I am little confuse in zabbix triggers expresion, right now i am triggering an application count netstat -anp | grep 1433 |wc -l but I am getting no data from these trigger, can any one please help?
thanks in advance
item proc.num[1433] trigger {hostname:proc.num[1433].last()}>1500
Zabbix Agent doesn't have any key to count TCP/UDP connections. To collect the result of netstat you need a custom script, through user parameter. Also note that grep -c prints the number of lines, for example:
To count established connections on port 443:
netstat -an | egrep -c ":443 *ESTABLISHED"
Related
I connect to my work server (workserver1.com) from my local PC (localhost) using SSH and execute a bunch of commands on workserver1.
Below are the commands I execute using SSH
1) run script on server collect production data and put it in a txt
ssh -A workserver1.com 'python3 /usr/local/collect_data_online.py 2>&1 | tee /home/myname/out.txt'
$ please input your dynamic token: <manually input credential token generated every 15s>
2) filter lines I need and put in a dat file
ssh -A workserver1.com "grep 'my-keyword-cron' out.txt | grep -oP '({.*})' | tee workserver2.dat"
$ please input your dynamic token: <manually input credential token again>
3) send data collected in 2) and send to workserver2 which could only access through workserver1**
ssh -A workserver1.com 'curl workserver2.com --data-binary "#workserver2.dat" --compressed' "
$ please input your dynamic token: <manually input credential token 3rd time>
In each steps above , I actually created 3 completed different socket with workserver1.com. I got this info from running command below on remote server
$ ssh -A workserver1.com 'printenv | grep SSH'
SSH_CLIENT=10.126.192.xxx 58276 22
SSH_SESSION_ID=787878787878787878
SSH_TTY=/dev/pts/0
SSH_AUTH_SOCK=/tmp/ssh-XXXXKuJLEX/agent.29291
SSH_AUTH_CERT_SERIAL=666666666
SSH_AUTH_CERT_KEY=myname
# SSH_CONNECTION changes each time I make a SSH request to workserver1.com. so I need repeatedly input dynamic token manually
SSH_CONNECTION=10.126.192.xxx 58276 10.218.35.yyy 22
On my localhost I can also see SSH sock which used for the SSH connection
$ SSH_AUTH_SOCK=/tmp/ssh-localhost/agent.12345
My question is , is there a way to using single existing socket to avoid making multiple SSH connections and just input the dynamic token once. I hope I could use existing sock to interactively type commands to this SSH server and collect outpu/data as I want , just like on my localhost
What's in my mind is
1) socat can I run some command on localhost like
socat UNIX-CONNECT:$SSH_AUTH_SOCK,exec:'commands I want to execute' - ==> possible to get an interactive client&server shell?
2) is there any ssh option I could use ?
I am new to socat and not familiar with ssh except some commonly used commands
Thank you for your help in advance
The solution is open the first connection with '-M'
First use ControlMaster and ControlPath in ~/.ssh/config as below:
host *
ControlMaster auto
ControlPath ~/.ssh/ssh_mux_%h_%p_%r
And when connect toremote host the very first time, add '-M'
ssh -M $remotehost
Then in follow ssh connection with the same host you could just use
ssh $remotehost
I want to write a script to manage the WildFly start and deploy, but I'm having trouble now. To check if the server has started, I found the command
./jboss-cli.sh -c command=':read-attribute(name=server-state)' | grep running
But when the server is starting, because the controller is not available, ./jboss-cli.sh -c fails to connect and returns an error.
Is there a better way to check whether WildFly started completely?
I found a better solution. The command is
netstat -an | grep 9990 | grep LISTEN
Check the management port (9990) state before the WildFly is ready to accept management commands.
After that, use ./jboss-cli.sh -c command=':read-attribute(name=server-state)' | grep running to check if the server has started. Change the port
if the management port config is not the default 9990.
Here is my start & deploy script, the idea is continually check until the server started.
Then, use the jboss-cli command to deploy my application. And just print the log to the screen, so don't need to use another shell to tail the log file.
#!bin/sh
totalRow=0
printLog(){ #output the new log in the server.log to screen
local newTotal=$(awk 'END{print NR}' ./standalone/log/server.log) #quicker than wc -l
local diff=$(($newTotal-$totalRow))
tail -n $diff ./standalone/log/server.log
totalRow=$newTotal
}
nohup bin/standalone.sh>/dev/null 2>&1 &
echo '======================================== Jboss-eap-7.1 is starting now ========================================'
while true #check if the port is ready
do
sleep 1
if netstat -an | grep 9990 | grep LISTEN
then
printLog
break
fi
printLog
done
while true #check if the server start success
do
if bin/jboss-cli.sh --connect command=':read-attribute(name=server-state)' | grep running
then
printLog
break
fi
printLog
sleep 1
done
echo '======================================== Jboss-eap-7.1 has started!!!!!! ========================================'
bin/jboss-cli.sh --connect command='deploy /bcms/jboss-eap-7.1/war/myApp.war' &
tail -f -n0 ./standalone/log/server.log
I checked number of connections to my MongoDB server using db.serverStatus().connections and got this result:
matrix:PRIMARY> db.serverStatus().connections
{
"current" : 45,
"available" : 51155,
"totalCreated" : NumberLong(1886475)
}
However when I tried to check which clients are connected by following this answer, I got this result:
$ sudo lsof | grep mongod | grep TCP | wc -l
5390
Which one of the above is correct and why is there a huge difference in the two outputs?
This was just a problem with the lsof output. lsof includes the offset of the file in the output: https://unix.stackexchange.com/questions/60422/how-to-interpret-this-output-of-lsof-command. So there are multiple entries for the same connection in the output. Once I removed that, number of clients from lsof was same as that reported by db.serverStatus().connections.
Parallels has a command line API which is documented here
>prlctl list
UUID STATUS IP_ADDR NAME
{ca50aac6-caa6-47a6-9bfe-e38f6261cb8d} running - win7
Still, even with this the IP_ADDR reported is always empty, even if the machine is running as has an internet connection.
How can I find the IP of the machine from the guest? I need a way to connect to the guest, by using a domain name or an IP.
If it's a Windows VM, you can get the IP with the following command from the host:
prlctl exec "VM Name" ipconfig | grep "IPv4" | grep -o '\d\{1,3\}\.\d\{1,3\}\.\d\{1,3\}\.\d\{1,3\}'
For a *nix VM:
prlctl exec "VM Name" ifconfig eth1 | grep "inet " | grep -o 'addr:\d\{1,3\}\.\d\{1,3\}\.\d\{1,3\}\.\d\{1,3\}' | grep -o '\d\{1,3\}\.\d\{1,3\}\.\d\{1,3\}\.\d\{1,3\}'
if you want to access the machine using SSH there is a built in command that can help with this.
prlctl enter <VM_ID|VM_NAME>
This will open a prompt as root to the VM
if you want the IP for any other reason there is another way to get it
prlctl exec <VM_ID|VM_NAME> ifconfig
The exec command from prlctl will execute the ifconfig command on the host linux machine (if using windows do ipconfig instead of ifconfig)
All the output of the ifconfig will be printed on your terminal and the ip will be clearly visible in the output
I stumbled upon this today and found it questionable that the list command shows an IP_ADDR but never the IP. I checked the most recent docs for the prlctl command and its states:
-f, --full
Shows the real IP address(es) for running virtual machines.
Providing this flag displays the IP addresses for me
prlctl list -f
I am trying to write an advanced whois client, so I have been experimenting with sending commands to whois servers using netcat (nc) in Arch Linux. For example, this works great:
$ echo domain google.com | nc whois.crsnic.net 43
# => nc outputs whois data for google.com
However, the whois server that handles suffixes like .br.com is whois.centralnic.net and that server seems to not work with netcat. When I give it any query, it seems to simply close the connection without a response:
$ echo foobar | nc whois.centralnic.net 43
# => No output from nc.
I successfully made the same query using telnet:
$ telnet whois.centralnic.net 43
Trying 193.105.170.136...
Connected to whois.centralnic.net.
Escape character is '^]'.
foobar
DOMAIN NOT FOUND
Connection closed by foreign host.
So what could possibly make a server behave differently for telnet than netcat?
I thought maybe it was a timing issue, so I unsuccessfully tried:
$ { sleep 4; echo foobar; sleep 4; } | nc whois.centralnic.net 43
# => No output from nc.
I saw that netcat has a -T option to make it behave more like telnet, so I unsuccessfully tried:
$ { sleep 4; echo foobar; sleep 4; } | nc -T whois.centralnic.net 43
# => No output from nc.
In my production system I will not be using netcat or telnet, but there seems to be some strange networking issue happening here and I would like to be aware of it. Can anyone shed some light on why netcat would work for all the whois servers but only telnet will work for whois.centralnic.net?
The service expects CRLF in its request, not just LF;
This works (on Ubuntu, there are multiple netcat versions, so can't speak for yours)
$ echo -e "foobar\r\n" | nc whois.centralnic.net 43
DOMAIN NOT FOUND