Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Marcus Klang
Host Monitor
Commits
4bf48a0d
Commit
4bf48a0d
authored
Jun 05, 2021
by
csadmin
Browse files
Added version for macOS
parent
d15179c1
Changes
1
Hide whitespace changes
Inline
Side-by-side
macOS/host-monitor.sh
0 → 100755
View file @
4bf48a0d
#!/bin/bash
# Getting data for the host web.cs.lth.se"
# 2021-05-17/PM
MONITOR_RESTAPI_URL
=
https://monitor.cs.lth.se/api/v1
source
/usr/local/bin/host-monitor.template
# 1. Generating data
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# sysinfo
# Operating System (OS='macOS 10.15.7 (build: 19H1030)'):
OS
=
"macOS
$(
sw_vers
-productVersion
2>/dev/null
)
(build:
$(
sw_vers
-buildVersion
2>/dev/null
)
)"
BuildVersion
=
"
$(
sw_vers
-buildVersion
2>/dev/null
)
"
DistroVer
=
"
$(
sw_vers
-buildVersion
2>/dev/null
)
"
# DistroVer='20C69'
# Get the OS version
OSver
=
"
$(
sw_vers
-productVersion
2>/dev/null
)
"
# Get a full name for the version (see https://en.wikipedia.org/wiki/Darwin_(operating_system)):
case
"
$DistroVer
"
in
8
*
)
Distro
=
"Mac OS X
${
OSver
}
Tiger (build:
$BuildVersion
)"
;;
9
*
)
Distro
=
"Mac OS X
${
OSver
}
Leopard (build:
$BuildVersion
)"
;;
10
*
)
Distro
=
"Mac OS X
${
OSver
}
Snow Leopard (build:
$BuildVersion
)"
;;
11
*
)
Distro
=
"Mac OS X
${
OSver
}
Lion (build:
$BuildVersion
)"
;;
12
*
)
Distro
=
"OS X
${
OSver
}
Mountain Lion (build:
$BuildVersion
)"
;;
13
*
)
Distro
=
"OS X
${
OSver
}
Mavericks (build:
$BuildVersion
)"
;;
14
*
)
Distro
=
"OS X
${
OSver
}
Yosemite (build:
$BuildVersion
)"
;;
15
*
)
Distro
=
"OS X
${
OSver
}
El Capitan (build:
$BuildVersion
)"
;;
16
*
)
Distro
=
"macOS
${
OSver
}
Sierra (build:
$BuildVersion
)"
;;
17
*
)
Distro
=
"macOS
${
OSver
}
High Sierra (build:
$BuildVersion
)"
;;
18
*
)
Distro
=
"macOS
${
OSver
}
Mojave (build:
$BuildVersion
)"
;;
19
*
)
Distro
=
"macOS
${
OSver
}
Catalina (build:
$BuildVersion
)"
;;
20
*
)
Distro
=
"macOS
${
OSver
}
Big Sur (build:
$BuildVersion
)"
;;
*
)
Distro
=
"macOS"
;;
esac
# Kind of CPU (CPUModel=CPUModel='Quad-Core Intel Core i3'):
SysHW
=
"
$(
system_profiler SPHardwareDataType 2>/dev/null
)
"
CPUModel
=
"
$(
sysctl
-n
machdep.cpu.brand_string |
sed
-e
's/(R)/®/g'
-e
's/(TM)/™/g'
)
"
# CPUModel='Intel® Core™ i3-8100B CPU @ 3.60GHz' or CPUModel='Apple M1'
# Number of CPU:s (NbrCPUs=2):
NbrCPUs
=
$(
sysctl hw.physicalcpu |
awk
'{print $NF}'
)
# Size of memory [kB] (# RAM=3997352):
RAM
=
$(
echo
"scale=0;
$(
sysctl hw.memsize |
awk
'{print $NF}'
)
/ 1024"
| bc
-l
)
# Kind of memory (ECC='No ECC' or ECC='Multi-bit ECC'). No Mac's have ECC memory as of 2021:
ECC
=
"No ECC"
# What kind of authentication? Ex: Authentication=Lucat
Authentication
=
"
$(
if
[
"
$(
dsconfigad
-show
2>/dev/null |
grep
"Active Directory Domain"
|
cut
-d
=
-f2
|
sed
's/^ *//'
)
"
=
"uw.lu.se"
]
;
then
echo
"Lucat"
;
else
echo
"Standalone"
;
fi
)
"
AuthStr
=
"
\"
authentication
\"
:
\"
${
Authentication
}
\"
"
# Ex: AuthStr='"authentication": "Lucat"'
# Firewall. Ex: Firewall=ufw
Firewall
=
""
FirewWStr
=
"
\"
firewall
\"
:
\"
${
Firewall
}
\"
"
# Ex: FirewWStr='"firewall":"ufw"'
# Disks
#Filesystems="$(df -kT -t xfs -t ext4 | egrep "\/" | awk '{print $1" "$2" "$3" "$7}')"
# Ex: a number of rows with
# Filesystem Type 1K-blocks Mounted on
#/dev/mapper/vg0-ubuntu ext4 13343816 /
PartList
=
"
$(
df
2>/dev/null | egrep
"^
\/
dev
\/
disk"
|
awk
'{print $1}'
|
sort
)
"
# Ex: PartList='/dev/disk1 /dev/disk2s3 /dev/disk3s3 /dev/disk3s2 /dev/disk2s2'
# Flags
# SIP
[[
-x
/usr/bin/csrutil
]]
&&
SIP
=
"
$(
csrutil status 2>/dev/null |
cut
-d
:
-f2
|
sed
-e
's/^\ //g'
-e
's/.$//'
| perl
-pe
's/^(.)/uc($1)/e'
)
"
||
SIP
=
"Not enabled"
# ALF
ALF
=
"
$(
/usr/libexec/ApplicationFirewall/socketfilterfw
--getglobalstate
|
cut
-d
\.
-f1
|
awk
'{print $NF}'
| perl
-pe
's/^(.)/uc($1)/e'
)
"
# Packet Filter Firewall
PFF
=
"
$(
pfctl
-sa
2>/dev/null |
grep
^Status: |
awk
'{print $2}'
)
"
# FileVault
FileVault
=
"
$(
fdesetup status |
grep
"^FileVault is "
|
awk
'{print $NF}'
|
sed
's/\.$//'
)
"
# GateKeeper
GateKeeper
=
"
$(
spctl
--status
2>/dev/null |
awk
'{print $2}'
| perl
-pe
's/^(.)/uc($1)/e'
)
"
# Little Snitch
LittleSnitch
=
"
$(
if
[
-n
"
$(
pgrep
"littlesnitch.daemon"
)
"
]
;
then
echo
"Running"
;
else
echo
"Not running"
;
fi
)
"
# Ex: CPUBugs='cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit'
Architecture
=
"
$(
uname
-m
2>/dev/null |
sed
-e
"s/i386/i686/"
)
"
# Ex: Architecture=arm64
# Are we in a Virtual environment
MacModel
=
"
$(
system_profiler SPHardwareDataType 2>/dev/null | egrep
"^
\s
*Model Identifier:"
|
awk
'{print $NF}'
)
"
if
[
!
"
$(
echo
$MacModel
|
cut
-c1-3
)
"
=
"Mac"
-a
!
"
$(
echo
$MacModel
|
cut
-c1-3
)
"
=
"iMa"
-a
!
"
$(
echo
$MacModel
|
cut
-c1-3
)
"
=
"Xse"
]
;
then
VMenv
=
"Virtual Mac"
else
VMenv
=
""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Security patches
SecurityPatches
=
"
$(
softwareupdate
-l
2>/dev/null | egrep
-i
"Security"
|
cut
-d
:
-f2
|
cut
-c2-
)
"
# Ex: SecurityPatches='macOS Catalina Security Update 2021-003-10.15.7'
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Listening ports
ListeningPorts
=
"
$(
lsof +c 0
-i
4
-i
6
-n
-P
2>/dev/null |
grep
LISTEN |
awk
'{print $1" "$3" "$5" "$8" "$9 }'
|
sed
's/\(.*\):/\1 /'
|
sort
-u
)
"
# List of: Application User IPver Proto Servicerange Port
# apache2 root IPv6 TCP * 88
# apache2 www-data IPv6 TCP * 88
# cupsd root IPv4 TCP 127.0.0.1 631
# cupsd root IPv6 TCP [::1] 631
# dnsmasq nobody IPv4 TCP 127.0.1.1 53
# docker-proxy root IPv6 TCP * 4000
# dsmcad root IPv4 TCP * 1581
# dsmcad root IPv4 TCP * 2123
# Network interfaces
IFs
=
"
$(
networksetup
-listnetworkserviceorder
2>/dev/null | egrep
"Hardware Port:"
|
awk
'{print $NF}'
|
cut
-d
\)
-f1
)
"
# Ex: IFs='en0
# en1
# en7
####################################################################################################################################################################
####################################################################################################################################################################
# 2. Generate JSON-parts
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# sysinfo
# Create a string for the CPU Bugs (to make the final assemble shorter)
CPUBugsStr
=
"
$(
if
[
-n
"
$CPUBugs
"
]
;
then
echo
",
\"
cpu-bugs:
${
CPUBugs
// /\
",
\"
cpu-bugs:}
\"
"
; fi)
"
# Platform
if [ -n "
$VMenv
" ]; then
PlatformStr="
\
"platform
\"
: {
\"
virtualized
\"
: true,
\"
name
\"
:
\"
$VMenv
\"
}"
else
PlatformStr=
"
\"
platform
\"
: {
\"
virtualized
\"
: false,
\"
name
\"
:
\"
type:
$MacModel
\"
}"
fi
# Assemble the Flags string
Flags=
"
\"
SIP:
$SIP
\"
,
\"
ALF:
${
ALF
}
\"
,
\"
PFF:
$PFF
\"
,
\"
FileVault:
$FileVault
\"
,
\"
GateKeeper:
$GateKeeper
\"
,
\"
LittleSnitch:
$LittleSnitch
\"
,
\"
vm:
${
VMenv
}
\"
,
\"
arch:
${
Architecture
:-
--
}
\"
,
\"
selinux:N/A
\"
"
# Ex
:
Flags=
'"selinux:Not present", "kernel:5.4.0-62-generic", "cpu-bugs:cpu_meltdown", "cpu-bugs:spectre_v1", "cpu-bugs:spectre_v2", "cpu-bugs:spec_store_bypass", "cpu-bugs:l1tf", "cpu-bugs:mds", "cpu-bugs:swapgs", "cpu-bugs:itlb_multihit", "vm:VMware Virtual Platform", "arch:x86_64"'
# partitions
OUTPUT=
""
while read -r Partition
do
MountPoint=
"
$(
df
2>/dev/null |
grep
"^
$Partition
"
|
cut
-d
%
-f3
|
sed
's/^ *//'
)
"
FS=
"
$(
diskutil info
"
$MountPoint
"
|
grep
"Name (User Visible):"
|
cut
-d
:
-f2
|
sed
's/^ *//'
)
"
TotalKb=
"
$(
df
-lk
| egrep
"
\s
${
MountPoint
}
$"
|
awk
'{print $2}'
)
"
LVM=
""
OUTPUT+=
"{
\"
partition
\"
:
\"
$Partition
\"
,
\"
mount-point
\"
:
\"
$MountPoint
\"
,
\"
type
\"
:
\"
$FS
\"
,
\"
total-kb
\"
:
$TotalKb
,
\"
storage
\"
:
\"
${
LVM
:-
direct
}
\"
},"
done <<<
"
$PartList
"
# Eliminate the final comma
FilesystemStr=
"
\"
partitions
\"
: [
${
OUTPUT
%%,
}
]"
# Network interfaces
OUTPUT=
""
for iname in
$IFs
do
if ifconfig
$iname
&>/dev/null; then
IP4=
"
$(
ifconfig
$iname
| egrep
"
\s
inet
\s
"
|
awk
'{print $2}'
)
"
IP6=
"
$(
ifconfig
$iname
| egrep
"
\s
inet6
\s
"
|
awk
'{print $2}'
)
"
MAC=
"
$(
ifconfig
$iname
| egrep
"
\s
ether
\s
"
|
awk
'{print $2}'
)
"
MAC_P=
"N/A"
Speed=
"
$(
ifconfig
$iname
| egrep
"
\s
media:
\s
"
|
cut
-d
:
-f2
|
cut
-c2-
)
"
OUTPUT+=
"{
\"
interface
\"
:
\"
$iname
\"
,
\"
ip4
\"
:
\"
${
IP4
}
\"
,
\"
ip6
\"
:
\"
${
IP6
}
\"
,
\"
mac
\"
:
\"
${
MAC
}
\"
,
\"
mac-p
\"
:
\"
${
MAC_P
}
\"
,
\"
speed
\"
:
\"
${
Speed
}
\"
},"
fi
done
NIStr=
"
\"
network-interfaces
\"
: [
${
OUTPUT
%%,
}
]"
# Ex
:
NIStr=
'"network-interfaces": [ { "interface": "en0", "ip4": "130.235.16.24", "ip6": "fe80::1056:c14e:a1f:2b30%en0", "mac": "f0:18:98:f2:09:54", "mac-p": "", "speed": "autoselect (1000baseT <full-duplex,flow-control>)" },{ "interface": "en1", "ip4": "169.254.229.191", "ip6": "fe80::41:db52:455a:9347%en1", "mac": "f8:ff:c2:2e:ea:a3", "mac-p": "", "speed": "autoselect (<unknown type>)" },{ "interface": "bridge0", "ip4": "", "ip6": "", "mac": "82:77:86:e3:60:01", "mac-p": "", "speed": "<unknown type>" } ]'
CPUstr=
"
\"
cpu
\"
: {
\"
name
\"
:
\"
${
CPUModel
:-
--
}
\"
,
\"
threads
\"
:
${
NbrCPUs
:-
--
}
}"
RAMStr=
"
\"
memory
\"
: {
\"
total-kb
\"
:
${
RAM
:-
--
}
,
\"
type
\"
:
\"
${
ECC
:-
--
}
\"
}"
SysinfoStr=
"
\"
sysinfo
\"
: {
\"
os
\"
:
\"
${
Distro
:-
--
}
\"
,
\"
authentication
\"
:
\"
${
Authentication
}
\"
,
\"
firewall
\"
:
\"
ALF:
${
ALF
}
\"
,
\"
flags
\"
: [
${
Flags
}
],
$CPUstr
,
$RAMStr
,
${
FilesystemStr
}
,
$NIStr
,
$PlatformStr
}"
# Ex
:
# SysinfoStr=
'"sysinfo": { "os": "Ubuntu 20.10", "authentication":"Lucat", "firewall":"ufw", "flags": [ "selinux:Not present", "kernel:5.4.0-62-generic", "cpu-bugs:cpu_meltdown", "cpu-bugs:spectre_v1", "cpu-bugs:spectre_v2", "cpu-bugs:spec_store_bypass", "cpu-bugs:l1tf", "cpu-bugs:mds", "cpu-bugs:swapgs", "cpu-bugs:itlb_multihit", "vm:VMware Virtual Platform", "arch:x86_64" ], "cpu": { "name": "Intel® Xeon® CPU E5-2680 v4 @ 2.40GHz", "threads": 2 }, "memory": { "total-kb": 2006416, "type": "No ECC" }, "partitions": [ { "partition": "/dev/mapper/vg0-ubuntu", "mount-point":"/", "type":"ext4", "total-kb":13343816, "lvm":"LVM" },{ "partition": "/dev/sda2", "mount-point":"/boot", "type":"ext4", "total-kb":999320, "lvm":"--" },{ "partition": "/dev/mapper/vg2-log", "mount-point":"/var/log", "type":"ext4", "total-kb":10251576, "lvm":"LVM" },{ "partition": "/dev/mapper/vg1-home", "mount-point":"/home", "type":"ext4", "total-kb":515795384, "lvm":"LVM" } ] }'
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# listening ports
