1. 服务器监控与告警
[root@lichu ~]# server_monitor.sh
#!/bin/bash
# 监控CPU、内存、磁盘使用情况并发送告警
# 配置参数
WARNING_CPU=80
CRITICAL_CPU=90
WARNING_MEM=80
CRITICAL_MEM=90
WARNING_DISK=80
CRITICAL_DISK=90
EMAIL="root"
# 获取系统状态
CPU_USAGE=$(top -bn1 | grep "Cpu(s)" | sed "s/.*, *\([0-9.]*\)%* id.*/\1/" | awk '{print 100 - $1}')
MEM_USAGE=$(free | grep Mem | awk '{print $3/$2 * 100.0}')
DISK_USAGE=$(df -h / | awk 'NR==2 {print $5}' | tr -d '%')
# 告警函数
send_alert() {
local subject=$1
local message=$2
echo "$message" | mail -s "$subject" "$EMAIL"
}
# CPU检查
if (( $(echo "$CPU_USAGE > $CRITICAL_CPU" | bc -l) )); then
send_alert "CRITICAL: High CPU usage on $(hostname)" "CPU usage is ${CPU_USAGE}%"
elif (( $(echo "$CPU_USAGE > $WARNING_CPU" | bc -l) )); then
send_alert "WARNING: High CPU usage on $(hostname)" "CPU usage is ${CPU_USAGE}%"
fi
# 内存检查
if (( $(echo "$MEM_USAGE > $CRITICAL_MEM" | bc -l) )); then
send_alert "CRITICAL: High Memory usage on $(hostname)" "Memory usage is ${MEM_USAGE}%"
elif (( $(echo "$MEM_USAGE > $WARNING_MEM" | bc -l) )); then
send_alert "WARNING: High Memory usage on $(hostname)" "Memory usage is ${MEM_USAGE}%"
fi
# 磁盘检查
if [ "$DISK_USAGE" -ge "$CRITICAL_DISK" ]; then
send_alert "CRITICAL: High Disk usage on $(hostname)" "Disk usage is ${DISK_USAGE}%"
elif [ "$DISK_USAGE" -ge "$WARNING_DISK" ]; then
send_alert "WARNING: High Disk usage on $(hostname)" "Disk usage is ${DISK_USAGE}%"
fi
2. Nginx访问日志分析
[root@lichu ~]# vim nginx_log_analyzer.sh
#!/bin/bash
# 分析Nginx访问日志,统计访问量、状态码、IP等
LOG_FILE="/var/log/nginx/access.log"
REPORT_FILE="/tmp/nginx_report_$(date +%Y%m%d).txt"
# 生成报告头部
echo "Nginx访问日志分析报告 - $(date)" > $REPORT_FILE
echo "=================================" >> $REPORT_FILE
# 1. 总访问量
total_requests=$(wc -l < $LOG_FILE)
echo "1. 总访问量: $total_requests" >> $REPORT_FILE
# 2. 独立IP数量
unique_ips=$(awk '{print $1}' $LOG_FILE | sort | uniq | wc -l)
echo "2. 独立IP数量: $unique_ips" >> $REPORT_FILE
# 3. 最活跃的10个IP
echo "3. 最活跃的10个IP:" >> $REPORT_FILE
awk '{print $1}' $LOG_FILE | sort | uniq -c | sort -nr | head -10 >> $REPORT_FILE
# 4. 状态码统计
echo "4. HTTP状态码统计:" >> $REPORT_FILE
awk '{print $9}' $LOG_FILE | sort | uniq -c | sort -nr >> $REPORT_FILE
# 5. 最常访问的10个URL
echo "5. 最常访问的10个URL:" >> $REPORT_FILE
