forked from EPSAlicante/EPSMS
-
Notifications
You must be signed in to change notification settings - Fork 0
/
menu.py
executable file
·672 lines (582 loc) · 31.3 KB
/
menu.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
#!/usr/bin/python
# The source code packaged with this file is Free Software, Copyright (C) 2016 by
# Unidad de Laboratorios, Escuela Politecnica Superior, Universidad de Alicante :: <epsms at eps.ua.es>.
# It's licensed under the AFFERO GENERAL PUBLIC LICENSE unless stated otherwise.
# You can get copies of the licenses here: http://www.affero.org/oagpl.html
# AFFERO GENERAL PUBLIC LICENSE is also included in the file called "LICENSE".
import subprocess
import sys
import os
import readline
# Configuration Files
pathAnsible = "/etc/ansible"
pathConfig = "%s/group_vars/all" % (pathAnsible)
pathConfigFileMain = "%s/config_files/main.conf" % (pathAnsible)
pathDirectoryErrors = "/var/log/ansible"
pathFileErrors = "%s/errors.log" % (pathDirectoryErrors)
pathFileMysqlErrors = "%s/mysql-errors.log" % (pathDirectoryErrors)
pathFileExesList = "%s/summary.log" % (pathDirectoryErrors)
pathFilesSQL = "/root/inventory"
pathInventory = "%s/inventory" % (pathAnsible)
pathDataBaseSQL = "%s/roles/mysql/files/root/inventory/createTables.sql" % (pathAnsible)
def raw_input_def(prompt, default):
def pre_input_hook():
readline.insert_text(default)
readline.redisplay()
readline.set_pre_input_hook(pre_input_hook)
try:
return raw_input(prompt)
finally:
readline.set_pre_input_hook(None)
def question(cad, default, countErrors):
correct = False
count = 0
if default.lower().strip() == "y" or default.lower().strip() == "n":
defValue = default.lower().strip()
else:
defValue = "y"
if countErrors > 0:
maxErrors = countErrors
else:
maxErrors = 3
while not correct:
inputValue = raw_input_def("%s (y/n) " % (cad), "%s" % (defValue))
if inputValue.lower().strip() == 'y' or inputValue.lower().strip() == 'n':
correct = True
answer = inputValue.lower().strip()
print
continue
else:
print "ERROR: value %s is not valid. Values (y/n)" % (inputValue.strip())
count += 1
if count > maxErrors:
print "Too many Errors. Exiting..."
return "n"
return answer
def getValueFromFile(file, label, separator):
value = ""
if os.access(file, os.R_OK):
f = open(file, "r")
for line in f:
if line.startswith(label):
value = line.split(separator,1)[1].strip()
return value
def printMenu():
subnets = getValueFromFile(pathConfigFileMain, 'subnets:', ':')
print "############ EPS MONITORING SYSTEM ##############"
print "## ##"
print "## 0. Help ##"
if subnets:
print "## 1. Reconfigure System ##"
else:
print "## 1. Configure System ##"
print "## 2. Configure Extra Variables ##"
print "## 3. Prepare Host(s) to be Node(s) ##"
print "## 4. Stop/Start/Restart System ##"
print "## 5. Scan Network ##"
print "## 6. Install Node(s) ##"
print "## 7. Get Data from Node(s) ##"
print "## 8. Get Data from Windows Nodes ##"
print "## 9. Scan Vulnerabilities ##"
print "## e. Check System Errors ##"
print "## m. Check DB (SQL) Errors ##"
print "## c. Clean System & DB Errors ##"
print "## l. List Servers & Nodes ##"
print "## s. View System Configuration ##"
print "## x. View Executions List ##"
