# 編寫巡檢腳本
vi /opt/linux_inspection.sh

#!/bin/bash

# Linux 一鍵巡檢腳本
# 作者: liyb
# 生成時(shí)間: $(date)

LOG_FILE="/opt/巡檢報(bào)告_$(date +%F_%T).log"

# 初始化日志文件
echo"系統(tǒng)巡檢報(bào)告" > $LOG_FILE
echo"生成時(shí)間: $(date)" >> $LOG_FILE


# 輸出函數(shù)
log() {
    echo"$1" | tee -a $LOG_FILE
}

log""
log""
log"======================[1] 系統(tǒng)基本信息========================"
log"主機(jī)名: $(hostname)"
log"IP地址: $(hostname -I | cut -d' ' -f1)"
log"操作系統(tǒng): $(cat /etc/os-release | grep PRETTY_NAME | cut -d= -f2 | tr -d '\"')"
log"內(nèi)核版本: $(uname -r)"
log"啟動(dòng)時(shí)間: $(uptime -s)"
log"運(yùn)行時(shí)長(zhǎng): $(uptime -p)"
log"系統(tǒng)負(fù)載: $(uptime | awk -F'load average:' '{print $2}')"
log"當(dāng)前時(shí)間: $(date)"
log""

log"======================[2] CPU 信息==========================:"
log"CPU 型號(hào): $(lscpu | grep 'Model name' | awk -F: '{print $2}' | sed 's/^ *//')"
log"邏輯CPU核數(shù):  $(grep "processor" /proc/cpuinfo|sort -u|wc -l)"
log"物理CPU核數(shù):  $(grep "physical id" /proc/cpuinfo |sort -u|wc -l)"
log"CPU 使用率: $(top -bn1 | grep '%Cpu' | awk '{print $2}')%"
log""

log"======================[3] 內(nèi)存使用情況=========================="
free -h | tee -a $LOG_FILE
log"總共內(nèi)存:  $(free -mh|awk "NR==2"|awk '{print $2}')"
log"使用內(nèi)存: $(free -mh|awk "NR==2"|awk '{print $3}')"
log"剩余內(nèi)存: $(free -mh|awk "NR==2"|awk '{print $7}')"
log"內(nèi)存使用占比:  $(free | grep -i mem |awk '{print $6/$2*100}'|cut -c1-5)"
log""

log"======================[4] 磁盤使用情況=========================="
df -hT | tee -a $LOG_FILE
log""

log"======================[5] 網(wǎng)絡(luò)配置和連接=========================="
log"IP 地址: $(hostname -I)"
log"默認(rèn)網(wǎng)關(guān): $(ip route | grep default | awk '{print $3}')"
log"網(wǎng)絡(luò)接口狀態(tài):"
ifconfig  | tee -a $LOG_FILE
log""

log"網(wǎng)絡(luò)連接狀態(tài):"
ss -tunlp | tee -a $LOG_FILE
log""

log"======================[6] 服務(wù)狀態(tài)檢查=========================="

log"檢查特定服務(wù)狀態(tài) (Firewalld，SSH，Nginx,，Apache,，MySQL):"
for service in firewalld sshd nginx apache2 mysqld; do
    if systemctl is-active --quiet $service; then
        log"$service 服務(wù)狀態(tài): 正在運(yùn)行"
    else
        log"$service 服務(wù)狀態(tài): 未運(yùn)行"
    fi
done
log""

log"========================[7] 安全檢查============================"
log"SSH 配置:"
grep -E "^#?PermitRootLogin|^#?PasswordAuthentication" /etc/ssh/sshd_config | tee -a $LOG_FILE
log""


log"系統(tǒng)用戶:"
awk -F: '{if ($3 >= 1000) print $1}' /etc/passwd | tee -a $LOG_FILE
log""


log"========================[8] 登錄記錄============================"
log"當(dāng)前登錄用戶:"
who | tee -a $LOG_FILE
log""

log"最近登錄記錄:"
last -a | head -10 | tee -a $LOG_FILE
log""

log"========================[9] 系統(tǒng)日志檢查============================"
log"登錄失敗日志:"
grep "Failed password" /var/log/auth.log | tail -10 | tee -a $LOG_FILE || log"未檢測(cè)到 auth.log 文件"
log""

log"檢查系統(tǒng)重啟記錄:"
last reboot | head -5 | tee -a $LOG_FILE
log""


log"========================[10] 性能分析============================"
log"內(nèi)存占用排行前5:"
ps aux --sort=-%mem | head -6 | tee -a $LOG_FILE
log""

log"CPU 占用排行前5:"
ps aux --sort=-%cpu | head -6 | tee -a $LOG_FILE
log""


log"=============================巡檢完成============================"
log"巡檢報(bào)告生成完成，保存路徑: $LOG_FILE"
log"請(qǐng)根據(jù)巡檢內(nèi)容檢查系統(tǒng)狀態(tài)！"
log""

# 給腳本添加權(quán)限
chmod +x linux_inspection.sh

# 運(yùn)行腳本
./linux_inspection.sh

# 也可以直接執(zhí)行
sh /opt/linux_inspection.sh

less  /opt/巡檢報(bào)告_2025-01-10_12:41:26.log

crontab -e

0 8 * * * /bin/sh /opt/linux_inspection.sh