LeonStoldt · October 1, 2022 12:23
diff --git a/check.sh b/check.sh
 #!/bin/bash
 # This script scans all queried domains of pihole for a provided list of domains and sends a telegram alert message if a defined url was queried.
 # It is far away from perfect or performance optimized and was created as a quick solution to solve a simple problem.
 # Check out the documentation of pihole for pihole related information: https://docs.pi-hole.net/
 # Check out the documentation of telegram for telegram related information: https://core.telegram.org/
 #
 # How to use:
 # > you need to have jq installed (check out jq here: https://wiki.ubuntuusers.de/jq/)
 # copy the script to your workspace and replace all references like directories, hosts, domains, token and ids with your personal (access) information.
 # Make the file executable (chmod +x check.sh)
 # Execute the script / test it - and create a crontab entry (crontab -e) to check regularly
 # Example crontab entry to check every 5 minutes: (crontab guide: https://crontab.cronhub.io/)
 # */5 * * * * /path/to/check.sh

 PWD=$(pwd)
 PIHOLE_DIR=path/to/pihole/dir # storing temporary/log files
 TMP_FILE=${PIHOLE_DIR}/pihole.json
 LOG_FILE=${PIHOLE_DIR}/access_log.txt
 PIHOLE_URL=127.0.0.1 # pihole host
 DOMAINS=(example.com www.example.com yourdomain.com) # domain list for alerts
 TOKEN=<YOUR_SECRET_PIHOLE_API_TOKEN>
 API_TOKEN=<YOUR_TELEGRAM_API_TOKEN> # create a bot and copy the token provided by the botfather
 CHAT_ID=<YOUR_TELEGRAM_CHAT_ID> # enter your telegram chat_id here to receive the message
 TS_INDEX=0 # index of timestamp in response json
 ALREADY_SENT=() # list of timestamps already sent to telegram

 IFS=$'\n' read -d '' -r -a ACCESS_LOG < ${LOG_FILE}
 echo "existing access log: (${ACCESS_LOG[*]})"

 cd ${PIHOLE_DIR} || exit

 for DOMAIN in ${DOMAINS[*]}
 do
   rm ${TMP_FILE}
   JSON=$(curl -s "http://${PIHOLE_URL}/admin/api.php?getAllQueries&domain=${DOMAIN}&auth=${TOKEN}" | jq -r '.data')
   echo ${JSON} > ${TMP_FILE}
   LENGTH=$(jq length "${TMP_FILE}")
   echo "length of array: ${LENGTH}"

   for ((i=0; i<=$["${LENGTH}" - 1]; i++))
   do
      ACCESS_TS=$(echo $JSON | jq -r ".["${i}"]["${TS_INDEX}"]")
      ACCESS_TIME=$(date -d @${ACCESS_TS})
      echo "Access time: $ACCESS_TIME"
      
      if [[ ("${ACCESS_LOG[@]}" =~ "${ACCESS_TS}") || ("${ALREADY_SENT[@]}" =~ "${ACCESS_TS}") ]] ; then
        echo "TS ${ACCESS_TS} already exists or was already sent"
      else
        echo "TS ${ACCESS_TS} does not exist. Adding and sending message..."
        grep -qxF "${ACCESS_TS}" "${LOG_FILE}" || echo "${ACCESS_TS}" >> "${LOG_FILE}"
        curl -s -o /dev/null "https://api.telegram.org/bot${API_TOKEN}/sendMessage" --data-urlencode "chat_id=${CHAT_ID}" --data-urlencode "text=${ACCESS_TIME}"
        ALREADY_SENT+=(${ACCESS_TS})
      fi
   done
 done

 cd $PWD || exit
	#!/bin/bash
	# This script scans all queried domains of pihole for a provided list of domains and sends a telegram alert message if a defined url was queried.
	# It is far away from perfect or performance optimized and was created as a quick solution to solve a simple problem.
	# Check out the documentation of pihole for pihole related information: https://docs.pi-hole.net/
	# Check out the documentation of telegram for telegram related information: https://core.telegram.org/
	#
	# How to use:
	# > you need to have jq installed (check out jq here: https://wiki.ubuntuusers.de/jq/)
	# copy the script to your workspace and replace all references like directories, hosts, domains, token and ids with your personal (access) information.
	# Make the file executable (chmod +x check.sh)
	# Execute the script / test it - and create a crontab entry (crontab -e) to check regularly
	# Example crontab entry to check every 5 minutes: (crontab guide: https://crontab.cronhub.io/)
	# /5 * * * /path/to/check.sh

	PWD=$(pwd)
	PIHOLE_DIR=path/to/pihole/dir # storing temporary/log files
	TMP_FILE=${PIHOLE_DIR}/pihole.json
	LOG_FILE=${PIHOLE_DIR}/access_log.txt
	PIHOLE_URL=127.0.0.1 # pihole host
	DOMAINS=(example.com www.example.com yourdomain.com) # domain list for alerts
	TOKEN=<YOUR_SECRET_PIHOLE_API_TOKEN>
	API_TOKEN=<YOUR_TELEGRAM_API_TOKEN> # create a bot and copy the token provided by the botfather
	CHAT_ID=<YOUR_TELEGRAM_CHAT_ID> # enter your telegram chat_id here to receive the message
	TS_INDEX=0 # index of timestamp in response json
	ALREADY_SENT=() # list of timestamps already sent to telegram

	IFS=$'\n' read -d '' -r -a ACCESS_LOG < ${LOG_FILE}
	echo "existing access log: (${ACCESS_LOG[*]})"

	cd ${PIHOLE_DIR} \|\| exit

	for DOMAIN in ${DOMAINS[*]}
	do
	rm ${TMP_FILE}
	JSON=$(curl -s "http://${PIHOLE_URL}/admin/api.php?getAllQueries&domain=${DOMAIN}&auth=${TOKEN}" \| jq -r '.data')
	echo ${JSON} > ${TMP_FILE}
	LENGTH=$(jq length "${TMP_FILE}")
	echo "length of array: ${LENGTH}"

	for ((i=0; i<=$["${LENGTH}" - 1]; i++))
	do
	ACCESS_TS=$(echo $JSON \| jq -r ".["${i}"]["${TS_INDEX}"]")
	ACCESS_TIME=$(date -d @${ACCESS_TS})
	echo "Access time: $ACCESS_TIME"

	if [[ ("${ACCESS_LOG[@]}" =~ "${ACCESS_TS}") \|\| ("${ALREADY_SENT[@]}" =~ "${ACCESS_TS}") ]] ; then
	echo "TS ${ACCESS_TS} already exists or was already sent"
	else
	echo "TS ${ACCESS_TS} does not exist. Adding and sending message..."
	grep -qxF "${ACCESS_TS}" "${LOG_FILE}" \|\| echo "${ACCESS_TS}" >> "${LOG_FILE}"
	curl -s -o /dev/null "https://api.telegram.org/bot${API_TOKEN}/sendMessage" --data-urlencode "chat_id=${CHAT_ID}" --data-urlencode "text=${ACCESS_TIME}"
	ALREADY_SENT+=(${ACCESS_TS})
	fi
	done
	done

	cd $PWD \|\| exit