zabbix自定义监控进程、日志文件

zabbix自定义监控进程

在客户端安装httpd服务

[root@node1 ~]# yum -y install httpd
[root@node1 ~]# systemctl start httpd
[root@node1 ~]# ss -antl
State     Recv-Q    Send-Q       Local Address:Port        Peer Address:Port    Process    
LISTEN    0         128                0.0.0.0:22               0.0.0.0:*                  
LISTEN    0         4096               0.0.0.0:10050            0.0.0.0:*                  
LISTEN    0         128                   [::]:22                  [::]:*                  
LISTEN    0         511                      *:80                     *:*                 

编写脚本(检查服务进程)

[root@node1 ~]# mkdir /scripts
[root@node1 ~]# touch /scripts/check_process.sh
[root@node1 ~]# vim /scripts/check_process.sh 
[root@node1 ~]# cat /scripts/check_process.sh 
#!/bin/bash

count=$(ps -ef |grep -Ev "grep|$0"|grep $1|wc -l)

echo $count
[root@node1 ~]# chmod +x /scripts/check_httpd.sh 
[root@node1 ~]# /scripts/check_process.sh httpd
5

开启自定义监控功能

[root@node1 ~]# cd /usr/local/etc/
[root@node1 etc]# ls
zabbix_agentd.conf  zabbix_agentd.conf.d
[root@node1 etc]# vim zabbix_agentd.conf
UnsafeUserParameters=1   /修改0为1
UserParameter=check_process[*],/scripts/check_process.sh $1   /添加此行
重启服务
[root@node1 ~]# systemctl restart zabbix_agentd
[root@node1 ~]# ss -antl
State     Recv-Q    Send-Q       Local Address:Port        Peer Address:Port    Process    
LISTEN    0         128                0.0.0.0:22               0.0.0.0:*                  
LISTEN    0         4096               0.0.0.0:10050            0.0.0.0:*                  
LISTEN    0         128                   [::]:22                  [::]:*                  
LISTEN    0         511                      *:80                     *:*                 

在服务端上查看

[root@zabbix ~]# zabbix_get -s 192.168.159.147 -k check_process["httpd"]
5
[root@zabbix ~]# zabbix_get -s 192.168.159.147 -k check_process["ssh"]
5

增加监控项

查看可以成功获取到

添加触发器

将httpd服务停止查看是否会告警

[root@node1 ~]# systemctl stop httpd

zabbix自定义监控日志文件

上传log.py脚本

[root@node1 scripts]# ls
check_process.sh  log.py
[root@node1 scripts]# cat log.py 
#!/usr/bin/env python3
import sys
import re

def prePos(seekfile):
    global curpos
    try:
        cf = open(seekfile)
    except IOError:
        curpos = 0
        return curpos
    except FileNotFoundError:
        curpos = 0
        return curpos
    else:
        try:
            curpos = int(cf.readline().strip())
        except ValueError:
            curpos = 0
            cf.close()
            return curpos
        cf.close()
    return curpos

def lastPos(filename):
    with open(filename) as lfile:
        if lfile.readline():
            lfile.seek(0,2)
        else:
            return 0
        lastPos = lfile.tell()
    return lastPos

def getSeekFile():
    try:
        seekfile = sys.argv[2]
    except IndexError:
        seekfile = '/tmp/logseek'
    return seekfile

def getKey():
    try:
        tagKey = str(sys.argv[3])
    except IndexError:
        tagKey = 'Error'
    return tagKey

def getResult(filename,seekfile,tagkey):
    destPos = prePos(seekfile)
    curPos = lastPos(filename)

    if curPos < destPos:
        curpos = 0

    try:
        f = open(filename)
    except IOError:
        print('Could not open file: %s' % filename)
    except FileNotFoundError:
        print('Could not open file: %s' % filename)
    else:
        f.seek(destPos)

        while curPos != 0 and f.tell() < curPos:
            rresult = f.readline().strip()
            global result
            if re.search(tagkey, rresult):
                result = 1
                break
            else:
                result = 0

        with open(seekfile,'w') as sf:
            sf.write(str(curPos))
    finally:
        f.close()
    return result

if __name__ == "__main__":
    result = 0
    curpos = 0
    tagkey = getKey()
    seekfile = getSeekFile()
    result = getResult(sys.argv[1],seekfile,tagkey)
    print(result)

[root@node1 scripts]# chmod +x log.py 
[root@node1 scripts]# ll
total 8
-rwxr-xr-x. 1 root root   76 Jan  8 14:21 check_process.sh
-rwxr-xr-x. 1 root root 1854 Jan  8 15:10 log.py

需要有python3，没有就需要去装

[root@node1 scripts]# python -V
Python 3.9.18

监控httpd的错误日志

[root@node1 ~]# ls /var/log/httpd/
access_log  error_log
[root@node1 ~]# python /scripts/log.py /var/log/httpd/error_log 
0

测试

[root@node1 ~]# cd /var/log/httpd/
[root@node1 httpd]# ls
access_log  error_log
[root@node1 httpd]# echo "Error" >> error_log
发现结果是1
[root@node1 ~]# python /scripts/log.py /var/log/httpd/error_log 
1

修改配置文件

[root@node1 httpd]# rm -rf /tmp/logseek (下次查看时同时需要删除，否则无法生成新的)
[root@node1 httpd]# cd /usr/local/etc/
[root@node1 etc]# ls
zabbix_agentd.conf  zabbix_agentd.conf.d
[root@node1 etc]# vim zabbix_agentd.conf
UserParameter=check_logs[*],/scripts/log.py $1 $2 $3   /添加此行
重启服务
[root@node1 etc]# systemctl restart zabbix_agentd

给zabbix用户设置权限

[root@node1 etc]# cd /var/log/httpd/
[root@node1 httpd]# ls
access_log  error_log
[root@node1 httpd]# ll
total 4
-rw-r--r--. 1 root root    0 Jan  8 14:09 access_log
-rw-r--r--. 1 root root 2889 Jan  8 15:22 error_log
[root@node1 httpd]# setfacl -m u:zabbix:rx /var/log/httpd/
[root@node1 httpd]# getfacl /var/log/httpd/
getfacl: Removing leading '/' from absolute path names
# file: var/log/httpd/
# owner: root
# group: root
user::rwx
user:zabbix:r-x
group::---
mask::r-x
other::---

在服务端查看

[root@zabbix ~]# zabbix_get -s 192.168.159.147 -k check_logs["/var/log/httpd/error_log"]
1

添加监控项

添加触发器

手动添加错误查看效果

[root@node1 ~]# echo "Error" >> /var/log/httpd/error_log