| 环境 | IP | 主机名 |
|---|---|---|
| 服务端 | 192.168.32.133 | asuna |
| 客户端 | 192.168.32.128 | WJX |
1 自定义监控项–日志监控
1.1 客户端编写脚本
检查日志文件中是否有指定的关键字
[root@WJX ~]# vim /scripts/zabbix/log.py
#!/usr/bin/env python3
import sys
import re
def prePos(seekfile):
global curpos
try:
cf = open(seekfile)
except IOError:
curpos = 0
return curpos
except FileNotFoundError:
curpos = 0
return curpos
else:
try:
curpos = int(cf.readline().strip())
except ValueError:
curpos = 0
cf.close()
return curpos
cf.close()
return curpos
def lastPos(filename):
with open(filename) as lfile:
if lfile.readline():
lfile.seek(0,2)
else:
return 0
lastPos = lfile.tell()
return lastPos
def getSeekFile():
try:
seekfile = sys.argv[2]
except IndexError:
seekfile = '/tmp/logseek'
return seekfile
def getKey():
try:
tagKey = str(sys.argv[3])
except IndexError:
tagKey = 'Error'
return tagKey
def getResult(filename,seekfile,tagkey):
destPos = prePos(seekfile)
curPos = lastPos(filename)
if curPos < destPos:
curpos = 0
try:
f = open(filename)
except IOError:
print('Could not open file: %s' % filename)
except FileNotFoundError:
print('Could not open file: %s' % filename)
else:
f.seek(destPos)
while curPos != 0 and f.tell() < curPos:
rresult = f.readline().strip()
global result
if re.search(tagkey, rresult):
result = 1
break
else:
result = 0
with open(seekfile,'w') as sf:
sf.write(str(curPos))
finally:
f.close()
return result
if __name__ == "__main__":
result = 0
curpos = 0
tagkey = getKey()
seekfile = getSeekFile()
result = getResult(sys.argv[1],seekfile,tagkey)
print(result)
[root@WJX ~]# chmod +x /scripts/zabbix/log.py
1.2 客户端修改配置文件
[root@WJX ~]# vim /usr/local/etc/zabbix_agentd.conf
//加入内容
UserParameter=check_log[*],/usr/bin/python /scripts/log.py $1 $2 $3
//第一个参数为日志文件名(必须有,相对路径、绝对路径均可)
//第二个参数为seek position文件的路径(可选项,若不设置则默认为/tmp/logseek文件。相对路径、绝对路径均可)
//第三个参数为搜索关键字,默认为 Error
[root@WJX ~]# pkill zabbix
[root@WJX ~]# zabbix_agentd
1.3 配置添加监控项及触发器
1.4 触发
