之前有写过
-
1、shell脚本实现文件自动清理并推送钉钉机器人告警 -
2、【Graylog告警联动篇】部署webhook服务实现自动传参并自动执行shell脚本 在文章中介绍过开源webhook工具,非常适合执行联动动作场景
现通过简单的实践案例介绍shell脚本+webhook实现联动一键联动删除异常大小的文件
具体步骤如下
1、monitor_files_size.sh
脚本内容如下
#!/bin/bash
# 监控目录和文件名
dir_path="/data/logfile"# webhook 地址
webhook_url="https://oapi.dingtalk.com/robot/send?access_token=838eb303c4035b35447b3caaaa486b2ee6b1f4918be28eba07f7b491155652bc"
set_payload_file(){
cat > /opt/payload_result.json << EOF
{
"msgtype": "actionCard",
"actionCard": {
"title":"日志文件大小异常告警",
"text":"
##### Linux服务器的日志文件大小异常告警 n
> ##### <font color=#67C23A> 【文件路径】</font> :<font color=#FF0000> template1 </font> n
> ##### <font color=#67C23A> 【文件大小】</font> :<font color=#FF0000> template2,请及时关注并排查</font> n
"
}
}
EOF
cat > /opt/fileDelete_request.json << EOF
{
"msgtype": "actionCard",
"actionCard": {
"title":"是否删除大小异常的文件",
"text":"
##### 请确认是否删除大小异常的文件 n
> ##### <font color=#FF0000> 待删除的文件路径:template1 </font> n
> ##### <font color=#FF0000> 说明:删除操作请务必谨慎! </font> n
",
"btnOrientation": "1",
"btns": [
{
"title": "同意删除",
"actionURL": "http://192.168.31.20:9090/hooks/fileDelete?filepath=tempFile"
},
{
"title": "忽略",
"actionURL": "https://www.baidu.com"
}
]
}
}
EOF
}
scan_file(){
for file in $dir_path/*; do
if [[ -f "$file" ]]; then
# 获取文件大小(单位:字节)
file_size=$(stat -c "%s" "$file")
file_size_mb=$((file_size/(1024*1024)))
# 判断文件大小是否超过 500MB
if (( $file_size > 524288000 )); then
# 发送告警到 webhook 机器人
message1="File:${file}"
message2="(${file_size_mb} MB),超过了500MB"
message3="${file}"
set_payload_file
sed -i "s^template1^$message1^g" /opt/payload_result.json
sed -i "s^template2^$message2^g" /opt/payload_result.json
sed -i "s^template1^$message3^g" /opt/fileDelete_request.json
sed -i "s^tempFile^$message3^g" /opt/fileDelete_request.json
response1=$(curl -sS -H "Content-Type: application/json" -X POST -d @/opt/payload_result.json "${webhook_url}")
if [ $? -eq 0 ]; then
echo "Alert sent successfully"
else
echo "Failed to send alert: ${response1}"
fi
response2=$(curl -sS -H "Content-Type: application/json" -X POST -d @/opt/fileDelete_request.json "${webhook_url}")
if [ $? -eq 0 ]; then
echo "Alert sent successfully"
else
echo "Failed to send alert: ${response2}"
fi
fi
fi
done
}
scan_file
2、定时任务
[root@almalinux opt]# crontab -e
添加如下行
*/1 * * * * /opt/monitor_files_size.sh
3、配置webhook
mkdir /opt/webhook
上传webhook文件
mkdir /opt/webhook/logs
vim /opt/webhook/hooks.json
添加如下内容
[
{
"id": "fileDelete",
"execute-command" : "/opt/fileDelete_bydingdingclick.sh",
"include-command-output-in-response": true,
"incoming-payload-content-type": "application/json",
"pass-arguments-to-command":
[
{
"source":"url",
"name":"filepath"
}
]
}
]
4、设置webhook的systemd服务文件
vim /etc/systemd/system/webhook.service
[Unit]
Description=Webhooks[Service]
ExecStart=/opt/webhook/webhook -port 9090 --verbose -hooks /opt/webhook/hooks.json -hotreload -logfile /opt/webhook/logs/webhook.log
[Install]
WantedBy=multi-user.target
然后
systemctl enable webhook.service
systemctl start webhook.service
firewall-cmd --permanent --zone=public --add-port=9090/tcp
firewall-cmd --reload
5、编写删除脚本
/opt/fileDelete_bydingdingclick.sh
#!/bin/bash
filePath=$1
LOCK=/data/largefiledelete_record.log
echo "================= File Delete Record Start===============================" >> ${LOCK} 2>&1
echo "================= File Delete Record Start==============================="
echo "删除日期:" >> ${LOCK} 2>&1
echo "删除日期:"
echo `date '+%Y-%m-%d_%T'` >> ${LOCK} 2>&1
echo `date '+%Y-%m-%d_%T'`
# 检查文件是否存在
if [ ! -f "$filePath" ]; then
# 文件不存在
echo "文件文件不存在:$filePath" >> ${LOCK} 2>&1
echo "文件文件不存在:$filePath"
else
echo "删除文件的路径:" >> ${LOCK} 2>&1
echo "删除文件的路径:"
echo $filePath >> ${LOCK} 2>&1
echo $filePath
rm -rf $filePath >> ${LOCK} 2>&1
fi
echo "================= File Delete Record END===============================" >> ${LOCK} 2>&1
echo "================= File Delete Record END==============================="
6、测试效果
记得shell添加执行权限
chmod a+x /opt/fileDelete_bydingdingclick.sh
chmod a+x /opt/monitor_files_size.sh
例如创建一个大于500M的测试文件 最后的效果如下 告警推送消息如下
点击同意删除进行联动删除的效果如下
Tips
-
1、webhook链接为内网地址,建议手机连入远程VPN后,即可进行手机钉钉一键联动删除 -
2、删除的脚本写得比较粗略,可以自行优化
原文始发于微信公众号(WalkingCloud):shell脚本+webhook实现联动一键联动删除异常大小的文件
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论