if [ -n
"
$ListeningPorts
"
]; then
OUTPUT=
""
while read -r line
do
read Application User IPver Proto Binding Port <<<
"
$line
"
# Determine if there
's some form of firewall rule that covers $Port:
FWrule="null"
OUTPUT+="{ \"binding\": \"${Binding:--}\", \"port\": ${Port:--}, \"process-owner\": \"${Application:--}\", \"process-user\": \"${User:--}\", \"protocol\": \"${Proto:--}\", \"firewall-rule\": $FWrule },"
done <<< "$ListeningPorts"
# Eliminate the final comma
ListenStr=", \"listen-ports\": [ ${OUTPUT%%,} ]"
else
ListenStr=""
fi
# Ex:
# ListenStr='
"sysinfo"
:
{
"os"
:
"Ubuntu 20.10"
,
"authentication"
:
"Lucat"
,
"firewall"
:
"ufw"
,
"flags"
:
[
"selinux:Not present"
,
"kernel:5.4.0-62-generic"
,
"cpu-bugs:cpu_meltdown"
,
"cpu-bugs:spectre_v1"
,
"cpu-bugs:spectre_v2"
,
"cpu-bugs:spec_store_bypass"
,
"cpu-bugs:l1tf"
,
"cpu-bugs:mds"
,
"cpu-bugs:swapgs"
,
"cpu-bugs:itlb_multihit"
,
"vm:VMware Virtual Platform"
,
"arch:x86_64"
],
"cpu"
:
{
"name"
:
"Intel® Xeon® CPU E5-2680 v4 @ 2.40GHz"
,
"threads"
:
2
}
, "
memory
": { "
total-kb
": 2006416, "
type
": "
No ECC
" }, "
partitions
": [ { "
partition
": "
/dev/mapper/vg0-ubuntu
", "
mount-point
":"
/
", "
type
":"
ext4
", "
total-kb
":13343816, "
lvm
":"
LVM
" },{ "
partition
": "
/dev/sda2
", "
mount-point
":"
/boot
", "
type
":"
ext4
", "
total-kb
":999320, "
lvm
":"
--
" },{ "
partition
": "
/dev/mapper/vg2-log
", "
mount-point
":"
/var/log
", "
type
":"
ext4
", "
total-kb
":10251576, "
lvm
":"
LVM
" },{ "
partition
": "
/dev/mapper/vg1-home
", "
mount-point
":"
/home
", "
type
":"
ext4
", "
total-kb
":515795384, "
lvm
":"
LVM
" } ] }'
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# security patches
if [ -n "
$SecurityPatches
" ]; then
OUTPUT=""
while read -r Patch
do
OUTPUT+="
{
\"
installed-version
\"
:
\"\"
,
\"
new-version
\"
:
\"\"
,
\"
package
\"
:
\"
$Patch
\"
,
\"
sources
\"
:
[
\"
Apple
\"
,
\"
Apple
\"
]
}
,
"
done <<< "
$SecurityPatches
"
# Eliminate the final comma
SecurityPatchStr="
,
\"
security-patches
\"
:
[
"
${
OUTPUT
%%,
}
"
]
"
else
SecurityPatchStr=""
fi
# Ex:
# SecurityPatchStr=', "
security-patches
": [ { "
installed-version
": "", "
new-version
": "", "
package
": "
macOS Catalina Security Update 2021-003-10.15.7
", "
sources
": } ]'
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# network
NetworkStr="
\"
network
\"
:
{
\"
hostname
\"
:
\"
$(
hostname
-f
)
\"
$AliasName
}
"
# 3. Build observation string and check for errors
OBSERVATIONS="
{
${
SysinfoStr
//\
"--
\"
/null},
${
NetworkStr
}${
ListenStr
//\
"--
\"
/null}
${
SecurityPatchStr
}
}"
# 4. Upload results
curl --silent -X POST
"
$MONITOR_RESTAPI_URL
/hosts/monitor?token=
$SOURCE_TOKEN
"
\
-H
"accept: application/json"
\
-H
"Content-Type: application/json"
\
-d
"
$OBSERVATIONS
"
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment