Open Source Technology

Open Source Technology

In production and development, open source as a development model promotes a universal access via a free license to a product\\\\\\\\\\\\\\\'s design or blueprint, and universal redistribution of that design or blueprint, including subsequent improvements to it by anyone. Before the phrase open source became widely adopted, developers and producers used a variety of other terms More »

Rundeck, the human interface to your operations

Rundeck, the human interface to your operations

Rundeck is open source software that helps you automate routine operational procedures in data center or cloud environments. Rundeck provides a number of features that will alleviate time-consuming grunt work and make it easy for you to scale up your automation efforts and create self service for others. Teams can collaborate to share how processes are automated while others are given trust to view operational activity or execute tasks. Rundeck allows you to run tasks on any number of nodes from a web-based or command-line interface. Rundeck also includes other features that make it easy to scale up your automation efforts including: access control, workflow building, scheduling, logging, and integration with external sources for node and option data. More »

Network Monitoring

Network Monitoring

Today it is hard to image a successful company from any industry not relying on sophisticated technology and information systems. Zabbix helps these organizations to keep their IT performance at maximum by providing solutions that work for them. More »

 

Zabbix Monitoring Meltdown and Spectre Vulnerability

How to monitor if your linux systems are vulnerable to Meltdown and Spectre

 

Template:

https://github.com/diegoluisi/Zabbix/blob/master/25%20-%20Template%20OS%20Linux%20Security.xml

 

Item:

 

Trigger:

 

Last Data:

How to scan your network to detect ms2017-010

Install NMAP

rpm -Uvh https://nmap.org/dist/nmap-7.40-1.x86_64.rpm

Download the NMAP script to check vulnerability.

https://github.com/cldrn/nmap-nse-scripts/blob/master/scripts/smb-vuln-ms17-010.nse

Run NMAP

nmap -sC -p445 --open --script smb-vuln-ms17-010.nse XXX.XXX.XXX.XXX/24 >> ms17-010-result.txt

Rundeck – How to add Windows node

Rundeck is open source software that helps you automate routine operational procedures in data center or cloud environments. Rundeck provides a number of features that will alleviate time-consuming grunt work and make it easy for you to scale up your automation efforts and create self service for others. Teams can collaborate to share how processes are automated while others are given trust to view operational activity or execute tasks.

Rundeck allows you to run tasks on any number of nodes from a web-based or command-line interface. Rundeck also includes other features that make it easy to scale up your automation efforts including: access control, workflow building, scheduling, logging, and integration with external sources for node and option data.

A Node is a resource that is either a physical or virtual instance of a network accessible host. Nodes have a few basic attributes but a Node’s attributes can be extended to include arbitrary named key/value pairs. Attributes typically describe the properties of a node or reflect the state of the node. One of a Node’s built in attributes is called “tags” which is a list of classifications or categories about that Node.

Rundeck WinRM Plugin

This is a Rundeck Node Execution plugin that uses WinRM to connect to Windows and execute commands. It uses the OverThere Library to provide the WinRM implementation, and uses Basic authentication over HTTPS.

Compatible with Rundeck 2.3.x+

$RDECK_BASE = /etc/rundeck/

1. Install WinRM plugin


cd /etc/rundeck/libext/
wget https://github.com/rundeck-plugins/rundeck-winrm-plugin/releases/download/v1.3.1/rundeck-winrm-plugin-1.3.1.jar
/etc/init.d/rundeckd restart

2. Create Key

Rundeck - WinRM Key

Rundeck – WinRM Key

Rundeck - WinRM Key

Rundeck – WinRM Key

3. Create new project

Rundeck

Rundeck

4. Add source

resourcexml

resourcexml

5. WinRm Preferences

WinRM

WinRM

6. Select your password Key

Rundeck - WinRM Key

Rundeck – WinRM Key

7. Add a Windows Node

vim /etc/rundeck/projects/TESTE2/etc/resources.xml

 

8. Configure Windows to enable WinRM connections.

Run cmd as administrator

winrm qc
winrm set winrm/config/client/auth @{Basic="true"}
winrm set winrm/config/service/auth @{Basic="true"}
winrm set winrm/config/service @{AllowUnencrypted="true"}

9. Run a command on remote host

Rundeck - WinRm Command

Rundeck – WinRm Command

10. Succeeded!

Rundeck - WinRM Succeeded

Rundeck – WinRM Succeeded

Rundeck notification from email

This document describes how to configure Rundeck for email support. Email settings are located in the rundeck-config.properties file. Depending on the installer used, the configuration files will be under a base directory:

vim /opt/rundeck/server/config/rundeck-config.properties

#notification email
grails.mail.host=mail.diegoluisi.eti.br
grails.mail.port=25
grails.mail.default.from=rundeck@diegoluisi.eti.br
grails.mail.username=alertas@diegoluisi.eti.br
grails.mail.password=Passw0rd

Rundeck – Shell Script Backup Sonicwall

How to create a Rundeck Job to Backup Sonicwall over FTP.

#!/bin/bash
# set variables for easy changes
user=admin
password="SW_PASSWORD"
name=$1
host=$2

# load from bash
/usr/bin/expect <”
send “export preferences ftp ftp.diegoluisi.eti.br dluisi “FTP_PASSWORD” $name-$(date +%Y-%m-%d).expn”
expect -re “.*NSA 3500>”
send “exitn”
EOF

Captura de Tela 2015-06-11 às 15.24.22

Rundeck add Node Linux

A Node is a resource that is either a physical or virtual instance of a network accessible host. Nodes have a few basic attributes but a Node’s attributes can be extended to include arbitrary named key/value pairs. Attributes typically describe the properties of a node or reflect the state of the node. One of a Node’s built in attributes is called “tags” which is a list of classifications or categories about that Node.

Captura de Tela 2015-06-11 às 14.14.49
1. Create a ssh key and copy to your node

ssh-keygen -t rsa
ssh root@192.168.10.X mkdir -p .ssh
cat .ssh/id_rsa.pub | ssh root@192.168.10.X 'cat >> .ssh/authorized_keys

2. Edit the resources.xml to add new nodes.
vim /opt/rundeck/projects/Project01/etc/resources.xml

3. Add this line:

Captura de Tela 2015-06-11 às 15.04.10

4. Run a command:
Captura de Tela 2015-06-11 às 15.06.19

Success!

How to Install RunDeck on RHEL

Rundeck is open source software that helps you automate routine operational procedures in data center or cloud environments. Rundeck provides a number of features that will alleviate time-consuming grunt work and make it easy for you to scale up your automation efforts and create self service for others. Teams can collaborate to share how processes are automated while others are given trust to view operational activity or execute tasks.

Rundeck allows you to run tasks on any number of nodes from a web-based or command-line interface. Rundeck also includes other features that make it easy to scale up your automation efforts including: access control, workflow building, scheduling, logging, and integration with external sources for node and option data.

Already itching to install it? Jump ahead to Installing Rundeck.

http://rundeck.org/docs/manual/introduction.html

1. Install Java
yum install java-1.8.0-openjdk java-1.8.0-openjdk-devel -y
java -version

2. Download and configure Rundeck
cd /tmp
wget http://dl.bintray.com/rundeck/rundeck-maven/rundeck-launcher-2.5.1.jar
export RDECK_BASE=/etc/rundeck/
mkdir $RDECK_BASE
mv rundeck-launcher-2.5.1.jar /etc/rundeck/
cd $RDECK_BASE
ln -s /etc/rundeck/server/sbin/rundeckd /etc/init.d/
/etc/init.d/rundeckd start
echo "export RDECK_BASE=/etc/rundeck/" >> /etc/profile

3. Change your password
vim /etc/rundeck/server/config/realm.properties
admin:Your_Pa$$w0rd,user,admin

4. If after your login you redirect to localhost edit this file
vim /etc/rundeck/etc/framework.properties
framework.server.url = http://yourservername:4440

5. Add Iptables Rules
vim /etc/sysconfig/iptables
-A INPUT -p tcp --dport 4440 -j ACCEPT
/etc/init.d/iptables restart

Zimbra MailBox usage Report

Hello, in today’s article I will demonstrate how to create a script that sends reports of mailbox use by domain, this is very useful for SysAdmin.

mkdir -p /etc/zimbra/scripts/
cd /etc/zimbra/scripts/
vi accountusage.sh

#!/bin/bash
output="/tmp/accountusage"
domain=$1
SendTo="dluisi@diegoluisi.eti.br; admin@diegoluisi.eti.br"
rm -f $output
touch $output
echo "Subject: Mailbox Usages for $domain" > $output
server=`/opt/zimbra/bin/zmhostname`
/opt/zimbra/bin/zmprov gqu $server|grep $domain|awk {'print $1" "$3" "$2'}|sort|while read line
do
usage=`echo $line|cut -f2 -d " "`
quota=`echo $line|cut -f3 -d " "`
user=`echo $line|cut -f1 -d " "`
status=`/opt/zimbra/bin/zmprov ga $user | grep  ^zimbraAccountStatus | cut -f2 -d " "`
echo "$user `expr $usage / 1024 / 1024`Mb `expr $quota / 1024 / 1024`Mb ($status account)" >> $output
done
cat $output | /opt/zimbra/postfix/sbin/sendmail $SendTo -s "Mailbox Usages for domain"

./accountusage.sh "diegoluisi.eti.br"

Expect Script to install the Zabbix-Agent on all Linux Servers

Zabbix is the ultimate enterprise-level software designed for real-time monitoring of millions of metrics collected from tens of thousands of servers, virtual machines and network devices.
Zabbix is Open Source and comes at no cost.

Expect has regular expression pattern matching and general program capabilities, allowing simple scripts to intelligently control programs such as telnet, ftp, and ssh, all of which lack a programming language, macros, or any other program mechanism.

In this article I will demonstrate how to create a expect script to automate zabbix-agent install in all servers at once.

Install expect

# yum install expect expectk

Create dir

# mkdir -p /opt/adm

#

cd /opt/adm

Create a list of your hosts to install

# vi hosts.txt

192.168.0.1
192.168.0.2
192.168.0.3

Create the expect Script

If you want to test in 1 host uncomment the line #set host 192.168.0.1 and comment set host [lindex $argv 0]

# vi zabbix_install.expect

#!/usr/bin/expect

set timeout 5
set user “root”
#set host 192.168.0.1
set host [lindex $argv 0]
set pass “Your_Password”
log_file resultado.log

spawn ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no “${user}@${host}”
expect “assword”
send “$passr”
expect “${user}@”
send “whoamir”

#Customizing

send "rpm -ivh http://repo.zabbix.com/zabbix/2.2/rhel/6/x86_64/zabbix-release-2.2-1.el6.noarch.rpm r"
send "yum install zabbix zabbix-agent -y r"
send "mv /etc/zabbix/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.conf_original r"
send "echo Hostname=$(hostname) > /etc/zabbix/zabbix_agentd.confr"
send "echo Server=monitoramento.diegoluisi.eti.br >> /etc/zabbix/zabbix_agentd.confr"
send "echo ServerActive=monitoramento.diegoluisi.eti.br >> /etc/zabbix/zabbix_agentd.confr"
send "echo EnableRemoteCommands=1 >> /etc/zabbix/zabbix_agentd.confr"
send "echo Timeout=30 >> /etc/zabbix/zabbix_agentd.confr"
send "echo LogFileSize=0 >> /etc/zabbix/zabbix_agentd.confr"
send "echo LogFile=/var/log/zabbix/zabbix_agentd.log >> /etc/zabbix/zabbix_agentd.confr"
send "echo PidFile=/var/run/zabbix/zabbix_agentd.pid >> /etc/zabbix/zabbix_agentd.confr"
send "echo '############# www.diegoluisi.eti.br #############' >> /etc/zabbix/zabbix_agentd.confr"
send "iptables -A INPUT -p tcp -m tcp --dport 10050 -j ACCEPT r"
send "iptables-save"
send "/etc/init.d/iptables restart"
send "chkconfig zabbix-agent on r"
send "/etc/init.d/zabbix-agent restart r"
send "exitr"
send "exitr"
interact

Execute in all hosts of your list

for i in $(cat hosts.txt);do ./zabbix_install.expect $i;done

Captura de Tela 2015-05-22 às 13.53.30

Dell Equallogic Storage monitoring using Zabbix with LLD

Dell Equallogic Storage monitoring using Zabbix with LLD

Hello, my name is Diego Luisi and in today’s post I will demonstrate how to monitor DELL Equallogic Storage using Zabbix.

First we download the necessary files to the procedure (scrpt and template)

http://www.4shared.com/rar/_rAmPXMpba/DELL_EQUALOGIC.html

I made some improvements in the standard template, such as applications, graphics, etc.

Copy the file to the discover_eqlvolumes.pl externascripts folder of your server zabbix, if you do not know the directory use the following command:

# Cat /etc/zabbix/zabbix_server.c