具体需求:
1. 由于自主开发的XmZoomEye-Agent目前被动监控为主,为了实现Zabbix Low-Level Discovery服务自主发现,需要根据进程名自动获取占用端口列表,并根据端口分析上报数据
实现思路:
1. 利用psutil模块通过进程名获取进程id列表
2. 遍历/proc/net/tcp文件获取rem_address为00000000:0000的列,将第九列的socket_id和它以集合形式的字典存储去重
3. 利用获取到的pid列表和socket_id集合字典生成端口集合
4. 尝试连接端口获取动态数据上报
具体代码:
#!/usr/bin/env python
# -*- coding: utf-8 -*-
"""
#
# Authors: limanman
# OsChina: http://xmdevops.blog.51cto.com/
# Purpose:
#
"""
# 说明: 导入公共模块
import os
import re
import psutil
# 说明: 导入其它模块
# 说明: 获取进程
def pidof_processname(srvname):
pids = []
for pid in psutil.process_iter():
if pid.name() == srvname:
pids.append(str(pid.pid))
return pids
# 说明: 套接端口
def socks_with_ports():
sockets = {}
with open(‘/proc/net/tcp‘, ‘r+b‘) as fd:
for curline in fd:
sepline = curline.split()
if sepline[2] != ‘00000000:0000‘:
continue
key = sepline[9]
addr, port = sepline[1].split(‘:‘)
if key not in sockets:
sockets[key] = set()
sockets[key].add(int(port, 16))
return sockets
# 说明: 获取端口
def analysis_sockports(pids, socks):
sock_ports = set()
for pid in pids:
fd_path = os.path.join(os.path.join(‘/proc‘, pid), ‘fd‘)
for rlink in os.listdir(fd_path):
rpath = os.path.join(fd_path, rlink)
if not os.path.exists(rpath):
continue
vlink = os.readlink(rpath)
if not vlink.startswith(‘socket:‘):
continue
match = re.search(r‘(?<=socket:\[)([0-9]+)(?=\])‘, vlink)
if not match:
continue
addr = match.group(1)
if addr in socks:
sock_ports.update(socks[addr])
return sock_ports
def service_redis_running_status(add_data=None):
srv_name = ‘redis-server‘
pids = pidof_processname(srv_name)
socks = socks_with_ports()
ports = analysis_sockports(pids, socks)
return ‘service: %s -> port: ‘ % srv_name, ports
if __name__ == ‘__main__‘:
import pprint
pprint.pprint(service_redis_running_status())
有图有相:
时间: 2024-08-03 09:29:20