Skip to content
GitLab
Commit 58fbb20d authored by root's avatar root
Browse files

Merge branch 'master' of https://git.cs.lth.se/marcus/host-monitor

parents 412997bc aa602d3b
Hide whitespace changes
Inline Side-by-side
Synology/host-monitor.sh 0 → 100755
View file @ 58fbb20d
#!/bin/bash
# Getting data for Synology boxes
# 2021-06-07/PM
MONITOR_RESTAPI_URL=https://monitor.cs.lth.se/api/v1
source /var/services/homes/csadmin/monitoring/host-monitor.template
# 1. Generating data
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# sysinfo
OS="DSM $(egrep productversion /etc.defaults/VERSION | cut -d\" -f2)-$(egrep buildnumber /etc.defaults/VERSION | cut -d\" -f2)"
# Kind of CPU (CPUModel='Intel® Atom™ CPU C2538 @ 2.40GHz'):
CPUModel="$(egrep "^model name" /proc/cpuinfo | sort -u | cut -d: -f2 | sed -e 's/^ //' -e 's/(R)/®/g' -e 's/(TM)/™/')"
if [ -z "$CPUModel" ]; then
CPUModel="$(egrep "^Processor" /proc/cpuinfo | sort -u | cut -d: -f2)"
fi
# Number of CPU:s (NbrCPUs=2):
NbrCPUs=$(egrep -i "^processor" /proc/cpuinfo | wc -l)
# Size of memory [kB]
if [ -x /sbin/dmidecode ]; then
RAM=$(/sbin/dmidecode -t 17 2>/dev/null | grep "Size.*MB" | awk '{s+=$2} END {print s * 1024}') # Ex: RAM=4194304
# Kind of memory (ECC='No ECC' or ECC='Multi-bit ECC'):
ECC="$(/sbin/dmidecode -t memory 2>/dev/null | egrep "Error Correction Type" | sort -u | cut -d: -f2 | sed -e 's/^ //' -e 's/None/No ECC/')"
else
RAM="$(egrep "^MemTotal:" /proc/meminfo | awk '{print $2}')"
ECC="No ECC"
fi
# What kind of authentication? Ex: Authentication=Lucat
if [ -n "$(egrep -v "#|^$" /etc/synoinfo.conf | egrep "uwdc[0-9]{1,2}.uw.lu.se")" -a -n "$(egrep "default_realm = UW.LU.SE" /etc/krb5.conf)" ]; then
Authentication="Lucat"
else
Authentication="Standalone"
fi
AuthStr="\"authentication\": \"${Authentication}\"" # Ex: AuthStr='"authentication": "Lucat"'
# Firewall:
if [ -n "$(/sbin/iptables --list --line-numbers | egrep "^[0-9]\s")" ]; then
Firewall="iptables: Enabled"
else
Firewall="Disabled"
fi
FirewWStr="\"firewall\":\"${Firewall}\"" # Ex: FirewWStr='"firewall":"ufw"'
# Disks
Filesystems="$(df -k -T -x tmpfs -x devtmpfs | egrep -v "^Filesystem" | awk '{print $1" "$2" "$3" "$7}')"
# Ex: a number of rows with
# /dev/md0 ext4 2442780672 /
# /dev/vg1/volume_1 btrfs 11508005167104 /volume1
#(Filesystem Type 1B-blocks Mounted on)
LVMDisks=""
# Flags
# SELinux
SELinux="N/A"
# CPU bugs
CPUBugs=""
