9个运维最常用的脚本整理（经典版本）

　　Dos攻击防范（自动屏蔽攻击IP）！binbashDATE（datedbY：H：M）LOGFILEusrlocalnginxlogsdemo2。access。logABNORMALIP（tailn5000LOGFILEgrepDATEawk｛a〔1〕｝END｛for（iina）if（a〔i〕10）printi｝）forIPinABNORMALIP；doif〔（iptablesvnLgrepcIP）eq0〕；theniptablesIINPUTsIPjDROPecho（dateFT）IPtmpdropip。logfidoneLinux系统发送告警脚本yuminstallmailxvietcmail。rcsetfrombaojingtongzhi163。comsmtpsmtp。163。comsetsmtpauthuserbaojingtongzhi163。comsmtpauthpassword123456setsmtpauthloginMySQL数据库备份单循环！binbashDATE（dateFHMS）HOSTlocalhostUSERbackupPASS123。comBACKUPDIRdatadbbackupDBLIST（mysqlhHOSTuUSERpPASS2devnullegrepvDatabaseinformationschemamysqlperformanceschemasys）forDBinDBLIST；doBACKUPNAMEBACKUPDIR｛DB｝｛DATE｝。sqlif！mysqldumphHOSTuUSERpPASSBDBBACKUPNAME2thenechoBACKUPNAME备份失败！fidoneMySQL数据库备份多循环！binbashDATE（dateFHMS）HOSTlocalhostUSERbackupPASS123。comBACKUPDIRdatadbbackupDBLIST（mysqlhHOSTuUSERpPASS2devnullegrepvDatabaseinformationschemamysqlperformanceschemasys）forDBinDBLIST；doBACKUPDBDIRBACKUPDIR｛DB｝｛DATE｝〔！dBACKUPDBDIR〕mkdirpBACKUPDBDIRdevnullTABLELIST（mysqlhHOSTuUSERpPASSseuseDB；2devnull）forTABLEinTABLELIST；doBACKUPNAMEBACKUPDBDIR｛TABLE｝。sqlif！mysqldumphHOSTuUSERpPASSDBTABLEBACKUPNAME2thenechoBACKUPNAME备份失败！fidonedoneNginx访问访问日志按天切割！binbashLOGDIRusrlocalnginxlogsYESTERDAYTIME（datedyesterdayF）LOGMONTHDIRLOGDIR（dateYm）LOGFILELISTdefault。access。logforLOGFILEinLOGFILELIST；do〔！dLOGMONTHDIR〕mkdirpLOGMONTHDIRmvLOGDIRLOGFILELOGMONTHDIR｛LOGFILE｝｛YESTERDAYTIME｝donekillUSR1（catvarrunnginx。pid）Nginx访问日志分析脚本！binbash日志格式：remoteaddrremoteuser〔timelocal〕requeststatusbodybytessenthttprefererhttpuseragenthttpxforwardedforLOGFILE1echo统计访问最多的10个IPawk｛a〔1〕｝END｛printUV：，length（a）；for（vina）printv，a〔v〕｝LOGFILEsortk2nrhead10echoecho统计时间段访问最多的IPawk4〔01Dec2018：13：20：254〔27Nov2018：16：20：49｛a〔1〕｝END｛for（vina）printv，a〔v〕｝LOGFILEsortk2nrhead10echoecho统计访问最多的10个页面awk｛a〔7〕｝END｛printPV：，length（a）；for（vina）｛if（a〔v〕10）printv，a〔v〕｝｝LOGFILEsortk2nrechoecho统计访问页面状态码数量awk｛a〔79〕｝END｛for（vina）｛if（a〔v〕5）printv，a〔v〕｝｝查看网卡实时流量脚本！binbashNIC1echoeInOdoOLDIN（awk0NIC｛print2｝procnetdev）OLDOUT（awk0NIC｛print10｝procnetdev）sleep1NEWIN（awk0NIC｛print2｝procnetdev）NEWOUT（awk0NIC｛print10｝procnetdev）IN（printf。1fs（（（NEWINOLDIN）1024））KBs）OUT（printf。1fs（（（NEWOUTOLDOUT）1024））KBs）echoINOUTsleep1done服务器系统配置初始化脚本binbash设置时区并同步时间lnsusrsharezoneinfoAsiaShanghaietclocaltimeif！then（echo1ntpdatetime。windows。comdevnull21；crontabl）crontabfi禁用selinuxsediSELINUX｛spermissivedisabled｝etcselinuxconfig关闭防火墙ifegrep7。〔09〕thensystemctlstopfirewalldsystemctldisablefirewalldelifegrep6。〔09〕thenserviceiptablesstopchkconfigiptablesofffiahrefhttps：www。q578。coml140targetblankclassinfotextkey历史a命令显示操作时间if！grepHISTTIMEFORMATthenechoexportHISTTIMEFORMATFTwhoamietcbashrcfiSSH超时时间if！grepTMOUT600thenechoexportTMOUT600etcprofilefi禁止root远程登录sedisPermitRootLoginyesPermitRootLoginnoetcsshsshdconfig禁止定时任务向发送邮件sedisMAILTOrootMAILTOetccrontab设置最大打开文件数if！grepsoftnofile65535etcsecuritylimits。thencatetcsecuritylimits。confEOFsoftnofile65535hardnofile65535EOFfi系统内核优化catetcsysctl。confEOFnet。ipv4。tcpsyncookies1net。ipv4。tcpmaxtwbuckets20480net。ipv4。tcpmaxsynbacklog20480net。core。netdevmaxbacklog262144net。ipv4。tcpfintimeout20EOF减少SWAP使用echo0procsysvmswappiness安装系统性能分析工具及其他yuminstallgccmakeautoconfvimsysstatnettoolsiostatif监控100台服务器磁盘利用率脚本！binbashHOSTINFOhost。infoforIPin（awk〔〕｛print1｝HOSTINFO）；doUSER（awkvipIPip1｛print2｝HOSTINFO）PORT（awkvipIPip1｛print3｝HOSTINFO）TMPFILEtmpdisk。tmpsshpPORTUSERIPdfhTMPFILEUSERATELIST（awkBEGIN｛OFS｝dev｛printNF，int（5）｝TMPFILE）forUSERATEinUSERATELIST；doPARTNAME｛USERATE｝USERATE｛USERATE｝if〔USERATEge80〕；thenechoWarning：PARTNAMEPartitionusageUSERATE！fidonedone