Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:redwil:15.4
radsecproxy
radsecproxy-stats.sh
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File radsecproxy-stats.sh of Package radsecproxy
#!/bin/bash VERSION="2011-12-21" # $VERSION Sven Uebelacker <sven@uebelacker.net> # radsecproxy-stats.sh parses the radsecproxy logfile and generates monthly statistics # License: GPLv3, https://www.gnu.org/licenses/gpl-3.0.html # # usage: radsecproxy-stats.sh [-h|--help] [-m|--month <YYYY-MM>] [-r|--realm <realm>] [-l|--logfile <logfile>] # -m, --month month in YYYY-MM notation, default: last month # -r, --realm realm of your institution, default: eduroam.org (setting your realm makes sense ;) # -l, --logfile filename of logfile incl. path, default: /var/log/radsecproxy.log # # EXAMPLES # radsecproxy-stats.sh -r myrealm.org # radsecproxy-stats.sh -r anotherrealm.edu -m 2011-09 -l /tmp/radsecproxy.log SCRIPT_NAME=${0##*/} ### begin config ### OUR_REALM_DEFAULT="eduroam.org" LOGFILE_DEFAULT="/var/log/radsecproxy.log" # sort option for external realms # empty: sort by name # "-k4 -n -r": sort by days of usage OUTPUT_SORT_ARGS_EXT_REALMS="" ### end config ### # check if bash version >= 4, need this for ass. arrays if [ "${BASH_VERSINFO}" -lt 4 ] then echo "error: Your bash version is too old. You need at least bash version 4.0, you are using version ${BASH_VERSION}." exit 1 fi # declaring ass. arrays declare -A outeridentityfail declare -A outeridentityreject declare -A realmsused declare -A realmsusedandrejected ### begin binaries ### BIN_SEARCH_LIST="GREP_BIN=grep EGREP_BIN=egrep WC_BIN=wc CUT_BIN=cut TR_BIN=tr SORT_BIN=sort" missing_prog="" for prog in ${BIN_SEARCH_LIST} do varname=${prog//=*} progname=${prog//*=} w=$( which ${progname} 2>/dev/null ) if [ -z "${w}" ] then missing_prog+="${progname} " else eval ${varname}="${w}" fi done if [ -n "${missing_prog}" ] then echo "error: Can't find the following programs: ${missing_prog}" echo "error: \$PATH was \"${PATH}\"" exit 1 fi ### end binaries ### ### begin handling args ### print_usage() { echo -e "${SCRIPT_NAME} version ${VERSION}, Sven Uebelacker <sven@uebelacker.net>" echo "usage: ${SCRIPT_NAME} [-h|--help] [-m|--month <YYYY-MM>] [-r|--realm <realm>] [-l|--logfile <logfile>]" echo " -m, --month month in YYYY-MM notation, default: last month" echo " -r, --realm realm of your institution, default: eduroam.org (setting your realm makes sense ;)" echo " -l, --logfile filename of logfile incl. path, default: /var/log/radsecproxy.log" } month_arg="" realm_arg="" logfile_arg="" while [ $# -gt 0 ] do case $1 in (-m|--month) shift month_arg="$1" shift ;; (-r|--realm) shift realm_arg="$1" shift ;; (-l|--logfile) shift logfile_arg="$1" shift ;; *) print_usage exit 2 ;; esac done if [ -z ${month_arg} ] then whichmonth=$( date +%Y-%m -d "last month" ) elif [[ ${month_arg} =~ ^[0-9]{4}-[0-9]{2}$ ]] then whichmonth="${month_arg}" else echo "error: mal-formatted month argument, use YYYY-MM." print_usage exit 3 fi if [ -z ${realm_arg} ] then OUR_REALM="${OUR_REALM_DEFAULT}" else OUR_REALM="${realm_arg}" fi if [ -z ${logfile_arg} ] then if [ -r "${LOGFILE_DEFAULT}" -a -f "${LOGFILE_DEFAULT}" ] then LOGFILE="${LOGFILE_DEFAULT}" else echo "error: no logfile found or not a file." print_usage exit 4 fi elif [ -r "${logfile_arg}" -a -f "${logfile_arg}" ] then LOGFILE="${logfile_arg}" else echo "error: logfile not readable or not a file." print_usage exit 5 fi ### end handling args ### # information gathering: parsing Access-Accept and Access-Reject entries while read logline do datum=$( echo "${logline}" | ${CUT_BIN} -d: -f1-3 ) datum_match=$( date +%Y-%m -d "${datum}" ) if [ "${datum_match}" != "${whichmonth}" ] then continue fi datum_short=$( date +%F -d "${datum}" ) realm=$( echo "${logline}" | ${CUT_BIN} -d@ -f2 | ${CUT_BIN} -d" " -f1 ) if echo "${logline}" | ${GREP_BIN} "Access-Accept" >/dev/null # add date to realm hash for Access-Access entries then if [[ -z "${realmsused[${realm}]}" ]] then realmsused["${realm}"]="${datum_short}" else realmsused["${realm}"]+="\n" realmsused["${realm}"]+="${datum_short}" fi # for checking correct ${OUR_REALM} configurations (anonymous has to be outer-identity!) outer_identity=$( echo "${logline}" | ${CUT_BIN} -d" " -f8 ) if [[ "${outer_identity}" =~ @${OUR_REALM}$ ]] then if [[ ! "${outer_identity}" =~ anonymous@${OUR_REALM}$ ]] then outeridentityfail["${outer_identity}"]="${datum_short}" fi fi elif echo "${logline}" | ${GREP_BIN} "Access-Reject" >/dev/null # add date to realm hash for Access-Reject entries then if [[ -z "${realmsused[${realm}]}" ]] then realmsusedandrejected["${realm}"]="${datum_short}" else realmsusedandrejected["${realm}"]+="\n" realmsusedandrejected["${realm}"]+="${datum_short}" fi # for checking correct ${OUR_REALM} configurations (rejected accounts) outer_identity=$( echo "${logline}" | ${CUT_BIN} -d" " -f8 ) if [[ "${outer_identity}" =~ @${OUR_REALM}$ ]] then outeridentityreject["${outer_identity}"]="${datum_short}" fi fi done < <( ${EGREP_BIN} "Access-(Accept|Reject) for user" "${LOGFILE}" | ${TR_BIN} -s " " ) # output if [ ${#outeridentityfail[@]} -gt 0 ] then echo "WARNING: ${OUR_REALM} accounts with mal-formed (outer-)identity (not \"anonymous@${OUR_REALM}\")" for identity in ${!outeridentityfail[@]} do echo "- ${identity} (last use: ${outeridentityfail[${identity}]})" done | ${SORT_BIN} echo fi echo "Our realm accepted in ${whichmonth} [outbound radsecproxy connections]" realm="${OUR_REALM}" if [[ -z "${realmsused[${realm}]}" ]] then echo "- our realm (${realm}) was not used" else realmdates=$( echo -e "${realmsused[${realm}]}" | ${SORT_BIN} -u | ${GREP_BIN} -e "^20" ) realmdays=$( echo -e "${realmdates}" | ${WC_BIN} -l ) echo "- ${realm} (used ${realmdays} days)" unset realmsused["${OUR_REALM}"] fi echo echo "Our accounts rejected in ${whichmonth} [outbound radsecproxy connections]" realm="${OUR_REALM}" if [ ${#outeridentityreject[@]} -eq 0 ] then echo "- our accounts (realm ${realm}) were not rejected" else for identity in ${!outeridentityreject[@]} do echo "- ${identity} (last reject: ${outeridentityreject[${identity}]})" done | ${SORT_BIN} unset realmsusedandrejected["${OUR_REALM}"] fi echo echo "External realms accepted in ${whichmonth} [inbound radsecproxy connections]" if [[ ${#realmsused[@]} -eq 0 ]] then echo "- no external realms used" else for realm in ${!realmsused[@]} do # clean up dates in realmsused realmdates=$( echo -e "${realmsused[${realm}]}" | ${SORT_BIN} -u | ${GREP_BIN} -e "^20" ) realmdays=$( echo -e "${realmdates}" | ${WC_BIN} -l ) echo "- ${realm} (used ${realmdays} days)" done | ${SORT_BIN} ${OUTPUT_SORT_ARGS_EXT_REALMS} fi echo echo "External realms rejected in ${whichmonth} [inbound radsecproxy connections]" if [[ ${#realmsusedandrejected[@]} -eq 0 ]] then echo "- no external realms rejected" else for realm in ${!realmsusedandrejected[@]} do # clean up dates in realmsusedandrejected realmdates=$( echo -e "${realmsusedandrejected[${realm}]}" | ${SORT_BIN} -u | ${GREP_BIN} -e "^20" ) realmdays=$( echo -e "${realmdates}" | ${WC_BIN} -l ) echo "- ${realm} (rejected ${realmdays} days)" done | ${SORT_BIN} ${OUTPUT_SORT_ARGS_EXT_REALMS} fi exit 0
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor