首页 > 代码库 > 服务器常用工具说明[转]
服务器常用工具说明[转]
get_cpu_mem_info.bat
该脚本适用于windows系统。会每10秒记录一次当前所有进程消耗的CPU和内存使用量。可以用于找出占用资源异常的进程。 该脚本会将日志记录到脚本当前目录下的get_cpu_mem_info.log里。
@rem This batch script to collect cpu and memory usage info.@rem version 1.0 time:2014-3-9set log=get_cpu_mem_info.logset timeout=10:check@rem "The CPUusage and Memusage"wmic path Win32_PerfFormattedData_PerfProc_Process get Name,PercentUserTime,WorkingSet >>%log%wmic os get localdatetime >>%log%ping -n %timeout% 127.0.0.1>nulgoto check
get_cpu_mem_info.sh
该脚本适用于linux系统。会每10秒记录一次当前所有进程消耗的CPU和内存使用量以及。可以用于找出占用资源异常的进程。日志名称和位置:/tmp/get_cpu_mem_info.sh.log。
#!/bin/bash#When the free memory very less ,this script to collect CPU/memory usage information and dmessage information. #Version 1.0 time:2014-03-11#Version 2.0 time:2014-12-23#Version 3.0 time:2015-04-21#Version 4.0 time:2015-05-07logfile=/tmp/$0.logcheck_os_release(){ while true do os_release=$(grep "Red Hat Enterprise Linux Server release" /etc/issue 2>/dev/null) os_release_2=$(grep "Red Hat Enterprise Linux Server release" /etc/redhat-release 2>/dev/null) if [ "$os_release" ] && [ "$os_release_2" ] then if echo "$os_release"|grep "release 5" >/dev/null 2>&1 then os_release=redhat5 echo "$os_release" elif echo "$os_release"|grep "release 6" >/dev/null 2>&1 then os_release=redhat6 echo "$os_release" else os_release="" echo "$os_release" fi break fi os_release=$(grep "Aliyun Linux release" /etc/issue 2>/dev/null) os_release_2=$(grep "Aliyun Linux release" /etc/aliyun-release 2>/dev/null) if [ "$os_release" ] && [ "$os_release_2" ] then if echo "$os_release"|grep "release 5" >/dev/null 2>&1 then os_release=aliyun5 echo "$os_release" elif echo "$os_release"|grep "release 6" >/dev/null 2>&1 then os_release=aliyun6 echo "$os_release" elif echo "$os_release"|grep "release 7" >/dev/null 2>&1 then os_release=aliyun7 echo "$os_release" else os_release="" echo "$os_release" fi break fi os_release_2=$(grep "CentOS" /etc/*release 2>/dev/null) if [ "$os_release_2" ] then if echo "$os_release_2"|grep "release 5" >/dev/null 2>&1 then os_release=centos5 echo "$os_release" elif echo "$os_release_2"|grep "release 6" >/dev/null 2>&1 then os_release=centos6 echo "$os_release" elif echo "$os_release_2"|grep "release 7" >/dev/null 2>&1 then os_release=centos7 echo "$os_release" else os_release="" echo "$os_release" fi break fi os_release=$(grep -i "ubuntu" /etc/issue 2>/dev/null) os_release_2=$(grep -i "ubuntu" /etc/lsb-release 2>/dev/null) if [ "$os_release" ] && [ "$os_release_2" ] then if echo "$os_release"|grep "Ubuntu 10" >/dev/null 2>&1 then os_release=ubuntu10 echo "$os_release" elif echo "$os_release"|grep "Ubuntu 12.04" >/dev/null 2>&1 then os_release=ubuntu1204 echo "$os_release" elif echo "$os_release"|grep "Ubuntu 12.10" >/dev/null 2>&1 then os_release=ubuntu1210 echo "$os_release" elif echo "$os_release"|grep "Ubuntu 14.04" >/dev/null 2>&1 then os_release=ubuntu1204 echo "$os_release" else os_release="" echo "$os_release" fi break fi os_release=$(grep -i "debian" /etc/issue 2>/dev/null) os_release_2=$(grep -i "debian" /proc/version 2>/dev/null) if [ "$os_release" ] && [ "$os_release_2" ] then if echo "$os_release"|grep "Linux 6" >/dev/null 2>&1 