relatório semanal u&m investlinux – 22/11/2016portal.uem.com.br › relatorio ›...
Post on 04-Jul-2020
10 Views
Preview:
TRANSCRIPT
Relatório Semanal U&M InvestLinux – 22/11/2016
Servidores LinuxUptime / Last
Uptime (Tempo Online do Servidor) Last (Conexões remotas)
[root@uemgw]# uptime 12:52:04 up 356 days, 23:10, 1 user, load average: 0.22, 0.33, 0.38
[root@uemadm]# uptime 12:52:21 up 143 days, 54 min, 1 user, load average: 0.12, 0.16, 0.11
[root@uemgw]# last | sort k 3 | moreupload ftpd30107 148.251.27.205 Wed Nov 16 21:30 21:31 (00:00) iladm pts/0 177.104.79.211 Sun Nov 20 10:26 12:51 (02:24) iladm pts/0 177.104.79.211 Tue Nov 22 12:52 still logged in uemcc2 ftpd10998 177.38.168.39 Wed Nov 16 18:06 18:06 (00:00) uemcc2 ftpd11002 177.38.168.39 Wed Nov 16 18:06 18:07 (00:00) vpnuem ppp0 179.178.164.187 Tue Nov 15 23:59 00:02 (00:03) vpnuem ppp0 179.179.237.223 Wed Nov 2 12:41 12:42 (00:01) iladm pts/1 186.235.108.76 Wed Nov 9 12:43 14:54 (02:11) iladm pts/1 187.109.112.9 Tue Nov 22 12:52 still logged in iladm pts/0 187.109.112.9 Wed Nov 9 12:42 14:54 (02:11) vpnuem ppp0 187.114.7.120 Tue Nov 15 11:37 12:27 (00:49) free ftpd31742 187.114.8.78 Tue Nov 1 17:07 17:07 (00:00) free ftpd31766 187.114.8.78 Tue Nov 1 17:08 17:18 (00:10) vpnuem ppp0 187.78.251.167 Mon Nov 14 13:46 14:25 (00:39) vpnuem ppp0 187.78.251.167 Mon Nov 14 14:26 14:33 (00:06) vpnuem ppp0 191.249.171.176 Wed Nov 16 00:03 00:07 (00:03) uem ftpd29830 191711144dyn Fri Nov 4 13:52 13:52 (00:00) uem ftpd29831 191711144dyn Fri Nov 4 13:52 13:58 (00:05) uem ftpd29882 191711144dyn Fri Nov 4 13:54 14:04 (00:10) uem ftpd29883 191711144dyn Fri Nov 4 13:54 14:05 (00:10) uem ftpd15811 191711144dyn Sat Nov 12 10:38 10:38 (00:00) uem ftpd15812 191711144dyn Sat Nov 12 10:38 10:42 (00:03) uem ftpd15845 191711144dyn Sat Nov 12 10:39 10:49 (00:10) uem ftpd15846 191711144dyn Sat Nov 12 10:39 10:49 (00:10) uem ftpd4222 191711144dyn Wed Nov 16 16:37 16:37 (00:00) uem ftpd4223 191711144dyn Wed Nov 16 16:37 16:40 (00:02) uem ftpd4276 191711144dyn Wed Nov 16 16:38 16:48 (00:10) uem ftpd4282 191711144dyn Wed Nov 16 16:39 16:49 (00:10) uem ftpd1650 191711144dyn Wed Nov 9 17:08 17:08 (00:00) uem ftpd1651 191711144dyn Wed Nov 9 17:08 17:09 (00:01) uem ftpd1743 191711144dyn Wed Nov 9 17:10 17:20 (00:10) uem ftpd1744 191711144dyn Wed Nov 9 17:10 17:20 (00:10) vpnuem ppp0 192.168.1.53 Fri Nov 4 17:33 17:33 (00:00) upload ftpd26877 195.234.6.122 Wed Nov 16 02:48 02:48 (00:00) iladm pts/0 mail.investlinux Sun Nov 6 14:27 17:03 (02:35) iladm pts/0 mail.investlinux Tue Nov 1 09:42 12:49 (03:07) iladm pts/0 mail.investlinux Tue Nov 1 12:51 19:05 (06:13) iladm pts/0 mail.investlinux Tue Nov 8 08:36 08:41 (00:04) iladm pts/0 mail.investlinux Tue Nov 8 09:29 09:34 (00:05) wtmp begins Tue Nov 1 09:42:17 2016root pts/0 uemmbb254.uem.co Tue Nov 8 08:54 08:58 (00:03) uemcc ftpd5487 uemop016.uem.com