主要功能
eye会对服务器的磁盘、内存、DDOS超出自定范围后自动报警
效果展示
安装eye
下载eye
wget -O eye.sh https://pan.shuaiguoer.com/code/shell/eye/eye_1.sh
给予eye执行权限
chmod a+x eye.sh
添加计划任务
crontab -e
* * * * * /eye绝对路径/eye.sh
安装mailx
eye更新记录
- 对服务器的磁盘、内存、DDOS超出自定范围后,以邮件的形式报警
- 增加eye配置文件,以修改配置文件的方式,自定义报警触发条件
- 可以交互的方式,修改配置文件:
--config
- 增加默认的配置文件,避免不必要的操作
- 添加eye帮助信息:
--help
- 添加彩色字体,优化用户体验
- 添加eye状态控制及查看的功能:start | stop | restart | status
- 添加eye版本更新功能:
update
。可从网盘自动下载最新版本的eye - eye会记录服务器磁盘、内存、DDOS触发报警的日志
- 将eye加入系统服务:service eye {start | stop | restart | status | update | --config | --help"}
- 将eye加入环境变量:eye {start | stop | restart | status | update | --config | --help"}
- eye增加系统显示信息功能:show
- eye存储网盘添加SSL证书,URL由http修改为:https
- eye版本更新,添加判断是否安装wget(如果没有安装wget,更新时将首先安装wget,再进行下载更新eye)
eye脚本源码
#!/bin/bash
#chkconfig: 2345 88 66
#description: eye_server
#AUTHOR Shuai
#MAIL ls12345666@qq.com
#VERSION 2
################################# 希望此脚本邮件永不发送 ###################################
VERSION=eye_2.sh
LATEST_version=`curl https://pan.shuaiguoer.com/code/shell/eye/ 2> /dev/null | grep "<span>"| awk -F">" '{print $2}' | awk -F"<" '{print $1}' | awk 'END{print}'`
LATEST_href="https://pan.shuaiguoer.com/code/shell/eye/$LATEST_version"
TIME=`date +"%Y-%m-%d %H:%M:%S"`
DISK_USE=`df -Th | grep '/$' | awk '{print $(NF-1)}' | awk -F% '{print $1}'`
MEM_USE=`free -m | grep Mem | awk '{print $3}'`
MEM_TOTAL=`free -m | grep Mem | awk '{print $2}'`
MEM_PERCENT=$((MEM_USE*100/MEM_TOTAL))
DDOS_MAX_NUM=`netstat -ntu | awk '{print $5}' | cut -d: -f1 | uniq -c | sort -n | awk 'END{print $1}'`
DDOS_MAX_IP=`netstat -ntu | awk '{print $5}' | cut -d: -f1 | uniq -c | sort -n | awk 'END{print $2}'`
CONF_DIR=/etc/eye
EYE_STATUS=`grep status $CONF_DIR/eye.conf 2>/dev/null | awk '{print $2}'`
EMAIL=`grep email $CONF_DIR/eye.conf 2>/dev/null | awk '{print $2}'`
DISK_LIMIT=`grep DISK $CONF_DIR/eye.conf 2>/dev/null | awk '{print $2}'`
MEM_LIMIT=`grep MEM $CONF_DIR/eye.conf 2>/dev/null | awk '{print $2}'`
DDOS_LIMIT=`grep DDOS $CONF_DIR/eye.conf 2>/dev/null | awk '{print $2}'`
# 定位脚本所在当前目录
BIN_FOLDER=$(cd "$(dirname "$0")";pwd)
# 将eye加入系统服务
if [ ! -f /etc/init.d/eye ]; then
\cp $BIN_FOLDER/eye.sh /etc/init.d/eye
chkconfig --add eye
chkconfig eye on
echo "alias eye='$BIN_FOLDER/eye.sh'" >> /etc/bashrc
source /etc/bashrc
fi
# 判断配置文件目录是否存在
[ ! -d $CONF_DIR ] && mkdir $CONF_DIR
# 字体颜色
color(){
echo -e "\e[$1;$2m$3\e[0m"
}
# 生成默认配置文件
default_conf(){
if [ ! -f $CONF_DIR/eye.conf ]; then
printf "# eye配置文件
**********************
EYE_status on
DISK_limit 90
MEM_limit 90
DDOS_limit 1000
EYE_email ""
**********************\n" > $CONF_DIR/eye.conf
fi
}
# 重置配置文件
conf_file(){
read -p "请输入您的(磁盘)报警阈值(`color 1 31 %`):" DISK_VAR
read -p "请输入您的(内存)报警阈值(`color 1 31 %`):" MEM_VAR
read -p "请输入您的(DDOS)报警阈值(`color 1 31 连接数`):" DDOS_VAR
read -p "请输入您要接收eye报警的邮箱:" EMAIL_NUM
cat << EOF
eye配置文件
********************
eye_status on
disk_limit $DISK_VAR%
mem_limit $MEM_VAR%
ddos_limit $DDOS_VAR
eye_email $EMAIL_NUM
conf_path $CONF_DIR/eye.conf
********************
EOF
read -p "`color 1 34 确认写入配置文件?`(`color 1 32 y`/`color 1 31 n`)" RES
if [ $RES == y ]; then
echo -e "# eye配置文件\n**********************" > $CONF_DIR/eye.conf
echo -e "\nEYE_status on" >> $CONF_DIR/eye.conf
echo -e "\nDISK_limit $DISK_VAR" >> $CONF_DIR/eye.conf
echo -e "\nMEM_limit $MEM_VAR" >> $CONF_DIR/eye.conf
echo -e "\nDDOS_limit $DDOS_VAR" >> $CONF_DIR/eye.conf
echo -e "\nEYE_email $EMAIL_NUM" >> $CONF_DIR/eye.conf
echo -e "\n**********************" >> $CONF_DIR/eye.conf
color 1 32 配置保存成功
break
fi
}
# 判断是否创建配置文件
while :
do
if [ ! -f $CONF_DIR/eye.conf ]; then
default_conf
else
break
fi
done
# 根据eye状态,判断是否报警
if [[ $EYE_STATUS == on ]]; then
# 磁盘监控报警
if [[ $DISK_USE -gt $DISK_LIMIT ]]; then
echo -e "$TIME 磁盘使用量超出预期\n当前总占用:${DISK_USE}%" | mailx -s "磁盘警告" $EMAIL
echo "$TIME 磁盘警告:当前总占用:${DISK_USE}%" >> eye.log
fi
# 内存监控报警
if [[ $MEM_PERCENT -gt $MEM_LIMIT ]]; then
echo -e "$TIME 内存使用量超出预期\n当前总占用:${MEM_PERCENT}%" | mailx -s "内存警告" $EMAIL
echo "$TIME 内存警告:当前总占用:${MEM_PERCENT}%" >> eye.log
fi
# DDOS监控报警
if [[ $DDOS_MAX_NUM -gt $DDOS_LIMIT ]]; then
echo -e "$TIME 检测受到DDOS攻击(每分钟的连接数超出预期)\n每分钟被攻击次数:$DDOS_MAX_NUM 攻击者IP:$DDOS_MAX_IP" | mailx -s "DDOS警告" $EMAIL
echo "$TIME DDOS警告:每分钟被攻击次数:$DDOS_MAX_NUM 攻击者IP:$DDOS_MAX_IP" >> eye.log
fi
fi
# 重置配置文件 --config
eye_config(){
while :
do
conf_file
done
}
# 版本更新
eye_update(){
if [[ $VERSION < $LATEST_version ]]; then
read -p "`color 1 34 确认更新eye为最新版本?`(`color 1 32 y`/`color 1 31 n`)" OR
if command -v wget &> /dev/null; then
:
else
yum -y install wget
fi
if [ $OR == y ]; then
color "" 1 正在为您更新,请稍等...
wget -O eye.sh $LATEST_href --no-check-certificate
wget -qO eye_version.log https://pan.shuaiguoer.com/code/shell/log/eye_version.log --no-check-certificate
color 1 32 更新成功!
\cp $BIN_FOLDER/eye.sh /etc/init.d/eye
fi
else
color 1 32 无需更新,已是最新版本!
fi
}
# 状态显示
eye_show(){
echo "● 内存当前占用量:$MEM_PERCENT"
echo "● 磁盘当前占用量:$DISK_USE"
echo "● DDOS最大连接数:$DDOS_MAX_NUM 最大连接IP:$DDOS_MAX_IP"
}
# 帮助信息 --help
eye_help(){
printf "用法: eye [选项]...
\e[32m● \e[0m eye --help 帮助信息
\e[32m● \e[0m eye --config 配置
\e[32m● \e[0m eye update 更新
\e[32m● \e[0m eye show 信息
\e[32m● \e[0m eye start 开启
\e[32m● \e[0m eye stop 关闭
\e[32m● \e[0m eye status 当前状态\n"
}
# eye状态控制 on/off/status
case $1 in
"")
default_conf;;
show)
eye_show;;
start)
sed -i 's/off/on/' $CONF_DIR/eye.conf
color 1 32 已开启;;
stop)
sed -i 's/on/off/' $CONF_DIR/eye.conf
color 1 31 已关闭;;
restart)
sed -i 's/on/off/' $CONF_DIR/eye.conf
color 1 31 已关闭
sed -i 's/off/on/' $CONF_DIR/eye.conf
color 1 32 已开启;;
status)
if [[ $EYE_STATUS == on ]]; then
printf "当前eye状态:\e[1;32m● $EYE_STATUS\e[0m\n"
elif [[ $EYE_STATUS == off ]]; then
printf "当前eye状态:\e[1;31m● $EYE_STATUS\e[0m\n"
fi;;
--config)
eye_config;;
--help)
eye_help;;
update)
eye_update;;
*)
echo "用法:eye {show | start | stop | restart | status | update | --config | --help}"
esac
6 comments
 ̄﹃ ̄
膜拜大佬!
你才是真大佬
∠( ᐛ 」∠)_
牛逼!
牛逼牛逼 :huaji: