rpert
e96a8b03fc
- 10 hosts (mo1, ams, ams2, ro1, ca1, ca2, ca3, fr1, sony, termux) - discover-logs.sh: portable inventory (Linux/FreeBSD/Termux) - scan-anomalies.sh: ERROR/WARN/CRITICAL counts + journalctl + kubectl - run-all.sh: parallel SSH fan-out - build-summary.py: aggregates into reports/SUMMARY.md - 5 HIGH-severity findings identified on ro1 (apache scanner traffic, mount_monitor warnings)
64 lines
2.0 KiB
Bash
Executable File
64 lines
2.0 KiB
Bash
Executable File
#!/bin/bash
|
|
# run-all.sh — fan out discover-logs.sh and scan-anomalies.sh to every host.
|
|
# Run from the log_analysis repo root.
|
|
|
|
set -u
|
|
ROOT="$(cd "$(dirname "$0")/.." && pwd)"
|
|
mkdir -p "$ROOT/logs/inventory" "$ROOT/anomalies"
|
|
|
|
# host:ssh-prefix:needs-sudo
|
|
HOSTS=(
|
|
"mo1:local:0"
|
|
"ams:ssh -o BatchMode=yes ams:1"
|
|
"ams2:ssh -o BatchMode=yes ams2:1"
|
|
"ro1:ssh -o BatchMode=yes ro1:1"
|
|
"ca1:ssh -o BatchMode=yes ca1:0"
|
|
"ca2:ssh -o BatchMode=yes ca2:0"
|
|
"ca3:ssh -o BatchMode=yes -p 15120 ca3:0"
|
|
"fr1:ssh -o BatchMode=yes fr1:0"
|
|
"sony:ssh -o BatchMode=yes -o ConnectTimeout=5 sony:0"
|
|
"termux:ssh -o BatchMode=yes -o ConnectTimeout=5 -p 8022 termux:0"
|
|
)
|
|
|
|
run_one() {
|
|
local entry="$1"
|
|
local host="${entry%%:*}"
|
|
local rest="${entry#*:}"
|
|
local ssh_cmd="${rest%:*}"
|
|
local sudo_flag="${rest##*:}"
|
|
|
|
local discover scan
|
|
discover="$(cat "$ROOT/scripts/discover-logs.sh")"
|
|
scan="$(cat "$ROOT/scripts/scan-anomalies.sh")"
|
|
|
|
local pfx=""
|
|
[ "$sudo_flag" = "1" ] && pfx="sudo -n "
|
|
|
|
if [ "$ssh_cmd" = "local" ]; then
|
|
echo "[$host] discover (local)"
|
|
${pfx}sh -c "$discover" > "$ROOT/logs/inventory/$host.csv" 2>/dev/null
|
|
echo "[$host] scan (local)"
|
|
${pfx}sh -c "$scan" > "$ROOT/anomalies/$host.txt" 2>&1
|
|
else
|
|
echo "[$host] discover via: $ssh_cmd"
|
|
$ssh_cmd "${pfx}sh" > "$ROOT/logs/inventory/$host.csv" 2>/dev/null <<EOF || echo "[$host] discover FAILED"
|
|
$discover
|
|
EOF
|
|
echo "[$host] scan via: $ssh_cmd"
|
|
$ssh_cmd "${pfx}sh" > "$ROOT/anomalies/$host.txt" 2>&1 <<EOF || echo "[$host] scan FAILED"
|
|
$scan
|
|
EOF
|
|
fi
|
|
local lines bytes
|
|
lines=$(wc -l < "$ROOT/logs/inventory/$host.csv" 2>/dev/null || echo 0)
|
|
bytes=$(wc -c < "$ROOT/anomalies/$host.txt" 2>/dev/null || echo 0)
|
|
echo "[$host] done — inventory=$lines lines, anomalies=$bytes bytes"
|
|
}
|
|
|
|
# Run hosts in parallel (background), wait at end.
|
|
for h in "${HOSTS[@]}"; do
|
|
run_one "$h" &
|
|
done
|
|
wait
|
|
echo "All hosts complete."
|