Commit 4bf48a0d authored by csadmin's avatar csadmin
Browse files

Added version for macOS

parent d15179c1
#!/bin/bash
# Getting data for the host web.cs.lth.se"
# 2021-05-17/PM
MONITOR_RESTAPI_URL=https://monitor.cs.lth.se/api/v1
source /usr/local/bin/host-monitor.template
# 1. Generating data
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# sysinfo
# Operating System (OS='macOS 10.15.7 (build: 19H1030)'):
OS="macOS $(sw_vers -productVersion 2>/dev/null) (build: $(sw_vers -buildVersion 2>/dev/null))"
BuildVersion="$(sw_vers -buildVersion 2>/dev/null)"
DistroVer="$(sw_vers -buildVersion 2>/dev/null)" # DistroVer='20C69'
# Get the OS version
OSver="$(sw_vers -productVersion 2>/dev/null)"
# Get a full name for the version (see https://en.wikipedia.org/wiki/Darwin_(operating_system)):
case "$DistroVer" in
8*) Distro="Mac OS X ${OSver} Tiger (build: $BuildVersion)" ;;
9*) Distro="Mac OS X ${OSver} Leopard (build: $BuildVersion)" ;;
10*) Distro="Mac OS X ${OSver} Snow Leopard (build: $BuildVersion)" ;;
11*) Distro="Mac OS X ${OSver} Lion (build: $BuildVersion)" ;;
12*) Distro="OS X ${OSver} Mountain Lion (build: $BuildVersion)" ;;
13*) Distro="OS X ${OSver} Mavericks (build: $BuildVersion)" ;;
14*) Distro="OS X ${OSver} Yosemite (build: $BuildVersion)" ;;
15*) Distro="OS X ${OSver} El Capitan (build: $BuildVersion)" ;;
16*) Distro="macOS ${OSver} Sierra (build: $BuildVersion)" ;;
17*) Distro="macOS ${OSver} High Sierra (build: $BuildVersion)" ;;
18*) Distro="macOS ${OSver} Mojave (build: $BuildVersion)" ;;
19*) Distro="macOS ${OSver} Catalina (build: $BuildVersion)" ;;
20*) Distro="macOS ${OSver} Big Sur (build: $BuildVersion)" ;;
*) Distro="macOS" ;;
esac
# Kind of CPU (CPUModel=CPUModel='Quad-Core Intel Core i3'):
SysHW="$(system_profiler SPHardwareDataType 2>/dev/null)"
CPUModel="$(sysctl -n machdep.cpu.brand_string | sed -e 's/(R)/®/g' -e 's/(TM)/™/g')"
# CPUModel='Intel® Core™ i3-8100B CPU @ 3.60GHz' or CPUModel='Apple M1'
# Number of CPU:s (NbrCPUs=2):
NbrCPUs=$(sysctl hw.physicalcpu | awk '{print $NF}')
# Size of memory [kB] (# RAM=3997352):
RAM=$(echo "scale=0; $(sysctl hw.memsize | awk '{print $NF}') / 1024" | bc -l)
# Kind of memory (ECC='No ECC' or ECC='Multi-bit ECC'). No Mac's have ECC memory as of 2021:
ECC="No ECC"
# What kind of authentication? Ex: Authentication=Lucat
Authentication="$(if [ "$(dsconfigad -show 2>/dev/null | grep "Active Directory Domain" | cut -d= -f2 | sed 's/^ *//')" = "uw.lu.se" ]; then echo "Lucat"; else echo "Standalone"; fi)"
AuthStr="\"authentication\": \"${Authentication}\"" # Ex: AuthStr='"authentication": "Lucat"'
# Firewall. Ex: Firewall=ufw
Firewall=""
FirewWStr="\"firewall\":\"${Firewall}\"" # Ex: FirewWStr='"firewall":"ufw"'
# Disks
#Filesystems="$(df -kT -t xfs -t ext4 | egrep "\/" | awk '{print $1" "$2" "$3" "$7}')"
# Ex: a number of rows with
# Filesystem Type 1K-blocks Mounted on
#/dev/mapper/vg0-ubuntu ext4 13343816 /
PartList="$(df 2>/dev/null | egrep "^\/dev\/disk" | awk '{print $1}' | sort)"