print "## r. Log Running Executions (CTRL+C to exit) ##"
print "## q. Quit Menu ##"
print "## ##"
print "#################################################"
def selectOption():
answer = None
legal_answers = ['0','1','2','3','4','5','6','7', '8', '9', 'e', 'm', 'c', 'l', 's', 'x', 'r', 'q']
tried = False
while answer not in legal_answers:
print "%s" % "Invalid input, select again" if tried else ""
answer = raw_input('Select option: ')
tried = True
return answer
def execOption(opt):
if opt == '0':
## Help Menu ##
retCode = subprocess.call("%s/help.py" % (pathAnsible), shell=True)
elif opt == '1':
## Configure System ##
retCode = subprocess.call("%s/configure.py" % (pathAnsible), shell=True)
elif opt == '2':
## Configure Extra variables ##
retCode = subprocess.call("%s/configExtra.py" % (pathAnsible), shell=True)
elif opt == '3':
## Configure hosts as nodes ##
systemConfigured = "yes"
# Get sshUserNodes value
sshUserNodes = getValueFromFile(pathConfig, 'sshUserNodes:', ':')
if not sshUserNodes:
systemConfigured = "no"
# Ask ssh User
print
sshUserNodes = raw_input('System not configured yet. What user will you use? ')
if sshUserNodes:
# Get subnets
subnets = getValueFromFile(pathConfigFileMain, 'subnets:', ':')
exclude = getValueFromFile(pathConfigFileMain, 'exclude:', ':')
print
print "** Prepare hosts as nodes **"
print
print "Remember that host has to belong to 'working subnets' and musn't belong to 'exclude' (both defined at configuration)"
print
print "Working Subnets: %s" % (subnets)
print
print "Exclude: %s" % (exclude)
# Repeat loop until user decide to finish ('again' variable)
again = "y"
# This variable will be 0 if any of configurations is OK
retCodeTotal = 1
while again == "y":
# Ask host name or IP
print
try:
host = raw_input('Hostname or IP: ')
except KeyboardInterrupt:
host = ""
print
print "Interrupted"
print
if host:
print
retCode = subprocess.call("%s/scripts/setupNode.py %s %s" % (pathAnsible,host,sshUserNodes), shell=True)
retCodeTotal = retCodeTotal * retCode
else:
print >> sys.stderr, "You have to introduce a name or IP"
print >> sys.stderr
# Configure another host?
print
again = question("Do you want to configure another host?", "n", 3)
# If any of configurations was OK then will refresh inventory scanning subnets
if retCodeTotal == 0 and systemConfigured == "yes":
print "Scanning subnet to add host to inventory..."
#retCode = subprocess.call("ansible-playbook %s/outsiders.yml -t dataDB; ansible-playbook %s/nodes.yml -t install" % (pathAnsible,pathAnsible), shell=True)
retCode = subprocess.call("ini=$(date); timestamp=$(date +\"%%y%%m%%d-%%H%%M\"); (ansible-playbook %s/outsiders.yml -t dataDB; ansible-playbook %s/nodes.yml -t install) 2>&1|tee /var/log/ansible/.addNodes.$timestamp.log.tmp; ret=${PIPESTATUS[0]}; [ $ret -gt 0 ] && ((echo; echo \"### ERRORS Add Nodes (menu) - $ini TO $(date) ###\"; echo; cat /var/log/ansible/.addNodes.$timestamp.log.tmp) >> /var/log/ansible/errors.log); rm -f /var/log/ansible/.addNodes.$timestamp.log.tmp; echo \"### Add Nodes (menu) - $ini TO $(date) ###\" >> /var/log/ansible/summary.log; echo $ret" % (pathAnsible,pathAnsible), shell=True)
print
else:
print >> sys.stderr, "You have to introduce a ssh User"
print >> sys.stderr
elif opt == '4':
## Stop/Start/Restart System ##
# Get sshUserNodes value
sshUserNodes = getValueFromFile(pathConfig, 'sshUserNodes:', ':')
if sshUserNodes:
try:
print
operation = raw_input('Operation (stop, start or restart): ')
if operation == "stop":
# Stop System
print
print "ansible-playbook %s/ansible.yml -t cronStop" % (pathAnsible)
print
#retCode = subprocess.call("ansible-playbook %s/ansible.yml -t cronStop" % (pathAnsible), shell=True)
retCode = subprocess.call("ini=$(date); timestamp=$(date +\"%%y%%m%%d-%%H%%M\"); ansible-playbook %s/ansible.yml -t cronStop 2>&1|tee /var/log/ansible/.ansible.$timestamp.log.tmp; ret=${PIPESTATUS[0]}; [ $ret -gt 0 ] && ((echo; echo \"### ERRORS System Stop (menu) - $ini TO $(date) ###\"; echo; cat /var/log/ansible/.ansible.$timestamp.log.tmp) >> /var/log/ansible/errors.log); rm -f /var/log/ansible/.ansible.$timestamp.log.tmp; echo \"### System Stop (menu) - $ini TO $(date) ###\" >> /var/log/ansible/summary.log; echo $ret" % (pathAnsible), shell=True)
elif operation == "start":
# Start System
print
print "ansible-playbook %s/ansible.yml -t cronStart" % (pathAnsible)
print
#retCode = subprocess.call("ansible-playbook %s/ansible.yml -t cronStart" % (pathAnsible), shell=True)
retCode = subprocess.call("ini=$(date); timestamp=$(date +\"%%y%%m%%d-%%H%%M\"); ansible-playbook %s/ansible.yml -t cronStart 2>&1|tee /var/log/ansible/.ansible.$timestamp.log.tmp; ret=${PIPESTATUS[0]}; [ $ret -gt 0 ] && ((echo; echo \"### ERRORS System Start (menu) - $ini TO $(date) ###\"; echo; cat /var/log/ansible/.ansible.$timestamp.log.tmp) >> /var/log/ansible/errors.log); rm -f /var/log/ansible/.ansible.$timestamp.log.tmp; echo \"### System Start (menu) - $ini TO $(date) ###\" >> /var/log/ansible/summary.log; echo $ret" % (pathAnsible), shell=True)
elif operation == "restart":
# Start System
print
print "ansible-playbook %s/ansible.yml -t cronStop && ansible-playbook %s/ansible.yml -t cronStart" % (pathAnsible,pathAnsible)
print
#retCode = subprocess.call("ansible-playbook %s/ansible.yml -t cronStop && ansible-playbook %s/ansible.yml -t cronStart" % (pathAnsible,pathAnsible), shell=True)
retCode = subprocess.call("ini=$(date); timestamp=$(date +\"%%y%%m%%d-%%H%%M\"); (ansible-playbook %s/ansible.yml -t cronStop && ansible-playbook %s/ansible.yml -t cronStart) 2>&1|tee /var/log/ansible/.ansible.$timestamp.log.tmp; ret=${PIPESTATUS[0]}; ret=${PIPESTATUS[0]}; [ $ret -gt 0 ] && ((echo; echo \"### ERRORS System Restart (menu) - $ini TO $(date) ###\"; echo; cat /var/log/ansible/.ansible.$timestamp.log.tmp) >> /var/log/ansible/errors.log); rm -f /var/log/ansible/.ansible.$timestamp.log.tmp; echo \"### System Restart (menu) - $ini TO $(date) ###\" >> /var/log/ansible/summary.log; echo $ret" % (pathAnsible,pathAnsible), shell=True)
else:
print >> sys.stderr
print >> sys.stderr, "Option %s not valid (Valid options: stop, start, or restart)" % (operation)
print >> sys.stderr
except KeyboardInterrupt:
nodeName = ""
print
print "Interrupted"
print
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
elif opt == '5':
## Scan Network to discover nodes and outsiders ##
# Get sshUserNodes value
sshUserNodes = getValueFromFile(pathConfig, 'sshUserNodes:', ':')
if sshUserNodes:
print
print "ansible-playbook %s/outsiders.yml -t dataDB" % (pathAnsible)
#retCode = subprocess.call("ansible-playbook %s/outsiders.yml -t dataDB" % (pathAnsible), shell=True)
retCode = subprocess.call("ini=$(date); timestamp=$(date +\"%%y%%m%%d-%%H%%M\"); ansible-playbook %s/outsiders.yml -t dataDB 2>&1|tee /var/log/ansible/.outsiders.$timestamp.log.tmp; ret=${PIPESTATUS[0]}; [ $ret -gt 0 ] && ((echo; echo \"### ERRORS Scan Network (menu) - $ini TO $(date) ###\"; echo; cat /var/log/ansible/.outsiders.$timestamp.log.tmp) >> /var/log/ansible/errors.log); rm -f /var/log/ansible/.outsiders.$timestamp.log.tmp; echo \"### Scan Network (menu) - $ini TO $(date) ###\" >> /var/log/ansible/summary.log; echo $ret" % (pathAnsible), shell=True)
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
elif opt == '6':
## Install nodes ##
# Get sshUserNodes value
sshUserNodes = getValueFromFile(pathConfig, 'sshUserNodes:', ':')
if sshUserNodes:
# Ask hostname (fqdn)
print
try:
nodeName = raw_input('Node (hostname) or All (enter): ').lower()
if nodeName:
nodeInventory = subprocess.Popen("(cat %s/nodes|grep -e '^%s$' -e '^%s\\.'|head -1) 2>/dev/null" % (pathInventory,nodeName,nodeName), shell=True, stdout=subprocess.PIPE).stdout.read().strip()
if nodeInventory != "":
print
print "ansible-playbook %s/nodes.yml -t install --limit %s" % (pathAnsible,nodeInventory)
#retCode = subprocess.call("ansible-playbook %s/nodes.yml -t install --limit %s" % (pathAnsible,nodeInventory), shell=True)
retCode = subprocess.call("ini=$(date); timestamp=$(date +\"%%y%%m%%d-%%H%%M\"); ansible-playbook %s/nodes.yml -t install --limit %s 2>&1|tee /var/log/ansible/.nodesInstall.$timestamp.log.tmp; ret=${PIPESTATUS[0]}; [ $ret -gt 0 ] && ((echo; echo \"### ERRORS Install Node %s (menu) - $ini TO $(date) ###\"; echo; cat /var/log/ansible/.nodesInstall.$timestamp.log.tmp) >> /var/log/ansible/errors.log); rm -f /var/log/ansible/.nodesInstall.$timestamp.log.tmp; echo \"### Install Node %s (menu) - $ini TO $(date) ###\" >> /var/log/ansible/summary.log; echo $ret" % (pathAnsible,nodeInventory,nodeInventory,nodeInventory), shell=True)
else:
print >> sys.stderr
print >> sys.stderr, "Hostname %s is not a node" % (nodeName)
print >> sys.stderr
else:
print
print "ansible-playbook %s/nodes.yml -t install" % (pathAnsible)
#retCode = subprocess.call("ansible-playbook %s/nodes.yml -t install" % (pathAnsible), shell=True)
retCode = subprocess.call("ini=$(date); timestamp=$(date +\"%%y%%m%%d-%%H%%M\"); ansible-playbook %s/nodes.yml -t install 2>&1|tee /var/log/ansible/.nodesInstall.$timestamp.log.tmp; ret=${PIPESTATUS[0]}; [ $ret -gt 0 ] && ((echo; echo \"### ERRORS Install Nodes (menu) - $ini TO $(date) ###\"; echo; cat /var/log/ansible/.nodesInstall.$timestamp.log.tmp) >> /var/log/ansible/errors.log); rm -f /var/log/ansible/.nodesInstall.$timestamp.log.tmp; echo \"### Install Nodes (menu) - $ini TO $(date) ###\" >> /var/log/ansible/summary.log; echo $ret" % (pathAnsible), shell=True)
except KeyboardInterrupt:
nodeName = ""
print
print "Interrupted"
print
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
elif opt == '7':
## Get data (basic|package|exe|all) from nodes ##
# Get sshUserNodes value
sshUserNodes = getValueFromFile(pathConfig, 'sshUserNodes:', ':')
if sshUserNodes:
# Type of data: basic, packages, exes or all
print
typeList = raw_input('Getting data of basic, packages, exes or all (b/p/e/a): ')
if typeList == 'b':
paramData = '-t dataDB'
elif typeList == 'p':
paramData = '-t dataPackagesDB'
elif typeList == 'e':
paramData = '-t dataExesDB'
elif typeList == 'a':
paramData = '-t data'
else:
# By default 'all'
paramData = ''
# Ask hostname (fqdn)
print
try:
nodeName = raw_input('Node (hostname) or All (enter): ').lower()
if nodeName:
nodeInventory = subprocess.Popen("(cat %s/nodes|grep -e '^%s$' -e '^%s\\.'|head -1) 2>/dev/null" % (pathInventory,nodeName,nodeName), shell=True, stdout=subprocess.PIPE).stdout.read().strip()
if nodeInventory != "":
print
print "ansible-playbook %s/nodes.yml %s --limit %s" % (pathAnsible,paramData,nodeInventory)
#retCode = subprocess.call("ansible-playbook %s/nodes.yml %s --limit %s" % (pathAnsible,paramData,nodeInventory), shell=True)
retCode = subprocess.call("ini=$(date); timestamp=$(date +\"%%y%%m%%d-%%H%%M\"); ansible-playbook %s/nodes.yml %s --limit %s 2>&1|tee /var/log/ansible/.nodesData.$timestamp.log.tmp; ret=${PIPESTATUS[0]}; [ $ret -gt 0 ] && ((echo; echo \"### ERRORS %s Data from Node %s (menu) - $ini TO $(date) ###\"; echo; cat /var/log/ansible/.nodesData.$timestamp.log.tmp) >> /var/log/ansible/errors.log); rm -f /var/log/ansible/.nodesData.$timestamp.log.tmp; echo \"### %s Data from Node %s (menu) - $ini TO $(date) ###\" >> /var/log/ansible/summary.log; echo $ret" % (pathAnsible,paramData,nodeInventory,"Basic" if typeList == "b" else "Packages" if typeList == "p" else "Exes" if typeList == "e" else "All",nodeInventory,"Basic" if typeList == "b" else "Packages" if typeList == "p" else "Exes" if typeList == "e" else "All",nodeInventory), shell=True)
else:
print >> sys.stderr
print >> sys.stderr, "Hostname %s is not a node" % (nodeName)
print >> sys.stderr
else:
print
print "ansible-playbook %s/nodes.yml %s" % (pathAnsible,paramData)
#retCode = subprocess.call("ansible-playbook %s/nodes.yml %s" % (pathAnsible,paramData), shell=True)
retCode = subprocess.call("ini=$(date); timestamp=$(date +\"%%y%%m%%d-%%H%%M\"); ansible-playbook %s/nodes.yml %s 2>&1|tee /var/log/ansible/.nodesData.$timestamp.log.tmp; ret=${PIPESTATUS[0]}; [ $ret -gt 0 ] && ((echo; echo \"### ERRORS %s Data from Nodes (menu) - $ini TO $(date) ###\"; echo; cat /var/log/ansible/.nodesData.$timestamp.log.tmp) >> /var/log/ansible/errors.log); rm -f /var/log/ansible/.nodesData.$timestamp.log.tmp; echo \"### %s Data from Nodes (menu) - $ini TO $(date) ###\" >> /var/log/ansible/summary.log; echo $ret" % (pathAnsible,paramData,"Basic" if typeList == "b" else "Packages" if typeList == "p" else "Exes" if typeList == "e" else "All","Basic" if typeList == "b" else "Packages" if typeList == "p" else "Exes" if typeList == "e" else "All"), shell=True)
except KeyboardInterrupt:
nodeName = ""
print
print "Interrupted"
print
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
elif opt == '8':
