From: mivirl <> Date: Fri, 26 Jan 2024 01:15:54 +0000 (-0600) Subject: Add comments for simpler editing of monitored files X-Git-Url: http://mivirl.dev/git/?a=commitdiff_plain;h=29a83a16014d0950b2b3623c06422d411e5f4ef9;p=remote-logging.git Add comments for simpler editing of monitored files --- diff --git a/src/client.pl b/src/client.pl index a7e890d..fe32b4b 100644 --- a/src/client.pl +++ b/src/client.pl @@ -4,9 +4,12 @@ use warnings; use IO::Socket::INET; use POSIX "strftime"; +# Change this to the IP of the server my $server_ip = "127.0.0.1"; my $server_port = 46515; +# See what's sent and monitored at the bottom of the script + my @child_processes; sub stop_child_processes { @@ -104,8 +107,7 @@ sub login { sub send_info { my ($clientName, $clientKey) = @_; my $socket = login($clientName, $clientKey); - my $info = join "", ns_system('./busybox', './busybox', 'sh', '-c', - 'hostname; date; uname -a; lspci; lsusb; ifconfig'); + my $info = join "", ns_system('./busybox', 'sh', '-c', 'hostname; date; uname -a; lspci; lsusb; ifconfig'); $socket->send("info\n"); $socket->send($info); $socket->send("⟃---EOF---⟄\n"); @@ -125,6 +127,7 @@ sub send_log { my $fileName = $file =~ s/\////gr; $socket->send("log\n"); $socket->send("$fileName\n"); + print_log "Log: Uploading $file"; my $tailLog = ns_systemFH('./busybox', './busybox', 'tail', '-F', "$file"); while (<$tailLog>) { $socket->send($_); @@ -227,19 +230,36 @@ sub capture_packets { my ($hostname) = ns_system('./busybox', 'hostname'); my ($name, $key) = register($hostname); -#print_log "Name: $name, Key: $key"; send_info($name, $key); + +# Files, logs, and commands to send to the server +# ------------------------------------------------------------------------------ + +# These files will have their contents sent as they are updated +send_log($name, $key, '/var/log/secure'); send_log($name, $key, '/var/log/auth.log'); send_log($name, $key, '/var/log/cron'); +send_log($name, $key, '/var/log/messages'); send_log($name, $key, '/var/log/syslog'); + +# These files will be sent once send_file($name, $key, '/etc/passwd'); send_file($name, $key, '/etc/group'); send_file($name, $key, '/etc/sudoers'); -send_command_output($name, $key, 'pspy_output.txt', './pspy64', '-f'); +send_file($name, $key, '/etc/crontab'); + +# These commands will have their output sent as they are updated +send_command_output($name, $key, 'journalctl', 'journalctl', '-f'); +send_command_output($name, $key, 'pspy', './pspy64', '-f'); + +# These directories and their subdirectories will be watched and any modified files will be sent watch_directory($name, $key, '/tmp'); watch_directory($name, $key, '/dev/shm'); watch_directory($name, $key, '/home'); +# ------------------------------------------------------------------------------ + +# Wait for processes to exit. Do not remove foreach (@child_processes) { waitpid $_, 0; } diff --git a/src/server.sh b/src/server.sh index 685d0c5..2b10525 100644 --- a/src/server.sh +++ b/src/server.sh @@ -97,7 +97,7 @@ while read -r COMMAND; do read -r TMPHASH # Client should send with `cat file | nc ip port` - PORT=$(( ($RANDOM*2 + $RANDOM%2) % 64511 + 1024 )) + PORT=$(( ($RANDOM * 2 + $RANDOM % 2) % 64511 + 1024 )) echo "$PORT" nc -w 5 -l -p "$PORT" > "F__${TMPFILENAME}"