├── Log_Parsing_Script ├── LogParsing_Scenario.txt ├── show-attackers.sh └── syslog-sample ├── Network_Scripting_Script └── ping-server-status.sh ├── README.md └── UserAccount_Creation_Script ├── AccountCreation_Scenario.txt └── add-local-user.sh /Log_Parsing_Script/LogParsing_Scenario.txt: -------------------------------------------------------------------------------- 1 | Scenario: 2 | One day you received a call about a user being locked out of their account. Being the awesome sysadmin that you are, you decided to look at the log files to see why this person's account was locked. While doing so, you happened to notice hundreds thousands of failed login attempts! 3 | You decide you need a way to quickly summarize the failed login attempts. That way you can quickly decide if an IP address needs to blocked. 4 | 5 | Requirements: 6 | You think about what the shell script must do and how you would like it operate. You come up with the following list. 7 | 8 | The script: 9 | 10 | - Is named "show-attackers.sh". 11 | 12 | 1. Requires that a file is provided as an argument. If a file is not provided or it cannot be read, then the script will display an error message and exit with a status of 1. 13 | 14 | 2. Counts the number of failed login attempts by IP address. If there are any IP addresses with more than 10 failed login attempts, the number of attempts made, the IP address from which those attempts were made, and the location of the IP address will be displayed. 15 | 16 | 3. Produces output in CSV (comma-separated values) format with a header of "Count,IP,Location". 17 | 18 | Files to use: 19 | - Syslog-sample 20 | 21 | Psuedo Code: 22 | 23 | # Make sure a file was supplied as an argument. 24 | 25 | # Display the CSV header. 26 | 27 | # Loop through the list of failed attempts and corresponding IP addresses. 28 | 29 | # If the number of failed attempts is greater than the limit, display count, IP, and location. 30 | 31 | -------------------------------------------------------------------------------- /Log_Parsing_Script/show-attackers.sh: -------------------------------------------------------------------------------- 1 | #/bin/bash 2 | 3 | # Count the number of failed logins by an attacker 4 | # If there are IP's with over the limit failure, notification would be generated 5 | # In the notification, display the count, IP and location of the IP from wheere it attack originated 6 | 7 | # Create a sample variable which can be changed later 8 | LIMIT='10' 9 | 10 | # Give the log file to be used from the command line 11 | LOG_FILE="${1}" 12 | 13 | # Incorporate a check in case the file was supplied or not using loop 14 | if [[ ! -e "${LOG_FILE}" ]] 15 | then 16 | echo "Cannot open the log file: ${LOG_FILE}" >&2 17 | exit 1 18 | fi 19 | 20 | # Loop through a list of failed attempts and corrsponding IP Addresses from the file 21 | grep Failed "${LOG_FILE}" | awk '{print $(NF -3)}' | sort | uniq -c | sort -nr | while read COUNT IP 22 | do 23 | 24 | # If number of failed attempts is greater than the limit, then display the count, IP and location using geolocation command 25 | if [[ "${COUNT}" -gt "${IP}"]] 26 | then 27 | LOCATION=$(geolookup ${IP} | awk ', ' '{print $2}') 28 | echo "${COUNT},${IP},${LOCATION}" 29 | fi 30 | done 31 | exit 0 -------------------------------------------------------------------------------- /Network_Scripting_Script/ping-server-status.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # This script pings a list of servers from a file and checks whether the servers are up or not 4 | 5 | # Variable for storing the server file location 6 | SERVER_FILE="/vagrant/servers" 7 | 8 | 9 | # Make sure the file is present 10 | if [[ ! -ne "${SERVER_FILE}" ]] 11 | then 12 | echo "Cannot open the server source file" &> 2 13 | exit 1 14 | fi 15 | 16 | 17 | # If the file is present, loop through the entries of the server file 18 | for SERVER in $(cat ${SERVER_FILE}) 19 | do 20 | # Using ping command to send 2 packets for checking connection 21 | echo "Pinging ${SERVER}" 22 | ping -c 2 ${SERVER} &> /dev/null 23 | 24 | # If the above command ran with a non-zero error status, server would be unreachable 25 | if [[ "${?}" -ne 0 ]] 26 | then 27 | echo "${SERVER} seems to be unreachable" 28 | 29 | else 30 | echo "${SERVER} is up and running" 31 | fi 32 | done 33 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Automation Scripting using BASH and Python modules 2 | 3 | ## Description: 4 | This project consists of small collection of BASH and python scripts made to solve a particular scenario or automate commands for faster execution. Both BASH and Python have been used here to complete the tasks at hand. 5 | 6 | ## Script 1 (show-atackers.sh): Parsing the logs to determine IP address, location and count of failed attempts 7 | 8 | ## Script 2: Using a servers file with server hostnames present, check connectivity using PING module 9 | 10 | ## Script 3: Create users in linux/unix environment with validations of successful command exit status 11 | -------------------------------------------------------------------------------- /UserAccount_Creation_Script/AccountCreation_Scenario.txt: -------------------------------------------------------------------------------- 1 | Scenario: 2 | Imagine that you're working as a Linux System Administrator for a fast growing company. The latest company initiative requires you to build and deploy dozens of servers. You're falling behind schedule and are going to miss your deadline for these new server deployments because you are constantly being interrupted by the help desk calling you to create new Linux accounts for all the people in the company who have been recruited to test out the company's newest Linux-based application. 3 | In order to meet your deadline and keep your sanity, you decide to write a shell script that will create new user accounts. Once you're done with the shell script you can put the help desk in charge of creating new accounts which will finally allow you to work uninterrupted and complete your server deployments on time. 4 | 5 | Requirements: 6 | The script: 7 | 8 | - Is named "add-local-user.sh". 9 | 10 | 1. Enforces that it be executed with superuser (root) privileges. If the script is not executed with superuser privileges it will not attempt to create a user and returns an exit status of 1. 11 | 12 | 2. Prompts the person who executed the script to enter the username (login), the name for person who will be using the account, and the initial password for the account. 13 | 14 | 3. Creates a new user on the local system with the input provided by the user. 15 | 16 | 4. Informs the user if the account was not able to be created for some reason. If the account is not created, the script is to return an exit status of 1. 17 | 18 | 5. Displays the username, password, and host where the account was created. This way the help desk staff can copy the output of the script in order to easily deliver the information to the new account holder. 19 | 20 | After coming up with your list, you realize that you're not sure where to get the hostname information. You decide to wait until you start writing your shell script to check the bash man page to see if there are any builtin commands or variables that could provide this information 21 | 22 | 23 | Psuedo Code: 24 | 25 | # Make sure the script is being executed with superuser privileges. 26 | 27 | # Get the username (login). 28 | 29 | # Get the real name (contents for the description field). 30 | 31 | # Get the password. 32 | 33 | # Create the user with the password. 34 | 35 | # Check to see if the useradd command succeeded. 36 | 37 | # Set the password. 38 | 39 | # Check to see if the passwd command succeeded. 40 | 41 | # Force password change on first login. 42 | 43 | # Display the username, password, and the host where the user was created. 44 | 45 | -------------------------------------------------------------------------------- /UserAccount_Creation_Script/add-local-user.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # This script is used for creating a user in linux/unix environments 4 | # Validation is also being done of the user account to check whether the command succeeded 5 | # Finally, displaying the user created along with password and the host on which it was created 6 | 7 | # Make sure the script is being executed by superuser privileges 8 | if [[ "${UID}" -ne 0 ]] 9 | then 10 | echo "The script is not run as root" 11 | exit 1 12 | fi 13 | 14 | 15 | # Get the username (login) 16 | read -p "Enter the username: " USER_NAME 17 | 18 | 19 | # Get the real name and contents for the description 20 | read -p "Enter the real name: " COMMENT 21 | 22 | 23 | # Get the password 24 | read -p "Enter the password: " PASSWORD 25 | 26 | 27 | # Create the user with password 28 | useradd -c "${COMMENT}" -m ${USER_NAME} 29 | 30 | 31 | # Check to see if the useradd command succeeded 32 | if [[ "${?}" -ne 0 ]] 33 | then 34 | echo "User add command failed" 35 | exit 1 36 | fi 37 | 38 | 39 | # Set the password 40 | echo ${PASSWORD} | passwd --stdin ${USER_NAME} 41 | 42 | # Check to see if password command succeeded 43 | if [[ "${?}" -ne 0 ]] 44 | then 45 | echo "Password command failed" 46 | exit 1 47 | fi 48 | 49 | 50 | # Force password to change on its first login 51 | passwd -e ${USER_NAME} 52 | 53 | 54 | # Display username, password and host where the user was created 55 | echo 56 | echo 'Username:' 57 | echo "${USER_NAME}" 58 | echo 59 | echo 'Password:' 60 | echo "${PASSWORD}" 61 | echo 62 | echo 'Hostname' 63 | echo "${HOSTNAME}" 64 | exit 0 65 | --------------------------------------------------------------------------------