else
# 显示监听端口的进程
Network_Answer_Peer_Process_Info=`echo "${Network_Answer_Port_Info}"|awk '{print $9}'`
fi
# 监听端口服务
Network_Answer_Peer_Process_Command=`echo "${Network_Answer_Peer_Process_Info}"|awk -F'[ ",=)]+' '{print $2}'`
# 监听进程Pid
Network_Answer_Peer_Process_Pid=`echo "${Network_Answer_Peer_Process_Info}"|awk -F'[ ",=)]+' '{print $4}'`
Network_Answer_Peer_Process_Fd=`echo "${Network_Answer_Peer_Process_Info}"|awk -F'[ ",=)]+' '{print $6}'`
Info_Echo "本地地址及端口" "${Network_Answer_Local_Port}"
Info_Echo_2 "网络监听类型" "${Network_Answer_Type}"
Info_Echo_2 "监听端口服务" "${Network_Answer_Peer_Process_Command}"
Info_Echo_2 "监听进程Pid" "${Network_Answer_Peer_Process_Pid}"
Info_Echo_2 "网络监听状态" "${Network_Answer_Status}"
Info_Echo_2 "对端地址及端口" "${Network_Answer_Peer_Address_Port}"
done
# 还原分隔符
IFS=$Old_IFS
}
自启动检查
=====
Auto_Start_Check(){
Info_Header "自启动检查"
rc_File_List=`find /etc/rc.d/ -type f`
IFS=$'\\n'
Old_IFS=$IFS
for Up_File in $rc_File_List;do
if \[ -f "${Up_File}" \];then
# 本地自启动信息
Local_Start_List=`egrep -v '^#|^$' "${Up_File}"`
Info_Echo "自启动文件" "${Up_File}"
for Local_Start in ${Local_Start_List};do
Info_Echo_2 "启动命令" "${Local_Start}"
done
fi
done
# 还原分隔符
IFS=$Old_IFS
}
用户登陆检查
======
User_Login_Check(){
Info_Header "用户登陆检查"
# 历史登陆用户信息
History_Login_User_Info_List=`who /var/log/wtmp|tail`
Old_IFS=$IFS
IFS=$'\\n'
for History_Login_User_Info in ${History_Login_User_Info_List};do
#echo "${History_Login_User_Info}"
# 历史登陆用户名称
History_Login_User_Name=`echo "${History_Login_User_Info}"|awk '{print $1}'`
# 历史登陆窗口
History_Login_Window=`echo "${History_Login_User_Info}"|awk '{print $2}'`
# 历史登陆时间
History_Login_Date=`echo "${History_Login_User_Info}"|awk '{print $3,$4}'`
# 历史登陆IP
History_Login_Address=`echo "${History_Login_User_Info}"|awk -F'[()]+' '{print $2}'`
Info_Echo "登陆用户" "${History_Login_User_Name}"
Info_Echo_2 "历史登陆窗口" "${History_Login_Window}"
Info_Echo_2 "历史登陆时间" "${History_Login_Date}"
Info_Echo_2 "历史登陆地址" "${History_Login_Address}"
done
# 还原分隔符
IFS=$Old_IFS
}
软件包安装检查
=======
Packages_Install_Check(){
Info_Header "软件包安装检查"
Packages_Install_Info_List=`rpm -qa --last | head | column -t|awk '{print $1}'`
Old_IFS=$IFS
IFS=$'\\n'
for Packages_Install_Info in ${Packages_Install_Info_List};do
# 软件安装时间
Packages_Install_Date=`rpm -qi "${Packages_Install_Info}"|awk -F':[[:space:]]' '/^Install Date/ {print $2}'|sed -r 's/[[:space:]]Build.*//g'|xargs -i date -d "{}" "+%Y-%m-%d %H:%M:%S"`
# 软件打包时间
Packages_Build_Date=`rpm -qi "${Packages_Install_Info}"|awk -F':[[:space:]]' '/^Build Date/ {print $2}'`
Info_Echo "安装包" "${Packages_Install_Info}"
Info_Echo_2 "软件安装时间" "${Packages_Install_Date}"
Info_Echo_2 "软件打包时间" "${Packages_Build_Date}"
done
# 还原分隔符
IFS=$Old_IFS
}
计划任务检查
======
Scheduled_Task_Check(){
Info_Header "计划任务检查"
# 系统登陆SHELL列表
System_Login_Shell_List=`grep -Ev "/sbin/nologin|^#|^$" /etc/shells|sed -n 's#/#\\\/#gp'`
for System_Login_Shell in ${System_Login_Shell_List};do
System_Login_User_List=`awk -F':' "/${System_Login_Shell}/ {print \\$1}" /etc/passwd`
for System_Login_User in ${System_Login_User_List};do
System_User_Crontab_List=`crontab -l -u "${System_Login_User}" 2>/dev/null|grep -v '^#'`
if \[ ! -z "${System_User_Crontab_List}" \];then
Info_Echo "用户" "${System_Login_User}"
Old_IFS=$IFS
IFS=$'\\n'
for System_User_Crontab in ${System_User_Crontab_List};do
Info_Echo_2 "生效任务" "${System_User_Crontab}"
done
# 还原分隔符
IFS=$Old_IFS
fi
done
done
# 检索计划任务配置文件
# find /etc/cron\* -type f \| xargs -i ls -l {} \| column -t
}
服务检查
====
System_Service_Check(){
Info_Header "自启服务检查"
if \[\[ "${System_Release_D}" -eq 7 \]\];then
# 开机启动的服务列表
System_Enable_Service_Info_List=`systemctl list-unit-files --type=service --state=enabled --no-pager | awk '/.service/ {print $1}'`
# 运行的服务列表
System_Running_Service_Info_List=`systemctl list-units --type=service --state=running --no-pager | awk '/.service/ {print $1}'`
else
# 开机启动的服务列表
System_Enable_Service_Info_List=$(/sbin/chkconfig \| grep -E ":on\|:启用"\|awk '{print $1}')
# 运行的服务列表
System_Running_Service_Info_List=`/sbin/service --status-all 2>/dev/null | grep -E "is running|正在运行"|awk '{print $1}'`
fi
for System_Enable_Service_Info in ${System_Enable_Service_Info_List};do
Info_Echo "服务 ${System_Enable_Service_Info/.service} 状态" "Enabled"
done
Info_Header "运行服务检查"
for System_Running_Service_Info in ${System_Running_Service_Info_List};do
Info_Echo "服务 ${System_Running_Service_Info/.service} 状态" "Running"
done
}
服务进程检查
======
Service_Process_Check(){
Info_Header "服务进程检查"
# 僵尸进程
Zombie_Process_Check_Sum=`ps -ef | grep defunct | grep -v grep | wc -l`
Info_Echo "僵尸进程数量" "${Zombie_Process_Check_Sum}"
Info_Header "内存占用前10"
# 内存占用前10
Process_Memory_Info_List=`ps ax -o ruser=userForLongName -e -o pid,%mem,rss,start,time,command| sort -k3rn | head -n 10`
Old_IFS=$IFS
IFS=$'\n'
for Process_Memory_Info in ${Process_Memory_Info_List};do
# 进程PID
Process_Memory_Pid=`echo "${Process_Memory_Info}"|awk '{print $2}'`