# Ex: CPUBugs='cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit'
Kernel="$(uname -r 2>/dev/null)" # Ex: Kernel=3.10.105
Architecture="$(uname -m 2>/dev/null)" # Ex: Architecture=x86_64
# Are we in a Virtual environment? No, not on a Synology!
VMenv=""
# Get more platform data
PlatformManufacturer="$(/sbin/dmidecode -t 2 2>/dev/null | egrep "^\s*Manufacturer:" | cut -d: -f2 | cut -c2-)" # Ex: PlatformManufacturer='Type2 - Board Vendor Name1'
PlatformType="$(/sbin/dmidecode -t 2 2>/dev/null | egrep "^\s*Type:" | cut -d: -f2 | cut -c2-)" # Ex: PlatformType=Motherboard
DeviceType="$(egrep "upnpdevicetype" /etc/synoinfo.conf | cut -d\" -f2)"
ModelName="$(egrep "upnpmodelname" /etc/synoinfo.conf | cut -d\" -f2)"
# Network interfaces
IFs=$(/sbin/ip a |awk '/state UP/{print $2}' | sed 's/://')
# Ex: IFs='eth0
# eth1
# eth2
# eth3
# bond0'
# fail2ban
Fail2Ban="N/A"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Security patches
SecurityPatches=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Listening ports
ListeningPorts="$(netstat -tulpn 2>/dev/null | egrep "LISTEN" | egrep -v "\-\s*$" | sed -e 's_/_ _' -e 's/: /:_/' | awk '{print $8" "$7" "$1" "$4 }' | sort -u)"
# List of: Application PID Proto_IPver Binding:Port
# afpd 11179 tcp6 :::548
# cnid_metad 11180 tcp 127.0.0.1:4700
# httpd22 16613 tcp 127.0.0.1:914
# iscsi_snapsho 17728 tcp 0.0.0.0:3262
# nginx:_master 11631 tcp 0.0.0.0:443
####################################################################################################################################################################
####################################################################################################################################################################
# 2. Generate JSON-parts
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# sysinfo
# Assemble the Flags string
Flags="\"selinux:$SELinux\", \"kernel:${Kernel}\", \"arch:${Architecture:---}\", \"fail2ban:$Fail2Ban\""
# partitions
OUTPUT=""
while read -r Filesystem Type KBlocks MountP
do
LVM=""
OUTPUT+="{ \"partition\": \"$Filesystem\", \"mount-point\":\"$MountP\", \"type\":\"$Type\", \"total-kb\":$KBlocks, \"storage\":\"${LVM:-direct}\" },"
done <<< "$Filesystems"
# Assemble the complete string (minus the final comma)
FilesystemStr="\"partitions\": [ ${OUTPUT%%,} ]"
# Network interfaces
OUTPUT=""
for iname in $IFs
do
IP4=$(/sbin/ip -4 -o a show ${iname%%@if[0-9]*} | awk '{print $4}')
IP6=$(/sbin/ip -6 -o a show ${iname%%@if[0-9]*} | awk '{print $4}')
MAC="$(/sbin/ip link show dev ${iname%%@if[0-9]*} |awk '/link/{print $2}')"
MAC_P=$(ethtool -P ${iname%%@if[0-9]*} | awk '{print $NF}')
Speed="$(ethtool ${iname%%@if[0-9]*} | grep "Speed:" | awk '{print $NF}')"
OUTPUT+="{ \"interface\": \"$iname\", \"ip4\": \"${IP4}\", \"ip6\": \"${IP6}\", \"mac\": \"${MAC}\", \"mac-p\": \"${MAC_P}\", \"speed\": \"${Speed}\" },"
done
NIStr="\"network-interfaces\": [ $(echo "${OUTPUT}" | sed 's/,$//') ]"
# Ex: NIStr='"network-interfaces": [ { "interface": "ens192", "ip4": "130.235.16.11/23", "ip6": "fe80::250:56ff:feb6:b194/64", "mac": "00:50:56:b6:b1:94", "mac-p": "00:50:56:b6:b1:94", "speed": "10000Mb/s" } ]'
# Platform
PlatformStr="\"platform\": { \"virtualized\": false, \"name\": \"$DeviceType $ModelName\" }"
# network
AliasName=", \"alias\": [\"$DNSAlias\"] "
NetworkStr="\"network\": { \"hostname\": \"$(hostname -f)\"$AliasName }"
CPUstr="\"cpu\": { \"name\": \"${CPUModel:---}\", \"threads\": ${NbrCPUs:---} }"
RAMStr="\"memory\": { \"total-kb\": ${RAM:---}, \"type\": \"${ECC:---}\" }"
SysinfoStr="\"sysinfo\": { \"os\": \"${OS:---}\", \"authentication\":\"${Authentication}\", \"firewall\":\"${Firewall}\", \"flags\": [ ${Flags} ], $CPUstr, $RAMStr, $FilesystemStr, $NIStr, $PlatformStr, $NetworkStr }"
# Ex:
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# listening ports
# List of: Application PID Proto_IPver Binding:Port
# afpd 11179 tcp6 :::548
if [ -n "$ListeningPorts" ]; then
OUTPUT=""
while read -r line
do
#read Application User IPver Proto Binding Port <<< "$line"
read Application PidUser Proto_IPver Binding_Port <<< "$line"
FWrule="null"
if [ -n "$(echo "$Proto_IPver" | egrep 6)" ]; then
PROTO="IPv6:${Proto_IPver%%6}"
else
PROTO="IPv4:$Proto_IPver"
fi
Euser="$(ps -p $PidUser --no-headers -o euser)"
Binding="$(echo "${Binding_Port%%:[0-9]*}" | sed -e 's/0.0.0.0/*/')"
Port="$(echo "$Binding_Port" | awk '-F:' '{print $NF}')"
OUTPUT+="{ \"binding\": \"${Binding:--}\", \"port\": ${Port:--}, \"process-owner\": \"${Application:--}\", \"process-user\": \"${Euser:--}\", \"protocol\": \"${PROTO:--}\", \"firewall-rule\": $FWrule },"
done <<< "$ListeningPorts"
# Assemble the complete string (minus the final comma)
ListenStr=", \"listen-ports\": [ ${OUTPUT%%,} ]"
else
ListenStr=""
fi
# Ex:
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# security patches
if [ -n "$SecurityPatches" ]; then
OUTPUT=""
while read -r Package Sources InstalledVer Arch NewVer
do
Source="$(echo -e ${Sources//,/'\n'} | sort -u | sed -z 's/\n/,/g;s/,$/\n/')"
STR="\"${Sources//,/\",\"}\""
SourceArr="$(echo -e ${STR//,/'\n'} | sort -u | sed -z 's/\n/,/g;s/,$/\n/')"
OUTPUT+="{ \"installed-version\": \"$InstalledVer\", \"new-version\": \"$NewVer\", \"package\": \"$Package\", \"sources\": [ $SourceArr ] },"
done <<< "$SecurityPatches"
# Assemble the complete string (minus the final comma)
SecurityPatchStr=", \"security-patches\": [ ${OUTPUT%%,} ]"
else
SecurityPatchStr=""
fi
# 3. Build observation string and check for errors
OBSERVATIONS="{ ${SysinfoStr//\"--\"/null}${ListenStr//\"--\"/null}${SecurityPatchStr} }"
# 4. Upload results
curl --silent -X POST "$MONITOR_RESTAPI_URL/hosts/monitor?token=$SOURCE_TOKEN" \
-H "accept: application/json" \
-H "Content-Type: application/json" \
-d "$OBSERVATIONS"
linux/host-monitor.sh
View file @ 58fbb20d
......@@ -37,8 +37,10 @@ CPUModel="$(egrep "^model name" /proc/cpuinfo | sort -u | cut -d: -f2 | sed -e '
# Number of CPU:s (NbrCPUs=2):
NbrCPUs=$(egrep "^processor" /proc/cpuinfo | wc -l)
# Size of memory [kB]
#RAM=$(egrep "^MemTotal" /proc/meminfo | awk '{print $2}')
RAM=$(/usr/sbin/dmidecode -t 17 | grep "Size.*MB" | awk '{s+=$2} END {print s * 1024}') # Ex: RAM=4194304
if [ $RAM -eq 0 ]; then
RAM=$(egrep "^MemTotal" /proc/meminfo | awk '{print $2}')
fi
# Kind of memory (ECC='No ECC' or ECC='Multi-bit ECC'):
ECC="$(/usr/sbin/dmidecode -t memory | egrep "Error Correction Type" | sort -u | cut -d: -f2 | sed -e 's/^ //' -e 's/None/No ECC/')"
# What kind of authentication? Ex: Authentication=Lucat
......@@ -60,7 +62,7 @@ LVMDisks="$(lsblk -b | egrep -i lvm | awk '{print $4" "$NF}' | egrep -vi swap |
# Flags
# SELinux
SELinux="$(if sestatus &>/dev/null; then sestatus | egrep "^Current mode:" | awk '{print $NF}'; else echo "Not present"; fi)"
SELinux="$(if sestatus &>/dev/null; then sestatus | egrep "^Current mode:|^SELinux status:" | awk '{print $NF}'; else echo "Not present"; fi)"
# CPU bugs
CPUBugs="$(egrep "^bugs" /proc/cpuinfo | cut -d: -f2 | cut -c2- | uniq)"
# Ex: CPUBugs='cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit'
......
