Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentes Révision précédente Prochaine révision | Révision précédente | ||
wiki:monitoring:userparameters [2016/07/16 13:08] tamayo_j [NMap] |
wiki:monitoring:userparameters [2020/06/27 18:16] (Version actuelle) |
||
---|---|---|---|
Ligne 59: | Ligne 59: | ||
</ | </ | ||
- | ===== Postgrey | + | ===== Postgre |
On peu obtenir directement les informations depuis le client en ligne de commande : **psql** | On peu obtenir directement les informations depuis le client en ligne de commande : **psql** | ||
Ligne 85: | Ligne 85: | ||
Pensez à ajouter les machines dans le 102 qui ont aussi une IP de développement. | Pensez à ajouter les machines dans le 102 qui ont aussi une IP de développement. | ||
- | Un cron éxécute donc nmap depuis l' | + | Un cron éxécute donc nmap depuis l' |
+ | il serait bon de passer ce script en full awk : | ||
<code bash> | <code bash> | ||
#!/bin/bash | #!/bin/bash | ||
- | #file / | + | # Romain Cherré (varens) 2017 |
+ | # varens@minet.net | ||
+ | # Inspired by the precedent from | ||
+ | # Ignacio Tamayo (localhost) 2016 | ||
+ | # tamayo_j@minet.net | ||
- | cd /home/nmap | ||
- | # ------ Vlans Publics---------- | + | #Script pour sniffer les ports SSH et TELNET sur plusieurs vlans |
+ | #Several files are written with the number or SSH/Telnet server found. Then the Zabbix agent monitores these files and raises alerts | ||
+ | #The files _detail.txt are used to identify which host has the ports opened | ||
- | # Vlan 2 = Public Prod | + | #Check the wiki.minet.net |
- | nmap -F 157.159.40.0/25 | egrep -e " | + | |
- | grep -e " | + | |
- | nmap -F 157.159.40.0/ | + | |
- | grep -e " | + | |
- | # Vlan 3 = Public Dev | + | SCRIPTPATH=$(cd -P $(dirname $0); pwd -P) |
- | nmap -F 157.159.40.128/ | + | |
- | grep -e " | + | |
- | # ------ Vlans Private---------- | ||
- | # Vlan 103 = Private Dev | + | #### Usage ####: |
+ | ## | ||
+ | ### Add ranges, ... ### | ||
+ | # Add port : add port in ports variable and add it behind the list of addresses and range on which you want to test that port | ||
+ | # Add vlan : add vlan number VLAN array index and add to it ranges and addresses then ports you want to scan | ||
+ | # VLAN syntax : VLAN[< | ||
+ | # | ||
+ | # | ||
+ | # Ex VLAN[103]=" | ||
+ | # and VLAN[2]=" | ||
- | # List de hosts a monitorer pour SSH, keep this list updated | + | ### Reports ### |
- | listHosts=" | + | # |
+ | # The full nmap report for vlan VLAN_ID is found under VLAN_ID_full.txt | ||
+ | # The number of host with open port corresponding to protocol P in the vlan VLAN_ID is found in P_VLAN_ID.txt | ||
+ | # The addresses of host with an open port corresponding to protocol P in vlan VLAN_ID is found in P_VLAN_ID_detail.txt | ||
- | echo . > ssh_103_detail.txt ; | ||
- | for host in $listHosts ; do | ||
- | nmap -F $host | egrep -e " | ||
- | done; | ||
- | grep -e " | ||
- | nmap -F 192.168.103.0/ | ||
- | grep -e " | ||
- | # Vlan 14 = Admin Wifi | + | ports=(22 23) |
- | nmap -F 192.168.14.0/ | + | subnets=(2 3 14 102 103) |
- | grep -e "telnet" | + | VLAN[2]=" |
+ | VLAN[3]=" | ||
+ | VLAN[14]=" | ||
+ | VLAN[102]=" | ||
+ | VLAN[103]=" | ||
+ | |||
+ | |||
+ | for i in ${subnets[@]}; | ||
+ | rm " | ||
+ | echo ${VLAN[$i]} | ||
+ | while($k!="" | ||
+ | addr="" | ||
+ | portList="" | ||
+ | while($k~/ | ||
+ | addr=addr $k " | ||
+ | k++; | ||
+ | } | ||
+ | while($k!="" | ||
+ | portList=portList $k ","; | ||
+ | k++; | ||
+ | } | ||
+ | system(" | ||
+ | } | ||
+ | }' | ||
+ | for j in ${ports[@]}; | ||
+ | proto=$(awk ' | ||
+ | if [ -n "$proto" | ||
+ | awk ' | ||
+ | cat " | ||
+ | fi | ||
+ | done | ||
+ | done | ||
</ | </ | ||
Ligne 169: | Ligne 205: | ||
UserParameter=archit[*],/ | UserParameter=archit[*],/ | ||
UserParameter=last_snap_date[*], | UserParameter=last_snap_date[*], | ||
+ | </ | ||
+ | |||
+ | Avec le fichier // | ||
+ | <code bash> | ||
+ | #!/bin/sh | ||
+ | |||
+ | case " | ||
+ | operations_read) | ||
+ | zpool iostat $1 | tail -n 1 | awk ' | ||
+ | ;; | ||
+ | operations_write) | ||
+ | zpool iostat $1 | tail -n 1 | awk ' | ||
+ | ;; | ||
+ | bandwidth_read) | ||
+ | zpool iostat $1 | tail -n 1 | awk ' | ||
+ | ;; | ||
+ | bandwidth_write) | ||
+ | zpool iostat $1 | tail -n 1 | awk ' | ||
+ | ;; | ||
+ | latency_read) | ||
+ | # zpool iostat $1 | tail -n 1 | awk ' | ||
+ | | ||
+ | ;; | ||
+ | latency_write) | ||
+ | zpool iostat $1 | tail -n 1 | awk ' | ||
+ | ;; | ||
+ | *) | ||
+ | exit 1 | ||
+ | ;; | ||
+ | |||
+ | esac | ||
+ | |||
+ | exit 0 | ||
</ | </ | ||