sostat: avoid displaying "ELSA Log Node SSH Tunnels:" if there are no SSH tunnels #515

Closed
GoogleCodeExporter opened this Issue Mar 24, 2015 · 2 comments

Comments

Projects
None yet
1 participant
sostat: avoid displaying "ELSA Log Node SSH Tunnels:" if there are no SSH 
tunnels

Original issue reported on code.google.com by doug.bu...@gmail.com on 22 Mar 2014 at 11:07

                if grep "http://127.0.0.1:50" /etc/elsa_web.conf >/dev/null 2>&1; then
                        echo "ELSA Log Node SSH Tunnels:"
                        (echo "PORT NODE IP/STATUS"
                        grep "http://127.0.0.1:50" /etc/elsa_web.conf | awk '{print $2}' | cut -d\/ -f3 | sort | while read PORT; do
                                NAME=$(grep -B1 $PORT /etc/elsa_web.conf | head -1 | cut -d\" -f2)
                                PORT_ONLY=$(echo $PORT | cut -d\: -f2)
                                if lsof -nP -i |grep "$PORT (LISTEN)" >/dev/null 2>&1; then
                                        lsof -nP -i |grep "$PORT (LISTEN)" | awk '{print $9,$2}' | while read PORT PID; do
                                                IP=`lsof -nP -i |grep "^sshd" | awk '{print $2,$9}' |grep "^$PID" |grep ":22" |awk '{print $2}' |cut -d\> -f2 | cut -d\: -f1`
                                                echo "$PORT_ONLY $NAME $IP"
                                        done
                                else 
                                        echo "$PORT_ONLY $NAME DISCONNECTED";
                                fi
                        done) | column -t
                fi

Original comment by doug.bu...@gmail.com on 25 Apr 2014 at 11:49

  • Added labels: ****
  • Removed labels: ****
Tested:
https://groups.google.com/d/topic/security-onion-testing/bYFnVxQNKDc/discussion

Published:
http://blog.securityonion.net/2014/04/new-securityonion-sostat-package.html

Original comment by doug.bu...@gmail.com on 29 Apr 2014 at 11:09

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment