saltstack把执行的结果保存到mysql中,以便进行命令安全审计

  mysql负责存储数据,mysql-python负责收集数据

  master需要安装mysql和MySQL-python,minion端安装MySQL-python

系统环境

 CentOS Linux release 7.4

   master    10.0.0.111

   minion    10.0.0.112

1、master 端操作:

参考网址:https://docs.saltstack.com/en/latest/ref/returners/all/salt.returners.mysql.html

参考博客:https://www.cnblogs.com/zzzhfo/p/5867771.html

  1.1、安装mysql

wget -i -c http://dev.mysql.com/get/mysql57-community-release-el7-10.noarch.rpm

yum -y install mysql57-community-release-el7-10.noarch.rpm

yum -y install mysql-server MySQL-python

#启动mysql

systemctl start  mysqld.service

systemctl enable mysqld.service

systemctl status mysqld.service

#修改mysql密码

[root@salt-server ~]# grep "password" /var/log/mysqld.log


set global validate_password_policy=0;

set global validate_password_length=1;

ALTER USER 'root'@'localhost' IDENTIFIED BY '123456';

#修改完密码后再依次输入以下内容:
##########################################################
CREATE DATABASE  `salt`

  DEFAULT CHARACTER SET utf8

  DEFAULT COLLATE utf8_general_ci;
##########################################################
USE `salt`;
##########################################################
DROP TABLE IF EXISTS `jids`;

CREATE TABLE `jids` (

  `jid` varchar(255) NOT NULL,

  `load` mediumtext NOT NULL,

  UNIQUE KEY `jid` (`jid`)

) ENGINE=InnoDB DEFAULT CHARSET=utf8;

CREATE INDEX jid ON jids(jid) USING BTREE;
############################################################
DROP TABLE IF EXISTS `salt_returns`;

CREATE TABLE `salt_returns` (

  `fun` varchar(50) NOT NULL,

  `jid` varchar(255) NOT NULL,

  `return` mediumtext NOT NULL,

  `id` varchar(255) NOT NULL,

  `success` varchar(10) NOT NULL,

  `full_ret` mediumtext NOT NULL,

  `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

  KEY `id` (`id`),

  KEY `jid` (`jid`),

  KEY `fun` (`fun`)

) ENGINE=InnoDB DEFAULT CHARSET=utf8;
############################################################
DROP TABLE IF EXISTS `salt_events`;

CREATE TABLE `salt_events` (

`id` BIGINT NOT NULL AUTO_INCREMENT,

`tag` varchar(255) NOT NULL,

`data` mediumtext NOT NULL,

`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

`master_id` varchar(255) NOT NULL,

PRIMARY KEY (`id`),

KEY `tag` (`tag`)

) ENGINE=InnoDB DEFAULT CHARSET=utf8;
#############################################################
grant all on salt.* to salt@'%' identified by '123456';

#以下是上边操作的截图

  

  

  

 

  1.2、测试mysql是否设置完成

  1.3、修改master主配置文件

[root@salt-server ~]# vim /etc/salt/minion

mysql.host: '10.0.0.111'

mysql.user: 'salt'

mysql.pass: '123456'

mysql.db: 'salt'

mysql.port: 3306

#重启配置文件

systemctl restart salt-minion  

    

2、minion端修改内容如下:

yum -y install MySQL-python

[root@minion02 ~]# vim /etc/salt/minion

mysql.host: '10.0.0.111'

mysql.user: 'salt'

mysql.pass: '123456'

mysql.db: 'salt'

mysql.port: 3306

#重启minion服务

systemctl restart salt-minion

  

总测试:

[root@salt-server ~]# salt '*' test.ping --return mysql

[root@salt-server ~]# salt '*' cmd.run 'df -h' --return mysql





 在master的mysql服务查看:




[root@salt-server ~]# mysql -uroot -p

Enter password:

mysql> use salt;

Reading table information for completion of table and column names

You can turn off this feature to get a quicker startup with -A

Database changed

mysql> mysql> select * from salt_returns\G;






方法2


master端安装MySQL-python和mysql-server

minion端不需要安装MySQL-python包





操作步骤略(与发一相同)

[root@salt-master /]# vim /etc/salt/master   追加如下内容

master_job_cache: mysql      #每次执行不加--return mysql由master端将返回的数据写入数据库 不需要minion

重启服务

[root@salt-master /]# /etc/init.d/salt-master restart

测试:

[root@salt-master /]# salt 'salt-minion' test.ping

salt-minion:

    True

[root@salt-master /]# salt 'salt-minion' cmd.run 'df -h'

salt-minion:

    Filesystem      Size  Used Avail Use% Mounted on

    /dev/sda3        18G  935M   16G   6% /

    tmpfs           495M   12K  495M   1% /dev/shm

    /dev/sda1       194M   27M  158M  15% /boot



root@salt-master /]# mysql -u salt -p -h 192.168.161.131

Enter password:

mysql> use salt;

Reading table information for completion of table and column names

You can turn off this feature to get a quicker startup with -A

Database changed

mysql> select * from salt_returns;

+-----------+----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+---------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+

| fun       | jid                  | return                                                                                                                                                                                   | id          | success | full_ret                                                                                                                                                                                                                                                                                                                                                                                   | alter_time          |

+-----------+----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+---------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+

| test.ping | 20160826200517605155 | true                                                                                                                                                                                     | salt-minion | 1       | {"fun_args": [], "jid": "20160826200517605155", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "salt-minion"}                                                                                                                                                                                                                                                    | 2016-08-26 20:05:17 |

| test.ping | 20160826202029989457 | true                                                                                                                                                                                     | salt-minion | 1       | {"fun_args": [], "jid": "20160826202029989457", "return": true, "retcode": 0, "success": true, "cmd": "_return", "_stamp": "2016-08-26T12:20:30.138166", "fun": "test.ping", "id": "salt-minion"}                                                                                                                                                                                          | 2016-08-26 20:20:30 |

| cmd.run   | 20160826202045948708 | "Filesystem      Size  Used Avail Use% Mounted on\n/dev/sda3        18G  935M   16G   6% /\ntmpfs           495M   12K  495M   1% /dev/shm\n/dev/sda1       194M   27M  158M  15% /boot" | salt-minion | 1       | {"fun_args": ["df -h"], "jid": "20160826202045948708", "return": "Filesystem      Size  Used Avail Use% Mounted on\n/dev/sda3        18G  935M   16G   6% /\ntmpfs           495M   12K  495M   1% /dev/shm\n/dev/sda1       194M   27M  158M  15% /boot", "retcode": 0, "success": true, "cmd": "_return", "_stamp": "2016-08-26T12:20:45.984974", "fun": "cmd.run", "id": "salt-minion"} | 2016-08-26 20:20:46 |

+-----------+----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+---------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+

3 rows in set (0.00 sec)





  


 
												


											
saltstack-把执行结果存储到mysql服务内的更多相关文章
	

    
								
  1. saltstack执行结果存储到MySQL
		
    saltstack执行结果保存到MySQL中,以便进行命令安全审计必须是python2.7以上的环境安装相关模块ubuntu系统安装 apt-get install -y python-mysqldb ...
    
		
    2. 
						
  2. 安装/移除 MySQL 服务
		
    MySQL Community Server 下载:https://dev.mysql.com/downloads/mysql/ 以下内容使用的版本为:mysql-5.7.17-win32.zip 1 ...
    
		
    3. 
						
  3. 【saltstack】saltstack执行结果和事件存储到mysql
		
    前言 项目中使用saltstack有一段时间了,之前都是在控制台操作,后来感觉越来越不方便,每次操作需要登陆服务器,还需要记一堆命令.最重要的是,公司进新人之后,新人由于不熟悉saltstack,容易 ...
    
		
    4. 
						
  4. SaltStack远程执行-返回MySQL
		
    上一篇:SaltStack远程执行-模块 参考官方文档:https://docs.saltstack.com/en/latest/ref/returners/all/salt.returners.my ...
    
		
    5. 
						
  5. docker 部署mysql服务之后,执行sql脚本
		
    1,先将.sql文件copy到docker容器里 docker ps //找到容器的短ID或者指定的name. docker inspect  -f '{{.Id}}' id or name 得到指定 ...
    
		
    6. 
						
  6. MySql免安装版安装配置,附MySQL服务无法启动解决方案
		
          文首提要:             我下载的MySQL版本是:mysql-5.7.17-winx64.zip  Archive版:系统:Windows7 64位. 一.解压文件 下载好My ...
    
		
    7. 
						
  7. [MySQL Reference Manual] 5 MySQL 服务管理
		
    5. MySQL 服务管理 5. MySQL 服务管理 5.1 The Mysql Server 5.2 Mysql 服务日志 5.2.1 选择General query log和slow query ...
    
		
    8. 
						
  8. Saltstack远程执行(四)
		
    Saltstack远程执行 语法例:salt '*' cmd.run 'w' -  命令:salt -  目标:'*' -  模块:cmd.run,自带150+模块,也可以自己写模块 -  返回:执行 ...
    
		
    9. 
						
  9. win7下安装MYSQL报错:"MYSQL 服务无法启动"的3534问题
		
    上午在win7下安装MYSQL,只到“net start mysql”这一步报错:3534的错误: 于是在百度中搜索关键字“mysql服务无法启动3534”. 参考以下两个链接中的方法,解决了3534 ...
    
		
    10. 
		

	


随机推荐
	

    
									
  1. Java注解(二)
			
    前面了解了注解的基本内容,这次来看一下自定义注解. 自定义注解其实很简单,直接上代码: import java.lang.annotation.Documented; import java.lang ...
    
			
    2. 
						
  2. hdu 3085
			
    Nightmare Ⅱ Time Limit: 2000/1000 MS (Java/Others)    Memory Limit: 32768/32768 K (Java/Others)Total ...
    
			
    3. 
						
  3. 采用DTO和DAO对JDBC程序进行进一步优化
			
    采用DTO和DAO对JDBC程序进行进一步优化 DTO:数据传输对象,主要用于远程调用等需要远程调用对象的地方DAO:数据访问对象,主要实现封装数据库的访问,通过它可以把数据库中的表转换成DTO类 引 ...
    
			
    4. 
						
  4. Mybatis中的jdbcType的作用
			
    使用MyBatis框架做更新操作时,在该字段需要更新的内容为空时,就会出现1111错误,也就是无效的列类型,这个时候你就要使用jdbcType.至于什么时候要使用到javaType我还没遇到过,而且我 ...
    
			
    5. 
						
  5. Code Signal_练习题_Minesweeper
			
    In the popular Minesweeper game you have a board with some mines and those cells that don't contain  ...
    
			
    6. 
						
  6. YII 用gii生成modules模块下的mvc
			
    1.生成model ModelPath设置为: application.modules.[moduleName].models 2.生成CURD ModelClass设置为: application. ...
    
			
    7. 
						
  7. nginx的启动和关闭
			
    nginx的启动和关闭nginx -h 查看帮助信息nginx -v 查看Nginx的版本号nginx -V 显示Nginx的版本号和编译信息start nginx 启动Nginxnginx -s s ...
    
			
    8. 
						
  8. c# 异步和同步问题(转载)
			
    [C#] 谈谈异步编程async await   为什么需要异步,异步对可能起阻止作用的活动(例如,应用程序访问 Web 时)至关重要. 对 Web 资源的访问有时很慢或会延迟. 如果此类活动在同步过 ...
    
			
    9. 
						
  9. CentOS7系列--1.2CentOS7基本设置
			
    CentOS7基本设置 1. 查看相关信息 1.1. 查看系统信息 1.1.1. 查看系统位数 方法1: [root@centos7 ~]# uname -a Linux centos7.smartm ...
    
			
    10. 
						
  10. JS实现填报时对修改过的单元格进行标识
			
    1. 描述 在填报预览时,对单元格编辑后,其左上角有个红色标记,但非常不明显,用户很难注意到.有没有什么好的办法,对单元格操作后,将其做较明显的特殊标记处理,方便用户识别呢? 如图所示:对单元格进行操 ...
    
			
    11.