# Ex: PartList='/dev/disk1 /dev/disk2s3 /dev/disk3s3 /dev/disk3s2 /dev/disk2s2'
# Flags
# SIP
[[ -x /usr/bin/csrutil ]] && SIP="$(csrutil status 2>/dev/null | cut -d: -f2 | sed -e 's/^\ //g' -e 's/.$//' | perl -pe 's/^(.)/uc($1)/e')" || SIP="Not enabled"
# ALF
ALF="$(/usr/libexec/ApplicationFirewall/socketfilterfw --getglobalstate | cut -d\. -f1 | awk '{print $NF}' | perl -pe 's/^(.)/uc($1)/e')"
# Packet Filter Firewall
PFF="$(pfctl -sa 2>/dev/null | grep ^Status: | awk '{print $2}')"
# FileVault
FileVault="$(fdesetup status | grep "^FileVault is " | awk '{print $NF}' | sed 's/\.$//')"
# GateKeeper
GateKeeper="$(spctl --status 2>/dev/null | awk '{print $2}' | perl -pe 's/^(.)/uc($1)/e')"
# Little Snitch
LittleSnitch="$(if [ -n "$(pgrep "littlesnitch.daemon")" ]; then echo "Running"; else echo "Not running"; fi)"
# Ex: CPUBugs='cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit'
Architecture="$(uname -m 2>/dev/null | sed -e "s/i386/i686/")" # Ex: Architecture=arm64
# Are we in a Virtual environment
MacModel="$(system_profiler SPHardwareDataType 2>/dev/null | egrep "^\s*Model Identifier:" | awk '{print $NF}')"
if [ ! "$(echo $MacModel | cut -c1-3)" = "Mac" -a ! "$(echo $MacModel | cut -c1-3)" = "iMa" -a ! "$(echo $MacModel | cut -c1-3)" = "Xse" ]; then
VMenv="Virtual Mac"
else
VMenv=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Security patches
SecurityPatches="$(softwareupdate -l 2>/dev/null | egrep -i "Security" | cut -d: -f2 | cut -c2-)"
# Ex: SecurityPatches='macOS Catalina Security Update 2021-003-10.15.7'
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Listening ports
ListeningPorts="$(lsof +c 0 -i 4 -i 6 -n -P 2>/dev/null | grep LISTEN | awk '{print $1" "$3" "$5" "$8" "$9 }' | sed 's/\(.*\):/\1 /' | sort -u)"
# List of: Application User IPver Proto Servicerange Port
# apache2 root IPv6 TCP * 88
# apache2 www-data IPv6 TCP * 88
# cupsd root IPv4 TCP 127.0.0.1 631
# cupsd root IPv6 TCP [::1] 631
# dnsmasq nobody IPv4 TCP 127.0.1.1 53
# docker-proxy root IPv6 TCP * 4000
# dsmcad root IPv4 TCP * 1581
# dsmcad root IPv4 TCP * 2123
# Network interfaces
IFs="$(networksetup -listnetworkserviceorder 2>/dev/null | egrep "Hardware Port:" | awk '{print $NF}' | cut -d\) -f1)"
# Ex: IFs='en0
# en1
# en7
####################################################################################################################################################################
####################################################################################################################################################################
# 2. Generate JSON-parts
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# sysinfo
# Create a string for the CPU Bugs (to make the final assemble shorter)
CPUBugsStr="$(if [ -n "$CPUBugs" ]; then echo ", \"cpu-bugs:${CPUBugs// /\", \"cpu-bugs:}\""; fi)"
# Platform
if [ -n "$VMenv" ]; then
PlatformStr="\"platform\": { \"virtualized\": true, \"name\": \"$VMenv\" }"
else
PlatformStr="\"platform\": { \"virtualized\": false, \"name\": \"type:$MacModel\" }"
fi