## Get data from windows nodes ##
# Windows Nodes configured?
winNodes = getValueFromFile(pathConfig, 'winNodes:', ':')
if winNodes and winNodes == 'y':
print
print "ansible-playbook %s/winNodes.yml" % (pathAnsible)
retCode = subprocess.call("ansible-playbook %s/winNodes.yml" % (pathAnsible), shell=True)
else:
print >> sys.stderr, "Windows Nodes not configured, select option 1"
print >> sys.stderr
elif opt == '9':
## Scan vulnerabilities (Openvas) ##
# Get sshUserNodes value
sshUserNodes = getValueFromFile(pathConfig, 'sshUserNodes:', ':')
if sshUserNodes:
# Ask hostname List
print
try:
hostNameList = raw_input('Hosts List (separated by spaces) or All (enter): ').lower()
if hostNameList:
hostInventoryList = []
errorInventory = False
for hostName in hostNameList.strip().split(' '):
hostInventory = subprocess.Popen("(cat %s/*|grep -e '^%s$' -e '^%s\\.'|head -1) 2>/dev/null" % (pathInventory,hostName,hostName), shell=True, stdout=subprocess.PIPE).stdout.read().strip()
if hostInventory != "":
hostInventoryList.append(hostInventory)
else:
print >> sys.stderr
print >> sys.stderr, "Hostname %s is not in inventory" % (hostName)
print >> sys.stderr
errorInventory = True
break
if not errorInventory:
cadList = ','.join(hostInventoryList)
cadList = '{\"Name\":\"%s\"}' % cadList
cadList = cadList.replace(',', '\"},{\"Name\":\"')
print
print "ansible-playbook %s/openvas.yml -t dataDB --extra-vars '{\"serversList\":[%s]}'" % (pathAnsible,cadList)
#retCode = subprocess.call("ansible-playbook %s/openvas.yml -t dataDB --extra-vars '{\"serversList\":[%s]}'" % (pathAnsible,cadList), shell=True)
retCode = subprocess.call("ini=$(date); timestamp=$(date +\"%%y%%m%%d-%%H%%M\"); ansible-playbook %s/openvas.yml -t dataDB --extra-vars '{\"serversList\":[%s]}' 2>&1|tee /var/log/ansible/.openvas.$timestamp.log.tmp; ret=${PIPESTATUS[0]}; [ $ret -gt 0 ] && ((echo; echo \"### ERRORS Checking Vulnerabilities List (menu) - $ini TO $(date) ###\"; echo; cat /var/log/ansible/.openvas.$timestamp.log.tmp) >> /var/log/ansible/errors.log); rm -f /var/log/ansible/.openvas.$timestamp.log.tmp; echo \"### Checking Vulnerabilities List (menu) - $ini TO $(date) ###\" >> /var/log/ansible/summary.log; echo $ret" % (pathAnsible,cadList), shell=True)
else:
print
print "ansible-playbook %s/openvas.yml -t dataDB" % (pathAnsible)
#retCode = subprocess.call("ansible-playbook %s/openvas.yml -t dataDB" % (pathAnsible), shell=True)
retCode = subprocess.call("ini=$(date); timestamp=$(date +\"%%y%%m%%d-%%H%%M\"); ansible-playbook %s/openvas.yml -t dataDB 2>&1|tee /var/log/ansible/.openvas.$timestamp.log.tmp; ret=${PIPESTATUS[0]}; [ $ret -gt 0 ] && ((echo; echo \"### ERRORS Checking Vulnerabilities All (menu) - $ini TO $(date) ###\"; echo; cat /var/log/ansible/.openvas.$timestamp.log.tmp) >> /var/log/ansible/errors.log); rm -f /var/log/ansible/.openvas.$timestamp.log.tmp; echo \"### Checking Vulnerabilities All (menu) - $ini TO $(date) ###\" >> /var/log/ansible/summary.log; echo $ret" % (pathAnsible), shell=True)
except KeyboardInterrupt:
nodeName = ""
print
print "Interrupted"
print
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
elif opt == 'e':
## Check errors file (System) ##
# Check directory
if os.path.isdir(pathDirectoryErrors):
# Check errors file
if os.access(pathFileErrors, os.R_OK):
# Type of list: summary or details
print
typeList = raw_input('There are errors. View summary or details (s/d): ')
if typeList == 's':
#retCode = subprocess.call("less -R %s|grep '###'" % (pathFileErrors), shell=True)
retCode = subprocess.call("grep -h -e '### ' -e 'fatal: ' -e 'failed: ' %s|sed '/### /{x;p;x;G;}'|sed '/fatal:/G'|sed '/failed:/G'|less -R" % (pathFileErrors), shell=True)
print
elif typeList == 'd':
retCode = subprocess.call("less -R %s" % (pathFileErrors), shell=True)
print
else:
print >> sys.stderr, "Error: available options 's' (summary) or 'd' (details)"
print >> sys.stderr
else:
print
print "No errors"
print
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
elif opt == 'm':
## Check errors file (DB) ##
# Get sshUserNodes value
sshUserNodes = getValueFromFile(pathConfig, 'sshUserNodes:', ':')
# Get hostMysql value
hostMysql = getValueFromFile(pathConfig, 'hostMysql:', ':')
if sshUserNodes and hostMysql:
print
print "Checking mysql file errors in Mysql Server..."
# Check directory
retCodeDir = subprocess.call("ansible all -i %s, -u %s -s -m shell -a 'sudo ls -ld %s' > /dev/null 2> /dev/null" % (hostMysql,sshUserNodes,pathDirectoryErrors), shell=True)
if retCodeDir == 0:
# Check file
retCodeFile = subprocess.call("ansible all -i %s, -u %s -s -m shell -a 'sudo ls -l %s' > /dev/null 2> /dev/null" % (hostMysql,sshUserNodes,pathFileMysqlErrors), shell=True)
if retCodeFile == 0:
# Type of list: summary or details
print
typeList = raw_input('There are errors. View summary or details (s/d): ')
if typeList == 's':
retCode = subprocess.call("ansible all -i %s, -u %s -s -m shell -a 'sudo cat %s'|grep '###'|less -R" % (hostMysql,sshUserNodes,pathFileMysqlErrors), shell=True)
print
elif typeList == 'd':
retCode = subprocess.call("ansible all -i %s, -u %s -s -m shell -a 'sudo cat %s'|less -R" % (hostMysql,sshUserNodes,pathFileMysqlErrors), shell=True)
print
else:
print >> sys.stderr, "Error: available options 's' (summary) or 'd' (details)"
print >> sys.stderr
else:
print
print "No errors"
print
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
elif opt == 'c':
## Clean System & DB errors files ##
## System Errors ##
# Check directory
if os.path.isdir(pathDirectoryErrors):
# Check errors file
if os.access(pathFileErrors, os.R_OK):
# Delete file
retCode = subprocess.call("rm -f %s" % (pathFileErrors), shell=True)
if retCode == 0:
print
print "System Errors file deleted."
print
else:
print >> sys.stderr, "Error deleting errors file (System)"
print >> sys.stderr
else:
print
print "No errors (System)"
print
## DB Errors ##
# Get sshUserNodes value
sshUserNodes = getValueFromFile(pathConfig, 'sshUserNodes:', ':')
# Get hostMysql value
hostMysql = getValueFromFile(pathConfig, 'hostMysql:', ':')
if sshUserNodes and hostMysql:
# Check directory
retCodeDir = subprocess.call("ansible all -i %s, -u %s -s -m shell -a 'sudo ls -ld %s' > /dev/null 2> /dev/null" % (hostMysql,sshUserNodes,pathDirectoryErrors), shell=True)
if retCodeDir == 0:
# Check file
retCodeFile = subprocess.call("ansible all -i %s, -u %s -s -m shell -a 'sudo ls -l %s' > /dev/null 2> /dev/null" % (hostMysql,sshUserNodes,pathFileMysqlErrors), shell=True)
if retCodeFile == 0:
# Delete file
retCode = subprocess.call("ansible all -i %s, -u %s -s -m shell -a 'sudo rm -f %s; find %s -type f -name \"*.sql.error\" -exec rm -f {} \;' > /dev/null 2> /dev/null" % (hostMysql,sshUserNodes,pathFileMysqlErrors,pathFilesSQL), shell=True)
if retCode == 0:
print "DB Errors file deleted."
print
else:
print >> sys.stderr, "Error deleting errors file (DB)"
print >> sys.stderr
else:
print "No errors (DB)"
print
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
elif opt == 'l':
# Get sshUserNodes value
sshUserNodes = getValueFromFile(pathConfig, 'sshUserNodes:', ':')
if sshUserNodes:
## List of servers & nodes ##
if os.access("%s/ansible" % (pathInventory), os.R_OK) and os.access("%s/mysql" % (pathInventory), os.R_OK) and os.access("%s/web" % (pathInventory), os.R_OK) and os.access("%s/nagios" % (pathInventory), os.R_OK) and os.access("%s/munin" % (pathInventory), os.R_OK) and os.access("%s/grafana" % (pathInventory), os.R_OK) and os.access("%s/openvas" % (pathInventory), os.R_OK) and os.access("%s/nodes" % (pathInventory), os.R_OK) and os.access("%s/winNodes" % (pathInventory), os.R_OK) and os.access("%s/outsiders" % (pathInventory), os.R_OK):
retCode = subprocess.call("cat %(path)s/ansible %(path)s/mysql %(path)s/web %(path)s/nagios %(path)s/munin %(path)s/grafana %(path)s/openvas %(path)s/nodes %(path)s/winNodes %(path)s/outsiders | less -R" % { 'path': pathInventory }, shell=True)
print
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
elif opt == 's':
# Get sshUserNodes value
sshUserNodes = getValueFromFile(pathConfig, 'sshUserNodes:', ':')
if sshUserNodes:
## View system configuration (variables) ##
if os.access(pathConfig, os.R_OK):
retCode = subprocess.call("less -R %s" % (pathConfig), shell=True)
print
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
elif opt == 'x':
## View executions List of Ansible ##
# Check directory
if os.path.isdir(pathDirectoryErrors):
# Check errors file
if os.access(pathFileExesList, os.R_OK):
retCode = subprocess.call("(tac %s|sed 's/^###/-------------------------------------------------------------------------------------\\n/g'|sed 's/###$//g'|less -R) 2>/dev/null" % (pathFileExesList), shell=True)
print
else:
print
print "No executions"
print
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
elif opt == 'r':
## View Log running executions
# Get sshUserNodes value
sshUserNodes = getValueFromFile(pathConfig, 'sshUserNodes:', ':')
if sshUserNodes:
totalExes = int(subprocess.Popen("(ls -la %s/.*.tmp|awk '{print $6,$7,$8,$5,substr($9,length(\"%s\")+2)}'|wc -l) 2> /dev/null" % (pathDirectoryErrors,pathDirectoryErrors), shell=True, stdout=subprocess.PIPE).stdout.read().strip())
if totalExes > 0:
# List running executions
print
print "List of running executions"
print
exes = [""]
countExes = 1
for lineExes in subprocess.Popen("ls -la %s/.*.tmp|awk '{print $6,$7,$8,$5,substr($9,length(\"%s\")+2)}' 2> /dev/null" % (pathDirectoryErrors,pathDirectoryErrors), shell=True, stdout=subprocess.PIPE).stdout.readlines():
print "(%s) %s" %(countExes,lineExes)
exes.append(lineExes.split(' ')[4].strip())
countExes += 1
# Ask execution (number)
try:
print
correct = False
count = 0
inputValue = raw_input('Number Execution or ALL (enter): ')
if inputValue:
try:
numberExe = int(inputValue)
except:
numberExe = ""
if numberExe <= 0 or numberExe > totalExes:
numberExe = ""
else:
numberExe = ""
except KeyboardInterrupt:
numberExe = ""
else:
numberExe = ""
# Selecting Log File
if numberExe != "":
try:
retCode = subprocess.call("echo; echo '%s LOGS'; echo; grep '^TASK ' %s/%s; echo; tail -f -n 25 %s/%s" % (exes[int(numberExe)],pathDirectoryErrors,exes[int(numberExe)],pathDirectoryErrors,exes[int(numberExe)]), shell=True)
except KeyboardInterrupt:
print
else:
print
print "No log files"
print
else:
print >> sys.stderr, "System not configured, select option 1"
print >> sys.stderr
else:
print "Option %s not valid" % (opt)
raw_input("Press Enter to show Main Menu ")
def main():
option = '-1'
while option != 'q':
try:
os.system("clear")
print
printMenu()
option = selectOption()
if option != 'q':
execOption(option)
except KeyboardInterrupt:
option = 'q'
print
print "Interrupted"
print
print
print "Bye"
print
sys.exit(0)
if __name__ == '__main__':
main()