WIP
This commit is contained in:
dataking
parent
a26192f633
commit
5e21aaa0d2
46
lynis_report.pl
Normal file → Executable file
46
lynis_report.pl
Normal file → Executable file
|
|
@ -17,17 +17,57 @@ GetOptions(
|
|||
my $lynis_log = '/var/log/lynis.log';
|
||||
my $lynis_report = '/var/log/lynis-report.dat';
|
||||
my $audit_run = 0; #assume false
|
||||
if ( -e $lynis_log and ! -z $lynis_log ) {
|
||||
my %lynis_report_data;
|
||||
|
||||
if (( -e $lynis_log) and ( ! -z $lynis_log )) {
|
||||
print colored("Found lynis output log. \n", "cyan") if ($verbose);
|
||||
$audit_run++;
|
||||
}
|
||||
if ( -e $lynis_report and ! -z $lynis_report ) {
|
||||
if (( -e $lynis_report) and ( ! -z $lynis_report )) {
|
||||
print colored("Found lynis report. \n", "cyan") if ($verbose);
|
||||
$audit_run++;
|
||||
}
|
||||
|
||||
if ($audit_run) and ($audit_run >= 1) {
|
||||
if (($audit_run) and ($audit_run >= 1)) {
|
||||
print "Looks like the audit has been run. \n";
|
||||
} else {
|
||||
print colored("Couldn't find one or more of the lynis output files. Try running the audit again. \n", "bold red");
|
||||
}
|
||||
|
||||
# the report is easy to process, and actually doesn't contain the "audit findings"....just the data.
|
||||
# but it is not our job to draw conclusions here, just present the findings of the tool.
|
||||
open RPT, "<$lynis_report" or die colored("There was a problem opening the lynis report: $! \n", "bold red");
|
||||
while (my $line = <RPT>) {
|
||||
chomp($line);
|
||||
my ($k, $v) = split(/=/, $line);
|
||||
print "k=$k\n" if (($verbose) and ($verbose > 1));
|
||||
print "v=$v\n" if (($verbose) and ($verbose > 1));
|
||||
# if the key already exists, assume it's supposed to be an array value. Array values are handled a couple
|
||||
# different ways in the lynis report. This is just one.
|
||||
if (exists($lynis_report_data{$k})) {
|
||||
if (ref($lynis_report_data{$k}) eq 'ARRAY') {
|
||||
push @{$lynis_report_data{$k}}, $v;
|
||||
} else {
|
||||
my $tmp_v = $lynis_report_data{$k};
|
||||
undef($lynis_report_data{$k});
|
||||
push @{$lynis_report_data{$k}}, $tmp_v, $v;
|
||||
}
|
||||
} else {
|
||||
$lynis_report_data{$k} = $v;
|
||||
}
|
||||
}
|
||||
close RPT or die colored("There was a problem closing the lynis report: $! \n", "bold red");
|
||||
|
||||
# process "string array" values delimited by a pipe (|)
|
||||
foreach my $key ( sort keys %lynis_report_data ) {
|
||||
print "$key, ".ref($lynis_report_data{$key})." \n" if (($verbose) and ($verbose >= 1));
|
||||
if (((ref($lynis_report_data{$key}) ne 'ARRAY') and
|
||||
(ref($lynis_report_data{$key}) ne 'HASH')) and
|
||||
($lynis_report_data{$key} =~ /\|/)) {
|
||||
my @fs = split(/\|/, $lynis_report_data{$key});
|
||||
undef($lynis_report_data{$key});
|
||||
push @{$lynis_report_data{$key}}, @fs;
|
||||
}
|
||||
}
|
||||
|
||||
print Dumper(\%lynis_report_data);
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user