# 程序运行路径
Process_Running_Path=`lsof -p ${Process_Memory_Pid} -a -d txt +c 15|awk 'NR>1 {print $9}'`
# 进程名称
Process_Memory_Command=`lsof -p ${Process_Memory_Pid} -a -d txt +c 15|awk 'NR>1 {print $1}'`
# 运行用户
Process_Memory_Running_User=`echo "${Process_Memory_Info}"|awk '{print $1}'`
# 内存使用率
Process_Memory_Use_Rate=`echo "${Process_Memory_Info}"|awk '{print $3}'`
# 物理内存使用
Process_Memory_RSS=`echo "${Process_Memory_Info}"|awk '{print $4}'`
# 运行时间
Process_Memory_Time=`echo "${Process_Memory_Info}"|awk '{print $5,$6,$7}'`
Process_Memory_Time_1=`echo "${Process_Memory_Time}"|grep '^[0-9]'`
if [ -z "${Process_Memory_Time_1}" ];then
Process_Memory_Time=`echo "${Process_Memory_Time}"|xargs -i date -d "{}" "+%Y-%m-%d %H:%M:%S"`
else
# 进程运行时间
Process_Memory_Time=`echo "${Process_Memory_Info}"|awk '{print $5}'|xargs -i date "+%Y-%m-%d {}"`
fi
Info_Echo "运行PID" "${Process_Memory_Pid}"
Info_Echo_2 "运行用户" "${Process_Memory_Running_User}"
Info_Echo_2 "运行时间" "${Process_Memory_Time}"
Info_Echo_2 "内存使用率" "${Process_Memory_Use_Rate}%"
Info_Echo_2 "物理内存使用" "$((${Process_Memory_RSS}/1024))M"
Info_Echo_2 "进程名称" "${Process_Memory_Command}"
Info_Echo_2 "程序运行路径" "${Process_Running_Path}"
done
# 还原分隔符
IFS=$Old_IFS
Info_Header "CPU占用前10"
# CPU占用前10
Process_CPU_Info_List=`ps ax -o ruser=userForLongName -e -o pid,%cpu,start,time,command| sort -k3rn | head -n 10`
Old_IFS=$IFS
IFS=$'\n'
for Process_CPU_Info in ${Process_CPU_Info_List};do
# 运行PID
Process_CPU_Pid=`echo "${Process_CPU_Info}"|awk '{print $2}'`
# 程序运行路径
Process_Running_Path=`lsof -p ${Process_CPU_Pid} -a -d txt +c 15|awk 'NR>1 {print $9}'`
# 进程名称
Process_CPU_Command=`lsof -p ${Process_CPU_Pid} -a -d txt +c 15|awk 'NR>1 {print $1}'`
# 运行用户
Process_CPU_User=`echo "${Process_CPU_Info}"|awk '{print $1}'`
# CPU使用率
Process_CPU_Use_Rate=`echo "${Process_CPU_Info}"|awk '{print $3}'`
# 进程运行时间
Process_CPU_Running_Time=`echo "${Process_CPU_Info}"|awk '{print $4,$5,$6}'`
Process_CPU_Running_Time_1=`echo "${Process_CPU_Running_Time}"|grep '^[0-9]'`
if [ -z "${Process_CPU_Running_Time_1}" ];then
Process_CPU_Running_Time=`echo "${Process_CPU_Running_Time}"|xargs -i date -d "{}" "+%Y-%m-%d %H:%M:%S"`
else
# 进程运行时间
Process_CPU_Running_Time=`echo "${Process_CPU_Info}"|awk '{print $4}'|xargs -i date "+%Y-%m-%d {}"`
fi
Info_Echo "运行PID" "${Process_CPU_Pid}"
Info_Echo_2 "运行用户" "${Process_CPU_User}"
Info_Echo_2 "进程运行时间" "${Process_CPU_Running_Time}"
Info_Echo_2 "CPU使用率" "${Process_CPU_Use_Rate}%"
Info_Echo_2 "进程名称" "${Process_CPU_Command}"
Info_Echo_2 "程序运行路径" "${Process_Running_Path}"
done
# 还原分隔符
IFS=$Old_IFS
}
SNMP服务检查
========
SNMP_Service_Check(){
Info_Header "SNMP服务检查"
# SNMP服务状态
SNMP_Service_Status=`Check_Service_Status snmpd`
Info_Echo "服务状态:" "${SNMP_Service_Status}"
#if \[ -e /etc/snmp/snmpd.conf \];then
# echo "/etc/snmp/snmpd.conf"
# echo "--------------------"
# cat /etc/snmp/snmpd.conf 2\>/dev/null \| grep -v "\^#" \| sed '/\^$/d'
#fi
}
NTP服务检查
=======
NTP_Service_Check(){
Info_Header "NTP服务检查"
# ntpd服务状态
Ntpd_Service_Status=`Check_Service_Status ntpd`
Info_Echo "服务状态:" "${Ntpd_Service_Status}"
#if \[ -e /etc/ntp.conf \];then
# echo "/etc/ntp.conf"
# echo "-------------"
# egrep -v '\^#\|\^$' /etc/ntp.conf
#fi
}
Syslog服务检查
==========
Syslog_Service_Check(){
Info_Header "Syslog服务检查"
# ntpd服务状态
Rsyslog_Service_Status=`Check_Service_Status rsyslog`
Info_Echo "服务状态:" "${Rsyslog_Service_Status}"
#echo "/etc/rsyslog.conf"
#echo "-----------------"
#cat /etc/rsyslog.conf 2\>/dev/null \| grep -v "\^#" \| grep -v "\^\\$" \| sed '/\^$/d' \| column -t
}
用户密码检查
======
User_Passwd_Check(){
Info_Header "密码过期检查"
# 系统密码
Passwd_List_Info=`cat /etc/passwd`
# 系统登陆SHELL列表
System_Login_Shell_List=`grep -Ev "/sbin/nologin|^#|^$" /etc/shells|sed -n 's#/#\\\/#gp'`
for System_Login_Shell in ${System_Login_Shell_List};do
System_Login_User_List=`awk -F':' "/${System_Login_Shell}/ {print \\$1}" /etc/passwd`
for System_Login_User in ${System_Login_User_List};do
Get_User_Expiry_Date=$(/usr/bin/chage -l $System_Login_User | awk -F':[[:space:]]' '/Password expires/{print $2}')
if [[ ${Get_User_Expiry_Date} = 'never' ]];then
Info_Echo_2 "${System_Login_User}" "永不过期"
else
password_expiry_date=$(date -d "${Get_User_Expiry_Date}" "+%s")
current_date=$(date "+%s")
diff=$(($password_expiry_date-$current_date))
let DAYS=$(($diff/(60*60*24)))
Info_Echo_2 "${System_Login_User}" "${DAYS}天后过期"
fi
done
done
Info_Header "密码策略检查"
Info_Echo "最晚过期天数" "`awk '/^PASS_MAX_DAYS/ {print $2}' /etc/login.defs`"
Info_Echo "最早过期天数" "`awk '/^PASS_MIN_DAYS/ {print $2}' /etc/login.defs`"
Info_Echo "最短密码长度" "`awk '/^PASS_MIN_LEN/ {print $2}' /etc/login.defs`"
Info_Echo "密码过期提醒" "`awk '/^PASS_WARN_AGE/ {print $2}' /etc/login.defs`"
}
用户信息检查
======
User_Info_Check(){
Info_Header "用户信息检查"
# 主机登陆用户列表
Passwd_List_Info=`cat /etc/passwd`
Root_User_List=`echo "${Passwd_List_Info}"|awk -F':' '{if($3 == 0){print $1}}'| tr '\n' ',' | sed 's/,$//'`
Info_Echo "特权用户" "${Root_User_List}"
Info_Header "空密码用户检查"
# 系统登陆SHELL列表
System_Login_Shell_List=`grep -Ev "/sbin/nologin|^#|^$" /etc/shells|sed -n 's#/#\\\/#gp'`
