- have some dirs

2025-07-21 18:41:03 +00:00 · 2012-02-13 18:24:46 +01:00 · 2012-02-13 18:24:46 +01:00 · 08346aac58
commit 08346aac58
parent 0b089ea777
687 changed files with 0 additions and 0 deletions
--- a/plugins/ossec/ossec-active-response
+++ b/plugins/ossec/ossec-active-response
@ -0,0 +1,79 @@
+
+# /bin/ sh
+#
+if [ "$1" = "autoconf" ] ; then
+
+ echo "yes"
+#
+exit 0 
+#
+fi
+#
+#
+logdir="/var/ossec/logs/"
+if [ "$1" = "config" ] ; then
+#
+echo "graph_title Active Response" 
+#
+echo "graph_args --base 1000 -l 0 " 
+#
+echo "graph_vlabel Number of active response" 
+#
+echo "graph_category Ossec" 
+#
+echo "graph_scale no" 
+#
+echo "c_add_actions.label Number of Rules added" 
+#
+echo "c_add_actions.draw LINE2" 
+#
+echo 'c_add_actions.min 0' 
+#
+echo "c_del_actions.label Number of Rules deleted" 
+#
+echo "c_del_actions.draw LINE2" 
+#
+echo 'c_del_actions.min 0' 
+#
+exit 0 
+#
+fi
+#
+#
+
+
+####Deleting the temporary logs files ##########
+rm -fr /tmp/ossecactive* 
+
+
+###For Loop for grepping the last 5 mins logs and moving it to the /tmp
+
+month="$(date "+%b")"; time="$(date "+%d")";year="$(date "+%Y")";
+if [ "$time" -le "9" ]; then
+search1="$month  $time"
+else
+search1="$month $time"
+fi
+
+#search1="$month  $time"
+#echo "$search1"
+for (( i = 5; i>=0; i-- )) ; do grep $(date "+%R" -d "-$i min") /var/ossec/logs/active-responses.log | grep "$search1" | grep "$year" >> /tmp/ossecactive.log;done	
+
+
+#############Fore Loop Ends##########
+
+####Grepping the Hosts Blocked in last 5 mins###########
+NB_ADD=`cat /tmp/ossecactive.log| grep add | wc -l` 
+
+###########Grepping the Hosts Removed from the blocked list in last 5 mins############
+
+NB_DEL=`cat /tmp/ossecactive.log | grep del | wc -l`
+#
+#
+
+############Displaying the VALUES#############
+echo "c_add_actions.value ${NB_ADD}" 
+#
+echo "c_del_actions.value ${NB_DEL}" #
+#
+exit 0 
--- a/plugins/ossec/ossec-agents
+++ b/plugins/ossec/ossec-agents
@ -0,0 +1,31 @@
+#!/bin/bash
+
+if [ "$1" = "autoconf" ]; then
+echo "yes"
+exit 0
+fi
+
+if [ "$1" = "config" ]; then
+echo "graph_title Ossec Agents Status"
+echo "graph_args --base 1000 -l 0"
+echo "graph_vlabel Number of Ossec Agents"
+echo "graph_category Ossec"
+echo "graph_scale no"
+echo "active.label ACTIVE"
+echo "active.draw LINE2"
+echo 'active.min 0'
+echo "inactive.label INACTIVE"
+echo "inactive.draw LINE2"
+echo 'inactive.min 0'
+exit 0
+fi
+
+
+
+
+ACTIVE=`/var/ossec/bin/list_agents -c | grep -wv "** No agent available" | wc -l`
+INACTIVE=`/var/ossec/bin/list_agents -n | grep -wv "** No agent available" | wc -l`
+
+echo "active.value ${ACTIVE}"
+echo "inactive.value ${INACTIVE}"
+exit 0
--- a/plugins/ossec/ossec-alerts
+++ b/plugins/ossec/ossec-alerts
@ -0,0 +1,46 @@
+#!/bin/bash
+
+if [ "$1" = "autoconf" ]; then
+echo "yes"
+exit 0
+fi
+
+if [ "$1" = "config" ]; then
+echo "graph_title Ossec Alerts per service"
+echo "graph_args --base 1000 -l 0"
+echo "graph_vlabel Number of Alerts per service"
+echo "graph_category Ossec"
+echo "graph_scale no"
+echo "apache.label APACHE"
+echo "apache.draw LINE2"
+echo 'apache.min 0'
+echo "ssh.label SSH"
+echo "ssh.draw LINE2"
+echo 'ssh.min 0'
+echo "sudo.label SUDO"
+echo "sudo.draw LINE2"
+echo 'sudo.min 0'
+echo "total.label TOTAL"
+echo "total.draw LINE2"
+echo 'total.min 0'
+exit 0
+fi
+
+rm -fr /tmp/ossecalerts*
+logdir="/var/ossec/logs/alerts"
+
+###For Loop for grepping the last 5 mins logs 
+for (( i = 5; i >=0; i-- )) ; do
+     grep $(date +%R -d "-$i  min") $logdir/alerts.log >> /tmp/ossecalerts.log
+done
+
+APACHE=`cat /tmp/ossecalerts.log | grep -i 'apache\|http' | wc -l`
+SSH=`cat /tmp/ossecalerts.log | grep ssh | wc -l`
+SUDO=`cat /tmp/ossecalerts.log | grep sudo | wc -l`
+TOTAL=`cat /tmp/ossecalerts.log | grep -v ">"| wc -l`
+
+echo "apache.value ${APACHE}"
+echo "ssh.value ${SSH}"
+echo "sudo.value ${SUDO}"
+echo "total.value ${TOTAL}"
+exit 0