Author:pako
Email>alk:zealzpc@gmail.com
对于服务器的监控来说,监控linux不管是自己动手写脚本还是用一些开源的工具比如nagios,zenoss什么的。但毕竟还是有些公司有windows做服务器的,相对linux来说,windows没有方便的shell,cmd下提供的命令对于监控来说远远没有linux方便。但是现在windows上如果安装了powershell(win7,2008自带),就比以前方便多了,linux上的命令基本都能在powershell里执行,比如查看进程还是ps.
自己封装了一个python通过ssh(通过pexpect模块)调用powershell的脚本,里面包快ps,netstat,ping检测,查看硬盘,cpu信息和负载,内存信息。通过创建ssh_win32类对象,然后调用它的方法,返回的都是解析好的python对象。
ssh_powershell.py
#! /usr/bin/env python
# -*- coding: utf-8 -*-
#Author:pako
#Email:zealzpc@gmail.com
import re
from pexpect import *
class ssh_win32:
def __init__(self, user, host, password=None,systemroot='c',papath='',timeout=5,verbose=0):
self.user = user#监控机器的username
self.host = host#监控机器的ip
self.verbose = verbose
self.password = password#密码
self.timeout=timeout#执行命令的timeout
self.systemroot=systemroot#windows 所安装的盘符
if not papath:#powershell.exe的路径
self.powershell_path=self.systemroot+':/WINDOWS/system32/WindowsPowerShell/v1.0/powershell.exe '
self.key = [
'authenticity',
'assword:',
'@@@@@@@@@@@@',
'Command not found.',
EOF,
]
self.f = open('ssh.out','w')
def ssh(self,command):
cmd='ssh -l %s %s %s'%(self.user,self.host,command)
print "cmd:",cmd
con=spawn(cmd,timeout=self.timeout)
seen=con.expect(self.key)
if seen == 0:
con.sendline('yes')
seen = con.expect(self.key)
if seen == 1:
# if not self.password:
# self.password = getpass.getpass('Remote password: ')
con.sendline(self.password)
try:
res=con.read()
except Exception ,e:
res=con.before
# print "res:",res
return res
def ssh_disk(self):
cmd=self.powershell_path+"Get-WmiObject win32_logicaldisk"
res=self.ssh(cmd)
disk={}
if res:
res=res.split('No such file or directory')[-1].replace('\r','').split('\n')
res=[c for c in res if c]
# print 'res:',res
predisk='C'
for d in res:
# print d
key,value=d.split(':',1)
# print d
# print 'key:',key,'value:',value
key=key.strip()
value=value.strip()
if key=='DeviceID' and value not in disk.keys():
predisk=value
disk[predisk]={}
disk[predisk][key]=value
else:
if key in ['FreeSpace','Size']:
if value:
value=int(value)/1024/1024/1024
disk[predisk][key]=value
for d in disk.keys():
if disk[d]['DriveType']!='3':
disk.pop(d)
# print 'disk:',disk
return disk
def ssh_cpu(self):
cmd=self.powershell_path+'gwmi -computername localhost win32_Processor'
res=self.ssh(cmd)
res=res.split('No such file or directory')[-1].replace('\r','').split('\n')
res=[r for r in res if r]
# print res
cpu={}
for i in res:
# print '='*10
# print i
i=i.split(':')
# print i
if len(i)==2:
key,value=i
else:
continue
key=key.strip()
value=value.strip()
# print 'key:',key
# print 'value:',value
cpu[key]=value
return cpu
def ssh_memory(self):
totalmem=self.powershell_path+'Get-WmiObject win32_OperatingSystem TotalVisibleMemorySize'
freemem=self.powershell_path+'Get-WmiObject win32_OperatingSystem FreePhysicalMemory'
memory={}
for cmd in [totalmem,freemem]:
res=self.ssh(cmd)
if 'Win32_OperatingSystem' in res:
res=res=res.replace('\r','').split('\n')
res=[m for m in res if m][-1]
print 'res:',res
key,value=res.split(':')
key=key.strip()
value=value.strip()
memory[key]=value
else:
print "not return data"
return None
return memory
def ssh_ping(self,host):
cmd='ping -n 1 %s'%host
patt=r'.+?(\d*)% loss.*'
res=self.ssh(cmd).replace('\r','').replace('\n','')
print res
m=re.match(patt,res)
if m:
lost_percent=m.group(1)
print 'lost_percent:',lost_percent
return int(lost_percent)
else:
return None
def ssh_ps(self):
cmd=self.powershell_path+'ps'
res=self.ssh(cmd)
ps=[]
if '-- -----------' in res:
res=res.replace('\r','').split('-- -----------')[-1].split('\n')
res=[d for d in res if d.strip()]
for p in res:
process={}
row=[para for para in p.split(' ') if para.strip()]
process['handles']=row[0]
process['npm']=row[1]
process['pm']=row[2]
process['ws']=row[3]
process['vm']=row[4]
process['cpu']=row[5]
process['id']=row[6]
process['process_name']=row[-1]
ps.append(process)
# print ps
return ps
else:
return None
def ssh_netstat(self):
cmd='netstat -ao'
res=self.ssh(cmd)
netstat=[]
if 'PID' in res:
res=res.replace('\r','').split('PID')[-1].split('\n')
res=[d for d in res if d.strip()]
for p in res:
process={}
row=[para for para in p.split(' ') if para.strip()]
process['proto']=row[0]
process['local_address']=row[1]
process['foreign_address']=row[2]
process['state']=row[3]
process['pid']=row[-1]
netstat.append(process)
# print netstat
return netstat
else:
return None
if __name__ == "__main__":
cmd="c:/WINDOWS/system32/WindowsPowerShell/v1.0/powershell.exe ps"
user='admin'
host='192.168.123.105'
password='123456'
ssh=ssh_win32(user,host,password,systemroot='c',timeout=5)
# print ssh.ssh_cpu()
# print "\n\n\n\n"
# print ssh.ssh_disk()
# print "\n\n\n\n"
# print ssh.ssh_memory()
# print ssh.ssh_ping(host)
# print ssh.ssh_ps()
# print ssh.ssh_netstat()
Author:pako
Email>alk:zealzpc@gmail.com
分享到:
相关推荐
主要介绍了python通过ssh-powershell监控windows的方法,涉及Python操作ssh-powershell的相关技巧,需要的朋友可以参考下
节点-PowerShell Node-PowerShell利用当今技术世界中存在的两个最简单,有效和简便的工具。 一方面, 在javascript领域掀起了一场革命,另一方面, 最近推出了最初的开源,跨平台版本,并将它们连接在一起,使您能够...
PowerShell封装了Python for .NET实现从PowerShell调用Python
如果要在命令提示符( cmd )或PowerShell中将ssh与SSH密钥(或通过SSH密钥进行身份验证的git )一起使用,则必须在终端上使用启动脚本,或者在每个实例上手动设置ssh-agent变量。 该程序只是使ssh-agent普遍适用于...
WindowsServer2003-KB926140-v5-x86-CHS-powershell
XenServer-7.1.2-API,支持Java、NET、PowerShell、Python,包含demo
PowerShell 混淆器
us-17-Dods-Infecting-The-Enterprise-Abusing-Office365-Powershell-For-Covert-C2
us-17-Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And Evasion-Using-Science-wp
Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And Evasion-Using-Science-wp
The Command Line Crash Course--- PowerShell速成教程,国外网站上收集整理,方便阅读
藏经阁-Infecting-The-Enterprise-Abusing-Office365-Powershell-For-Covert-C2
Dods-Infecting-The-Enterprise-Abusing-Office365-Powershell-For-Covert-C2
Tableau-Powershell-Scripts-master.rar
WindowsXP-KB968930-x86-CHS(Windows PowerShell 2.0).rar
适用于Windows Powershell的VirtualEnvWrapper 这是功能强大的的模仿,但适用于Windows Powershell。 安装 只需使用Install.ps1脚本: .\Install.ps1 地点 虚拟环境安装目录设置在用户主目录$HOME\.virtualenvs 。 ...
WindowsServer 2003 x86 PowerShell 1.0 WindowsServer 2003 x64 PowerShell 1.0 WindowsServer2003-KB926139-v2-x86-ENU WindowsServer2003.WindowsXP-KB926139-v2-x64-ENU
Windows PowerShell 是一种命令行外壳程序和脚本环境,使命令行用户和脚本编写者可以利用 .NET Framework的强大功能。它引入了许多非常有用的新概念,从而进一步扩展了您在 Windows 命令提示符和 Windows Script ...
通过VLC的Windows Powershell音频记录器允许根据配置记录后续的音频文件。 句法 C:\path\to\audio-record-via-vlc.ps1 [[-clips] ] [[-duration] ] [[-pauseBetween] ] [-destinationPath] <String> [[-fileName] ]...