kimsyversen · February 11, 2024 08:35
diff --git a/db_documents_to_sentinel.sh b/db_documents_to_sentinel.sh
 #!/bin/bash
 # Authors: Martin Eide, Kim Syversen

 ### Requirements
 # Your Dream Machine sends logs to a syslog server
 # https://github.com/unifi-utilities/unifios-utilities/tree/main/on-boot-script-2.x must be installed
 # This script must be stored in /data/on_boot.d/
 # Set chmod +x for this script and run script manually one time to create cron job

 # Credits sed query https://stackoverflow.com/questions/39447749/jq-cannot-parse-mongodb-output-document

 ### How this script works:
 # 1. Get latest document object id for a collection from txt file and fetch all documents with a newer id. If txt file does not exist, get all documents
 # 2. Write last found id to txt file
 # 3. Parse json file, pick keys and send to syslog

 path_to_files="/data/on_boot.d"

 pid_admin_activity="$path_to_files/pid_admin_activity.txt"
 pd_admin_activity="$path_to_files/pd_admin_activity.json"

 pid_alert="$path_to_files/pid_alert.txt"
 pd_alert="$path_to_files/pd_alert.json"

 script_name="db_documents_to_sentinel.sh"

 ###############################
 # Collection admin_acitvity   #
 ###############################

 # Get new documents or get all
 if [ -e "$pid_admin_activity" ]; then
    mongo --port 27117 --quiet --eval 'var pid_admin_activity = cat("/data/on_boot.d/pid_admin_activity.txt").trim(); var binaryObjectId = new ObjectId(pid_admin_activity); var result = db.admin_activity_log.find({ "_id": { $gt: binaryObjectId } }).toArray(); result.forEach(function(doc) { doc.time = new Date(doc.time).toISOString(); }); printjson(result);' ace | sed -e 's/: [a-zA-Z]*(\([^\)]*\))/: \1/g' > $pd_admin_activity
 else
    mongo --port 27117 --quiet --eval 'db.admin_activity_log.find().forEach(function(doc) { doc.time = new Date(doc.time); printjson(doc); });' ace | sed -e 's/: [a-zA-Z]*(\([^\)]*\))/: \1/g' > $pd_admin_activity
 fi

 # Store id of last fetched document
 mongo --port 27117 --quiet  --eval 'var latestRecord = db.admin_activity_log.find().sort({_id: -1}).limit(1).next(); if (latestRecord) { var timestamp = latestRecord._id.valueOf(); print(timestamp); } else { print(""); }' ace > $pid_admin_activity

 # Parse json and send to syslog if not empty
 if [[ -s "$pd_admin_activity" && $(cat "$pd_admin_activity") != "[ ]" ]]; then
    jq -r '.[] | ["\(.key)", "\(.change_key)", "\(.time)", "\(.updates | tostring)"] | map(if . == null then "" else tostring end) | join(",")' "$pd_admin_activity" | xargs -I {} logger -p syslog.info -t "UDMP" {}
 fi

 ###############################
 # Collection alert            #
 ###############################

 # Get new documents or get all
 if [ -e "$pid_alert" ]; then
    mongo --port 27117 --quiet --eval 'var pid_alert = cat("/data/on_boot.d/pid_alert.txt").trim(); var binaryObjectId = new ObjectId(pid_alert); var result = db.alert.find({ "_id": { $gt: binaryObjectId } }).toArray(); result.forEach(function(doc) { doc.time = new Date(doc.time).toISOString(); }); printjson(result);' ace | sed -e 's/: [a-zA-Z]*(\([^\)]*\))/: \1/g' > $pd_alert
 else
    mongo --port 27117 --quiet --eval 'db.alert.find().forEach(function(doc) { doc.time = new Date(doc.time); printjson(doc); });' ace | sed -e 's/: [a-zA-Z]*(\([^\)]*\))/: \1/g' > $pd_alert
 fi

 # Store id of last fetched document
 mongo --port 27117 --quiet  --eval 'var latestRecord = db.alert.find().sort({_id: -1}).limit(1).next(); if (latestRecord) { var timestamp = latestRecord._id.valueOf(); print(timestamp); } else { print(""); }' ace > $pid_alert

 # Parse json and send to syslog if not empty
 if [[ -s "$pd_alert" && $(cat "$pd_alert") != "[ ]" ]]; then
    jq -r '.[] | ["\(.key)", "\(.time)", "\(.parameters.DEVICE.name)", "\(.parameters.VERSION.name)"] | map(if . == null then "" else tostring end) | join(",")' "$pd_alert" | xargs -I {} logger -p syslog.info -t "UDMP" {}
 fi

 # Check if cron job exists, if not, create and restart the cron daemon.
 if ! [ -f "/etc/cron.d/db_documents_to_sentinel" ]; then
    echo "* * * * * root /data/on_boot.d/$script_name" > /etc/cron.d/db_documents_to_sentinel
    logger -t notice "Cron job created by $script_name"
    chmod +x "/data/on_boot.d/$script_name"
    /etc/init.d/cron restart
 fi
	#!/bin/bash
	# Authors: Martin Eide, Kim Syversen