for System_Login_Shell in ${System_Login_Shell_List};do
System_Login_User_List=`awk -F':' "/${System_Login_Shell}/ {print \\$1}" /etc/passwd`
for System_Login_User in ${System_Login_User_List};do
# 系统登录用户名称
System_Login_User_Name=`awk -F: "/${System_Login_User}/ {if(\\$2 == \"!!\"){print \\$1}}" /etc/shadow`
Check_If_Not_Code_Null "空密码用户" "${System_Login_User_Name}"
done
done
Info_Header "相同用户UID检查"
# 重复用户ID列表
System_Login_User_ID_List=`cut -d: -f3 /etc/passwd | sort | uniq -c | awk '$1>1{print $2}'`
for System_Login_User_ID in $System_Login_User_ID_List;do
# 用户名称列表
System_Login_User_Name=$(awk -F: 'ORS="";$3=='"$System_Login_User_ID"'{print "",$1}' /etc/passwd)
Info_Echo "用户名ID ${System_Login_User_ID}" "${System_Login_User_Name}"
done
Info_Header "用户列表"
# 系统登陆SHELL列表
System_Login_Shell_List=`grep -Ev "/sbin/nologin|^#|^$" /etc/shells|sed -n 's#/#\\\/#gp'`
for System_Login_Shell in ${System_Login_Shell_List};do
# 系统用户列表
System_Login_User_List=`awk -F':' "/${System_Login_Shell}/ {print \\$1}" /etc/passwd`
for System_Login_User in ${System_Login_User_List};do
# 系统用户最后登录时间
System_User_Last_Login="$(who --users /var/log/wtmp|awk "/^${System_Login_User}[[:space:]]/ {print \$3,\$4}"|tail -n1)"
if [ -z "${System_User_Last_Login}" ];then
System_User_Last_Login="No Last Login"
fi
# 用户ID
System_User_Uid=`echo "${Passwd_List_Info}"|awk -F':' "/^${System_Login_User}:/ {print \\$3}"`
# 用户组ID
System_User_Group_Uid=`echo "${Passwd_List_Info}"|awk -F':' "/^${System_Login_User}:/ {print \\$4}"`
# 用户组名称
System_User_Group_Name=`awk -F':' "{if (\\$3 == ${System_User_Group_Uid}){print \\$1}}" /etc/group`
# 用户家目录
System_User_Home_Path=`echo "${Passwd_List_Info}"|awk -F':' "/^${System_Login_User}:/ {print \\$6}"`
Info_Echo "用户名称" "${System_Login_User}"
Info_Echo_2 "用户ID" "${System_User_Uid}"
Info_Echo_2 "用户家目录" "${System_User_Home_Path}"
Info_Echo_2 "用户SHELL" "`echo "${System_Login_Shell}"|sed -n 's#\\\/#/#gp'`"
Info_Echo_2 "最后登录时间" "${System_User_Last_Login}"
Info_Echo_2 "用户组名称" "${System_User_Group_Name}"
Info_Echo_2 "用户组ID" "${System_User_Group_Uid}"
done
done
}
磁盘检查
====
Get_Disk_Check(){
Info_Header "磁盘检查"
#查看已挂载磁盘空间剩余
Disk_Info=`df -TP`
#查看磁盘信息
Disk_Info_Name=`echo "${Disk_Info}" |awk '/^\// {print $1}'`
for Disk_Name in $Disk_Info_Name;do
# 磁盘分区
Disk_Name_D=`echo "${Disk_Name}"|sed -n 's#/#\\\/#gp'`
# 可用率
Disk_Info_D=`echo "${Disk_Info}" |awk "/${Disk_Name_D}/ {print \\$5/\\$3*100}" |awk -F. '{print $1}'`
# 分区大小
Disk_Size=`echo "${Disk_Info}" |awk "/${Disk_Name_D}/ {print \\$3/1024/1024}"`
# 磁盘可用
Disk_Size_Available=`echo "${Disk_Info}" |awk "/${Disk_Name_D}/ {print \\$5/1024/1024}"`
Info_Echo "磁盘分区" "${Disk_Name}"
Info_Echo_2 "分区大小" "${Disk_Size}G"
Info_Echo_2 "剩余可用率" "${Disk_Info_D}%"
Info_Echo_2 "可用空间" "${Disk_Size_Available}G"
done
#df -hiP \| sed 's/Mounted on/Mounted/'\> /tmp/inode
#df -hTP \| sed 's/Mounted on/Mounted/'\> /tmp/disk
#join /tmp/disk /tmp/inode \| awk '{print $1,$2,"\|",$3,$4,$5,$6,"\|",$8,$9,$10,$11,"\|",$12}'\| column -t
}
内存检查
====
Memory_Check(){
Info_Header "内存使用检查"
System_Memory_Info=`cat /proc/meminfo`
# 总内存大小
System_Memory_Total_Number=`echo "${System_Memory_Info}"|awk -F":[[:space:]]" '/^MemTotal:/ {print $2}'|awk '{print $1/1024/1024}'`
# 剩余内存
System_Memory_Free_Number=`echo "${System_Memory_Info}"|awk -F":[[:space:]]" '/^MemFree:/ {print $2}'|awk '{print $1/1024}'`
# 已使用内存
System_Memory_Use_Number=`echo|awk "{print ${System_Memory_Total_Number}-(${System_Memory_Free_Number}/1024)}"`
# 可用内存
System_Memory_Available_Number=`echo "${System_Memory_Info}"|awk -F":[[:space:]]" '/^MemAvailable:/ {print $2}'|awk '{print $1/1024}'`
# 内核页缓存使用
System_Memory_Cached_Number=`echo "${System_Memory_Info}"|awk -F":[[:space:]]" '/^Cached:/ {print $2}'|awk '{print $1/1024}'`
# 内核缓冲区使用
System_Memory_Buffers_Number=`echo "${System_Memory_Info}"|awk -F":[[:space:]]" '/^Buffers:/ {print $2}'|awk '{print $1/1024}'`
# Slab可回收内存 SUnreclaim部分板坯,可能被收回,如高速缓存。
System_Memory_SReclaimable_Number=`echo "${System_Memory_Info}"|awk -F":[[:space:]]" '/^SReclaimable:/ {print $2}'|awk '{print $1/1024}'`
# 缓存区总和
System_Memory_Cached_Buffers_SReclaimable_Number=`echo|awk "{print ${System_Memory_Cached_Number}+${System_Memory_Buffers_Number}+${System_Memory_SReclaimable_Number}}"`
# Slab不可回收内存
System_Memory_SUnreclaim_Number=`echo "${System_Memory_Info}"|awk -F":[[:space:]]" '/^SUnreclaim:/ {print $2}'|awk '{print $1/1024}'`
# 交换分区总大小
System_Memory_Swap_Total_Number=`echo "${System_Memory_Info}"|awk -F":[[:space:]]" '/^SwapTotal:/ {print $2}'|awk '{print $1/1024}'`
# 交换分区剩余内存
System_Memory_Swap_Free_Number=`echo "${System_Memory_Info}"|awk -F":[[:space:]]" '/^SwapFree:/ {print $2}'|awk '{print $1/1024}'`
# 交换分区已使用内存
System_Memory_Swap_Use_Number=`echo|awk "{if(${System_Memory_Swap_Total_Number}-${System_Memory_Swap_Free_Number} != 0){print ${System_Memory_Swap_Total_Number}-(${System_Memory_Swap_Free_Number}/1024)}else{print 0}}"`
# 交换分区缓存
System_Memory_Swap_Cached_Number=`echo "${System_Memory_Info}"|awk -F":[[:space:]]" '/^SwapCached:/ {print $2}'|awk '{print $1/1024}'`
Info_Echo "总内存大小" "${System_Memory_Total_Number}G"
Info_Echo_2 "已使用内存" "${System_Memory_Use_Number}G"
Info_Echo_2 "剩余内存" "${System_Memory_Free_Number}M"
Check_If_Not_Code_Null "可用内存" "${System_Memory_Available_Number}"
Info_Echo "缓存区总和" "${System_Memory_Cached_Buffers_SReclaimable_Number}M"
Info_Echo_2 "内核页缓存使用" "${System_Memory_Cached_Number}M"
Info_Echo_2 "内核缓冲区使用" "${System_Memory_Buffers_Number}M"
Info_Echo_2 "Slab可回收内存" "${System_Memory_SReclaimable_Number}M"
Info_Echo_2 "Slab不可回收" "${System_Memory_SUnreclaim_Number}M"
Info_Echo "交换分区总大小" "${System_Memory_Swap_Total_Number}M"
Info_Echo_2 "交换分区剩余内存" "${System_Memory_Swap_Free_Number}M"
Info_Echo_2 "交换分区已使用内存" "${System_Memory_Swap_Use_Number}G"
Info_Echo_2 "交换分区缓存" "${System_Memory_Swap_Cached_Number}G"
}
Cpu_Check(){
Info_Header "CPU使用检查"
#默认时间间隔
TIME_INTERVAL=1
# 上一次系统CPU全部使用信息
Last_System_CPU_Usage_Total_Info=`awk '/^cpu[0-9]{0,9}[[:space:]]/ {print $1,$2,$3,$4,$5,$6,$7,$8}' /proc/stat`
sleep ${TIME_INTERVAL}
# 新的系统CPU全部使用信息
New_System_CPU_Usage_Total_Info=`awk '/^cpu[0-9]{0,9}[[:space:]]/ {print $1,$2,$3,$4,$5,$6,$7,$8}' /proc/stat`
# 系统CPU核心名称列表
System_CPU_Name_List=`awk '/^cpu/ {print $1}' /proc/stat`
for System_CPU_Name in ${System_CPU_Name_List};do
# 上一次系统CPU使用信息
Last_System_CPU_Usage_Info=`echo "${Last_System_CPU_Usage_Total_Info}"|awk "/^${System_CPU_Name}[[:space:]]/ {print \\$2,\\$3,\\$4,\\$5,\\$6,\\$7,\\$8}"`
# 从系统启动开始累计到当前时刻,nice值为负的进程所占用的CPU时间(单位:jiffies)
Last_System_CPU_USER_BUSY=$(echo $Last_System_CPU_Usage_Info \| awk '{print $1}')
# 从系统启动开始累计到当前时刻,除硬盘IO等待时间以外其它等待时间(单位:jiffies)
Last_System_CPU_SYS_BUSY=$(echo $Last_System_CPU_Usage_Info \| awk '{print $3}')
# 从系统启动开始累计到当前时刻,硬盘IO等待时间(单位:jiffies)
Last_System_CPU_SYS_IDLE=$(echo $Last_System_CPU_Usage_Info \| awk '{print $4}')
# CPU时间
Last_System_CPU_TOTAL_CPU_T=$(echo $Last_System_CPU_Usage_Info \| awk '{print $1+$2+$3+$4+$5+$6+$7}')
# CPU使用
Last_System_CPU_CPU_USAGE=$(echo $Last_System_CPU_Usage_Info \| awk '{print $1+$2+$3}')
# 新的系统CPU使用信息
New_System_CPU_Usage_Info=`echo "${New_System_CPU_Usage_Total_Info}"|awk "/^${System_CPU_Name}[[:space:]]/ {print \\$2,\\$3,\\$4,\\$5,\\$6,\\$7,\\$8}"`
# 从系统启动开始累计到当前时刻,nice值为负的进程所占用的CPU时间(单位:jiffies)
New_System_CPU_USER_BUSY=$(echo $New_System_CPU_Usage_Info | awk '{print $1}')
# 从系统启动开始累计到当前时刻,除硬盘IO等待时间以外其它等待时间(单位:jiffies)
New_System_CPU_SYS_BUSY=$(echo $New_System_CPU_Usage_Info | awk '{print $3}')
# 从系统启动开始累计到当前时刻,硬盘IO等待时间(单位:jiffies)
New_System_CPU_SYS_IDLE=$(echo $New_System_CPU_Usage_Info | awk '{print $4}')
# CPU时间
New_System_CPU_TOTAL_CPU_T=$(echo $New_System_CPU_Usage_Info | awk '{print $1+$2+$3+$4+$5+$6+$7}')
# CPU使用
New_System_CPU_CPU_USAGE=$(echo $New_System_CPU_Usage_Info | awk '{print $1+$2+$3}')
# 系统空闲时间
SYSTEM_IDLE=`echo ${New_System_CPU_SYS_IDLE} ${Last_System_CPU_SYS_IDLE} | awk '{print $1-$2}'`
# 系统使用时间
SYSTEM_BUSY=`echo ${New_System_CPU_SYS_BUSY} ${Last_System_CPU_SYS_BUSY} | awk '{print $1-$2}'`
# 用户使用时间
USER_BUSY=`echo ${New_System_CPU_USER_BUSY} ${Last_System_CPU_USER_BUSY} | awk '{print $1-$2}'`
# 用户+系统+nice时间
TOTAL_BUSY=`echo ${New_System_CPU_CPU_USAGE} ${Last_System_CPU_CPU_USAGE} | awk '{print $1-$2}'`
# CPU总时间
TOTAL_TIME=`echo ${New_System_CPU_TOTAL_CPU_T} ${Last_System_CPU_TOTAL_CPU_T} | awk '{print $1-$2}'`
# CPU总时间百分比
CPU_USAGE=`echo ${TOTAL_BUSY} ${TOTAL_TIME} | awk '{printf "%.2f", $1/$2*100}'`
# 用户时间百分比
CPU_USER_USAGE=`echo ${USER_BUSY} ${TOTAL_TIME}|awk '{printf "%.2f", $1/$2*100}'`
# 系统时间百分比
CPU_System_Usage=`echo ${SYSTEM_BUSY} ${TOTAL_TIME} |awk '{printf "%.2f", $1/$2*100}'`
if [ "${System_CPU_Name}" = 'cpu' ];then
Info_Echo "CPU总体使用率" "${CPU_USAGE}%"
Info_Echo_2 "用户使用率" "${CPU_USER_USAGE}%"
Info_Echo_2 "系统使用率" "${CPU_System_Usage}%"
else
Info_Echo "${System_CPU_Name} 使用率" "${CPU_USAGE}%"
Info_Echo_2 "用户使用率" "${CPU_USER_USAGE}%"
Info_Echo_2 "系统使用率" "${CPU_System_Usage}%"
fi
#echo "${System_CPU_Name} Usage:${CPU_USAGE}% UserUsage:${CPU_USER_USAGE}% SysUsage:${CPU_System_Usage}%"
done
}
case $1 in
all)
# 服务器硬件信息
Hardware_Information
# 基础系统信息
System_Info
# 网络信息
Network_Info
# SSH检查信息
SSH_Check_Info
# 防火墙检查
Firewall_Check
# JAVA检查
Java_Check
# Sudoers检查
Sudoers_Check
# 端口监听检查
Port_Answer_Check
# 自启动检查
Auto_Start_Check
# 用户登陆检查
User_Login_Check
# 软件包安装检查
Packages_Install_Check
# 计划任务检查
Scheduled_Task_Check
# 服务检查
System_Service_Check
# 服务进程检查
Service_Process_Check
# SNMP服务检查
SNMP_Service_Check
# NTP服务检查
NTP_Service_Check
# Syslog服务检查
Syslog_Service_Check
# 用户密码检查
User_Passwd_Check
# 用户信息检查
User_Info_Check
# 磁盘检查
Get_Disk_Check
# 内存使用检查
Memory_Check
# CPU使用检查
Cpu_Check
;;
check)
# 防火墙检查
Firewall_Check
# Sudoers检查
Sudoers_Check
# 端口监听检查
Port_Answer_Check
# 自启动检查
Auto_Start_Check
# 用户登陆检查
User_Login_Check
# 计划任务检查
Scheduled_Task_Check
# 用户密码检查
User_Passwd_Check
# 用户信息检查
User_Info_Check
;;
\*)
echo "all\|check"
esac
还原系统语言
======
`LANG=$Old_LANG`
