�� | Merion Academy

� �� . �� , ��-�� . � �� , �� , �� . �� ? �� -��, �� — �� , �� . �� , �� , �� . �� NetFlow �� . �� NetFlow? �� NetFlow �� Cisco. �� -�� , �� . �� , �� , �� Netflow ��. ��, �� . �� , Netflow �� , �� , �� . �� ; �� ; �� ; �� ; �� ; �� ; �� , �� , �� Cisco �� . ��, �� Cisco Stealthwatch � �� 95% �� , �� . ��, �� NetFlow �� . �� , �� NetFlow-�� . �� UDP �� SCTP, �� . � �� NetFlow (�� ) �� : �� . �� . �� , �� «��» �� . �� . �� . «��» �� . �� , �� , � �� . «� �� ? �� , �� , �� » - �� . �� Cisco, �� . �� NetFlow �� , �� . �� , �� NetFlow: Solarwinds NetFlow Traffic Analyzer – �� . �� , �� , �� . �� . �� 30-�� Flowmon – ��, �� , �� , � �� DDOS-�� PRTG Network Monitor - �� , �� . � �� , �� – �� , �� . ManageEngine NetFlow Analyzer – �� . Ÿ �� , �� , � �� , �� . �� , �� , �� , �� . ��, �� – �� .

��

�� , �� . �� , �� . �� "�� " �� , �� "regex" �� "regexp". � �� , �� , � �� , � �.�. � ��, � �� , � �� -�� , �� . �� , �� , ��, �� . �� , �� , �� : john_doe; jo-hn_doe; john12_as. �� , �� Jo, �� . �� , �� , � �� . � ��, �� "The" �� "t", �� "h", �� - "e". "the" => The fat cat sat onthemat. �� , �� , � �� . �� , �� . �� . �� . �� , �� . [ ] �� , �� . [^ ] �� . �� , �� . * 0 �� . + 1 �� . ? �� . {n,m} �� "n", �� "m" �� . (xyz) �� . | �� . �� . �� [ ] ( ) { } . * + ? ^ $ | ^ �� . $ �� . �� , �� . �� : �� . �� , �� w �� -�� : [a-zA-Z0-9_] W �� -�� : [^w] d �� : [0-9] D �� : [^d] s �� : [ f p{Z}] S �� : [^s] Look Around �� Look Around �� , �� , �� . �� , �� , �� , �� . �� ?= �� Lookahead ?! �� Lookahead ?<= �� Lookbehind ? �� Lookbehind �� , �� . �� . �� i �� : �� . g �� : �� . m ��: �� . �� vs. �� "��" ��, �� . "/(.*at)/" => The fat cat sat on the mat. �� "��" ��, �� "?". �� . "/(.*?at)/" => The fat cat sat on the mat.

��

How to

�� ESXi

� �� ESXi. �� (VMDK) � �� , �� : Failed to add disk scsi0:1. Failed to power on scsi0:1 �� 95%. �� . �� , �� , �� : Unable to open Swap File Unable to access a file since it is locked Unable to access a file [filename] since it is locked Unable to access Virtual machine configuration � �� : WARNING: World: VM xxxx: xxx: Failed to open swap file [path]: Lock was not free WARNING: World: VM xxxx: xxx: Failed to initialize swap file [path] �� : Error connecting to [path][virtual machine].vmx because the VMX is not started �� vCenter Server � �� ESXi ��. �� .vmx � �� (��, cat �� vi) �� : cat: can't open '[name of vm].vmx': Invalid argument �� , �� . � �� , �� . �� , �� ESXi �� , �� . �� , �� , �� : VMNAME.vswp DISKNAME-flat.vmdk DISKNAME-ITERATION-delta.vmdk VMNAME.vmx VMNAME.vmxf vmware.log �� DRS (�� ) � �� . � �� , �� . �� DRS �� , �� . �� , �� . �� , �� , �� . �� -�� , �� , �� . �� : �� , �� . �� . �� : �� , �� vmfsfilelockinfo � ��, �� . �� IP-�� , �� , �� vmfsfilelockinfo �� VMDK flat, delta �� sesparse �� VMFS �� .UUID. lck �� vSAN. �� vmfsfilelockinfo �� : �� VMware vCenter Server (�� MAC-�� ESX.) ��: �� : ~ # vmfsfilelockinfo -p /vmfs/volumes/iscsi-lefthand-2/VM1/VM1_1-000001-delta.vmdk -v 192.168.1.10 -u administrator@vsphere.local �� : vmfsflelockinfo Version 1.0 Looking for lock owners on "VM1_1-000001-delta.vmdk" "VM1_1-000001-delta.vmdk" is locked in Exclusive mode by host having mac address ['xx:xx:xx:xx:xx:xx'] Trying to make use of Fault Domain Manager ---------------------------------------------------------------------- Found 0 ESX hosts using Fault Domain Manager. ---------------------------------------------------------------------- Could not get information from Fault domain manager Connecting to 192.168.1.10 with user administrator@vsphere.local Password: xXxXxXxXxXx ---------------------------------------------------------------------- Found 3 ESX hosts from Virtual Center Server. ---------------------------------------------------------------------- Searching on Host 192.168.1.178 Searching on Host 192.168.1.179 Searching on Host 192.168.1.180 MAC Address : xx:xx:xx:xx:xx:xx Host owning the lock on the vmdk is 192.168.1.180, lockMode : Exclusive Total time taken : 0.27 seconds. ��: � �� . �� (mode) �� . �� : mode 0 = �� mode 1 = �� (�� vmx �� , �� VMDK-�� (flat or delta), *vswp � �.�.) mode 2 = �� (read-only). (��, �� flat.vmdk �� ) mode 3 = �� (��, �� MSCS �� FTVMs) �� , �� , �� lsof �� , �� , � �� : ~ # lsof | egrep 'Cartel|VM1_1-000001-delta.vmdk' �� : Cartel | World name | Type | fd | Description 36202 vmx FILE 80 /vmfs/volumes/556ce175-7f7bed3f-eb72-000c2998c47d/VM1/VM1_1-000001-delta.vmdk �� Cartel ID �� , 36202. ��, � �� , �� Cartel ID: ~ # esxcli vm process list �� . �� : Alternate_VM27 World ID: 36205 Process ID: 0 VMX Cartel ID: 36202 UUID: 56 4d bd a1 1d 10 98 0f-c1 41 85 ea a9 dc 9f bf Display Name: Alternate_VM27 Config File: /vmfs/volumes/556ce175-7f7bed3f-eb72-000c2998c47d/Alternate_VM27/Alternate_VM27.vmx �� VMX Cartel ID, �� , �� . �� , �� vmdk. �� VMDKS_TO_LOOK_FOR �� vmdk. � �� , � VMDK �� , �� : for i in $(vim-cmd vmsvc/getallvms | grep -v Vmid | awk -F "/" '{print $2}' | awk '{print $1}'); do echo $i && find ./ -iname $i | xargs grep vmdk | grep -Ei VMDKS_TO_LOOK_FOR ; done �� , �� , �� . �� , �� VMDK-�� , �� . �� , �� . �� VMware storage team, vSAN team �� NFS �� , �� . �� .lck file (�� NFS) �� NFS storage. �� .lck-#### (�� #### - �� fileid, �� GETATTR �� ). ��: �� . ��: �� VMFS �� .lck ��. �� VMFS �� VMFS. �� (.vmx) �� , �� .vmx. �� . �� touch *, �� vmdk, �� , �� vmkfstools-D �� chmod-s * �� vmfsfilelockinfo * �� .