호스팅 TIP > 리눅스 > Log

호스팅 TIP

보안

시스템

프로그래밍

리눅스

월간 인기 게시물

	게시물 1,378건

Log_monitoring.sh

글쓴이 : 최고관리자 날짜 : 2025-01-07 (화) 11:46 조회 : 16

글주소 :

#!/bin/bash

# Telegram API 정보

BOT_TOKEN="XXXXXXXXXXXXXXX"

CHAT_IDS=("9XXXXX" "516XXXXX")

# 키워드 설정 (콤마로 구분)

KEYWORDS=("i/o error" \

"ovs is dead" \

"reset adapter" \

"segfault at" \

"Instance rollback" \

"Adapter removed" \

"exception Emask" \

"Switch connection timeout" \

"The process should not have died" \

"unable to handle page fault for address" \

"unable to handle kernel NULL pointe" \

"timeout policy" \

"OVS is down" \

"Out of memory" \

"Killed process" \

"Failed to communicate with the switch" \

"neighbor table overflow!" \

"IO_PAGE_FAULT" \

"protection fault" \

"failed to assign" \

"database was removed" \

"can't for" )

# 로그 파일 경로

LOG_FILE="/var/log/syslog"

# 중복 알림 제한 시간(초)

ALERT_INTERVAL=30

# 임시 파일 경로 (키워드별 알림 상태 저장)

TEMP_FILE="/tmp/telegram_alert_keywords.tmp"

# Telegram 메시지 전송 함수

send_telegram_message() {

local message="$1"

for chat_id in "${CHAT_IDS[@]}"; do

curl -s -X POST "https://api.telegram.org/bot${BOT_TOKEN}/sendMessage" \

-d chat_id="${chat_id}" \

-d text="${message}" > /dev/null

done

}

# 중복 메시지 제한 함수

should_send_alert() {

local message="$1"

local current_time

current_time=$(date +%s)

if [ ! -f "$TEMP_FILE" ]; then

touch "$TEMP_FILE"

# 메시지별 시간 확인

if grep -qF "$message" "$TEMP_FILE"; then

last_sent_time=$(grep -F "$message" "$TEMP_FILE" | awk '{print $1}')

if (( current_time - last_sent_time < ALERT_INTERVAL )); then

return 1 # 제한 시간 내

else

# 제한 시간 초과, 갱신

sed -i "/$message/d" "$TEMP_FILE"

# 새 기록 추가

echo "$current_time $message" >> "$TEMP_FILE"

return 0 # 알림 전송 가능

}

# 로그 파일 모니터링

for sentence in "${KEYWORDS[@]}"; do

if [[ "$line" == *"$sentence"* ]]; then

if should_send_alert "$sentence"; then

message="[`hostname`] $line"

send_telegram_message "$message"

break

done

# ln -sf /etc/init.d/logmon /etc/rc3.d/S01logmon

# service enable logmon

# cat > /etc/init.d/logmon
#!/bin/bash SERVICE_NAME="LogMonService"
COMMAND="/root/interval_test_logalarm.sh"
LOG_FILE="/var/log/${SERVICE_NAME}.log"
PID_FILE="/var/run/${SERVICE_NAME}.pid" start() {
if [ -f "$PID_FILE" ] && kill -0 "$(cat "$PID_FILE")" > /dev/null 2>&1; then
echo "$SERVICE_NAME is already running with PID $(cat "$PID_FILE")."
exit 1
fi echo "Starting $SERVICE_NAME..."
nohup $COMMAND > "$LOG_FILE" 2>&1 &
echo $! > "$PID_FILE"
echo "$SERVICE_NAME started with PID $(cat "$PID_FILE")."
} stop() {
if [ -f "$PID_FILE" ] && kill -0 "$(cat "$PID_FILE")" > /dev/null 2>&1; then
echo "Stopping $SERVICE_NAME..."
#kill "$(cat "$PID_FILE")"
kill -9 $(ps aux |grep interval |grep -v grep |awk '{print $2}')
rm -f "$PID_FILE"
echo "$SERVICE_NAME stopped."
else
echo "$SERVICE_NAME is not running."
fi
} status() {
if [ -f "$PID_FILE" ] && kill -0 "$(cat "$PID_FILE")" > /dev/null 2>&1; then
echo "$SERVICE_NAME is running with PID $(cat "$PID_FILE")."
else
echo "$SERVICE_NAME is not running."
fi
} restart() {
stop
sleep 1
start
} case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
status)
status
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
;;
esac