WIP
This commit is contained in:
parent
a26192f633
commit
5e21aaa0d2
46
lynis_report.pl
Normal file → Executable file
46
lynis_report.pl
Normal file → Executable file
|
@ -17,17 +17,57 @@ GetOptions(
|
||||||
my $lynis_log = '/var/log/lynis.log';
|
my $lynis_log = '/var/log/lynis.log';
|
||||||
my $lynis_report = '/var/log/lynis-report.dat';
|
my $lynis_report = '/var/log/lynis-report.dat';
|
||||||
my $audit_run = 0; #assume false
|
my $audit_run = 0; #assume false
|
||||||
if ( -e $lynis_log and ! -z $lynis_log ) {
|
my %lynis_report_data;
|
||||||
|
|
||||||
|
if (( -e $lynis_log) and ( ! -z $lynis_log )) {
|
||||||
print colored("Found lynis output log. \n", "cyan") if ($verbose);
|
print colored("Found lynis output log. \n", "cyan") if ($verbose);
|
||||||
$audit_run++;
|
$audit_run++;
|
||||||
}
|
}
|
||||||
if ( -e $lynis_report and ! -z $lynis_report ) {
|
if (( -e $lynis_report) and ( ! -z $lynis_report )) {
|
||||||
print colored("Found lynis report. \n", "cyan") if ($verbose);
|
print colored("Found lynis report. \n", "cyan") if ($verbose);
|
||||||
$audit_run++;
|
$audit_run++;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($audit_run) and ($audit_run >= 1) {
|
if (($audit_run) and ($audit_run >= 1)) {
|
||||||
print "Looks like the audit has been run. \n";
|
print "Looks like the audit has been run. \n";
|
||||||
} else {
|
} else {
|
||||||
print colored("Couldn't find one or more of the lynis output files. Try running the audit again. \n", "bold red");
|
print colored("Couldn't find one or more of the lynis output files. Try running the audit again. \n", "bold red");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# the report is easy to process, and actually doesn't contain the "audit findings"....just the data.
|
||||||
|
# but it is not our job to draw conclusions here, just present the findings of the tool.
|
||||||
|
open RPT, "<$lynis_report" or die colored("There was a problem opening the lynis report: $! \n", "bold red");
|
||||||
|
while (my $line = <RPT>) {
|
||||||
|
chomp($line);
|
||||||
|
my ($k, $v) = split(/=/, $line);
|
||||||
|
print "k=$k\n" if (($verbose) and ($verbose > 1));
|
||||||
|
print "v=$v\n" if (($verbose) and ($verbose > 1));
|
||||||
|
# if the key already exists, assume it's supposed to be an array value. Array values are handled a couple
|
||||||
|
# different ways in the lynis report. This is just one.
|
||||||
|
if (exists($lynis_report_data{$k})) {
|
||||||
|
if (ref($lynis_report_data{$k}) eq 'ARRAY') {
|
||||||
|
push @{$lynis_report_data{$k}}, $v;
|
||||||
|
} else {
|
||||||
|
my $tmp_v = $lynis_report_data{$k};
|
||||||
|
undef($lynis_report_data{$k});
|
||||||
|
push @{$lynis_report_data{$k}}, $tmp_v, $v;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$lynis_report_data{$k} = $v;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
close RPT or die colored("There was a problem closing the lynis report: $! \n", "bold red");
|
||||||
|
|
||||||
|
# process "string array" values delimited by a pipe (|)
|
||||||
|
foreach my $key ( sort keys %lynis_report_data ) {
|
||||||
|
print "$key, ".ref($lynis_report_data{$key})." \n" if (($verbose) and ($verbose >= 1));
|
||||||
|
if (((ref($lynis_report_data{$key}) ne 'ARRAY') and
|
||||||
|
(ref($lynis_report_data{$key}) ne 'HASH')) and
|
||||||
|
($lynis_report_data{$key} =~ /\|/)) {
|
||||||
|
my @fs = split(/\|/, $lynis_report_data{$key});
|
||||||
|
undef($lynis_report_data{$key});
|
||||||
|
push @{$lynis_report_data{$key}}, @fs;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
print Dumper(\%lynis_report_data);
|
||||||
|
|
Loading…
Reference in New Issue
Block a user