Subversion Repositories ALCASAR

Rev

Rev 2488 | Rev 2644 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2488 Rev 2521
Line 1... Line 1...
1
#!/bin/bash
1
#!/bin/bash
2
# $Id: alcasar-activity_report.sh 2488 2018-02-25 14:53:54Z lucas.echard $
2
# $Id: alcasar-activity_report.sh 2521 2018-04-02 19:46:16Z armand.ito $
3
#
3
#
4
# Create an activity report for ALCASAR every week (sunday at 5.35 pm --> see cron.d).
4
# Create an activity report for ALCASAR every week (sunday at 5.35 pm --> see cron.d).
5
# We read configuration files and logs to create cool charts.
5
# We read configuration files and logs to create cool charts.
6
# Written by Raphaël PION, Rexy & Tom HOUDAYER
6
# Written by Raphaël PION, Rexy & Tom HOUDAYER
7
 
7
 
Line 154... Line 154...
154
	VALUE=$(date -d @$(rpm -qa --queryformat "%{installtime} %{name}\n" | grep -E "clamav-db" | cut -d' ' -f1 ) "+%Y-%m-%d %H:%M:%S")
154
	VALUE=$(date -d @$(rpm -qa --queryformat "%{installtime} %{name}\n" | grep -E "clamav-db" | cut -d' ' -f1 ) "+%Y-%m-%d %H:%M:%S")
155
	echo ${LINE_HTML/XXMAJCLAMAVXX/$VALUE} >> $HTML_REPORT
155
	echo ${LINE_HTML/XXMAJCLAMAVXX/$VALUE} >> $HTML_REPORT
156
	
156
	
157
elif [ $(echo $LINE_HTML | grep 'XXMAJBLXX' | wc -l) -eq 1 ]
157
elif [ $(echo $LINE_HTML | grep 'XXMAJBLXX' | wc -l) -eq 1 ]
158
then
158
then
159
	VALUE=$(cat /etc/dansguardian/lists/blacklists/README | grep 'Last version' | cut -d' ' -f4-6)
159
	VALUE=$(cat /etc/e2guardian/lists/blacklists/README | grep 'Last version' | cut -d' ' -f4-6)
160
	echo ${LINE_HTML/XXMAJBLXX/$VALUE} >> $HTML_REPORT
160
	echo ${LINE_HTML/XXMAJBLXX/$VALUE} >> $HTML_REPORT
161
	
161
	
162
elif [ $(echo $LINE_HTML | grep 'XXRPMXX' | wc -l) -eq 1 ]
162
elif [ $(echo $LINE_HTML | grep 'XXRPMXX' | wc -l) -eq 1 ]
163
then
163
then
164
	#show every ALCASAR RPM updated since X day ago
164
	#show every ALCASAR RPM updated since X day ago
165
	#get timestamp of X day ago. Then we get every packets chich have been updated since this date.
165
	#get timestamp of X day ago. Then we get every packets chich have been updated since this date.
166
	if [ $(rpm -qa --queryformat '%{installtime} %{name} %{version}\n' | awk -v seuil="$SECS_AGO" '$1 > seuil' | sort -n | grep -E "$PACKAGE" | wc -l) -gt 1 ]
166
	if [ $(rpm -qa --queryformat '%{installtime} %{name} %{version}\n' | awk -v seuil="$SECS_AGO" '$1 > seuil' | sort -n | grep -E "$PACKAGE" | wc -l) -gt 1 ]
167
	then
167
	then
168
		PACKAGE='php|lighttpd|iptables|dnsmasq|radius|tinyproxy|nfdump|dansguardian|clamav|ulogd|chilli|fail2ban|openssh|havp|ipt-netflow|wget'
168
		PACKAGE='php|lighttpd|iptables|dnsmasq|radius|tinyproxy|nfdump|e2guardian|clamav|ulogd|chilli|fail2ban|openssh|havp|ipt-netflow|wget'
169
		rpm -qa --queryformat '%{installtime} %{name} %{version}\n' | awk -v seuil="$SECS_AGO" '$1 > seuil' | sort -n | grep -E "$PACKAGE" | while read RPM_ALCASAR
169
		rpm -qa --queryformat '%{installtime} %{name} %{version}\n' | awk -v seuil="$SECS_AGO" '$1 > seuil' | sort -n | grep -E "$PACKAGE" | while read RPM_ALCASAR
170
		do
170
		do
171
			RPM_TIMESTAMP=$(echo $RPM_ALCASAR | cut -d' ' -f1)
171
			RPM_TIMESTAMP=$(echo $RPM_ALCASAR | cut -d' ' -f1)
172
			RPM_DATE=$(date -d @$(echo $RPM_TIMESTAMP) "+%Y-%m-%d %H:%M:%S")
172
			RPM_DATE=$(date -d @$(echo $RPM_TIMESTAMP) "+%Y-%m-%d %H:%M:%S")
173
			RPM_NAME=$(echo $RPM_ALCASAR | cut -d' ' -f2)
173
			RPM_NAME=$(echo $RPM_ALCASAR | cut -d' ' -f2)