1.使用命令查看TCP连接状态
(1)过去常用命令:netstat -antp
[root@ansible-control zabbix]# netstat -antp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 19285/zabbix_agentd
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1620/mysqld
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 815/rpcbind
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 7887/nginx: master
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 1948/dnsmasq
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1169/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1171/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1691/master
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 12527/sshd: root@pt
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 16970/sshd: root@pt
(2)现在常用命令:ss -antp
[root@ansible-control zabbix]# ss -antp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:10050 *:* users:(("zabbix_agentd",pid=19290,fd=4),("zabbix_agentd",pid=19289,fd=4),("zabbix_agentd",pid=19288,fd=4),("zabbix_agentd",pid=19287,fd=4),("zabbix_agentd",pid=19286,fd=4),("zabbix_agentd",pid=19285,fd=4))
LISTEN 0 50 *:3306 *:* users:(("mysqld",pid=1620,fd=14))
LISTEN 0 128 *:111 *:* users:(("rpcbind",pid=815,fd=8))
LISTEN 0 128 *:80 *:* users:(("nginx",pid=7888,fd=6),("nginx",pid=7887,fd=6))
LISTEN 0 5 192.168.122.1:53 *:* users:(("dnsmasq",pid=1948,fd=6))
LISTEN 0 128 *:22 *:*
2.编写监控脚本思路
使用AWK获取第一列的状态信息:
[root@ansible-control zabbix]# ss -antp | awk '{print $1}'
State
LISTEN
LISTEN
LISTEN
LISTEN
LISTEN
LISTEN
LISTEN
LISTEN
LISTEN
LISTEN
TIME-WAIT
TIME-WAIT
TIME-WAIT
3.修改被监控端主机的/etc/zabbix/zabbix_agentd.conf文件
UserParameter=tcp.status[*],ss -antp | awk '{a[$$1]++}END{print a["'$1'"]}'
4.在zabbix-server端测试能够成功获取到客户端信息
[root@zabbix-server-center /]# zabbix_get -s 192.168.10.100 -p 10050 -k 'tcp.status[LISTEN]'
17
[root@zabbix-server-center /]# zabbix_get -s 192.168.10.100 -p 10050 -k 'tcp.status[TIME-WAIT]'
96
5.创建模板并查看图形