then os_release=debian6 echo "$os_release" elif echo "$os_release"|grep "Linux 7" >/dev/null 2>&1 then os_release=debian7 echo "$os_release" else os_release="" echo "$os_release" fi break fi os_release=$(grep -i "opensuse" /etc/issue 2>/dev/null) os_release_2=$(grep -i "opensuse" /etc/*release 2>/dev/null) if [ "$os_release" ] && [ "$os_release_2" ] then if echo "$os_release"|grep "openSUSE 13.1" >/dev/null 2>&1 then os_release=opensuse1301 echo "$os_release" else os_release="" echo "$os_release" fi break fi break done}rhel56_fun(){ while true do vm_mem=$(free -m|grep "buffers/cache"|awk ‘{print $4}‘) cpu=$(top -bn2|grep "Cpu(s)"|awk ‘{print $5}‘|awk -F‘%‘ ‘{print $1}‘|tail -n1) check_cpu=$(echo "$cpu <20" |bc) echo "======================================================" >>$logfile date >>$logfile if [[ $vm_mem -le 100 ]] then echo "======================================================" >>$logfile echo "The memory is too less." >>$logfile free -m >>$logfile echo "=======================Memory info=====================" >>$logfile (ps aux|head -1;ps aux|sort -nrk6|grep -v "RSS") >>$logfile date >>$logfile echo "=======================Dmesg info=====================" >>$logfile dmesg >>$logfile dmesg -c elif [[ $check_cpu -eq 1 ]] then echo "======================================================" >>$logfile echo "The idle cpu is too less." >>$logfile echo "=======================CPU info========================" >>$logfile (ps aux|head -1;ps aux|sort -nrk3|grep -v "RSS") >>$logfiles echo "=======================Dmesg info=====================" >>$logfile dmesg >>$logfile dmesg -c fi sleep 10 done}rhel7_fun(){ while true do vm_mem=$(free -m|grep "buffers/cache"|awk ‘{print $4}‘) cpu=$(top -bn2|grep "Cpu(s)"|awk -F, ‘{print $4}‘|awk ‘{print $1}‘|tail -n1) check_cpu=$(echo "$cpu <20" |bc) echo "======================================================" >>$logfile date >>$logfile if [[ $vm_mem -le 100 ]] then echo "======================================================" >>$logfile echo "The memory is too less." >>$logfile free -m >>$logfile echo "=======================Memory info=====================" >>$logfile (ps aux|head -1;ps aux|sort -nrk6|grep -v "RSS") >>$logfile date >>$logfile echo "=======================Dmesg info=====================" >>$logfile dmesg >>$logfile dmesg -c elif [[ $check_cpu -eq 1 ]] then echo "======================================================" >>$logfile echo "The idle cpu is too less." >>$logfile echo "=======================CPU info========================" >>$logfile (ps aux|head -1;ps aux|sort -nrk3|grep -v "RSS") >>$logfiles echo "=======================Dmesg info=====================" >>$logfile dmesg >>$logfile dmesg -c fi sleep 10 done}debian_fun(){ while true do vm_mem=$(free -m|grep "buffers/cache"|awk ‘{print $4}‘) cpu=$(top -bn2|grep "Cpu(s)"|awk ‘{print $8}‘|awk -F‘%‘ ‘{print $1}‘|tail -n1) check_cpu=$(echo "$cpu <20" |bc) echo "======================================================" >>$logfile date >>$logfile if [[ $vm_mem -le 100 ]] then echo "======================================================" >>$logfile echo "The memory is too less." >>$logfile free -m >>$logfile echo "=======================Memory