Shell命令执⾏可视化和告警⼯具
来⾃:FreeBuf.COM
作者:secist
Sampler是⼀个⽤于shell命令执⾏,可视化和告警的⼯具。其配置使⽤的是⼀个简单的YAML⽂件。
1、为什么我需要它?
你可以直接从终端对任意动态进程进⾏采样 – 观察数据库中的更改,监控MQ动态消息(in-flight messages),触发部署脚本并在完成后获取通知。
如果有⼀种⽅法可以使⽤shell命令获取指标(metric),那么可以使⽤Sampler⽴即对其进⾏可视化。
2、安装
macOS
brew cask install sampler
sudo curl -Lo /usr/local/bin/sampler github/sqshq/sampler/releases/download/v1.0.3/sampler-1.0.3-darwin-amd64
sudo chmod +x /usr/local/bin/sampler
Linux
sudo wget github/sqshq/sampler/releases/download/v1.0.3/sampler-1.0.3-linux-amd64 -O /usr/local/bin/sampler
sudo chmod +x /usr/local/bin/sampler
注意:需要为Sampler安装libasound2-dev系统库⽤以播放触发器声⾳。通常库已安装在相应位置,但
如果没有 – 你可以使⽤你习惯的包管理器进⾏安装,例如apt install libasound2-dev
Windows(实验)
建议在⾼级控制台模拟器下使⽤,如Cmder
Download .exe
3、使⽤
指定shell命令,Sampler会相应的速率执⾏这些命令。输出⽤于可视化。
使⽤Sampler基本上的三步过程:
在YAML配置⽂件中定义shell命令
运⾏sampler -l
在UI上调整组件⼤⼩和位置
市⾯早已有许多监控系统
Sampler绝不是监控系统的替代品,⽽是易于设置的开发⼯具。
如果spinning up和使⽤Grafana配置Prometheus是完全多余的任务,那么Sampler可能是正确的解决⽅案。没有服务器,没有数据库,不需要部署 – 你指定了shell命令,它就可以⼯作了。
我监控的每台服务器上都需要安装吗?
不,你可以在本地运⾏Sampler,但仍然可以从多台远程计算机上收集遥测数据。任何可视化都可能具有init命令,你可以在其中ssh到远程服务器。请参阅SSH example
4、组件
以下是每种组件类型的配置⽰例列表,其中包含与macOS兼容的采样脚本。
Runchart
runcharts:
- title: Search engine response time
rate-ms: 500        # sampling rate, default = 1000
scale: 2            # number of digits after sample decimal point, default = 1
legend:
enabled: true    # enables item labels, default = true
details: false    # enables item statistics: cur/min/max/dlt values, default = true
items:
- label: GOOGLE
sample: curl -o /dev/null -s -w '%{time_total}'  le
color: 178      # 8-bit color number, default one is chosen from a pre-defined palette
-
label: YAHOO
sample: curl -o /dev/null -s -w '%{time_total}'  search.yahoo
- label: BING
sample: curl -o /dev/null -s -w '%{time_total}'  www.bing
Sparkline
sparklines:
- title: CPU usage
rate-ms: 200
scale: 0
sample: ps -A -o %cpu | awk '{s+=$1} END {print s}'
- title: Free memory pages
rate-ms: 200
scale: 0
sample: memory_pressure | grep 'Pages free' | awk '{print $3}'
Barchart
barcharts:
- title: Local network activity
rate-ms: 500        # sampling rate, default = 1000
scale: 0            # number of digits after sample decimal point, default = 1
items:
- label: UDP bytes in
sample: nettop -J bytes_in -l 1 -m udp | awk '{sum += $4} END {print sum}'
- label: UDP bytes out
sample: nettop -J bytes_out -l 1 -m udp | awk '{sum += $4} END {print sum}'
- label: TCP bytes inshell命令属于什么语言
sample: nettop -J bytes_in -l 1 -m tcp | awk '{sum += $4} END {print sum}'
- label: TCP bytes out
sample: nettop -J bytes_out -l 1 -m tcp | awk '{sum += $4} END {print sum}' Gauge
gauges:
- title: Minute progress
rate-ms: 500        # sampling rate, default = 1000
scale: 2            # number of digits after sample decimal point, default = 1
percent-only: false # toggle display of the current value, default = false
color: 178          # 8-bit color number, default one is chosen from a pre-defined palette    cur:
sample: date +%S  # sample script for current value
max:
sample: echo 60  # sample script for max value
min:
sample: echo 0    # sample script for min value
-
title: Year progress
cur:
sample: date +%j
max:
sample: echo 365
min:
sample: echo 0
Textbox
textboxes:
- title: Local weather
rate-ms: 10000      # sampling rate, default = 1000
sample: curl wttr.in?0ATQF
border: false      # border around the item, default = true
color: 178          # 8-bit color number, default is white
- title: Docker containers stats
rate-ms: 500
sample: docker stats --no-stream --format "table {{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}\t{{.PIDs}}" Asciibox
asciiboxes:
- title: UTC time
rate-ms: 500        # sampling rate, default = 1000
font: 3d            # font type, default = 2d
border: false      # border around the item, default = true
color: 43          # 8-bit color number, default is white
sample: env TZ=UTC date +%r
5、额外功能
Triggers
触发器允许执⾏条件操作,如视觉/声⾳告警或任意shell命令。以下⽰例说明了此概念。
Clock gauge,从开始的每分钟显⽰时间进度和当前时间
gauges:
-
title: MINUTE PROGRESS
position: [[0, 18], [80, 0]]
cur:
sample: date +%S
max:
sample: echo 60
min:
sample: echo 0
triggers:
- title: CLOCK BELL EVERY MINUTE
condition: '[ $label == "cur" ] && [ $cur -eq 0 ] && echo 1 || echo 0'  # expects "1" as TRUE indicator
actions:
terminal-bell: true  # standard terminal bell, default = false
sound: true    # NASA quindar tone, default = false
visual: false  # notification with current value on top of the component area, default = false
script: say -v samantha `date +%I:%M%p`  # an arbitrary script, which can use $cur, $prev and $label variables 搜索引擎延迟图表,在延迟超过阈值时向⽤户发出告警
runcharts:
- title: SEARCH ENGINE RESPONSE TIME (sec)
rate-ms: 200
items:
- label: GOOGLE
sample: curl -o /dev/null -s -w '%{time_total}'  le
- label: YAHOO
sample: curl -o /dev/null -s -w '%{time_total}'  search.yahoo
triggers:
- title: Latency threshold exceeded
condition: echo "$prev < 0.3 && $cur > 0.3" |bc -l  # expects "1" as TRUE indicator
actions:
terminal-bell: true  # standard terminal bell, default = false
sound: true  # NASA quindar tone, default = false
visual: true  # visual notification on top of the component area, default = false
script: 'say alert: ${label} latency exceeded ${cur} second' # an arbitrary script, which can use $cur, $prev and $label variables
交互式 shell ⽀持
除了sample命令之外,还可以指定init命令(在采样前仅执⾏⼀次)和transform命令(后处理采样命令输出)。这包括交互式shell⽤例,例如仅建⽴与数据库的连接⼀次,然后在交互式shell会话中执⾏轮询。
Basic mode
textboxes:
- title: MongoDB polling
rate-ms: 500
init: mongo --quiet --host=localhost test # executes only once to start the interactive session
sample: w();                      # executes with a required rate, in scope of the interactive session
transform: echo result = $sample          # executes in scope of local session, $sample variable is available for transformation
PTY mode
在某些情况下,交互式shell将⽆法⼯作,因为它的stdin不是终端。这种情况下我们可以使⽤PTY模式:
textboxes:
- title: Neo4j polling
pty: true  # enables pseudo-terminal mode, default = false
init: cypher-shell -u neo4j -p pwd --format plain
sample: RETURN rand();
transform: echo "$sample" | tail -n 1
- title: Top on a remote server
pty: true  # enables pseudo-terminal mode, default = false
init: ssh -i ~/user.pem ec2-user@1.2.3.4
sample: top
init 命令逐步执⾏
在开始采样之前,还可以逐个执⾏多个init命令。
textboxes:
- title: Java application uptime
multistep-init:
- java -jar jmxterm-1.0.0-uber.jar
- open host:port # or local PID
- bean java.lang:type=Runtime
sample: get Uptime
变量

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。