zabbix 实现 iptables 监控
安装iptstate
# yum install iptstate
配置zabbix key
iptables.conf
# cat /etc/zabbix/zabbix_agentd.d/iptables.conf
UserParameter=iptstate[*],/etc/zabbix/monitor_scripts/iptables.sh $
配置监控脚本:
# cat /etc/zabbix/monitor_scripts/iptables.sh
#!/bin/bash
#iptables 监控脚本
#/-
function tcp {
sudo iptstate --single | grep tcp | wc -l
}
function tcp-syn {
sudo iptstate --single | grep SYN | wc -l
}
function tcp-timewait {
sudo iptstate --single | grep TIME_WAIT | wc -l
}
function tcp-established {
sudo iptstate --single | grep ESTABLISHED | wc -l
}
function tcp-close {
sudo iptstate --single | grep CLOSE | wc -l
}
function udp {
sudo iptstate --single | grep udp | wc -l
}
function icmp {
sudo iptstate --single | grep icmp | wc -l
}
function all {
sudo iptstate --single | wc -l
}
# Run the requested function
$
查看脚本的权限:
# ll
total
-rwxr-xr-x root root Apr : iptables.sh
添加sudo执行权限:
sed -i "s/^Defaults requiretty/#Defaults requiretty/g" /etc/sudoers
echo “zabbix ALL=NOPASSWD: /usr/sbin/iptstate” /etc/sudoers
模板配置:
# cat Template-iptables.xml
<?xml version="1.0" encoding="UTF-8"?>
<zabbix_export>
<version>2.0</version>
<date>--18T09::03Z</date>
<groups>
<group>
<name>Template-Security</name>
</group>
</groups>
<templates>
<template>
<template>Template-iptables</template>
<name>Template-iptables</name>
<description/>
<groups>
<group>
<name>Template-Security</name>
</group>
</groups>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<items>
<item>
<name>total all</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[all]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>total icmp</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[icmp]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>tcp close</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[tcp-close]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>tcp established</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[tcp-established]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>tcp syn</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[tcp-syn]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>tcp timewait</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[tcp-timewait]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>total tcp</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[tcp]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>total udp</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[udp]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
</items>
<discovery_rules/>
<macros/>
<templates/>
<screens/>
</template>
</templates>
<triggers>
<trigger>
<expression>{Template-iptables:iptstate[all].last()}<</expression>
<name>iptables not running</name>
<url/>
<status></status>
<priority></priority>
<description>iptstates条目小于3认为关闭或者异常状态</description>
<type></type>
<dependencies/>
</trigger>
</triggers>
<graphs>
<graph>
<name>iptstate</name>
<width></width>
<height></height>
<yaxismin>0.0000</yaxismin>
<yaxismax>100.0000</yaxismax>
<show_work_period></show_work_period>
<show_triggers></show_triggers>
<type></type>
<show_legend></show_legend>
<show_3d></show_3d>
<percent_left>0.0000</percent_left>
<percent_right>0.0000</percent_right>
<ymin_type_1></ymin_type_1>
<ymax_type_1></ymax_type_1>
<ymin_item_1></ymin_item_1>
<ymax_item_1></ymax_item_1>
<graph_items>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color>00C800</color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[tcp-close]</key>
</item>
</graph_item>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color>C80000</color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[tcp-established]</key>
</item>
</graph_item>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color>0000C8</color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[tcp-syn]</key>
</item>
</graph_item>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color>C800C8</color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[tcp-timewait]</key>
</item>
</graph_item>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color>00C8C8</color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[all]</key>
</item>
</graph_item>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color>C8C800</color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[icmp]</key>
</item>
</graph_item>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color>C8C8C8</color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[tcp]</key>
</item>
</graph_item>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color></color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[udp]</key>
</item>
</graph_item>
</graph_items>
</graph>
</graphs>
</zabbix_export>
导入模板:
重启zabbix-agent:
# /etc/init.d/zabbix-agent restart
Shutting down Zabbix agent: [ OK ]
Starting Zabbix agent: [ OK ]
增加模板本上档host
zabbix 实现 iptables 监控的更多相关文章
- zabbix和iptables的nat表结合使用
A 机器要去访问C机器,但是无法直接访问到A可以访问到B机器,B机器可以访问到C机器这时候就可以再B机器设置nat,让A机器访问C机器 正好工作中zabbix server要监控2个http地址,缺无 ...
- zabbix 配置SNMP监控
什么是SNMP? 简单网络管理协议(SNMP),由一组网络管理的标准组成,包含一个应用层协议(application layer protocol).数据库模型(database schema)和一组 ...
- Zabbix Proxy 分布式监控
简介: Zabbix 是一个分布式监控系统,它可以以一个中心点.多个分节点的模式运行,使用 proxy 能降低 Zabbix Server 的压力,当然也带来了成本~ 适用范围:跨机房.跨地域的网络监 ...
- zabbix模板化监控
zabbix模板化监控 1. 实验简述 在zabbix监控中,有很多组的概念,具体有以下几种: 1. 主机和主机组,相同类型/应用的主机,可以归属于同一个主机组 2. item和application ...
- Zabbix 添加端口监控链接
zabbix 添加端口监控 连接数: zabbix 配置 添加 监控项: 其他检测 方式也是 示例: zabbix 客户端配置文件添加: 编辑 zabbix_agentd.conf 添加 端口 ...
- zabbix实现自定义监控
实现自定义监控项实例 .创建主机组 .创建主机 .创建监控项 .到需要监控的主机的agent中添加自定义的监控项目 cd /etc/zabbix/zabbix_agentd.d vi userpara ...
- zabbix使用jmx监控tomcat
zabbix监控Tomcat/JVM实例性能(115) – 运维生存时间http://www.ttlsa.com/zabbix/zabbix-use-jmx-monitor-tomcat/ zabbi ...
- 24 Zabbix系统配置日志监控告警--关键字触发
点击返回:自学Zabbix之路 点击返回:自学Zabbix4.0之路 点击返回:自学zabbix集锦 24 Zabbix系统配置日志监控告警--关键字触发 trapper是被监控主机主动发送数据给za ...
- 给zabbix添加percona监控模板
简单说明一下给zabbix添加的percona的监控模板. 在percona官方网站有说明怎么安装,这里记录下步骤.首先搭建好的zabbix环境. 监控插件连接 : 链接:https://pan.ba ...
随机推荐
- 转 configure: error: Cannot find ldap libraries in /usr/lib 解决办法
今天在centos 6.2 64位版本上安装LNMP,config php的时候出现下面错误而退出 configure: error: Cannot find ldap libraries in /u ...
- 微服务(Microservice)那点事
WHAT - 什么是微服务 微服务简介 这次参加JavaOne2015最大的困难就是听Microservice相关的session,无论内容多么水,只要题目带microservice,必定报不上名,可 ...
- (原)tensorflow中finetune某些层
转载请注明处处: http://www.cnblogs.com/darkknightzh/p/7608709.html 参考网址: https://kratzert.github.io/2017/02 ...
- 清除li内a标签的float=left实现a标签在li内居中显示(ul内li不居中显示)
写在前面: 修改cnblogs主页面菜单显示问题. 问题描述:在给主菜单添加hover样式后发现菜单内容并未居中.见图1. 网上搜索到资料其中一篇讲的可以说简明扼要了,也是伸手党的福利(点我查看原文) ...
- 【LeetCode】230. Kth Smallest Element in a BST (2 solutions)
Kth Smallest Element in a BST Given a binary search tree, write a function kthSmallest to find the k ...
- MySQL备份与还原详细过程示例
MySQL备份与还原详细过程示例 一.MySQL备份类型 1.热备份.温备份.冷备份 (根据服务器状态) 热备份:读.写不受影响: 温备份:仅可以执行读操作: 冷备份:离线备份:读.写操作均中止: 2 ...
- 自动化安装smokeping-2.6.11脚本
自动化安装Smokeping-2.6.11脚本 一.目的 1.1 监控目的 为方便监测各数据中心网络状况,自定义全国各节点,从而发现网络异常,判断网络故障. 1.2 本文目的 快速部署Smokepin ...
- java结合使用Jsonp的例子
更多:js跨域问题解释 解决方案值使用jsonp或jQuery Jsonp和java操作例子 介绍JSONP之前,先简单的介绍一些JSON.JSON是JavaScript Object Notatio ...
- 为Magento1.5新增会员注册字段(转)
第一步.新建一个模块,在app/etc/modules/目录下新建文件Shuishui_Customer.xml <config> <modules> <Shuishui ...
- k近邻算法-java实现
最近在看<机器学习实战>这本书,因为自己本身很想深入的了解机器学习算法,加之想学python,就在朋友的推荐之下选择了这本书进行学习. 一 . K-近邻算法(KNN)概述 最简单最初级的分 ...