info=====================" >>$logfile (ps aux|head -1;ps aux|sort -nrk6|grep -v "RSS") >>$logfile date >>$logfile echo "=======================Dmesg info=====================" >>$logfile dmesg >>$logfile dmesg -c elif [[ $check_cpu -eq 1 ]] then echo "======================================================" >>$logfile echo "The idle cpu is too less." >>$logfile echo "=======================CPU info========================" >>$logfile (ps aux|head -1;ps aux|sort -nrk3|grep -v "RSS") >>$logfile echo "=======================Dmesg info=====================" >>$logfile dmesg >>$logfile dmesg -c fi sleep 10 done}check_os_releasecase "$os_release" inaliyun5|centos5|centos6|aliyun6) yum install bc -y rhel56_fun ;;centos7) yum install bc -y rhel7_fun ;;ubuntu10|ubuntu1204|ubuntu1210|ubuntu1404|debian6|debian7) apt-get install bc -y debian_fun ;;opensuse1301) echo "Can not support openSUSE." exit 1 ;;*) echo "Unknow OS system." exit 1 ;;esac
get_network_info.bat
该脚本适用于windows系统。会每5秒钟对目标地址进行ping检测,有丢包或不通时会搜集用户本地网络配置信息、路由表、ARP表并进行traceroute。这些信息都记录到脚本当前目录下的checknet.log文件里。
@rem this batch script to collect network information for analysis. @rem version 2.0 time:2014-5-20color 1fset log=checknet.logSet tm1=%time:~0,2%Set tm2=%time:~3,2%Set tm3=%time:~6,2%set /p destip=目标IP地址::check_ping@rem Get the client network infomation.echo %date% %tm1%点%tm2%分%tm3%秒 >>%log%echo —————————————————ping infomation————————————————————>>%log%ping -n 10 -w 1 %destip% >>%log%if %ERRORLEVEL% NEQ 0 goto check_traceecho —————————————————interface infomation————————————————————>>%log%ipconfig /all >>%log%echo —————————————————route infomation————————————————————>>%log%netstat -rn >>%log%echo —————————————————arp infomation————————————————————>>%log%arp -a >>%log%:check_traceecho —————————————————trace route infomation————————————————————>>%log%tracert -d -w 2000 %destip% >>%log%ping -n 5 127.0.0.1>nulgoto check_ping
check_destination_port.sh
该脚本适用于linux系统。该脚本每5秒检查目标地址端口可用性,当无法连接的时候搜集网络连接情况、路由探测信息和dmesg信息并保存到日志里。日志名称和位置:/tmp/check_destination_port.sh.log。
#!/bin/bash#This script collect network information and check the destination port. #Version 1.0 time:2014-3-11logfile=/tmp/$0.logdmesg_file1=/tmp/1dmesg_file2=/tmp/2read -p "Input the destination IP or URL: " ipread -p "Input the destination PORT: " portget_dmesg(){ echo "===================dmessages info==============================" >>$logfile dmesg >$dmesg_file2 diff $dmesg_file1 $dmesg_file2 >>$logfile cat $dmesg_file2 >$dmesg_file1}dmesg -cdmesg >$dmesg_file1while truedoif [ "X$ip" == "X" ] || [ "X$port" == "X" ]then echo "Error:The IP or URL or PORT is not define.Will exit." exit 1else echo "===================port info==============================" >>$logfile date >>$logfile nc -vzw 2 $ip $port >>$logfile if [ "$?" -ne 0 ] then get_dmesg echo "===================network connection info==============================" >>$logfile (netstat -antlp >>$logfile) echo "===================trace route info==============================" >>$logfile (traceroute -Tnp $port $ip >>$logfile) else sleep 5 fifidone
windows2003_drop_port.bat
该脚本适用于windows 2003系统,主要用于在云服务器被肉鸡后禁止对外攻击,留出时间进行分析和修复。该脚本将禁止对外发送UDP数据包和禁止对TCP的22、80、443、1314、3306、3433、3389、8080端口发送数据包。