Wed Nov 16 17:15 17:15 (00:00) uemcc ftpd10257 uemop016.uem.com Wed Nov 16 17:51 17:51 (00:00) uemcc ftpd10345 uemop016.uem.com Wed Nov 16 17:52 17:52 (00:00) uemcc ftpd10346 uemop016.uem.com Wed Nov 16 17:52 17:57 (00:04) uemcc ftpd10415 uemop016.uem.com Wed Nov 16 17:54 17:54 (00:00) uemcc2 ftpd10450 uemop016.uem.com Wed Nov 16 17:55 17:55 (00:00) uemcc2 ftpd10451 uemop016.uem.com Wed Nov 16 17:55 17:57 (00:01) uemcc2 ftpd10562 uemop016.uem.com Wed Nov 16 17:58 17:58 (00:00) uemcc2 ftpd10563 uemop016.uem.com Wed Nov 16 17:58 18:01 (00:02)
uemcc2 ftpd10647 uemop016.uem.com Wed Nov 16 17:59 17:59 (00:00) uemcc2 ftpd10849 uemop016.uem.com Wed Nov 16 18:02 18:02 (00:00) uemcc2 ftpd10850 uemop016.uem.com Wed Nov 16 18:02 18:03 (00:00) root pts/0 uemti01.uem.com. Mon Nov 7 13:54 14:15 (00:21) root pts/0 uemti01.uem.com. Sat Nov 19 10:38 11:36 (00:58) uemcc ftpd18274 uemti01.uem.com. Tue Nov 1 10:09 10:09 (00:00) uemcc ftpd18275 uemti01.uem.com. Tue Nov 1 10:09 10:10 (00:01) uemcc ftpd5315 uemti01.uem.com. Wed Nov 16 17:09 17:09 (00:00) uemcc ftpd5316 uemti01.uem.com. Wed Nov 16 17:09 17:09 (00:00) uemcc ftpd5317 uemti01.uem.com. Wed Nov 16 17:09 17:14 (00:05)
root@uemadm:~# last | sort k 3 | more iladm pts/0 192.168.0.1 Sun Nov 20 10:26 12:51 (02:24) iladm pts/0 192.168.0.1 Tue Nov 22 12:52 still logged in iladm pts/1 192.168.0.1 Wed Nov 9 12:43 14:54 (02:10) andreia ftpd15559 ::ffff:177.104.7 Sun Nov 20 10:27 10:37 (00:10) andreia ftpd5085 ::ffff:186.235.1 Fri Nov 4 13:41 13:41 (00:00) andreia ftpd27921 ::ffff:186.235.1 Mon Nov 7 14:46 15:01 (00:14) andreia ftpd7670 ::ffff:186.235.1 Mon Nov 7 22:32 22:48 (00:16) andreia ftpd10350 ::ffff:186.235.1 Thu Nov 10 13:33 13:44 (00:10) andreia ftpd849 ::ffff:187.109.1 Fri Nov 4 13:17 13:37 (00:20) andreia ftpd7911 ::ffff:187.109.1 Mon Nov 21 07:05 07:15 (00:10) andreia ftpd9588 ::ffff:187.109.1 Mon Nov 21 07:16 07:55 (00:39) andreia ftpd26875 ::ffff:187.109.1 Mon Nov 21 18:28 18:38 (00:10) andreia ftpd13682 ::ffff:187.109.1 Mon Nov 21 20:30 20:31 (00:00) andreia ftpd12931 ::ffff:187.109.1 Mon Nov 7 13:20 13:45 (00:25) andreia ftpd1865 ::ffff:187.109.1 Mon Nov 7 21:56 22:06 (00:10) andreia ftpd5094 ::ffff:187.109.1 Mon Nov 7 22:16 22:26 (00:10) andreia ftpd12685 ::ffff:187.109.1 Mon Nov 7 23:04 23:39 (00:35) andreia ftpd7370 ::ffff:187.109.1 Wed Nov 16 13:52 13:52 (00:00) luis ftpd27198 ::ffff:201.46.15 Fri Nov 4 01:34 01:58 (00:24) luis ftpd30981 ::ffff:201.46.15 Fri Nov 4 01:58 02:01 (00:02) luis ftpd23677 ::ffff:201.46.15 Fri Nov 4 09:12 09:14 (00:02) luis ftpd17517 ::ffff:201.46.15 Thu Nov 3 08:25 08:39 (00:14) luis ftpd14689 ::ffff:201.46.15 Thu Nov 3 11:18 11:29 (00:10) luis ftpd18534 ::ffff:201.46.15 Thu Nov 3 11:40 11:50 (00:10) luis ftpd16455 ::ffff:201.46.15 Wed Nov 2 07:36 07:47 (00:10) luis ftpd22403 ::ffff:201.46.15 Wed Nov 2 08:12 08:22 (00:10) luis ftpd26465 ::ffff:201.46.15 Wed Nov 2 08:37 08:47 (00:10) luis ftpd30881 ::ffff:201.46.15 Wed Nov 2 09:05 09:23 (00:18) luis ftpd2125 ::ffff:201.46.15 Wed Nov 2 09:27 09:49 (00:22) luis ftpd5725 ::ffff:201.46.15 Wed Nov 2 09:49 10:10 (00:21) luis ftpd10571 ::ffff:201.46.15 Wed Nov 2 10:18 10:30 (00:12) luis ftpd12782 ::ffff:201.46.15 Wed Nov 2 10:31 10:42 (00:11) luis ftpd18457 ::ffff:201.46.15 Wed Nov 2 11:06 11:28 (00:22) luis ftpd7503 ::ffff:201.46.15 Wed Nov 2 16:32 16:42 (00:10) luis ftpd19085 ::ffff:201.46.15 Wed Nov 2 17:43 17:54 (00:10) luis ftpd22452 ::ffff:201.46.15 Wed Nov 2 18:01 18:11 (00:10) root pts/0 uemmbb254.uem.co Mon Nov 7 11:53 14:11 (02:18) root pts/0 uemmbb254.uem.co Wed Nov 9 08:49 17:58 (09:08) wtmp begins Wed Nov 2 07:36:50 2016
Espaço em disco
[root@uemgw]# df hSist. Arq. Tam Usad Disp Uso% Montado em/dev/sda3 38G 24G 12G 68% /varrun 1,5G 296K 1,5G 1% /var/runvarlock 1,5G 0 1,5G 0% /var/lockudev 1,5G 52K 1,5G 1% /devdevshm 1,5G 0 1,5G 0% /dev/shm/dev/sdb1 50G 41G 6,9G 86% /backup/dev/sda1 471M 140M 308M 32% /boot//192.168.0.106/Pessoal 30G 27G 3,8G 88% /ftp/Pessoal//192.168.0.100/CorporeRM
47G 21G 27G 44% /home/ponto//192.168.0.106/Linux_BKP 110G 86G 25G 78% /backupremoto//192.168.0.106/TGP 682G 602G 81G 89% /ftp/TGP
[root@uemadm:]# df hSist. Arq. Tam Usad Disp Uso% Montado em/dev/sda3 96G 73G 19G 80% /varrun 2,0G 14M 2,0G 1% /var/runvarlock 2,0G 0 2,0G 0% /var/lockudev 2,0G 52K 2,0G 1% /devdevshm 2,0G 0 2,0G 0% /dev/shm/dev/sda1 471M 150M 297M 34% /boot//192.168.0.106/Linux_BKP 110G 86G 25G 78% /backupremoto
DmesgDmesg – Alertas de Console (Eventuais Erros de Disco, Rede, Hardware em geral) Sem informações relevantes
LogsVerificação superficial de logs do sistema:
( syslog(tmsys) / secure(tms) / squid(tmsq – uemgw) )
Top Memória / Processos / Carga Sem informações relevantes
Portas Tcp Udp Abertas[root@uemgw]# netstat ap | grep LISTEN | grep v STREAMtcp 0 0 localhost:60000 *:* LISTEN 8464/postgrey.pid tcp 0 0 192.168.0.1:5666 *:* LISTEN 13202/nrpe tcp 0 0 *:10050 *:* LISTEN 10214/zabbix_agentdtcp 0 0 *:rsync *:* LISTEN 9053/rsync tcp 0 0 localhost:zebra *:* LISTEN 9034/zebra tcp 0 0 localhost:mysql *:* LISTEN 8396/mysqld tcp 0 0 localhost:bgpd *:* LISTEN 9038/bgpd tcp 0 0 *:webmin *:* LISTEN 10245/perl tcp 0 0 *:81 *:* LISTEN 9261/apache2 tcp 0 0 *:bgp *:* LISTEN 9038/bgpd tcp 0 0 *:ftp *:* LISTEN 3201/proftpd: (accetcp 0 0 192.168.12.10:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.29:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.27:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.25:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.23:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.21:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.19:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.17:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.15:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.13:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.11:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.9:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.7:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.3:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.5:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.1:domain *:* LISTEN 7939/named tcp 0 0 201048214114.:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.14:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.29:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.28:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.12:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.50:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.11:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.10:domain *:* LISTEN 7939/named tcp 0 0 n009.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 n008.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 n007.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 n006.uem.com.br:domain *:* LISTEN 7939/named
tcp 0 0 rev2.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 n002.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 rev1.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 uemnotes.uem.com:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.28:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.29:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.12:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.50:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.11:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.10:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.9:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.8:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.7:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.6:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.4:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.3:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.2:domain *:* LISTEN 7939/named tcp 0 0 n001.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.5:domain *:* LISTEN 7939/named tcp 0 0 192.168.2.1:domain *:* LISTEN 7939/named tcp 0 0 192.168.0.2:domain *:* LISTEN 7939/named tcp 0 0 192.168.0.1:domain *:* LISTEN 7939/named tcp 0 0 localhost:domain *:* LISTEN 7939/named tcp 0 0 *:ssh *:* LISTEN 8264/sshd tcp 0 0 *:3128 *:* LISTEN 8413/(squid) tcp 0 0 *:smtp *:* LISTEN 25556/smtpd tcp 0 0 localhost:953 *:* LISTEN 7939/named tcp 0 0 *:1723 *:* LISTEN 9020/pptpd tcp6 0 0 [::]:rsync [::]:* LISTEN 9053/rsync tcp6 0 0 [::]:bgp [::]:* LISTEN 9038/bgpd tcp6 0 0 [::]:domain [::]:* LISTEN 7939/named tcp6 0 0 [::]:ssh [::]:* LISTEN 8264/sshd tcp6 0 0 ip6localhost:953 [::]:* LISTEN 7939/named Obs: Comando mostra na quarta coluna, preferencialmente, o nome do serviço após o caracter “:”.
root@uemgw:~# netstat nap | grep LISTEN | grep v STREAMtcp 0 0 127.0.0.1:60000 0.0.0.0:* LISTEN 8464/postgrey.pid tcp 0 0 192.168.0.1:5666 0.0.0.0:* LISTEN 13202/nrpe tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 10214/zabbix_agentdtcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 9053/rsync tcp 0 0 127.0.0.1:2601 0.0.0.0:* LISTEN 9034/zebra tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 8396/mysqld tcp 0 0 127.0.0.1:2605 0.0.0.0:* LISTEN 9038/bgpd tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 10245/perl tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 9261/apache2 tcp 0 0 0.0.0.0:179 0.0.0.0:* LISTEN 9038/bgpd tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 3201/proftpd: (accetcp 0 0 192.168.12.10:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.29:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.27:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.25:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.23:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.21:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.19:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.17:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.15:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.13:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.11:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.9:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.7:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.3:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.5:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 201.48.214.114:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.14:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.29:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.28:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.12:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.50:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.11:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.10:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.9:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.8:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.7:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.6:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.4:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.3:53 0.0.0.0:* LISTEN 7939/named
tcp 0 0 177.38.168.2:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.5:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.28:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.29:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.12:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.50:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.11:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.10:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.9:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.8:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.7:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.6:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.4:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.3:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.2:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.5:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 192.168.2.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 192.168.0.2:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 192.168.0.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 8264/sshd tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 8413/(squid) tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 25556/smtpd tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 7939/named tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 9020/pptpd tcp6 0 0 :::873 :::* LISTEN 9053/rsync tcp6 0 0 :::179 :::* LISTEN 9038/bgpd tcp6 0 0 :::53 :::* LISTEN 7939/named tcp6 0 0 :::22 :::* LISTEN 8264/sshd tcp6 0 0 ::1:953 :::* LISTEN 7939/named Obs: Comando mostra na quarta coluna a porta do serviço após o caracter “:”.
[root@uemadm]# netstat ap | grep LISTEN | grep v STREAMtcp 0 0 *:10050 *:* LISTEN 5764/zabbix_agentdtcp 0 0 uemadm:5666 *:* LISTEN 5486/nrpe tcp 0 0 *:10051 *:* LISTEN 20320/zabbix_servertcp 0 0 *:rsync *:* LISTEN 5565/rsync tcp 0 0 *:gds_db *:* LISTEN 15880/fbserver tcp 0 0 localhost:mysql *:* LISTEN 5373/mysqld tcp 0 0 *:netbiosssn *:* LISTEN 5582/smbd tcp 0 0 *:webmin *:* LISTEN 6234/perl tcp 0 0 portal.uem.com.br:www *:* LISTEN 466/apache2 tcp 0 0 *:82 *:* LISTEN 466/apache2 tcp 0 0 *:ssh *:* LISTEN 7409/sshd tcp 0 0 localhost:postgresql *:* LISTEN 5450/postgres tcp 0 0 *:smtp *:* LISTEN 17711/master tcp 0 0 *:microsoftds *:* LISTEN 5582/smbd tcp6 0 0 [::]:rsync [::]:* LISTEN 5565/rsync tcp6 0 0 [::]:ftp [::]:* LISTEN 12281/proftpd: (acctcp6 0 0 [::]:ssh [::]:* LISTEN 7409/sshdObs: Comando mostra na quarta coluna, preferencialmente, o nome do serviço após o caracter “:”.
root@uemadm:~# netstat nap | grep LISTEN | grep v STREAM tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 5764/zabbix_agentdtcp 0 0 192.168.0.109:5666 0.0.0.0:* LISTEN 5486/nrpe tcp 0 0 0.0.0.0:10051 0.0.0.0:* LISTEN 20320/zabbix_servertcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 5565/rsync tcp 0 0 0.0.0.0:3050 0.0.0.0:* LISTEN 15880/fbserver tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 5373/mysqld tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 5582/smbd tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 6234/perl tcp 0 0 192.168.0.124:80 0.0.0.0:* LISTEN 466/apache2 tcp 0 0 0.0.0.0:82 0.0.0.0:* LISTEN 466/apache2 tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 7409/sshd tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 5450/postgres tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 917/smtpd tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 5582/smbd tcp6 0 0 :::873 :::* LISTEN 5565/rsync tcp6 0 0 :::21 :::* LISTEN 12281/proftpd: (acctcp6 0 0 :::22 :::* LISTEN 7409/sshdObs: Comando mostra na quarta coluna a porta do serviço após o caracter “:”.
Squid Reports Semanal – 13/11/2016 a 20/11/2016
Squid Reports – TopSites
Squid Reports – TopUsers
Squid Reports – Tentativas de acesso a Sites Indevidos
LOCAL ACESSADO IPwww.flagrasdenovinhas.com 192.168.14.186www.gifporn.me 192.168.14.171www.pornolandia.xxx 192.168.15.109
Obs: Não foi acrescentada nenhuma expressão ao arquivo /etc/squid/site_proibido.txt a fim de impedir o acesso desites relacionados.
OFFICE 365
Emails – Uso
Caixa de Correio
Armazenamento
Cota
Caixa de correio ativas e inativas
Número de caixas de correio ativas e inativas ao longo do tempo. Uma caixa decorreio é considerada inativa se um usuário não fizer logon por mais de 30 dias.
Inativo há 30 60 dias
Inativo há 61 90 dias
Inativo há mais de 90 dias
Uso da caixa de correio
Mostra o número total de caixas de correio, caixas de correio que excederam suascotas de armazenamento e caixas de correio que estão usando menos de 25% de seulimite de armazenamento.
Sistema operacional usado
Mostra o número de sistemas operacionais diferentes nos quais seus usuáriosentraram com suas contas do Office 365 nos últimos 30 dias.
Licenciamento vs Uso Ativo
Visualize o uso ativo (nos últimos 30 dias) de seus serviços do O365 emcomparação com os serviços realmente licenciados para o seu uso. Use esses dadospara verificar se você está obtendo o máximo do seu investimento em nuvem.
Proteção (dados dos últimos 14 dias)
Principais destinatários de email
Principais remetentes de email
Principais destinatários de spams
Principais destinatários de Malware
Detecções de Spam
Principal malware de email
Emails recebidos e enviados
Detecções de malware
Anti virus – Bitdefender
ZABBIX
Triggers mais ativas da semana – TOP 10Hosts que mais geraram alerta no Zabbixx
Fonte:http://192.168.0.109:82/zabbix/report5.php?sid=87d41391d956aaea&form_refresh=1&period=week
Gráficos
Período de 08/11/2016 a 22/11/2016
SERVIDORES LINUX
UEM_ADM CPU Utilization
UEM_ADM Memory Usage
UEM_ADM Disk Space Usage
UEM_GW CPU Utilization
UEM_GW Memory Usage
UEM_GW Disk Space Usage
SERVIDORES WINDOWS
UEMFS – CPU LOAD
UEMFS – Disk Usage
UEMICA – CPU Load
UEMICA – Disk space usage
UEMRMSA – CPU Load
UEMRMSA – Disk Space Usage
Relatório de Disponibilidade (SLA) – 08/11/2016 a 22/11/2016
Será exibida a observação e detalhes do problema quando estes atingirem 2%
UEMICA – okUEMRMAP – okUEMRMSA – okUEMFS – okUEMMINE – ok
Fonte: http:// 192.168.0.109 :82/zabbix/report2.php
Nagios
Disponibilidade – últimos 7 dias
Host Service % Time OK% Time Warning
% Time Unknown
% Time Critical
% Time Undetermined
nagios_remoto Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem-adm Local_Carga100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_Root100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Processos100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Users100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Http:82100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem-gw Local_Carga100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_Root100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_backup100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_bkpremoto
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_ftp_pessoal
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_home_ponto
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Processos100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Users100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Dns100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ftp100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Http:81100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Squid:3128100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Local_Disk_home_ponto
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemantispam-linux Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemap-aplicacao Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemdev Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SAP100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemfs-fileserver Rede_NetBios100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_NetBios
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemica-metaframe Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Metaframe100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_TS100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Metaframe
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_TS100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemmine-database Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Sql100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Sql100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemprd Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SAP100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_SAP100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemrmsa-database Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemvm-vmware4 Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
vpn-server-mk-lan Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
vpn-server-mk-wan Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Average100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
top related