Port monitoring with system administrator notification
Recently there was a need for periodic monitoring of servers for the fall of some services (read ports) and notifications to the administrator (those of me) when an error occurs.
The solution is under a cat
So that we are several servers, a bunch of ports. we check the port for openness classically - nmap
example output: this means that the terminal server is up, and most likely it works :) if instead of open something else is written - accordingly, a jamb, you need to report. Long invented a message system. Came from the most difficult - to the simplest. A bee has such a mailtosms service, if you send a letter to a mailbox of the format 890912345678@sms.beemail.ru, then it will be fine with the text message.
so the task is to scan everything in a row from the list of servers and ports and what is not open - write it out in a separate file and send it to us for soap.
what happened:
How it works?
create the servers file , put it next to the script itself.
the content of the servers file is something like this: Well, in general , the sed -e 's /: / -p /' command replaces ":" with "-p" for a in $ (
- feeds the results to nmap
grep -q "/ tcp * open" || echo $ a; done> / var / test / serverlist; - pulls out lines if the port is not open and pushes them into the serverlist file ,
after which the file is checked for something or if there is something there, it is written to the log (for debugging) and sent to the soap / phone of the administrator.
voila. add to crontab, once an hour (so as not to strain ) and use
ZYZH I know that there are things like nagios and other network monitors, but they are too powerful and difficult to configure when it is enough to simply scan the ports of several servers.
The solution is under a cat
So that we are several servers, a bunch of ports. we check the port for openness classically - nmap
example output: this means that the terminal server is up, and most likely it works :) if instead of open something else is written - accordingly, a jamb, you need to report. Long invented a message system. Came from the most difficult - to the simplest. A bee has such a mailtosms service, if you send a letter to a mailbox of the format 890912345678@sms.beemail.ru, then it will be fine with the text message.
firewall:~/scripts# nmap 192.168.1.1 -p3389
Starting Nmap 4.11 ( www.insecure.org/nmap ) at 2009-05-06 14:54 GMT-4
Interesting ports on 192.168.1.1:
PORT STATE SERVICE
3389/tcp open ms-term-serv
MAC Address: 00:50:8D:EB:7E:08 (Abit Computer)
Nmap finished: 1 IP address (1 host up) scanned in 0.132 seconds
so the task is to scan everything in a row from the list of servers and ports and what is not open - write it out in a separate file and send it to us for soap.
what happened:
#! / bin / bash
for a in $ (/ var / test / serverlist;
DATENOW = $ (date +% d-% m-% Y_% T)
if (! ([-Z $ (cat / var / test / serverlist)])); then
echo $ DATENOW >> / var / test / log
cat / var / test / serverlist >> / var / test / log
mail 7909*******@sms.beemail.ru </ var / test / serverlist
fi
exit
How it works?
create the servers file , put it next to the script itself.
the content of the servers file is something like this: Well, in general , the sed -e 's /: / -p /' command replaces ":" with "-p" for a in $ (
192.168.1.1:80
192.168.1.2:25
192.168.1.3:110
grep -q "/ tcp * open" || echo $ a; done> / var / test / serverlist; - pulls out lines if the port is not open and pushes them into the serverlist file ,
after which the file is checked for something or if there is something there, it is written to the log (for debugging) and sent to the soap / phone of the administrator.
voila. add to crontab, once an hour (so as not to strain ) and use
ZYZH I know that there are things like nagios and other network monitors, but they are too powerful and difficult to configure when it is enough to simply scan the ports of several servers.