relatório semanal u&m investlinux –...
TRANSCRIPT
Relatório Semanal U&M InvestLinux – 21/06/2016
Servidores LinuxUptime / Last
Uptime (Tempo Online do Servidor) Last (Conexões remotas)
[root@uemgw]# uptime 13:35:26 up 203 days, 52 min, 1 user, load average: 0.44, 0.53, 0.57
[root@uemadm]# uptime 13:35:58 up 395 days, 18:56, 2 users, load average: 0.04, 0.05, 0.00
[root@uemgw]# last | sort k 3 | morevpnuem ppp0 177.134.126.58 Mon Jun 13 15:41 15:44 (00:02) vpnuem ppp0 177.134.126.58 Mon Jun 13 15:44 16:17 (00:32) vpnuem ppp0 177.205.205.221 Tue Jun 14 11:28 16:07 (04:39) vpnuem ppp0 177.206.66.62 Mon Jun 13 16:24 16:35 (00:10) vpnuem ppp1 177.206.66.62 Mon Jun 13 16:27 16:48 (00:20) vpnuem ppp2 177.206.66.62 Mon Jun 13 16:30 16:32 (00:02) vpnuem ppp0 177.206.66.62 Mon Jun 13 16:36 16:45 (00:08) vpnuem ppp0 177.206.66.62 Mon Jun 13 16:50 17:10 (00:19) vpnuem ppp0 186.206.255.202 Thu Jun 16 13:07 20:28 (07:21) iladm pts/0 187.109.112.9 Mon Jun 13 08:06 08:07 (00:00) iladm pts/0 187.109.112.9 Mon Jun 6 15:02 15:09 (00:06) iladm pts/0 187.109.112.9 Thu Jun 9 08:40 15:50 (07:09) iladm pts/0 187.109.112.9 Tue Jun 21 13:35 still logged in iladm pts/1 187.109.112.9 Tue Jun 21 13:35 still logged in iladm pts/1 187.109.112.9 Tue Jun 7 08:30 10:48 (02:18) iladm pts/0 187.109.112.9 Tue Jun 7 08:30 12:45 (04:15) iladm pts/0 187.109.112.9 Wed Jun 1 18:16 00:01 (05:45) iladm pts/0 187.109.112.9 Wed Jun 8 10:33 10:47 (00:14) vpnuem ppp0 189.24.89.142 Mon Jun 6 18:10 18:16 (00:05) vpnuem ppp0 189.59.173.69 Tue Jun 21 10:20 10:22 (00:01) vpnuem ppp0 189.59.173.69 Tue Jun 21 10:47 10:56 (00:09) vpnuem ppp0 191.185.162.178 Wed Jun 15 13:33 16:07 (02:33) free ftpd24260 200.185.17.252 Thu Jun 16 15:29 15:29 (00:00) free ftpd25705 200.185.17.252 Thu Jun 16 15:36 15:37 (00:00) free ftpd25713 200.185.17.252 Thu Jun 16 15:37 15:37 (00:00) free ftpd25717 200.185.17.252 Thu Jun 16 15:37 15:37 (00:00) free ftpd25756 200.185.17.252 Thu Jun 16 15:37 15:37 (00:00) free ftpd25757 200.185.17.252 Thu Jun 16 15:37 15:38 (00:00) free ftpd30100 uemmbb304.uem.co Thu Jun 16 11:14 11:14 (00:00) free ftpd30101 uemmbb304.uem.co Thu Jun 16 11:14 11:15 (00:00) root pts/0 uemti01.uem.com. Mon Jun 6 11:33 11:39 (00:06) free ftpd11357 uemti01.uem.com. Thu Jun 9 09:34 09:34 (00:00) free ftpd11358 uemti01.uem.com. Thu Jun 9 09:34 09:44 (00:10) root pts/0 uemti02.uem.com. Mon Jun 20 14:21 16:24 (02:02) uemcc ftpd29337 uemti02.uem.com. Thu Jun 16 11:00 11:00 (00:00) uemcc ftpd29345 uemti02.uem.com. Thu Jun 16 11:00 11:05 (00:04) free ftpd29631 uemti02.uem.com. Thu Jun 16 11:04 11:04 (00:00) free ftpd29632 uemti02.uem.com. Thu Jun 16 11:04 11:05 (00:01) free ftpd29681 uemti02.uem.com. Thu Jun 16 11:05 11:05 (00:00) free ftpd29682 uemti02.uem.com. Thu Jun 16 11:05 11:05 (00:00) root pts/0 uemti02.uem.com. Wed Jun 15 10:02 10:06 (00:04) wtmp begins Wed Jun 1 18:16:30 2016
[root@uemadm:]# last | sort k 3 | moreiladm pts/0 192.168.0.1 Thu Jun 9 08:40 15:50 (07:09) iladm pts/0 192.168.0.1 Tue Jun 21 13:35 still logged in iladm pts/0 192.168.0.1 Tue Jun 7 08:30 10:48 (02:18) iladm pts/0 192.168.0.1 Wed Jun 1 18:16 00:01 (05:44) iladm pts/0 192.168.0.1 Wed Jun 8 10:33 10:42 (00:09) andreia ftpd30211 ::ffff:187.109.1 Thu Jun 9 12:28 12:39 (00:11)
