WebSVN – ALCASAR – Blame – /scripts/alcasar-activity_report.sh

Rev	Author	Line No.	Line
2009	raphael.pi	1	`#Create an activity report for ALCASAR every week.`
		2	`#We read configuration files and logs to create cool charts.`
		3
		4	`#file`
		5	`TMP_AV="/var/tmp/av_count.txt"`
		6	`TMP_BL="/var/tmp/bl_count.txt"`
		7	`TMP_BL_WEEK="/var/tmp/bl_count_week.txt"`
		8	`TMP_BL_WEEK_CAT="/var/tmp/bl_count_week_cat.txt"`
		9
		10	`#Model loaded to create charts`
		11	`MODEL_CHARTJS="/var/www/html/acc/manager/activity_report/models/Chart.report.js"`
		12	`MODEL_TABINFO="/var/www/html/acc/manager/activity_report/models/tabinfo.html"`
		13
		14	`#Where the report will be created.`
		15	`HTML_REPORT="/var/www/html/acc/manager/activity_report/alcasar-report-$(date +%F).html"`
		16
		17	`#password of MariaDB`
		18	`PASSWD_FILE="/root/ALCASAR-passwords.txt"`
		19
		20	`#TIME VALUE`
		21	`C_TS=$(date +"%s") #current timestamp`
		22	`MAX_DAY_AGO=7`
		23	`SECS_AGO=$(date --date="$MAX_DAY_AGO days ago" +"%s") #timestamp ago`
		24	`STEP_TS=$((C_TS-$SECS_AGO)) #timestamp between current timestamp and SECS_AGO`
		25
		26	`#PRIVATE IP OF ALCASAR`
		27	`PRIVATE_IP=$(cat /usr/local/etc/alcasar.conf \| grep PRIVATE_IP \| cut -d'=' -f2 \| cut -d'/' -f1)`
		28
		29	`#COLOR for charts`
		30	COLOR="'#ff0000','#3333cc','#009933','#993300','#1720EE','#D30229','#8D726D','#41C4E4','#8574F4','#A0BC1A','#BFDC1F','#5ADDC3','#B05744','#CD9319','#8CA39B','#D4AA1C','#A76752','#B03088','#445E87','#70424D','#D118C3','#46ABEF','#E9F197','#AEC0D4','#755C79','#94BBD7','#E2E9DC','#8B68D0','#F7EC7C','#1F16B8','#F4DA0A','#2EC17A','#E06483','#48B342','#F510CD','#9B2662','#180E98','#988FC1','#209E4E','#034240','#FDB142','#36B445','#CDD5C9','#6FA0DE','#EE2206','#204E19','#15FC93','#161ECE','#83D33B','#11A44A','#B7BF6C','#87274C','#B52C4F','#AD2805','#427E6C','#91341A','#191315','#FCB290','#13D3CD','#90F0E6','#C870C9','#AD2C14','#201D2A','#E4DB79','#90A919','#FE17FE','#09B35C','#88D950','#3440FC','#A9D42F','#E2DFAC','#DA69EC','#67430A','#43E94E','#5F7349','#22CF16','#CF038F','#0F6427','#F7AD0F','#C5E382','#DB49B6','#F760BF','#0BE701','#EF88D8','#79E6D7','#8A2D3D','#435A30','#A3C8AC','#99B118','#A929FF','#08A36D','#0A1654','#6F8283','#E1CA3E','#3E8577','#580FB6','#DB0E16','#386CBE','#FA0C43','#B713C9'"
		31
		32	`#Values to create new htdigest user to consult statistique of ACC`
		33	`DIR_KEY="/usr/local/etc/digest"`
		34	`compte="papa"`
		35	`realm="ALCASAR Control Center (ACC)"`
		36	`password=$(openssl rand -base64 32) #random password (length : 32)`
		37	`SED="/usr/bin/sed -i "`
		38	`TMP_STATS="/var/tmp/stats.html"`
		39	`TMP_STATS_2="/var/tmp/stats2.html"`
		40
		41	`#if empty logs, replace charts by text.`
		42	`ENABLE_BL=0`
		43	`ENABLE_BL_WEEK=0`
		44	`ENABLE_AV=0`
		45
		46
		47	`if [ -e $TMP_AV ]`
		48	`then`
		49	`rm $TMP_AV`
		50	`fi`
		51
		52	`if [ -e $TMP_BL ]`
		53	`then`
		54	`rm $TMP_BL`
		55	`fi`
		56
		57	`if [ -e $TMP_BL_WEEK ]`
		58	`then`
		59	`rm $TMP_BL_WEEK`
		60	`fi`
		61
		62	`if [ -e $TMP_BL_WEEK_CAT ]`
		63	`then`
		64	`rm $TMP_BL_WEEK_CAT`
		65	`fi`
		66
		67	`if [ -e $HTML_REPORT ]`
		68	`then`
		69	`rm $HTML_REPORT`
		70	`fi`
		71
		72	`echo "<!doctype html>" >> $HTML_REPORT`
		73	`echo "<html>" >> $HTML_REPORT`
		74	`echo "<head>" >> $HTML_REPORT`
		75	`echo "<meta http-equiv='Content-Type' content='text/html; charset=UTF-8'>" >> $HTML_REPORT`
		76	`echo "<title>ALCASAR report</title>" >> $HTML_REPORT`
		77	`echo "<link rel='stylesheet' type='text/css' href='../../../css/bootstrap.min.css'>" >> $HTML_REPORT`
		78	`echo "<link rel='stylesheet' type='text/css' href='../../../css/report.css'>" >> $HTML_REPORT`
		79	`echo "<script src='../../../js/Chart.bundle.js'></script>" >> $HTML_REPORT`
		80	`echo "<script src='../../../js/jquery.min.js'></script>" >> $HTML_REPORT`
		81	`echo "</head>" >> $HTML_REPORT`
		82	`echo "<body>" >> $HTML_REPORT`
		83	`echo "<h1><center>Rapport d'activité de l'ALCASAR-$(cat /usr/local/etc/alcasar.conf \| grep ORGANISM \| cut -d'=' -f2)</center></h1>" >> $HTML_REPORT`
		84	`echo "<i><p style='text-align: right;'>Date de création $(date +%F)</p></i>" >> $HTML_REPORT`
		85	`echo "<font size='1'>" >> $HTML_REPORT`
		86
		87	`######################TABINFO######################`
		88	`echo "Create information about system and ALCASAR"`
		89	`#contain every information about ALCASAR configuration, system and last update`
		90
		91	`cat $MODEL_TABINFO \| while read LINE_HTML`
		92	`do`
		93
		94	`if [ $(echo $LINE_HTML \| grep 'XXORGXX' \| wc -l) -eq 1 ]`
		95	`then`
		96	`VALUE=$(cat /usr/local/etc/alcasar.conf \| grep ORGANISM \| cut -d'=' -f2)`
		97	`echo ${LINE_HTML/XXORGXX/$VALUE} >> $HTML_REPORT`
		98
		99	`elif [ $(echo $LINE_HTML \| grep 'XXINSTALLXX' \| wc -l) -eq 1 ]`
		100	`then`
		101	`VALUE=$(cat /usr/local/etc/alcasar.conf \| grep INSTALL_DATE \| cut -d'=' -f2)`
		102	`echo ${LINE_HTML/XXINSTALLXX/$VALUE} >> $HTML_REPORT`
		103
		104	`elif [ $(echo $LINE_HTML \| grep 'XXAVERSIONXX' \| wc -l) -eq 1 ]`
		105	`then`
		106	`VALUE=$(cat /usr/local/etc/alcasar.conf \| grep VERSION \| cut -d'=' -f2)`
		107	`echo ${LINE_HTML/XXAVERSIONXX/$VALUE} >> $HTML_REPORT`
		108
		109	`elif [ $(echo $LINE_HTML \| grep 'XXIP_PUBLICXX' \| wc -l) -eq 1 ]`
		110	`then`
		111	`VALUE=$(cat /usr/local/etc/alcasar.conf \| grep PUBLIC_IP \| cut -d'=' -f2)`
		112	`echo ${LINE_HTML/XXIP_PUBLICXX/$VALUE} >> $HTML_REPORT`
		113
		114	`elif [ $(echo $LINE_HTML \| grep 'XXIP_PRIVEXX' \| wc -l) -eq 1 ]`
		115	`then`
		116	`VALUE=$(cat /usr/local/etc/alcasar.conf \| grep PRIVATE_IP \| cut -d'=' -f2)`
		117	`echo ${LINE_HTML/XXIP_PRIVEXX/$VALUE} >> $HTML_REPORT`
		118
		119	`elif [ $(echo $LINE_HTML \| grep 'XXGWXX' \| wc -l) -eq 1 ]`
		120	`then`
		121	`VALUE=$(cat /usr/local/etc/alcasar.conf \| grep 'GW=' \| cut -d'=' -f2)`
		122	`echo ${LINE_HTML/XXGWXX/$VALUE} >> $HTML_REPORT`
		123
		124	`elif [ $(echo $LINE_HTML \| grep 'XXDNS1XX' \| wc -l) -eq 1 ]`
		125	`then`
		126	`VALUE=$(cat /usr/local/etc/alcasar.conf \| grep DNS1 \| cut -d'=' -f2)`
		127	`echo ${LINE_HTML/XXDNS1XX/$VALUE} >> $HTML_REPORT`
		128
		129	`elif [ $(echo $LINE_HTML \| grep 'XXDNS2XX' \| wc -l) -eq 1 ]`
		130	`then`
		131	`VALUE=$(cat /usr/local/etc/alcasar.conf \| grep DNS2 \| cut -d'=' -f2)`
		132	`echo ${LINE_HTML/XXDNS2XX/$VALUE} >> $HTML_REPORT`
		133
		134	`elif [ $(echo $LINE_HTML \| grep 'XXHOSTXX' \| wc -l) -eq 1 ]`
		135	`then`
		136	`VALUE=$(hostname)`
		137	`echo ${LINE_HTML/XXHOSTXX/$VALUE} >> $HTML_REPORT`
		138
		139	`elif [ $(echo $LINE_HTML \| grep 'XXOS_VERSIONXX' \| wc -l) -eq 1 ]`
		140	`then`
		141	`VALUE=$( echo $(uname -r) [ $(uname -m) ] )`
		142	`echo ${LINE_HTML/XXOS_VERSIONXX/$VALUE} >> $HTML_REPORT`
		143
		144	`elif [ $(echo $LINE_HTML \| grep 'XXREBOOTXX' \| wc -l) -eq 1 ]`
		145	`then`
		146	`VALUE=$(echo $(who -b \| cut -d' ' -f12-))`
		147	`echo ${LINE_HTML/XXREBOOTXX/$VALUE} >> $HTML_REPORT`
		148
		149	`elif [ $(echo $LINE_HTML \| grep 'XXMAJCLAMAVXX' \| wc -l) -eq 1 ]`
		150	`then`
		151	`VALUE=$(date -d @$(rpm -qa --queryformat "%{installtime} %{name}\n" \| grep -E "clamav-db" \| cut -d' ' -f1 ) "+%Y-%m-%d %H:%M:%S")`
		152	`echo ${LINE_HTML/XXMAJCLAMAVXX/$VALUE} >> $HTML_REPORT`
		153
		154	`elif [ $(echo $LINE_HTML \| grep 'XXMAJBLXX' \| wc -l) -eq 1 ]`
		155	`then`
		156	`VALUE=$(cat /etc/dansguardian/lists/blacklists/README \| grep 'Last version' \| cut -d' ' -f4-6)`
		157	`echo ${LINE_HTML/XXMAJBLXX/$VALUE} >> $HTML_REPORT`
		158
		159	`elif [ $(echo $LINE_HTML \| grep 'XXRPMXX' \| wc -l) -eq 1 ]`
		160	`then`
		161	`#show every ALCASAR RPM updated since X day ago`
		162	`#get timestamp of X day ago. Then we get every packets chich have been updated since this date.`
		163	`if [ $(rpm -qa --queryformat '%{installtime} %{name} %{version}\n' \| awk -v seuil="$SECS_AGO" '$1 > seuil' \| sort -n \| grep -E "$PACKAGE" \| wc -l) -gt 1 ]`
		164	`then`
		165	`PACKAGE='php\|apache\|iptables\|dnsmasq\|radius\|tinyproxy\|nfdump\|dansguardian\|clamav\|ulogd\|chilli\|fail2ban\|openssh\|havp\|ipt-netflow\|wget'`
		166	`rpm -qa --queryformat '%{installtime} %{name} %{version}\n' \| awk -v seuil="$SECS_AGO" '$1 > seuil' \| sort -n \| grep -E "$PACKAGE" \| while read RPM_ALCASAR`
		167	`do`
		168	`RPM_TIMESTAMP=$(echo $RPM_ALCASAR \| cut -d' ' -f1)`
		169	`RPM_DATE=$(date -d @$(echo $RPM_TIMESTAMP) "+%Y-%m-%d %H:%M:%S")`
		170	`RPM_NAME=$(echo $RPM_ALCASAR \| cut -d' ' -f2)`
		171	`RPM_VERSION=$(echo $RPM_ALCASAR \| cut -d' ' -f3)`
		172
		173
		174	`echo "<tr>" >> $HTML_REPORT`
		175	`echo "<td>$RPM_NAME</td>" >> $HTML_REPORT`
		176	`echo "<td>$RPM_DATE</td>" >> $HTML_REPORT`
		177	`echo "<td>$RPM_VERSION</td>" >> $HTML_REPORT`
		178	`echo "</tr>" >> $HTML_REPORT`
		179	`done`
		180	`else`
		181	`echo "<td>Pas de RPM mis à jour cette semaine</td>" >> $HTML_REPORT`
		182	`echo "</tr>" >> $HTML_REPORT`
		183	`fi`
		184	`else`
		185	`echo $LINE_HTML >> $HTML_REPORT`
		186	`fi`
		187
		188	`done`
		189
		190
		191	`######################BL WEBSITE SINCE INSTALLATION######################`
		192	`echo "Create BL website since the installation of ALCASAR"`
		193	`#find data`
		194
		195	`#decompress every logs`
2013	raphael.pi	196	`if [ $(ls -1 /var/log/dnsmasq/dnsmasq-blacklist.log.*.gz 2>/dev/null \| wc -l) -ge 1 ]`
2009	raphael.pi	197	`then`
		198	`gunzip -d dnsmasq-blacklist.log.*.gz`
		199	`fi`
		200
		201	`#convert logs date in timestamp and find categories of blacklisted website`
		202	`for FILE in $(ls -1 /var/log/dnsmasq/ \| grep 'dnsmasq-blacklist.log')`
		203	`do`
		204	`while read LOG_BL`
		205	`do`
		206	`if [ $(echo $LOG_BL \| grep config \| grep $PRIVATE_IP \| wc -c) -ge 1 ]`
		207	`then`
		208	`#find the current blacklisted category`
		209	`website_bl=$(echo $LOG_BL \| cut -d' ' -f6)`
		210
		211	`#we convert www.test.co.uk => test.co.uk to find the category of this website`
		212	`if [ $(grep -o '\.' <<< "$website_bl" \| wc -l) -ge "2" ]`
		213	`then`
2013	raphael.pi	214	`website_bl=$(echo $website_bl \| cut -d'.' -f2-)`
2009	raphael.pi	215	`fi`
		216
2013	raphael.pi	217	`#get BL category`
		218	`categorie_bl=$(grep -R "$website_bl/" /usr/local/share/dnsmasq-bl-enabled/ \| cut -d':' -f1 \| cut -d'/' -f6 \| cut -d' ' -f1)`
		219	`if [ $(echo $categorie_bl \| wc -w) -gt 1 ]`
		220	`then`
		221	`categorie_bl=$(grep -R "/$website_bl/" /usr/local/share/dnsmasq-bl-enabled/ \| cut -d':' -f1 \| cut -d'/' -f6 \| cut -d' ' -f1 \| head -1)`
		222	`fi`
		223
2009	raphael.pi	224	`#Calculate its timestamp`
		225	`Y=$(date -R \| cut -d' ' -f4)`
		226	`M=$(echo $LOG_BL \| cut -d' ' -f1)`
		227	`D=$(echo $LOG_BL \| cut -d' ' -f2)`
		228	`H=$(echo $LOG_BL \| cut -d' ' -f3)`
		229	`CURRENT_TS=$(date -d "$M $D $Y $H" +"%s")`
2013	raphael.pi	230	`echo "$CURRENT_TS:$categorie_bl:" >> $TMP_BL`
2009	raphael.pi	231	`fi`
		232
		233	`done < /var/log/dnsmasq/$FILE`
		234	`done`
		235
2013	raphael.pi	236
2009	raphael.pi	237	`#if data exists, create this section in html document`
		238	`if [ -e $TMP_BL ]`
		239	`then`
		240	`ENABLE_BL=1`
		241	`#count every BL website consulted since installation (maximum 1 year)`
