relatório semanal u&m investlinux – 17/01/2017portal.uem.com.br › relatorio ›...
TRANSCRIPT
Relatório Semanal U&M InvestLinux – 17/01/2017
Servidores LinuxUptime / Last
Uptime (Tempo Online do Servidor) Last (Conexões remotas)
[root@uemgw]# uptime 20:59:15 up 414 days, 7:18, 2 users, load average: 0.37, 0.25, 0.27
[root@uemadm]# uptime20:59:11 up 200 days, 9:01, 1 user, load average: 0.01, 0.05, 0.00
[root@uemgw]# last | sort k 3 | moreiladm pts/0 177.104.87.9 Fri Jan 6 13:33 15:34 (02:01) iladm pts/0 177.104.87.9 Sat Jan 7 10:42 12:47 (02:05) iladm pts/0 177.104.87.9 Wed Jan 18 20:58 still logged in iladm pts/1 177.104.87.9 Wed Jan 18 20:58 still logged in vpnuem ppp0 177.17.76.88 Mon Jan 16 08:49 09:38 (00:49) vpnuem ppp0 177.38.168.39 Mon Jan 2 10:59 11:17 (00:17) vpnuem ppp0 179.179.203.102 Fri Jan 13 17:06 17:40 (00:33) vpnuem ppp0 186.213.102.105 Thu Jan 12 14:21 14:41 (00:19) vpnuem ppp0 186.213.102.105 Thu Jan 12 14:46 16:24 (01:37) vpnuem ppp0 186.244.226.189 Mon Jan 16 16:53 17:15 (00:22) iladm pts/0 187.109.112.9 Tue Jan 3 07:56 10:23 (02:26) iladm pts/0 187.109.112.9 Wed Jan 4 21:36 23:42 (02:06) iladm pts/1 187.109.112.9 Wed Jan 4 21:36 23:43 (02:06) free ftpd11100 189.26.200.72.dy Wed Jan 18 15:50 15:50 (00:00) free ftpd11101 189.26.200.72.dy Wed Jan 18 15:50 15:50 (00:00) free ftpd11102 189.26.200.72.dy Wed Jan 18 15:50 16:10 (00:19) free ftpd11125 189.26.200.72.dy Wed Jan 18 15:51 15:51 (00:00) free ftpd11126 189.26.200.72.dy Wed Jan 18 15:51 16:00 (00:09) free ftpd11542 189.26.200.72.dy Wed Jan 18 16:03 16:08 (00:05) vpnuem ppp0 189.61.184.179 Wed Jan 18 08:49 08:50 (00:00) vpnuem ppp0 192.168.1.42 Fri Jan 6 18:42 18:43 (00:00) iladm pts/0 mail.investlinux Fri Jan 6 15:51 16:08 (00:17) iladm pts/0 mail.investlinux Mon Jan 2 10:12 10:43 (00:31) iladm pts/0 mail.investlinux Mon Jan 2 15:53 20:50 (04:56) iladm pts/0 mail.investlinux Mon Jan 9 08:27 08:38 (00:11) iladm pts/0 mail.investlinux Thu Jan 12 08:03 08:04 (00:01) iladm pts/0 mail.investlinux Thu Jan 12 09:35 10:08 (00:32) iladm pts/1 mail.investlinux Tue Jan 3 08:55 09:21 (00:25) wtmp begins Mon Jan 2 09:05:17 2017free ftpd14688 uemmbb180.uem.co Mon Jan 2 17:22 17:22 (00:00) free ftpd14689 uemmbb180.uem.co Mon Jan 2 17:22 17:32 (00:10) free ftpd14733 uemop016.uem.com Mon Jan 2 17:24 17:24 (00:00) free ftpd14738 uemop016.uem.com Mon Jan 2 17:24 17:24 (00:00) free ftpd14744 uemop016.uem.com Mon Jan 2 17:24 17:24 (00:00) free ftpd14746 uemop016.uem.com Mon Jan 2 17:24 17:24 (00:00) root pts/0 uemti01.uem.com. Fri Jan 6 10:41 10:43 (00:02) root pts/0 uemti01.uem.com. Mon Jan 2 09:05 09:11 (00:06) root pts/0 uemti01.uem.com. Mon Jan 2 09:12 09:13 (00:00) root pts/0 uemti01.uem.com. Mon Jan 2 09:14 09:15 (00:00) root pts/0 uemti01.uem.com. Thu Jan 5 14:43 14:45 (00:02) root pts/0 uemti01.uem.com. Thu Jan 5 14:49 14:52 (00:02) root pts/0 uemti01.uem.com. Tue Jan 10 09:21 09:25 (00:04) free ftpd15112 uemti03.uem.com. Mon Jan 2 17:34 17:34 (00:00) free ftpd15118 uemti03.uem.com. Mon Jan 2 17:34 17:34 (00:00) free ftpd15120 uemti03.uem.com. Mon Jan 2 17:34 17:34 (00:00) free ftpd15123 uemti03.uem.com. Mon Jan 2 17:34 17:34 (00:00) free ftpd15125 uemti03.uem.com. Mon Jan 2 17:34 17:34 (00:00) free ftpd15127 uemti03.uem.com. Mon Jan 2 17:34 17:34 (00:00) free ftpd15130 uemti03.uem.com. Mon Jan 2 17:34 17:34 (00:00) free ftpd15132 uemti03.uem.com. Mon Jan 2 17:34 17:34 (00:00)
free ftpd10393 uemti03.uem.com. Wed Jan 4 08:44 08:44 (00:00) free ftpd10394 uemti03.uem.com. Wed Jan 4 08:44 08:54 (00:10) free ftpd11386 uemti03.uem.com. Wed Jan 4 09:15 09:19 (00:03) free ftpd20486 uemti03.uem.com. Wed Jan 4 10:36 10:36 (00:00) free ftpd20487 uemti03.uem.com. Wed Jan 4 10:36 10:36 (00:00)
root@uemadm:~# last | sort k 3 | more iladm pts/0 192.168.0.1 Fri Jan 6 13:33 15:34 (02:01) iladm pts/0 192.168.0.1 Sat Jan 7 10:42 12:47 (02:05) iladm pts/0 192.168.0.1 Tue Jan 3 07:56 10:23 (02:26) iladm pts/0 192.168.0.1 Wed Jan 18 20:59 still logged in iladm pts/0 192.168.0.1 Wed Jan 4 21:36 23:43 (02:06) andreia ftpd2162 ::ffff:152.237.8 Sun Jan 15 08:44 08:55 (00:11) andreia ftpd15149 ::ffff:177.104.8 Mon Jan 2 14:18 14:28 (00:10) andreia ftpd4139 ::ffff:177.104.8 Mon Jan 2 22:39 22:51 (00:12) andreia ftpd10948 ::ffff:177.104.8 Mon Jan 2 23:22 23:28 (00:06) andreia ftpd6286 ::ffff:177.104.8 Thu Jan 12 07:15 07:29 (00:13) andreia ftpd15469 ::ffff:177.104.8 Tue Jan 3 07:54 08:14 (00:20) andreia ftpd20255 ::ffff:177.104.8 Tue Jan 3 08:22 08:32 (00:10) andreia ftpd11440 ::ffff:177.104.8 Tue Jan 3 13:20 13:58 (00:38) andreia ftpd31511 ::ffff:177.104.8 Wed Jan 11 22:33 22:44 (00:11) andreia ftpd26674 ::ffff:187.109.1 Mon Jan 2 21:36 22:01 (00:24) andreia ftpd1314 ::ffff:187.109.1 Mon Jan 2 22:21 22:33 (00:12) andreia ftpd18459 ::ffff:187.109.1 Wed Jan 4 23:01 23:12 (00:10) luis ftpd9690 ::ffff:201.46.13 Fri Jan 13 11:23 11:33 (00:10) luis ftpd11566 ::ffff:201.46.13 Fri Jan 13 11:34 11:46 (00:12) luis ftpd18002 ::ffff:201.46.13 Fri Jan 13 12:10 12:33 (00:22) luis ftpd23509 ::ffff:201.46.13 Fri Jan 13 12:42 12:45 (00:03) luis ftpd24187 ::ffff:201.46.13 Fri Jan 13 12:45 12:58 (00:13) luis ftpd8232 ::ffff:201.46.13 Fri Jan 6 00:39 01:01 (00:22) luis ftpd12510 ::ffff:201.46.13 Fri Jan 6 01:06 01:23 (00:17) luis ftpd32445 ::ffff:201.46.13 Fri Jan 6 13:53 14:04 (00:10) luis ftpd8034 ::ffff:201.46.13 Fri Jan 6 14:37 14:48 (00:11) luis ftpd14818 ::ffff:201.46.13 Fri Jan 6 15:17 15:32 (00:15) luis ftpd18210 ::ffff:201.46.13 Fri Jan 6 15:37 16:16 (00:38) luis ftpd4904 ::ffff:201.46.13 Fri Jan 6 17:25 17:35 (00:10) luis ftpd7075 ::ffff:201.46.13 Fri Jan 6 17:38 17:39 (00:01) luis ftpd7310 ::ffff:201.46.13 Fri Jan 6 17:40 17:48 (00:08) luis ftpd21608 ::ffff:201.46.13 Sat Jan 7 09:55 10:12 (00:16) luis ftpd24890 ::ffff:201.46.13 Sat Jan 7 10:16 10:32 (00:15) luis ftpd32137 ::ffff:201.46.13 Sat Jan 7 11:03 11:13 (00:10) luis ftpd8079 ::ffff:201.46.13 Sat Jan 7 11:56 12:27 (00:31) luis ftpd24158 ::ffff:201.46.13 Thu Jan 5 19:29 19:46 (00:16) luis ftpd28827 ::ffff:201.46.13 Thu Jan 5 23:23 23:32 (00:09) luis ftpd30232 ::ffff:201.46.13 Thu Jan 5 23:32 23:45 (00:12) luis ftpd1194 ::ffff:201.46.13 Thu Jan 5 23:54 00:31 (00:36) luis ftpd24704 ::ffff:201.46.13 Tue Jan 10 09:57 09:57 (00:00) wtmp begins Mon Jan 2 14:18:28 2017root pts/0 uemti03.uem.com. Fri Jan 6 10:04 10:04 (00:00) root pts/0 uemti03.uem.com. Fri Jan 6 10:08 10:12 (00:03) root pts/0 uemti03.uem.com. Fri Jan 6 10:15 12:28 (02:12)
Espaço em disco
[root@uemgw]# df hSist. Arq. Tam Usad Disp Uso% Montado em/dev/sda3 38G 28G 7,8G 79% /varrun 1,5G 292K 1,5G 1% /var/runvarlock 1,5G 0 1,5G 0% /var/lockudev 1,5G 52K 1,5G 1% /devdevshm 1,5G 0 1,5G 0% /dev/shm/dev/sdb1 50G 42G 6,0G 88% /backup/dev/sda1 471M 140M 308M 32% /boot
//192.168.0.106/Pessoal 30G 28G 2,5G 92% /ftp/Pessoal//192.168.0.100/CorporeRM 47G 21G 27G 44% /home/ponto//192.168.0.106/Linux_BKP 110G 92G 19G 84% /backupremoto//192.168.0.106/TGP 682G 608G 74G 90% /ftp/TGP
[root@uemadm:]# df hSist. Arq. Tam Usad Disp Uso% Montado em/dev/sda3 96G 78G 14G 86% /varrun 2,0G 14M 2,0G 1% /var/runvarlock 2,0G 0 2,0G 0% /var/lockudev 2,0G 52K 2,0G 1% /devdevshm 2,0G 0 2,0G 0% /dev/shm/dev/sda1 471M 150M 297M 34% /boot//192.168.0.106/Linux_BKP 110G 92G 19G 84% /backupremoto
DmesgDmesg – Alertas de Console (Eventuais Erros de Disco, Rede, Hardware em geral) Sem informações relevantes
LogsVerificação superficial de logs do sistema:
( syslog(tmsys) / secure(tms) / squid(tmsq – uemgw) )
Top Memória / Processos / Carga Sem informações relevantes
Portas Tcp Udp Abertas[root@uemgw]# netstat ap | grep LISTEN | grep v STREAMtcp 0 0 localhost:60000 *:* LISTEN 8464/postgrey.pid tcp 0 0 192.168.0.1:5666 *:* LISTEN 17314/nrpe tcp 0 0 *:10050 *:* LISTEN 10214/zabbix_agentdtcp 0 0 *:rsync *:* LISTEN 9053/rsync tcp 0 0 localhost:zebra *:* LISTEN 9034/zebra tcp 0 0 localhost:mysql *:* LISTEN 8396/mysqld tcp 0 0 localhost:bgpd *:* LISTEN 9038/bgpd tcp 0 0 *:webmin *:* LISTEN 10245/perl tcp 0 0 *:81 *:* LISTEN 9261/apache2 tcp 0 0 *:bgp *:* LISTEN 9038/bgpd tcp 0 0 *:ftp *:* LISTEN 4622/proftpd: (accetcp 0 0 192.168.12.10:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.29:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.27:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.25:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.23:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.21:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.19:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.17:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.15:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.13:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.11:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.9:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.7:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.3:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.5:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.1:domain *:* LISTEN 7939/named tcp 0 0 201048214114.:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.14:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.29:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.28:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.12:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.50:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.11:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.10:domain *:* LISTEN 7939/named tcp 0 0 n009.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 n008.uem.com.br:domain *:* LISTEN 7939/named
tcp 0 0 n007.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 n006.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 rev2.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 n002.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 rev1.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 uemnotes.uem.com:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.28:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.29:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.12:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.50:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.11:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.10:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.9:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.8:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.7:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.6:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.4:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.3:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.2:domain *:* LISTEN 7939/named tcp 0 0 n001.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.5:domain *:* LISTEN 7939/named tcp 0 0 192.168.2.1:domain *:* LISTEN 7939/named tcp 0 0 192.168.0.2:domain *:* LISTEN 7939/named tcp 0 0 192.168.0.1:domain *:* LISTEN 7939/named tcp 0 0 localhost:domain *:* LISTEN 7939/named tcp 0 0 *:ssh *:* LISTEN 8264/sshd tcp 0 0 *:3128 *:* LISTEN 15214/(squid) tcp 0 0 *:smtp *:* LISTEN 9455/smtpd tcp 0 0 localhost:953 *:* LISTEN 7939/named tcp 0 0 *:1723 *:* LISTEN 9020/pptpd tcp6 0 0 [::]:rsync [::]:* LISTEN 9053/rsync tcp6 0 0 [::]:bgp [::]:* LISTEN 9038/bgpd tcp6 0 0 [::]:domain [::]:* LISTEN 7939/named tcp6 0 0 [::]:ssh [::]:* LISTEN 8264/sshd tcp6 0 0 ip6localhost:953 [::]:* LISTEN 7939/named Obs: Comando mostra na quarta coluna, preferencialmente, o nome do serviço após o caracter “:”.
