网络排查

#!/bin/bash
procNumber=`/usr/bin/ps -ef|grep '/var/log/messages'|grep -v grep|wc -l`
if [ $procNumber -eq 0 ]; then
    echo '>>/tmp/flat'
    nohup $(/usr/bin/tail -F /var/log/messages|awk '/out of memory/ {print $0;fflush()}'  >> /tmp/flag) & 
else
   echo 'kill'
   pkill -9 tail && nohup $(/usr/bin/tail -F /var/log/messages|awk '/out of memory/ {print $0;fflush()}'  >> /tmp/flag) & 
fi

echo "while"
while /usr/bin/inotifywait -e 'modify' /tmp/flag; do 
     echo "intifwait"
     /usr/sbin/ss -s  >> /alidata1/ss/ss-s.txt 
     /usr/sbin/ss  -ap >> /alidata1/ss/ss-ap.txt 
     /usr/sbin/ss -mp   >> /alidata1/ss/ss-mp.txt 
     /usr/sbin/ss -iep  >> /alidata1/ss/ss-iep.txt 

     /usr/bin/cat /proc/net/sockstat  >> /alidata1/ss/sockstat
     /usr/bin/cat  /proc/net/snmp >> /alidata1/ss/snmp
     /usr/bin/cat  /proc/net/dev  >> /alidata1/ss/dev
     procN=`/usr/bin/ps -ef |grep tcpdump |grep -v grep|wc -l`
     IP=$(hostname -i)
     echo "$procN---$IP"
     date=$(date +%s)
     if [ $procN -eq 0 ]; then  
       echo 'tcpdump'
       nohup $(/usr/sbin/tcpdump -i eth0 -s 0  -c 8000000   -K -n -w  /alidata1/tcpdump/${IP}_${date}-sniffer.cap) & 
    fi
done

posted @ 2021-08-06 13:49 在半空頫視地球╰☆╮ 阅读(48) 评论(0) 收藏举报

刷新页面返回顶部

Gavin

网络排查

公告