停止nrpe服务在xinetd下的日志输出

 未分类  No Responses »
10 月 312014
 

查看系统日志,发现大量xinetd下nrpe日志

[root@localhost ~]# less /var/log/messages
 Oct 31 11:49:30 localhost xinetd[9646]: START: nrpe pid=10372 from=::ffff:192.168.153.110
 Oct 31 11:49:30 localhost xinetd[9646]: EXIT: nrpe status=0 pid=10372 duration=0(sec)
 Oct 31 11:51:15 localhost xinetd[9646]: START: nrpe pid=10642 from=::ffff:192.168.153.110
 Oct 31 11:51:15 localhost xinetd[9646]: EXIT: nrpe status=0 pid=10642 duration=0(sec)

修改配置文件,禁用成功状态下的日志

[root@localhost ~]# vi /etc/xinetd.conf
 # Define general logging characteristics.
                log_type        = SYSLOG daemon info
                log_on_failure  = HOST
 #              log_on_success  = PID HOST DURATION EXIT

nrpe-xinetd-log-disable

重新服务xinetd后再次查看日志,不再出现nrpe相关日志

Oct 31 11:52:05 localhost xinetd[9646]: Exiting...
Oct 31 11:52:05 localhost xinetd[10785]: xinetd Version 2.3.14 started with libwrap loadavg labeled-networking options compiled in.
Oct 31 11:52:05 localhost xinetd[10785]: Started working: 1 available service

Juniper SRX远程SSH性能故障分析

 未分类  No Responses »
10 月 312014
 

Oct 30 09:44:57  SRX240H2 sshd[31743]: Received disconnect from 60.173.26.173: 11: Normal Shutdown, Thank you for

playing
Oct 30 09:44:57  SRX240H2 sshd[31742]: Received disconnect from 60.173.14.143: 11: Normal Shutdown, Thank you for

playing
Oct 30 09:44:57  SRX240H2 /kernel: nearing maxproc limit by uid 0, please see tuning(7) and login.conf(5).
Oct 30 09:44:57  SRX240H2 /kernel: Process with Most Children- 1356:inetd – Children – 75

Oct 30 10:30:13  SRX240H2 /kernel: nearing maxproc limit by uid 0, please see tuning(7) and login.conf(5).
Oct 30 10:30:13  SRX240H2 /kernel: Process with Most Children- 1356:inetd – Children – 74
Oct 30 10:30:13  SRX240H2 sshd[39713]: Failed password for root from 60.173.14.143 port 11945 ssh2
Oct 30 10:30:13  SRX240H2 sshd: SSHD_LOGIN_FAILED: Login failed for user ‘root’ from host ‘60.173.26.173’
Oct 30 10:30:13  SRX240H2 sshd[39748]: Received disconnect from 60.173.14.143: 11: Normal Shutdown, Thank you for

playing
Oct 30 10:30:13  SRX240H2 sshd: SSHD_LOGIN_FAILED: Login failed for user ‘root’ from host ‘60.173.14.143’

Oct 30 16:38:17  SRX240H2 sshd[6327]: Received disconnect from 60.173.26.173: 11: Normal Shutdown, Thank you for

playing
Oct 30 16:38:17  SRX240H2 sshd[6321]: Failed password for  from 222.186.58.204 port 1911 ssh2
Oct 30 16:38:17  SRX240H2 sshd: SSHD_LOGIN_FAILED: Login failed for user ” from host ‘222.186.58.204’
Oct 30 16:38:18  SRX240H2 sshd[6329]: Received disconnect from 60.173.14.143: 11: Normal Shutdown, Thank you for

playing
Oct 30 16:38:18  SRX240H2 sshd[6325]: Failed password for root from 60.173.26.173 port 30298 ssh2
Oct 30 16:38:18  SRX240H2 sshd: SSHD_LOGIN_FAILED: Login failed for user ‘root’ from host ‘60.173.26.173’
Oct 30 16:38:18  SRX240H2 sshd[6323]: failed to copy /var/db/login-attempts+ to /var/db/login-attempts

juniper-srx-attack-ssh-01 juniper-srx-attack-ssh-02 juniper-srx-attack-ssh-03 juniper-srx-attack-ssh-04 juniper-srx-attack-ssh-05

Cacti Web安装过程错误分析

 未分类  No Responses »
10 月 292014
 

安装cacti过程中,由于未导入数据库,而直接在浏览器中请求cacti页面导致的错误日志

[Wed Oct 29 23:15:26 2014] [error] [client 113.118.48.124] PHP Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 523800 bytes) in /usr/local/cacti/lib/adodb/adodb.inc.php on line 833
[Wed Oct 29 23:15:34 2014] [error] [client 113.118.48.124] PHP Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 523800 bytes) in /usr/local/cacti/lib/adodb/adodb.inc.php on line 833
[Wed Oct 29 23:16:49 2014] [error] [client 113.118.48.124] PHP Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 523800 bytes) in /usr/local/cacti/lib/adodb/adodb.inc.php on line 833
[Wed Oct 29 23:17:01 2014] [error] [client 113.118.48.124] PHP Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 523800 bytes) in /usr/local/cacti/lib/adodb/adodb.inc.php on line 833

执行以下操作后再次访问cacti安装页面

mysql -u root -ppasswd cacti < /usr/local/cacti/cacti.sql

使用check_multipath.pl检测多路径状态

 未分类  No Responses »
10 月 292014
 

检测多路径数量状态
[root@rtmp01 libexec]# ./check_multipath.pl -m 1 -o 2
OK
LUN mpathc: 2/2.
[root@rtmp01 libexec]#

执行multipath需root权限

修改NRPE配置文件
# command_prefix=/usr/bin/sudo
command_prefix=/usr/bin/sudo

修改sudoer配置文件
#Defaults    requiretty

nagios  ALL=(ALL)       NOPASSWD: ALL

保持nagios用户为可登录状态
/etc/passwd
/bin/bash

错误分析一
[root@monitor libexec]# ./check_nrpe -H 192.168.155.114 -c check_multipath

ERROR: Command failed, ‘sudo’ not configured for command: ‘/sbin/multipath -l’? |Host: rtmp01|
[root@monitor libexec]#

错误分析二
[root@monitor libexec]# ./check_nrpe -H 192.168.155.114 -c check_multipath
NRPE: Unable to read output
[root@monitor libexec]# ./check_nrpe -H 192.168.155.114 -c check_multipath
OK<br/>LUN mpathc: 2/2.<br/>
[root@monitor libexec]#

定义命令
command[check_multipath]=/usr/local/nagios/libexec/check_multipath.pl -m 1 -o 2

定义服务
define service{
use                             generic-service
host_name                       rtmp01
service_description             Multipath Status
check_command                   check_nrpe!check_multipath
}

Linux下查看CPU物理逻辑及核心数量

 未分类  No Responses »
10 月 292014
 

Intel(R) Xeon(R) CPU E5-2603 v2 @ 1.80GHz

物理处理器数量
[harveymei@monitor ~]$ cat /proc/cpuinfo |grep “physical id”|sort |uniq|wc -l
1
逻辑处理器数量(包括多核和多线程)
[harveymei@monitor ~]$ cat /proc/cpuinfo |grep “processor”|wc -l
4
物理核心数量
[harveymei@monitor ~]$ cat /proc/cpuinfo |grep “cores”|uniq
cpu cores       : 4
[harveymei@monitor ~]$

Nagios插件check_mysql_slavestatus

 数据库, 监控  No Responses »
10 月 252014
 

复制状态检测插件

[root@monitor libexec]# ./check_mysql_slavestatus.sh -H 192.168.153.113 -P 3306 -u cacti -p qweszxc -w 2 -c 5
 OK: Slave SQL running: Yes Slave IO running: Yes / master: 192.168.153.112 / slave is 0 seconds behind master |
 delay=0s
[root@monitor libexec]#

取值来源

Slave_SQL_Running
Slave_IO_Running
Master_Host
Seconds_Behind_Master

新增插件
http://www.claudiokuenzler.com/nagios-plugins/check_mysql_slavestatus.sh

定义命令

[root@monitor libexec]# vi ../etc/objects/commands.cfg
define command{
 command_name check_mysql_slavestatus
 command_line $USER1$/check_mysql_slavestatus.sh -H $HOSTADDRESS$ -P $ARG1$ -u $ARG2$ -p $ARG3$
 }

在配置文件中引用命令

define service{
 use generic-service
 host_name dbmaster01
 service_description MySQL Slave Status
 check_command check_nrpe!check_mysql_slavestatus!3306!cacti!qweszxc!1!5
 }

优化,重定义(适用多台相同账户配置主机)

# 'check_mysql_slavestatus'
define command{
 command_name check_mysql_slavestatus
 command_line $USER1$/check_mysql_slavestatus.sh -H $HOSTADDRESS$ -P 3306 -u cacti -p qweszxc -w
 $ARG1$ -c $ARG2$
 }
define service{
 use generic-service
 host_name dbmaster01
 service_description MySQL Slave Status
 check_command check_mysql_slavestatus!1!5
 }

nagios-check-mysql-slavestatus

Seconds_Behind_Master 解析

http://blog.itpub.net/23721637/viewspace-1050178/

MySQL slave状态之Seconds_Behind_Master

http://blog.csdn.net/zbszhangbosen/article/details/8494921

 Older Entries