	### Requirements
	# Your Dream Machine sends logs to a syslog server
	# https://github.com/unifi-utilities/unifios-utilities/tree/main/on-boot-script-2.x must be installed
	# This script must be stored in /data/on_boot.d/
	# Set chmod +x for this script and run script manually one time to create cron job

	# Credits sed query https://stackoverflow.com/questions/39447749/jq-cannot-parse-mongodb-output-document

	### How this script works:
	# 1. Get latest document object id for a collection from txt file and fetch all documents with a newer id. If txt file does not exist, get all documents
	# 2. Write last found id to txt file
	# 3. Parse json file, pick keys and send to syslog

	path_to_files="/data/on_boot.d"

	pid_admin_activity="$path_to_files/pid_admin_activity.txt"
	pd_admin_activity="$path_to_files/pd_admin_activity.json"

	pid_alert="$path_to_files/pid_alert.txt"
	pd_alert="$path_to_files/pd_alert.json"

	script_name="db_documents_to_sentinel.sh"

	###############################
	# Collection admin_acitvity #
	###############################

	# Get new documents or get all
	if [ -e "$pid_admin_activity" ]; then
	mongo --port 27117 --quiet --eval 'var pid_admin_activity = cat("/data/on_boot.d/pid_admin_activity.txt").trim(); var binaryObjectId = new ObjectId(pid_admin_activity); var result = db.admin_activity_log.find({ "_id": { $gt: binaryObjectId } }).toArray(); result.forEach(function(doc) { doc.time = new Date(doc.time).toISOString(); }); printjson(result);' ace \| sed -e 's/: [a-zA-Z](\([^\)]\))/: \1/g' > $pd_admin_activity
	else
	mongo --port 27117 --quiet --eval 'db.admin_activity_log.find().forEach(function(doc) { doc.time = new Date(doc.time); printjson(doc); });' ace \| sed -e 's/: [a-zA-Z](\([^\)]\))/: \1/g' > $pd_admin_activity
	fi

	# Store id of last fetched document
	mongo --port 27117 --quiet --eval 'var latestRecord = db.admin_activity_log.find().sort({_id: -1}).limit(1).next(); if (latestRecord) { var timestamp = latestRecord._id.valueOf(); print(timestamp); } else { print(""); }' ace > $pid_admin_activity

	# Parse json and send to syslog if not empty
	if [[ -s "$pd_admin_activity" && $(cat "$pd_admin_activity") != "[ ]" ]]; then
	jq -r '.[] \| ["\(.key)", "\(.change_key)", "\(.time)", "\(.updates \| tostring)"] \| map(if . == null then "" else tostring end) \| join(",")' "$pd_admin_activity" \| xargs -I {} logger -p syslog.info -t "UDMP" {}
	fi

	###############################
	# Collection alert #
	###############################

	# Get new documents or get all
	if [ -e "$pid_alert" ]; then
	mongo --port 27117 --quiet --eval 'var pid_alert = cat("/data/on_boot.d/pid_alert.txt").trim(); var binaryObjectId = new ObjectId(pid_alert); var result = db.alert.find({ "_id": { $gt: binaryObjectId } }).toArray(); result.forEach(function(doc) { doc.time = new Date(doc.time).toISOString(); }); printjson(result);' ace \| sed -e 's/: [a-zA-Z](\([^\)]\))/: \1/g' > $pd_alert
	else
	mongo --port 27117 --quiet --eval 'db.alert.find().forEach(function(doc) { doc.time = new Date(doc.time); printjson(doc); });' ace \| sed -e 's/: [a-zA-Z](\([^\)]\))/: \1/g' > $pd_alert
	fi

	# Store id of last fetched document
	mongo --port 27117 --quiet --eval 'var latestRecord = db.alert.find().sort({_id: -1}).limit(1).next(); if (latestRecord) { var timestamp = latestRecord._id.valueOf(); print(timestamp); } else { print(""); }' ace > $pid_alert

	# Parse json and send to syslog if not empty
	if [[ -s "$pd_alert" && $(cat "$pd_alert") != "[ ]" ]]; then
	jq -r '.[] \| ["\(.key)", "\(.time)", "\(.parameters.DEVICE.name)", "\(.parameters.VERSION.name)"] \| map(if . == null then "" else tostring end) \| join(",")' "$pd_alert" \| xargs -I {} logger -p syslog.info -t "UDMP" {}
	fi

	# Check if cron job exists, if not, create and restart the cron daemon.
	if ! [ -f "/etc/cron.d/db_documents_to_sentinel" ]; then
	echo "* * * * * root /data/on_boot.d/$script_name" > /etc/cron.d/db_documents_to_sentinel
	logger -t notice "Cron job created by $script_name"
	chmod +x "/data/on_boot.d/$script_name"
	/etc/init.d/cron restart
	fi