BestHub
Sign in
Operations 10 min read

9 Essential Linux Shell Scripts for System Administration and Automation

This article presents nine practical Linux shell script examples—ranging from DDoS IP blocking and alert notifications to MySQL backups, Nginx log management, network traffic monitoring, system initialization, and disk usage checks—that operations engineers can adapt and deploy in real-world environments.

Efficient Ops
Efficient Ops
Efficient Ops
9 Essential Linux Shell Scripts for System Administration and Automation

Below are nine useful shell script examples that operations engineers can adapt to their environments.

1. DDoS attack prevention (auto‑block IP)

<code>#!/bin/bash
DATE=$(date +%d/%b/%Y:%H:%M)
LOG_FILE=/usr/local/nginx/logs/demo2.access.log
ABNORMAL_IP=$(tail -n5000 $LOG_FILE | grep $DATE | awk '{a[$1]++} END {for(i in a) if(a[i]>10) print i}')
for IP in $ABNORMAL_IP; do
    if [ $(iptables -vnL | grep -c "$IP") -eq 0 ]; then
        iptables -I INPUT -s $IP -j DROP
        echo "$(date +'%F_%T') $IP" >> /tmp/drop_ip.log
    fi
done
</code>

2. Linux system alert script (mailx configuration)

<code># yum install mailx
# vi /etc/mail.rc
set [email protected] smtp=smtp.163.com
set [email protected] smtp-auth-password=******
set smtp-auth=login
</code>

3. MySQL single‑loop backup

<code>#!/bin/bash
DATE=$(date +%F_%H-%M-%S)
HOST=localhost
USER=backup
PASS=123.com
BACKUP_DIR=/data/db_backup
DB_LIST=$(mysql -h$HOST -u$USER -p$PASS -s -e "show databases;" 2>/dev/null | egrep -v "Database|information_schema|mysql|performance_schema|sys")
for DB in $DB_LIST; do
    BACKUP_NAME=$BACKUP_DIR/${DB}_${DATE}.sql
    if ! mysqldump -h$HOST -u$USER -p$PASS -B $DB > $BACKUP_NAME 2>/dev/null; then
        echo "$BACKUP_NAME 备份失败!"
    fi
done
</code>

4. MySQL multi‑loop backup

<code>#!/bin/bash
DATE=$(date +%F_%H-%M-%S)
HOST=localhost
USER=backup
PASS=123.com
BACKUP_DIR=/data/db_backup
DB_LIST=$(mysql -h$HOST -u$USER -p$PASS -s -e "show databases;" 2>/dev/null | egrep -v "Database|information_schema|mysql|performance_schema|sys")
for DB in $DB_LIST; do
    BACKUP_DB_DIR=$BACKUP_DIR/${DB}_${DATE}
    [ ! -d $BACKUP_DB_DIR ] && mkdir -p $BACKUP_DB_DIR >/dev/null
    TABLE_LIST=$(mysql -h$HOST -u$USER -p$PASS -s -e "use $DB;show tables;" 2>/dev/null)
    for TABLE in $TABLE_LIST; do
        BACKUP_NAME=$BACKUP_DB_DIR/${TABLE}.sql
        if ! mysqldump -h$HOST -u$USER -p$PASS $DB $TABLE > $BACKUP_NAME 2>/dev/null; then
            echo "$BACKUP_NAME 备份失败!"
        fi
    done
done
</code>

5. Nginx access log daily rotation

<code>#!/bin/bash
LOG_DIR=/usr/local/nginx/logs
YESTERDAY_TIME=$(date -d "yesterday" +%F)
LOG_MONTH_DIR=$LOG_DIR/$(date +"%Y-%m")
LOG_FILE_LIST="default.access.log"
for LOG_FILE in $LOG_FILE_LIST; do
    [ ! -d $LOG_MONTH_DIR ] && mkdir -p $LOG_MONTH_DIR
    mv $LOG_DIR/$LOG_FILE $LOG_MONTH_DIR/${LOG_FILE}_${YESTERDAY_TIME}
done
kill -USR1 $(cat /var/run/nginx.pid)
</code>

