標籤:資料安全 資料庫 search mysql 控制器
shell指令碼 + mysql資料庫 實現企業級會話邊界控制器檔案解析並警示
dirsx30001.sh處理檔案,產生mysql備份檔案的方式進行匯入
#/bin/bash##環境變數path=/home/sbclog/sx30001##由於抓取的記錄檔中沒有年份參數,故匯入系統年份參數,以達到資料庫時間欄位datetime##也可以抓取tar包的名字中的欄位date_year=`date|cut -c 25-`#test ! -e $path/*.tar &&echo "[ "`date`" ] no search the tar file">>$path/dir.log&&exit 0##遍曆記錄檔tar包,進行解包,儲存了檔案的全路徑,及檔案名稱for a in `ls $path/*.tar 2>>/dev/null`do ##輸出當前解包的檔案tar echo $a tar -xf $a -C $path ##解完包,將tar檔案進行轉移 mv $a $path/backup/ ##執行解析程式foundall,產生BYE.txt和INVITE.txt解析檔案 /data/sbc1/foundall $path/ ##刪除包檔案 rm -rf $path/var #echo $b ##判斷解析檔案是否為NULL FILEBYE=`sed -n ‘$=‘ $path/BYE.txt` FILEINVITE=`sed -n ‘$=‘ $path/INVITE.txt`##BYE if [ ! -n "$FILEBYE" ]; then echo "[ "`date`" ] no BYE in $a">>$path/dir.log else echo "use sbc;" > $a.BYE.sql echo "insert into sbc1bye values" >> $a.BYE.sql ################## awk ‘{print "(‘\‘$date_year/‘"$1" "$2"‘\‘‘,‘\‘‘"$3"‘\‘‘,‘\‘‘"$4"‘\‘‘,‘\‘‘"$5"‘\‘‘,‘\‘‘"$6"‘\‘‘,‘\‘‘"$7"‘\‘‘,‘\‘‘"$8"‘\‘‘,‘\‘‘"$9"‘\‘‘),"}‘ $path/BYE.txt >>$a.BYE.sql ##替換最後一行的最後一個字元為分號 sed -i ‘$s/.$/;/g‘ $a.BYE.sql #sed -i ‘s/\//-/g‘ $a.BYE.sql ##匯入資料庫 mysql -usbc_user -p123456 <$a.BYE.sql ##儲存檔案 mv $a.BYE.sql $path/BYEsql/##INVITE fi if [ ! -n "$FILEINVITE" ]; then echo "[ "`date`" ] no INVITE in $a">>$path/dir.log else echo "use sbc;" > $a.INVITE.sql echo "insert into sbc1invite values" >> $a.INVITE.sql ################## awk ‘{print "(‘\‘$date_year/‘"$1" "$2"‘\‘‘,‘\‘‘"$3"‘\‘‘,‘\‘‘"$4"‘\‘‘,‘\‘‘"$5"‘\‘‘,‘\‘‘"$6"‘\‘‘,‘\‘‘"$7"‘\‘‘,‘\‘‘"$8"‘\‘‘,‘\‘‘"$9"‘\‘‘),"}‘ $path/INVITE.txt >>$a.INVITE.sql ##替換最後一行的最後一個字元為分號 sed -i ‘$s/.$/;/g‘ $a.INVITE.sql #sed -i ‘s/\//-/g‘ $a.INVITE.sql ##匯入資料庫 mysql -usbc_user -p123456 <$a.INVITE.sql ##儲存檔案 mv $a.INVITE.sql $path/INVITEsql/ fidone
資料庫設計,把接受資訊和接通訊息分開來管理。
--sbc1bye表設計,使用了大量varchar類型存取資料,節省空間的,type使用了char型別提升檢索效率(原計劃是BYE和INVITE儲存在同一個表中)。CREATE TABLE `sbc1bye` ( `time` DATETIME DEFAULT NULL, `from` varchar(255) DEFAULT NULL, `to` varchar(255) DEFAULT NULL, `type` char(10) DEFAULT NULL, `server` varchar(255) DEFAULT NULL, `caller` varchar(255) DEFAULT NULL, `called` varchar(255) DEFAULT NULL, `callid` varchar(255) DEFAULT NULL) ENGINE=MyISAM DEFAULT CHARSET=latin1;CREATE TABLE `sbc1invite` ( `time` DATETIME DEFAULT NULL, `from` varchar(255) DEFAULT NULL, `to` varchar(255) DEFAULT NULL, `type` char(10) DEFAULT NULL, `server` varchar(255) DEFAULT NULL, `caller` varchar(255) DEFAULT NULL, `called` varchar(255) DEFAULT NULL, `callid` varchar(255) DEFAULT NULL) ENGINE=MyISAM DEFAULT CHARSET=latin1;
通過設定視圖去除重複訊息。也可以靈活的添加各種條件。
--通過視圖限制條件,更為靈活多變CREATE OR REPLACE VIEW sbc1bye_v AS select distinct `time` btime,`from` bfrom,`to` bto,`type` btype,`server` bserver,`caller` bcaller,`called` bcalled,`callid` bcallid from sbc1bye group by `callid`;--通過視圖限制條件,更為靈活多變CREATE OR REPLACE VIEW sbc1invite_v AS select distinct `time` btime,`from` bfrom,`to` bto,`type` btype,`server` bserver,`caller` bcaller,`called` bcalled,`callid` bcallid from sbc1invite group by `callid`;
進行檢查資料庫中的資料是否到達警示值。
#!/bin/bash##匯入變數,變數在多個會話中漂移root. /root/.bash_profile##通知郵箱數組a=([email protected] #實驗證明139移動郵箱,響應速度奇慢,建議使用163郵箱)##郵件內容儲存路徑mailpath=/home/sbclog/sx30001##警示值value_limit=200#mysql -usbc_user -p123456 -e "use sbc;select * from heji where heji>$value_limit;">$mailpath/mail.log ##產生NULL的郵件內容檔案>$mailpath/mail.log#echo "$SCN_time_sx30002"##產生警示的資料檔案,可以修改為select where havingmysql -usbc_user -p123456 -e "use sbc;select a.* from (select bcaller,bcalled,count(bcalled) heji from sbc1bye_v where btime>$SCN_time_sx30001 group by bcaller,bcalled) a where a.heji>$value_limit;">$mailpath/mail.log##判斷郵件內容檔案是否為NULLFILEMAIL=`sed -n ‘$=‘ $mailpath/mail.log`if [ ! -n "$FILEMAIL" ]; then #echo "no value over the limit,so no mail will be sent." ##為NULL檔案時,重設定時檔案/var/spool/cron/root為每分鐘檢查 sed -i ‘s/\*\/30 \* \* \* \* \/bin\/bash \/home\/sbclog\/mailsx30001.sh/\* \* \* \* \* \/bin\/bash \/home\/sbclog\/mailsx30001.sh/g‘ /var/spool/cron/rootelse ##將郵件內容content檔案處理成html表格檔案,適合觀察 sed ‘s/\t/\<\/th\>\<th\>/g‘ $mailpath/mail.log |sed ‘s/^/\<tr\>\<th\>/g‘|sed ‘s/$/\<\/td\>\<\/tr\>/g‘|sed ‘1s/^/<table border="1">/g‘|sed ‘$s/$/<\/table>/g‘>$mailpath/mail.html #echo ${#a[@]} ##不為NULL檔案時,設定定時檔案/var/spool/cron/root為30分鐘再次警示,直至人為處理 sed -i ‘s/\* \* \* \* \* \/bin\/bash \/home\/sbclog\/mailsx30001.sh/\*\/30 \* \* \* \* \/bin\/bash \/home\/sbclog\/mailsx30001.sh/g‘ /var/spool/cron/root ##遍曆數組發送郵件 for mail in ${a[*]} do ##html格式發送,可以設計郵件樣式 mail -s "$(echo -e "SBC1 Exception Information\nContent-Type:text/html")" $mail < $mailpath/mail.html donefi
工作人員確認資料為正常時,執行(恢復點,防止查詢資料時間範圍過大)。
#export SCN_time_sx30002="‘"`date +%F" "%T`"‘"#sed -i ‘s/export SCN_time_sx30002.*/export SCN_time_sx30002=\"\‘`date +%F" "%T`\‘\"/‘ /root/.bash_profile#sed -i ‘s/date_sub(now(),interval 1 day)/"‘"`date +%F" "%T`"‘"/‘ /root/.bash_profile##將環境變數在各個會話中傳遞sed -i "s/export SCN_time_sx30001.*/export SCN_time_sx30001=‘`date +%F" "%T`‘/" /root/.bash_profile#echo "restore success. now:"$SCN_time_sx30001#at now + 1 day -f /home/sbclog/resx30002.sh#at now + 1 min -f /home/sbclog/resx30002.sh##at一次性定時任務,檢查的為前一天的警示是否合適,故恢復點+了一個小時at now + 25 hours -f /home/sbclog/resx30001.sh
恢複時,執行的指令碼
#sed -i ‘s/nnn/ggg/g‘ /home/sbclog/122.txt#sed -i ‘s/date_sub(now(),interval 1 day)/"‘"`date +%F" "%T`"‘"/‘ /root/.bash_profile##恢復點,使檢查點恢複成一天警示sed -i ‘s/export SCN_time_sx30001.*/export SCN_time_sx30001="date_sub(now(),interval 1 day)"/‘ /root/.bash_profile
shell指令碼+mysql資料庫組合進行資料安全監控
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
