zabbix监控进程，日志，主从状态和主从延迟

自定义监控进程

使用httpd服务为例，监控httpd的进程

在zabbix-agent上安装httpd

yum -y install httpd

重启httpd

systemctl restart httpd

systemtctl enable httpd

查看httpd的进程

[root@zabbix-agent ~]# ps -ef | grep httpd
root     2407458       1  0 16:56 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache   2407459 2407458  0 16:56 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache   2407460 2407458  0 16:56 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache   2407461 2407458  0 16:56 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache   2407462 2407458  0 16:56 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
root     2424256  749323  0 17:02 pts/2    00:00:00 grep --color=auto httpd
[root@zabbix-agent ~]#  ps -ef | grep httpd | grep -v grep | wc -l
5
[root@zabbix-agent ~]# ps -ef | grep -v grep | grep -c httpd
5
[root@zabbix-agent ~]# 

 新建脚本存放目录

[root@zabbix-agent ~]# mkdir /etc/zabbix/script
[root@zabbix-agent ~]# cd /etc/zabbix/script/
[root@zabbix-agent script]# vim check_httpd.sh        //新建脚本//
[root@zabbix-agent script]# cat check_httpd.sh 
count=$(ps -ef | grep -Ev "grep|$0" | grep -c httpd)
if [ $count -eq 0 ];then
        echo '1'
else
        echo '0'
fi

设置属主，权限

chmod +x check_httpd.sh

chown -R zabbix.zabbix /etc/zabbix/script/

 测试脚本

0是httpd服务开启，1为关闭

[root@zabbix-agent script]# ./check_httpd.sh 
0
[root@zabbix-agent script]# systemctl stop httpd        //此时停止httpd服务
[root@zabbix-agent script]# ./check_httpd.sh             // 脚本测试出来是1
1
[root@zabbix-agent script]# 
 
关闭后记得启动httpd服务

修改zabbix-agentd.conf文件

vim /etc/zabbix/zabbix_agentd.conf
 
添加：
UserParameter=check_httpd,/bin/bash /etc/zabbix/script/check_httpd.sh

重启服务

systemctl restart zabbix-agent

 zabbix server端测试脚本

[root@zabbix-server ~]# zabbix_get -s 192.168.100.30 -k check_httpd
0
[root@zabbix-server ~]# 
//0代表httpd服务已启动/

zabbix web平台配置

新建监控项

配置触发器

 测试

关闭httpd服务，测试告警信息

[root@zabbix-agent script]# systemctl stop httpd

 此时查看告警信息和邮箱

邮箱

 开启httpd服务，查看邮箱是否收到恢复邮件

[root@zabbix-agent ~]# systemctl restart zabbix-agent.service

查看邮箱

自定义监控日志

下载log.py来协助我们进行测试，以httpd服务为例

将log.py上传到/etc/zabbix/script/目录下，然后给执行权限，修改所有者和所属组为zabbix

# log.py

    try:
        seekfile = sys.argv[2]
    except IndexError:
        seekfile = '/tmp/logseek'
    return seekfile
 
def getKey():
    try:
        tagKey = str(sys.argv[3])
    except IndexError:
        tagKey = 'Error'
    return tagKey
 
def getResult(filename,seekfile,tagkey):
    destPos = prePos(seekfile)
    curPos = lastPos(filename)
 
    if curPos < destPos:
        curpos = 0
 
    try:
        f = open(filename)
    except IOError:
        print('Could not open file: %s' % filename)
    except FileNotFoundError:
        print('Could not open file: %s' % filename)
#!/usr/bin/env python3
import sys
import re
 
def prePos(seekfile):
    global curpos
    try:
        cf = open(seekfile)
    except IOError:
        curpos = 0
        return curpos
    except FileNotFoundError:
        curpos = 0
        return curpos
    else:
        try:
            curpos = int(cf.readline().strip())
        except ValueError:
            curpos = 0
            cf.close()
            return curpos
        cf.close()
    return curpos
 
def lastPos(filename):
    with open(filename) as lfile:
        if lfile.readline():
            lfile.seek(0,2)
        else:
            return 0
        lastPos = lfile.tell()
    return lastPos
 
def getSeekFile():
    try:
        seekfile = sys.argv[2]
    except IndexError:
        seekfile = '/tmp/logseek'
    return seekfile
 
def getKey():
    try:
        tagKey = str(sys.argv[3])
    except IndexError:
        tagKey = 'Error'
    return tagKey
 
def getResult(filename,seekfile,tagkey):
    destPos = prePos(seekfile)
    curPos = lastPos(filename)
 
    if curPos < destPos:
        curpos = 0
 
    try:
        f = open(filename)
    except IOError:
        print('Could not open file: %s' % filename)
    except FileNotFoundError:
        print('Could not open file: %s' % filename)
    else:
        f.seek(destPos)
 
        while curPos != 0 and f.tell() < curPos:
            rresult = f.readline().strip()
            global result
            if re.search(tagkey, rresult):
                result = 1
                break
            else:
                result = 0
 
        with open(seekfile,'w') as sf:
            sf.write(str(curPos))
    finally:
        f.close()
    return result
 
if __name__ == "__main__":
    result = 0
    curpos = 0
    tagkey = getKey()
    seekfile = getSeekFile()
    result = getResult(sys.argv[1],seekfile,tagkey)
    print(result)

### 作用：检查日志文件中是否有指定的关键字

#### 第一个参数为日志文件名（必须有，相对路径、绝对路径均可）

#### 第二个参数为seek position文件的路径（可选项，若不设置则默认为/tmp/logseek文件。相对路径、绝对路径均可）

#### 第三个参数为搜索关键字，默认为 Error

 设置属主和权限

chmod +x log.py

chown zabbix.zabbix log.py

httpd服务的日志文件在/var/log/httpd/目录下，首先我们需要给这个目录设置一个ACL权限，让zabbix用户有权限去访问该目录 

[root@zabbix-agent httpd]# setfacl -m u:zabbix:r-x /var/log/httpd/

下载python3来执行log.py脚本

[root@zabbix-agent ~]# yum -y install python3

修改zabbix_agentd.conf文件，并重启服务

vim /etc/zabbix/zabbix_agentd.conf
 
 UserParameter=check_httpd,/bin/bash /etc/zabbix/script/check_httpd.sh
 UserParameter=check_logs[*],/usr/bin/python3 /etc/zabbix/script/log.py $1 $2 $3

重启zabbix-agent服务

systemctl restart zabbix-agent.service

 测试脚本

[root@zabbix-agent script]#  python3 log.py /var/log/httpd/error_log 
0
[root@zabbix-agent script]# echo 'Error'>> /var/log/httpd/error_log
/ 追加重定向一个Error到日志文件中做实验
 
[root@zabbix-agent script]#  python3 log.py /var/log/httpd/error_log 
1
[root@zabbix-agent script]# 
/ 0为没有Error日志信息，1为有Error日志信息///

测试完成后将写入的Error内容删除

而且因文件/tmp/logseek属于root账户，在web端写入写不进去，所以删除

rm -rf /tmp/logseek

配置监控项

 创建触发器

测试

 向httpd日志文件输入一个error

[root@zabbix-agent script]# echo 'Error'>> /var/log/httpd/error_log 
[root@zabbix-agent script]#  python3 log.py /var/log/httpd/error_log 
1
 
//   0为没有Error日志信息，1为有Error日志信息  

查看是否有告警信息

zabbix监控 mysql主从

部署mysql主从

1、部署mysql主从，使用mariadb进行操作
192.168.100.10  master.example.com  master
192.168.100.20  slave.example.com  slave
 
2、将server、agent1、master、slave主机的/etc/hosts文件全部设置为
192.168.100.40  server.example.com server
192.168.100.30  agent1.example.com agent1
192.168.100.10  master.example.com master
192.168.100.20  slave.example.com  slave
 
3、然后两台主机都安装mariadb  mariadb-server
yum install -y mariadb mariadb-server
systemctl restart mariadb;systemctl enable mariadb
 
4、两台主机都初始化mysql数据库
mysql_secure_installation
 
[root@master ~]# mysql_secure_installation 
 
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
 
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.
Enter current password for root (enter for none): 
OK, successfully used password, moving on...
Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.
You already have your root account protected, so you can safely answer 'n'.
Switch to unix_socket authentication [Y/n] y
Enabled successfully!
Reloading privilege tables..
 ... Success!
You already have your root account protected, so you can safely answer 'n'.
Change the root password? [Y/n] y
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
 ... Success!
Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n
 ... skipping.
By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
 ... Success!
Cleaning up...
All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.
 
Thanks for using MariaDB!
 
5、修改数据库配置文件，然后两台主机都重启mariadb服务
Master：
vim /etc/my.cnf
[mysqld]
#添加两行数据
log_bin=mysql-bin
server_id=20
 
systemctl restart mariadb
 
Slave：
vim /etc/my.cnf
[mysqld]
#添加两行数据
log_bin=mysql-bin
server_id=30
systemctl restart mariadb
 
 
 
6、进入数据库配置主从
Master：
mysql -u root -p   #密码为redhat
grant all privileges  on *.* to root@'%' identified by "redhat";
grant replication slave on *.* to 'user'@'slave' identified by 'redhat';
 
Slave：
grant all privileges  on *.* to root@'%' identified by "redhat";
change master to master_host='master',master_user='user',master_password='redhat';
start slave;
show slave status\G
 
Slave_IO_Running: Connecting
Slave_SQL_Running: Yes

 安装zabbix-agent

 slave主机中安装zabbix-agent软件包，将slave添加到zabbix web监控平台中

将server主机的zabbix.repo复制过来，接着安装zabbix-agent

更改yum源

1

2

[root@slave yum.repos.d]# vim zabbix.repo 
[root@slave yum.repos.d]# cat zabbix.repo 
[zabbix]
name=Zabbix Official Repository - $basearch
baseurl=https://mirrors.aliyun.com/zabbix/zabbix/7.0/rocky/9/$basearch/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-B5333005
 
[zabbix-non-supported]
name=Zabbix Official Repository non-supported - $basearch
baseurl=https://mirrors.aliyun.com/zabbix/non-supported/rhel/9/$basearch/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-08EFA7DD
gpgcheck=1
 
[zabbix-sources]
name=Zabbix Official Repository source code - $basearch
baseurl=https://repo.zabbix.com/zabbix/7.0/rocky/9/SRPMS
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-B5333005
gpgcheck=1
[root@slave yum.repos.d]# 

 安装zabbix-agent

yum -y install zabbix-agent

修改/etc/zabbix/zabbix_agentd.conf

vim /etc/zabbix/zabbix_agentd.conf
 
Server=192.168.100.10
 
ServerActive=192.168.100.40
 
Hostname=slave

重启服务

[root@slave ~]# systemctl restart zabbix-agent.service 
[root@slave ~]# systemctl enable zabbix-agent.service 

在监控平台添加主机

 

 在slave上配置脚本

[root@slave ~]# cd /etc/zabbix/
[root@slave zabbix]# mkdir script
[root@slave zabbix]# cd script/
[root@slave script]# cat mysql_slave_status.sh 
#!/bin/bash
USER="root"
PASSWD="redhat"
NAME=$1
 
function IO {
    Slave_IO_Running=`mysql -u $USER -p$PASSWD -e "show slave status\G;" 2> /dev/null |grep Slave_IO_Running |awk '{print $2}'`
    if [ $Slave_IO_Running == "Connecting" ];then
        echo 0 
    else
        echo 1 
    fi
}
 
function SQL {
    Slave_SQL_Running=`mysql -u $USER -p$PASSWD -e "show slave status\G;" 2> /dev/null |grep Slave_SQL_Running: |awk '{print $2}'`
if [ $Slave_SQL_Running == "Yes" ];then
echo 0 
    else
        echo 1 
    fi
 
}
 
case $NAME in
   io)
       IO
   ;;
   sql)
       SQL
   ;;
   *)
        echo -e "Usage: $0 [io | sql]"

修改属主和权限

chmod +x mysql_slave_status.sh

chown -R zabbix.zabbix /etc/zabbix/script/

 验证脚本是否正确

[root@slave script]# ./mysql_slave_status.sh io
0
[root@slave script]# ./mysql_slave_status.sh sql
0
[root@slave script]# 

编写一个自配置文件， 里面指定上面编写的脚本的路径，然后重启服务

[root@slave ~]# cd /etc/zabbix/zabbix_agentd.d/
[root@slave zabbix_agentd.d]# vim userparameter_mysql_slave.conf
[root@slave zabbix_agentd.d]# cat userparameter_mysql_slave.conf 
UserParameter=mysql.slave[*],/etc/zabbix/script/mysql_slave_status.sh $1

设置属主

[root@slave zabbix_agentd.d]# chown -R zabbix.zabbix /etc/zabbix/zabbix_agentd.d/userparameter_mysql_slave.conf[root@slave zabbix_agentd.d]# ll
total 4
-rw-r--r-- 1 zabbix zabbix 73 Aug 14 11:21 userparameter_mysql_slave.conf

 重启服务

systemctl restart zabbix-agent.service

去zabbix server验证状态，使用zabbix_get命令验证，需要下载zibbix-get包

验证的结果如果是0，为正常，如果为1，则异常

[root@zabbix-server ~]# zabbix_get -s 192.168.100.20 -k mysql.slave[io]
0
[root@zabbix-server ~]# zabbix_get -s 192.168.100.20 -k mysql.slave[sql]
0
[root@zabbix-server ~]# 

在zabbix web平台配置监控项

新建监控项

1

2

 新建触发器

测试

 将mysql主从关闭

查看zabbix告警信息，验证邮箱是由能接收到邮件

mysql -u root -plinux -e "stop slave;"

告警

 邮箱

恢复mysql主从 

mysql -u root -plinux -e "start slave;"

zabbix监控主从延迟 

cd /etc/zabbix/script

#Behind：落后主库多少秒，存在秒数则出现主库复制之间的延迟   

#只要当延迟数据为NULL，以及0-200是正常的，否则其他数字输入1表示错误

vim mysql_delay.sh
 
#!/bin/bash     
delay=$(mysql -uroot -predhat -e 'show slave status\G' 2> /dev/null | grep 'Seconds_Behind_Master' | awk '{print $2}')
if [ $delay == "NULL" ];then
echo 0
elif [ $delay -ge 0 ] && [ $delay -le 200 ];then         
echo 0
else
echo $delay
fi

设置属主和权限

chown -R zabbix.zabbix mysql_delay.sh

chmod +x mysql_delay.sh

配置agentd文件，并重启服务

vim /etc/zabbix/zabbix_agentd.d/userparameter_mysql_slave.conf
 
UserParameter=mysql.slave[*],/etc/zabbix/script/mysql_slave_status.sh $1
 
UserParameter=check_mysql_delay,/bin/bash /etc/zabbix/script/mysql_delay.sh

重启服务

systemctl restart zabbix-agent.service

测试 mysql_delay.sh脚本

[root@slave script]# pwd
/etc/zabbix/script
[root@slave script]# ./mysql_delay.sh 
0
[root@slave script]# 

在zabbix-server进行脚本测试

[root@zabbix-server ~]# zabbix_get -s 192.168.100.20 -k check_mysql_delay
0

 在zabbix web平台操作

添加监控项

 验证

配置触发器

查看告警信息

邮箱 

 监控mysql主从延迟成功，将触发器的值修改回来