@rem 配置windows2003系统的IP安全策略@rem version 3.0 time:2014-5-12netsh ipsec static add policy name=dropnetsh ipsec static add filterlist name=drop_portnetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=21 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=22 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=23 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=25 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=53 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=80 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=135 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=139 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=443 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=445 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=1314 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=1433 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=1521 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=2222 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=3306 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=3433 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=3389 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=4899 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=8080 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any dstport=18186 protocol=TCP mirrored=nonetsh ipsec static add filter filterlist=drop_port srcaddr=me dstaddr=any protocol=UDP mirrored=nonetsh ipsec static add filteraction name=denyact action=blocknetsh ipsec static add rule name=kill policy=drop filterlist=drop_port filteraction=denyactnetsh ipsec static set policy name=drop assign=y
windows2008_drop_port.bat
该脚本适用于windows 2008系统,主要用于在云服务器被肉鸡后禁止对外攻击,留出时间进行分析和修复。该脚本将禁止对外发送UDP数据包和禁止对TCP的22、80、443、1314、3306、3433、3389、8080端口发送数据包。
@rem 配置windows2008系统的IP安全策略@rem version 3.0 time:2014-5-12@rem 重置防火墙使用默认规则netsh firewall resetnetsh firewall set service remotedesktop enable all@rem 配置高级windows防火墙netsh advfirewall firewall add rule name="drop" protocol=TCP dir=out remoteport="21,22,23,25,53,80,135,139,443,445,1433,1314,1521,2222,3306,3433,3389,4899,8080,18186" action=blocknetsh advfirewall firewall add rule name="dropudp" protocol=UDP dir=out remoteport=any action=block
linux_drop_port.sh
该脚本适用于linux系统,主要用于在云服务器被肉鸡后禁止对外攻击,留出时间进行分析和修复。该脚本将禁止对外发送UDP数据包和禁止对TCP的22、80、443、1314、3306、3433、3389、8080端口发送数据包。
#!/bin/bash##########################################Function: linux drop port#Usage: bash linux_drop_port.sh#Author: Customer Service Department#Company: Alibaba Cloud Computing#Version: 2.0#########################################check_os_release(){ while true do os_release=$(grep "Red Hat Enterprise Linux Server release" /etc/issue 2>/dev/null) os_release_2=$(grep "Red Hat Enterprise Linux Server release" /etc/redhat-release 2>/dev/null) if [ "$os_release" ] && [ "$os_release_2" ] then if echo "$os_release"|grep "release 5" >/dev/null 2>&1 then os_release=redhat5 echo "$os_release" elif echo "$os_release"|grep "release 6" >/dev/null 2>&1 then os_release=redhat6 echo "$os_release" else os_release="" echo "$os_release" fi break fi os_release=$(grep "Aliyun Linux release" /etc/issue 2>/dev/null) os_release_2=$(grep "Aliyun Linux release" /etc/aliyun-release 2>/dev/null) if [ "$os_release" ] && [ "$os_release_2" ] then if echo "$os_release"|grep "release 5" >/dev/null 2>&1 then os_release=aliyun5 echo "$os_release" elif echo "$os_release"|grep "release 6" >/dev/null 2>&1 then os_release=aliyun6 echo "$os_release" else os_release="" echo "$os_release" fi break fi os_release=$(grep "CentOS release" /etc/issue 2>/dev/null) os_release_2=$(grep "CentOS release" /etc/*release 2>/dev/null) if [ "$os_release" ] && [ "$os_release_2" ] then if echo "$os_release"|grep "release 5" >/dev/null 2>&1 then os_release=centos5 echo "$os_release" elif echo "$os_release"|grep "release 6" >/dev/null 2>&1 then os_release=centos6 echo "$os_release" else os_release="" echo "$os_release" fi break fi os_release=$(grep -i "ubuntu" /etc/issue 2>/dev/null) os_release_2=$(grep -i "ubuntu" /etc/lsb-release 2>/dev/null) if [ "$os_release" ] && [ "$os_release_2" ] then if echo "$os_release"|grep "Ubuntu 10" >/dev/null 2>&1 then os_release=ubuntu10 echo "$os_release" elif echo "$os_release"|grep "Ubuntu 12.04" >/dev/null 2>&1 then os_release=ubuntu1204 echo "$os_release" elif echo "$os_release"|grep "Ubuntu 12.10" >/dev/null 2>&1 then os_release=ubuntu1210 echo "$os_release" else os_release="" echo "$os_release" fi break fi os_release=$(grep -i "debian" /etc/issue 2>/dev/null) os_release_2=$(grep -i "debian" /proc/version 2>/dev/null) if [ "$os_release" ] && [ "$os_release_2" ] then if echo "$os_release"|grep "Linux 6" >/dev/null 2>&1 then os_release=debian6 echo "$os_release" else os_release="" echo "$os_release" fi break fi os_release=$(grep "openSUSE" /etc/issue 2>/dev/null) os_release_2=$(grep "openSUSE" /etc/*release 2>/dev/null) if [ "$os_release" ] && [ "$os_release_2" ] then if echo "$os_release"|grep "13.1" >/dev/null 2>&1 then os_release=opensuse131 echo "$os_release" else os_release="" echo "$os_release" fi break fi break done}exit_script(){ echo -e "\033[1;40;31mInstall $1 error,will exit.\n\033[0m" rm -f $LOCKfile exit 1}config_iptables(){ iptables -I OUTPUT 1 -p tcp -m multiport --dport 21,22,23,25,53,80,135,139,443,445 -j DROP iptables -I OUTPUT 2 -p tcp -m multiport --dport 1433,1314,1521,2222,3306,3433,3389,4899,8080,18186 -j DROP iptables -I OUTPUT 3 -p udp -j DROP iptables -nvL}ubuntu_config_ufw(){ ufw deny out proto tcp to any port 21,22,23,25,53,80,135,139,443,445 ufw deny out proto tcp to any port 1433,1314,1521,2222,3306,3433,3389,4899,8080,18186 ufw deny out proto udp to any ufw status}####################Start####################check lock file ,one time only let the script run one time LOCKfile=/tmp/.$(basename $0)if [ -f "$LOCKfile" ]then echo -e "\033[1;40;31mThe script is already exist,please next time to run this script.\n\033[0m" exitelse echo -e "\033[40;32mStep 1.No lock file,begin to create lock file and continue.\n\033[40;37m" touch $LOCKfilefi#check userif [ $(id -u) != "0" ]then echo -e "\033[1;40;31mError: You must be root to run this script, please use root to execute this script.\n\033[0m" rm -f $LOCKfile exit 1fiecho -e "\033[40;32mStep 2.Begen to check the OS issue.\n\033[40;37m"os_release=$(check_os_release)if [ "X$os_release" == "X" ]then echo -e "\033[1;40;31mThe OS does not identify,So this script is not executede.\n\033[0m" rm -f $LOCKfile exit 0else echo -e "\033[40;32mThis OS is $os_release.\n\033[40;37m"fiecho -e "\033[40;32mStep 3.Begen to config firewall.\n\033[40;37m"case "$os_release" inredhat5|centos5|redhat6|centos6|aliyun5|aliyun6) service iptables start config_iptables ;;debian6) config_iptables ;;ubuntu10|ubuntu1204|ubuntu1210) ufw enable <<EOFyEOF ubuntu_config_ufw ;;opensuse131) config_iptables ;;esacecho -e "\033[40;32mConfig firewall success,this script now exit!\n\033[40;37m"rm -f $LOCKfile
weblogcheckutf8.sh & weblogcheckgbk.sh
该脚本适用于linux系统,用于分析web日志信息,详细用法见下面链接里的说明文档《web日志分析脚本.docx》,脚本分为utf8和gbk编码。
#!/bin/bash############################################# web日志分析脚本##2013-12-30 by 金象#version:1.0#使用方法:#./weblogcheck.sh [-c n] [-t n] -f FILE##选项说明:#-c(选填):设置IP、资源TOP榜显示量,默认显示前5名,参数需填写整数#-t(选填):设置日志统计时段,默认统计最后6个时段,参数需填写整数#-f(必填):指定日志文件,如果脚本与日志文件不在同一目录需填写绝对路径#例:#./weblogcheck.sh -f /alidata/log/httpd/access/phpwind.log#./weblogcheck.sh -c 3 -t 3 -f /alidata/log/httpd/access/phpwind.log##############################################使用帮助usage(){ echo -e "\nUsage:\n$0 [-c n] [-t n] -f FILE\n" echo -e "选项说明:" echo -e "-c(选填):设置IP、资源TOP榜显示量,默认显示前5名,参数需填写整数" echo -e "-t(选填):设置日志统计时段,默认统计最后6个时段,参数需填写整数" echo -e "-f(必填):指定日志文件,如果脚本与日志文件不在同一目录需填写绝对路径" echo -e "\n例:\n$0 -f /alidata/log/httpd/access/phpwind.log" echo -e "或:\n$0 -c 3 -t 3 -f /alidata/log/httpd/access/phpwind.log\n" exit}##华丽的分割线split_line="--------------------------------------------------"clear##审核选项while getopts ":hc:t:f:" script_optdo case ${script_opt} in h) time_hz=half ;; c) if [[ ${OPTARG} =~ ^[1-9][0-9]*$ ]];then ip_row=${OPTARG} else echo -e "\033[31mErr: -c选项请填写整数TOP榜显示行\033[0m" usage fi ;; t) if [[ ${OPTARG} =~ ^[1-9][0-9]*$ ]];then log_time=${OPTARG} else echo -e "\033[31mErr: -t选项请填写整数时段\033[0m" usage fi ;; f) if [ -e "${OPTARG}" ];then log_path=${OPTARG} else echo -e "\033[31mErr: ${OPTARG}日志文件不存在,请核实!\033[0m" usage fi ;; :) echo -e "\033[31mErr: -${OPTARG}选项缺少参数,请核实!\033[0m" usage ;; ?) echo -e "\033[31mErr: 无法识别的选项,请核实!\033[0m" usage ;; esac done##检测日志文件是否可用if [ -z "${log_path}" ];then echo -e "\033[31mErr: 请填写日志路径\033[0m" usagefi##检测日志文件大小log_size=$(du -m "${log_path}"|awk ‘{print $1}‘)if [ "${log_size}" -gt 50 ];then echo -e "日志文件:${log_path}\t大小:${log_size}MB\n日志文件体积较大,分析时间较长,是否继续?" read -p"yes[y] or no[n]:" -n 1 check_size if [ "${check_size}" = "y" ];then echo -e "\n正在分析,请稍等..." else echo -e "\n终止日志分析" exit fielif [ "${log_size}" -eq 0 ];then echo -e "日志文件:${log_path}\t大小:${log_size}MB\n\033[31m日志文件为空,请选择其他日志\033[0m" usagefi##设置时间分隔点time_mark=$(awk ‘{print $4}‘ "${log_path}"|cut -c 2-16|uniq|tail -n ${log_time:-6})##日志分析for mark in ${time_mark}do time_format=$(echo $mark|awk ‘BEGIN {FS="[/|:]"} {print $3"/"$2"/"$1"\t"$4":00-"$4":59"}‘) net_size=$(grep $mark "${log_path}"|awk ‘{if($10 ~ /[0-9]/) sum += $10} END {printf("%0.2f\n",sum/1024/1024)}‘) top_ip=$(grep $mark "${log_path}"| awk ‘{print $1}‘ |sort |uniq -c|sort -rn|head -n ${ip_row:-5}) top_page=$(grep $mark "${log_path}"|awk ‘{if($10>0 )print $7}‘|sort|uniq -c|sort -rn|head -n ${ip_row:-5}) echo -e "${split_line}\n${time_format} 本时段流量:${net_size} MB" echo -e " 次数 访问者IP" echo -e "${top_ip}" echo -e " 次数 访问资源" echo -e "${top_page}"done
