Go to file

Alexander I. Chebykin dbb860a00b Merge pull request 'Update README.md' (#19 ) from v1 into master

Reviewed-on: https://www.cainet.info/git/cai/CAI-Watchdog/pulls/19

2022-10-30 23:02:49 +03:00

scripts

on-start script updated, localized scripts added

2022-10-29 21:15:02 +03:00

src

tiny bug fixed

2022-10-29 21:06:28 +03:00

.gitignore

README updated

2022-06-28 22:32:49 +03:00

Cargo.lock

Now you can run script on watchdog startup. File structure changed on *nix. Some changes in config file and scripts, please check on upgrade.

2022-10-29 16:57:57 +03:00

Cargo.toml

Now you can run script on watchdog startup. File structure changed on *nix. Some changes in config file and scripts, please check on upgrade.

2022-10-29 16:57:57 +03:00

LICENSE

Minimal functionality implemented

2022-06-27 00:16:39 +03:00

README.md

Update README.md

2022-10-30 22:59:39 +03:00

README.md

CAI-Watchdog

Watchdog for monitoring web-services and running processes

Requirements

On *nix

OpenSSL 1.0.1, 1.0.2, 1.1.0, or 1.1.1 with headers (see https://github.com/sfackler/rust-openssl)
Perl
Curl

On Windows

PowerShell

Configuration file

Default configuration file location:

On *nix: /etc/cai-watchdog.conf

On Windows: current directory

You can specify config file as parameter: cai-watchdog /path/to/config/config_file.conf (*nix) or cai-watchdog.exe drive:\path\to\config\config_file.ini (Windows)

Configuration file parameters

[main]
check_interval = Interval between checks in seconds
rules_count = Rules count to be loaded from config. Rules sections must be enumerated continuously [rule1], [rule2] ... etc
on_start_command = Command to be executed when watchdog started

[rule1]
service = Service name
uri = URI to be checked
process = process to be checked
email = E-mail address for notifications
command = Command to send notification

In commands You can use fields <email>, <subject>, <message>, <service>, <uri>, <process> and <state>

<email> - E-mail address for notifications
<subject> - E-mail subject
<message> - Message text
<service> - Service name
<uri> - Service URI (for web services)
<process> - Process name (for OS tasks)
<state> - Service states are online and offline, process states are running and stopped

Scripts configurations

*nix

send-mail

Usage: send-mail recipient 'subject' 'message'

Configuration file /etc/cai-watchdog/email.conf

Username: - Set e-mail user name here
Password: - Set e-mail password here
SMTP Server: - Set SMTP server address here
Port: - Set SMTP port here

send-mail-[locale]

Usage: send-mail-[locale] recipient 'service' 'process-or-uri' 'state'

Configuration file /etc/cai-watchdog/email.conf

Username: - Set e-mail user name here
Password: - Set e-mail password here
SMTP Server: - Set SMTP server address here
Port: - Set SMTP port here

send-telegram

Usage: send-telegram 'message'

Configuration file /etc/cai-watchdog/telegram.conf

Group ID: - Set Telegram group ID here
Bot token: - Set Telegram token here

send-telegram-[locale]

Usage: send-telegram-[locale] 'service', 'process-or-uri', 'state'

Configuration file /etc/cai-watchdog/telegram.conf

Group ID: - Set Telegram group ID here
Bot token: - Set Telegram token here

Windows

send-mail.ps1

Usage: send-mail.ps1 recipient 'subject' 'message'

Next lines needs to be configured:

$EmailFrom = "yourmailadress@somedomain.com" - Set sender e-mail address here
$SMTPServer = "smtp.somedomain.com" - Set SMTP-server address here
$SMTPClient.EnableSsl = $true - Set SSL flag here
$SMTPClient.Credentials = New-Object System.Net.NetworkCredential("usr", "pass"); - Set user ("usr") and password ("pass") here

send-telegram.ps1

Usage: send-telegram.ps1 'message'

$Telegramtoken = "Your_Telegram_Token" - Set Telegram token here
$Telegramchatid = "Your_Telegram_Chat_ID" - Set Telegram chat ID here

How to get Telegram token and chat ID

Open @BotFather bot
Run /newbot command and give name to your new bot
Enter a username for the bot
Take note of the API token. We will need this later. Note: it is case sensitive
Click the link to open a chat with the newly created bot

Next you need to find your Telegram Chat ID.

From the Telegram home screen, search for chatid_echo_bot. Click Chat ID Echo to open a chat
Enter /start to get the bot to send you your Telegram Chat ID
Take note of the Telegram Chat ID returned

Service configuration (*nix)

If you want to get messages when watchdog service is stopped, uncomment following line: ExecStopPost=/etc/cai-watchdog/on-stop

User logins monitoring (*nix)

Watchdog can send notifications on user login. Just add to /etc/profile.d/sshinfo.sh next lines:

For Telegram:

User=$(whoami)
IP=$(echo $SSH_CONNECTION | awk '{ print $1 == "" ? "127.0.0.1" : $1 }')
CAI_WATCHDOG_PATH=/etc/cai-watchdog
source ${CAI_WATCHDOG_PATH}/inc-icons
${CAI_WATCHDOG_PATH}/send-telegram "${ICON_INFO} SSH: User ${User} is logged in from ${IP}"

For e-mail:

User=$(whoami)
IP=$(echo $SSH_CONNECTION | awk '{ print $1 == "" ? "127.0.0.1" : $1 }')
CAI_WATCHDOG_PATH=/etc/cai-watchdog
source ${CAI_WATCHDOG_PATH}/inc-icons
${CAI_WATCHDOG_PATH}/send-mail your@mail.addr '${ICON_INFO} SSH: User ${User} is logged in' '${ICON_INFO} SSH: User ${User} is logged in from ${IP}'

User logouts monitoring (*nix)

Create file /etc/pam.d/pam_session.sh with next content:

For Telegram:

#!/bin/sh
CAI_WATCHDOG_PATH=/etc/cai-watchdog
if [ "$PAM_TYPE" = "close_session" ]; then
  ${CAI_WATCHDOG_PATH}/send-telegram "SSH: User ${PAM_USER} is logged out"
fi

For e-mail:

#!/bin/sh
CAI_WATCHDOG_PATH=/etc/cai-watchdog
if [ "$PAM_TYPE" = "close_session" ]; then
  ${CAI_WATCHDOG_PATH}/send-mail your@mail.addr 'SSH: User ${PAM_USER} is logged out' 'SSH: User is logged out'
fi

and set executable flag on it

Modify /etc/pam.d/sshd, add line session optional pam_exec.so quiet /etc/pam.d/pam_session.sh

Releases 1

Version 0.8.0 Latest

2022-12-26 02:18:22 +03:00

Languages

Rust 73.6%

Shell 26.4%