mirror of
https://github.com/AG7GN/nexus-utilities.git
synced 2025-05-18 15:30:12 -07:00
vnc-server-activity.sh now reports DWService events
This commit is contained in:
Steve Magnuson
parent
4a39f7b040
commit
801bdeebfa
@ -1 +1 @@
|
|||||||
VERSION="2.3.13"
|
VERSION="2.3.14"
|
||||||
@ -6,43 +6,96 @@
|
|||||||
# Usage: vnc-server-activity.sh [email-address[,email-address]...]
|
# Usage: vnc-server-activity.sh [email-address[,email-address]...]
|
||||||
#
|
#
|
||||||
|
|
||||||
VERSION="1.1.3"
|
VERSION="1.2.0"
|
||||||
|
|
||||||
# Pat and patmail.sh must be installed. If they are not, exit.
|
# Pat and patmail.sh must be installed. If they are not, exit.
|
||||||
command -v pat >/dev/null 2>&1 || exit 1
|
command -v pat >/dev/null 2>&1 || exit 1
|
||||||
command -v patmail.sh >/dev/null 2>&1 || exit 1
|
command -v patmail.sh >/dev/null 2>&1 || exit 1
|
||||||
|
|
||||||
declare -i AGE=24 # Specify Age in hours. Events older than AGE will not be included.
|
declare -i AGE=24 # Specify Age in hours. Events older than AGE will not be included.
|
||||||
FILES="/var/log/user.log*"
|
|
||||||
# Mail VNC Server login activity for last 24 hours.
|
# Mail VNC Server login activity for last 24 hours.
|
||||||
# MAILTO can contain multiple destination email addresses. Separate addresses with a
|
# MAILTO can contain multiple destination email addresses. Separate addresses with a
|
||||||
# comma.
|
# comma.
|
||||||
MAILTO="${1:-w7ecg.wecg@gmail.com}"
|
MAILTO="${1:-w7ecg.wecg@gmail.com}"
|
||||||
FILTERED="$(mktemp)"
|
FILTERED="$(mktemp)"
|
||||||
OUTFILE="$(mktemp)"
|
OUTFILE="$(mktemp)"
|
||||||
grep -h Connections $FILES 2>/dev/null 1>$FILTERED
|
TEMPOUT="$(mktemp)"
|
||||||
NOW="$(date +'%s')"
|
NOW="$(date +'%s')"
|
||||||
if [ -s $FILTERED ]
|
|
||||||
then
|
# Check VNC logs
|
||||||
while IFS= read -r LINE
|
FILES="/var/log/user.log"
|
||||||
do
|
if [[ -s $FILES ]]
|
||||||
D="${LINE%% $HOSTNAME*}" # Extract date from log message
|
then
|
||||||
E="$(date --date="$D" +'%s')" # Convert date to epoch
|
echo "VNC Activity" > $OUTFILE
|
||||||
if [ $E -gt $NOW ]
|
grep -h Connections $FILES* 2>/dev/null 1>$FILTERED
|
||||||
then # Now in new year. (Log messages don't include year, so it's a problem going from December to January.)
|
if [ -s $FILTERED ]
|
||||||
# Account for leap years
|
then
|
||||||
date -d $(date +%Y)-02-29 >/dev/null 2>&1 && SEC_IN_YEAR=$((60 * 60 * 24 * 366)) || SEC_IN_YEAR=$((60 * 60 * 24 * 365))
|
while IFS= read -r LINE
|
||||||
# Make it December again ;)
|
do
|
||||||
E=$(( $E - $SEC_IN_YEAR ))
|
D="${LINE%% $HOSTNAME*}" # Extract date from log message
|
||||||
fi
|
E="$(date --date="$D" +'%s')" # Convert date to epoch
|
||||||
let DIFF=$NOW-$E
|
if [ $E -gt $NOW ]
|
||||||
if [ $DIFF -le $(($AGE * 3600)) ] # Print events <= AGE hours old
|
then # Now in new year. (Log messages don't include year, so it's a problem going from December to January.)
|
||||||
then # Print selected fields only
|
# Account for leap years
|
||||||
echo "$LINE" | tr -s ' ' | cut -d' ' -f1,2,3,7- >> $OUTFILE
|
date -d $(date +%Y)-02-29 >/dev/null 2>&1 && SEC_IN_YEAR=$((60 * 60 * 24 * 366)) || SEC_IN_YEAR=$((60 * 60 * 24 * 365))
|
||||||
fi
|
# Make it December again ;)
|
||||||
done < $FILTERED
|
E=$(( $E - $SEC_IN_YEAR ))
|
||||||
|
fi
|
||||||
|
let DIFF=$NOW-$E
|
||||||
|
if [ $DIFF -le $(($AGE * 3600)) ] # Print events <= 24 hours old
|
||||||
|
then
|
||||||
|
echo "$LINE" | tr -s ' ' | cut -d' ' -f1,2,3,7- >> $TEMPOUT
|
||||||
|
fi
|
||||||
|
done < $FILTERED
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo "No $FILES log" >> $OUTFILE
|
||||||
fi
|
fi
|
||||||
[ -s $OUTFILE ] || echo "No VNC Server activity." > $OUTFILE
|
if [ -s $TEMPOUT ]
|
||||||
|
then
|
||||||
|
cat $TEMPOUT | sort | uniq >> $OUTFILE
|
||||||
|
else
|
||||||
|
echo " No VNC activity." >> $OUTFILE
|
||||||
|
fi
|
||||||
|
|
||||||
|
> $TEMPOUT
|
||||||
|
|
||||||
|
# Check DWService logs
|
||||||
|
FILES="/usr/share/dwagent/dwagent.log"
|
||||||
|
if [[ -s $FILES ]]
|
||||||
|
then
|
||||||
|
echo -e "\nDWService Activity" >> $OUTFILE
|
||||||
|
grep -h session $FILES* 2>/dev/null 1>$FILTERED
|
||||||
|
if [ -s $FILTERED ]
|
||||||
|
then
|
||||||
|
while IFS= read -r LINE
|
||||||
|
do
|
||||||
|
D="${LINE%% INFO*}" # Extract date from log message
|
||||||
|
E="$(date --date="$D" +'%s')" # Convert date to epoch
|
||||||
|
if [ $E -gt $NOW ]
|
||||||
|
then # Now in new year. (Log messages don't include year, so it's a problem going from December to January.)
|
||||||
|
# Account for leap years
|
||||||
|
date -d $(date +%Y)-02-29 >/dev/null 2>&1 && SEC_IN_YEAR=$((60 * 60 * 24 * 366)) || SEC_IN_YEAR=$((60 * 60 * 24 * 365))
|
||||||
|
# Make it December again ;)
|
||||||
|
E=$(( $E - $SEC_IN_YEAR ))
|
||||||
|
fi
|
||||||
|
let DIFF=$NOW-$E
|
||||||
|
if [ $DIFF -le $(($AGE * 3600)) ] # Print events <= 24 hours old
|
||||||
|
then
|
||||||
|
echo "$LINE" | tr -s ' ' | cut -d' ' -f1,2,5- >> $TEMPOUT
|
||||||
|
fi
|
||||||
|
done < $FILTERED
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo -e "\nNo $FILES log" >> $OUTFILE
|
||||||
|
fi
|
||||||
|
if [ -s $TEMPOUT ]
|
||||||
|
then
|
||||||
|
cat $TEMPOUT | sort | uniq >> $OUTFILE
|
||||||
|
else
|
||||||
|
echo " No DWService activity." >> $OUTFILE
|
||||||
|
fi
|
||||||
|
#[ -s $OUTFILE ] || echo "No VNC activity." > $OUTFILE
|
||||||
#{
|
#{
|
||||||
# echo To: $MAILTO
|
# echo To: $MAILTO
|
||||||
# echo From: $MAILFROM
|
# echo From: $MAILFROM
|
||||||
@ -50,7 +103,9 @@ fi
|
|||||||
# echo
|
# echo
|
||||||
# cat $OUTFILE
|
# cat $OUTFILE
|
||||||
#} | /usr/sbin/ssmtp $MAILTO
|
#} | /usr/sbin/ssmtp $MAILTO
|
||||||
|
#cat $OUTFILE
|
||||||
cat $OUTFILE | sort | uniq | $(command -v patmail.sh) $MAILTO "$HOSTNAME VNC Server activity for 24 hours preceding `date`" telnet
|
cat $OUTFILE | $(command -v patmail.sh) $MAILTO "$HOSTNAME remote access activity for 24 hours preceding `date`" telnet
|
||||||
rm $OUTFILE
|
rm $OUTFILE
|
||||||
rm $FILTERED
|
rm $FILTERED
|
||||||
|
rm $TEMPOUT
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user