oracledba.help
Scripts

DBA Script

<- Scripts 

#!/bin/bash
# Purpose:      norad.sh (North American Aerospace Defense Command)
# Version:      2018.10.01
# Dependencies: inc_system.sh

######################################
# Preamble: 2018.10.01               #
######################################
set -a; DIR_SCRIPTS="/u01/app/scripts"; source $DIR_SCRIPTS/inc_system.sh
sFullName=$(basename "$0"); me=${sFullName%.*}
sSLog="$DIR_LOGS/$me.sess.log"; sHLog="$DIR_LOGS/$me.hist.log"; > $sSLog
if [[ $MAINT_WINDOW -eq 1 ]]; then printf "Maintenance Window Detected - Exiting\n"; exit; fi

# User Vars
usrEmailList="michaele@sccu.com"
#usrEmailList="HostTeam@sccu.com OpNetTeam@sccu.com"
usrWhiteList="\
(:0) \
100.1.1.125 \
mlbwopmanv01.sccu.local \
michael \
10.251.250. \
10.200.3.151 \
"
# 10.251.250. Meraki
# 10.249.249. VPN
# 10.200.3.151 ME
# w7michaeldesk.sccu.local \
# w10michaele.sccu.local \

######################################
# Init Script Actions\Functions\Vars #
######################################

# Vars
sMyConn="999"
fMyConn="$DIR_TMP/$me.MyConn.tmp"
fConnTemp="$DIR_TMP/$me.connections.tmp";
fLastEmail="$DIR_TMP/$me.email.flg"
fAlerts="$DIR_LOGS/$me.alerts.log"
if [[ "$1" == "me" ]]; then
   rm $fMyConn
   rm $fConnTemp
fi

# Action: WhiteList Session (via ./norad.sh me)
find $DIR_TMP -type f -name '$fMyConn' -mtime +2 -exec rm {} \;
if ! [[ -f $fMyConn ]]; then
   if [[ "$1" == "me" ]]; then
      log "$sSLog" "Processing WhiteListMe"
      sMyConn=$(echo "$SSH_CLIENT" | awk '{print $1}')
      echo $sMyConn > $fMyConn
      usrWhiteList="$usrWhiteList\ 111 222 333 444 $sMyConn"
   fi
else
   sMyConn=$(cat $fMyConn)
   log "$sSLog" "WhiteListMe File Detected: $fMyConn ($sMyConn)"
   usrWhiteList="$usrWhiteList\ 111 222 333 444 $sMyConn"  
fi

# Functions
isConnInWhiteList() {
  local nRetVal=0; local pConn="$1";
  for i in ${usrWhiteList[
}; do 
    if "$pConn" == *"$i"* ?; then
       nRetVal=1
    fi
  done
  echo $nRetVal

}

  1. Start #

clear; log "$sSLog" "$sFullName Started"; linesep SysVars_show

  1. Create File With All Current Connections (fConnTemp)

who>$fConnTemp

  1. Process $fConnTemp

while read sLine; do 

   aFields=($sLine)
   sConnection=${aFields[4]}

   # Is Connection OK?
   isConnOK=`isConnInWhiteList "$sConnection"`

   # Send Alert If Not on White List
   if $isConnOK -eq 1 ?; then
      log "$sSLog" "$sConnection OK"
   else
      log "$sSLog" "$sConnection CONNECTION ALERT" 
      echo "`now`"   >> $fAlerts
      echo "`w`"     >> $fAlerts
      echo `linesep` >> $fAlerts
      mail -s "NORAD Connection Alert: `hostname`" "$usrEmailList" <<< "$(w)";
   fi

done < $fConnTemp

  1. End #

log "$sSLog" "$sFullName Ended [Elapse Time: $(elapse)]"; echo $(linesep "=") >> $sHLog; cat $sSLog >> $sHLog; tail -32768 $sHLog > $sHLog.tmp; mv $sHLog.tmp $sHLog

@]