Post on 04-Jul-2020
Relatório Semanal U&M InvestLinux – 16/03/2016
Servidores LinuxUptime / Last
Uptime (Tempo Online do Servidor) Last (Conexões remotas)
[root@uemgw]# uptime 09:51:53 up 105 days, 21:09, 2 users, load average: 0.21, 0.27, 0.35
[root@uemadm]# uptime 09:51:49 up 298 days, 15:12, 2 users, load average: 0.10, 0.08, 0.04
[root@uemgw]# last | sort k 3 | morevpnuem ppp0 167.249.85.143 Thu Mar 3 17:06 19:15 (02:09) vpnuem ppp0 167.249.85.143 Thu Mar 3 19:15 22:12 (02:56) vpnuem ppp0 167.249.85.205 Tue Mar 15 07:58 13:44 (05:46) vpnuem ppp0 167.249.85.205 Tue Mar 15 13:46 19:51 (06:05) vpnuem ppp0 167.249.86.150 Wed Mar 9 18:38 20:46 (02:08) vpnuem ppp0 167.249.86.249 Tue Mar 1 20:00 20:12 (00:11) vpnuem ppp0 167.249.86.249 Tue Mar 1 20:44 21:03 (00:18) vpnuem ppp0 167.249.86.249 Tue Mar 1 21:22 22:01 (00:39) vpnuem ppp0 167.249.86.249 Wed Mar 2 13:46 16:27 (02:40) vpnuem ppp0 167.249.86.37 Mon Mar 14 19:51 22:12 (02:21) vpnuem ppp0 179.180.199.113 Thu Mar 10 16:48 16:53 (00:05) vpnuem ppp0 179.180.199.113 Thu Mar 10 17:15 21:17 (04:01) iladm pts/0 187.109.112.9 Mon Mar 7 08:14 08:22 (00:07) iladm pts/0 187.109.112.9 Tue Mar 1 13:31 13:49 (00:17) iladm pts/1 187.109.112.9 Tue Mar 1 13:31 13:49 (00:17) iladm pts/0 187.109.112.9 Tue Mar 15 22:01 23:48 (01:47) iladm pts/0 187.109.112.9 Tue Mar 8 08:38 08:44 (00:06) iladm pts/0 187.109.112.9 Tue Mar 8 23:48 00:31 (00:43) iladm pts/0 187.109.112.9 Wed Mar 16 09:51 still logged in iladm pts/1 187.109.112.9 Wed Mar 16 09:51 still logged in vpnuem ppp0 192.168.1.18 Thu Mar 10 11:46 11:47 (00:00) vpnuem ppp0 192.168.1.48 Sat Mar 12 12:06 12:06 (00:00) vpnuem ppp0 192.168.1.48 Sat Mar 12 12:07 12:15 (00:07) vpnuem ppp1 201.46.133.103 Wed Mar 9 20:19 21:04 (00:45) wtmp begins Tue Mar 1 13:31:29 2016root pts/0 uemmbb254.uem.co Tue Mar 1 15:15 16:20 (01:05)
[root@uemadm:]# last | sort k 3 | moreluis ftpd1017 18993242105.3 Sat Mar 12 22:01 22:27 (00:26) luis ftpd6028 18993242105.3 Sat Mar 12 22:33 22:58 (00:25) luis ftpd20208 18993242105.3 Sun Mar 13 10:05 10:15 (00:10) luis ftpd2343 18993242105.3 Sun Mar 13 11:39 12:06 (00:26) luis ftpd12076 18993242105.3 Sun Mar 13 12:38 12:50 (00:12) luis ftpd14400 18993242105.3 Sun Mar 13 12:52 13:07 (00:14) luis ftpd20576 18993242105.3 Sun Mar 13 13:31 13:52 (00:20) luis ftpd24829 18993242105.3 Sun Mar 13 13:59 15:16 (01:16) luis ftpd5621 18993242105.3 Sun Mar 13 15:23 15:39 (00:15) luis ftpd10148 18993242105.3 Sun Mar 13 15:49 16:07 (00:17) luis ftpd14448 18993242105.3 Sun Mar 13 16:16 16:33 (00:17) iladm pts/0 192.168.0.1 Tue Mar 1 13:31 13:49 (00:17) iladm pts/0 192.168.0.1 Tue Mar 15 22:01 23:48 (01:47) iladm pts/0 192.168.0.1 Tue Mar 8 23:49 00:31 (00:42) iladm pts/0 192.168.0.1 Wed Mar 16 09:51 still logged in andreia ftpd6261 ::ffff:187.109.1 Fri Mar 11 09:52 10:03 (00:10) andreia ftpd7024 ::ffff:187.109.1 Fri Mar 11 13:07 13:18 (00:11) andreia ftpd18099 ::ffff:187.109.1 Fri Mar 11 14:10 14:22 (00:12) andreia ftpd13733 ::ffff:187.109.1 Mon Mar 14 15:10 15:22 (00:11) andreia ftpd16553 ::ffff:187.109.1 Mon Mar 14 15:27 15:41 (00:13) andreia ftpd20234 ::ffff:187.109.1 Mon Mar 14 15:48 16:00 (00:11)
andreia ftpd22865 ::ffff:187.109.1 Mon Mar 14 16:03 16:23 (00:19) andreia ftpd26871 ::ffff:187.109.1 Mon Mar 14 16:25 16:41 (00:15) andreia ftpd26204 ::ffff:187.109.1 Thu Mar 10 12:51 13:10 (00:18) andreia ftpd4576 ::ffff:187.109.1 Thu Mar 3 13:58 14:13 (00:15) andreia ftpd7805 ::ffff:187.109.1 Thu Mar 3 14:15 14:26 (00:10) andreia ftpd3108 ::ffff:187.109.1 Tue Mar 1 16:08 16:18 (00:10) andreia ftpd29415 ::ffff:187.109.1 Tue Mar 15 21:57 22:12 (00:15) andreia ftpd32519 ::ffff:187.109.1 Tue Mar 15 22:16 22:35 (00:19) andreia ftpd6410 ::ffff:187.109.1 Tue Mar 15 22:56 23:40 (00:43) andreia ftpd5719 ::ffff:187.109.1 Tue Mar 8 23:16 23:26 (00:10) andreia ftpd8383 ::ffff:187.109.1 Tue Mar 8 23:33 23:57 (00:23) andreia ftpd13548 ::ffff:187.109.1 Wed Mar 9 00:03 00:15 (00:12) andreia ftpd5007 ::ffff:187.109.1 Wed Mar 9 09:13 09:27 (00:14) luis ftpd18542 ::ffff:201.46.14 Mon Mar 14 06:16 06:36 (00:19) luis ftpd24068 ::ffff:201.46.14 Mon Mar 14 06:44 07:04 (00:20) luis ftpd29195 ::ffff:201.46.14 Mon Mar 14 07:15 07:52 (00:36) luis ftpd8200 ::ffff:201.46.14 Mon Mar 14 08:26 08:41 (00:14) luis ftpd14319 ::ffff:201.46.14 Mon Mar 14 09:00 09:14 (00:13) luis ftpd16885 ::ffff:201.46.14 Mon Mar 14 09:15 09:44 (00:28) luis ftpd23857 ::ffff:201.46.14 Mon Mar 14 09:57 10:15 (00:18) luis ftpd27595 ::ffff:201.46.14 Mon Mar 14 10:20 10:50 (00:30) luis ftpd1737 ::ffff:201.46.14 Mon Mar 14 10:58 11:54 (00:55) luis ftpd27866 ::ffff:201.46.14 Mon Mar 14 13:28 13:43 (00:14) luis ftpd29751 ::ffff:201.46.14 Mon Mar 14 13:39 13:40 (00:00) luis ftpd31905 ::ffff:201.46.14 Mon Mar 14 13:51 14:16 (00:25) luis ftpd12532 ::ffff:201.46.14 Mon Mar 14 15:05 15:14 (00:09) luis ftpd14671 ::ffff:201.46.14 Mon Mar 14 15:16 15:37 (00:20) luis ftpd18392 ::ffff:201.46.14 Mon Mar 14 15:38 15:50 (00:11) luis ftpd30326 ::ffff:201.46.14 Mon Mar 14 16:43 17:01 (00:17) luis ftpd12227 ::ffff:201.46.14 Sat Mar 12 06:18 06:38 (00:20) luis ftpd16794 ::ffff:201.46.14 Sat Mar 12 06:43 07:12 (00:28) luis ftpd13615 ::ffff:201.46.14 Sun Mar 13 22:58 23:23 (00:25) luis ftpd19010 ::ffff:201.46.14 Sun Mar 13 23:32 00:38 (01:05) luis ftpd15524 ::ffff:201.46.14 Tue Mar 1 07:48 07:49 (00:00) luis ftpd16774 ::ffff:201.46.14 Tue Mar 1 07:55 08:13 (00:17) luis ftpd8354 ::ffff:201.46.14 Tue Mar 1 10:19 10:26 (00:06) luis ftpd10030 ::ffff:201.46.14 Tue Mar 1 10:26 10:36 (00:10) wtmp begins Tue Mar 1 07:48:40 2016
Espaço em disco
[root@uemgw]# df hSist. Arq. Tam Usad Disp Uso% Montado em/dev/sda3 38G 23G 13G 64% /varrun 1,5G 276K 1,5G 1% /var/runvarlock 1,5G 0 1,5G 0% /var/lockudev 1,5G 52K 1,5G 1% /devdevshm 1,5G 0 1,5G 0% /dev/shm/dev/sdb1 50G 42G 5,5G 89% /backup/dev/sda1 471M 140M 308M 32% /boot//192.168.0.106/Pessoal 30G 24G 6,3G 80% /ftp/Pessoal//192.168.0.100/CorporeRM 47G 23G 25G 48% /home/ponto//192.168.0.106/Linux_BKP 110G 86G 25G 78% /backupremoto//192.168.0.106/TGP 682G 469G 214G 69% /ftp/TGP
[root@uemadm:]# df hSist. Arq. Tam Usad Disp Uso% Montado em/dev/sda3 96G 76G 16G 84% /varrun 2,0G 3,7M 2,0G 1% /var/runvarlock 2,0G 0 2,0G 0% /var/lockudev 2,0G 52K 2,0G 1% /devdevshm 2,0G 0 2,0G 0% /dev/shm/dev/sda1 471M 150M 297M 34% /boot//192.168.0.106/Linux_BKP 110G 86G 25G 78% /backupremoto
DmesgDmesg – Alertas de Console (Eventuais Erros de Disco, Rede, Hardware em geral) Sem informações relevantes
LogsVerificação superficial de logs do sistema:
( syslog(tmsys) / secure(tms) / squid(tmsq – uemgw) )
Top Memória / Processos / Carga Sem informações relevantes
Portas Tcp Udp Abertas[root@uemgw]# netstat ap | grep LISTEN | grep v STREAMtcp 0 0 localhost:60000 *:* LISTEN 8464/postgrey.pid tcp 0 0 *:10050 *:* LISTEN 10214/zabbix_agentdtcp 0 0 192.168.0.1:5666 *:* LISTEN 8858/nrpe tcp 0 0 177.38.168.10:8291 *:* LISTEN 9041/rinetd tcp 0 0 *:rsync *:* LISTEN 9053/rsync tcp 0 0 localhost:zebra *:* LISTEN 9034/zebra tcp 0 0 localhost:mysql *:* LISTEN 8396/mysqld tcp 0 0 localhost:bgpd *:* LISTEN 9038/bgpd tcp 0 0 177.38.168.10:2222 *:* LISTEN 9041/rinetd tcp 0 0 *:webmin *:* LISTEN 10245/perl tcp 0 0 177.38.168.10:www *:* LISTEN 9041/rinetd tcp 0 0 *:81 *:* LISTEN 3848/apache2 tcp 0 0 *:bgp *:* LISTEN 9038/bgpd tcp 0 0 *:ftp *:* LISTEN 10457/proftpd: (acctcp 0 0 10.0.0.29:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.27:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.25:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.23:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.21:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.19:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.17:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.15:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.13:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.11:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.9:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.7:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.3:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.5:domain *:* LISTEN 7939/named tcp 0 0 10.0.0.1:domain *:* LISTEN 7939/named tcp 0 0 201048214114.:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.14:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.29:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.28:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.12:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.50:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.11:domain *:* LISTEN 7939/named tcp 0 0 177.38.168.10:domain *:* LISTEN 7939/named tcp 0 0 n009.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 n008.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 n007.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 n006.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 rev2.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 n002.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 rev1.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 uemnotes.uem.com:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.28:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.29:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.12:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.50:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.11:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.10:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.9:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.8:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.7:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.6:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.4:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.3:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.2:domain *:* LISTEN 7939/named tcp 0 0 n001.uem.com.br:domain *:* LISTEN 7939/named tcp 0 0 200.243.57.5:domain *:* LISTEN 7939/named
tcp 0 0 192.168.2.1:domain *:* LISTEN 7939/named tcp 0 0 192.168.0.2:domain *:* LISTEN 7939/named tcp 0 0 192.168.0.1:domain *:* LISTEN 7939/named tcp 0 0 localhost:domain *:* LISTEN 7939/named tcp 0 0 *:ssh *:* LISTEN 8264/sshd tcp 0 0 *:3128 *:* LISTEN 8413/(squid) tcp 0 0 *:smtp *:* LISTEN 9013/master tcp 0 0 localhost:953 *:* LISTEN 7939/named tcp 0 0 *:1723 *:* LISTEN 9020/pptpd tcp6 0 0 [::]:rsync [::]:* LISTEN 9053/rsync tcp6 0 0 [::]:bgp [::]:* LISTEN 9038/bgpd tcp6 0 0 [::]:domain [::]:* LISTEN 7939/named tcp6 0 0 [::]:ssh [::]:* LISTEN 8264/sshd tcp6 0 0 ip6localhost:953 [::]:* LISTEN 7939/named Obs: Comando mostra na quarta coluna, preferencialmente, o nome do serviço após o caracter “:”.
root@uemgw:~# netstat nap | grep LISTEN | grep v STREAMtcp 0 0 127.0.0.1:60000 0.0.0.0:* LISTEN 8464/postgrey.pid tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 10214/zabbix_agentdtcp 0 0 192.168.0.1:5666 0.0.0.0:* LISTEN 8858/nrpe tcp 0 0 177.38.168.10:8291 0.0.0.0:* LISTEN 9041/rinetd tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 9053/rsync tcp 0 0 127.0.0.1:2601 0.0.0.0:* LISTEN 9034/zebra tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 8396/mysqld tcp 0 0 127.0.0.1:2605 0.0.0.0:* LISTEN 9038/bgpd tcp 0 0 177.38.168.10:2222 0.0.0.0:* LISTEN 9041/rinetd tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 10245/perl tcp 0 0 177.38.168.10:80 0.0.0.0:* LISTEN 9041/rinetd tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 3848/apache2 tcp 0 0 0.0.0.0:179 0.0.0.0:* LISTEN 9038/bgpd tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 10457/proftpd: (acctcp 0 0 10.0.0.29:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.27:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.25:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.23:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.21:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.19:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.17:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.15:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.13:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.11:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.9:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.7:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.3:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.5:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 10.0.0.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 201.48.214.114:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.14:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.29:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.28:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.12:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.50:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.11:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.10:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.9:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.8:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.7:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.6:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.4:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.3:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.2:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.5:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.28:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.29:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.12:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.50:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.11:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.10:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.9:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.8:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.7:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.6:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.4:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.3:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.2:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 177.38.168.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 200.243.57.5:53 0.0.0.0:* LISTEN 7939/named
tcp 0 0 192.168.2.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 192.168.0.2:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 192.168.0.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 7939/named tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 8264/sshd tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 8413/(squid) tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 9013/master tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 7939/named tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 9020/pptpd tcp6 0 0 :::873 :::* LISTEN 9053/rsync tcp6 0 0 :::179 :::* LISTEN 9038/bgpd tcp6 0 0 :::53 :::* LISTEN 7939/named tcp6 0 0 :::22 :::* LISTEN 8264/sshd tcp6 0 0 ::1:953 :::* LISTEN 7939/named Obs: Comando mostra na quarta coluna a porta do serviço após o caracter “:”.
[root@uemadm]# netstat ap | grep LISTEN | grep v STREAMtcp 0 0 *:10050 *:* LISTEN 7872/zabbix_agentdtcp 0 0 uemadm:5666 *:* LISTEN 5559/nrpe tcp 0 0 *:10051 *:* LISTEN 9370/zabbix_servertcp 0 0 *:rsync *:* LISTEN 5636/rsync tcp 0 0 *:gds_db *:* LISTEN 10208/fbserver tcp 0 0 localhost:mysql *:* LISTEN 5375/mysqld tcp 0 0 *:netbiosssn *:* LISTEN 5655/smbd tcp 0 0 portal.uem.com.br:www *:* LISTEN 8588/apache2 tcp 0 0 *:webmin *:* LISTEN 697/perl tcp 0 0 *:82 *:* LISTEN 8588/apache2 tcp 0 0 *:ssh *:* LISTEN 5277/sshd tcp 0 0 localhost:postgresql *:* LISTEN 5524/postgres tcp 0 0 *:smtp *:* LISTEN 617/master tcp 0 0 *:microsoftds *:* LISTEN 5655/smbd tcp6 0 0 [::]:rsync [::]:* LISTEN 5636/rsync tcp6 0 0 [::]:ftp [::]:* LISTEN 6304/proftpd: (accetcp6 0 0 [::]:ssh [::]:* LISTEN 5277/sshd Obs: Comando mostra na quarta coluna, preferencialmente, o nome do serviço após o caracter “:”.
root@uemadm:~# netstat nap | grep LISTEN | grep v STREAM tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 7872/zabbix_agentdtcp 0 0 192.168.0.109:5666 0.0.0.0:* LISTEN 5559/nrpe tcp 0 0 0.0.0.0:10051 0.0.0.0:* LISTEN 9370/zabbix_servertcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 5636/rsync tcp 0 0 0.0.0.0:3050 0.0.0.0:* LISTEN 10208/fbserver tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 5375/mysqld tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 5655/smbd tcp 0 0 192.168.0.124:80 0.0.0.0:* LISTEN 8588/apache2 tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 697/perl tcp 0 0 0.0.0.0:82 0.0.0.0:* LISTEN 8588/apache2 tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 5277/sshd tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 5524/postgres tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 617/master tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 5655/smbd tcp6 0 0 :::873 :::* LISTEN 5636/rsync tcp6 0 0 :::21 :::* LISTEN 6304/proftpd: (accetcp6 0 0 :::22 :::* LISTEN 5277/sshd Obs: Comando mostra na quarta coluna a porta do serviço após o caracter “:”.
Squid Reports Semanal – 06/03/2016 a 13/03/2016
Squid Reports – TopSites
Squid Reports – TopUsers
Squid Reports – Tentativas de acesso a Sites Indevidos
LOCAL ACESSADO IPwww.acasadasbrasileirinhas.com.br 192.168.14.135 192.168.14.70www.brasileirasgostosas.com 192.168.14.101www.novinhaexcitada.com 192.168.14.135www.novinhasporn.com 192.168.14.135www.pornocarioca.com 192.168.14.135www.pornocoruja.com 192.168.14.135www.pornodoido.com 192.168.14.191www.pornosafadas.net 192.168.14.135www.sexoamendoim.org 192.168.14.135www.sexoebundas.net 192.168.14.135www.videoputaria.com 192.168.14.135www.videosdesexohd.net 192.168.14.135www.videospornodetv.com 192.168.14.70www.videospornop.com 192.168.14.135www.videospornoreal.com 192.168.14.101
Obs: Não foi acrescentada nenhuma expressão ao arquivo /etc/squid/site_proibido.txt a fim de impedir o acesso desites relacionados.
OFFICE 365
Caixa de correio ativas e inativas
Número de caixas de correio ativas e inativas ao longo do tempo. Uma caixa decorreio é considerada inativa se um usuário não fizer logon por mais de 30 dias.
Inativo há 30 60 diasNão há dados para este relatório.
Inativo há 61 90 diasNão há dados para este relatório.
Inativo há mais de 90 diasNão há dados para este relatório.
Uso da caixa de correio
Mostra o número total de caixas de correio, caixas de correio que excederam suascotas de armazenamento e caixas de correio que estão usando menos de 25% de seulimite de armazenamento.
Sistema operacional usado
Mostra o número de sistemas operacionais diferentes nos quais seus usuáriosentraram com suas contas do Office 365 nos últimos 30 dias.
Licenciamento vs Uso Ativo
Visualize o uso ativo (nos últimos 30 dias) de seus serviços do O365 emcomparação com os serviços realmente licenciados para o seu uso. Use esses dadospara verificar se você está obtendo o máximo do seu investimento em nuvem.
Proteção (dados dos últimos 14 dias)
Principais destinatários de email
Principais remetentes de email
Principais destinatários de spams
Principais destinatários de Malware
Detecções de Spam
Principal malware de email
Emails recebidos e enviados
Detecções de malware
Anti virus – Bitdefender
ZABBIX
Triggers mais ativas da semana – TOP 10Hosts que mais geraram alerta no Zabbixx
Fonte:http://192.168.0.109:82/zabbix/report5.php?sid=87d41391d956aaea&form_refresh=1&period=week
Gráficos
Período de 02/03/2016 a 16/03/2016
SERVIDORES LINUX
UEM_ADM CPU Utilization
UEM_ADM Memory Usage
UEM_ADM Disk Space Usage
UEM_GW CPU Utilization
UEM_GW Memory Usage
UEM_GW Disk Space Usage
SERVIDORES WINDOWS
UEMFS – CPU LOAD
UEMFS – Disk Usage
UEMICA – CPU Load
UEMICA – Disk space usage
UEMRMSA – CPU Load
UEMRMSA – Disk Space Usage
Relatório de Disponibilidade (SLA) – 01/03/2016 a 16/03/2016
Será exibida a observação e detalhes do problema quando estes atingirem 2%
UEMICA – okUEMRMAP – okUEMRMSA – okUEMFS – okUEMMINE – ok
Fonte: http:// 192.168.0.109 :82/zabbix/report2.php
Nagios
Disponibilidade – últimos 7 dias
Host Service % Time OK% Time Warning
% Time Unknown
% Time Critical
% Time Undetermined
nagios_remoto Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem-adm Local_Carga100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_Root100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Processos99.950% (99.950%)
0.050% (0.050%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Users100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Http:82100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem-gw Local_Carga100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_Root100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_backup100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_bkpremoto
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_ftp_pessoal
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_home_ponto
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Processos100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Users100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Dns100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ftp100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Http:81100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Squid:3128100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Local_Disk_home_ponto
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemantispam-linux Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemap-aplicacao Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemdev Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SAP100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemfs-fileserver Rede_NetBios100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_NetBios
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemica-metaframe Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Metaframe100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_TS100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Metaframe
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_TS100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemmine-database Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Sql100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Sql100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemprd Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SAP100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_SAP100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemrmsa-database Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemvm-vmware4 Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
vpn-server-mk-lan Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
vpn-server-mk-wan Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Average99.999% (99.999%)
0.001% (0.001%)
0.000% (0.000%)
0.000% (0.000%)
0.000%