X7ROOT File Manager
Current Path:
/usr/local/nagios/plugins
usr
/
local
/
nagios
/
plugins
/
📁
..
📄
check-vps-cxs-log.ini
(214 B)
📄
check-vps-cxs-log.sh
(4.22 KB)
📄
check_3ware-raid.pl
(10.93 KB)
📄
check_aacraid.py
(4.62 KB)
📄
check_cl_license
(943 B)
📄
check_cplicense
(268 B)
📄
check_csf
(3.78 KB)
📄
check_eximq
(3.16 KB)
📄
check_if_ips.py
(3.88 KB)
📄
check_mdadm
(771 B)
📄
check_megaraid_sas
(6.98 KB)
📄
check_mem.pl
(12.85 KB)
📄
check_newbackup
(7.08 KB)
📄
check_puppet
(4.35 KB)
📄
check_ro_fs.sh
(530 B)
📄
check_spamd
(6.74 KB)
📁
nc-smart-data-exporter
Editing: check-vps-cxs-log.sh
#!/bin/bash ################################################ # script for NC CXS scan logs monitoring # ################################################ # Nagios exit codes: [0=OK] [WARNING=1] [CRITICAL=2] [UNKNOWN=3]; PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin # Include ini files with configuration; SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" source "${SCRIPT_DIR}/check-vps-cxs-log.ini" verbose=0 PROGNAME=${0##*/} IFS=',' read -a PATCHES_TO_BIN_ARR <<< "/usr/sbin/cxs" read -a LOG_FILES_ARR <<< "scandaily.log,scanweekly.log" read -a SEARCH_PATTERNS_ARR <<< "${SEARCH_PATTERNS}" LOG_FILES_FOLDER="/var/log/cxsreports/" print_usage() { echo "" echo "Usage: $PROGNAME [-v be Verbose] [-l Logfiles dir]" echo "Usage: $PROGNAME -h | --help" } print_help() { print_usage echo "" echo "This script checks logs of CXS scan with NC custom signatures (see TOP-64)" echo "" echo "-v be Verbose (should be last argument)" echo "-l Logfiles dir, string. Default - /var/log/cxsreports/" echo "--help Print this help screen" echo "" exit 3 } while [ $# -gt 0 ]; do case "$1" in --help) print_help exit 3 ;; -h) print_help exit 3 ;; -l) LOG_FILES_FOLDER=$2; shift ;; -v) verbose=1; shift;shift ;; *) echo >&2 "Unknown argument: $1" print_usage exit 3 ;; esac shift done if [ "${verbose}" == 1 ]; then echo "Patch to bin file: ${PATCHES_TO_BIN_ARR[@]}" echo "Log files array: ${LOG_FILES_ARR[@]}" echo -e "Search patterns: ${SEARCH_PATTERNS_ARR[@]}\n" fi # Array for output information; declare -a echo_array ####### BIN FILES CHECK SECTION BEGIN ###### # Check if BIN file exists; for element in "${PATCHES_TO_BIN_ARR[@]}"; do if [[ ! -f "${element}" ]]; then # If file doesn't exists, we add it to array; echo_array+=(${element}) fi done # Output all not found bin files and UNKNOWN; if [[ "${#echo_array[@]}" -gt 0 ]]; then echo "UNKNOWN. Bin file(s) not found. Path to file(s) = ${echo_array[*]}" exit 3 fi ####### BIN FILES CHECK SECTION END ###### ####### LOG FILES CHECK SECTION BEGIN ###### # Check if log file exists; for file in "${LOG_FILES_ARR[@]}"; do if [[ ! -f "${LOG_FILES_FOLDER}${file}" ]]; then # If file doesn't exists, we add it to array; echo_array+=(${LOG_FILES_FOLDER}${file}) fi done # Output all not found files and WARNING; if [[ "${#echo_array[@]}" -gt 0 ]]; then echo "WARNING. Log file(s) not found. Path to file(s) = ${echo_array[*]}" exit 1 fi ####### LOG FILES CHECK SECTION END ###### ####### CHECK DATE OF LOG FILE begin ###### DAYS_THRESHOLD=0 for log_file_name in "${LOG_FILES_ARR[@]}"; do if [[ "${log_file_name}" == "scandaily.log" ]]; then DAYS_THRESHOLD=1 elif [[ "${log_file_name}" == "scanweekly.log" ]]; then DAYS_THRESHOLD=7 fi FIND_OUT=$(find "${LOG_FILES_FOLDER}" -iname "${log_file_name}" -mtime -"${DAYS_THRESHOLD}" 2>/dev/null) if [ -z "${FIND_OUT}" ]; then echo_array+=(${log_file_name}) fi done # Output all not found bin files and UNKNOWN; if [[ "${#echo_array[@]}" -gt 0 ]]; then echo "WARNING. Log file(s) is old. File(s) = ${echo_array[*]}" exit 1 fi ####### CHECK DATE OF LOG FILE end ###### ####### CHECK LOG FILE FORMAT,PATTERN BEGIN ###### for file in "${LOG_FILES_ARR[@]}"; do CHECK_PATTERN=$(grep "\- SCAN REPORT \-" "${LOG_FILES_FOLDER}${file}") if [ -z "${CHECK_PATTERN}" ]; then echo "WARNING. Log file(s) have invalid structure. File(s) = ${file}" exit 1 fi for pattern in "${SEARCH_PATTERNS_ARR[@]}"; do INFECTED=$(grep "${pattern}" "${LOG_FILES_FOLDER}${file}" | tr -s '\n' ' ') if [ -n "${INFECTED}" ]; then echo_array+=("${file}:${INFECTED}") fi done done # Output all not found bin files and UNKNOWN; if [[ "${#echo_array[@]}" -gt 0 ]]; then echo "CRITICAL. Viruses were found ${echo_array[*]}" exit 2 fi ####### CHECK LOG FILE FORMAT,PATTERN END ######## echo "OK. There are no infected files." exit 0
Upload File
Create Folder