├── README.md
├── SSH.chart.py
├── SSH.conf
├── screenshot.png
└── update.sh


/README.md:
--------------------------------------------------------------------------------
 1 | # Netdata SSH Module
 2 | 
 3 | ----
 4 | This is a simple module for [Netdata](https://github.com/firehol/netdata) to add a chart to show failed authentication's count of SSH.
 5 | 
 6 | *I used and tested it on Debian based systems but I think it would work on CentOS if you change "path" field in SSH.conf to "/var/log/secure" and change owner of this file to netdata.*
 7 | 
 8 | ----
 9 | ## Usage
10 | 1. Clone repo
11 | 
12 | 2. Run update.sh to install or update the module (needs root permission)
13 | 
14 | 3. Make sure the `/var/log/auth.log` is readable for the netdata (Add `netdata` user to `adm` group by `usermod -aG adm netdata`)
15 | 
16 | 4. Restart netdata
17 | 
18 | ---
19 | ![screenshot](https://github.com/Yaser-Amiri/netdata-ssh-module/blob/master/screenshot.png "Screenshot")
20 | 


--------------------------------------------------------------------------------
/SSH.chart.py:
--------------------------------------------------------------------------------
 1 | from re import search
 2 | from bases.FrameworkServices.LogService import LogService
 3 | 
 4 | update_every = 5
 5 | retries = 3
 6 | 
 7 | 
 8 | ORDER = ['failed_authentications']
 9 | 
10 | CHARTS = {
11 |     'failed_authentications': {
12 |         'options': [None, 'Failed Authentications', 'count', 'Authentication',
13 |                     'ssh.failed_auth', 'line'],
14 |         'lines': [
15 |             ["count", "failed-count", 'absolute', 1, 1]
16 |         ]},
17 | }
18 | 
19 | 
20 | class Service(LogService):
21 |     def __init__(self, configuration=None, name=None):
22 |         LogService.__init__(self, configuration=configuration, name=name)
23 |         self.log_path = self.configuration.get('path', '/var/log/auth.log')
24 |         self.order = ORDER
25 |         self.definitions = CHARTS
26 | 
27 |     def _get_data(self):
28 |         try:
29 |             count = 0
30 |             for line in self._get_raw_data():
31 |                 if search(r'Failed password for invalid.+ssh', line):
32 |                     count += 1
33 |             return {"count": count}
34 |         except (ValueError, AttributeError):
35 |             return None
36 | 


--------------------------------------------------------------------------------
/SSH.conf:
--------------------------------------------------------------------------------
1 | path: /var/log/auth.log
2 | 


--------------------------------------------------------------------------------
/screenshot.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Yaser-Amiri/netdata-ssh-module/47eda4b7679f427194d1ffb2383114276a0df43d/screenshot.png


--------------------------------------------------------------------------------
/update.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | SCRIPT_FILE="SSH.chart.py"
 4 | CONFIG_FILE="SSH.conf"
 5 | 
 6 | 
 7 | 
 8 | if [ $# -eq 0 ]; then
 9 | 	MODULES_DIR="/usr/libexec/netdata/python.d"
10 | 	ETC_DIR="/etc/netdata/python.d"
11 | elif [ $# -eq 2 ]; then
12 | #	MODULES_DIR=$(dirname $1)
13 | #	ETC_DIR=$(dirname $2)
14 | 	MODULES_DIR=$1
15 | 	ETC_DIR=$2
16 | else
17 | 	echo "In most cases you must run this script without parameters"
18 | 	echo "It will install SSH module to netdata daemon (or update it)"
19 | 	echo "If you have custom path to netdata lib/config directory, you must specify both in parameters:"
20 | 	echo "    Netdata python modules directory (to copy $SCRIPT_FILE)"
21 | 	echo "    Netdata python modules configuration directory (to copy $CONFIG_FILE)"
22 | 	echo "For example:"
23 | 	echo "    ./update.sh /usr/libexec/netdata/python.d /etc/netdata/python.d"
24 | 	echo "Don't forget to pull new changes from git repository of the module before run this script"
25 | fi
26 | if [ $# -eq 2 ] || [ $# -eq 0 ]; then
27 | 	if [ ! -d $MODULES_DIR ]; then
28 | 		echo "$MODULES_DIR is not exist!"
29 | 		echo "You can specify another modules directory, see --help"
30 | 		exit 1
31 | 	elif [ ! -d $ETC_DIR ]; then
32 | 		echo "$ETC_DIR is not exist!"
33 | 		echo "You can specify another configuration directory, see --help"
34 | 		exit 1
35 | 	else
36 | 		echo "Copying $SCRIPT_FILE to $MODULES_DIR" &&
37 | 		cp $(dirname $0)/$SCRIPT_FILE $MODULES_DIR/$SCRIPT_FILE &&
38 | 		echo "Copying $CONFIG_FILE to $ETC_DIR" &&
39 | 		cp $(dirname $0)/$CONFIG_FILE $ETC_DIR/$CONFIG_FILE &&
40 | 		chown netdata:netdata $MODULES_DIR/$SCRIPT_FILE &&
41 | 		chown netdata:netdata $ETC_DIR/$CONFIG_FILE &&
42 | 		exit 0
43 | 	fi
44 | fi
45 | 
46 | 


--------------------------------------------------------------------------------