awk '{print $7}' $LOG_FILE | sort | uniq -c | sort -nr | head -10 >> $REPORT_FILE
# 6. 流量统计(按MB计算)
total_bytes=$(awk '{sum+=$10} END {print sum/1024/1024}' $LOG_FILE)
echo "6. 总流量: $total_bytes MB" >> $REPORT_FILE
echo "报告已生成: $REPORT_FILE"
3. MySQL数据库备份
[root@lichu ~]# mysql_backup.sh
#!/bin/bash
# MySQL数据库备份脚本
# 配置参数
DB_USER="root"
DB_PASS="123456"
BACKUP_DIR="/data/backups/mysql"
DATE=$(date +%F)
KEEP_DAYS=30
EMAIL="yangsheng@1000phone.com"
# 创建备份目录
mkdir -p $BACKUP_DIR/$DATE
# 获取所有(业务)数据库列表
DATABASES=$(mysql -u$DB_USER -p$DB_PASS -e "SHOW DATABASES;" | grep -Ev "(Database|information_schema|performance_schema|mysql|sys)")
# 备份每个数据库
for db in $DATABASES; do
echo "Backing up database: $db"
mysqldump -u$DB_USER -p$DB_PASS --single-transaction --routines --triggers $db | gzip > $BACKUP_DIR/$DATE/$db.sql.gz
done
# 清理旧备份
find $BACKUP_DIR -type d -mtime +$KEEP_DAYS -exec rm -rf {} \;
# 备份完成后发送通知
echo "MySQL备份完成于 $(date)" | mutt -s "MySQL备份报告 - $(date)" $EMAIL
4. 系统工具箱V2.0
[root@lichu ~]# system_toolbox_v2.sh
#!/bin/bash
# 文件名:system_toolkitV2.0.sh
# 功能:交互式系统管理工具箱
# 颜色定义
RED='\033[31m'
GREEN='\033[32m'
YELLOW='\033[33m'
BLUE='\033[34m'
NC='\033[0m'
# 主菜单函数
show_menu() {
clear
echo -e "${GREEN}==============================================${NC}"
echo -e "${BLUE} Linux 系统工具箱 v2.0${NC}"
echo -e "${GREEN}==============================================${NC}"
echo "1. 系统信息概览"
echo "2. 磁盘使用检查"
echo "3. 内存使用检查"
echo "4. CPU负载监控"
echo "5. 网络连接检查"
echo "6. 服务状态管理"
echo "7. 用户账户管理"
echo "8. 防火墙管理"
echo "9. 批量杀进程"
echo "10. 计划任务管理"
echo "11. 软件包管理"
echo "12. 系统更新升级"
echo "13. 网络配置检查"
echo "14. 退出工具箱"
echo -e "${GREEN}==============================================${NC}"
}
# 工具箱主逻辑
while true
do
show_menu
read -p "请输入选项数字 (1-14): " choice
case $choice in
1) # 系统信息概览
echo -e "\n${YELLOW}====== 系统信息 ======${NC}"
echo "主机名: $(hostname)"
echo "操作系统: $(grep PRETTY_NAME /etc/os-release | cut -d'"' -f2)"
echo "内核版本: $(uname -r)"
echo "启动时间: $(uptime -s)"
echo "当前用户: $(whoami)"
;;
2) # 磁盘使用检查
echo -e "\n${YELLOW}====== 磁盘空间 ======${NC}"
df -h | grep -v tmpfs
echo -e "\n${YELLOW}====== Inode使用 ======${NC}"
df -i | grep -v tmpfs
;;
3) # 内存使用检查
echo -e "\n${YELLOW}====== 内存使用 ======${NC}"
free -h
echo -e "\n${YELLOW}====== 内存占用TOP10 ======${NC}"
ps -eo command,pid,user,%mem --sort=-%mem | head -11
;;
4) # CPU负载监控
echo -e "\n${YELLOW}====== CPU信息 ======${NC}"
lscpu | grep -E 'Model name|Socket|Core|CPU(s)'
echo -e "\n${YELLOW}====== 负载情况 ======${NC}"
uptime
echo -e "\n${YELLOW}====== CPU占用TOP10 ======${NC}"
ps -eo command,pid,user,%cpu --sort=-%cpu | head -11
;;
5) # 网络连接检查
echo -e "\n${YELLOW}====== 网络连接 ======${NC}"
ss -tulnp | grep -vE '127.0.0.1|::1'
echo -e "\n${YELLOW}====== 连接数统计 ======${NC}"
ss -s | head -2
;;
6) # 服务状态管理
echo -e "\n${YELLOW}====== 服务列表 ======${NC}"
systemctl list-unit-files --type=service | grep enabled
read -p "输入服务名 (启动/停止/重启/状态): " service
read -p "选择操作 (start|stop|restart|status): " action
sudo systemctl $action $service
;;
7) # 用户账户管理
echo -e "\n${YELLOW}====== 用户列表 ======${NC}"
cut -d: -f1 /etc/passwd | sort | column
read -p "输入用户名查看详细信息: " username
grep ^$username /etc/passwd
sudo chage -l $username 2>/dev/null || echo "用户不存在"
;;
8) # 防火墙管理
if which firewall-cmd &>/dev/null; then
echo -e "\n${YELLOW}====== 防火墙规则 ======${NC}"
sudo firewall-cmd --list-all
else
echo -e "\n${RED}未安装firewalld${NC}"
fi
;;
9) # 批量杀进程
read -p "输入进程名或PID (支持通配符): " target
pids=$(pgrep -f "$target")
if [ -z "$pids" ]; then
echo "未找到相关进程"
else
echo "找到进程:"
ps -fp $pids
read -p "确认终止以上进程? [y/N]: " confirm
[ "$confirm" = "y" ] && kill -9 $pids
fi
;;
10) # 计划任务管理
echo -e "\n${YELLOW}====== 当前用户计划任务 ======${NC}"
crontab -l
echo -e "\n${YELLOW}====== 系统计划任务 ======${NC}"
ls /etc/cron.* | xargs -n1 echo
;;
11) # 软件包管理
if grep -qEi 'centos|rhel' /etc/os-release; then
echo -e "\n${YELLOW}====== RPM包管理 ======${NC}"
read -p "输入包名搜索: " pkg
yum list installed | grep -i "$pkg"
else
echo -e "\n${YELLOW}====== DEB包管理 ======${NC}"
read -p "输入包名搜索: " pkg
apt list --installed | grep -i "$pkg"
fi
;;
12) # 系统更新升级
if grep -qEi 'centos|rhel' /etc/os-release; then
sudo yum update -y
else
sudo apt update && sudo apt upgrade -y
fi
;;
13) # 网络配置检查
echo -e "\n${YELLOW}====== 接口信息 ======${NC}"
ip -c addr show
echo -e "\n${YELLOW}====== 路由表 ======${NC}"
ip -c route show
echo -e "\n${YELLOW}====== DNS配置 ======${NC}"
cat /etc/resolv.conf
;;
14|q) # 退出
echo -e "${GREEN}感谢使用,GoodBye!${NC}"
exit 0
;;
*) # 无效输入
echo -e "${RED}无效选项,请重新输入${NC}"
sleep 1
;;
esac
# 按任意键返回菜单
read -n 1 -s -r -p "按任意键返回主菜单..."
