TopDogLabs/test-repo
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8551a964c4
test-repo/scripts/security-monitors/security-monitors.sh

233 lines
5.6 KiB
Bash
Executable File
Raw Blame History

#!/bin/zsh
#
# Security Monitors Controller
# Main entry point for running all security monitors
# Usage: ./security-monitors.sh [command]
# check-all - Run all monitors once
# ssh - Run SSH monitor only
# disk - Run disk monitor only
# audit - Run config audit only
# init - Initialize config audit baselines
# report - Show config audit report
# status - Show monitor status
# install - Install cron jobs
# uninstall - Remove cron jobs
#
SCRIPT_DIR="/Users/mattbruce/.openclaw/workspace/scripts/security-monitors"
LOG_DIR="$SCRIPT_DIR/logs"
STATE_DIR="$SCRIPT_DIR/state"
# Create directories
mkdir -p "$LOG_DIR" "$STATE_DIR"
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# Helper functions
log_info() {
echo -e "${BLUE}[INFO]${NC} $1"
}
log_success() {
echo -e "${GREEN}[OK]${NC} $1"
}
log_warn() {
echo -e "${YELLOW}[WARN]${NC} $1"
}
log_error() {
echo -e "${RED}[ERROR]${NC} $1"
}
# Run individual monitors
run_ssh_monitor() {
log_info "Running SSH failed login monitor..."
"$SCRIPT_DIR/ssh-monitor.sh"
log_success "SSH monitor completed"
}
run_disk_monitor() {
log_info "Running disk space monitor..."
"$SCRIPT_DIR/disk-monitor.sh"
log_success "Disk monitor completed"
}
run_config_audit() {
log_info "Running config audit..."
"$SCRIPT_DIR/config-audit.sh" check
log_success "Config audit completed"
}
# Initialize baselines
init_baselines() {
log_info "Initializing config audit baselines..."
"$SCRIPT_DIR/config-audit.sh" init
log_success "Baselines initialized"
}
# Show status
show_status() {
echo ""
echo "========================================"
echo " OpenClaw Security Monitors Status"
echo "========================================"
echo ""
# Check if scripts exist and are executable
local all_ok=true
for script in ssh-monitor.sh disk-monitor.sh config-audit.sh; do
if [[ -x "$SCRIPT_DIR/$script" ]]; then
log_success "$script exists and is executable"
else
log_error "$script missing or not executable"
all_ok=false
fi
done
echo ""
# Check state files
if [[ -d "$STATE_DIR" ]]; then
local baseline_count=$(ls -1 "$STATE_DIR/baselines" 2>/dev/null | wc -l | tr -d ' ')
log_info "Baselines created: $baseline_count files"
else
log_warn "State directory not initialized"
fi
echo ""
# Check for pending alerts
if [[ -f "$STATE_DIR/alerts.queue" ]] && [[ -s "$STATE_DIR/alerts.queue" ]]; then
local alert_count=$(wc -l < "$STATE_DIR/alerts.queue" | tr -d ' ')
log_warn "Pending alerts in queue: $alert_count"
else
log_success "No pending alerts"
fi
echo ""
# Show cron jobs
echo "Current cron jobs for security monitors:"
crontab -l 2>/dev/null | grep "security-monitors" || echo " (none installed)"
echo ""
# Show last log entries
echo "Recent log entries:"
for log in ssh-monitor.log disk-monitor.log config-audit.log; do
if [[ -f "$LOG_DIR/$log" ]]; then
local last_entry=$(tail -1 "$LOG_DIR/$log" 2>/dev/null)
echo " $log: $last_entry"
fi
done
echo ""
}
# Install cron jobs
install_cron() {
log_info "Installing security monitor cron jobs..."
# Get current crontab
local current_crontab
current_crontab=$(crontab -l 2>/dev/null || echo "")
# Remove any existing security monitor entries
current_crontab=$(echo "$current_crontab" | grep -v "security-monitors" || echo "")
# Add new entries
local new_crontab="${current_crontab}
# OpenClaw Security Monitors - $(date '+%Y-%m-%d')
*/1 * * * * $SCRIPT_DIR/ssh-monitor.sh >> $LOG_DIR/ssh-cron.log 2>&1
*/5 * * * * $SCRIPT_DIR/disk-monitor.sh >> $LOG_DIR/disk-cron.log 2>&1
0 6 * * * $SCRIPT_DIR/config-audit.sh check >> $LOG_DIR/audit-cron.log 2>&1
"
# Install new crontab
echo "$new_crontab" | crontab -
log_success "Cron jobs installed:"
log_info " - SSH monitor: every 1 minute"
log_info " - Disk monitor: every 5 minutes"
log_info " - Config audit: daily at 6:00 AM"
}
# Uninstall cron jobs
uninstall_cron() {
log_info "Removing security monitor cron jobs..."
local current_crontab
current_crontab=$(crontab -l 2>/dev/null || echo "")
# Remove security monitor entries
local new_crontab=$(echo "$current_crontab" | grep -v "security-monitors" || echo "")
# Install updated crontab
echo "$new_crontab" | crontab -
log_success "Cron jobs removed"
}
# Main command handler
case "${1:-status}" in
check-all)
run_ssh_monitor
run_disk_monitor
run_config_audit
log_success "All monitors completed"
;;
ssh)
run_ssh_monitor
;;
disk)
run_disk_monitor
;;
audit)
run_config_audit
;;
init)
init_baselines
;;
report)
"$SCRIPT_DIR/config-audit.sh" report
;;
status)
show_status
;;
install)
install_cron
;;
uninstall)
uninstall_cron
;;
help|--help|-h)
echo "OpenClaw Security Monitors Controller"
echo ""
echo "Usage: $0 [command]"
echo ""
echo "Commands:"
echo " check-all Run all monitors once"
echo " ssh Run SSH monitor only"
echo " disk Run disk monitor only"
echo " audit Run config audit only"
echo " init Initialize config audit baselines"
echo " report Show config audit report"
echo " status Show monitor status"
echo " install Install cron jobs"
echo " uninstall Remove cron jobs"
echo " help Show this help"
echo ""
;;
*)
log_error "Unknown command: $1"
echo "Use '$0 help' for usage information"
exit 1
;;
esac
Reference in New Issue View Git Blame Copy Permalink