Linux 服务器巡检 - 榕贵软件

https://mp.weixin.qq.com/s/r6zcjdSo8wdpPantaCL80Q
在服务器终端直接复制并执行以下命令（会自动创建/覆盖 syscheck.sh 文件，并写入完整脚本内容）：
cat > syscheck.sh << 'EOF'
#!/bin/bash
# ================ 一键 Linux 服务器运维巡检脚本（终极完整版）================
# 使用方式：chmod +x syscheck.sh && sudo ./syscheck.sh
# 支持：Ubuntu/Debian/CentOS/RHEL/Rocky/AlmaLinux 等
# 作者：虚拟化时代君   日期：2026-01-01
# ===========================================================================

# 自动检测终端是否支持颜色（避免乱码）
if [ -t 1 ] && [ "$(tput colors 2>/dev/null || echo 0)" -ge 8 ]; then
    RED="\033[91m"
    GREEN="\033[92m"
    YELLOW="\033[93m"
    BLUE="\033[94m"
    PURPLE="\033[95m"
    CYAN="\033[96m"
    BOLD="\033[1m"
    NC="\033[0m"
else
    RED=""; GREEN=""; YELLOW=""; BLUE=""; PURPLE=""; CYAN=""; BOLD=""; NC=""
fi

print_title() {
    echo -e "${BLUE}${BOLD}════════════════════════════════════════════════════════════${NC}"
    echo -e "${PURPLE}${BOLD}                  $1${NC}"
    echo -e "${BLUE}${BOLD}════════════════════════════════════════════════════════════${NC}"
    echo
}

print_section() {
    echo -e "${CYAN}${BOLD}▶ $1${NC}"
    echo
}

print_status() {
    case "$1" in
        ok) echo -e "${GREEN}✓ $2${NC}" ;;
        warn) echo -e "${YELLOW}⚠ $2${NC}" ;;
        error) echo -e "${RED}✗ $2${NC}" ;;
        info) echo -e "${CYAN}ℹ $2${NC}" ;;
        *) echo "  $2" ;;
    esac
}

print_success() {
    echo -e "${GREEN}${BOLD}✓ $1${NC}"
}

clear
print_title "一键 Linux 服务器运维巡检脚本"
echo -e "${GREEN}开始时间：$(date '+%Y-%m-%d %H:%M:%S')${NC}\n"

# 系统基本信息
print_title "系统基本信息"
[ -f /etc/os-release ] && . /etc/os-release
print_status info "系统版本   : ${PRETTY_NAME:-未知}"
print_status info "主机名     : $(hostname)"
print_status info "内核版本   : $(uname -r)"
print_status info "运行时间   : $(uptime -p)"
print_status info "平均负载   : $(uptime | awk -F'load average:' '{print $2}')"
print_status info "CPU 型号   : $(grep 'model name' /proc/cpuinfo | head -1 | cut -d: -f2 | xargs)"
print_status info "内存信息   : $(free -h | awk '/Mem/{print "总 "$2" | 已用 "$3" | 可用 "$4}')"

print_section "Swap 使用情况"
free -h | awk '/Swap/{print "   总: "$2"  已用: "$3"  可用: "$4}'
swap_used=$(free -m | awk '/Swap/{print $3}' 2>/dev/null || echo 0)
[ "$swap_used" -gt 500 ] && print_status warn "Swap 使用较多（${swap_used}MB），建议优化内存"

print_section "磁盘分区使用情况"
df -hT | grep -vE 'tmpfs|cdrom|loop' | while read fs type size used avail use mount; do
    usage=$(echo "$use" | tr -d '%')
    if (( usage > 90 )); then
        print_status error "$mount 分区严重告急：${usage}%"
    elif (( usage > 80 )); then
        print_status warn "$mount 分区使用率高：${usage}%"
    else
        print_status ok "$mount ($type) : ${usage}% 已用"
    fi
done

print_section "最近重启记录"
last -x -n 3 reboot shutdown 2>/dev/null | head -n 3 || print_status info "无重启记录"
echo

# 常用工具补齐
print_title "常用运维工具补齐"
TOOLS=(htop iotop ncdu lsof tree vim curl wget net-tools psmisc iftop strace)

if command -v apt >/dev/null 2>&1; then
    PKG_MANAGER="apt"
    sudo apt update -qq >/dev/null 2>&1
    sudo apt install -y debsecan "${TOOLS[@]}" >/dev/null 2>&1
elif command -v dnf >/dev/null 2>&1; then
    PKG_MANAGER="dnf"
    sudo dnf makecache >/dev/null 2>&1
    sudo dnf install -y "${TOOLS[@]}" >/dev/null 2>&1
elif command -v yum >/dev/null 2>&1; then
    PKG_MANAGER="yum"
    sudo yum makecache >/dev/null 2>&1
    sudo yum install -y "${TOOLS[@]}" >/dev/null 2>&1
else
    print_status warn "不支持的包管理器，跳过工具安装"
    PKG_MANAGER=""
fi

print_section "已补齐的常用工具"
cat << 'TOOLS_LIST'
htop        - 交互式进程查看器
iotop       - 磁盘 I/O 监控
ncdu        - 磁盘占用分析神器
lsof        - 查看打开文件
tree        - 目录树查看
vim         - 强大编辑器
curl/wget   - 网络下载工具
net-tools   - ifconfig/netstat 等
psmisc      - killall/pstree 等
iftop       - 带宽实时监控
strace      - 系统调用追踪
TOOLS_LIST
print_success "所有工具已检查并自动补齐"
echo

# 磁盘空间分析
print_title "磁盘空间分析与清理建议"
print_section "查找 /var 下大于 500MB 的大文件"
if sudo find /var -type f -size +500M 2>/dev/null | grep -q .; then
    sudo find /var -type f -size +500M -exec du -h {} \; 2>/dev/null | sort -hr | head -10 | while read size file; do
        echo -e "   ${YELLOW}$size${NC} → $file"
    done
else
    print_status ok "未发现大于 500MB 的大文件"
fi

print_section "推荐清理命令"
cat << 'CMD_LIST'
sudo journalctl --vacuum-time=30d
sudo find /tmp -type f -atime +7 -delete
CMD_LIST
[ "$PKG_MANAGER" = "apt" ] && echo "sudo apt autoremove -y && sudo apt autoclean -y"
[ -n "$PKG_MANAGER" ] && echo "sudo $PKG_MANAGER autoremove -y && sudo $PKG_MANAGER clean all"
echo

# 安全补丁检查
print_title "安全补丁检查"
if [ "$PKG_MANAGER" = "apt" ]; then
    count=$(apt list --upgradable 2>/dev/null | grep -c "/" || echo 0)
    [ "$count" -gt 0 ] && print_status warn "发现 $count 个可升级包" && apt list --upgradable 2>/dev/null | head -10 || print_status ok "系统已是最新"
else
    count=$(sudo $PKG_MANAGER updateinfo list security 2>/dev/null | grep -c "security" || echo 0)
    [ "$count" -gt 0 ] && print_status warn "发现 $count 个安全补丁" && sudo $PKG_MANAGER updateinfo list security | head -10 || print_status ok "无安全补丁"
fi
echo

# CVE漏洞检测
print_title "系统已知CVE漏洞检测"
print_section "正在扫描所有软件包..."
VULN_FOUND=false
if [ "$PKG_MANAGER" = "apt" ] && command -v debsecan >/dev/null 2>&1; then
    if sudo debsecan --format detail 2>/dev/null | grep -q "CVE"; then
        VULN_FOUND=true
        echo -e "${RED}${BOLD}发现CVE漏洞：${NC}"
        sudo debsecan --format packages | while read pkg suite urgency remote cve; do
            [[ "$urgency" =~ critical|high ]] && echo -e "${RED}高危 → 包: $pkg | CVE: $cve${NC}" || echo "   包: $pkg | CVE: $cve"
        done
    else
        print_status ok "未发现CVE漏洞"
    fi
else
    if sudo $PKG_MANAGER updateinfo list security all 2>/dev/null | grep -q "security"; then
        VULN_FOUND=true
        echo -e "${RED}${BOLD}发现安全漏洞：${NC}"
        sudo $PKG_MANAGER updateinfo list security all | grep "security" | while read line; do
            pkg=$(echo "$line" | awk '{print $NF}')
            advisory=$(echo "$line" | awk '{print $2}')
            severity=$(echo "$line" | awk '{print $3}')
            [[ "$severity" =~ Critical|Important ]] && echo -e "${RED}高危 → 包: $pkg | 通告: $advisory${NC}" || echo "   包: $pkg | 通告: $advisory"
        done
    else
        print_status ok "未发现已知漏洞"
    fi
fi
[ "$VULN_FOUND" = false ] && print_success "恭喜！系统无已知CVE漏洞"
echo

# 网络端口
print_title "当前网络监听端口"
sudo ss -tulnp | head -20 || print_status info "无法获取端口信息"
echo

# 高占用进程
print_title "高占用进程 Top 10"
print_section "CPU 占用最高"
ps -eo pid,user,%cpu,cmd --sort=-%cpu | head -10
print_section "内存占用最高"
ps -eo pid,user,%mem,cmd --sort=-%mem | head -10
print_section "Zombie 进程检查"
zcount=$(ps axo stat,ppid,pid,cmd | grep -w Z | wc -l)
[ "$zcount" -gt 0 ] && print_status error "发现 $zcount 个僵尸进程" && ps axo stat,ppid,pid,cmd | grep -w Z || print_status ok "无僵尸进程"
echo

# 登录记录
print_title "最近登录记录"
last -n 8
echo

# 结束
print_title "运维巡检全部完成！"
echo -e "${GREEN}结束时间：$(date '+%Y-%m-%d %H:%M:%S')${NC}\n"
echo "运维建议：定期更新系统、关注磁盘和高负载进程、检查异常登录"
echo -e "${BLUE}${BOLD}════════════════════════════════════════════════════════════${NC}"
EOF

chmod +x syscheck.sh
echo "syscheck.sh 文件已成功创建！"
echo "现在运行巡检：sudo ./syscheck.sh"
文档更新时间: 2026-01-04 09:48 作者：admin