andreia ftpd14622 ::ffff:187.109.1 Tue Jun 7 13:11 13:22 (00:10) andreia ftpd29301 ::ffff:187.109.1 Wed Jun 1 13:03 13:45 (00:42) andreia ftpd16221 ::ffff:187.109.1 Wed Jun 1 15:00 15:10 (00:10) andreia ftpd15667 ::ffff:187.109.1 Wed Jun 1 18:12 18:33 (00:21) luis ftpd22535 ::ffff:201.46.14 Fri Jun 10 15:28 15:40 (00:12) luis ftpd10451 ::ffff:201.46.14 Thu Jun 16 10:53 11:03 (00:10) luis ftpd31422 ::ffff:201.46.14 Thu Jun 16 12:55 13:00 (00:04) luis ftpd12206 ::ffff:201.46.14 Thu Jun 16 14:12 14:23 (00:10) luis ftpd23127 ::ffff:201.46.14 Thu Jun 9 00:39 00:50 (00:11) luis ftpd11633 ::ffff:201.46.14 Thu Jun 9 07:27 07:37 (00:10) luis ftpd13505 ::ffff:201.46.14 Thu Jun 9 07:39 07:50 (00:11) luis ftpd24642 ::ffff:201.46.14 Thu Jun 9 08:44 08:54 (00:10) luis ftpd26488 ::ffff:201.46.14 Thu Jun 9 08:55 09:05 (00:10) luis ftpd31657 ::ffff:201.46.14 Thu Jun 9 09:25 09:48 (00:22) luis ftpd3227 ::ffff:201.46.14 Thu Jun 9 09:49 09:59 (00:10) luis ftpd18835 ::ffff:201.46.14 Thu Jun 9 11:22 11:54 (00:32) luis ftpd25461 ::ffff:201.46.14 Thu Jun 9 11:59 12:04 (00:04) luis ftpd26302 ::ffff:201.46.14 Thu Jun 9 12:04 12:15 (00:10) luis ftpd30434 ::ffff:201.46.14 Thu Jun 9 15:41 15:55 (00:13) luis ftpd489 ::ffff:201.46.14 Thu Jun 9 15:56 16:07 (00:10) luis ftpd5017 ::ffff:201.46.14 Tue Jun 14 16:07 16:17 (00:10) luis ftpd2989 ::ffff:201.46.14 Wed Jun 1 10:26 10:36 (00:10) luis ftpd14228 ::ffff:201.46.14 Wed Jun 1 14:48 14:58 (00:10) luis ftpd18092 ::ffff:201.46.14 Wed Jun 1 15:11 15:28 (00:17) luis ftpd22883 ::ffff:201.46.14 Wed Jun 1 15:40 16:01 (00:20) luis ftpd3474 ::ffff:201.46.14 Wed Jun 1 16:57 17:11 (00:13) luis ftpd5659 ::ffff:201.46.14 Wed Jun 1 17:11 17:23 (00:12) luis ftpd11001 ::ffff:201.46.14 Wed Jun 1 17:43 17:53 (00:09) luis ftpd12586 ::ffff:201.46.14 Wed Jun 1 17:53 18:07 (00:13) luis ftpd16608 ::ffff:201.46.14 Wed Jun 1 18:18 18:28 (00:10) luis ftpd2096 ::ffff:201.46.14 Wed Jun 15 19:19 19:33 (00:14) luis ftpd4790 ::ffff:201.46.14 Wed Jun 15 19:36 19:50 (00:13) luis ftpd6653 ::ffff:201.46.14 Wed Jun 8 19:27 19:37 (00:10) luis ftpd8490 ::ffff:201.46.14 Wed Jun 8 23:04 00:24 (01:19) root tty1 Tue Jun 21 10:09 10:09 (00:00) root tty1 Tue Jun 21 10:09 still logged in root pts/0 uemmbb254.uem.co Thu Jun 2 09:35 09:35 (00:00) wtmp begins Wed Jun 1 10:26:20 2016
Espaço em disco
[root@uemgw]# df hSist. Arq. Tam Usad Disp Uso% Montado em/dev/sda3 38G 26G 11G 72% /varrun 1,5G 292K 1,5G 1% /var/runvarlock 1,5G 0 1,5G 0% /var/lockudev 1,5G 52K 1,5G 1% /devdevshm 1,5G 0 1,5G 0% /dev/shm/dev/sdb1 50G 41G 6,9G 86% /backup/dev/sda1 471M 140M 308M 32% /boot//192.168.0.106/Pessoal 30G 24G 6,4G 79% /ftp/Pessoal//192.168.0.100/CorporeRM 47G 23G 25G 48% /home/ponto//192.168.0.106/Linux_BKP 110G 87G 24G 80% /backupremoto//192.168.0.106/TGP 682G 546G 136G 81% /ftp/TGP
[root@uemadm:]# df hSist. Arq. Tam Usad Disp Uso% Montado em/dev/sda3 96G 81G 12G 88% /varrun 2,0G 4,0M 2,0G 1% /var/runvarlock 2,0G 0 2,0G 0% /var/lockudev 2,0G 52K 2,0G 1% /devdevshm 2,0G 0 2,0G 0% /dev/shm/dev/sda1 471M 150M 297M 34% /boot
//192.168.0.106/Linux_BKP 110G 87G 24G 80% /backupremoto Dmesg
Dmesg – Alertas de Console (Eventuais Erros de Disco, Rede, Hardware em geral) Sem informações relevantes
LogsVerificação superficial de logs do sistema:
( syslog(tmsys) / secure(tms) / squid(tmsq – uemgw) )
Top Memória / Processos / Carga Sem informações relevantes
Portas Tcp Udp Abertas[root@uemgw]# netstat ap | grep LISTEN | grep v STREAMtcp 0 0 localhost:60000 *:* LISTEN 8464/postgrey.pid tcp 0 0 *:10050 *:* LISTEN 10214/zabbix_agentdtcp 0 0 192.168.0.1:5666 *:* LISTEN 8858/nrpe tcp 0 0 *:rsync *:* LISTEN 9053/rsync tcp 0 0 localhost:zebra *:* LISTEN 9034/zebra tcp 0 0 localhost:mysql *:* LISTEN 8396/mysqld tcp 0 0 localhost:bgpd *:* LISTEN 9038/bgpd tcp 0 0 *:webmin *:* LISTEN 10245/perl tcp 0 0 *:81 *:* LISTEN 9261/apache2 tcp 0 0 *:bgp *:* LISTEN 9038/bgpd tcp 0 0 *:ftp *:* LISTEN 3271/proftpd: (accetcp 0 0 192.168.12.10:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.29:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.27:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.25:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.23:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.21:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.19:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.17:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.15:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.13:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.11:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.9:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.7:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.3:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.5:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.1:domain *:* LISTEN 7939/named tcp 0 0 201048214114.:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.14:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.29:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.28:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.12:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.50:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.11:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.10:domain *:* LISTEN 7939/named tcp 0 0 n009.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 n008.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 n007.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 n006.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 rev2.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 n002.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 rev1.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 uemnotes.uem.com:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.28:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.29:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.12:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.50:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.11:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.10:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.9:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.8:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.7:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.6:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.4:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.3:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.2:domain *:* LISTEN 7939/named
tcp 0 0 n001.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.5:domain *:* LISTEN 7939/named tcp 0 0 192.168.2.1:domain *:* LISTEN 7939/named tcp 0 0 192.168.0.2:domain *:* LISTEN 7939/named tcp 0 0 192.168.0.1:domain *:* LISTEN 7939/named tcp 0 0 localhost:domain *:* LISTEN 7939/named tcp 0 0 *:ssh *:* LISTEN 8264/sshd tcp 0 0 *:3128 *:* LISTEN 8413/(squid) tcp 0 0 *:smtp *:* LISTEN 9013/master tcp 0 0 localhost:953 *:* LISTEN 7939/named tcp 0 0 *:1723 *:* LISTEN 9020/pptpd tcp6 0 0 [::]:rsync [::]:* LISTEN 9053/rsync tcp6 0 0 [::]:bgp [::]:* LISTEN 9038/bgpd tcp6 0 0 [::]:domain [::]:* LISTEN 7939/named tcp6 0 0 [::]:ssh [::]:* LISTEN 8264/sshd tcp6 0 0 ip6localhost:953 [::]:* LISTEN 7939/named Obs: Comando mostra na quarta coluna, preferencialmente, o nome do serviço após o caracter “:”.
root@uemgw:~# netstat nap | grep LISTEN | grep v STREAMtcp 0 0 127.0.0.1:60000 0.0.0.0:* LISTEN 8464/postgrey.pid tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 10214/zabbix_agentdtcp 0 0 192.168.0.1:5666 0.0.0.0:* LISTEN 8858/nrpe tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 9053/rsync tcp 0 0 127.0.0.1:2601 0.0.0.0:* LISTEN 9034/zebra tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 8396/mysqld tcp 0 0 127.0.0.1:2605 0.0.0.0:* LISTEN 9038/bgpd tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 10245/perl tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 9261/apache2 tcp 0 0 0.0.0.0:179 0.0.0.0:* LISTEN 9038/bgpd tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 3271/proftpd: (accetcp 0 0 192.168.12.10:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.29:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.27:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.25:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.23:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.21:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.19:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.17:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.15:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.13:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.11:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.9:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.7:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.3:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.5:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 201.48.214.114:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.14:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.29:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.28:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.12:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.50:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.11:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.10:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.9:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.8:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.7:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.6:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.4:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.3:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.2:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.5:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.28:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.29:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.12:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.50:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.11:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.10:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.9:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.8:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.7:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.6:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.4:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.3:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.2:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.5:53 0.0.0.0:* LISTEN 7939/named
tcp 0 0 192.168.2.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 192.168.0.2:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 192.168.0.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 8264/sshd tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 8413/(squid) tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 9013/master tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 7939/named tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 9020/pptpd tcp6 0 0 :::873 :::* LISTEN 9053/rsync tcp6 0 0 :::179 :::* LISTEN 9038/bgpd tcp6 0 0 :::53 :::* LISTEN 7939/named tcp6 0 0 :::22 :::* LISTEN 8264/sshd tcp6 0 0 ::1:953 :::* LISTEN 7939/namedObs: Comando mostra na quarta coluna a porta do serviço após o caracter “:”.
[root@uemadm]# netstat ap | grep LISTEN | grep v STREAMtcp 0 0 *:10050 *:* LISTEN 7872/zabbix_agentdtcp 0 0 uemadm:5666 *:* LISTEN 5559/nrpe tcp 0 0 *:10051 *:* LISTEN 23793/zabbix_servertcp 0 0 *:rsync *:* LISTEN 5636/rsync tcp 0 0 *:gds_db *:* LISTEN 20823/fbserver tcp 0 0 localhost:mysql *:* LISTEN 5375/mysqld tcp 0 0 *:netbiosssn *:* LISTEN 5655/smbd tcp 0 0 *:webmin *:* LISTEN 20398/perl tcp 0 0 portal.uem.com.br:www *:* LISTEN 8588/apache2 tcp 0 0 *:82 *:* LISTEN 8588/apache2 tcp 0 0 *:ssh *:* LISTEN 32432/sshd tcp 0 0 localhost:postgresql *:* LISTEN 5524/postgres tcp 0 0 *:smtp *:* LISTEN 30827/master tcp 0 0 *:microsoftds *:* LISTEN 5655/smbd tcp6 0 0 [::]:rsync [::]:* LISTEN 5636/rsync tcp6 0 0 [::]:ftp [::]:* LISTEN 453/proftpd: (acceptcp6 0 0 [::]:ssh [::]:* LISTEN 32432/sshd Obs: Comando mostra na quarta coluna, preferencialmente, o nome do serviço após o caracter “:”.
root@uemadm:~# netstat nap | grep LISTEN | grep v STREAM tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 7872/zabbix_agentdtcp 0 0 192.168.0.109:5666 0.0.0.0:* LISTEN 5559/nrpe tcp 0 0 0.0.0.0:10051 0.0.0.0:* LISTEN 23793/zabbix_servertcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 5636/rsync tcp 0 0 0.0.0.0:3050 0.0.0.0:* LISTEN 20823/fbserver tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 5375/mysqld tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 5655/smbd tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 20398/perl tcp 0 0 192.168.0.124:80 0.0.0.0:* LISTEN 8588/apache2 tcp 0 0 0.0.0.0:82 0.0.0.0:* LISTEN 8588/apache2 tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 32432/sshd tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 5524/postgres tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 492/smtpd tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 5655/smbd tcp6 0 0 :::873 :::* LISTEN 5636/rsync tcp6 0 0 :::21 :::* LISTEN 453/proftpd: (acceptcp6 0 0 :::22 :::* LISTEN 32432/sshd Obs: Comando mostra na quarta coluna a porta do serviço após o caracter “:”.
Squid Reports Semanal – 12/06/2016 a 18/06/2016
Squid Reports – TopSites
Squid Reports – TopUsers
Squid Reports – Tentativas de acesso a Sites Indevidos
LOCAL ACESSADO IP
Obs: Não foi acrescentada nenhuma expressão ao arquivo /etc/squid/site_proibido.txt a fim de impedir o acesso desites relacionados.
OFFICE 365
Emails – Relatório novo
Caixa de correio ativas e inativas
Número de caixas de correio ativas e inativas ao longo do tempo. Uma caixa decorreio é considerada inativa se um usuário não fizer logon por mais de 30 dias.
Inativo há 30 60 dias
“Não há dados para este relatório.”
Inativo há 61 90 dias
“Não há dados para este relatório.”
Inativo há mais de 90 dias
“Não há dados para este relatório.”
Uso da caixa de correio
Mostra o número total de caixas de correio, caixas de correio que excederam suascotas de armazenamento e caixas de correio que estão usando menos de 25% de seulimite de armazenamento.
Sistema operacional usado
Mostra o número de sistemas operacionais diferentes nos quais seus usuáriosentraram com suas contas do Office 365 nos últimos 30 dias.
Licenciamento vs Uso Ativo
Visualize o uso ativo (nos últimos 30 dias) de seus serviços do O365 emcomparação com os serviços realmente licenciados para o seu uso. Use esses dadospara verificar se você está obtendo o máximo do seu investimento em nuvem.
Proteção (dados dos últimos 14 dias)
Principais destinatários de email
Principais remetentes de email
Principais destinatários de spams
Principais destinatários de Malware
Detecções de Spam
Principal malware de email
Emails recebidos e enviados
Detecções de malware
Anti virus – Bitdefender
ZABBIX
Triggers mais ativas da semana – TOP 10Hosts que mais geraram alerta no Zabbixx
Fonte:http://192.168.0.109:82/zabbix/report5.php?sid=87d41391d956aaea&form_refresh=1&period=week
Gráficos
Período de 07/06/2016 a 21/06/2016
SERVIDORES LINUX
UEM_ADM CPU Utilization
UEM_ADM Memory Usage
UEM_ADM Disk Space Usage
UEM_GW CPU Utilization
UEM_GW Memory Usage
UEM_GW Disk Space Usage
SERVIDORES WINDOWS
UEMFS – CPU LOAD
UEMFS – Disk Usage
UEMICA – CPU Load
UEMICA – Disk space usage
UEMRMSA – CPU Load
UEMRMSA – Disk Space Usage
Relatório de Disponibilidade (SLA) – 07/06/2016 a 21/06/2016
Será exibida a observação e detalhes do problema quando estes atingirem 2%
UEMICA – okUEMRMAP – okUEMRMSA – okUEMFS – okUEMMINE – ok
Fonte: http:// 192.168.0.109 :82/zabbix/report2.php
Nagios
Disponibilidade – últimos 7 dias
Host Service % Time OK% Time Warning
% Time Unknown
% Time Critical
% Time Undetermined
nagios_remoto Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem-adm Local_Carga100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_Root100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Processos100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Users100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Http:82100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem-gw Local_Carga100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_Root100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_backup100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_bkpremoto
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_ftp_pessoal
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_home_ponto
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Processos100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Users100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Dns100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ftp100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Http:81100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Squid:3128100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Local_Disk_home_ponto
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemantispam-linux Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemap-aplicacao Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemdev Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SAP100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemfs-fileserver Rede_NetBios100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_NetBios
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemica-metaframe Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Metaframe100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_TS100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Metaframe
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_TS100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemmine-database Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Sql100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Sql100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemprd Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SAP100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_SAP100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemrmsa-database Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemvm-vmware4 Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
vpn-server-mk-lan Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
vpn-server-mk-wan Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Average100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%