#!/usr/bin/env bash # ============================================================================= # audit-agents.sh — Inventaire READ-ONLY des agents de monitoring sur un hôte # Lib-Lab — node_exporter / zabbix-agent / alloy / promtail / docker + conf # Usage : bash audit-agents.sh (ou wget -qO- .../audit-agents.sh | bash) # Aucune modification système. Idéal avant d'ajuster/mettre à jour. # ============================================================================= set -uo pipefail line(){ printf '\n──────── %s ────────\n' "$*"; } host="$(hostname)"; ip="$(hostname -I 2>/dev/null | awk '{print $1}')" echo "================ AUDIT AGENTS — ${host} (${ip}) — $(date '+%F %T') ================" # shellcheck disable=SC1091 . /etc/os-release 2>/dev/null || true echo "OS : ${PRETTY_NAME:-inconnu} | kernel $(uname -r) | virt $(systemd-detect-virt 2>/dev/null || echo n/a)" echo "Uptime : $(uptime -p 2>/dev/null)" line "Ports d'écoute (monitoring)" if command -v ss >/dev/null 2>&1; then ss -tlnp 2>/dev/null | grep -E ':(9100|9182|9090|9080|9093|9113|9115|3100|10050|10051|12345)\b' || echo "(aucun port monitoring en écoute)" else netstat -tlnp 2>/dev/null | grep -E ':(9100|9182|10050|12345)\b' || echo "(ss/netstat indisponible)" fi line "Services systemd liés au monitoring" for s in node_exporter prometheus-node-exporter zabbix-agent zabbix-agent2 alloy promtail grafana-agent cadvisor windows_exporter; do if systemctl list-unit-files 2>/dev/null | grep -q "^${s}\.service"; then printf " %-26s %-10s %s\n" "$s" "$(systemctl is-active "$s" 2>/dev/null)" "$(systemctl is-enabled "$s" 2>/dev/null)" fi done line "node_exporter" if command -v node_exporter >/dev/null 2>&1; then node_exporter --version 2>&1 | head -1; fi for u in /etc/systemd/system/node_exporter.service /lib/systemd/system/prometheus-node-exporter.service; do [ -f "$u" ] && { echo "[unit] $u"; grep -E 'ExecStart|User=' "$u"; } done line "Zabbix agent" for b in zabbix_agentd zabbix_agent2; do command -v "$b" >/dev/null 2>&1 && $b -V 2>&1 | head -1; done for c in /etc/zabbix/zabbix_agentd.conf /etc/zabbix/zabbix_agent2.conf; do [ -f "$c" ] && { echo "[$c]"; grep -E '^(Server|ServerActive|Hostname|AllowKey|UnsafeUserParameters)=' "$c" 2>/dev/null; } done line "Logs → Loki (Alloy / Promtail)" if command -v alloy >/dev/null 2>&1; then alloy --version 2>&1 | head -1; fi [ -f /etc/alloy/config.alloy ] && { echo "[/etc/alloy/config.alloy]"; grep -E 'url|host *=|job *=' /etc/alloy/config.alloy 2>/dev/null | head; } [ -f /etc/promtail/promtail-config.yml ] && { echo "[promtail-config.yml] (Promtail = EOL, migrer vers Alloy)"; grep -E 'url:|host:|job:' /etc/promtail/promtail-config.yml 2>/dev/null | head; } line "Docker" if command -v docker >/dev/null 2>&1; then docker --version echo "Containers :" docker ps --format ' {{.Names}}\t{{.Image}}\t{{.Status}}\t{{.Ports}}' 2>/dev/null || echo " (daemon injoignable)" echo "Fichiers compose :" find /opt /root /home /srv -maxdepth 4 -name 'docker-compose*.y*ml' 2>/dev/null | head else echo "(docker non installé)" fi echo "================ FIN — ${host} ================"