Line 1... |
Line 1... |
1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
2 |
# $Id: alcasar-activity_report.sh 3099 2022-12-28 11:30:30Z rexy $
|
2 |
# $Id: alcasar-activity_report.sh 3230 2024-11-06 23:38:15Z rexy $
|
3 |
#
|
3 |
#
|
4 |
# Create an activity report for ALCASAR every week (sunday at 5.35 pm --> see cron.d).
|
4 |
# Create an activity report for ALCASAR every week (sunday at 5.35 pm --> see cron.d).
|
5 |
# We read configuration files and logs to create cool charts.
|
5 |
# We read configuration files and logs to create cool charts.
|
6 |
# Written by Raphaël PION, Rexy & Tom HOUDAYER
|
6 |
# Written by Raphaël PION, Rexy & Tom HOUDAYER
|
7 |
|
7 |
|
Line 162... |
Line 162... |
162 |
then
|
162 |
then
|
163 |
#show every ALCASAR RPM updated since X day ago
|
163 |
#show every ALCASAR RPM updated since X day ago
|
164 |
#get timestamp of X day ago. Then we get every packets chich have been updated since this date.
|
164 |
#get timestamp of X day ago. Then we get every packets chich have been updated since this date.
|
165 |
if [ "$(rpm -qa --queryformat '%{installtime} %{name} %{version}\n' | awk -v seuil="$SECS_AGO" '$1 > seuil' | sort -n | grep -E "$PACKAGE" | wc -l)" -gt 1 ]
|
165 |
if [ "$(rpm -qa --queryformat '%{installtime} %{name} %{version}\n' | awk -v seuil="$SECS_AGO" '$1 > seuil' | sort -n | grep -E "$PACKAGE" | wc -l)" -gt 1 ]
|
166 |
then
|
166 |
then
|
167 |
PACKAGE='php|lighttpd|iptables|unbound|radius|nfdump|e2guardian|clamav|ulogd|chilli|fail2ban|openssh|ipt-netflow|wget|mariadb|gnupg|openssl'
|
167 |
PACKAGE='php|apache|iptables|unbound|radius|nfdump|e2guardian|clamav|ulogd|chilli|fail2ban|openssh|ipt-netflow|wget|mariadb|gnupg|openssl'
|
168 |
rpm -qa --queryformat '%{installtime} %{name} %{version}\n' | awk -v seuil="$SECS_AGO" '$1 > seuil' | sort -n | grep -E "$PACKAGE" | while read RPM_ALCASAR
|
168 |
rpm -qa --queryformat '%{installtime} %{name} %{version}\n' | awk -v seuil="$SECS_AGO" '$1 > seuil' | sort -n | grep -E "$PACKAGE" | while read RPM_ALCASAR
|
169 |
do
|
169 |
do
|
170 |
RPM_TIMESTAMP=$(echo $RPM_ALCASAR | cut -d' ' -f1)
|
170 |
RPM_TIMESTAMP=$(echo $RPM_ALCASAR | cut -d' ' -f1)
|
171 |
RPM_DATE=$(date -d "@$(echo $RPM_TIMESTAMP)" "+%Y-%m-%d %H:%M:%S")
|
171 |
RPM_DATE=$(date -d "@$(echo $RPM_TIMESTAMP)" "+%Y-%m-%d %H:%M:%S")
|
172 |
RPM_NAME=$(echo $RPM_ALCASAR | cut -d' ' -f2)
|
172 |
RPM_NAME=$(echo $RPM_ALCASAR | cut -d' ' -f2)
|