# Assemble the Flags string
Flags="\"SIP:$SIP\", \"ALF:${ALF}\", \"PFF:$PFF\", \"FileVault:$FileVault\", \"GateKeeper:$GateKeeper\", \"LittleSnitch:$LittleSnitch\", \"vm:${VMenv}\", \"arch:${Architecture:---}\", \"selinux:N/A\""
# Ex: Flags='"selinux:Not present", "kernel:5.4.0-62-generic", "cpu-bugs:cpu_meltdown", "cpu-bugs:spectre_v1", "cpu-bugs:spectre_v2", "cpu-bugs:spec_store_bypass", "cpu-bugs:l1tf", "cpu-bugs:mds", "cpu-bugs:swapgs", "cpu-bugs:itlb_multihit", "vm:VMware Virtual Platform", "arch:x86_64"'
# partitions
OUTPUT=""
while read -r Partition
do
MountPoint="$(df 2>/dev/null | grep "^$Partition" | cut -d% -f3 | sed 's/^ *//')"
FS="$(diskutil info "$MountPoint" | grep "Name (User Visible):" | cut -d: -f2 | sed 's/^ *//')"
TotalKb="$(df -lk | egrep "\s${MountPoint}$" | awk '{print $2}')"
LVM=""
OUTPUT+="{ \"partition\": \"$Partition\", \"mount-point\":\"$MountPoint\", \"type\":\"$FS\", \"total-kb\":$TotalKb, \"storage\":\"${LVM:-direct}\" },"
done <<< "$PartList"
# Eliminate the final comma
FilesystemStr="\"partitions\": [ ${OUTPUT%%,} ]"
# Network interfaces
OUTPUT=""
for iname in $IFs
do
if ifconfig $iname &>/dev/null; then
IP4="$(ifconfig $iname | egrep "\sinet\s" | awk '{print $2}')"
IP6="$(ifconfig $iname | egrep "\sinet6\s" | awk '{print $2}')"
MAC="$(ifconfig $iname | egrep "\sether\s" | awk '{print $2}')"
MAC_P="N/A"
Speed="$(ifconfig $iname | egrep "\smedia:\s" | cut -d: -f2 | cut -c2-)"
OUTPUT+="{ \"interface\": \"$iname\", \"ip4\": \"${IP4}\", \"ip6\": \"${IP6}\", \"mac\": \"${MAC}\", \"mac-p\": \"${MAC_P}\", \"speed\": \"${Speed}\" },"
fi
done
NIStr="\"network-interfaces\": [ ${OUTPUT%%,} ]"
# Ex: NIStr='"network-interfaces": [ { "interface": "en0", "ip4": "130.235.16.24", "ip6": "fe80::1056:c14e:a1f:2b30%en0", "mac": "f0:18:98:f2:09:54", "mac-p": "", "speed": "autoselect (1000baseT <full-duplex,flow-control>)" },{ "interface": "en1", "ip4": "169.254.229.191", "ip6": "fe80::41:db52:455a:9347%en1", "mac": "f8:ff:c2:2e:ea:a3", "mac-p": "", "speed": "autoselect (<unknown type>)" },{ "interface": "bridge0", "ip4": "", "ip6": "", "mac": "82:77:86:e3:60:01", "mac-p": "", "speed": "<unknown type>" } ]'
CPUstr="\"cpu\": { \"name\": \"${CPUModel:---}\", \"threads\": ${NbrCPUs:---} }"
RAMStr="\"memory\": { \"total-kb\": ${RAM:---}, \"type\": \"${ECC:---}\" }"
SysinfoStr="\"sysinfo\": { \"os\": \"${Distro:---}\", \"authentication\":\"${Authentication}\", \"firewall\":\"ALF: ${ALF}\", \"flags\": [ ${Flags} ], $CPUstr, $RAMStr, ${FilesystemStr}, $NIStr, $PlatformStr }"
# Ex:
# SysinfoStr='"sysinfo": { "os": "Ubuntu 20.10", "authentication":"Lucat", "firewall":"ufw", "flags": [ "selinux:Not present", "kernel:5.4.0-62-generic", "cpu-bugs:cpu_meltdown", "cpu-bugs:spectre_v1", "cpu-bugs:spectre_v2", "cpu-bugs:spec_store_bypass", "cpu-bugs:l1tf", "cpu-bugs:mds", "cpu-bugs:swapgs", "cpu-bugs:itlb_multihit", "vm:VMware Virtual Platform", "arch:x86_64" ], "cpu": { "name": "Intel® Xeon® CPU E5-2680 v4 @ 2.40GHz", "threads": 2 }, "memory": { "total-kb": 2006416, "type": "No ECC" }, "partitions": [ { "partition": "/dev/mapper/vg0-ubuntu", "mount-point":"/", "type":"ext4", "total-kb":13343816, "lvm":"LVM" },{ "partition": "/dev/sda2", "mount-point":"/boot", "type":"ext4", "total-kb":999320, "lvm":"--" },{ "partition": "/dev/mapper/vg2-log", "mount-point":"/var/log", "type":"ext4", "total-kb":10251576, "lvm":"LVM" },{ "partition": "/dev/mapper/vg1-home", "mount-point":"/home", "type":"ext4", "total-kb":515795384, "lvm":"LVM" } ] }'
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# listening ports
if [ -n "$ListeningPorts" ]; then
OUTPUT=""
while read -r line
do
read Application User IPver Proto Binding Port <<< "$line"
# Determine if there's some form of firewall rule that covers $Port:
FWrule="null"
OUTPUT+="{ \"binding\": \"${Binding:--}\", \"port\": ${Port:--}, \"process-owner\": \"${Application:--}\", \"process-user\": \"${User:--}\", \"protocol\": \"${Proto:--}\", \"firewall-rule\": $FWrule },"
done <<< "$ListeningPorts"
# Eliminate the final comma
ListenStr=", \"listen-ports\": [ ${OUTPUT%%,} ]"
else
ListenStr=""
fi
# Ex:
# ListenStr='"sysinfo": { "os": "Ubuntu 20.10", "authentication":"Lucat", "firewall":"ufw", "flags": [ "selinux:Not present", "kernel:5.4.0-62-generic", "cpu-bugs:cpu_meltdown", "cpu-bugs:spectre_v1", "cpu-bugs:spectre_v2", "cpu-bugs:spec_store_bypass", "cpu-bugs:l1tf", "cpu-bugs:mds", "cpu-bugs:swapgs", "cpu-bugs:itlb_multihit", "vm:VMware Virtual Platform", "arch:x86_64" ], "cpu": { "name": "Intel® Xeon® CPU E5-2680 v4 @ 2.40GHz", "threads": 2 }, "memory": { "total-kb": 2006416, "type": "No ECC" }, "partitions": [ { "partition": "/dev/mapper/vg0-ubuntu", "mount-point":"/", "type":"ext4", "total-kb":13343816, "lvm":"LVM" },{ "partition": "/dev/sda2", "mount-point":"/boot", "type":"ext4", "total-kb":999320, "lvm":"--" },{ "partition": "/dev/mapper/vg2-log", "mount-point":"/var/log", "type":"ext4", "total-kb":10251576, "lvm":"LVM" },{ "partition": "/dev/mapper/vg1-home", "mount-point":"/home", "type":"ext4", "total-kb":515795384, "lvm":"LVM" } ] }'
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# security patches
if [ -n "$SecurityPatches" ]; then
OUTPUT=""
while read -r Patch
do
OUTPUT+="{ \"installed-version\": \"\", \"new-version\": \"\", \"package\": \"$Patch\", \"sources\": [ \"Apple\",\"Apple\" ] },"
done <<< "$SecurityPatches"
# Eliminate the final comma
SecurityPatchStr=", \"security-patches\": [ "${OUTPUT%%,}" ]"
else
SecurityPatchStr=""
fi
# Ex:
# SecurityPatchStr=', "security-patches": [ { "installed-version": "", "new-version": "", "package": "macOS Catalina Security Update 2021-003-10.15.7", "sources": } ]'
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# network
NetworkStr="\"network\": { \"hostname\": \"$(hostname -f)\"$AliasName }"
# 3. Build observation string and check for errors
OBSERVATIONS="{ ${SysinfoStr//\"--\"/null}, ${NetworkStr}${ListenStr//\"--\"/null}${SecurityPatchStr} }"
# 4. Upload results
curl --silent -X POST "$MONITOR_RESTAPI_URL/hosts/monitor?token=$SOURCE_TOKEN" \
-H "accept: application/json" \
-H "Content-Type: application/json" \
-d "$OBSERVATIONS"
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment