shell脚本电子邮件格式/条件返工

时间:2018-01-22 10:40:34

标签: linux bash shell email

context:我在redhat radius Server上工作,我有一个Shell脚本,每次未经授权的用户尝试访问网络时都会向我发送电子邮件(例如:无效用户:交换机:交换机xxx |端口:xx | Mac-地址:xxxxxxxxxxxxxx)

我的脚本如下所示:

    IObservable<string[]> buffered = input.BufferSomehow();
    // should push values:
    // First value: string[] = ["currently", "available", "values"]
    // Second value: string[] = ["new value!"]
    // Third value: string[] = ["new value!"]
    // .....

这个脚本运行正常并完全按照它应该做的,但是邮件中的输出只是日志文件中的行而且很难阅读:

#!/bin/bash



while :

do

if [ ! -e myFile ] ; then

grep Invalid radius.log > myFile

mailx -E -s Radius-Invalid-User myuser@email.com < myFile

else

comm -23 <(grep Trigger-Word radius.log) myFile| mailx -E -s Radius-Invalid-User myuser@mail.com

grep Trigger-Word radius.log > myFile

fi

sleep 1

done

所以我必须重新解析它。麻烦就开始了。

我尝试重做它,以便邮件输出:

Mon Jan 22 09:38:24 2018 : Auth: (18) Invalid user: [000000000] (from client client-id port 15 cli xx-xx-xx-xx-xx-xx) switchname Port: |15|

我认为脚本部分应如下所示:

|-------------------------------------------------------------|

  Switch: 

|-------------------------------------------------------------|

  Port-Nr: 

|-------------------------------------------------------------|

  MAC-Address: 

|-------------------------------------------------------------|

这里的问题是,邮件不再是空的,所以来自mailx命令的-E没有帮助+它不再检查是否已经发送了这条消息。因为它是一个无限循环,它会发送永久邮件,其中包含&#34;空白表格&#34;。

有人可以帮我解决这个问题,即脚本的功能与第一个脚本完全相同,但是以适当的格式发送邮件。

如果您需要更多信息,请告诉我 非常感谢提前

2 个答案:

答案 0 :(得分:2)

#!/bin/bash

l=radius.log                                            # logfile, all logs
m=myFile

_sendMail(){                                            # send mail if not empty
  local f msg="$(</dev/stdin)"                          # mail contents
  if [[ -n "$msg" ]]; then                              # if contents not empty
    while read -r -a f || [[ -n "${f[20]}" ]]; do       # read line by line
      [[ -z "${f[20]}" ]] && continue                   # ignore mal-formatted log
      echo "|-------------------------------------------------------------|"
      echo "  Switch: ${f[18]}"
      echo "|-------------------------------------------------------------|"
      echo "  Port-Nr: ${f[20]}"
      echo "|-------------------------------------------------------------|"
      echo "  MAC-Address: ${f[10]}"
      echo "|-------------------------------------------------------------|"
    done <<<"$msg" | (echo "-----> $1"; cat)            # fake sending for test
    #done <<<"$msg" | mailx -E -s "$1" myuser@email.com # real sending, $1 = subject
  fi
}

while :; do                                             # endless loop
  if [[ ! -e "$m" ]]; then
    grep "Invalid user" "$l" >"$m"
    _sendMail "Invalid $l" <"$m"
  else
    n=$(grep "Invalid user" "$l")
    comm -23 <(echo "$n") "$m" | _sendMail "Radius Invalid User"
    echo "$n" >"$m"
  fi
  sleep 1
done

测试:

  1. 运行bash脚本

  2. 从另一个终端,连续添加日志行到radius.log,例如:

    $ echo 'Auth: (18) Invalid user: [000000000] (from client client-id port 15 cli xx-xx-xx-xx-xx-xx) switchname Port: |15|' >>radius.log

  3. 如果该日志行包含“无效用户:”,则bash脚本会检测新日志并发送邮件。

    4. 输出:

    $ ./report-error.sh 
-----> Radius Invalid User
|-------------------------------------------------------------|
  Switch: switchname
|-------------------------------------------------------------|
  Port-Nr: |23|
|-------------------------------------------------------------|
  MAC-Address: [000000000]
|-------------------------------------------------------------|
-----> Radius Invalid User
|-------------------------------------------------------------|
  Switch: switchname
|-------------------------------------------------------------|
  Port-Nr: |33|
|-------------------------------------------------------------|
  MAC-Address: [000000000]
|-------------------------------------------------------------|
-----> Radius Invalid User
|-------------------------------------------------------------|
  Switch: switchname
|-------------------------------------------------------------|
  Port-Nr: |33|
|-------------------------------------------------------------|
  MAC-Address: [000000000]
|-------------------------------------------------------------|
|-------------------------------------------------------------|
  Switch: switchname
|-------------------------------------------------------------|
  Port-Nr: |33|
|-------------------------------------------------------------|
  MAC-Address: [000000000]
|-------------------------------------------------------------|

答案 1 :(得分:1)

我自己解决了这个问题:

#!/bin/bash



while :

do

        if [ ! -e RadiusLogInvalidarchive ] ; then

                grep Invalid radius.log > RadiusLogInvalidArchive

                mailx -E -s Radius-Invalid-User myuser@mail.com < RadiusLogInvalidArchive

        else


comm -2 -3 <(grep Invalid radius.log) RadiusLogInvalidArchive > testFile


        if [ -s testFile ] ; then


                awk ' BEGIN {
                print "|-------------------------------------------------Invalid User-----------------------------------------------------|"
                print " "
                print " >> Port-NR <<         >>  Switch <<             >> MAC-Address << "
                print " "}
                {print "                 ", $22, "                   ", $19, "                  ", $11}' testFile | mailx -E -s Radius-Test myuser@mail.com

        fi


grep Invalid radius.log > RadiusLogInvalidArchive

                if [ -f testFile ] ; then

                        rm testFile

                fi
        fi

sleep 1

done
相关问题
最新问题