6. Nginx access log analysis script

<code>#!/bin/bash
# Log format: $remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"
LOG_FILE=$1
echo "Top 10 IPs by requests"
awk '{a[$1]++} END {print "UV:",length(a); for(v in a) print v,a[v]}' $LOG_FILE | sort -k2 -nr | head -10
echo "----------------------"

echo "Top IPs in specific time range"
awk '$4>="[01/Dec/2018:13:20:25" && $4<="[27/Nov/2018:16:20:49" {a[$1]++} END {for(v in a) print v,a[v]}' $LOG_FILE | sort -k2 -nr | head -10
echo "----------------------"

echo "Top 10 pages by requests"
awk '{a[$7]++} END {print "PV:",length(a); for(v in a) if(a[v]>10) print v,a[v]}' $LOG_FILE | sort -k2 -nr
echo "----------------------"

echo "Request count per status code"
awk '{a[$7" "$9]++} END {for(v in a) if(a[v]>5) print v,a[v]}' $LOG_FILE
</code>

7. Real‑time network interface traffic script

<code>#!/bin/bash
NIC=$1
echo -e " In ------ Out"
while true; do
    OLD_IN=$(awk '$0~"'$NIC'"{print $2}' /proc/net/dev)
    OLD_OUT=$(awk '$0~"'$NIC'"{print $10}' /proc/net/dev)
    sleep 1
    NEW_IN=$(awk '$0~"'$NIC'"{print $2}' /proc/net/dev)
    NEW_OUT=$(awk '$0~"'$NIC'"{print $10}' /proc/net/dev)
    IN=$(printf "%.1fKB/s" $((($NEW_IN-$OLD_IN)/1024)))
    OUT=$(printf "%.1fKB/s" $((($NEW_OUT-$OLD_OUT)/1024)))
    echo "$IN $OUT"
    sleep 1
done
</code>

8. Server system initialization script

<code>#/bin/bash
# Set timezone and sync time
ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
if ! crontab -l | grep ntpdate >/dev/null; then
    (echo "* 1 * * * ntpdate time.windows.com >/dev/null 2>&1"; crontab -l) | crontab
fi

# Disable SELinux
sed -i '/SELINUX/{s/permissive/disabled/}' /etc/selinux/config

# Stop firewall
if egrep "7.[0-9]" /etc/redhat-release >/dev/null; then
    systemctl stop firewalld
    systemctl disable firewalld
elif egrep "6.[0-9]" /etc/redhat-release >/dev/null; then
    service iptables stop
    chkconfig iptables off
fi

# Show command execution time in history
if ! grep HISTTIMEFORMAT /etc/bashrc; then
    echo 'export HISTTIMEFORMAT="%F %T `whoami` "' >> /etc/bashrc
fi

# SSH timeout
if ! grep "TMOUT=600" /etc/profile >/dev/null; then
    echo "export TMOUT=600" >> /etc/profile
fi

# Disallow root remote login
sed -i 's/#PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config

# Disable email notifications for cron jobs
sed -i 's/^MAILTO=root/MAILTO=""/' /etc/crontab

# Increase max open files
if ! grep "* soft nofile 65535" /etc/security/limits.conf >/dev/null; then
    cat >> /etc/security/limits.conf <<EOF
* soft nofile 65535
* hard nofile 65535
EOF
fi

# Kernel optimizations
cat >> /etc/sysctl.conf <<EOF
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_tw_buckets = 20480
net.ipv4.tcp_max_syn_backlog = 20480
net.core.netdev_max_backlog = 262144
net.ipv4.tcp_fin_timeout = 20
EOF

# Reduce swap usage
echo "0" > /proc/sys/vm/swappiness

# Install performance tools
yum install -y gcc make autoconf vim sysstat net-tools iostat
</code>

9. Monitor disk usage on 100 servers

<code>#!/bin/bash
HOST_INFO=host.info
for IP in $(awk '/^[^#]/{print $1}' $HOST_INFO); do
    USER=$(awk -v ip=$IP 'ip==$1{print $2}' $HOST_INFO)
    PORT=$(awk -v ip=$IP 'ip==$1{print $3}' $HOST_INFO)
    TMP_FILE=/tmp/disk.tmp
    ssh -p $PORT $USER@$IP 'df -h' > $TMP_FILE
    USE_RATE_LIST=$(awk 'BEGIN{OFS="="}/^\/dev/{print $NF,int($5)}' $TMP_FILE)
    for USE_RATE in $USE_RATE_LIST; do
        PART_NAME=${USE_RATE%=*}
        USE_RATE=${USE_RATE#*=}
        if [ $USE_RATE -ge 80 ]; then
            echo "Warning: $PART_NAME Partition usage $USE_RATE%!"
        fi
    done
done
</code>

These scripts can be customized to fit specific operational requirements and help automate routine system administration tasks.

automationOpsLinuxshellScripts
Efficient Ops
Written by

Efficient Ops

This public account is maintained by Xiaotianguo and friends, regularly publishing widely-read original technical articles. We focus on operations transformation and accompany you throughout your operations career, growing together happily.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment