Created
October 16, 2025 19:21
-
-
Save bluPhy/9e7e02f0511301e96a16f2edfe72eedf to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -x | |
| # Check if the script is run as root | |
| if [[ $EUID -ne 0 ]]; then | |
| echo "This script must be run as root." >&2 | |
| exit 1 | |
| fi | |
| # Set the sensor directory based on the OS | |
| wiz_dir="/opt/wiz" | |
| if grep -q "Container-Optimized OS from Google" /etc/os-release; then | |
| wiz_dir="/var/lib/wiz" | |
| fi | |
| sensor_dir=$wiz_dir/sensor | |
| # Create a directory to store the support package | |
| support_dir="./support_package_$(date +'%Y%m%d%H%M%S')" | |
| mkdir -p "$support_dir" | |
| # Define the log file path inside the support package folder | |
| log_file="$support_dir/support_package.log" | |
| touch "$log_file" | |
| # Function to log errors | |
| log_error() { | |
| echo "[ERROR] $1" >> "$log_file" | |
| } | |
| # Function to run a command and log any errors | |
| run_command() { | |
| command="$1" | |
| output="$2" | |
| eval "$command" >> "$output" 2>> "$log_file" | |
| } | |
| # Collect system information | |
| run_command "uname -a" "$support_dir/system_info.txt" | |
| run_command "df -h" "$support_dir/disk_space.txt" | |
| run_command "free -h" "$support_dir/mem_usage.txt" | |
| run_command "top -b -n 1" "$support_dir/cpu_usage.txt" | |
| run_command "mount" "$support_dir/mount.txt" | |
| # Get the system ulimits | |
| run_command "ulimit -a" "$support_dir/ulimit.txt" | |
| # Checks if SELinux is configured | |
| run_command "ls -l /etc/selinux/config" "$support_dir/SELinux.txt" | |
| # Prints the SELinux status | |
| run_command "sestatus" "$support_dir/SELinux_status.txt" | |
| # Get the current kernel config | |
| run_command "cat /boot/config-$(uname -r)" "$support_dir/kernel_config.txt" | |
| # Collect I/O usage using iostat (alternative to iotop) | |
| run_command "iostat -d 1 2" "$support_dir/io_usage.txt" | |
| run_command "df -Th $sensor_dir" "$support_dir/filesystem_type.txt" | |
| run_command "ps aux" "$support_dir/process_list.txt" | |
| # Collect Wiz related processes | |
| run_command "ps awx | grep wiz" "$support_dir/wiz_processes.txt" | |
| # Collect systemd information | |
| run_command "systemctl --version" "$support_dir/systemd_version.txt" | |
| run_command "systemctl show wiz-sensor" "$support_dir/systemd_config.txt" | |
| run_command "systemctl show wiz-disk-scanner" "$support_dir/wiz_disk_scanner_systemd_config.txt" | |
| run_command "systemctl status wiz-sensor" "$support_dir/systemd_status.txt" | |
| run_command "systemctl status wiz-disk-scanner" "$support_dir/wiz_disk_scanner_systemd_status.txt" | |
| run_command "journalctl -u wiz-sensor" "$support_dir/systemd_log.txt" | |
| run_command "journalctl -u wiz-disk-scanner" "$support_dir/wiz_disk_scanner_systemd_log.txt" | |
| # Collect docker information | |
| run_command "docker version" "$support_dir/docker_version.txt" | |
| run_command "docker info" "$support_dir/docker_info.txt" | |
| # Collect oci hook information | |
| run_command "find /usr/share/containers/oci/hooks.d" "$support_dir/oci.txt" | |
| run_command "find /etc/containers/oci/hooks.d" "$support_dir/oci.txt" | |
| run_command "find /usr/libexec/oci/hooks.d" "$support_dir/oci.txt" | |
| # Collect dmesg output | |
| run_command "dmesg" "$support_dir/dmesg.txt" | |
| # Retrieve BIOS version | |
| run_command "cat /sys/class/dmi/id/bios_version" "$support_dir/bios_version.txt" | |
