zabbix监控进程，日志，主从状态和主从延迟

自定义监控进程

使用httpd服务为例，监控httpd的进程

在zabbix-agent上安装httpd

yum -y install httpd

重启httpd

systemctl restart httpd

systemtctl enable httpd

查看httpd的进程

[root@zabbix-agent ~]# ps -ef | grep httpd root     2407458       1  0 16:56 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND apache   2407459 2407458  0 16:56 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND apache   2407460 2407458  0 16:56 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND apache   2407461 2407458  0 16:56 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND apache   2407462 2407458  0 16:56 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND root     2424256  749323  0 17:02 pts/2    00:00:00 grep --color=auto httpd [root@zabbix-agent ~]#  ps -ef | grep httpd | grep -v grep | wc -l 5 [root@zabbix-agent ~]# ps -ef | grep -v grep | grep -c httpd 5 [root@zabbix-agent ~]# 

 新建脚本存放目录

[root@zabbix-agent ~]# mkdir /etc/zabbix/script [root@zabbix-agent ~]# cd /etc/zabbix/script/ [root@zabbix-agent script]# vim check_httpd.sh        //新建脚本// [root@zabbix-agent script]# cat check_httpd.sh  count=$(ps -ef | grep -Ev "grep|$0" | grep -c httpd) if [ $count -eq 0 ];then         echo '1' else         echo '0' fi

设置属主，权限

chmod +x check_httpd.sh

chown -R zabbix.zabbix /etc/zabbix/script/

 测试脚本

0是httpd服务开启，1为关闭

[root@zabbix-agent script]# ./check_httpd.sh  0 [root@zabbix-agent script]# systemctl stop httpd        //此时停止httpd服务 [root@zabbix-agent script]# ./check_httpd.sh             // 脚本测试出来是1 1 [root@zabbix-agent script]#   关闭后记得启动httpd服务 

修改zabbix-agentd.conf文件

vim /etc/zabbix/zabbix_agentd.conf  添加： UserParameter=check_httpd,/bin/bash /etc/zabbix/script/check_httpd.sh

重启服务

systemctl restart zabbix-agent

 zabbix server端测试脚本

[root@zabbix-server ~]# zabbix_get -s 192.168.100.30 -k check_httpd 0 [root@zabbix-server ~]#  //0代表httpd服务已启动/ 

zabbix web平台配置

新建监控项

配置触发器

 测试

关闭httpd服务，测试告警信息

[root@zabbix-agent script]# systemctl stop httpd 

 此时查看告警信息和邮箱

邮箱

 开启httpd服务，查看邮箱是否收到恢复邮件

[root@zabbix-agent ~]# systemctl restart zabbix-agent.service

查看邮箱

自定义监控日志

下载log.py来协助我们进行测试，以httpd服务为例

将log.py上传到/etc/zabbix/script/目录下，然后给执行权限，修改所有者和所属组为zabbix

# log.py

    try:         seekfile = sys.argv[2]     except IndexError:         seekfile = '/tmp/logseek'     return seekfile  def getKey():     try:         tagKey = str(sys.argv[3])     except IndexError:         tagKey = 'Error'     return tagKey  def getResult(filename,seekfile,tagkey):     destPos = prePos(seekfile)     curPos = lastPos(filename)      if curPos < destPos:         curpos = 0      try:         f = open(filename)     except IOError:         print('Could not open file: %s' % filename)     except FileNotFoundError:         print('Could not open file: %s' % filename) #!/usr/bin/env python3 import sys import re  def prePos(seekfile):     global curpos     try:         cf = open(seekfile)     except IOError:         curpos = 0         return curpos     except FileNotFoundError:         curpos = 0         return curpos     else:         try:             curpos = int(cf.readline().strip())         except ValueError:             curpos = 0             cf.close()             return curpos         cf.close()     return curpos  def lastPos(filename):     with open(filename) as lfile:         if lfile.readline():             lfile.seek(0,2)         else:             return 0         lastPos = lfile.tell()     return lastPos  def getSeekFile():     try:         seekfile = sys.argv[2]     except IndexError:         seekfile = '/tmp/logseek'     return seekfile  def getKey():     try:         tagKey = str(sys.argv[3])     except IndexError:         tagKey = 'Error'     return tagKey  def getResult(filename,seekfile,tagkey):     destPos = prePos(seekfile)     curPos = lastPos(filename)      if curPos < destPos:         curpos = 0      try:         f = open(filename)     except IOError:         print('Could not open file: %s' % filename)     except FileNotFoundError:         print('Could not open file: %s' % filename)     else:         f.seek(destPos)          while curPos != 0 and f.tell() < curPos:             rresult = f.readline().strip()             global result             if re.search(tagkey, rresult):                 result = 1                 break             else:                 result = 0          with open(seekfile,'w') as sf:             sf.write(str(curPos))     finally:         f.close()     return result  if __name__ == "__main__":     result = 0     curpos = 0     tagkey = getKey()     seekfile = getSeekFile()     result = getResult(sys.argv[1],seekfile,tagkey)     print(result) 

### 作用：检查日志文件中是否有指定的关键字

#### 第一个参数为日志文件名（必须有，相对路径、绝对路径均可）

#### 第二个参数为seek position文件的路径（可选项，若不设置则默认为/tmp/logseek文件。相对路径、绝对路径均可）

#### 第三个参数为搜索关键字，默认为 Error

 设置属主和权限

chmod +x log.py

chown zabbix.zabbix log.py

httpd服务的日志文件在/var/log/httpd/目录下，首先我们需要给这个目录设置一个ACL权限，让zabbix用户有权限去访问该目录 

[root@zabbix-agent httpd]# setfacl -m u:zabbix:r-x /var/log/httpd/

下载python3来执行log.py脚本

[root@zabbix-agent ~]# yum -y install python3 

修改zabbix_agentd.conf文件，并重启服务

vim /etc/zabbix/zabbix_agentd.conf   UserParameter=check_httpd,/bin/bash /etc/zabbix/script/check_httpd.sh  UserParameter=check_logs[*],/usr/bin/python3 /etc/zabbix/script/log.py $1 $2 $3 

重启zabbix-agent服务

systemctl restart zabbix-agent.service

 测试脚本

[root@zabbix-agent script]#  python3 log.py /var/log/httpd/error_log  0 [root@zabbix-agent script]# echo 'Error'>> /var/log/httpd/error_log / 追加重定向一个Error到日志文件中做实验  [root@zabbix-agent script]#  python3 log.py /var/log/httpd/error_log  1 [root@zabbix-agent script]#  / 0为没有Error日志信息，1为有Error日志信息///

测试完成后将写入的Error内容删除

而且因文件/tmp/logseek属于root账户，在web端写入写不进去，所以删除

rm -rf /tmp/logseek

配置监控项

 创建触发器

测试

 向httpd日志文件输入一个error

[root@zabbix-agent script]# echo 'Error'>> /var/log/httpd/error_log  [root@zabbix-agent script]#  python3 log.py /var/log/httpd/error_log  1  //   0为没有Error日志信息，1为有Error日志信息  

查看是否有告警信息

zabbix监控 mysql主从

部署mysql主从

1、部署mysql主从，使用mariadb进行操作 192.168.100.10  master.example.com  master 192.168.100.20  slave.example.com  slave  2、将server、agent1、master、slave主机的/etc/hosts文件全部设置为 192.168.100.40  server.example.com server 192.168.100.30  agent1.example.com agent1 192.168.100.10  master.example.com master 192.168.100.20  slave.example.com  slave  3、然后两台主机都安装mariadb  mariadb-server yum install -y mariadb mariadb-server systemctl restart mariadb;systemctl enable mariadb  4、两台主机都初始化mysql数据库 mysql_secure_installation  [root@master ~]# mysql_secure_installation   NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB       SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!  In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and haven't set the root password yet, you should just press enter here.  Enter current password for root (enter for none):  OK, successfully used password, moving on...  Setting the root password or using the unix_socket ensures that nobody can log into the MariaDB root user without the proper authorisation.  You already have your root account protected, so you can safely answer 'n'.  Switch to unix_socket authentication [Y/n] y Enabled successfully! Reloading privilege tables..  ... Success!   You already have your root account protected, so you can safely answer 'n'.  Change the root password? [Y/n] y New password:  Re-enter new password:  Password updated successfully! Reloading privilege tables..  ... Success!   By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them.  This is intended only for testing, and to make the installation go a bit smoother.  You should remove them before moving into a production environment.  Remove anonymous users? [Y/n] y  ... Success!  Normally, root should only be allowed to connect from 'localhost'.  This ensures that someone cannot guess at the root password from the network.  Disallow root login remotely? [Y/n] n  ... skipping.  By default, MariaDB comes with a database named 'test' that anyone can access.  This is also intended only for testing, and should be removed before moving into a production environment.  Remove test database and access to it? [Y/n] y  - Dropping test database...  ... Success!  - Removing privileges on test database...  ... Success!  Reloading the privilege tables will ensure that all changes made so far will take effect immediately.  Reload privilege tables now? [Y/n] y  ... Success!  Cleaning up...  All done!  If you've completed all of the above steps, your MariaDB installation should now be secure.  Thanks for using MariaDB!  5、修改数据库配置文件，然后两台主机都重启mariadb服务 Master： vim /etc/my.cnf [mysqld] #添加两行数据 log_bin=mysql-bin server_id=20  systemctl restart mariadb  Slave： vim /etc/my.cnf [mysqld] #添加两行数据 log_bin=mysql-bin server_id=30 systemctl restart mariadb    6、进入数据库配置主从 Master： mysql -u root -p   #密码为redhat grant all privileges  on *.* to root@'%' identified by "redhat"; grant replication slave on *.* to 'user'@'slave' identified by 'redhat';  Slave： grant all privileges  on *.* to root@'%' identified by "redhat"; change master to master_host='master',master_user='user',master_password='redhat'; start slave; show slave status\G  Slave_IO_Running: Connecting Slave_SQL_Running: Yes 

 安装zabbix-agent

 slave主机中安装zabbix-agent软件包，将slave添加到zabbix web监控平台中

将server主机的zabbix.repo复制过来，接着安装zabbix-agent

更改yum源

1

2

[root@slave yum.repos.d]# vim zabbix.repo  [root@slave yum.repos.d]# cat zabbix.repo  [zabbix] name=Zabbix Official Repository - $basearch baseurl=https://mirrors.aliyun.com/zabbix/zabbix/7.0/rocky/9/$basearch/ enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-B5333005  [zabbix-non-supported] name=Zabbix Official Repository non-supported - $basearch baseurl=https://mirrors.aliyun.com/zabbix/non-supported/rhel/9/$basearch/ enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-08EFA7DD gpgcheck=1  [zabbix-sources] name=Zabbix Official Repository source code - $basearch baseurl=https://repo.zabbix.com/zabbix/7.0/rocky/9/SRPMS enabled=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-B5333005 gpgcheck=1 [root@slave yum.repos.d]# 

 安装zabbix-agent

yum -y install zabbix-agent

修改/etc/zabbix/zabbix_agentd.conf

vim /etc/zabbix/zabbix_agentd.conf  Server=192.168.100.10  ServerActive=192.168.100.40  Hostname=slave

重启服务

[root@slave ~]# systemctl restart zabbix-agent.service 
[root@slave ~]# systemctl enable zabbix-agent.service 

在监控平台添加主机

 

 在slave上配置脚本

[root@slave ~]# cd /etc/zabbix/ [root@slave zabbix]# mkdir script [root@slave zabbix]# cd script/ [root@slave script]# cat mysql_slave_status.sh  #!/bin/bash USER="root" PASSWD="redhat" NAME=$1  function IO {     Slave_IO_Running=`mysql -u $USER -p$PASSWD -e "show slave status\G;" 2> /dev/null |grep Slave_IO_Running |awk '{print $2}'`     if [ $Slave_IO_Running == "Connecting" ];then         echo 0      else         echo 1      fi }  function SQL {     Slave_SQL_Running=`mysql -u $USER -p$PASSWD -e "show slave status\G;" 2> /dev/null |grep Slave_SQL_Running: |awk '{print $2}'` if [ $Slave_SQL_Running == "Yes" ];then echo 0      else         echo 1      fi  }  case $NAME in    io)        IO    ;;    sql)        SQL    ;;    *)         echo -e "Usage: $0 [io | sql]" 

修改属主和权限

chmod +x mysql_slave_status.sh

chown -R zabbix.zabbix /etc/zabbix/script/

 验证脚本是否正确

[root@slave script]# ./mysql_slave_status.sh io 0 [root@slave script]# ./mysql_slave_status.sh sql 0 [root@slave script]#  

编写一个自配置文件， 里面指定上面编写的脚本的路径，然后重启服务

[root@slave ~]# cd /etc/zabbix/zabbix_agentd.d/ [root@slave zabbix_agentd.d]# vim userparameter_mysql_slave.conf [root@slave zabbix_agentd.d]# cat userparameter_mysql_slave.conf  UserParameter=mysql.slave[*],/etc/zabbix/script/mysql_slave_status.sh $1

设置属主

[root@slave zabbix_agentd.d]# chown -R zabbix.zabbix /etc/zabbix/zabbix_agentd.d/userparameter_mysql_slave.conf[root@slave zabbix_agentd.d]# ll total 4 -rw-r--r-- 1 zabbix zabbix 73 Aug 14 11:21 userparameter_mysql_slave.conf 

 重启服务

systemctl restart zabbix-agent.service

去zabbix server验证状态，使用zabbix_get命令验证，需要下载zibbix-get包

验证的结果如果是0，为正常，如果为1，则异常

[root@zabbix-server ~]# zabbix_get -s 192.168.100.20 -k mysql.slave[io] 0 [root@zabbix-server ~]# zabbix_get -s 192.168.100.20 -k mysql.slave[sql] 0 [root@zabbix-server ~]#  

在zabbix web平台配置监控项

新建监控项

1

2

 新建触发器

测试

 将mysql主从关闭

查看zabbix告警信息，验证邮箱是由能接收到邮件

mysql -uroot -plinux -e "stop slave;"

告警

 邮箱

恢复mysql主从 

mysql -uroot -plinux -e "start slave;"

zabbix监控主从延迟 

cd /etc/zabbix/script

#Behind：落后主库多少秒，存在秒数则出现主库复制之间的延迟   

#只要当延迟数据为NULL，以及0-200是正常的，否则其他数字输入1表示错误

vim mysql_delay.sh  #!/bin/bash      delay=$(mysql -uroot -predhat -e 'show slave status\G' 2> /dev/null | grep 'Seconds_Behind_Master' | awk '{print $2}') if [ $delay == "NULL" ];then echo 0 elif [ $delay -ge 0 ] && [ $delay -le 200 ];then          echo 0 else echo $delay fi 

设置属主和权限

chown -R zabbix.zabbix mysql_delay.sh

chmod +x mysql_delay.sh

配置agentd文件，并重启服务

vim /etc/zabbix/zabbix_agentd.d/userparameter_mysql_slave.conf  UserParameter=mysql.slave[*],/etc/zabbix/script/mysql_slave_status.sh $1  UserParameter=check_mysql_delay,/bin/bash /etc/zabbix/script/mysql_delay.sh

重启服务

systemctl restart zabbix-agent.service

测试 mysql_delay.sh脚本

[root@slave script]# pwd /etc/zabbix/script [root@slave script]# ./mysql_delay.sh  0 [root@slave script]#  

在zabbix-server进行脚本测试

[root@zabbix-server ~]# zabbix_get -s 192.168.100.20 -k check_mysql_delay 0 

 在zabbix web平台操作

添加监控项

 验证

配置触发器

查看告警信息

邮箱 

 监控mysql主从延迟成功，将触发器的值修改回来