		242	`DATE_END=$(cat $TMP_BL \| cut -d':' -f1 \| sort -n \| head -1 )`
		243
		244
		245	`for TS in $(seq $C_TS -$STEP_TS $DATE_END)`
		246	`do`
		247	`DATE_1=$TS`
		248	`DATE_2=$((TS-$STEP_TS))`
		249	`COUNT_BL_INSTALLATION=0`
		250
		251	`for LINE in $(cat $TMP_BL)`
		252	`do`
		253	`TS_FILE=$(echo $LINE \| cut -d':' -f1)`
		254
		255	`if [ "$TS_FILE" -le "$DATE_1" -a "$TS_FILE" -ge "$DATE_2" ]`
		256	`then`
		257	`COUNT_BL_INSTALLATION=$((COUNT_BL_INSTALLATION+1))`
		258
		259	`fi`
		260	`done`
		261
		262	`VALUE_BL_INSTALLATION_LABEL="'$(date -d @$DATE_2 "+%Y-%m-%d" )', $VALUE_BL_INSTALLATION_LABEL"`
		263	`VALUE_BL_INSTALLATION_DATA="$COUNT_BL_INSTALLATION, $VALUE_BL_INSTALLATION_DATA"`
		264	`done`
		265
		266	`#create Antivirus section in html document`
		267	`NAME_BL_INSTALLATION='chart_bl_installation'`
		268	`CONF_BL_INSTALLATION='config_bl_installation'`
		269	`echo "<center>" >> $HTML_REPORT`
		270	`echo "<canvas id='$NAME_BL_INSTALLATION' width='450' height='450'></canvas>" >> $HTML_REPORT`
		271	`echo "</center>" >> $HTML_REPORT`
		272
		273	`#create chart bar in html file with javascript (chartjs.com)`
		274	`echo "<script>" >> $HTML_REPORT`
		275	`cat $MODEL_CHARTJS \| while read LINE_JS`
		276	`do`
		277	`#name of variable`
		278	`if [ $(echo $LINE_JS \| grep 'XXCONFXX' \| wc -l) -eq 1 ]`
		279	`then`
		280	`echo ${LINE_JS/XXCONFXX/$CONF_BL_INSTALLATION} >> $HTML_REPORT`
		281	`#chart type`
		282	`elif [ $(echo $LINE_JS \| grep 'XXTYPEXX' \| wc -l) -eq 1 ]`
		283	`then`
		284	`echo ${LINE_JS/XXTYPEXX/bar} >> $HTML_REPORT`
		285	`#chart title`
		286	`elif [ $(echo $LINE_JS \| grep 'XXTITLEXX' \| wc -l) -eq 1 ]`
		287	`then`
		288	`echo ${LINE_JS/XXTITLEXX/"Sites bloqués au total"} >> $HTML_REPORT`
		289	`#chart data`
		290	`elif [ $(echo $LINE_JS \| grep 'XXDATAXX' \| wc -l) -eq 1 ]`
		291	`then`
		292	`echo ${LINE_JS/XXDATAXX/$VALUE_BL_INSTALLATION_DATA} >> $HTML_REPORT`
		293	`#color`
		294	`elif [ $(echo $LINE_JS \| grep 'XXCOLORXX' \| wc -l) -eq 1 ]`
		295	`then`
		296	`echo ${LINE_JS/XXCOLORXX/$COLOR} >> $HTML_REPORT`
		297	`#labels`
		298	`elif [ $(echo $LINE_JS \| grep 'XXLABELSXX' \| wc -l) -eq 1 ]`
		299	`then`
		300	`echo ${LINE_JS/XXLABELSXX/$VALUE_BL_INSTALLATION_LABEL} >> $HTML_REPORT`
		301	`elif [ $(echo $LINE_JS \| grep 'XXLEGENDXX' \| wc -l) -eq 1 ]`
		302	`then`
		303	`echo ${LINE_JS/XXLEGENDXX/false} >> $HTML_REPORT`
		304	`#display value of Y axis, only useful for chart bar`
		305	`elif [ $(echo $LINE_JS \| grep 'XXCOMMENT-BEGINXX' \| wc -l) -eq 1 ]`
		306	`then`
		307	`echo "" >> $HTML_REPORT`
		308	`#display value of Y axis, only useful for chart bar`
		309	`elif [ $(echo $LINE_JS \| grep 'XXCOMMENT-ENDXX' \| wc -l) -eq 1 ]`
		310	`then`
		311	`echo "" >> $HTML_REPORT`
		312	`elif [ $(echo $LINE_JS \| grep 'XXYLABELXX' \| wc -l) -eq 1 ]`
		313	`then`
2013	raphael.pi	314	`echo "\"Nombre de site bloqué par la blacklist\"" >> $HTML_REPORT`
2009	raphael.pi	315	`else`
		316	`echo $LINE_JS >> $HTML_REPORT`
		317	`fi`
		318	`done`
		319	`echo "</script>" >> $HTML_REPORT`
		320	`else`
		321	`echo "<h3>Aucune activité de la Blacklist depuis l'installation.</h3>" >> $HTML_REPORT`
		322	`fi`
		323
		324
		325
		326	`######################DNSMASQ BLACKLIST######################`
		327	`echo "Create BL website since $MAX_DAY_AGO days"`
		328
		329	`#if data exists, create BL section in html document`
		330	`if [ -e $TMP_BL ]`
		331	`then`
		332	`ENABLE_BL_WEEK=1`
		333	`#find data`
		334	`#count every BL website consulted since DAYS_AGO`
		335	`DATE_1=$C_TS`
		336	`DATE_2=$((DATE_1-$STEP_TS))`
		337
		338	`for LINE in $(cat $TMP_BL)`
		339	`do`
		340	`TS_FILE=$(echo $LINE \| cut -d':' -f1)`
		341	`#select only elements between DATE_1 and DATE_2`
		342	`if [ "$TS_FILE" -le "$DATE_1" -a "$TS_FILE" -ge "$DATE_2" ]`
		343	`then`
		344	`echo $LINE >> $TMP_BL_WEEK`
		345	`fi`
		346	`done`
		347
		348	`#then we count every occurence for each category in TMP_BL_WEEK`
		349	`for CAT in $(ls /usr/local/share/dnsmasq-bl/ -1 \| cut -d'.' -f1)`
		350	`do`
2013	raphael.pi	351	`echo "$CAT:$(grep -o ":$CAT:" <<< "$(cat $TMP_BL_WEEK)" \| wc -l):" >> $TMP_BL_WEEK_CAT`
2009	raphael.pi	352	`done`
		353
		354	`#we sort by number of occurence and we take the top 10 BL categories`
		355	`for LINE in $(sort -t':' -k2 -rn $TMP_BL_WEEK_CAT \| head -n 10)`
		356	`do`
		357
		358	`DATA=$(echo $LINE \| cut -d':' -f2)`
		359	`LABEL=$(echo $LINE \| cut -d':' -f1)`
		360	`if [ $DATA -ne 0 ]`
		361	`then`
		362	`VALUE_BL_DATA="$VALUE_BL_DATA $DATA, "`
		363	`VALUE_BL_LABEL="$VALUE_BL_LABEL '$LABEL ($DATA)',"`
		364
		365	`fi`
		366	`done`
		367
		368	`#get other categories (sum them all)`
		369	`if [ $(cat $TMP_BL_WEEK_CAT \| cut -d':' -f2 \| sort -k1 -rn \| tail -n+$(($(echo $VALUE_BL_DATA \| wc -w)+1)) \| paste -sd+ \| bc) -gt 0 ]`
		370	`then`
		371	`VALUE_BL_DATA="$VALUE_BL_DATA $(cat $TMP_BL_WEEK_CAT \| cut -d':' -f2 \| sort -k1 -rn \| tail -n+$(($(echo $VALUE_BL_DATA \| wc -w)+1)) \| paste -sd+ \| bc)"`
		372	`VALUE_BL_LABEL="$VALUE_BL_LABEL 'autre ($(cat $TMP_BL_WEEK_CAT \| cut -d':' -f2 \| sort -k1 -rn \| tail -n+$(($(echo $VALUE_BL_DATA \| wc -w)+1)) \| paste -sd+ \| bc))'"`
		373	`fi`
		374
		375	`#create chart pie in html file with javascript (chartjs.com)`
		376	`NAME_BL='chart_bl'`
		377	`CONF_BL='config_bl'`
		378	`echo "<center>" >> $HTML_REPORT`
		379	`echo "<canvas id='$NAME_BL' width='450' height='450' ></canvas>" >> $HTML_REPORT`
		380	`echo "</center>" >> $HTML_REPORT`
		381	`echo "<script>" >> $HTML_REPORT`
		382
		383	`cat $MODEL_CHARTJS \| while read LINE_JS`
		384	`do`
		385	`#variable name`
		386	`if [ $(echo $LINE_JS \| grep 'XXCONFXX' \| wc -l) -eq 1 ]`
		387	`then`
		388	`echo ${LINE_JS/XXCONFXX/$CONF_BL} >> $HTML_REPORT`
		389	`#chart type`
		390	`elif [ $(echo $LINE_JS \| grep 'XXTYPEXX' \| wc -l) -eq 1 ]`
		391	`then`
		392	`echo ${LINE_JS/XXTYPEXX/pie} >> $HTML_REPORT`
		393	`#graph title`
		394	`elif [ $(echo $LINE_JS \| grep 'XXTITLEXX' \| wc -l) -eq 1 ]`
		395	`then`
		396	`echo ${LINE_JS/XXTITLEXX/"Sites bloqués cette semaine"} >> $HTML_REPORT`
		397	`#chart data`
		398	`elif [ $(echo $LINE_JS \| grep 'XXDATAXX' \| wc -l) -eq 1 ]`
		399	`then`
		400	`echo ${LINE_JS/XXDATAXX/$VALUE_BL_DATA} >> $HTML_REPORT`
		401	`#color`
		402	`elif [ $(echo $LINE_JS \| grep 'XXCOLORXX' \| wc -l) -eq 1 ]`
		403	`then`
		404	`echo ${LINE_JS/XXCOLORXX/$COLOR} >> $HTML_REPORT`
		405	`#labels`
		406	`elif [ $(echo $LINE_JS \| grep 'XXLABELSXX' \| wc -l) -eq 1 ]`
		407	`then`
		408	`echo ${LINE_JS/XXLABELSXX/$VALUE_BL_LABEL} >> $HTML_REPORT`
		409	`#display legend, only useful for chart pie`
		410	`elif [ $(echo $LINE_JS \| grep 'XXLEGENDXX' \| wc -l) -eq 1 ]`
		411	`then`
		412	`echo ${LINE_JS/XXLEGENDXX/true} >> $HTML_REPORT`
		413	`#display value of Y axis, only useful for chart bar`
		414	`elif [ $(echo $LINE_JS \| grep 'XXCOMMENT-BEGINXX' \| wc -l) -eq 1 ]`
		415	`then`
		416	`echo "/*" >> $HTML_REPORT`
		417	`#display value of Y axis, only useful for chart bar`
		418	`elif [ $(echo $LINE_JS \| grep 'XXCOMMENT-ENDXX' \| wc -l) -eq 1 ]`
		419	`then`
		420	`echo "*/" >> $HTML_REPORT`
		421	`else`
		422	`echo $LINE_JS >> $HTML_REPORT`
		423	`fi`
		424	`done`
		425	`echo "</script>" >> $HTML_REPORT`
		426	`else`
		427	`echo "<h3>Aucune activité de la Blacklist cette semaine.</h3>" >> $HTML_REPORT`
		428	`fi`
		429
		430	`######################VIRUS THREAT######################`
		431	`echo "Create AV logs since the installation of ALCASAR"`
		432
		433	`#decompress every logs, if they exist`
2013	raphael.pi	434	`if [ $(ls -1 /var/log/havp/access.log.*.gz 2>/dev/null \| wc -l) -ge 1 ]`
2009	raphael.pi	435	`then`
		436	`gunzip -d access.log.*.gz`
		437	`fi`
		438
		439	`for FILE in $(ls -1 /var/log/havp/ \| grep 'access.log')`
		440	`do`
		441	`while read LINE_AV`
		442	`do`
		443	`Y=$(echo $LINE_AV \| cut -d' ' -f1)`
		444	`M=$(echo $LINE_AV \| cut -d' ' -f2)`
		445	`D=$(echo $LINE_AV \| cut -d' ' -f3)`
		446	`H=$(echo $LINE_AV \| cut -d' ' -f4)`
		447	`CURRENT_TS=$(date -d "$M $D $Y $H" +"%s")`
		448	`echo $CURRENT_TS >> $TMP_AV`
		449	`done < /var/log/havp/$FILE`
		450
		451	`done`
		452
		453	`if [ -e $TMP_AV ]`
		454	`then`
		455	`ENABLE_AV=1`
		456	`DATE_END=$(cat $TMP_AV \| sort -n \| head -1)`
		457	`for TS in $(seq $C_TS -$STEP_TS $DATE_END)`
		458	`do`
		459	`DATE_1=$TS`
		460	`DATE_2=$((TS-$STEP_TS))`
		461	`COUNT_AV=0`
		462
		463
		464	`for TS_FILE in $(cat $TMP_AV)`
		465	`do`
		466	`if [ "$TS_FILE" -le "$DATE_1" -a "$TS_FILE" -ge "$DATE_2" ]`
		467	`then`
		468	`COUNT_AV=$((COUNT_AV+1))`
		469
		470	`fi`
		471	`done`
		472
		473	`VALUE_AV_LABEL="'$(date -d @$DATE_2 "+%Y-%m-%d" )', $VALUE_AV_LABEL"`
		474	`VALUE_AV_DATA="$COUNT_AV, $VALUE_AV_DATA"`
		475	`done`
		476
		477	`#create Antivirus section in html document`
		478	`NAME_AV='chart_av'`
		479	`CONF_AV='config_av'`
		480	`echo "<center>" >> $HTML_REPORT`
		481	`echo "<canvas id='$NAME_AV' width='450' height='450' ></canvas>" >> $HTML_REPORT`
		482	`echo "</center>" >> $HTML_REPORT`
		483
		484
		485	`#create chart bar in html file with javascript (chartjs.com)`
		486	`echo "<script>" >> $HTML_REPORT`
		487	`cat $MODEL_CHARTJS \| while read LINE_JS`
		488	`do`
		489	`#name of variable`
		490	`if [ $(echo $LINE_JS \| grep 'XXCONFXX' \| wc -l) -eq 1 ]`
		491	`then`
		492	`echo ${LINE_JS/XXCONFXX/$CONF_AV} >> $HTML_REPORT`
		493	`#chart type`
		494	`elif [ $(echo $LINE_JS \| grep 'XXTYPEXX' \| wc -l) -eq 1 ]`
		495	`then`
		496	`echo ${LINE_JS/XXTYPEXX/bar} >> $HTML_REPORT`
		497	`#graph title`
		498	`elif [ $(echo $LINE_JS \| grep 'XXTITLEXX' \| wc -l) -eq 1 ]`
		499	`then`
		500	`echo ${LINE_JS/XXTITLEXX/"Menaces bloqués par l\'antivirus"} >> $HTML_REPORT`
		501	`#chart data`
		502	`elif [ $(echo $LINE_JS \| grep 'XXDATAXX' \| wc -l) -eq 1 ]`
		503	`then`
		504	`echo ${LINE_JS/XXDATAXX/$VALUE_AV_DATA} >> $HTML_REPORT`
		505	`#color`
		506	`elif [ $(echo $LINE_JS \| grep 'XXCOLORXX' \| wc -l) -eq 1 ]`
		507	`then`
		508	`echo ${LINE_JS/XXCOLORXX/$COLOR} >> $HTML_REPORT`
		509	`#labels`
		510	`elif [ $(echo $LINE_JS \| grep 'XXLABELSXX' \| wc -l) -eq 1 ]`
		511	`then`
		512	`echo ${LINE_JS/XXLABELSXX/$VALUE_AV_LABEL} >> $HTML_REPORT`
		513	`elif [ $(echo $LINE_JS \| grep 'XXLEGENDXX' \| wc -l) -eq 1 ]`
		514	`then`
		515	`echo ${LINE_JS/XXLEGENDXX/false} >> $HTML_REPORT`
		516	`#display value of Y axis, only useful for chart bar`
		517	`elif [ $(echo $LINE_JS \| grep 'XXCOMMENT-BEGINXX' \| wc -l) -eq 1 ]`
		518	`then`
		519	`echo "" >> $HTML_REPORT`
		520	`#display value of Y axis, only useful for chart bar`
		521	`elif [ $(echo $LINE_JS \| grep 'XXCOMMENT-ENDXX' \| wc -l) -eq 1 ]`
		522	`then`
		523	`echo "" >> $HTML_REPORT`
		524	`elif [ $(echo $LINE_JS \| grep 'XXYLABELXX' \| wc -l) -eq 1 ]`
		525	`then`
2013	raphael.pi	526	`echo "\"Nombre de menaces virales bloqués par l'antivirus\"" >> $HTML_REPORT`
2009	raphael.pi	527	`else`
		528	`echo $LINE_JS >> $HTML_REPORT`
		529	`fi`
		530	`done`
		531	`echo "</script>" >> $HTML_REPORT`
		532	`else`
		533	`echo "<h3>Aucune menace virale.</h3>" >> $HTML_REPORT`
		534	`fi`
		535
		536	`######################AUTHORIZED CONNECTIONS######################`
		537
		538	`echo "Create authorized connections since the installation of ALCASAR"`
		539	`#get number of authorized, forbidden and fail2ban connections :`
		540	`PASSWD_FILE="/root/ALCASAR-passwords.txt"`
		541	`QUERY="SELECT COUNT(acctterminatecause) FROM radacct WHERE acctterminatecause=\"User-Request\" ORDER BY acctstarttime"`
		542	`AUTHORIZED=$(mysql -D radius -u root -p$(cat $PASSWD_FILE \| grep "root /" \| rev \| cut -d' ' -f1 \| rev) -e "$QUERY" \| cut -d')' -f2)`
		543	`QUERY="SELECT COUNT(acctterminatecause) FROM radacct WHERE acctterminatecause=\"Admin-Reset\" ORDER BY acctstarttime"`
		544	`FORBIDDEN=$(mysql -D radius -u root -p$(cat $PASSWD_FILE \| grep "root /" \| rev \| cut -d' ' -f1 \| rev) -e "$QUERY" \| cut -d')' -f2)`
		545	`FAIL2BAN=$(strings /var/log/fail2ban.log \| grep " Ban " \| wc -l)`
		546
		547	`VALUE_AUTH="$AUTHORIZED, $FORBIDDEN, $FAIL2BAN"`
		548	`LABEL_AUTH="'Autorisées ($AUTHORIZED) ', 'Interdites ($FORBIDDEN)', 'fail2ban($FAIL2BAN)'"`
		549
		550	`#create chart pie in html file with javascript (chartjs.com)`
		551	`NAME_AUTH='chart_auth'`
		552	`CONF_AUTH='config_auth'`
		553	`echo "<center>" >> $HTML_REPORT`
		554	`echo "<canvas id='$NAME_AUTH' width='450' height='450' ></canvas>" >> $HTML_REPORT`
		555	`echo "</center>" >> $HTML_REPORT`
		556	`echo "<script>" >> $HTML_REPORT`
		557
		558	`cat $MODEL_CHARTJS \| while read LINE_JS`
		559	`do`
		560	`#variable name`
		561	`if [ $(echo $LINE_JS \| grep 'XXCONFXX' \| wc -l) -eq 1 ]`
		562	`then`
		563	`echo ${LINE_JS/XXCONFXX/$CONF_AUTH} >> $HTML_REPORT`
		564	`#chart type`
		565	`elif [ $(echo $LINE_JS \| grep 'XXTYPEXX' \| wc -l) -eq 1 ]`
		566	`then`
		567	`echo ${LINE_JS/XXTYPEXX/pie} >> $HTML_REPORT`
		568	`#graph title`
		569	`elif [ $(echo $LINE_JS \| grep 'XXTITLEXX' \| wc -l) -eq 1 ]`
		570	`then`
		571	`echo ${LINE_JS/XXTITLEXX/"Connexions des utilisateurs"} >> $HTML_REPORT`
		572	`#chart data`
		573	`elif [ $(echo $LINE_JS \| grep 'XXDATAXX' \| wc -l) -eq 1 ]`
		574	`then`
		575	`echo ${LINE_JS/XXDATAXX/$VALUE_AUTH} >> $HTML_REPORT`
		576	`#color`
		577	`elif [ $(echo $LINE_JS \| grep 'XXCOLORXX' \| wc -l) -eq 1 ]`
		578	`then`
		579	`echo ${LINE_JS/XXCOLORXX/"'#000099','#ff6600','#ff0000'"} >> $HTML_REPORT`
		580	`#labels`
		581	`elif [ $(echo $LINE_JS \| grep 'XXLABELSXX' \| wc -l) -eq 1 ]`
		582	`then`
		583	`echo ${LINE_JS/XXLABELSXX/$LABEL_AUTH} >> $HTML_REPORT`
		584	`#display legend, only useful for chart pie`
		585	`elif [ $(echo $LINE_JS \| grep 'XXLEGENDXX' \| wc -l) -eq 1 ]`
		586	`then`
		587	`echo ${LINE_JS/XXLEGENDXX/true} >> $HTML_REPORT`
		588	`#display value of Y axis, only useful for chart bar`
		589	`elif [ $(echo $LINE_JS \| grep 'XXCOMMENT-BEGINXX' \| wc -l) -eq 1 ]`
		590	`then`
		591	`echo "/*" >> $HTML_REPORT`
		592	`#display value of Y axis, only useful for chart bar`
		593	`elif [ $(echo $LINE_JS \| grep 'XXCOMMENT-ENDXX' \| wc -l) -eq 1 ]`
		594	`then`
		595	`echo "*/" >> $HTML_REPORT`
		596	`else`
		597	`echo $LINE_JS >> $HTML_REPORT`
		598	`fi`
		599	`done`
		600	`echo "</script>" >> $HTML_REPORT`
		601
		602
		603	`######################ALCASAR : DAILY USE######################`
		604	`echo "Get daily use connection of the week"`
		605	`#create html document`
		606	`echo "<h3>Statistiques volumétrie connexions</h3>" >> $HTML_REPORT`
		607
		608	`#create new htdigest user to consult statistique of ACC`
		609	`#if user does not exist, we create him`
		610	`if [ $(grep "$compte:" $DIR_KEY/key_only_manager \| wc -l) -lt 1 ]`
		611	`then`
		612	`(echo -n "$compte:$realm:" && echo -n "$compte:$realm:$password" \| md5sum \| awk '{print $1}' ) >> $DIR_KEY/key_only_manager`
		613	`(echo -n "$compte:$realm:" && echo -n "$compte:$realm:$password" \| md5sum \| awk '{print $1}' ) >> $DIR_KEY/key_manager`
		614	`(echo -n "$compte:$realm:" && echo -n "$compte:$realm:$password" \| md5sum \| awk '{print $1}' ) >> $DIR_KEY/key_all`
		615	`chown -R root:apache $DIR_KEY`
		616	`chmod 640 $DIR_KEY/key_*`
		617	`fi`
		618
		619	`#get stats.php from ACC`
		620	`wget -q -nv --user $compte --password $password https://alcasar/acc/manager/htdocs/stats.php -O $TMP_STATS --no-check-certificate`
		621
		622	`#clean this file to include it in html report.`
		623	`DELIM_1="<td colspan=10 height=20><img src=\"images\/pixel.gif\"><\/td>"`
		624	`DELIM_2="<\/td><\/tr> <\/table> <\/td><\/tr> <\/table> <\/td><\/tr> <\/table> <p>"`
		625	`cat $TMP_STATS \| sed -n "/$DELIM_1/,/$DELIM_2/p" \| tail -n+3 \| head -n-2 >> $TMP_STATS_2`
		626	`cat $TMP_STATS_2 \| sed -e 's:images/pixel.gif:../../manager/htdocs/images/pixel.gif:g' >> $HTML_REPORT`
		627
		628	`#we delete our user if he still exists`
		629	`if [ $(grep "$compte:" $DIR_KEY/key_only_manager \| wc -l) -ge 1 ]`
		630	`then`
		631	`$SED "/^$compte:/d" $DIR_KEY/key_only_manager`
		632	`$SED "/^$compte:/d" $DIR_KEY/key_manager`
		633	`$SED "/^$compte:/d" $DIR_KEY/key_all`
		634	`fi`
		635
		636	`######################FIN HTML######################`
		637
		638
		639	`#Execute our javascript function to print charts`
		640	`echo "<script>window.onload = function() {" >> $HTML_REPORT`
		641	`#BL SINCE INSTALLATION`
		642	`if [ $ENABLE_BL -eq "1" ]`
		643	`then`
		644	`echo "var ctx_$NAME_BL_INSTALLATION = document.getElementById('$NAME_BL_INSTALLATION').getContext('2d');" >> $HTML_REPORT`
		645	`echo "var $NAME_BL_INSTALLATION = new Chart(ctx_$NAME_BL_INSTALLATION, $CONF_BL_INSTALLATION);" >> $HTML_REPORT`
		646	`fi`
		647	`#BL WEEK`
		648	`if [ $ENABLE_BL_WEEK -eq "1" ]`
		649	`then`
		650	`echo "var ctx_$NAME_BL = document.getElementById('$NAME_BL').getContext('2d');" >> $HTML_REPORT`
		651	`echo "var $NAME_BL = new Chart(ctx_$NAME_BL, $CONF_BL);" >> $HTML_REPORT`
		652	`fi`
		653	`#VIRUS THREAT`
		654	`if [ $ENABLE_AV -eq "1" ]`
		655	`then`
		656	`echo "var ctx_$NAME_AV = document.getElementById('$NAME_AV').getContext('2d');" >> $HTML_REPORT`
		657	`echo "var $NAME_AV = new Chart(ctx_$NAME_AV, $CONF_AV);" >> $HTML_REPORT`
		658	`fi`
		659	`#CONNEXIONS AUTHORIZED`
		660	`echo "var ctx_$NAME_AUTH = document.getElementById('$NAME_AUTH').getContext('2d');" >> $HTML_REPORT`
		661	`echo "var $NAME_AUTH = new Chart(ctx_$NAME_AUTH, $CONF_AUTH);" >> $HTML_REPORT`
		662	`echo "};</script>" >> $HTML_REPORT`
		663
		664
		665
		666	`echo "</body>" >> $HTML_REPORT`
		667	`echo "</html>" >> $HTML_REPORT`
		668
2013	raphael.pi	669
2009	raphael.pi	670	`#convert html document to PDF`
		671	`/usr/bin/wkhtmltopdf $HTML_REPORT $(echo $HTML_REPORT \| cut -d'.' -f1).pdf`
		672	`chown apache:apache $(echo $HTML_REPORT \| cut -d'.' -f1).pdf`
		673	`chmod 644 $(echo $HTML_REPORT \| cut -d'.' -f1).pdf`
		674
2013	raphael.pi	675	`#compress every logs, if they exist`
		676	`if [ $(ls -1 /var/log/havp/access.log.* 2>/dev/null \| wc -l) -ge 1 ]`
		677	`then`
		678	`gzip /var/log/havp/access.log.*`
		679	`fi`
		680
		681	`#compress every logs`
		682	`if [ $(ls -1 /var/log/dnsmasq/dnsmasq-blacklist.log.* 2>/dev/null \| wc -l) -ge 1 ]`
		683	`then`
		684	`gzip /var/log/dnsmasq/dnsmasq-blacklist.log.*`
		685	`fi`
		686
		687	`#remove our files`
		688	`rm $TMP_BL`
		689	`rm $TMP_BL_WEEK`
		690	`rm $TMP_BL_WEEK_CAT`
		691	`rm $TMP_STATS`
		692	`rm $TMP_STATS_2`
2009	raphael.pi	693	`rm $HTML_REPORT`

Subversion Repositories ALCASAR

(root)/scripts/alcasar-activity_report.sh @ 2138 – Rev 2013