Zabbix监控TCP status

监控原理

ss -ant | awk 'NR>1 {++s[$1]} END {for(k in s) print k,s[k]}'

LAST-ACK 5
ESTAB 348
FIN-WAIT-1 11
CLOSING 1
FIN-WAIT-2 41
TIME-WAIT 2447
LISTEN 8

状态值的解释

ESTABLISHED:　　The socket has an established connection.

SYN_SENT:　　The socket is actively attempting to establish a connection.

SYN_RECV:　　A connection request has been received from the network.

FIN_WAIT1:　　The socket is closed, and the connection is shutting down.

FIN_WAIT2:　　Connection is closed, and the socket is waiting for a shutdown from the remote end.

TIME_WAIT:　　The socket is waiting after close to handle packets still in the network.

CLOSED:　　The socket is not being used.

CLOSE_WAIT:　　The remote end has shut down, waiting for the socket to close.

LAST_ACK:　　The remote end has shut down, and the socket is closed. Waiting for acknowledgement.

LISTEN:　　The  socket  is listening for incoming connections.

CLOSING:　　Both sockets are shut down but we still don’t have all our data sent.

监控脚本

#!/bin/bash
# 2017/1/09 pdd
# 未出现的状态值取0

status() {
    ss -ant | awk 'NR>1 {++s[$1]} END {for(k in s) print k,s[k]}'
}

case $1 in
    LISTEN)
        listen=`status | grep "$1" | awk '{print $2}'`
        [ -z "$listen" ] && echo 0 || echo "$listen"
        ;;
    SYN-SENT)
        syn_sent=`status | grep "$1" | awk '{print $2}'`
        [ -z "$syn_sent" ] && echo 0 || echo "$syn_sent"
        ;;
    SYN-RCVD)
        syn_rcvd=`status | grep "$1" | awk '{print $2}'`
        [ -z "$syn_rcvd" ] && echo 0 || echo "$syn_rcvd"
        ;;
    ESTAB)
        estab=`status | grep "$1" | awk '{print $2}'`
        [ -z "$estab" ] && echo 0 || echo "$estab"
        ;;
    FIN-WAIT-1)
        fin_wait_1=`status | grep "$1" | awk '{print $2}'`
        [ -z "$fin_wait_1" ] && echo 0 || echo "$fin_wait_1"
        ;;
    CLOSE-WAIT)
        close_wait=`status | grep "$1" | awk '{print $2}'`
        [ -z "$close_wait" ] && echo 0 || echo "$close_wait"
        ;;
    FIN-WAIT-2)
        fin_wait_2=`status | grep "$1" | awk '{print $2}'`
        [ -z "$fin_wait_2" ] && echo 0 || echo "$fin_wait_2"
        ;;
    LAST-ACK)
        last_ack=`status | grep "$1" | awk '{print $2}'`
        [ -z "$last_ack" ] && echo 0 || echo "$last_ack"
        ;;
    TIME-WAIT)
        time_wait=`status | grep "$1" | awk '{print $2}'`
        [ -z "$time_wait" ] && echo 0 || echo "$time_wait"
        ;;
    CLOSED)
        closed=`status | grep "$1" | awk '{print $2}'`
        [ -z "$closed" ] && echo 0 || echo "$closed"
        ;;
    *)
        echo "Usage: LISTEN SYN-SENT SYN-RCVD ESTAB FIN-WAIT-1 CLOSE-WAIT FIN-WAIT-2 LAST-ACK TIME-WAIT CLOSED"
        ;;
esac

添加配置文件

userparameter_tcp.conf  # 需要reload zabbix_agentd

# TCP
UserParameter=tcp.status[*],/usr/local/zabbix/scripts/tcp-status.sh $1

添加监控模板