saltstack把执行的结果保存到mysql中,以便进行命令安全审计

  mysql负责存储数据,mysql-python负责收集数据

  master需要安装mysql和MySQL-python,minion端安装MySQL-python

系统环境

 CentOS Linux release 7.4

   master    10.0.0.111

   minion    10.0.0.112

1、master 端操作:

参考网址:https://docs.saltstack.com/en/latest/ref/returners/all/salt.returners.mysql.html

参考博客:https://www.cnblogs.com/zzzhfo/p/5867771.html

  1.1、安装mysql

wget -i -c http://dev.mysql.com/get/mysql57-community-release-el7-10.noarch.rpm

yum -y install mysql57-community-release-el7-10.noarch.rpm

yum -y install mysql-server MySQL-python

#启动mysql

systemctl start  mysqld.service

systemctl enable mysqld.service

systemctl status mysqld.service

#修改mysql密码

[root@salt-server ~]# grep "password" /var/log/mysqld.log


set global validate_password_policy=0;

set global validate_password_length=1;

ALTER USER 'root'@'localhost' IDENTIFIED BY '123456';

#修改完密码后再依次输入以下内容:
##########################################################
CREATE DATABASE  `salt`

  DEFAULT CHARACTER SET utf8

  DEFAULT COLLATE utf8_general_ci;
##########################################################
USE `salt`;
##########################################################
DROP TABLE IF EXISTS `jids`;

CREATE TABLE `jids` (

  `jid` varchar(255) NOT NULL,

  `load` mediumtext NOT NULL,

  UNIQUE KEY `jid` (`jid`)

) ENGINE=InnoDB DEFAULT CHARSET=utf8;

CREATE INDEX jid ON jids(jid) USING BTREE;
############################################################
DROP TABLE IF EXISTS `salt_returns`;

CREATE TABLE `salt_returns` (

  `fun` varchar(50) NOT NULL,

  `jid` varchar(255) NOT NULL,

  `return` mediumtext NOT NULL,

  `id` varchar(255) NOT NULL,

  `success` varchar(10) NOT NULL,

  `full_ret` mediumtext NOT NULL,

  `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

  KEY `id` (`id`),

  KEY `jid` (`jid`),

  KEY `fun` (`fun`)

) ENGINE=InnoDB DEFAULT CHARSET=utf8;
############################################################
DROP TABLE IF EXISTS `salt_events`;

CREATE TABLE `salt_events` (

`id` BIGINT NOT NULL AUTO_INCREMENT,

`tag` varchar(255) NOT NULL,

`data` mediumtext NOT NULL,

`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

`master_id` varchar(255) NOT NULL,

PRIMARY KEY (`id`),

KEY `tag` (`tag`)

) ENGINE=InnoDB DEFAULT CHARSET=utf8;
#############################################################
grant all on salt.* to salt@'%' identified by '123456';

#以下是上边操作的截图

  

  

  

 

  1.2、测试mysql是否设置完成

  1.3、修改master主配置文件

[root@salt-server ~]# vim /etc/salt/minion

mysql.host: '10.0.0.111'

mysql.user: 'salt'

mysql.pass: '123456'

mysql.db: 'salt'

mysql.port: 3306

#重启配置文件

systemctl restart salt-minion  

    

2、minion端修改内容如下:

yum -y install MySQL-python

[root@minion02 ~]# vim /etc/salt/minion

mysql.host: '10.0.0.111'

mysql.user: 'salt'

mysql.pass: '123456'

mysql.db: 'salt'

mysql.port: 3306

#重启minion服务

systemctl restart salt-minion

  

总测试:

[root@salt-server ~]# salt '*' test.ping --return mysql

[root@salt-server ~]# salt '*' cmd.run 'df -h' --return mysql





 在master的mysql服务查看:




[root@salt-server ~]# mysql -uroot -p

Enter password:

mysql> use salt;

Reading table information for completion of table and column names

You can turn off this feature to get a quicker startup with -A

Database changed

mysql> mysql> select * from salt_returns\G;






方法2


master端安装MySQL-python和mysql-server

minion端不需要安装MySQL-python包





操作步骤略(与发一相同)

[root@salt-master /]# vim /etc/salt/master   追加如下内容

master_job_cache: mysql      #每次执行不加--return mysql由master端将返回的数据写入数据库 不需要minion

重启服务

[root@salt-master /]# /etc/init.d/salt-master restart

测试:

[root@salt-master /]# salt 'salt-minion' test.ping

salt-minion:

    True

[root@salt-master /]# salt 'salt-minion' cmd.run 'df -h'

salt-minion:

    Filesystem      Size  Used Avail Use% Mounted on

    /dev/sda3        18G  935M   16G   6% /

    tmpfs           495M   12K  495M   1% /dev/shm

    /dev/sda1       194M   27M  158M  15% /boot



root@salt-master /]# mysql -u salt -p -h 192.168.161.131

Enter password:

mysql> use salt;

Reading table information for completion of table and column names

You can turn off this feature to get a quicker startup with -A

Database changed

mysql> select * from salt_returns;

+-----------+----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+---------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+

| fun       | jid                  | return                                                                                                                                                                                   | id          | success | full_ret                                                                                                                                                                                                                                                                                                                                                                                   | alter_time          |

+-----------+----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+---------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+

| test.ping | 20160826200517605155 | true                                                                                                                                                                                     | salt-minion | 1       | {"fun_args": [], "jid": "20160826200517605155", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "salt-minion"}                                                                                                                                                                                                                                                    | 2016-08-26 20:05:17 |

| test.ping | 20160826202029989457 | true                                                                                                                                                                                     | salt-minion | 1       | {"fun_args": [], "jid": "20160826202029989457", "return": true, "retcode": 0, "success": true, "cmd": "_return", "_stamp": "2016-08-26T12:20:30.138166", "fun": "test.ping", "id": "salt-minion"}                                                                                                                                                                                          | 2016-08-26 20:20:30 |

| cmd.run   | 20160826202045948708 | "Filesystem      Size  Used Avail Use% Mounted on\n/dev/sda3        18G  935M   16G   6% /\ntmpfs           495M   12K  495M   1% /dev/shm\n/dev/sda1       194M   27M  158M  15% /boot" | salt-minion | 1       | {"fun_args": ["df -h"], "jid": "20160826202045948708", "return": "Filesystem      Size  Used Avail Use% Mounted on\n/dev/sda3        18G  935M   16G   6% /\ntmpfs           495M   12K  495M   1% /dev/shm\n/dev/sda1       194M   27M  158M  15% /boot", "retcode": 0, "success": true, "cmd": "_return", "_stamp": "2016-08-26T12:20:45.984974", "fun": "cmd.run", "id": "salt-minion"} | 2016-08-26 20:20:46 |

+-----------+----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+---------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+

3 rows in set (0.00 sec)





  


 
												


											
saltstack-把执行结果存储到mysql服务内的更多相关文章
	

    
								
  1. saltstack执行结果存储到MySQL
		
    saltstack执行结果保存到MySQL中,以便进行命令安全审计必须是python2.7以上的环境安装相关模块ubuntu系统安装 apt-get install -y python-mysqldb ...
    
		
    2. 
						
  2. 安装/移除 MySQL 服务
		
    MySQL Community Server 下载:https://dev.mysql.com/downloads/mysql/ 以下内容使用的版本为:mysql-5.7.17-win32.zip 1 ...
    
		
    3. 
						
  3. 【saltstack】saltstack执行结果和事件存储到mysql
		
    前言 项目中使用saltstack有一段时间了,之前都是在控制台操作,后来感觉越来越不方便,每次操作需要登陆服务器,还需要记一堆命令.最重要的是,公司进新人之后,新人由于不熟悉saltstack,容易 ...
    
		
    4. 
						
  4. SaltStack远程执行-返回MySQL
		
    上一篇:SaltStack远程执行-模块 参考官方文档:https://docs.saltstack.com/en/latest/ref/returners/all/salt.returners.my ...
    
		
    5. 
						