root@uemgw:~# netstat nap | grep LISTEN | grep v STREAMtcp 0 0 127.0.0.1:60000 0.0.0.0:* LISTEN 8464/postgrey.pid tcp 0 0 192.168.0.1:5666 0.0.0.0:* LISTEN 17314/nrpe tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 10214/zabbix_agentdtcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 9053/rsync tcp 0 0 127.0.0.1:2601 0.0.0.0:* LISTEN 9034/zebra tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 8396/mysqld tcp 0 0 127.0.0.1:2605 0.0.0.0:* LISTEN 9038/bgpd tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 10245/perl tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 9261/apache2 tcp 0 0 0.0.0.0:179 0.0.0.0:* LISTEN 9038/bgpd tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 4622/proftpd: (accetcp 0 0 192.168.12.10:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.29:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.27:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.25:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.23:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.21:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.19:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.17:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.15:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.13:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.11:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.9:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.7:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.3:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.5:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 201.48.214.114:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.14:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.29:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.28:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.12:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.50:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.11:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.10:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.9:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.8:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.7:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.6:53 0.0.0.0:* LISTEN 7939/named
tcp 0 0 177.38.168.4:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.3:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.2:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.5:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.28:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.29:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.12:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.50:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.11:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.10:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.9:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.8:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.7:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.6:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.4:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.3:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.2:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.5:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 192.168.2.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 192.168.0.2:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 192.168.0.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 8264/sshd tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 15214/(squid) tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 9575/smtpd tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 7939/named tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 9020/pptpd tcp6 0 0 :::873 :::* LISTEN 9053/rsync tcp6 0 0 :::179 :::* LISTEN 9038/bgpd tcp6 0 0 :::53 :::* LISTEN 7939/named tcp6 0 0 :::22 :::* LISTEN 8264/sshd tcp6 0 0 ::1:953 :::* LISTEN 7939/named Obs: Comando mostra na quarta coluna a porta do serviço após o caracter “:”.
[root@uemadm]# netstat ap | grep LISTEN | grep v STREAMtcp 0 0 *:10050 *:* LISTEN 5764/zabbix_agentdtcp 0 0 uemadm:5666 *:* LISTEN 5486/nrpe tcp 0 0 *:10051 *:* LISTEN 20320/zabbix_servertcp 0 0 *:rsync *:* LISTEN 5565/rsync tcp 0 0 *:gds_db *:* LISTEN 15880/fbserver tcp 0 0 localhost:mysql *:* LISTEN 5373/mysqld tcp 0 0 *:netbiosssn *:* LISTEN 5582/smbd tcp 0 0 *:webmin *:* LISTEN 6234/perl tcp 0 0 portal.uem.com.br:www *:* LISTEN 1797/apache2 tcp 0 0 *:82 *:* LISTEN 1797/apache2 tcp 0 0 *:ssh *:* LISTEN 7409/sshd tcp 0 0 localhost:postgresql *:* LISTEN 5450/postgres tcp 0 0 *:smtp *:* LISTEN 17711/master tcp 0 0 *:microsoftds *:* LISTEN 5582/smbd tcp6 0 0 [::]:rsync [::]:* LISTEN 5565/rsync tcp6 0 0 [::]:ftp [::]:* LISTEN 13774/proftpd: (acctcp6 0 0 [::]:ssh [::]:* LISTEN 7409/sshd Obs: Comando mostra na quarta coluna, preferencialmente, o nome do serviço após o caracter “:”.
root@uemadm:~# netstat nap | grep LISTEN | grep v STREAM tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 5764/zabbix_agentdtcp 0 0 192.168.0.109:5666 0.0.0.0:* LISTEN 5486/nrpe tcp 0 0 0.0.0.0:10051 0.0.0.0:* LISTEN 20320/zabbix_servertcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 5565/rsync tcp 0 0 0.0.0.0:3050 0.0.0.0:* LISTEN 15880/fbserver tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 5373/mysqld tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 5582/smbd tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 6234/perl tcp 0 0 192.168.0.124:80 0.0.0.0:* LISTEN 1797/apache2 tcp 0 0 0.0.0.0:82 0.0.0.0:* LISTEN 1797/apache2 tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 7409/sshd tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 5450/postgres tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 17711/master tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 5582/smbd tcp6 0 0 :::873 :::* LISTEN 5565/rsync tcp6 0 0 :::21 :::* LISTEN 13774/proftpd: (acctcp6 0 0 :::22 :::* LISTEN 7409/sshd Obs: Comando mostra na quarta coluna a porta do serviço após o caracter “:”.
Squid Reports Semanal – 08/01/2017 a 15/01/2017
Squid Reports – TopSites
Squid Reports – TopUsers
Squid Reports – Tentativas de acesso a Sites Indevidos
LOCAL ACESSADO IPwww.fadadosexo.com 192.168.18.151www.fotosbucetas.com.br 192.168.18.151www.fotoscaiunanet.com 192.168.18.36www.mulheresgostosas.net 192.168.18.151www.mulherpelada.info 192.168.18.151www.pornobrasil.co 192.168.18.151www.pornodoido.com 192.168.18.144www.safadasnaweb.com.br 192.168.18.151
Obs: Não foi acrescentada nenhuma expressão ao arquivo /etc/squid/site_proibido.txt a fim de impedir o acesso desites relacionados.
Obs2: Várias tentativas de acessos indevidos provenientes do ip 192.168.18.151.
OFFICE 365
Emails – Uso
Caixa de Correio
Armazenamento
Cota
Caixa de correio ativas e inativas
Número de caixas de correio ativas e inativas ao longo do tempo. Uma caixa decorreio é considerada inativa se um usuário não fizer logon por mais de 30 dias.
Inativo há 3060 dias
Inativos há 6190 dias
Inativos há mais de 90 dias
Uso da caixa de correio
Mostra o número total de caixas de correio, caixas de correio que excederam suascotas de armazenamento e caixas de correio que estão usando menos de 25% de seulimite de armazenamento.
Sistema operacional usado
Mostra o número de sistemas operacionais diferentes nos quais seus usuáriosentraram com suas contas do Office 365 nos últimos 30 dias.
Licenciamento vs Uso Ativo
Visualize o uso ativo (nos últimos 30 dias) de seus serviços do O365 emcomparação com os serviços realmente licenciados para o seu uso. Use esses dadospara verificar se você está obtendo o máximo do seu investimento em nuvem.
Proteção (dados dos últimos 14 dias)
Principais destinatários de email
Principais remetentes de email
Principais destinatários de spams
Principais destinatários de Malware
Detecções de Spam
Principal malware de email
Emails recebidos e enviados
Anti virus – Bitdefender
ZABBIX
Triggers mais ativas da semana – TOP 10Hosts que mais geraram alerta no Zabbixx
Fonte:http://192.168.0.109:82/zabbix/report5.php?sid=87d41391d956aaea&form_refresh=1&period=week
Gráficos
Período de 03/01/2017 a 17/01/2017
SERVIDORES LINUX
UEM_ADM CPU Utilization
UEM_ADM Memory Usage
UEM_ADM Disk Space Usage
UEM_GW CPU Utilization
UEM_GW Memory Usage
UEM_GW Disk Space Usage
SERVIDORES WINDOWS
UEMFS – CPU LOAD
UEMFS – Disk Usage
UEMICA – CPU Load
UEMICA – Disk space usage
UEMRMSA – CPU Load
UEMRMSA – Disk Space Usage
Relatório de Disponibilidade (SLA) – 03/01/2017 17/01/2017
Será exibida a observação e detalhes do problema quando estes atingirem 2%
UEMICA – okUEMRMAP – okUEMRMSA – okUEMFS – okUEMMINE – ok
Fonte: http:// 192.168.0.109 :82/zabbix/report2.php
Nagios
Disponibilidade – últimos 7 dias
Host Service % Time OK% Time Warning
% Time Unknown
% Time Critical
% Time Undetermined
nagios_remoto Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem-adm Local_Carga100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_Root100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Processos100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Users100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Http:82100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem-gw Local_Carga99.355% (99.355%)
0.645% (0.645%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_Root100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_backup100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_bkpremoto
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_ftp_pessoal
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_home_ponto
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Processos100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Users100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Dns100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ftp100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Http:81100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Squid:3128100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Local_Disk_home_ponto
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemantispam-linux Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemap-aplicacao Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemdev Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SAP99.851% (99.851%)
0.000% (0.000%)
0.000% (0.000%)
0.149% (0.149%)
0.000%
uemfs-fileserver Rede_NetBios100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_NetBios
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemica-metaframe Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Metaframe99.950% (99.950%)
0.000% (0.000%)
0.000% (0.000%)
0.050% (0.050%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_TS100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Metaframe
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_TS100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemmine-database Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Sql100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Sql100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemprd Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SAP99.851% (99.851%)
0.000% (0.000%)
0.000% (0.000%)
0.149% (0.149%)
0.000%
uem1_Rede_SAP100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemrmsa-database Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemvm-vmware4 Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
vpn-server-mk-lan Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
vpn-server-mk-wan Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Average99.980% (99.980%)
0.013% (0.013%)
0.000% (0.000%)
0.007% (0.007%)
0.000%