Linux：9个实用shell运维脚本 值得收藏！

1、Dos攻击防范（自动屏蔽攻击IP）

#!/bin/bashDATE=$(date+%d/%b/%Y:%H:%M)LOG_FILE=/usr/local/nginx/logs/demo2.access.logABNORMAL_IP=$(tail-n5000$LOG_FILE|grep$DATE|awk'{a[$1]++}END{for(iina)if(a[i]>10)printi}')forIPin$ABNORMAL_IP;doif[$(iptables-vnL|grep-c"$IP")-eq0];theniptables-IINPUT-s$IP-jDROPecho"$(date+'%F_%T')$IP">>/tmp/drop_ip.logfidone

2、Linux系统发送告警脚本

#yuminstallmailx#vi/etc/mail.rcsetfrom=baojingtongzhi@smtp=setsmtp-auth-user=baojingtongzhi@smtp-auth-password=123456setsmtp-auth=login

3、MySQL数据库备份单循环

#!/bin/bashDATE=$(date+%F_%H-%M-%S)HOST=localhostUSER=backupPASS=BACKUP_DIR=/data/db_backupDB_LIST=$(mysql-h$HOST-u$USER-p$PASS-s-e"showdatabases;"2>/dev/null|egrep-v"Database|information_schema|mysql|performance_schema|sys")forDBin$DB_LIST;doBACKUP_NAME=$BACKUP_DIR/${DB}_${DATE}.sqlif!mysqldump-h$HOST-u$USER-p$PASS-B$DB>$BACKUP_NAME2>/dev/null;thenecho"$BACKUP_NAME备份失败!"fidone

4、MySQL数据库备份多循环

#!/bin/bashDATE=$(date+%F_%H-%M-%S)HOST=localhostUSER=backupPASS=BACKUP_DIR=/data/db_backupDB_LIST=$(mysql-h$HOST-u$USER-p$PASS-s-e"showdatabases;"2>/dev/null|egrep-v"Database|information_schema|mysql|performance_schema|sys")forDBin$DB_LIST;doBACKUP_DB_DIR=$BACKUP_DIR/${DB}_${DATE}[!-d$BACKUP_DB_DIR]&&mkdir-p$BACKUP_DB_DIR&>/dev/nullTABLE_LIST=$(mysql-h$HOST-u$USER-p$PASS-s-e"use$DB;showtables;"2>/dev/null)forTABLEin$TABLE_LIST;doBACKUP_NAME=$BACKUP_DB_DIR/${TABLE}.sqlif!mysqldump-h$HOST-u$USER-p$PASS$DB$TABLE>$BACKUP_NAME2>/dev/null;thenecho"$BACKUP_NAME备份失败!"fidonedone

5、Nginx访问访问日志按天切割

#!/bin/bashLOG_DIR=/usr/local/nginx/logsYESTERDAY_TIME=$(date-d"yesterday"+%F)LOG_MONTH_DIR=$LOG_DIR/$(date+"%Y-%m")LOG_FILE_LIST="default.access.log"forLOG_FILEin$LOG_FILE_LIST;do[!-d$LOG_MONTH_DIR]&&mkdir-p$LOG_MONTH_DIRmv$LOG_DIR/$LOG_FILE$LOG_MONTH_DIR/${LOG_FILE}_${YESTERDAY_TIME}donekill-USR1$(cat/var/run/nginx.pid)

6、Nginx访问日志分析脚本

#!/bin/bash#日志格式:$remote_addr-$remote_user[$time_local]"$request"$status$body_bytes_sent"$http_referer""$http_user_agent""$http_x_forwarded_for"LOG_FILE=$1echo"统计访问最多的10个IP"awk'{a[$1]++}END{print"UV:",length(a);for(vina)printv,a[v]}'$LOG_FILE|sort-k2-nr|head-10echo"----------------------"echo"统计时间段访问最多的IP"awk'$4>="[01/Dec/:13:20:25"&&$4<="[27/Nov/:16:20:49"{a[$1]++}END{for(vina)printv,a[v]}'$LOG_FILE|sort-k2-nr|head-10echo"----------------------"echo"统计访问最多的10个页面"awk'{a[$7]++}END{print"PV:",length(a);for(vina){if(a[v]>10)printv,a[v]}}'$LOG_FILE|sort-k2-nrecho"----------------------"echo"统计访问页面状态码数量"awk'{a[$7""$9]++}END{for(vina){if(a[v]>5)printv,a[v]}}'

7、查看网卡实时流量脚本

#!/bin/bashNIC=$1echo-e"In------Out"whiletrue;doOLD_IN=$(awk'$0~"'$NIC'"{print$2}'/proc/net/dev)OLD_OUT=$(awk'$0~"'$NIC'"{print$10}'/proc/net/dev)sleep1NEW_IN=$(awk'$0~"'$NIC'"{print$2}'/proc/net/dev)NEW_OUT=$(awk'$0~"'$NIC'"{print$10}'/proc/net/dev)IN=$(printf"%.1f%s""$((($NEW_IN-$OLD_IN)/1024))""KB/s")OUT=$(printf"%.1f%s""$((($NEW_OUT-$OLD_OUT)/1024))""KB/s")echo"$IN$OUT"sleep1done

8、服务器系统配置初始化脚本

#/bin/bash#设置时区并同步时间ln-s/usr/share/zoneinfo/Asia/Shanghai/etc/localtimeif!crontab-l|grepntpdate&>/dev/null;then(echo"*1***>/dev/null2>&1";crontab-l)|crontabfi#禁用selinuxsed-i'/SELINUX/{s/permissive/disabled/}'/etc/selinux/config#关闭防火墙ifegrep"7.[0-9]"/etc/redhat-release&>/dev/null;thensystemctlstopfirewalldsystemctldisablefirewalldelifegrep"6.[0-9]"/etc/redhat-release&>/dev/null;thenserviceiptablesstopchkconfigiptablesofffi#历史命令显示操作时间if!grepHISTTIMEFORMAT/etc/bashrc;thenecho'exportHISTTIMEFORMAT="%F%T`whoami`"'>>/etc/bashrcfi#SSH超时时间if!grep"TMOUT=600"/etc/profile&>/dev/null;thenecho"exportTMOUT=600">>/etc/profilefi#禁止root远程登录sed-i's/#PermitRootLoginyes/PermitRootLoginno/'/etc/ssh/sshd_config#禁止定时任务向发送邮件sed-i's/^MAILTO=root/MAILTO=""/'/etc/crontab#设置最大打开文件数if!grep"*softnofile65535"/etc/security/limits.conf&>/dev/null;thencat>>/etc/security/limits.conf<<EOF*softnofile65535*hardnofile65535EOFfi#系统内核优化cat>>/etc/sysctl.conf<<EOFnet.ipv4.tcp_syncookies=1net.ipv4.tcp_max_tw_buckets=20480net.ipv4.tcp_max_syn_backlog=dev_max_backlog=262144net.ipv4.tcp_fin_timeout=20EOF#减少SWAP使用echo"0">/proc/sys/vm/swappiness#安装系统性能分析工具及其他yuminstallgccmakeautoconfvimsysstatnet-toolsiostatif

9、监控100台服务器磁盘利用率脚本

#!/bin/bashHOST_INFO=host.infoforIPin$(awk'/^[^#]/{print$1}'$HOST_INFO);doUSER=$(awk-vip=$IP'ip==$1{print$2}'$HOST_INFO)PORT=$(awk-vip=$IP'ip==$1{print$3}'$HOST_INFO)TMP_FILE=/tmp/disk.tmpssh-p$PORT$USER@$IP'df-h'>$TMP_FILEUSE_RATE_LIST=$(awk'BEGIN{OFS="="}/^\/dev/{print$NF,int($5)}'$TMP_FILE)forUSE_RATEin$USE_RATE_LIST;doPART_NAME=${USE_RATE%=*}USE_RATE=${USE_RATE#*=}if[$USE_RATE-ge80];thenecho"Warning:$PART_NAMEPartitionusage$USE_RATE%!"fidonedone

END

来源：我的小碗汤

版权归原作者所有，如有侵权，请联系删除。

IT技术分享社区

个人博客网站：https://programmerblog.xyz

文章推荐程序员效率：画流程图常用的工具程序员效率：整理常用的在线笔记软件远程办公：常用的远程协助软件，你都知道吗？51单片机程序下载、ISP及串口基础知识硬件：断路器、接触器、继电器基础知识