Unix/Linux Go Back    


Linux RedHat, Ubuntu, SUSE, Fedora, Debian, Mandriva, Slackware, Gentoo linux, PCLinuxOS. All Linux questions here!

FileChecksum Monitoring

Linux


Reply    
 
Thread Tools Search this Thread Display Modes
    #1  
Old Unix and Linux 10-31-2017   -   Original Discussion by mjoshi010207
mjoshi010207's Unix or Linux Image
mjoshi010207 mjoshi010207 is offline
Registered User
 
Join Date: Mar 2014
Last Activity: 31 October 2017, 10:43 AM EDT
Posts: 3
Thanks: 1
Thanked 0 Times in 0 Posts
FileChecksum Monitoring

Hello Experts,

I am looking for some script for FileChecksum monitoring , i have prepared the script but its not working as needed .

Strategy :


Code:
1) Copy ("passwd" "shadow" "/security/access.conf") to a new file location
2) Do , md5sum "/etc/passwd" "CopiedFile-Passwd"  >tmp/HPOM_Checksum.log
3) Do , md5sum -c /tmp/HPOM_Checksum.log
     if ("passwd" "shadow" "/security/access.conf") gets modified , the md5sum o/p string will be different
This can be checked from 
4) md5sum -c /tmp/HPOM_Checksum.log
sample o/p 
[root@oilvs011 tmp]# md5sum -c /tmp/HPOM_Checksum.log
/etc/passwd: FAILED
/var/opt/OV/log/hpom_passwd.md5: OK

5) If this gets modified , i again want to run the same loop.

Note : Whenever there is change in file the script has to copy the file again as in step 1


If you have any other better solution to work on this do let me know :




Code:
#!/bin/sh
CHECKSUM_PATH=/etc
AGENT_LOG=/var/opt/OV/log
declare -a arr=("passwd" "shadow" "/security/access.conf")
##now loop through the above array
for i in "${arr[@]}"
do
    LIST_FILE=`ls -lrt "$AGENT_LOG" |grep "hpom_$i.md5" |wc -l`
echo $LIST_FILE
if [ $LIST_FILE -eq 0 ]; then
    COPY=`cp "$CHECKSUM_PATH/$i" "$AGENT_LOG/hpom_$i.md5"`
fi
done
declare -a arr=("passwd" "shadow" "/security/access.conf")
##now loop through the above array
for j in "${arr[@]}"
   do
     CHECKSUM=`md5sum "$CHECKSUM_PATH/$j" "$AGENT_LOG/hpom_$j.md5" >/tmp/HPOM_Checksum.log`
     CHECKSUM_STATUS=`md5sum -c /tmp/HPOM_Checksum.log |grep FAILED |wc -l`
     echo $CHECKSUM_STATUS
       if [ $CHECKSUM_STATUS -eq 1 ]; then
          COPY=`cp "$CHECKSUM_PATH/$j" "$AGENT_LOG/hpom_$j.md5"`
          echo `date +%b/%d/%Y-%H:%M:%S` Checksum Failed for $i >> /tmp/HPOM_Log_Checksum.log
       fi
   done

Thanks,
Mahender Joshi

Moderator's Comments:
FileChecksum Monitoring Please use code tags

Last edited by jim mcnamara; 10-31-2017 at 11:53 AM..
Sponsored Links
    #2  
Old Unix and Linux 11-03-2017   -   Original Discussion by mjoshi010207
rbatte1's Unix or Linux Image
rbatte1 rbatte1 is offline Forum Staff  
Root armed
 
Join Date: Jun 2007
Last Activity: 19 January 2018, 12:39 PM EST
Location: Lancashire, UK
Posts: 3,441
Thanks: 1,493
Thanked 671 Times in 604 Posts
Why not do an md5sum of all the files you are interested in to a single file? That way, just running md5sum -c checksums-file will do them all in one go. If you look at the file it creates, it will have the checksum and the examined filename in each record so you don't need to keep lots of separate single files and save you the worry of building/using an array.

For clarity, you can spread out your script if that helps, so saving the initial checksums:-

Code:
# However many files per line that makes sense to you, but nothing after the \ on each line

files_to_check="\
 /etc/passwd  /etc/shadow /security/access.conf \
 /etc/resolv.conf  /etc/sysconfig/network-scripts/* \
 /etc/fstab \
 /etc/httpd/httpd.conf \
 /anything/else/you/fancy \
"


md5sum $files_to_check > /var/lib/md5sums/critical.md5

Later you can just md5sum -c /var/lib/md5sums/critical.md5 and you get a nice report about the files previously listed.



I hope that this helps,
Robin
Sponsored Links
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Linux More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
HP -UX 11.31 monitoring Prasad@hp-ux HP-UX 12 04-30-2015 01:32 AM
FTP monitoring spiriad UNIX for Dummies Questions & Answers 6 07-27-2010 05:29 AM
log monitoring maverick_here Shell Programming and Scripting 2 07-08-2010 03:58 AM
Monitoring magasem AIX 1 11-06-2006 05:27 AM
DNS monitoring, how to littleghost IP Networking 0 05-29-2004 12:52 PM



All times are GMT -4. The time now is 04:52 PM.