JWK - Jackall's IT Wiki

Sécurité, Système, Réseau

Outils pour utilisateurs

Outils du site


checkpoint_log_export

Backing up Checkpoint Log to a remote FTP Server

Here is a “quick & dirty” script to export Checkpoint Firewall Log (R65 in this case) to a remote FTP server.

It was written to export last months's log files using perl and SSH::Expect

Code

#!/usr/bin/perl
#####################################################
##                                                  #
##       Script de sauvegarde des logs FW           #
#####################################################
#
use strict;
use Net::SSH::Expect ;
 
 
##################################################################
#						   
#Fonction logDate=> renvoi la date  a utiliser pour le fichier de log.
#
##################################################################
 
sub logDate {
	my $sec,my $min,my $hour,my $mday,my $mon,my $year,my $wday,my $yday,my $isdst, my $return;
	($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) =localtime();
#override  year qui represente l anne courante -1900
 	$year+=1900;
 
#override  mon qui represente le mois courant -1 sur 1 chiffre si <10 
 $mon=sprintf("%02d",$mon + 1);
 
	my $date = " ${year}-${mon}";
 
	if ( $mon == 01 ){
 
#		print  " On est au mois de janvier on recue d'un mois\n";
		$mon=12;
		--$year;
	}
 
 
	else {
		--$mon;
	}
 
#	print " ${year}-${mon}- \n";
 
	$return="${year}-${mon}";	
 
return $return;
}# logDate
 
 
my $dateToBackUp=logDate();
my $LOGPATH="/usr/CPsuite-R65/fw1/log";
 
 
my $LOGFILE="${dateToBackUp}.gz";
print $LOGPATH."\n" . "logfile ${LOGFILE} \n" ;
 
 
my $BACKUP_CMD= "/var/tmp/${LOGFILE} ${LOGPATH}/${dateToBackUp}-*";
my $LOCALFILE=shift(@_);
#my $FTP_LOGIN="ftp-noc";
#my $FTP_PASS="56789";
#my $FTP_PATH="/mnt/iscsi0/Network_Files/FireWall";
#my $FTP_HOST="master.install.domain.net";
my $SSH_WELCOME_SENTENCE="Last login:";
my $SSH_EXPERT_PASS="QSDFG";
# tar path on remote server;
my $TAR_PATH="";
 
 
#my $SSH_LOGIN="root";
#my $SSH_PASS="12345";
#my $SSH_PATH="/tmp";
#my $SSH_HOST="localhost";
 
 
my $SSH_LOGIN="admin";
my $SSH_PASS="azerty";
my $SSH_PATH="/tmp";
my $SSH_HOST="13.2X.1XX.6X";
 
my $stdout, my $stderr, my $exit;
 
 
# Init SSH Objects
my $ssh=Net::SSH::Expect->new(host=>${SSH_HOST},
				password=>$SSH_PASS,
				user=>$SSH_LOGIN,
				raw_pty=>1);
#logging in
#
$stdout=$ssh->login();
 
	if ($stdout !~ /${SSH_WELCOME_SENTENCE}/){
		die "NOT LOGIN \n";
	}
 
# logging in expert mode
#
$ssh->send("expert");
 
if ( $ssh->waitfor('^Enter expert password:',2) ){
	$ssh->send($SSH_EXPERT_PASS);
	$ssh->waitfor('.*are in expert.*',2) or die "NOT LOGGED IN \n" ;
	print "logged was ok \n";
	$ssh->send('cd /var/tmp');
	$ssh->send('pwd');
	$ssh->waitfor('^/var/tmp',2) or die ("Not in the good directory \n");
 
# finding tar 
	$ssh->send("which tar");
	my $line;
	while (defined ($line=$ssh->read_line() ) ){
		#print "line : ".$line . "\n";
		chomp($line);
		$TAR_PATH=$line;
	}
		if ($TAR_PATH !~ /^\/.*\/tar/ ){
			die "TAR command not found\n";
		}
		#chomp($TAR_PATH);
		print "tar_path **${TAR_PATH}**\n";
		print "backup_cmd:  **${BACKUP_CMD}**\n";
		print "##################\n";
		print "next cmd: " .'my $toto = "$TAR_PATH"."-cvzf"." ${BACKUP_CMD}  "'."\n";
		my $toto = "$TAR_PATH"."-cvzf"." ${BACKUP_CMD}  ";
		print "toto : $toto\n";
 
		print "##################\n";
		print "next command :" .'$toto = "$TAR_PATH -cvzf  ${BACKUP_CMD}  "'."\n";
		$toto = "$TAR_PATH -cvzf  ${BACKUP_CMD}  ";
		print "toto : $toto\n";
 
		print "##################\n";
 
		print 'next cmd : $toto = "-cvzf  ${BACKUP_CMD}  $TAR_PATH "'."\n";
		$toto = "-cvzf  ${BACKUP_CMD}  ${TAR_PATH} ";
		print "toto : $toto \n";
		print "##################\n";
 
		print "Affichage de verifiaction \n ";
		print "tar_path : ** ${TAR_PATH} ** \n";
		print "backup_cmd:  ** ${BACKUP_CMD} ** \n";
 
 
 
 
 
}
 
$ssh->close();

search?q=perl%20checkpoint%20Script%20EN&amp;btnI=lucky

checkpoint_log_export.txt · Dernière modification: 2018/02/18 16:01 (modification externe)