done
5. SSH攻击监控处理
[root@lichu ~]# vim ssh_secure.sh
#!/bin/bash
# 监控SSH登录失败尝试并封锁多次失败的IP
# 配置参数
FAILED_LIMIT=5
SECURE_LOG="/var/log/secure"
BLOCKLIST="/etc/hosts.deny"
EMAIL="yangsheng@1000phone.com"
# 分析secure日志获取失败登录
FAILED_LOGINS=$(grep -E "Failed password|Bad|Did not receive" $SECURE_LOG | awk '{print $(NF-3)}' | sort | uniq -c | sort -nr)
# 处理每个IP
while read -r COUNT IP
do
# 检查是否已经封锁
if grep -q "$IP" $BLOCKLIST; then
continue
fi
# 如果失败次数超过限制
if [ "$COUNT" -ge "$FAILED_LIMIT" ]; then
echo "封锁IP: $IP (失败次数: $COUNT)"
echo "sshd: $IP" >> $BLOCKLIST
# 发送通知
echo "检测到并封锁了可疑的SSH登录尝试: IP $IP 失败 $COUNT 次" | mutt -s "SSH入侵警报: $IP 被封锁" $EMAIL
fi
done <<<"$FAILED_LOGINS"
root@lichu ~]# yum install msmtp mutt
root@lichu ~]# vim .msmtprc
account default
host smtp.126.com
port 465
from yangsheng131420@126.com
user yangsheng131420@126.com
password YDq5c3BnwPqxiqbN
auth login
tls on
tls_starttls off
logfile ~/.msmtp.log
[root@lichu ~]# vim .muttrc
set realname = "我的服务器"
set sendmail="/usr/bin/msmtp"
set use_from=yes
set from="------" #这里是一个邮箱,一定要打开SMTP功能
[root@lichu ~]# bash ssh_secure.sh
封锁IP: 47.237.177.222 (失败次数: 18)
封锁IP: 8.130.114.159 (失败次数: 12)
封锁IP: 196.251.114.29 (失败次数: 11)
封锁IP: 3.134.148.59 (失败次数: 8)
[root@lichu ~]# tail -4 /etc/hosts.deny
sshd: 47.237.177.222
sshd: 8.130.114.159
sshd: 196.251.114.29
sshd: 3.134.148.59
6. 服务管理脚本
[root@lichu ~]# service_manager.sh
#!/bin/bash
# 服务管理脚本,支持start/stop/restart/status参数
SERVICE_NAME="myapp"
PID_FILE="/var/run/$SERVICE_NAME.pid"
LOG_FILE="/var/log/$SERVICE_NAME.log"
# 检查是否以root运行
if [ "$(id -u)" -ne 0 ]; then
echo "错误: 此脚本必须以root用户或sudo运行"
exit 1
fi
# 使用说明
usage() {
echo "用法: $0 {start|stop|restart|status}"
exit 1
}
# 启动服务
start() {
if [ -f "$PID_FILE" ]; then
echo "服务已经在运行 (PID: $(cat $PID_FILE))"
return 1
fi
echo "启动 $SERVICE_NAME..."
nohup /usr/local/bin/$SERVICE_NAME >> $LOG_FILE 2>&1 &
echo $! > $PID_FILE
echo "服务已启动 (PID: $(cat $PID_FILE))"
}
# 停止服务
stop() {
if [ ! -f "$PID_FILE" ]; then
echo "服务未运行"
return 1
fi
echo "停止 $SERVICE_NAME..."
kill -9 $(cat $PID_FILE)
rm -f $PID_FILE
echo "服务已停止"
}
# 检查状态
status() {
if [ -f "$PID_FILE" ]; then
PID=$(cat $PID_FILE)
if ps -p $PID > /dev/null; then
echo "$SERVICE_NAME 正在运行 (PID: $PID)"
else
echo "$SERVICE_NAME PID文件存在但服务未运行"
fi
else
echo "$SERVICE_NAME 未运行"
fi
}
# 处理参数
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
sleep 2
start
;;
status)
status
;;
*)
usage
;;
esac
exit 0
💡 感谢你读到这里!这篇《Shell脚本运维实战》是我的用心分享,如果你觉得有收获,不妨:
⭐ 点个「赞」或「分享」,让更多同路人相遇
🔍 关注我的博客,持续接收技术/成长类干货
💬 文末留言聊聊你的想法,或遇到的同类问题~
🔒 本文为原创,转载请保留原文链接(https://www.lichu228.top/archives/431)与作者信息,感谢尊重与支持!
🌐 想找更多优质内容?点击进入博客主页探索吧~
