Baixe o app para aproveitar ainda mais
Prévia do material em texto
FERRAMENTAS PARA SYSADMIN WJ SECURITY O QUE IREMOS APRENDER • Configuraçao do Servidor Linux. • Instalaçao do AJENTI. • Instalaçao do Netdata. • Instalaçao do Monitorix. • Instalaçao do Terminator. • Instalaçao do Cockpit. • Elasticsearch | kibana • Zabbix TOPOLOGIA • Servidores interligados. • Notebook SysAdmin. • Servidor de Log's. • Servidor de Monitoramento. INSTALAÇÃO DO DEBIAN SERVIDOR • Link para Download do Debian 9.5 https://cdimage.debian.org/cdimage/arc hive/9.5.0/amd64/iso-cd/debian-9.5.0- amd64-netinst.iso AJENTI • Site > http://ajenti.org/ • Ajenti basicamente seria um painel de controle, bonito, responsivo e fácil de utilização. • Fácil acesso via navegador Web. • Instalações > apt-get update apt-get install curl http://docs.ajenti.org/en/latest/man/install.html https : // raw . githubusercontent . com / ajenti / ajenti / master / scripts / install . sh | sudo bash - s - ip:8000 http://ajenti.org/ http://docs.ajenti.org/en/latest/man/install.html NETDATA • Site > https://my-netdata.io/ • Comandos para instalação: # apt install zlib1g-dev uuid-dev libmnl-dev pkg-config curl gcc make autoconf autoconf- archive autogen automake python python-yaml python-mysqldb nodejs lm-sensors python- psycopg2 netcat git –y # cd /opt/ # git clone https://github.com/firehol/netdata.git --depth=1 ./netdata # cd /opt/netdata # ./netdata-installer.sh #ip:19999 https://my-netdata.io/ https://www.youtube.com/redirect?q=https%3A%2F%2Fgithub.com%2Ffirehol%2Fnetdata.git&redir_token=oKdSF6LnqIojX-ehGTHhI0O5SxF8MTU1NjU3NTIzNUAxNTU2NDg4ODM1&stzid=Ugw_9R4cxTVY9SaExn14AaABAg&event=comments https://www.youtube.com/redirect?q=http%3A%2F%2Fnetdata-installer.sh%2F&redir_token=oKdSF6LnqIojX-ehGTHhI0O5SxF8MTU1NjU3NTIzNUAxNTU2NDg4ODM1&stzid=Ugw_9R4cxTVY9SaExn14AaABAg&event=comments MONITORIX • Site > https://www.monitorix.org • Instalação: # apt-get update # apt-get install gdebi # wget https://www.monitorix.org/monitorix_3.11.0- izzy1_all.deb # gdebi monitorix_3.9.0-izzy1_all.deb # monitorix -c /etc/monitorix/monitorix.conf # ip:8080/monitorix https://www.monitorix.org/ TERMINATOR • Comandos: # apt-get update # add-apt-repositório ppa: gnome-terminator # apt-get install terminator Atalhos: . F11: Alternar tela cheia . Ctrl + Shift + O: Divide os terminais horizontalmente . Ctrl + Shift + E: Terminais divididos verticalmente . Ctrl + Shift + W: Fecha o painel atual . Ctrl + Shift + T: Abre nova aba . Shift + Ctrl + s: Ocultar / mostrar a barra de rolagem . Ctrl + Shift + f: Pesquisar por uma palavra-chave . Ctrl + Shift + w: Fecha o terminal atual . Ctrl + Shift + R: Redefinir Terminal . Ctrl + Shift + q: fecha o terminador COCKPIT • Site > https://cockpit-project.org/ • Comandos: # echo 'deb http://deb.debian.org/debian stretch-backports main' | sudo tee /etc/apt/sources.list.d/backports.li st # apt-get install cockpit # ip:9090 https://cockpit-project.org/ http://deb.debian.org/debian AIDE • Comandos: # apt-get update # apt-get install aide # /etc/aide/aide.conf > ConfFiles = p+u+g+i+n+s+b+m+a+sha1+md5 /etc/ajenti ConfFiles !/etc/aide # aide --config-check # cd /var/lib/aide # aide -c /etc/aide/aide.conf --init # aide -c /etc/aide/aide.conf --check WEBMIN • Site > http://webmin.com/ • Comandos: # wget http://prdownloads.sourcefor ge.net/webadmin/webmin_1.900_a ll.deb # apt-get –f install http://webmin.com/ http://prdownloads.sourceforge.net/webadmin/webmin_1.900_all.deb MEMÓRIA LINUX • Comandos: # watch -n 1 free –m # free –m # echo 3 > /proc/sys/vm/drop_caches # sync && sysctl vm.drop_caches=3 # /etc/crontab # 0 * * * * root sync && sysctl vm.drop_caches=3 # service cron restart ZABBIX MONITORING • Site > https://www.zabbix.com • Comandos: Instale o repositório do Zabbix # wget https://repo.zabbix.com/zabbix/4.2/debian/pool/main/z/zabbix- release/zabbix-release_4.2-1+stretch_all.deb # dpkg -i zabbix-release_4.2-1+stretch_all.deb # apt update Instalando server Zabbix, agente, frontend: # apt -y install zabbix-server-mysql zabbix-frontend-php zabbix-agent https://www.zabbix.com/ https://repo.zabbix.com/zabbix/4.2/debian/pool/main/z/zabbix-release/zabbix-release_4.2-1+stretch_all.deb ZABBIX MONITORING • Criando banco de dados: # mysql -uroot –p # mysql> create database zabbix character set utf8 collate utf8_bin; # mysql> grant all privileges on zabbix.* to zabbix@localhost identified by 'password'; # mysql> quit; • Importar esquema e dados iniciais # zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -p zabbix ZABBIX MONITORING • Configure o banco de dados para o servidor Zabbix # /etc/zabbix/zabbix_server.conf DBPassword=password • Configure o PHP para frontend do Zabbix # /etc/zabbix/apache.conf php_value date.timezone Europe/Riga • Inicie os processos do servidor e agente do Zabbix # systemctl restart zabbix-server zabbix-agent apache2 # systemctl enable zabbix-server zabbix-agent apache2 Acesse > http: // server_ip_or_name / zabbix INSTALANDO GRAFANA • Site > https://grafana.com/ • Comandos: # wget https://dl.grafana.com/oss/release/grafana_6.1.6_amd64.deb # dpkg -i grafana_6.1.6_amd64.deb • Dependências # apt-get install -y adduser libfontconfig • Configurando Inicialização # update-rc.d -f grafana-server defaults https://grafana.com/ https://dl.grafana.com/oss/release/grafana_6.1.6_amd64.deb INSTALANDO GRAFANA • Iniciando Grafana # service grafana-server start • Listando Plugins # grafana-cli plugins list-remote # grafana-cli plugins install alexanderzobnin-zabbix-app • Reiniciando Grafana # /etc/init.d/grafana-server restart • Acessando a interface web do Grafana http://IP_DO_SERVIDOR:3000/login ELASTICSEARCH | KIBANA SITE > HTTPS://WWW.ELASTIC.CO/PT/ https://www.elastic.co/pt/ ELASTICSEARCH | KIBANA • Comandos: # wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.0.0- amd64.deb # wget https://artifacts.elastic.co/downloads/kibana/kibana-7.0.0-amd64.deb # https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.0.0-amd64.deb # apt-cache search openjdk (JAVA) # apt-get install openjdk-8-jre # Instalar versão java mais atualizado https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.0.0-amd64.deb https://artifacts.elastic.co/downloads/kibana/kibana-7.0.0-amd64.deb https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.0.0-amd64.deb GO ACCESS • Site > https://goaccess.io • Comandos: # wget https://tar.goaccess.io/goaccess-1.3.tar.gz # tar -xzvf goaccess-1.3.tar.gz # cd goaccess-1.3/ # ./configure --enable-utf8 --enable-geoip=legacy # make # make install • Gerando Log HTML # goaccess /var/log/apache2/access.log --log-format=COMBINED https://goaccess.io https://tar.goaccess.io/goaccess-1.3.tar.gz AGRADECIMENTOS • Muito obrigado por ter chegado até aqui, fico muito feliz com seu progresso!!! • Desejo a todos que este curso tenha trago sabedoria e que ajuda com novas conquista!! Abraços Weverton Batista SysAdmin | DevOps
Compartilhar