cai/CAI-Watchdog
1
1
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity
CAI-Watchdog/README.md
Alexander I. Chebykin 719562239a README updated 
README updated
2022-06-28 22:32:49 +03:00

4.0 KiB
Raw Blame History

CAI-Watchdog

Watchdog for monitoring web-services

Requirements

###On *nix

###On Windows

  • PowerShell

Configuration file

Default configuration file location:

On *nix: /etc/cai-watchdog.conf

On Windows: current directory

You can specify config file as parameter: cai-watchdog /path/to/config/config_file.conf (*nix) or cai-watchdog.exe drive:\path\to\config\config_file.ini (Windows)

Configuration file parameters

[main]
check_interval = Interval between checks in seconds
rules_count = Rules count to be loaded from config. Rules sections must be enumerated continuously [rule1], [rule2] ... etc

[notifications]
email = E-mail address for system notifications. Can be empty
command = Command to send notification
service_start = Send program start notification [true | false]

[rule1]
service = Service name
uri = URI to be checked
email = E-mail address for notifications
command = Command to send notification

In commands You can use fields <email>, <subject> and <message>

  • <email> - E-mail address for notifications
  • <subject> - E-mail subject
  • <message> - Message text

Scripts configurations

*nix

send-mail

Usage: send-mail recipient 'subject' 'message'

Configuration file /etc/email.conf

  • Username: - Set e-mail user name here
  • Password: - Set e-mail password here
  • SMTP Server: - Set SMTP server address here
  • Port: - Set SMTP port here
send-telegram

Usage: send-telegram 'message'

Configuration file /etc/telegram.conf

  • Group ID: - Set Telegram group ID here
  • Bot token: - Set Telegram token here

Windows

send-mail.ps1

Usage: send-mail.ps1 recipient 'subject' 'message'

Next lines needs to be configured:

  • $EmailFrom = "yourmailadress@somedomain.com" - Set sender e-mail address here
  • $SMTPServer = "smtp.somedomain.com" - Set SMTP-server address here
  • $SMTPClient.EnableSsl = $true - Set SSL flag here
  • $SMTPClient.Credentials = New-Object System.Net.NetworkCredential("usr", "pass"); - Set user ("usr") and password ("pass") here
send-telegram.ps1

Usage: send-telegram.ps1 'message'

  • $Telegramtoken = "Your_Telegram_Token" - Set Telegram token here
  • $Telegramchatid = "Your_Telegram_Chat_ID" - Set Telegram chat ID here

How to get Telegram token and chat ID

  1. Open @BotFather bot
  2. Run /newbot command and give name to your new bot
  3. Enter a username for the bot
  4. Take note of the API token. We will need this later. Note: it is case sensitive
  5. Click the link to open a chat with the newly created bot

Next you need to find your Telegram Chat ID.

  1. From the Telegram home screen, search for chatid_echo_bot. Click Chat ID Echo to open a chat
  2. Enter /start to get the bot to send you your Telegram Chat ID
  3. Take note of the Telegram Chat ID returned

User logins monitoring (*nix)

Watchdog can send notifications on user login. Just add to /etc/profile.d/sshinfo.sh next lines:

  • For Telegram:
    1. User=$(whoami)
    2. send-telegram "SSH: User ${Users} is logged in"
  • For e-mail:
    1. User=$(whoami)
    2. send-mail your@mail.addr 'SSH: User ${Users} is logged in' 'SSH: User ${Users} is logged in'

User logouts monitoring (*nix)

  1. Create file /etc/pam.d/pam_session.sh with next content:

    For Telegram:

    #!/bin/sh
if [ "$PAM_TYPE" = "close_session" ]; then
  send-telegram "SSH: User is logged out"
fi

    For e-mail:

    #!/bin/sh
if [ "$PAM_TYPE" = "close_session" ]; then
  send-mail your@mail.addr 'SSH: User is logged out' 'SSH: User is logged out'
fi

    and set executable flag on it

  2. Modify /etc/pam.d/sshd, add line session optional pam_exec.so quiet /etc/pam.d/pam_session.sh