#!/bin/sh

source /var/awp/etc/config
TMPFILE1=`/bin/mktemp -p /var/awp/data awpcronlog.XXXXXXXXXX` || exit 1
DATE=$(date)


#services running
#/var/ossec/bin/ossec-authd -f -p 1515 -a
echo > $TMPFILE1
echo "AEO Health Report: $DATE" >> $TMPFILE1
echo >> $TMPFILE1

echo "Services Check:" >> $TMPFILE1
if [[ "$CLUSTER_TYPE" == "worker"  ]]; then
	echo -n "	Agent registration service (authd): " >> $TMPFILE1
	echo "Not used on worker cluster node"
else
	echo -n "	Agent registration service (authd): " >> $TMPFILE1
	if ps ax |grep -q ossec-authd ; then
		echo "Online" >> $TMPFILE1
	else
		echo "Offline" >> $TMPFILE1
	fi

fi
#/var/ossec/bin/ossec-modulesd -f
echo -n "	Vulnerability Analysis (modulesd): " >> $TMPFILE1
if ps ax |grep -q ossec-modulesd ; then
	echo "Online" >> $TMPFILE1
else
	echo "Offline" >> $TMPFILE1
fi

#/var/ossec/bin/ossec-maild -f
if [[ "$OSSEC_NOTIFY" == "yes" ]]; then
	echo -n "	Alerts via Email (maild): " >> $TMPFILE1
	if ps ax |grep -q ossec-maild ; then
		echo "Online" >> $TMPFILE1
	else
		echo "Offline" >> $TMPFILE1
	fi
else
	echo -n "	Alerts via Email (maild): " >> $TMPFILE1
	echo "Disabled by user" >> $TMPFILE1
	
fi
#/var/ossec/bin/ossec-db -f
echo -n "	Agent tracking database (db): " >> $TMPFILE1
if ps ax |grep -q ossec-db ; then
        echo "Online" >> $TMPFILE1
else
        echo "Offline" >> $TMPFILE1
fi
#/var/ossec/bin/ossec-execd -f
echo -n "	Active Reponse (execd): " >> $TMPFILE1
if [[ "$OSSEC_ACTIVE_RESPONSE" == "no" ]]; then
	echo "Disabled by user"

else
	if ps ax |grep -q ossec-execd ; then
		echo "Online" >> $TMPFILE1
	else
		echo "Offline" >> $TMPFILE1
	fi
fi
#/var/ossec/bin/ossec-analysisd -f
echo -n "	IDS Engine (analysisd): " >> $TMPFILE1
if ps ax |grep -q ossec-analysisd ; then
        echo "Online" >> $TMPFILE1
else
        echo "Offline" >> $TMPFILE1
fi
#/var/ossec/bin/ossec-logcollector -f
echo -n "	Log Collection (logcollector): " >> $TMPFILE1
if ps ax |grep -q ossec-logcollector ; then
        echo "Online" >> $TMPFILE1
else
        echo "Offline" >> $TMPFILE1
fi

#/var/ossec/bin/ossec-syscheckd -f
echo -n "	FIM/Compliance scanner (syscheckd): " >> $TMPFILE1
if ps ax |grep -q ossec-syscheckd ; then
        echo "Online" >> $TMPFILE1
else
        echo "Offline" >> $TMPFILE1
fi

#/var/ossec/bin/ossec-monitord -f
echo -n "	Service Maintenance, Key Cleanup, and Logrotation (monitord): " >> $TMPFILE1
if ps ax |grep -q ossec-monitord ; then
        echo "Online" >> $TMPFILE1
else
        echo "Offline" >> $TMPFILE1
fi

#/var/ossec/bin/ossec-remoted -f
echo -n "	Remote Agent data receiver (remoted 1514/UDP): " >> $TMPFILE1
if netstat -pan |grep -q  "0.0.0.0:1514"; then
        echo "Online" >> $TMPFILE1
else
        echo "Offline" >> $TMPFILE1
fi

echo -n "	Remote Agentless data receiver (remoted 514/UDP): " >> $TMPFILE1
if grep -q  "port\": \"514\"," /var/awp/etc/rules.json ; then
	if netstat -pan |grep -q  "0.0.0.0:514"; then
		echo "Online" >> $TMPFILE1
	else
		echo "Offline" >> $TMPFILE1
	fi
else
	echo "Disabled by user" >> $TMPFILE1
fi

echo >> $TMPFILE1
echo >> $TMPFILE1
echo "Disk utilization" >> $TMPFILE1
USED1=$(df -m /var | awk '/\// {print $3}')
TOTAL1=$(df -m /var | awk '/\// {print $2}')
FREE1=$(df -m /var | awk '/\// {print $4}')

USED=$(($USED1 / 1024))
TOTAL=$(($TOTAL1 / 1024))
FREE=$(($FREE1 / 1024))

echo "	Free: $FREE GB of $TOTAL GB. Used: $USED GB" >> $TMPFILE1
if [ -f /var/awp/data/last-disk-check ]; then
	PREVIOUS=$(cat /var/awp/data/last-disk-check)
        INCREASE=$(echo ${USED} - ${PREVIOUS} | bc -l)
	echo "	Disk usage has increased by: ${INCREASE}G in 24 hours" >> $TMPFILE1
fi

# Track usage
echo $USED > /var/awp/data/last-disk-check

echo >> $TMPFILE1
echo Agent Status >> $TMPFILE1

TOTAL_REGISTERED=$(/var/ossec/bin/agent_control -l -s |grep , |wc -l)
TOTAL_ONLINE=$(/var/ossec/bin/agent_control -lc -s |grep , |wc -l)
TOTAL_DISCONNECTED=$(/var/ossec/bin/agent_control -l -s |grep Disconnected |wc -l)
TOTAL_CONNECTED=$(/var/ossec/bin/agent_control -l -s |grep Active |wc -l)
TOTAL_NEVER_CONNECTED=$(/var/ossec/bin/agent_control -l -s |grep Never |wc -l)
TOTAL_PENDING=$(/var/ossec/bin/agent_control -l -s |grep Pending |wc -l)

echo "	Total Online: $TOTAL_ONLINE" >> $TMPFILE1
echo "	Total Registered: $TOTAL_REGISTERED" >> $TMPFILE1
if [ -f /var/awp/data/agents-registered ]; then
	PREVIOUS_TOTAL=$(cat /var/awp/data/agents-registered)
	TOTAL_ADDED=$(($TOTAL_REGISTERED - $PREVIOUS_TOTAL))
	echo "	New Agents added in the last 24 hours: $TOTAL_ADDED" >> $TMPFILE1
fi
echo $TOTAL_REGISTERED > /var/awp/data/agents-registered
echo "	Total Disconnected: $TOTAL_DISCONNECTED" >> $TMPFILE1
echo "	Total Never Connected: $TOTAL_NEVER_CONNECTED" >> $TMPFILE1
#echo "	Total Pending: $TOTAL_PENDING"

#service crashses, dramatically changed (100 to 1000) immediately

echo >> $TMPFILE1
echo "END Daily Health Report" >> $TMPFILE1

cat $TMPFILE1 | /bin/mail -s "AWP Health Check run on $(hostname)"  $EMAIL

rm -f $TMPFILE1
rm -f /var/awp/data/awpcronlog* >/dev/null 2>&1

