done #2
This commit is contained in:
parent
3404a130c0
commit
f42eddacbb
18
scan_chk.sh
18
scan_chk.sh
|
@ -2,6 +2,9 @@
|
|||
|
||||
PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
|
||||
|
||||
LOGFILE="$(hostname)_chkrootkit-$(date +'%Y-%m-%d').txt";
|
||||
GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||
|
||||
# vars gotify
|
||||
readonly TOKEN="<TOKEN_GOTIFY_APP>"
|
||||
|
||||
|
@ -16,7 +19,20 @@ FILES_WHITELIST="${FILES_WHITELIST} /usr/lib/python3/dist-packages/fail2ban/test
|
|||
OUT=$(chkrootkit -q -s "$SNIFFERS_WHITELIST" -e "$FILES_WHITELIST")
|
||||
if [ -n "$OUT" ]
|
||||
then
|
||||
sh ./utils/gotifypush.sh "CHK Scan $(hostname)" "$OUT" 5 $TOKEN
|
||||
issues=$(echo "$OUT" | wc -l)
|
||||
OUT=$(echo "$OUT" | sed -z 's/\n/\\n/g')
|
||||
echo $OUT > "./$LOGFILE"
|
||||
|
||||
# send log to logs public archive
|
||||
LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE")
|
||||
# delete local log
|
||||
rm $LOGFILE
|
||||
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} Scan end: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} There are **$issues** security issues \r"
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} [LogFile]($LOG_URL)"
|
||||
|
||||
sh ./utils/gotifypush.sh "CHK Scan $(hostname)" "$GOTIFY_MESSAGE" 5 $TOKEN
|
||||
else
|
||||
echo "[chkrootkit] system clean"
|
||||
fi
|
||||
|
|
22
scan_rkh.sh
22
scan_rkh.sh
|
@ -1,14 +1,30 @@
|
|||
GNU nano 5.4 scan_rkh.sh
|
||||
#!/bin/bash
|
||||
|
||||
PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
|
||||
|
||||
LOGFILE="$(hostname)_rkhunter-$(date +'%Y-%m-%d').txt";
|
||||
GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||
|
||||
#vars rkhunter
|
||||
readonly TOKEN="<TOKEN_GOTIFY_APP>"
|
||||
|
||||
OUT=$(rkhunter -c -sk --rwo)
|
||||
OUT=$(rkhunter -c -sk --rwo -l "./rkhunter.log")
|
||||
if [ -n "$OUT" ]
|
||||
then
|
||||
sh ./utils/gotifypush.sh "RKH Scan $(hostname)" "$OUT" 5 $TOKEN
|
||||
issues=$(echo "$OUT" | wc -l)
|
||||
mv "./rkhunter.log" "./$LOGFILE"
|
||||
|
||||
# send log to logs public archive
|
||||
LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE")
|
||||
# delete local log
|
||||
rm $LOGFILE
|
||||
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} Scan end: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} There are **$issues** security issues \r"
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} [LogFile]($LOG_URL)"
|
||||
|
||||
sh ./utils/gotifypush.sh "RKH Scan $(hostname)" "$GOTIFY_MESSAGE" 5 $TOKEN
|
||||
else
|
||||
echo "[rkhunter] system clean"
|
||||
echo "[rkhunter] system clean"
|
||||
fi
|
||||
|
|
|
@ -21,7 +21,7 @@ fi
|
|||
# prevent gotify post error: invalid character '\\n' in string literal
|
||||
# scape \\n newlines for json
|
||||
# https://unix.stackexchange.com/questions/453883/how-to-escape-new-line-characters-for-json
|
||||
MESSAGE=$(echo "$MESSAGE" | sed -z 's/\n/\\n/g')
|
||||
# MESSAGE=$(echo "$MESSAGE" | sed -z 's/\n/\\n/g')
|
||||
|
||||
# better curl usage https://github.com/gotify/server/issues/68
|
||||
#curl --silent --output /dev/null --show-error --fail -X .... #silent curl execution, no output, only html code if error
|
||||
|
|
Loading…
Reference in New Issue