通過使用zabbix 日志監控 我發現一個問題 例如oracle的日志有報錯的情況 ,通常不會去手動清理 這樣的話當第二次有日志寫進來的時候 zabbix的機制是回去檢查全部日志,這樣的話之前已經告警過的錯誤日志,又會被檢查到,這樣就會出現重復告警,而且zabbix的日志監控只能讀到匹配當前行關鍵字的數據,感覺不太靈活, 比如我想要匹配到的關鍵字之后再當前關鍵字的下N行再去匹配另一個關鍵字這個時候就比較麻煩,在這里給大家推薦一個有效,便捷解決的方式。
通過Python腳本實現日志監控 要求 1 記錄腳本檢查日志位置,避免下次觸發腳本的時候出現重復告警 2 關鍵字匹配支持正則 3 支持多個關鍵字查詢,例如第一個關鍵字匹配到當之后在這個關鍵字的下N行再去匹配第二個關鍵字 具體傳參格式
python3 npar.py /u03/z.txt '(ORA-|REEOR),(04030|02011)' 2
第一個參數是日志路徑 第二個參數是關鍵字 第三個參數為 匹配到第一個表達式這種的關鍵字后再去地 N(2)行去匹配第二個關鍵詞(04030|02011)具體腳本實現如下
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
import osimport syslogtxt = "logtxt.txt"def read_txt(files, start_line): data = []data.append("")with open(str(files) + "", "r", encoding = 'UTF-8') as f: for line in f.readlines(): line = line.strip('\n')# 去掉列表中每一個元素的換行符data.append(line)# 記錄本次的行數wirte_log(len(data) - 1)if len(data) > start_line: return data[start_line - 1: ]else : print("開始行數大于文本文件總行數!")def wirte_log(lines): global logtxtwith open(logtxt, "w") as file: #”w "代表著每次運行都覆蓋內容file.write(str(lines))def read_log(): global logtxtif not os.path.exists(logtxt): with open(logtxt, "w") as file: #”w "代表著每次運行都覆蓋內容file.write(str(1))with open(logtxt + "", "r", encoding = 'UTF-8') as f: s_lines = f.readlines()print("從第" + str(s_lines[0]) + "行開始")return s_lines[0]def deal_read_log(files, keyword, interval_line): keywords = keyword.replace("(", "").replace( ")", "").replace("'", "").replace('"', '"').split(',')start_keywords = keywords[0].split("|")end_keywords = keywords[1].split("|")start_line = read_log()lines_data = read_txt(files, int( start_line))for_line = 1while (for_line < len(lines_data)): #print(for_line)# print(lines_data[for_line])#if end_keywords in lines_data[for_line]: #print(lines_data[for_line])# print("-------------------")# for_line = for_line + 1#else : isexist = 0for sk in start_keywords: if sk in lines_data[for_line]: isexist = 1break;if isexist == 1: #if start_keywords[0] in lines_data[ for_line] or start_keywords[1] in lines_data[for_line]: #當前行有end_keywordsisexist2 = 0for sk in end_keywords: if sk in lines_data[for_line]: isexist2 = 1break;if isexist2 == 1: #print("行數=" + str(start_line - 1 + for_line) + "-" + str(start_line - 1 + for_line))print(lines_data[for_line])else : #當前行沒有end_keywords。 往下interval_line行去尋找# 標記當前行數flag_line = for_linecount = 1for_line = for_line + 1while (for_line < len(lines_data)): isexist3 = 0for sk in end_keywords: if sk in lines_data[for_line]: isexist3 = 1break;if isexist3 == 1: #print("行數=" + str(start_line - 1 + flag_line) + "-" + str(start_line - 1 + for_line))for prin in range(flag_line, for_line + 1): print(lines_data[prin])break;for_line = for_line + 1if count == int(interval_line): break;count = count + 1for_line = for_line - 1for_line = for_line + 1if name == 'main': files = sys.argv[1]if '.log' in files: logtxt = files.replace(".log", "_log.txt")else : logtxt = files.replace(".txt", "_log.txt")# files = "ora.txt"keywords = sys.argv[2]# keywords = "'((04030|04000),ORA-)'"#上下關聯行數interval_line = int(sys.argv[3])# interval_line = 10deal_read_log(files, keywords, interval_line) |
接下來就是添加監控了
在agent的conf 文件里面添加UserParameter
到這里監控就完成了
以上就是本文的全部內容,希望對大家的學習有所幫助,也希望大家多多支持服務器之家。
原文鏈接:https://blog.51cto.com/14483703/2519876
