安装iptstate

# yum install iptstate

配置zabbix key

iptables.conf

# cat /etc/zabbix/zabbix_agentd.d/iptables.conf
UserParameter=iptstate[*],/etc/zabbix/monitor_scripts/iptables.sh $

配置监控脚本:

# cat /etc/zabbix/monitor_scripts/iptables.sh
#!/bin/bash
#iptables 监控脚本
#/-
function tcp {
sudo iptstate --single | grep tcp | wc -l
}
function tcp-syn {
sudo iptstate --single | grep SYN | wc -l
}
function tcp-timewait {
sudo iptstate --single | grep TIME_WAIT | wc -l
}
function tcp-established {
sudo iptstate --single | grep ESTABLISHED | wc -l
}
function tcp-close {
sudo iptstate --single | grep CLOSE | wc -l
}
function udp {
sudo iptstate --single | grep udp | wc -l
}
function icmp {
sudo iptstate --single | grep icmp | wc -l
}
function all {
sudo iptstate --single | wc -l
}
# Run the requested function
$

查看脚本的权限:

# ll
total
-rwxr-xr-x root root Apr : iptables.sh

添加sudo执行权限:

sed -i "s/^Defaults    requiretty/#Defaults    requiretty/g" /etc/sudoers
echo “zabbix ALL=NOPASSWD: /usr/sbin/iptstate” /etc/sudoers

模板配置:

# cat Template-iptables.xml
<?xml version="1.0" encoding="UTF-8"?>
<zabbix_export>
<version>2.0</version>
<date>--18T09::03Z</date>
<groups>
<group>
<name>Template-Security</name>
</group>
</groups>
<templates>
<template>
<template>Template-iptables</template>
<name>Template-iptables</name>
<description/>
<groups>
<group>
<name>Template-Security</name>
</group>
</groups>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<items>
<item>
<name>total all</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[all]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>total icmp</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[icmp]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>tcp close</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[tcp-close]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>tcp established</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[tcp-established]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>tcp syn</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[tcp-syn]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>tcp timewait</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[tcp-timewait]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>total tcp</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[tcp]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
<item>
<name>total udp</name>
<type></type>
<snmp_community/>
<multiplier></multiplier>
<snmp_oid/>
<key>iptstate[udp]</key>
<delay></delay>
<history></history>
<trends></trends>
<status></status>
<value_type></value_type>
<allowed_hosts/>
<units/>
<delta></delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel></snmpv3_securitylevel>
<snmpv3_authprotocol></snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol></snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula></formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type></data_type>
<authtype></authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link></inventory_link>
<applications>
<application>
<name>Iptstates</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
</item>
</items>
<discovery_rules/>
<macros/>
<templates/>
<screens/>
</template>
</templates>
<triggers>
<trigger>
<expression>{Template-iptables:iptstate[all].last()}&lt;</expression>
<name>iptables not running</name>
<url/>
<status></status>
<priority></priority>
<description>iptstates条目小于3认为关闭或者异常状态</description>
<type></type>
<dependencies/>
</trigger>
</triggers>
<graphs>
<graph>
<name>iptstate</name>
<width></width>
<height></height>
<yaxismin>0.0000</yaxismin>
<yaxismax>100.0000</yaxismax>
<show_work_period></show_work_period>
<show_triggers></show_triggers>
<type></type>
<show_legend></show_legend>
<show_3d></show_3d>
<percent_left>0.0000</percent_left>
<percent_right>0.0000</percent_right>
<ymin_type_1></ymin_type_1>
<ymax_type_1></ymax_type_1>
<ymin_item_1></ymin_item_1>
<ymax_item_1></ymax_item_1>
<graph_items>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color>00C800</color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[tcp-close]</key>
</item>
</graph_item>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color>C80000</color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[tcp-established]</key>
</item>
</graph_item>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color>0000C8</color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[tcp-syn]</key>
</item>
</graph_item>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color>C800C8</color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[tcp-timewait]</key>
</item>
</graph_item>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color>00C8C8</color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[all]</key>
</item>
</graph_item>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color>C8C800</color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[icmp]</key>
</item>
</graph_item>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color>C8C8C8</color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[tcp]</key>
</item>
</graph_item>
<graph_item>
<sortorder></sortorder>
<drawtype></drawtype>
<color></color>
<yaxisside></yaxisside>
<calc_fnc></calc_fnc>
<type></type>
<item>
<host>Template-iptables</host>
<key>iptstate[udp]</key>
</item>
</graph_item>
</graph_items>
</graph>
</graphs>
</zabbix_export>

导入模板:

重启zabbix-agent:

# /etc/init.d/zabbix-agent restart
Shutting down Zabbix agent: [ OK ]
Starting Zabbix agent: [ OK ]

增加模板本上档host

zabbix 实现 iptables 监控的更多相关文章

  1. zabbix和iptables的nat表结合使用

    A 机器要去访问C机器,但是无法直接访问到A可以访问到B机器,B机器可以访问到C机器这时候就可以再B机器设置nat,让A机器访问C机器 正好工作中zabbix server要监控2个http地址,缺无 ...

  2. zabbix 配置SNMP监控

    什么是SNMP? 简单网络管理协议(SNMP),由一组网络管理的标准组成,包含一个应用层协议(application layer protocol).数据库模型(database schema)和一组 ...

  3. Zabbix Proxy 分布式监控

    简介: Zabbix 是一个分布式监控系统,它可以以一个中心点.多个分节点的模式运行,使用 proxy 能降低 Zabbix Server 的压力,当然也带来了成本~ 适用范围:跨机房.跨地域的网络监 ...

  4. zabbix模板化监控

    zabbix模板化监控 1. 实验简述 在zabbix监控中,有很多组的概念,具体有以下几种: 1. 主机和主机组,相同类型/应用的主机,可以归属于同一个主机组 2. item和application ...

  5. Zabbix 添加端口监控链接

    zabbix 添加端口监控 连接数: zabbix  配置  添加 监控项: 其他检测 方式也是 示例: zabbix 客户端配置文件添加: 编辑 zabbix_agentd.conf  添加  端口 ...

  6. zabbix实现自定义监控

    实现自定义监控项实例 .创建主机组 .创建主机 .创建监控项 .到需要监控的主机的agent中添加自定义的监控项目 cd /etc/zabbix/zabbix_agentd.d vi userpara ...

  7. zabbix使用jmx监控tomcat

    zabbix监控Tomcat/JVM实例性能(115) – 运维生存时间http://www.ttlsa.com/zabbix/zabbix-use-jmx-monitor-tomcat/ zabbi ...

  8. 24 Zabbix系统配置日志监控告警--关键字触发

    点击返回:自学Zabbix之路 点击返回:自学Zabbix4.0之路 点击返回:自学zabbix集锦 24 Zabbix系统配置日志监控告警--关键字触发 trapper是被监控主机主动发送数据给za ...

  9. 给zabbix添加percona监控模板

    简单说明一下给zabbix添加的percona的监控模板. 在percona官方网站有说明怎么安装,这里记录下步骤.首先搭建好的zabbix环境. 监控插件连接 : 链接:https://pan.ba ...

随机推荐

  1. java 属性封装

    //封装性 //封装概念: //1.是面向对象思想的三大特征之一 //2.封装细节是隐藏的,仅对外提供访问接口 //3.封装分类: //属性封装 //方法封装 //类的封装 //组件的封装 //模块化 ...

  2. 转 error while loading shared libraries: libmysqlclient.so.15: cannot open shared object file

    我是今天再用emboss得时候发现出现问题了,再网上搜索了一下,发现有人和我一样得问题,解决得方法是: wget -O /usr/lib64/libmysqlclient.so.15 http://f ...

  3. 阿里云安装jdk,tomcat,maven,svn,git,nginx

    1. 首先通过xftp等工具上传安装包 2. 配置目录 cd usr mkdir java cd java mkdir jdk mkdir tomcatmkdir maven 3. 安装jdk 3.1 ...

  4. shell脚本启动node服务

    #!/bin/bash cd /root/dev-web source /etc/profile /usr/local/node-8.11.1/bin/npm i && EGG_SER ...

  5. [转载]linux下如何查看系统和内核版本

    原文地址:linux下如何查看系统和内核版本作者:vleage 1. 查看内核版本命令: 1) [root@q1test01 ~]# cat /proc/version Linux version 2 ...

  6. Swift3 JSON字符串和字典互转(JSON字符串转字典和字典转JSON字符串)

    直接上代码吧 1.JSONString转换为字典 /// JSONString转换为字典 /// /// - Parameter jsonString: <#jsonString descrip ...

  7. <转>赋值表达式解析的流程

    转自:http://www.cnblogs.com/nazhizq/p/6520072.html 上节说到表达式的解析问题,exprstate函数用于解析普通的赋值表达式.lua语言支持多变量赋值.本 ...

  8. aligned_storage简单学习

    #include <iostream> #include <type_traits> #include <string> /* template< std:: ...

  9. NYOJ------汉诺塔(一)

    汉诺塔(一) 时间限制:1000 ms  |  内存限制:65535 KB 难度:3   描述 在印度,有这么一个古老的传说:在世界中心贝拿勒斯(在印度北部)的圣庙里,一块黄铜板上插着三根宝石针.印度 ...

  10. hihocoder第229周:最大连续字母个数

    题目链接 给定一个仅包含小写字母的字符串s(长度小于1e5),你可以交换任意两个字符的位置,现在允许交换k次,要求交换之后,s中最长的连续相同字符个数尽量多,求这个最长连续区间的长度. 样例 输入 1 ...