shell监控后端错误日志

  • 过滤出实时产生的日志记录 并通过钉钉告警
#!/usr/bin/env bash

set -x
: ${AWK=awk}
G_esl_business="/usr/local/esl/zk-refactor-esl-business/log/log_error.log"
G_esl_send="/usr/local/esl/zk-refactor-esl-business/log/send.log"
G_old_change_time="/server/scripts/log/old_change_time"
G_old_number1="/server/scripts/log/old_number"
G_host=`hostname`
G_public_network=`curl ifconfig.me`
G_time=`date '+%F %T'`
G_log_file="/server/scripts/log/esl_send_dingding"

#test
#webhook="https://oapi.dingtalk.com/robot/send?access_token="
webhook="https://oapi.dingtalk.com/robot/send?access_token=" 


access_log(){
      printf "[$G_time]: $*\n" >>$G_log_file
}

function SendMsgToDingding() {
    curl $webhook -H 'Content-Type: application/json' -d "
    {
        'msgtype': 'text',
        'text': {
            'content': '\n 系统:HK集群环境-01${G_host}-esl-服务日志的error监控 \n 关键字: 1  \n 主机公网IP: $G_public_network \n 告警时间: $G_time  \n 告警等级: 严重 \n 告警人员: 钉钉机器人 \n 告警详情:esl-服务日志中出现error了!\n 告警日志文件: $G_esl_business \n 日志切割: $cut \n 当前状态: PROBLEM \n ERROR信息:\n $msg '
        },
        'at': {
            'isAtAll': false
        }
    }"
}

function old(){
     #local old_change_time=$(stat $G_esl_business |grep -E "Change|改动"|awk '{print $2,$3}')
     local new_change_time=$(stat $G_esl_business |grep -E "Change|改动"|awk '{print $2,$3}')
      #echo  $old_change_time > $G_old_change_time
     old_time=`cat $G_old_change_time`
     
     if [ "$new_change_time" = "$old_time" ];then
        access_log "[info] File time has not changed"
     else
        #new.time > old.time 
        echo $new_change_time >$G_old_change_time
        access_log "give an alarm"
        lines      
     fi
}

function lines(){
       new_number=`cat $G_esl_business|wc -l`
       local old_number="/server/scripts/log/old_number"
       #echo $new_number >$old_number
       #set old.lines
       G_old_number1=`cat $old_number`
       #echo $old_number1
       # new.lines > old.lines
       if  [ $new_number -gt $G_old_number1 ] 
       then
          cut="未切割"
          \cp $G_esl_business -r $G_esl_send
          sed 's/[[:space:]]//g' -i $G_esl_send
          sed 's/'"'"/'/g' -i $G_esl_send
          access_log "[info] The number of log lines does not want to wait"
          msg=`$AWK  -v var="$G_old_number1" 'NR>var' $G_esl_send`
          echo $new_number > $old_number
          access_log `SendMsgToDingding`
       elif [ $new_number -lt $G_old_number1 ]
       then
            access_log "[info]  cut log files"
            #echo $new_number > $old_number
            old_lines_gt_new_lines
          
       else 
            echo "Does not emit lasers"
       fi          


}

function old_lines_gt_new_lines(){
       #cut log files
       old_lines=$(cat $old_number)
       new_lines=$(wc -l /usr/local/esl/zk-refactor-esl-business/log/log_error.log |awk '{print $1}')

       if [ $old_lines -gt $new_lines ]
       then
          cut="日志切割"
          \cp $G_esl_business -r $G_esl_send
          sed 's/[[:space:]]//g' -i $G_esl_send
          sed 's/'"'"/'/g' -i $G_esl_send                  
          access_log "[info] old > new"
          msg=$(cat $G_esl_send)
          echo $new_lines > /server/scripts/log/old_number
          access_log `SendMsgToDingding`
       fi

}



main(){
  old
}

main "$@"

 

posted @ 2023-07-20 20:16  地铁昌平线  阅读(17)  评论(0编辑  收藏  举报  来源