mirror of https://github.com/lework/script
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
84 lines
3.7 KiB
84 lines
3.7 KiB
4 years ago
|
#!/bin/bash
|
||
|
# create log file folder
|
||
|
test -e /var/log/ecsanalyse || mkdir /var/log/ecsanalyse;
|
||
|
datetime=$(date +%Y%m%d-%H-%M-%S-%N)
|
||
|
log_filename=ecs_analyse_${datetime}.log
|
||
|
log_file=/var/log/ecsanalyse/$log_filename
|
||
|
|
||
|
# script start------------
|
||
|
echo "##*problem_total_analyse" >> $log_file 2>&1
|
||
|
echo "###dos-ff" >> $log_file 2>&1
|
||
|
file /etc/passwd >> $log_file 2>&1
|
||
|
file /etc/shadow >> $log_file 2>&1
|
||
|
file /etc/pam.d/* >> $log_file 2>&1
|
||
|
echo "###limits" >> $log_file 2>&1
|
||
|
cat /etc/security/limits.conf | grep -Ev "^$|[#;]" >> $log_file 2>&1
|
||
|
echo "###virtio-net-multiqueue" >> $log_file 2>&1
|
||
|
for i in $(ip link | grep -E "^[0-9]+: .*:" -o | cut -d ":" -f 2 | grep -v lo); do echo $i >> $log_file 2>&1; ethtool -l $i 2>/dev/null | grep Combined >> $log_file 2>&1; done
|
||
|
echo "###passwd" >> $log_file 2>&1
|
||
|
cat /etc/passwd >> $log_file 2>&1
|
||
|
echo "###cpu-top-5" >> $log_file 2>&1
|
||
|
top -b -n 1 | grep "%Cpu(s):" >> $log_file 2>&1
|
||
|
ps -eT -o%cpu,pid,tid,ppid,comm | grep -v CPU | sort -n -r | head -5 >> $log_file 2>&1
|
||
|
echo "###ssh-perm" >> $log_file 2>&1
|
||
|
echo "***centos" >> $log_file 2>&1
|
||
|
ls -l /etc/passwd /etc/shadow /etc/group /etc/gshadow /var/empty/* /etc/securetty* /etc/security/* /etc/ssh/* >> $log_file 2>&1
|
||
|
echo "***ubuntu" >> $log_file 2>&1
|
||
|
ls -l /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/securetty* /etc/security/* /etc/ssh/* >> $log_file 2>&1
|
||
|
echo "***debian" >> $log_file 2>&1
|
||
|
ls -l /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/securetty* /etc/security/* /etc/ssh/* >> $log_file 2>&1
|
||
|
echo "###blkid" >> $log_file 2>&1
|
||
|
blkid >> $log_file 2>&1
|
||
|
echo "###osinfo" >> $log_file 2>&1
|
||
|
if test -f "/etc/os-release"; then
|
||
|
cat /etc/os-release | egrep "^NAME=|^VERSION=" >> $log_file 2>&1
|
||
|
else
|
||
|
echo "no os-release" >> $log_file 2>&1
|
||
|
echo "no os-release" >> $log_file 2>&1
|
||
|
fi
|
||
|
if test -f "/etc/redhat-release" ; then
|
||
|
echo "redhat-release:" $(cat /etc/redhat-release) >> $log_file 2>&1
|
||
|
else
|
||
|
echo "no redhat-release" >> $log_file 2>&1
|
||
|
fi
|
||
|
echo "uname: " $(uname -a) >> $log_file 2>&1
|
||
|
echo "uname short\: " $(uname -r) >> $log_file 2>&1
|
||
|
echo "###softlink" >> $log_file 2>&1
|
||
|
ls -l / | grep "\->" >> $log_file 2>&1
|
||
|
echo "###iptables" >> $log_file 2>&1
|
||
|
echo "***centos-5" >> $log_file 2>&1
|
||
|
service iptables status >> $log_file 2>&1
|
||
|
echo "***centos-6" >> $log_file 2>&1
|
||
|
service iptables status >> $log_file 2>&1
|
||
|
echo "***centos-7" >> $log_file 2>&1
|
||
|
firewall-cmd --state >> $log_file 2>&1
|
||
|
echo "***ubuntu" >> $log_file 2>&1
|
||
|
ufw status >> $log_file 2>&1
|
||
|
echo "***default" >> $log_file 2>&1
|
||
|
iptables -L >> $log_file 2>&1
|
||
|
echo "###sysctl" >> $log_file 2>&1
|
||
|
cat /etc/sysctl.conf | grep nr_hugepages >> $log_file 2>&1
|
||
|
echo -e "net.ipv4.tcp_tw_recycle=\c" >> $log_file 2>&1 && cat /proc/sys/net/ipv4/tcp_tw_recycle >> $log_file 2>&1
|
||
|
echo -e "net.ipv4.tcp_timestamps=\c" >> $log_file 2>&1 && cat /proc/sys/net/ipv4/tcp_timestamps >> $log_file 2>&1
|
||
|
echo -e "fs.nr_open=\c" >> $log_file 2>&1 && cat /proc/sys/fs/nr_open >> $log_file 2>&1
|
||
|
echo -e "net.ipv4.tcp_sack=\c" >> $log_file 2>&1 && cat /proc/sys/net/ipv4/tcp_sack >> $log_file 2>&1
|
||
|
echo "###fstab" >> $log_file 2>&1
|
||
|
cat /etc/fstab | grep -Ev "^$|[#;]" >> $log_file 2>&1
|
||
|
echo "###dmesg" >> $log_file 2>&1
|
||
|
cat /proc/uptime >> $log_file 2>&1
|
||
|
dmesg | grep "invoked oom-killer" | tail -n 1 >> $log_file 2>&1
|
||
|
echo "###port-usage" >> $log_file 2>&1
|
||
|
netstat -tapn | grep LISTEN | grep -E 'sshd' >> $log_file 2>&1
|
||
|
echo "###selinux" >> $log_file 2>&1
|
||
|
echo "***default" >> $log_file 2>&1
|
||
|
getenforce >> $log_file 2>&1
|
||
|
echo "***ubuntu" >> $log_file 2>&1
|
||
|
service selinux status > /dev/null; echo $? >> $log_file 2>&1
|
||
|
echo "***debian" >> $log_file 2>&1
|
||
|
service selinux status > /dev/null; echo $? >> $log_file 2>&1
|
||
|
echo "###meminfo" >> $log_file 2>&1
|
||
|
cat /proc/meminfo | grep Hugepagesize >> $log_file 2>&1
|
||
|
cat /proc/meminfo | grep MemTotal >> $log_file 2>&1
|
||
|
# script end------------
|
||
|
|