首页 > 代码库 > zabbix加入TCP连接数及状态的监控
zabbix加入TCP连接数及状态的监控
一 监控原理:
[root@99 nginx]# /bin/netstat -an|awk ‘/^tcp/{++S[$NF]}END{for(a in S) print a,S[a]}‘ TIME_WAIT 50FIN_WAIT2 2 ESTABLISHED 6 LISTEN 1
可以使用man netstat查看TCP的各种状态信息描述 ESTABLISHED socket已经建立连接 CLOSED socket没有被使用,无连接 CLOSING 服务器端和客户端都同时关闭连接 CLOSE_WAIT 等待关闭连接 TIME_WAIT 表示收到了对方的FIN报文,并发送出了ACK报文,等待2MSL后就可回到CLOSED状态 LAST_ACK 远端关闭,当前socket被动关闭后发送FIN报文,等待对方ACK报文 LISTEN 监听状态 SYN_RECV 接收到SYN报文 SYN_SENT 已经发送SYN报文 FIN_WAIT1 The socket is closed, and the connection is shutting down FIN_WAIT2 Connection is closed, and the socket is waiting for a shutdown from the remote end.
二 监控脚本:
tcp_conn_status.sh,放在zabbix-agent的应用服务器上/usr/local/zabbix/bin/tcp_conn_status.sh
#!/bin/bash #this script is used to get tcp and udp connetion status #tcp status metric=$1 tmp_file=/tmp/tcp_status.txt /bin/netstat -an|awk ‘/^tcp/{++S[$NF]}END{for(a in S) print a,S[a]}‘ > $tmp_file case $metric in closed) output=$(awk ‘/CLOSED/{print $2}‘ $tmp_file) if [ "$output" == "" ];then echo 0 else echo $output fi ;; listen) output=$(awk ‘/LISTEN/{print $2}‘ $tmp_file) if [ "$output" == "" ];then echo 0 else echo $output fi ;; synrecv) output=$(awk ‘/SYN_RECV/{print $2}‘ $tmp_file) if [ "$output" == "" ];then echo 0 else echo $output fi ;; synsent) output=$(awk ‘/SYN_SENT/{print $2}‘ $tmp_file) if [ "$output" == "" ];then echo 0 else echo $output fi ;; established) output=$(awk ‘/ESTABLISHED/{print $2}‘ $tmp_file) if [ "$output" == "" ];then echo 0 else echo $output fi ;; timewait) output=$(awk ‘/TIME_WAIT/{print $2}‘ $tmp_file) if [ "$output" == "" ];then echo 0 else echo $output fi ;; closing) output=$(awk ‘/CLOSING/{print $2}‘ $tmp_file) if [ "$output" == "" ];then echo 0 else echo $output fi ;; closewait) output=$(awk ‘/CLOSE_WAIT/{print $2}‘ $tmp_file) if [ "$output" == "" ];then echo 0 else echo $output fi ;; lastack) output=$(awk ‘/LAST_ACK/{print $2}‘ $tmp_file) if [ "$output" == "" ];then echo 0 else echo $output fi ;; finwait1) output=$(awk ‘/FIN_WAIT1/{print $2}‘ $tmp_file) if [ "$output" == "" ];then echo 0 else echo $output fi ;; finwait2) output=$(awk ‘/FIN_WAIT2/{print $2}‘ $tmp_file) if [ "$output" == "" ];then echo 0 else echo $output fi ;; *) echo -e "\e[033mUsage: sh $0 [closed|closing|closewait|synrecv|synsent|finwait1|finwait2|listen|established|lastack|timewait]\e[0m" esac
三 zabbix-agent配置
1、修改tcp_conn_status.sh文件权限:
chmod o+x /usr/local/zabbix/bin/tcp_conn_status.sh
2、在/usr/local/zabbix/etc目录下,创建文件tcp-status-params.conf
vi /usr/local/zabbix/etc/tcp-status-params.conf
3、在tcp-status-params.conf加入以下内容:
UserParameter=tcp.status[*],/usr/local/zabbix/bin/tcp_conn_status.sh $1
4、创建日志文件
vi /tmp/tcp_status.txt
四 重启zabbix-agent服务
/etc/init.d/zabbix_agentd restart
五 添加监控模板
<?xml version="1.0" encoding="UTF-8"?> <zabbix_export> <version>2.0</version> <date>2014-12-04T09:41:57Z</date> <groups> <group> <name>Templates</name> </group> </groups> <templates> <template> <template>Template TCP Connection Status</template> <name>Template TCP Connection Status</name> <groups> <group> <name>Templates</name> </group> </groups> <applications> <application> <name>TCP Status</name> </application> </applications> <items> <item> <name>CLOSED</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp.status[closed]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> </item> <item> <name>CLOSE_WAIT</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp.status[closewait]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> </item> <item> <name>CLOSING</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp.status[closing]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> </item> <item> <name>ESTABLISHED</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp.status[established]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> </item> <item> <name>FIN_WAIT1</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp.status[finwait1]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> </item> <item> <name>FIN_WAIT2</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp.status[finwait2]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> </item> <item> <name>LAST_ACK</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp.status[lastack]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> </item> <item> <name>LISTEN</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp.status[listen]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> </item> <item> <name>SYN_RECV</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp.status[synrecv]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> </item> <item> <name>SYN_SENT</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp.status[synsent]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> </item> <item> <name>TIME_WAIT</name> <type>0</type> <snmp_community/> <multiplier>0</multiplier> <snmp_oid/> <key>tcp.status[timewait]</key> <delay>60</delay> <history>90</history> <trends>365</trends> <status>0</status> <value_type>3</value_type> <allowed_hosts/> <units/> <delta>0</delta> <snmpv3_contextname/> <snmpv3_securityname/> <snmpv3_securitylevel>0</snmpv3_securitylevel> <snmpv3_authprotocol>0</snmpv3_authprotocol> <snmpv3_authpassphrase/> <snmpv3_privprotocol>0</snmpv3_privprotocol> <snmpv3_privpassphrase/> <formula>1</formula> <delay_flex/> <params/> <ipmi_sensor/> <data_type>0</data_type> <authtype>0</authtype> <username/> <password/> <publickey/> <privatekey/> <port/> <description/> <inventory_link>0</inventory_link> <applications> <application> <name>TCP Status</name> </application> </applications> <valuemap/> </item> </items> <discovery_rules/> <macros/> <templates/> <screens/> </template> </templates> <triggers> <trigger> <expression>{Template TCP Connection Status:tcp.status[timewait].last()}>10000</expression> <name>There are too many TCP TIME_WAIT status</name> <url/> <status>0</status> <priority>4</priority> <description/> <type>0</type> <dependencies/> </trigger> </triggers> <graphs> <graph> <name>TCP Status</name> <width>900</width> <height>200</height> <yaxismin>0.0000</yaxismin> <yaxismax>100.0000</yaxismax> <show_work_period>1</show_work_period> <show_triggers>1</show_triggers> <type>0</type> <show_legend>1</show_legend> <show_3d>0</show_3d> <percent_left>0.0000</percent_left> <percent_right>0.0000</percent_right> <ymin_type_1>0</ymin_type_1> <ymax_type_1>0</ymax_type_1> <ymin_item_1>0</ymin_item_1> <ymax_item_1>0</ymax_item_1> <graph_items> <graph_item> <sortorder>0</sortorder> <drawtype>0</drawtype> <color>C80000</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Connection Status</host> <key>tcp.status[closed]</key> </item> </graph_item> <graph_item> <sortorder>1</sortorder> <drawtype>0</drawtype> <color>00C800</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Connection Status</host> <key>tcp.status[closewait]</key> </item> </graph_item> <graph_item> <sortorder>2</sortorder> <drawtype>0</drawtype> <color>0000C8</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Connection Status</host> <key>tcp.status[closing]</key> </item> </graph_item> <graph_item> <sortorder>3</sortorder> <drawtype>0</drawtype> <color>C800C8</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Connection Status</host> <key>tcp.status[established]</key> </item> </graph_item> <graph_item> <sortorder>4</sortorder> <drawtype>0</drawtype> <color>00C8C8</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Connection Status</host> <key>tcp.status[finwait1]</key> </item> </graph_item> <graph_item> <sortorder>5</sortorder> <drawtype>0</drawtype> <color>C8C800</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Connection Status</host> <key>tcp.status[finwait2]</key> </item> </graph_item> <graph_item> <sortorder>6</sortorder> <drawtype>0</drawtype> <color>C8C8C8</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Connection Status</host> <key>tcp.status[lastack]</key> </item> </graph_item> <graph_item> <sortorder>7</sortorder> <drawtype>0</drawtype> <color>960000</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Connection Status</host> <key>tcp.status[listen]</key> </item> </graph_item> <graph_item> <sortorder>8</sortorder> <drawtype>0</drawtype> <color>009600</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Connection Status</host> <key>tcp.status[synrecv]</key> </item> </graph_item> <graph_item> <sortorder>9</sortorder> <drawtype>0</drawtype> <color>000096</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Connection Status</host> <key>tcp.status[synsent]</key> </item> </graph_item> <graph_item> <sortorder>10</sortorder> <drawtype>0</drawtype> <color>960096</color> <yaxisside>0</yaxisside> <calc_fnc>2</calc_fnc> <type>0</type> <item> <host>Template TCP Connection Status</host> <key>tcp.status[timewait]</key> </item> </graph_item> </graph_items> </graph> </graphs> </zabbix_export>
zabbix加入TCP连接数及状态的监控
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。