macOS/host-monitor.sh 0 → 100755
View file @ 58fbb20d
#!/bin/bash
# Getting data for the host web.cs.lth.se"
# 2021-05-17/PM
# Tested on:
# - OS X 10.11.6 “El Capitan”
# - macOS 10.12.6 “Sierra”
# - macOS 10.15 “Catalina”
MONITOR_RESTAPI_URL=https://monitor.cs.lth.se/api/v1
source /usr/local/bin/host-monitor.template
# 1. Generating data
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# sysinfo
# Operating System (OS='macOS 10.15.7 (build: 19H1030)'):
OS="macOS $(/usr/bin/sw_vers -productVersion 2>/dev/null) (build: $(/usr/bin/sw_vers -buildVersion 2>/dev/null))"
BuildVersion="$(/usr/bin/sw_vers -buildVersion 2>/dev/null)"
DistroVer="$(/usr/bin/sw_vers -buildVersion 2>/dev/null)" # DistroVer='20C69'
# Get the OS version
OSver="$(/usr/bin/sw_vers -productVersion 2>/dev/null)"
# Get a full name for the version (see https://en.wikipedia.org/wiki/Darwin_(operating_system)):
case "$DistroVer" in
8*) Distro="Mac OS X ${OSver} “Tiger” (build: $BuildVersion)" ;;
9*) Distro="Mac OS X ${OSver} “Leopard” (build: $BuildVersion)" ;;
10*) Distro="Mac OS X ${OSver} “Snow Leopard” (build: $BuildVersion)" ;;
11*) Distro="Mac OS X ${OSver} “Lion” (build: $BuildVersion)" ;;
12*) Distro="OS X ${OSver} “Mountain Lion” (build: $BuildVersion)" ;;
13*) Distro="OS X ${OSver} “Mavericks” (build: $BuildVersion)" ;;
14*) Distro="OS X ${OSver} “Yosemite” (build: $BuildVersion)" ;;
15*) Distro="OS X ${OSver} “El Capitan” (build: $BuildVersion)" ;;
16*) Distro="macOS ${OSver} “Sierra” (build: $BuildVersion)" ;;
17*) Distro="macOS ${OSver} “High Sierra” (build: $BuildVersion)" ;;
18*) Distro="macOS ${OSver} “Mojave” (build: $BuildVersion)" ;;
19*) Distro="macOS ${OSver} “Catalina” (build: $BuildVersion)" ;;
20*) Distro="macOS ${OSver} “Big Sur” (build: $BuildVersion)" ;;
*) Distro="macOS" ;;
esac
# Kind of CPU (CPUModel=CPUModel='Quad-Core Intel Core i3'):
SysHW="$(/usr/sbin/system_profiler SPHardwareDataType 2>/dev/null)"
CPUModel="$(/usr/sbin/sysctl -n machdep.cpu.brand_string | sed -e 's/(R)/®/g' -e 's/(TM)/™/g')"
# CPUModel='Intel® Core™ i3-8100B CPU @ 3.60GHz' or CPUModel='Apple M1'
# Number of CPU:s (NbrCPUs=2):
NbrCPUs=$(/usr/sbin/sysctl hw.logicalcpu | awk '{print $NF}')
# Size of memory [kB] (# RAM=3997352):
RAM=$(echo "scale=0; $(/usr/sbin/sysctl hw.memsize | awk '{print $NF}') / 1024" | bc -l)
# Kind of memory (ECC='No ECC' or ECC='Multi-bit ECC'). No Mac's have ECC memory as of 2021:
ECC="No ECC"
# What kind of authentication? Ex: Authentication=Lucat
if [ "$(dsconfigad -show 2>/dev/null | grep "Active Directory Domain" | cut -d= -f2 | sed 's/^ *//')" = "uw.lu.se" ]; then
Authentication="Lucat"
else
Authentication="Standalone"
fi
AuthStr="\"authentication\": \"${Authentication}\"" # Ex: AuthStr='"authentication": "Lucat"'
# Disks
PartList="$(df 2>/dev/null | egrep "^\/dev\/disk" | awk '{print $1}' | sort)"
# Ex: PartList='/dev/disk1 /dev/disk2s3 /dev/disk3s3 /dev/disk3s2 /dev/disk2s2'
# Flags
# SIP
if [ -x /usr/bin/csrutil ]; then
SIP="$(csrutil status 2>/dev/null | cut -d: -f2 | sed -e 's/^\ //g' -e 's/.$//' | perl -pe 's/^(.)/uc($1)/e')"