#!/bin/bash############################################# web日志分析脚本##2013-12-30 by 金象#version:1.0#使用方法:#./weblogcheck.sh [-c n] [-t n] -f FILE##选项说明:#-c(选填):设置IP、资源TOP榜显示量,默认显示前5名,参数需填写整数#-t(选填):设置日志统计时段,默认统计最后6个时段,参数需填写整数#-f(必填):指定日志文件,如果脚本与日志文件不在同一目录需填写绝对路径#例:#./weblogcheck.sh -f /alidata/log/httpd/access/phpwind.log#./weblogcheck.sh -c 3 -t 3 -f /alidata/log/httpd/access/phpwind.log##############################################使用帮助usage(){ echo -e "\nUsage:\n$0 [-c n] [-t n] -f FILE\n" echo -e "选项说明:" echo -e "-c(选填):设置IP、资源TOP榜显示量,默认显示前5名,参数需填写整数" echo -e "-t(选填):设置日志统计时段,默认统计最后6个时段,参数需填写整数" echo -e "-f(必填):指定日志文件,如果脚本与日志文件不在同一目录需填写绝对路径" echo -e "\n例:\n$0 -f /alidata/log/httpd/access/phpwind.log" echo -e "或:\n$0 -c 3 -t 3 -f /alidata/log/httpd/access/phpwind.log\n" exit}##华丽的分割线split_line="--------------------------------------------------"clear##审核选项while getopts ":hc:t:f:" script_optdo case ${script_opt} in h) time_hz=half ;; c) if [[ ${OPTARG} =~ ^[1-9][0-9]*$ ]];then ip_row=${OPTARG} else echo -e "\033[31mErr: -c选项请填写整数TOP榜显示行\033[0m" usage fi ;; t) if [[ ${OPTARG} =~ ^[1-9][0-9]*$ ]];then log_time=${OPTARG} else echo -e "\033[31mErr: -t选项请填写整数时段\033[0m" usage fi ;; f) if [ -e "${OPTARG}" ];then log_path=${OPTARG} else echo -e "\033[31mErr: ${OPTARG}日志文件不存在,请核实!\033[0m" usage fi ;; :) echo -e "\033[31mErr: -${OPTARG}选项缺少参数,请核实!\033[0m" usage ;; ?) echo -e "\033[31mErr: 无法识别的选项,请核实!\033[0m" usage ;; esac done##检测日志文件是否可用if [ -z "${log_path}" ];then echo -e "\033[31mErr: 请填写日志路径\033[0m" usagefi##检测日志文件大小log_size=$(du -m "${log_path}"|awk ‘{print $1}‘)if [ "${log_size}" -gt 50 ];then echo -e "日志文件:${log_path}\t大小:${log_size}MB\n日志文件体积较大,分析时间较长,是否继续?" read -p"yes[y] or no[n]:" -n 1 check_size if [ "${check_size}" = "y" ];then echo -e "\n正在分析,请稍等..." else echo -e "\n终止日志分析" exit fielif [ "${log_size}" -eq 0 ];then echo -e "日志文件:${log_path}\t大小:${log_size}MB\n\033[31m日志文件为空,请选择其他日志\033[0m" usagefi##设置时间分隔点time_mark=$(awk ‘{print $4}‘ "${log_path}"|cut -c 2-16|uniq|tail -n ${log_time:-6})##日志分析for mark in ${time_mark}do time_format=$(echo $mark|awk ‘BEGIN {FS="[/|:]"} {print $3"/"$2"/"$1"\t"$4":00-"$4":59"}‘) net_size=$(grep $mark "${log_path}"|awk ‘{if($10 ~ /[0-9]/) sum += $10} END {printf("%0.2f\n",sum/1024/1024)}‘) top_ip=$(grep $mark "${log_path}"| awk ‘{print $1}‘ |sort |uniq -c|sort -rn|head -n ${ip_row:-5}) top_page=$(grep $mark "${log_path}"|awk ‘{if($10>0 )print $7}‘|sort|uniq -c|sort -rn|head -n ${ip_row:-5}) echo -e "${split_line}\n${time_format} 本时段流量:${net_size} MB" echo -e " 次数 访问者IP" echo -e "${top_ip}" echo -e " 次数 访问资源" echo -e "${top_page}"done
config_ntpclient.bat
该脚本适用于windows系统,将ntp时钟服务器配置为阿里云内部时钟源并将同步频率改为300秒。
@rem This batch script to config ntpclient.@rem version 1.0 time:2014-6-5@echo offREG ADD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient /v SpecialPollInterval /t REG_DWORD /d 300 /fw32tm /config /manualpeerlist:"ntp1.aliyun.com,0x1 ntp2.aliyun.com,0x1 ntp3.aliyun.com,0x1" /syncfromflags:manual /reliable:yes /updatenet stop w32timenet start w32time
转自:http://www.hellyhua.com/xuexi/server/893.html
服务器常用工具说明[转]