  5. docker 部署mysql服务之后,执行sql脚本
		
    1,先将.sql文件copy到docker容器里 docker ps //找到容器的短ID或者指定的name. docker inspect  -f '{{.Id}}' id or name 得到指定 ...
    
		
    6. 
						
  6. MySql免安装版安装配置,附MySQL服务无法启动解决方案
		
          文首提要:             我下载的MySQL版本是:mysql-5.7.17-winx64.zip  Archive版:系统:Windows7 64位. 一.解压文件 下载好My ...
    
		
    7. 
						
  7. [MySQL Reference Manual] 5 MySQL 服务管理
		
    5. MySQL 服务管理 5. MySQL 服务管理 5.1 The Mysql Server 5.2 Mysql 服务日志 5.2.1 选择General query log和slow query ...
    
		
    8. 
						
  8. Saltstack远程执行(四)
		
    Saltstack远程执行 语法例:salt '*' cmd.run 'w' -  命令:salt -  目标:'*' -  模块:cmd.run,自带150+模块,也可以自己写模块 -  返回:执行 ...
    
		
    9. 
						
  9. win7下安装MYSQL报错:"MYSQL 服务无法启动"的3534问题
		
    上午在win7下安装MYSQL,只到“net start mysql”这一步报错:3534的错误: 于是在百度中搜索关键字“mysql服务无法启动3534”. 参考以下两个链接中的方法,解决了3534 ...
    
		
    10. 
		

	


随机推荐
	

    
									
  1. git升级后jenkins的报错
			
    1.首先卸载原有的git #yum remove git 2.源码安装新版本的git https://www.kernel.org/pub/software/scm/git/ 下载最新的版本,然后编译 ...
    
			
    2. 
						
  2. Linux man C++ 库函数
			
    默认情况下,linux是的man是不能查阅C++的标准库函数的,这个很不方便,那有没有办法可以直接man C++标准库函数呢? 当然有,不过要自己动手,自己动手,才能丰衣足食! 1. 下载安装manp ...
    
			
    3. 
						
  3. 如何获取div距离浏览器顶部的高度,宽度,内容
			
    JS就可以获取了, document.getElementById("DIV的ID或者其它选择").offsetTop;这是离顶部 JQ可以这样: $("#aaa&quo ...
    
			
    4. 
						
  4. mac下安装MySQL【转】
			
    转:http://www.jb51.net/article/103841.htm 1.官网下载 MySQL v5.7官方正式版下载地址:http://www.jb51.net/softs/451120 ...
    
			
    5. 
						
  5. Java并发常见问题
			
    ConcurrentHashMap源码分析,参考:http://blog.csdn.net/do_smile/article/details/46911727 HashMap源码分析,参考:http: ...
    
			
    6. 
						
  6. Docker部署golang微服务项目
			
    这篇博客是为了记录一下部署步骤. 因为实训需要,我要在服务器上用docker部署我们小组的微服务项目.我们的微服务有Gateway,User,Scene,Device四个部分,分别占用不同的端口,其中 ...
    
			
    7. 
						
  7. 关于Comparator和Comparable的理解
			
    我们都知道,实现Comparator和Comparable这两个接口,可以实现对对象比较大小.那这个两个又有什么区别呢? comparator 1.接口类在java.util包里面,实现接口时需要导入 ...
    
			
    8. 
						
  8. PECL: configuration option "php_ini" is not set to php.ini location
			
    message similar to: configuration option "php_ini" is not set to php.ini locationYou shoul ...
    
			
    9. 
						
  9. Python 正则 re.sub替换
			
    # 正则将匹配到的两个字段,都替换成某个值import re s0 = 'BOY and GIRL' s1 = re.sub(r'BOY|GIRL', 'HUMAN', s0) print s1 #  ...
    
			
    10. 
						
  10. JavaScript之Array
			
    JavaScript是一门非常灵活的动态语言,涵盖的内容也挺多,<JavaScript高级程序设计>看了也有两遍,但是在实际开发的时候,还是有很多东西记不清,然后还得去翻书,特别是一些Ar ...
    
			
    11.