else
SIP="Not enabled"
fi
# ALF
ALF="$(/usr/libexec/ApplicationFirewall/socketfilterfw --getglobalstate | cut -d\. -f1 | awk '{print $NF}' | perl -pe 's/^(.)/uc($1)/e')"
if [ "$ALF" = "Enabled" ]; then
Firewall="ALF"
else
Firewall=""
fi
# Packet Filter Firewall
PFF="$(/sbin/pfctl -sa 2>/dev/null | grep ^Status: | awk '{print $2}')"
# FileVault
FileVault="$(/usr/bin/fdesetup status | grep "^FileVault is " | awk '{print $NF}' | sed 's/\.$//' | sed -e 's/On/Enabled/' -e 's/Off/Disabled/')"
# GateKeeper
GateKeeper="$(/usr/sbin/spctl --status 2>/dev/null | awk '{print $2}' | perl -pe 's/^(.)/uc($1)/e')"
# Little Snitch
if [ -n "$(pgrep "littlesnitch.daemon")" ]; then
LittleSnitch="Enabled"
else
if [ -x /Applications/Little\ Snitch.app/Contents/MacOS/Little\ Snitch ]; then
LittleSnitch="Disabled"
else
LittleSnitch="Not installed"
fi
fi
FirewWStr="\"firewall\":\"${Firewall}\"" # Ex: FirewWStr='"firewall":"ALF"'
Architecture="$(uname -m 2>/dev/null | sed -e "s/i386/i686/")" # Ex: Architecture=arm64
# Are we in a Virtual environment
MacModel="$(/usr/sbin/system_profiler SPHardwareDataType 2>/dev/null | egrep "^\s*Model Identifier:" | awk '{print $NF}')"
if [ ! "$(echo $MacModel | cut -c1-3)" = "Mac" -a ! "$(echo $MacModel | cut -c1-3)" = "iMa" -a ! "$(echo $MacModel | cut -c1-3)" = "Xse" ]; then
VMenv="Virtual Mac"
else
VMenv=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Security patches
SecurityPatches="$(/usr/sbin/softwareupdate -l 2>/dev/null | egrep -i "Security" | cut -d: -f2 | cut -c2-)"
# Ex: SecurityPatches='macOS Catalina Security Update 2021-003-10.15.7'
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Listening ports
ListeningPorts="$(/usr/sbin/lsof +c 0 -i 4 -i 6 -n -P 2>/dev/null | grep LISTEN | awk '{print $1" "$3" "$5" "$8" "$9 }' | sed 's/\(.*\):/\1 /' | sort -u)"
# List of: Application User IPver Proto Servicerange Port
# apache2 root IPv6 TCP * 88
# apache2 www-data IPv6 TCP * 88
# cupsd root IPv4 TCP 127.0.0.1 631
# cupsd root IPv6 TCP [::1] 631
# dnsmasq nobody IPv4 TCP 127.0.1.1 53
# docker-proxy root IPv6 TCP * 4000
# dsmcad root IPv4 TCP * 1581
# dsmcad root IPv4 TCP * 2123
# Network interfaces
IFs="$(/usr/sbin/networksetup -listnetworkserviceorder 2>/dev/null | egrep "Hardware Port:" | awk '{print $NF}' | cut -d\) -f1)"
# Ex: IFs='en0
# en1
# en7
####################################################################################################################################################################
####################################################################################################################################################################
# 2. Generate JSON-parts
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# sysinfo
# Platform
if [ -n "$VMenv" ]; then
PlatformStr="\"platform\": { \"virtualized\": true, \"name\": \"$VMenv\" }"
else
PlatformStr="\"platform\": { \"virtualized\": false, \"name\": \"type:$MacModel\" }"
fi
# Assemble the Flags string
Flags="\"SIP:$SIP\", \"ALF:${ALF}\", \"PFF:$PFF\", \"FileVault:$FileVault\", \"GateKeeper:$GateKeeper\", \"LittleSnitch:$LittleSnitch\", \"arch:${Architecture:---}\", \"selinux:N/A\""
# Ex: Flags='"SIP:Enabled", "ALF:Enabled", "PFF:Disabled", "FileVault:Off", "GateKeeper:Enabled", "LittleSnitch:Not running", "arch:x86_64", "selinux:N/A"'
# partitions
OUTPUT=""
while read -r Partition
do
MountPoint="$(df 2>/dev/null | grep "^$Partition" | cut -d% -f3 | sed 's/^ *//')"
FS="$(/usr/sbin/diskutil info "$MountPoint" | grep "Name (User Visible):" | cut -d: -f2 | sed 's/^ *//')"
TotalKb="$(df -lk | egrep "\s${MountPoint}$" | awk '{print $2}')"
LVM=""
OUTPUT+="{ \"partition\": \"$Partition\", \"mount-point\":\"$MountPoint\", \"type\":\"$FS\", \"total-kb\":$TotalKb, \"storage\":\"${LVM:-direct}\" },"
done <<< "$PartList"
FilesystemStr="\"partitions\": [ ${OUTPUT%%,} ]"
# Network interfaces
OUTPUT=""
for iname in $IFs
do
if /sbin/ifconfig $iname &>/dev/null; then
IP4="$(/sbin/ifconfig $iname | egrep "\sinet\s" | awk '{print $2}')"
IP6="$(/sbin/ifconfig $iname | egrep "\sinet6\s" | awk '{print $2}')"
MAC="$(/sbin/ifconfig $iname | egrep "\sether\s" | awk '{print $2}')"
MAC_P="N/A"
Speed="$(/sbin/ifconfig $iname | egrep "\smedia:\s" | cut -d: -f2 | cut -c2-)"
OUTPUT+="{ \"interface\": \"$iname\", \"ip4\": \"${IP4}\", \"ip6\": \"${IP6}\", \"mac\": \"${MAC}\", \"mac-p\": \"${MAC_P}\", \"speed\": \"${Speed}\" },"
fi
done
NIStr="\"network-interfaces\": [ ${OUTPUT%%,} ]"
# Ex: NIStr='"network-interfaces": [ { "interface": "en0", "ip4": "130.235.16.24", "ip6": "fe80::1056:c14e:a1f:2b30%en0", "mac": "f0:18:98:f2:09:54", "mac-p": "", "speed": "autoselect (1000baseT <full-duplex,flow-control>)" },{ "interface": "en1", "ip4": "169.254.229.191", "ip6": "fe80::41:db52:455a:9347%en1", "mac": "f8:ff:c2:2e:ea:a3", "mac-p": "", "speed": "autoselect (<unknown type>)" },{ "interface": "bridge0", "ip4": "", "ip6": "", "mac": "82:77:86:e3:60:01", "mac-p": "", "speed": "<unknown type>" } ]'
CPUstr="\"cpu\": { \"name\": \"${CPUModel:---}\", \"threads\": ${NbrCPUs:---} }"
RAMStr="\"memory\": { \"total-kb\": ${RAM:---}, \"type\": \"${ECC:---}\" }"
SysinfoStr="\"sysinfo\": { \"os\": \"${Distro:---}\", \"authentication\":\"${Authentication}\", \"firewall\":\"ALF: ${ALF}\", \"flags\": [ ${Flags} ], $CPUstr, $RAMStr, ${FilesystemStr}, $NIStr, $PlatformStr }"
# Ex:
# SysinfoStr='"sysinfo": { "os": "macOS 10.15.7 “Catalina” (build: 19H1030)", "authentication":"Lucat", "firewall":"ALF: Enabled", "flags": [ "SIP:Enabled", "ALF:Enabled", "PFF:Disabled", "FileVault:Off", "GateKeeper:Enabled", "LittleSnitch:Not running", "arch:x86_64", "selinux:N/A" ], "cpu": { "name": "Intel® Core™ i7-4578U CPU @ 3.00GHz", "threads": 2 }, "memory": { "total-kb": 16777216, "type": "No ECC" }, "partitions": [ { "partition": "/dev/disk1s1", "mount-point":"/System/Volumes/Data", "type":"APFS", "total-kb":244912536, "storage":"direct" },{ "partition": "/dev/disk1s3", "mount-point":"/Volumes/Recovery", "type":"APFS", "total-kb":244912536, "storage":"direct" },{ "partition": "/dev/disk1s4", "mount-point":"/private/var/vm", "type":"APFS", "total-kb":244912536, "storage":"direct" },{ "partition": "/dev/disk1s5", "mount-point":"/", "type":"APFS", "total-kb":244912536, "storage":"direct" } ], "network-interfaces": [ { "interface": "en0", "ip4": "130.235.16.21", "ip6": "fe80::58:8f2a:e921:f63e%en0", "mac": "ac:87:a3:06:ac:d9", "mac-p": "N/A", "speed": "autoselect (1000baseT <full-duplex,flow-control>)" },{ "interface": "en1", "ip4": "", "ip6": "", "mac": "6c:40:08:be:15:f8", "mac-p": "N/A", "speed": "autoselect (<unknown type>)" },{ "interface": "bridge0", "ip4": "", "ip6": "", "mac": "82:15:01:5d:58:40", "mac-p": "N/A", "speed": "<unknown type>" } ], "platform": { "virtualized": false, "name": "type:Macmini7,1" } }'
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# listening ports
if [ -n "$ListeningPorts" ]; then
OUTPUT=""
while read -r line
do
read Application User IPver Proto Binding Port <<< "$line"
# Determine if there's some form of firewall rule that covers $Port:
FWrule="null"
OUTPUT+="{ \"binding\": \"${Binding:--}\", \"port\": ${Port:--}, \"process-owner\": \"${Application:--}\", \"process-user\": \"${User:--}\", \"protocol\": \"${IPver}:${Proto:--}\", \"firewall-rule\": $FWrule },"
done <<< "$ListeningPorts"
ListenStr=", \"listen-ports\": [ ${OUTPUT%%,} ]"
else
ListenStr=""
fi
# Ex:
# ListenStr=', "listen-ports": [ { "binding": "*", "port": 3283, "process-owner": "ARDAgent", "process-user": "csadmin", "protocol": "TCP", "firewall-rule": null }, { "binding": "127.0.0.1", "port": 23053, "process-owner": "Growl", "process-user": "csadmin", "protocol": "TCP", "firewall-rule": null }, { "binding": "[::1]", "port": 23053, "process-owner": "Growl", "process-user": "csadmin", "protocol": "TCP", "firewall-rule": null }, { "binding": "*", "port": 1581, "process-owner": "dsmcad", "process-user": "root", "protocol": "TCP", "firewall-rule": null } ]'
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# security patches
if [ -n "$SecurityPatches" ]; then
OUTPUT=""
while read -r Patch
do
OUTPUT+="{ \"installed-version\": \"\", \"new-version\": \"\", \"package\": \"$Patch\", \"sources\": [ \"Apple\",\"Apple\" ] },"
done <<< "$SecurityPatches"
SecurityPatchStr=", \"security-patches\": [ "${OUTPUT%%,}" ]"
else
SecurityPatchStr=", \"security-patches\": [ ]"
fi
# Ex:
# SecurityPatchStr=', "security-patches": [ { "installed-version": "", "new-version": "", "package": "macOS Catalina Security Update 2021-003-10.15.7", "sources": [ "Apple","Apple" ] } ]'
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# network
NetworkStr="\"network\": { \"hostname\": \"$(hostname -f)\"$AliasName }"
# 3. Build observation string and check for errors
OBSERVATIONS="{ ${SysinfoStr//\"--\"/null}, ${NetworkStr}${ListenStr//\"--\"/null}${SecurityPatchStr} }"
# 4. Upload results
/usr/bin/curl --silent -X POST "$MONITOR_RESTAPI_URL/hosts/monitor?token=$SOURCE_TOKEN" \
-H "accept: application/json" \
-H "Content-Type: application/json" \
-d "$OBSERVATIONS"
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment