您好,登录后才能下订单哦!
密码登录
登录注册
点击 登录注册 即表示同意《亿速云用户服务条款》
今天检查系统日志发现有,日志中都是以下格式的日志:
Apr 22 09:26:26 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=14006 duration=0(sec)
Apr 22 09:26:27 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=14316 duration=1(sec)
Apr 22 09:26:27 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=14323 duration=1(sec)
Apr 22 09:26:27 jsmapp4 xinetd[3158]: START: nrpe pid=15937 from=::ffff:192.168.1.60
Apr 22 09:26:27 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=15937 duration=0(sec)
Apr 22 09:27:19 jsmapp4 pptp[27991]: anon log[logecho:pptp_ctrl.c:677]: Echo Reply received.
Apr 22 09:27:26 jsmapp4 xinetd[3158]: START: nrpe pid=7318 from=::ffff:192.168.1.60
Apr 22 09:27:26 jsmapp4 xinetd[3158]: START: nrpe pid=7327 from=::ffff:192.168.1.60
Apr 22 09:27:26 jsmapp4 xinetd[3158]: START: nrpe pid=7332 from=::ffff:192.168.1.60
Apr 22 09:27:26 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=7318 duration=0(sec)
Apr 22 09:27:26 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=7327 duration=0(sec)
Apr 22 09:27:26 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=7332 duration=0(sec)
Apr 22 09:27:26 jsmapp4 xinetd[3158]: START: nrpe pid=7652 from=::ffff:192.168.1.60
Apr 22 09:27:26 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=7652 duration=0(sec)
Apr 22 09:27:27 jsmapp4 xinetd[3158]: START: nrpe pid=8952 from=::ffff:192.168.1.60
Apr 22 09:27:27 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=8952 duration=0(sec)
通过分析以上日志发现:
xinetd是新一代的网络守护进程服务程序,又叫超级Internet服务器,常用来管理多种轻量级Internet服务。
这个进程来自于192.168.1.60这个ip,明显是内网ip,以前没有发现这个问题,奇怪。
去60这台服务器查看发现,有nagios警告的日志:
Apr 22 09:50:02 jsmbak1 nagios: Warning: The check of host 'jsmapp1' looks like it was orphaned (results never came back). I'm scheduling an immediate check of the host...
Apr 22 09:50:24 jsmbak1 nagios: Warning: The check of service 'check_mem' on host 'jsmapp4' looks like it was orphaned (results never came back). I'm scheduling an immediate check of the service...
Apr 22 09:51:02 jsmbak1 nagios: Warning: The check of service 'Current Load' on host 'Nagios-Server' looks like it was orphaned (results never came back). I'm scheduling an immediate check of the service...
Apr 22 09:51:02 jsmbak1 nagios: Warning: The check of service 'SSH' on host 'Nagios-Server' looks like it was orphaned (results never came back). I'm scheduling an immediate check of the service...
Apr 22 09:51:02 jsmbak1 nagios: Warning: The check of service 'Total Processes' on host 'Nagios-Server' looks like it was orphaned (results never came back). I'm scheduling an immediate check of the service...
Apr 22 09:51:02 jsmbak1 nagios: Warning: The check of service 'HTTP' on host 'jsmapp2' looks like it was orphaned (results never came back). I'm scheduling an immediate check of the service...
Apr 22 09:51:02 jsmbak1 nagios: Warning: The check of service 'HTTP' on host 'jsmapp3' looks like it was orphaned (results never came back). I'm scheduling an immediate check of the service...
Apr 22 09:51:46 jsmbak1 xinetd[16796]: START: nrpe pid=17625 from=::ffff:127.0.0.1
Apr 22 09:51:46 jsmbak1 xinetd[16796]: EXIT: nrpe status=0 pid=17625 duration=0(sec)
Apr 22 09:52:50 jsmbak1 xinetd[16796]: START: nrpe pid=17890 from=::ffff:127.0.0.1
Apr 22 09:52:50 jsmbak1 xinetd[16796]: EXIT: nrpe status=0 pid=17890 duration=0(sec)
Nagios是一款开源的免费网络监视工具,能有效监控Windows、Linux和Unix的主机状态、交换机、路由器等网络设置,打印机等。
Nagios 可以监控的功能有:
1、监控网络服务(SMTP、POP3、HTTP、NNTP、PING等);
2、监控主机资源(处理器负荷、磁盘利用率等);
3、简单地插件设计使得用户可以方便地扩展自己服务的检测方法;
4、并行服务检查机制;
5、具备定义网络分层结构的能力,用"parent"主机定义来表达网络主机间的关系,这种关系可被用来发现和明晰主机宕机或不可达状态;
6、当服务或主机问题产生与解决时将告警发送给联系人(通过EMail、短信、用户定义方式);
7、具备定义事件句柄功能,它可以在主机或服务的事件发生时获取更多问题定位;
8、自动的日志回滚;
9、可以支持并实现对主机的冗余监控;
10、可选的WEB界面用于查看当前的网络状态、通知和故障历史、日志文件等;
查看nagios进程发现,有多个进程
[root@jsmbak1 ~]# ps -ef|grep "bin/nagios"
root 4913 4095 0 11:12 pts/2 00:00:00 grep bin/nagios
nagios 5146 1 0 Feb18 ? 01:12:40 /usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg
nagios 5286 1 0 Feb19 ? 01:15:13 /usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg
nagios 9767 1 0 Feb18 ? 01:13:52 /usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg
使用[nagios@jsmbak1 ~]$ killall nagios,杀掉所有nagios,然后重启
/usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg
如果想停止nrpe服务在xinetd下的日志输出
修改配置文件,禁用成功状态下的日志
[root@jsmapp3 tomcat]# vi /etc/xinetd.conf
# Define general logging characteristics.
log_type = SYSLOG daemon info
log_on_failure = HOST
# log_on_success = PID HOST DURATION EXIT
重新服务xinetd后再次查看日志,不再出现nrpe相关日志
[root@jsmapp3 tomcat]# service xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。