[root@k8s-node03 sh]# cat ECS1_xunjian.sh
#!/bin/bash

Author: hanye <hz7726@163.com>

         # BLOG:  https://hanye.com
 [ $(id -u) -gt 0 ] && echo "使用root用户执行此脚本或者sudo执行" && exit 1
 ###### 获取当前主机的内核版本 ######
 function echoe() {
 echo -e 
 echo -e
 }
 function getstatus() {
 echo -e "\033[32m###### 获取当前主机的内核版本 ######\033[0m"
 OS=`lsb_release -is` #系统
 OS_Version=`lsb_release -sr` #系统版本
 Kernel=`uname -r`  #系统内核
 Hostname=`hostname` #主机名称
 default_Lang=`echo $LANG` #默认语言
 Time=$(date +'%Y-%m-%d %H:%M:%S') #当前时间
 Login_time=$(who -b | awk '{print $3,$4}') #此用户登录时间
 Up_Time=$(uptime |awk '/up /{print $3,$4}'|sed 's@,@@') #服务器运行时间
 echo "系统: $OS"
 echo "系统版本: $OS_Version"
 echo "系统内核: $Kernel"
 echo "主机名称: $Hostname"
 echo "默认语言: $default_Lang"
 echo "当前时间: $Time"
 echo "此用户登录时间: $Login_time"
 echo "服务器运行时间: $Up_Time"
 echoe
 }
 ###### 获取 当前主机ip地址 ######
 function ipaddr() {
 IPADDR=$(ifconfig ens160|awk '/inet/{print $2}'|head -n1)
 echo "IP地址是: $IPADDR"
 echoe
 }
 ###### 获取 当前主机cpu信息 #####
 function getCPUstatus() {
 echo -e
 echo -e "\033[32m###### 获取 当前主机cpu信息 #####\033[0m"
 Physical_CPUs=$(grep "physical id" /proc/cpuinfo| sort | uniq | wc -l)
 Virt_CPUs=$(grep "processor" /proc/cpuinfo | wc -l)
 CPU_cores=$(grep "cores" /proc/cpuinfo|uniq| awk -F":" '{print $NF}')
 CPU_Type=$(grep "model name" /proc/cpuinfo | awk -F":" '{print $2}')
 CPU_Arch=$(uname -m)
 echo "物理CPU个数: $Physical_CPUs"
 echo "逻辑CPU个数: $Virt_CPUs"
 echo "每CPU核心数: $CPU_cores"
 echo "CPU型号: $CPU_Type"
 echo "CPU架构: $CPU_Arch"
 echoe
 }
 ###### 获取磁盘大小 和INODE使用大小 ###### 
 function getDISKstatus() {
  echo -e "\033[32m###### 磁盘使用情况 ###### \033[0m"
     IFS="  
     "
     for i in `df -hP | sed 1d | awk '{print $(NF-1)"\t"$NF"\t"$(NF-2)}'`; do
      DISK_UTILIZ=$(echo $i |awk  '{print $1}')
      MOUNT_DISK=$(echo $i |awk  '{print $2}')
      DISK_FREE=$(echo $i |awk  '{print $3}')
      if [[ $(echo $DISK_UTILIZ | sed s/%//g) -gt 70 ]]; then
         echo "不正常""("$MOUNT_DISK"的使用率"$DISK_UTILIZ"较大,请注意"")"
      else
         continue
      fi
    done
     echo "磁盘具体使用情况:"
     df -hP | sed 1d | awk '{print $NF" ""分区"" ""剩余空间" ""$(NF-2),"使用率"" "$(NF-1)}'
 echoe
 }
 function getINODEstatus() {
 echo -e "\033[32m###### INODE使用情况 ###### \033[0m"
     IFS="  
     "
     for i in `df -iP | sed 1d | awk '{print $(NF-1)"\t"$NF"\t"$(NF-2)}'`; do
      INODE_UTILIZ=$(echo $i |awk  '{print $1}')
      MOUNT_INODE=$(echo $i |awk  '{print $2}')
      INODE_FREE=$(echo $i |awk  '{print $3}')
      if [[ $(echo $DISK_UTILIZ | sed s/%//g) -gt 80 ]]; then
         echo "不正常""("$MOUNT_INODE" 的使用率 "$INODE_UTILIZ" 较大,请注意"")"
      else
         continue
      fi
    done
     echo "INODE具体使用情况:"
     df -iP | sed 1d | awk '{print $NF" " "分区"" " "剩余INODE"" "$(NF-2) ,"使用率" $(NF-1)}'
 echoe
 }
 ###### 获取CPU使用情况 ######
 function getCPUSstatus() {
 echo -e "\033[32m######CPU使用情况######\033[0m" 
    CPU_HARDWARE=$(cat /proc/cpuinfo | grep name |cut -f2 -d: | uniq -c)
    CPU_NUMBER=$(cat /proc/cpuinfo | grep name |cut -f2 -d: | uniq -c | awk '{print $1}')
    CPU_LOAD=$(uptime | awk '{for(i=6;i<=NF;i++) printf $i""FS;print ""}')
    CPU_LOAD_NUMBER=$(uptime | awk -F"load average:" '{print $2}' | awk -F"," '{print $1}' | awk -F"." '{print $1}' |sed 's/^[ \t]*//g')
    CPU_UTILIZ=$(top -n 1 | grep "Cpu(s)")
    if [[ $CPU_LOAD_NUMBER -lt $CPU_NUMBER ]]; then
      CPU_STATUS=正常
    else
      CPU_STATUS=不正常
    fi
    echo "$CPU_STATUS("$CPU_HARDWARE,$CPU_LOAD,$CPU_UTILIZ")"
 echoe
 }
 ###### 获取内存大小 ######
 function getMEMORYstatus() {
 echo -e "\033[32m###### 获取内存大小 ######\033[0m"
   MEM_TOTLE=$(free -m | grep "Mem:" | awk -F" " '{print $2}')
   MEM_FREE=$(free -m | grep "Mem:" | awk -F" " '{print $4}')
   MEM_TOTLE_M=$(free -m | grep "Mem:" | awk -F" " '{print $2"M"}')
   MEM_FREE_M=$(free -m | grep "Mem:" | awk -F" " '{print $4"M"}')
   MEM_USED=$(echo $(($MEM_TOTLE-$MEM_FREE)))
   PERCENT=$(printf "%d%%" $(($MEM_USED*100/$MEM_TOTLE)))
   PERCENT7=$(echo $PERCENT|sed s/%//g)
    if [[ $PERCENT7 -lt 80 ]]
     then
      MEM_STATUS=正常
     else
      MEM_STATUS=不正常
    fi
   echo "$MEM_STATUS(""总内存大小"$MEM_TOTLE_M,"剩余内存大小"$MEM_FREE_M,"内存使用率"$PERCENT")"
 echoe
 }
 ###### 检查是否有命令被修改 ######
 function getChkrootkit() {
 /usr/sbin/chkrootkit -n > /tmp/chkrootkit_$TIME.log
    if [ "`grep 'INFECTED' /tmp/chkrootkit_$TIME.log`" != "" ];then 
       echo "服务器有命令植入 请查看/tmp/chkrootkit_$TIME.log 文件"
    else
      echo "服务器命令 安全"
   fi
 echoe
 }
 ###### 检查是否有暴力破解 ######
 function getSSHdeny() {
 echo -e "\033[32m######系统基本操作是否正常######\033[0m"
  if [ "$(lsb_release -is)" == 'CentOS' ]; then
    SSH_SUM=$(cat /var/log/secure | grep "authentication failure" | wc -l) 
    SSH_DIY=50
     if [ $SSH_SUM -gt $SSH_DIY ]; then
       echo "有人在试您root密码,请注意"
     else
      echo "正常"
    fi
 elif [ "$(lsb_release -is)" == 'Debian' ]; then
    SSH_SUM=$(cat /var/log/auth.log | grep "authentication failure" | wc -l)
    SSH_DIY=50
     if [ $SSH_SUM -gt $SSH_DIY ]; then
       echo "有人在试您root密码,请注意"
     else
      echo "正常"
    fi
 else
   echo "系统非是 debian和Centos和UBUNTU"
 fi
 echoe
 }
 ###### 防火墙检查 ######
 function getIptables() {
 echo -e "\033[32m##### 防火墙检查 ######\033[0m"
  iptables -L -n
 echoe
 }
 ###### 检查服务启动情况 ######
 function getServicestatus() {
 echo -e "\033[32m###### 检查服务启动情况 ######\033[0m"
 ####nginx
 netstat  -nlp|grep ":80"|grep nginx > /dev/null
 status_nginx=`echo $?`
 ps -ef|grep "nginx: master" > /dev/null
 status_nginx2=`echo $?`
 code_status=`curl -I -m 10 -o /dev/null -s -w %{http_code} http://hanye.com/index.php`
 if [ $status_nginx -eq 0 -a $status_nginx2 -eq 0 -a $code_status -eq 200 ]; then
   echo "HTTP服务启动成功"
 else
   echo "HTTP服务启动不成功"
 fi 
 echoe
 ####php-fpm
 ps -ef|grep "php-fpm: master"|grep -v grep > /dev/null
 status_php=`echo $?`
 code_status=`curl -I -m 10 -o /dev/null -s -w %{http_code} http://hanye.com/index.php`
 code=502
 code1=200
 if [ $code_status -eq $code1 -a $status_php -eq 0 ]; then
   echo "php-fpm服务启动成功"
 else
   echo "php-fpm服务启动不成功"
 fi
 echoe
 ####mysql
 #ps -ef|grep mysqld_safe|grep -v grep > /dev/null
 #status_mysql=`echo $?`
 #erp=`mysql -uuser -ppass -hlocalhost -e "use database;select name from online where id=1"|tail -n1`
 #if [ $status_mysql -eq 0 -a '$erp' == "hanye" ]; then
 #   echo "mysql服务启动成功"
 #else
 #  echo "mysql服务启动不成功"
 #fi
 #echoe
 }
 ###### 检查开机自启任务 ######
 function getAutoStartStatus() {
 echo -e "\033[32m###### 检查开机自启任务 ######\033[0m"
 conf=$(grep -v "^#" /etc/rc.d/rc.local| sed '/^$/d')
 echo "$conf"
 echoe
 }
 ###### 检查登录的用户和可登陆用户和未设置密码的用户 ######
 function getUser() {
 ####登录用户
 /usr/bin/w
 echoe
 ####可登陆用户
 user=`cat /etc/passwd|awk -F":" '$7 ~"/bin/bash"{print $1}'`
 echo "可登陆用户: $user"
 echoe
 ####未设置密码用户
 for i in $user; do
 cat /etc/shadow|grep $i|awk -F":" '$2 ~"!!"{print $1,$2}'
 done
 echoe
 }
 ###### 检查计划任务 ######
 function getCron() {
 echo -e "\033[32m###### 检查计划任务 ######\033[0m"
 user=`cat /etc/passwd|awk -F":" '$7 ~"/bin/bash"{print $1}'`
 for cronuser  in $user; do
   crontab  -l -u $cronuser > /dev/null 2>&1
   if [ $? -eq 0 ]; then
    echo "$cronuser"
    echo "#########"
    crontab -l -u $cronuser|grep -vE "^#|^$"
    echo "########"
  fi
 done
 echoe
 }
 ##### 检查sudo权限用户 ######
 function getSudo() {
 echo -e "\033[32m###### 检查sudo权限用户 ######\033[0m"
 sudo_user=$(grep -v "^#" /etc/sudoers| grep -v "^Defaults" | sed '/^$/d')
 for i in $sudo_user; do
 echo "########"
 echo "$i"
 echo "########"
 done
 echoe
 }
 ###### 进程检查 ######
 function getProcess() {
 echo -e "\033[32m###### 进程检查 ######\033[0m"
 #ps aux | grep Zs |  grep -v grep
 #ps -A -ostat,ppid,pid,cmd | grep -e '^[Zz]'
 if [ $(ps aux | grep Zs |  grep -v grep|wc -l) -ge 1 ];then
    echo "僵尸进程存在"
    ps aux | grep Zs |  grep -v grep  
 else
   echo "僵尸进程不存在"
 fi 
 echo -e "\033[32m 内存-------------------\033[0m"
 ###### 占用内存前十个进程
 ps aux | awk '{print $2, $4, $6, $11}' | sort -k3rn | head -n 10
 echo -e "\033[32m cpu-------------------\033[0m"
 ###### 占用cpu前十个进程
 top b -n1 | head -17 | tail -11
 echoe
 }
 ###### 检查其他业务是否正常 ######
 function getYeWu() {
 echoe
 }
 ###### 发送邮件 ######
 function FromEmail() {
 EMAIL='/data/soft/sendEmail-v1.56/sendEmail'
 FEMAIL="hz7726@163.com" #发件邮箱
 MAILP="PASSWDORD"
 MAILSMTP="smtp.exmail.qq.com" #发件邮箱的SMTP
 MAILT="hz7726@163.com" #收件邮箱
 MAILmessage=" 巡检报告已经生成  请查看"
 $EMAIL -q -f $FEMAIL -t $MAILT -u " 巡检报告已经生成  请查看" -m "$MAILmessage" -s $MAILSMTP -o message-charset=utf-8 -xu $FEMAIL -xp $MAILP -o tls=no -a /tmp/ECS_xunjian.txt
 }
 function Email() {
    if [ ! -e /data/soft/sendEmail-v1.56/sendEmail ]; then
     wget http://caspian.dotconf.net/menu/Software/SendEmail/sendEmail-v1.56.tar.gz
     tar xf sendEmail-v1.56.tar.gz -C /data/soft
     FromEmail
    else
     FromEmail
   fi
 }  
 function allstatus() {
 getstatus
 ipaddr
 getCPUstatus
 getDISKstatus
 getINODEstatus
 getCPUSstatus
 getMEMORYstatus
 getChkrootkit
 getSSHdeny
 getIptables
 getServicestatus
 getAutoStartStatus
 getUser
 getCron
 getProcess
 getYeWu
}
allstatus > /tmp/ECS_xunjian.txt
Email