| # List the contents of the sensor directory | |
| run_command "ls -l $sensor_dir/" "$support_dir/sensor_dir.txt" | |
| #Get some OS files | |
| run_command "cat /proc/version_signature" "$support_dir/version_signature.txt" | |
| run_command "cat /proc/sys/kernel/osrelease" "$support_dir/osrelease.txt" | |
| run_command "cat /proc/version" "$support_dir/proc_version.txt" | |
| run_command "cat /proc/cpuinfo" "$support_dir/proc_cpuinfo.txt" | |
| run_command "cat /proc/meminfo" "$support_dir/proc_meminfo.txt" | |
| run_command "cat /etc/os-release" "$support_dir/etc_osrelease.txt" | |
| # Get container infra logs | |
| run_command "journalctl -u containerd --since '1 days ago'" "$support_dir/containerd_log.txt" | |
| run_command "journalctl -u docker.service --since '1 days ago'" "$support_dir/dockerd_log.txt" | |
| # get our cgroup hierarchy | |
| run_command "find /sys/fs/cgroup -type f -exec echo {} \; -exec cat {} \;" "$support_dir/cgroup.txt" | |
| # get kernel config | |
| run_command "zcat /proc/config.gz" "$support_dir/proc_config_gz.txt" | |
| run_command "cat /boot/config" "$support_dir/boot_config.txt" | |
| run_command "cat /boot/config-$(uname -r)" "$support_dir/boot_config_uname.txt" | |
| # See if IMDS is enabled | |
| run_command "curl -s http://169.254.169.254/" "$support_dir/imds.txt" | |
| # Run some sensor CLI commands | |
| # First check if Sensor is running as a docker container or just natively | |
| DOCKER_CONTAINER_COUNT=$(docker ps --format "{{.Names}}" -f name=wiz-sensor | wc -l) | |
| # Check if the sensor is installed and running as a Docker container | |
| if [ $DOCKER_CONTAINER_COUNT -ge 1 ]; then | |
| # If it's a container, run sensor CLI using docker exec | |
| echo "Sensor is running as a Docker container" | |
| run_command "docker logs wiz-sensor" "$support_dir/docker_logs.txt" | |
| run_command "docker logs wiz-disk-scanner" "$support_dir/wiz_disk_scanner_docker_logs.txt" | |
| run_command "docker exec wiz-sensor /usr/src/app/wiz-sensor version" "$support_dir/sensor_version.txt" | |
| run_command "docker exec wiz-sensor /usr/src/app/wiz-sensor get-statistics" "$support_dir/sensor_statistics.txt" | |
| run_command "docker exec wiz-sensor /usr/src/app/wiz-sensor actors" "$support_dir/sensor_actors.txt" | |
| run_command "docker exec wiz-sensor /usr/src/app/wiz-sensor containers" "$support_dir/sensor_containers.txt" | |
| else | |
| # If not a container, run some sensor CLI commands | |
| echo "Sensor is running natively (not as a Docker)" | |
| run_command "$sensor_dir/sensor_init sensor_cli version" "$support_dir/sensor_version.txt" | |
| run_command "$sensor_dir/sensor_init sensor_cli get-statistics" "$support_dir/sensor_statistics.txt" | |
| run_command "$sensor_dir/sensor_init sensor_cli actors" "$support_dir/sensor_actors.txt" | |
| run_command "$sensor_dir/sensor_init sensor_cli containers" "$support_dir/sensor_containers.txt" | |
| fi | |
| # Copy the entire contents of the sensor directory to the support package | |
| cp -r "$wiz_dir" "$support_dir" | |
| # Archive the support package | |
| tar -czvf "./support_package_linux.tar.gz" -C "$(dirname $support_dir)" "$(basename $support_dir)" > /dev/null 2>&1 | |
| # Remove the support directory | |
| rm -r "$support_dir" | |
| echo "Support package created at ./support_package_linux.tar.gz" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment