采用ansible收集多个centos6主机的一个特定日志文件vsftpd.log的后3000行

jcsx2025-12-13 14:36

1、概述

因维护需要、要到多个centos6主机去检查某个特定日志文件vsftpd.log的后3000行,用于分析ftp服务器的可维护时间窗口。一台一台登录去处理太慢,为提高效率,采用ansible批量处理。

具体使用方法见后续章节。

2、基础环境

bash 复制代码 
# lsb_release -a
LSB Version:    :core-4.1-amd64:core-4.1-noarch
Distributor ID: CentOS
Description:    CentOS Linux release 7.6.1810 (Core) 
Release:        7.6.1810
Codename:       Core

3、ansible版本

因要采集的是一批centos6主机的日志文件,故ansible版本不宜过高,采用一台centos7.6默认安装的ansible。

bash 复制代码 
# ansible --version
ansible 2.9.27
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Nov 14 2023, 16:14:06) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]

4、配置ansible信任

ssh-keygen -t rsa -b 2048

ssh-copy-id root@10.128.1.1

ssh-copy-id root@10.128.1.2

ssh-copy-id root@10.128.1.3

ssh-copy-id root@10.128.1.4

ssh-copy-id root@10.128.1.5

5、ansible要用到的主机组

bash 复制代码 
# cat hosts.ini
[vsftpdHosts]
10.128.1.1
10.128.1.2
10.128.1.3
10.128.1.4
10.128.1.5

6、要用到的yml

功能主要是从远程主机取得/data/log_vsftpd/vsftpd.log的后3000行,并取回本调度机,放在logs目录下,用{remote_IP}_vsftpd.log为区别。

bash 复制代码 
vi fetch_vsftpd_logs.yml.run

---
- name: Collect vsftpd logs from all hosts
  hosts: vsftpdHosts
  become: yes
  tasks:
    - name: Check if log file exists
      stat:
        path: /data/log_vsftpd/vsftpd.log
      register: log_file_check

    - name: Get last 3000 lines of vsftpd log
      shell: tail -n 3000 /data/log_vsftpd/vsftpd.log
      register: log_content
      when: log_file_check.stat.exists
      ignore_errors: yes

    - name: Verify log content length
      debug:
        msg: "Log content has {{ log_content.stdout | length }} characters"
      when: log_content.stdout is defined

    # ---------- 本地目录 & 文件 ----------
    - name: Create local logs directory if not exists
      ansible.builtin.file:
        path: ./logs
        state: directory
        mode: '0755'
      delegate_to: localhost
            delegate_to: localhost

    - name: Write log content to local file
      ansible.builtin.copy:
        content: "{{ log_content.stdout }}"
        dest: "./logs/{{ inventory_hostname }}_vsftpd.log"
        mode: '0644'
      delegate_to: localhost
      when: log_content.stdout is defined and log_content.stdout | length > 0

    - name: Check local log file existence
      stat:
        path: "./logs/{{ inventory_hostname }}_vsftpd.log"
      register: local_file_check
      delegate_to: localhost

    - name: Display file status
      debug:
        msg: "File exists: {{ local_file_check.stat.exists }}, Size: {{ local_file_check.stat.size }} bytes"
      when: local_file_check is defined

7、执行:ansible-playbook -i hosts.ini fetch_vsftpd_logs.yml.run -u root

执行日志如下:

bash 复制代码 
PLAY [Collect vsftpd logs from all hosts] ************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************
ok: [10.128.1.1]
ok: [10.128.1.2]
ok: [10.128.1.3]
ok: [10.128.1.4]
ok: [10.128.1.5]
fatal: [10.128.1.6]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}


TASK [Check if log file exists] **********************************************************************************************************
ok: [10.128.1.1]
ok: [10.128.1.2]
ok: [10.128.1.3]
ok: [10.128.1.4]
ok: [10.128.1.5]

TASK [Get last 3000 lines of vsftpd log] *************************************************************************************************
changed: [10.128.1.1]
changed: [10.128.1.2]
changed: [10.128.1.3]
changed: [10.128.1.4]
changed: [10.128.1.5]

TASK [Verify log content length] *********************************************************************************************************
ok: [10.128.1.1] => {
    "msg": "Log content has 323400 characters"
}
ok: [10.128.1.2] => {
    "msg": "Log content has 290198 characters"
}
ok: [10.128.1.3] => {
    "msg": "Log content has 303307 characters"
}
ok: [10.128.1.4] => {
    "msg": "Log content has 334068 characters"
}
ok: [10.128.1.5] => {
    "msg": "Log content has 383272 characters"
}

