borekon/lynis-report-converter
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

WIP

Browse Source
This commit is contained in:
dataking 2016-06-02 14:10:51 -07:00
parent a26192f633
commit 5e21aaa0d2
1 changed files with 43 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
lynis_report.pl Normal file → Executable file
View File

@ -17,17 +17,57 @@ GetOptions(
my $lynis_log = '/var/log/lynis.log'; my $lynis_log = '/var/log/lynis.log';
my $lynis_report = '/var/log/lynis-report.dat'; my $lynis_report = '/var/log/lynis-report.dat';
my $audit_run = 0; #assume false my $audit_run = 0; #assume false
if ( -e $lynis_log and ! -z $lynis_log ) { my %lynis_report_data;
if (( -e $lynis_log) and ( ! -z $lynis_log )) {
print colored("Found lynis output log. \n", "cyan") if ($verbose); print colored("Found lynis output log. \n", "cyan") if ($verbose);
$audit_run++; $audit_run++;
} }
if ( -e $lynis_report and ! -z $lynis_report ) { if (( -e $lynis_report) and ( ! -z $lynis_report )) {
print colored("Found lynis report. \n", "cyan") if ($verbose); print colored("Found lynis report. \n", "cyan") if ($verbose);
$audit_run++; $audit_run++;
} }
if ($audit_run) and ($audit_run >= 1) { if (($audit_run) and ($audit_run >= 1)) {
print "Looks like the audit has been run. \n"; print "Looks like the audit has been run. \n";
} else { } else {
print colored("Couldn't find one or more of the lynis output files. Try running the audit again. \n", "bold red"); print colored("Couldn't find one or more of the lynis output files. Try running the audit again. \n", "bold red");
} }
# the report is easy to process, and actually doesn't contain the "audit findings"....just the data.
# but it is not our job to draw conclusions here, just present the findings of the tool.
open RPT, "<$lynis_report" or die colored("There was a problem opening the lynis report: $! \n", "bold red");
while (my $line = <RPT>) {
chomp($line);
my ($k, $v) = split(/=/, $line);
print "k=$k\n" if (($verbose) and ($verbose > 1));
print "v=$v\n" if (($verbose) and ($verbose > 1));
# if the key already exists, assume it's supposed to be an array value. Array values are handled a couple
# different ways in the lynis report. This is just one.
if (exists($lynis_report_data{$k})) {
if (ref($lynis_report_data{$k}) eq 'ARRAY') {
push @{$lynis_report_data{$k}}, $v;
} else {
my $tmp_v = $lynis_report_data{$k};
undef($lynis_report_data{$k});
push @{$lynis_report_data{$k}}, $tmp_v, $v;
}
} else {
$lynis_report_data{$k} = $v;
}
}
close RPT or die colored("There was a problem closing the lynis report: $! \n", "bold red");
# process "string array" values delimited by a pipe (|)
foreach my $key ( sort keys %lynis_report_data ) {
print "$key, ".ref($lynis_report_data{$key})." \n" if (($verbose) and ($verbose >= 1));
if (((ref($lynis_report_data{$key}) ne 'ARRAY') and
(ref($lynis_report_data{$key}) ne 'HASH')) and
($lynis_report_data{$key} =~ /\|/)) {
my @fs = split(/\|/, $lynis_report_data{$key});
undef($lynis_report_data{$key});
push @{$lynis_report_data{$key}}, @fs;
}
}
print Dumper(\%lynis_report_data);