Linux server2.hpierson.com 3.10.0-1160.105.1.el7.x86_64 #1 SMP Thu Dec 7 15:39:45 UTC 2023 x86_64
Apache
: 162.0.216.123 | : 216.73.216.152
28 Domain
?7.4.33
yvffpqmy
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
usr /
local /
nagios /
plugins /
[ HOME SHELL ]
Name
Size
Permission
Action
check-vps-cxs-log.ini
214
B
-rwxr-xr-x
check-vps-cxs-log.sh
4.22
KB
-rwxr-xr-x
check_3ware-raid.pl
10.93
KB
-rwxr-xr-x
check_aacraid.py
4.62
KB
-rwxr-xr-x
check_cl_license
783
B
-rwxr-xr-x
check_cplicense
268
B
-rwxr-xr-x
check_csf
3.33
KB
-rwxr-xr-x
check_eximq
3.16
KB
-rwxr-xr-x
check_if_ips.py
3.88
KB
-rwxr-xr-x
check_mdadm
769
B
-rwxr-xr-x
check_megaraid_sas
6.98
KB
-rwxr-xr-x
check_mem.pl
12.85
KB
-rwxr-xr-x
check_newbackup
6.97
KB
-rwxr-xr-x
check_puppet
4.35
KB
-rwxr-xr-x
check_ro_fs.sh
530
B
-rwxr-xr-x
check_spamd
6.74
KB
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : check-vps-cxs-log.sh
#!/bin/bash ################################################ # script for NC CXS scan logs monitoring # ################################################ # Nagios exit codes: [0=OK] [WARNING=1] [CRITICAL=2] [UNKNOWN=3]; PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin # Include ini files with configuration; SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" source "${SCRIPT_DIR}/check-vps-cxs-log.ini" verbose=0 PROGNAME=${0##*/} IFS=',' read -a PATCHES_TO_BIN_ARR <<< "/usr/sbin/cxs" read -a LOG_FILES_ARR <<< "scandaily.log,scanweekly.log" read -a SEARCH_PATTERNS_ARR <<< "${SEARCH_PATTERNS}" LOG_FILES_FOLDER="/var/log/cxsreports/" print_usage() { echo "" echo "Usage: $PROGNAME [-v be Verbose] [-l Logfiles dir]" echo "Usage: $PROGNAME -h | --help" } print_help() { print_usage echo "" echo "This script checks logs of CXS scan with NC custom signatures (see TOP-64)" echo "" echo "-v be Verbose (should be last argument)" echo "-l Logfiles dir, string. Default - /var/log/cxsreports/" echo "--help Print this help screen" echo "" exit 3 } while [ $# -gt 0 ]; do case "$1" in --help) print_help exit 3 ;; -h) print_help exit 3 ;; -l) LOG_FILES_FOLDER=$2; shift ;; -v) verbose=1; shift;shift ;; *) echo >&2 "Unknown argument: $1" print_usage exit 3 ;; esac shift done if [ "${verbose}" == 1 ]; then echo "Patch to bin file: ${PATCHES_TO_BIN_ARR[@]}" echo "Log files array: ${LOG_FILES_ARR[@]}" echo -e "Search patterns: ${SEARCH_PATTERNS_ARR[@]}\n" fi # Array for output information; declare -a echo_array ####### BIN FILES CHECK SECTION BEGIN ###### # Check if BIN file exists; for element in "${PATCHES_TO_BIN_ARR[@]}"; do if [[ ! -f "${element}" ]]; then # If file doesn't exists, we add it to array; echo_array+=(${element}) fi done # Output all not found bin files and UNKNOWN; if [[ "${#echo_array[@]}" -gt 0 ]]; then echo "UNKNOWN. Bin file(s) not found. Path to file(s) = ${echo_array[*]}" exit 3 fi ####### BIN FILES CHECK SECTION END ###### ####### LOG FILES CHECK SECTION BEGIN ###### # Check if log file exists; for file in "${LOG_FILES_ARR[@]}"; do if [[ ! -f "${LOG_FILES_FOLDER}${file}" ]]; then # If file doesn't exists, we add it to array; echo_array+=(${LOG_FILES_FOLDER}${file}) fi done # Output all not found files and WARNING; if [[ "${#echo_array[@]}" -gt 0 ]]; then echo "WARNING. Log file(s) not found. Path to file(s) = ${echo_array[*]}" exit 1 fi ####### LOG FILES CHECK SECTION END ###### ####### CHECK DATE OF LOG FILE begin ###### DAYS_THRESHOLD=0 for log_file_name in "${LOG_FILES_ARR[@]}"; do if [[ "${log_file_name}" == "scandaily.log" ]]; then DAYS_THRESHOLD=1 elif [[ "${log_file_name}" == "scanweekly.log" ]]; then DAYS_THRESHOLD=7 fi FIND_OUT=$(find "${LOG_FILES_FOLDER}" -iname "${log_file_name}" -mtime -"${DAYS_THRESHOLD}" 2>/dev/null) if [ -z "${FIND_OUT}" ]; then echo_array+=(${log_file_name}) fi done # Output all not found bin files and UNKNOWN; if [[ "${#echo_array[@]}" -gt 0 ]]; then echo "WARNING. Log file(s) is old. File(s) = ${echo_array[*]}" exit 1 fi ####### CHECK DATE OF LOG FILE end ###### ####### CHECK LOG FILE FORMAT,PATTERN BEGIN ###### for file in "${LOG_FILES_ARR[@]}"; do CHECK_PATTERN=$(grep "\- SCAN REPORT \-" "${LOG_FILES_FOLDER}${file}") if [ -z "${CHECK_PATTERN}" ]; then echo "WARNING. Log file(s) have invalid structure. File(s) = ${file}" exit 1 fi for pattern in "${SEARCH_PATTERNS_ARR[@]}"; do INFECTED=$(grep "${pattern}" "${LOG_FILES_FOLDER}${file}" | tr -s '\n' ' ') if [ -n "${INFECTED}" ]; then echo_array+=("${file}:${INFECTED}") fi done done # Output all not found bin files and UNKNOWN; if [[ "${#echo_array[@]}" -gt 0 ]]; then echo "CRITICAL. Viruses were found ${echo_array[*]}" exit 2 fi ####### CHECK LOG FILE FORMAT,PATTERN END ######## echo "OK. There are no infected files." exit 0
Close