TASK [Create local logs directory if not exists] *****************************************************************************************
changed: [10.128.1.1 -> localhost]
ok: [10.128.1.2 -> localhost]
ok: [10.128.1.3 -> localhost]
ok: [10.128.1.4 -> localhost]
ok: [10.128.1.5 -> localhost]

TASK [Write log content to local file] ***************************************************************************************************
changed: [10.128.1.1 -> localhost]
changed: [10.128.1.2 -> localhost]
changed: [10.128.1.3 -> localhost]
changed: [10.128.1.4 -> localhost]
changed: [10.128.1.5 -> localhost]

TASK [Check local log file existence] ****************************************************************************************************
ok: [10.128.1.1 -> localhost]
ok: [10.128.1.2 -> localhost]
ok: [10.128.1.3 -> localhost]
ok: [10.128.1.4 -> localhost]
ok: [10.128.1.5 -> localhost]

TASK [Display file status] ***************************************************************************************************************

ok: [10.128.1.1] => {
    "msg": "File exists: True, Size: 152225 bytes"
}
ok: [10.128.1.2] => {
    "msg": "File exists: True, Size: 362393 bytes"
}
ok: [10.128.1.3] => {
    "msg": "File exists: True, Size: 372055 bytes"
}
ok: [10.128.1.4] => {
    "msg": "File exists: True, Size: 457034 bytes"
}
ok: [10.128.1.5] => {
    "msg": "File exists: True, Size: 338930 bytes"
}

PLAY RECAP *******************************************************************************************************************************
10.128.1.1              : ok=8    changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
10.128.1.2              : ok=8    changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
10.128.1.3              : ok=8    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
10.128.1.4              : ok=8    changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
10.128.1.5               : ok=8    changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

8、执行结果:取得日志文件情况

会将vsftpdHosts组下的主机的/data/log_vsftpd/vsftpd.log的后3000行,采集到本机的当前logs目录下,

bash 复制代码 
-rw-r--r-- 1 root root 323400 12月 11 13:56 10.128.1.1_vsftpd.log
-rw-r--r-- 1 root root 290198 12月 11 13:56 10.128.1.2_vsftpd.log
-rw-r--r-- 1 root root 303307 12月 11 13:56 10.128.1.3_vsftpd.log
-rw-r--r-- 1 root root 334068 12月 11 13:56 10.128.1.4_vsftpd.log
-rw-r--r-- 1 root root 383272 12月 11 13:56 10.128.1.5_vsftpd.log
相关推荐
广目软件1 天前
GM DC Monitor一体化监控预警平台部署手册2025-12-10
运维·自动化·ansible·zabbix·运维开发·prometheus
tianyuanwo2 天前
Ansible构建节点管理:Koji与Mock构建节点的自动化运维实践
运维·自动化·ansible
星融元asterfusion4 天前
容器化NPB + Ansible:自动化运维方案
运维·自动化·ansible
乾元5 天前
SDN 与 AI 协同:控制面策略自动化与策略一致性校验
运维·网络·人工智能·网络协议·华为·系统架构·ansible
车传新6 天前
Ansible
ansible
ylmzfun7 天前
基于Ansible的自动化运维实战:从入门到企业级应用
运维·架构·ansible
码界奇点7 天前
基于Django与Ansible的智能运维管理系统设计与实现
运维·python·django·毕业设计·ansible·源代码管理
乾元9 天前
AI + Jinja2/Ansible:从自然语义到可执行 Playbook 的完整流水线(工程级深度)
运维·网络·人工智能·网络协议·华为·自动化·ansible
聊天QQ:6882388611 天前
光伏MPPT仿真:布谷鸟算法的奇妙结合
ansible
热门推荐
01GitHub 镜像站点02【AutoGLM部署】本地私有化部署AI手机Agent03UV安装并设置国内源04【超详细教程】手把手教你从微软官网免费下载Windows 10官方原版ISO镜像(2025最新版)05Open-AutoGLM Windows 安装部署教程06安娜的档案(Anna’s Archive) 镜像网站/国内最新可访问入口(持续更新)07Cursor 又偷偷更新,这个功能太实用:Visual Editor for Cursor Browser08Linux下V2Ray安装配置指南09BongoCat - 跨平台键盘猫动画工具10Windows 11 官方系统安装与重装完整教程(2025年最新版)