scripts/get_resources.sh at master · id774/scripts · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
#!/bin/sh

########################################################################
# get_resources.sh: System Resources Information Gathering Script
#
#  Description:
#  This script gathers and displays various system resources and logs.
#  It adapts to the running environment (Linux or macOS) and uses
#  alternative commands or options when necessary.
#
#  Author: id774 (More info: http://id774.net)
#  Source Code: https://github.com/id774/scripts
#  License: The GPL version 3, or LGPL version 3 (Dual License).
#  Contact: idnanashi@gmail.com
#
#  Usage:
#      ./get_resources.sh
#
#  Outputs:
#      - System information
#      - Distribution version details (including Debian minor version when available)
#      - CPU, memory, disk, and process information
#      - Concise power and thermal summary
#      - Network and time synchronization information
#      - Concise DNS summary
#      - Security-related logs and fail2ban status
#
#  Version History:
#  v2.4 2026-03-28
#       Add Debian version reporting from /etc/debian_version.
#  v2.3 2026-03-22
#       Add concise DNS and ACPI summaries.
#  v2.2 2025-12-22
#       Show only top RSS processes in ps output.
#  v2.1 2025-10-02
#       Stop monitoring fail2ban.log in this script as log handling is now managed separately.
#       Replace /proc/cpuinfo dump with concise CPU core count display.
#  v2.0 2025-08-07
#       Slim down redundant outputs and harden uname, grep, fail2ban, lsb_release, ip, and lsof handling.
#  v1.9 2025-08-04
#       Add pattern argument validation in display_log to prevent empty grep results.
#       Remove ad-hoc netstat grep section and consolidate all netstat calls under execute_command.
#  v1.8 2025-06-23
#       Unified usage output to display full script header and support common help/version options.
#  v1.7 2025-05-20
#       Suppress munin and git entries in auth.log using extended regex.
#  v1.6 2025-05-07
#       Enhance display_log function to support optional exclusion pattern as third argument.
#  v1.5 2025-04-13
#       Unify log level formatting using [INFO], [WARN], and [ERROR] tags.
#  v1.4 2025-03-22
#       Unify usage information by extracting help text from header comments.
#  v1.3 2025-03-17
#       Encapsulated all logic in functions and introduced main function.
#       Make POSIX compliant by removing 'local' variables.
#  v1.2 2024-12-04
#       Added error handling for command execution to display error messages when commands fail.
#       Added fail2ban status checks for non-Darwin environments.
#  v1.1 2023-12-05
#       Refactored for macOS compatibility and command availability checks.
#  v1.0 2008-08-22
#       Initial release. Gathers system resources and log information.
#
########################################################################

OS_NAME=$(uname)

# Display full script header information extracted from the top comment block
usage() {
    awk '
        BEGIN { in_header = 0 }
        /^#{10,}$/ { if (!in_header) { in_header = 1; next } else exit }
        in_header && /^# ?/ { print substr($0, 3) }
    ' "$0"
    exit 0
}

# Check if a command exists
command_exists() {
    command -v "$1" >/dev/null 2>&1
}

# Display a command's output if the command exists
execute_command() {
    if command_exists "$1"; then
        # Log command as a single line for readability ("$*" is for display only).
        # Execute with "$@" to preserve argument boundaries.
        echo "[INFO] $*"
        "$@" || echo "[ERROR] Executing: $*"
        echo
    fi
}

# Display specific log file contents if the file exists
display_log() {
    if [ -f "$1" ]; then
        if [ -z "$2" ]; then
            echo "[WARN] Skipping $1 because no pattern was provided." >&2
            return
        fi
        echo "[INFO] Contents of $1 with pattern '$2'"
        if [ -z "$3" ]; then
            grep -E "$2" "$1"
        else
            grep -E "$2" "$1" | grep -Ev "$3" || true
        fi
        echo
    fi
}

display_dns_summary() {
    echo "[INFO] DNS summary"

    # Handle macOS DNS information
    if [ "$OS_NAME" = "Darwin" ]; then
        # Show primary DNS configuration via system configuration database
        if command_exists scutil; then
            execute_command scutil --dns
        fi

        # Show resolver file as reference (may not reflect actual resolver)
        if [ -e /etc/resolv.conf ]; then
            echo "[INFO] grep -E '^(nameserver|search|domain)[[:space:]]' /etc/resolv.conf"
            grep -E '^(nameserver|search|domain)[[:space:]]' /etc/resolv.conf 2>/dev/null || true
            echo
        fi

        return 0
    fi

    # Handle Linux DNS information
    if command_exists nmcli; then
        echo "[INFO] nmcli -g GENERAL.CONNECTION,IP4.GATEWAY,IP4.DNS,IP6.GATEWAY,IP6.DNS device show"
        nmcli -g GENERAL.CONNECTION,IP4.GATEWAY,IP4.DNS,IP6.GATEWAY,IP6.DNS device show 2>/dev/null | sed '/^$/d'
    fi

    if command_exists resolvectl && resolvectl status >/dev/null 2>&1; then
        execute_command resolvectl dns
        execute_command resolvectl domain
        execute_command resolvectl default-route
    fi

    # Show resolver file for compatibility and fallback inspection
    if [ -e /etc/resolv.conf ]; then
        if command_exists readlink; then
            echo "[INFO] readlink -f /etc/resolv.conf"
            readlink -f /etc/resolv.conf 2>/dev/null
        fi

        echo "[INFO] grep -E '^(nameserver|search|domain)[[:space:]]' /etc/resolv.conf"
        grep -E '^(nameserver|search|domain)[[:space:]]' /etc/resolv.conf 2>/dev/null || true
        echo
    fi
}

# Display concise power and thermal summary available on Linux only
display_power_summary() {
    if command_exists acpi; then
        echo "[INFO] acpi -b -a -t -i"
        acpi -b -a -t -i 2>/dev/null
        echo
    fi
}

# Gather system information
gather_system_info() {
    if [ "$OS_NAME" != "Darwin" ]; then
        if [ "$(id -u)" -eq 0 ]; then
            dmesg | grep "Linux version" || true
        fi
        # Prefer lsb_release output when available
        if command_exists lsb_release; then
            execute_command lsb_release -a
        fi
        # Read directly (local state file) to keep separation from external command execution wrapper
        if [ -f /etc/debian_version ]; then
            echo "[INFO] Retrieving distribution version from /etc/debian_version"
            cat /etc/debian_version
            echo
        fi
    fi
    execute_command uname -a
    execute_command uptime
    execute_command getconf _NPROCESSORS_ONLN
}

# Gather OS-specific information
gather_os_specific_info() {
    if [ "$OS_NAME" = "Darwin" ]; then
        execute_command sysctl -n machdep.cpu.brand_string
        execute_command sysctl vm.swapusage
        execute_command vm_stat
        execute_command df -H
        execute_command top -l 1
        execute_command ps aux
        execute_command ps -axo pid,rss,%mem,etime,comm -r | head -20
        execute_command pmset -g batt
    else
        execute_command sh -c "grep -m1 'model name' /proc/cpuinfo | cut -d: -f2"
        execute_command cat /proc/meminfo
        execute_command vmstat
        execute_command df -P -T
        execute_command top -b -n 1
        execute_command ps aux
        execute_command ps aux --sort=-rss | head -20
        display_power_summary
    fi
}

# Gather network and process information
gather_network_info() {
    if command_exists ip; then
        execute_command ip addr show
    fi
    display_dns_summary
    if command_exists lsof && [ "$(id -u)" -eq 0 ]; then
        execute_command lsof -i
    fi
    execute_command netstat -s
    execute_command netstat -an
    execute_command w
    execute_command ntpq -pn
}

# Check fail2ban status
check_fail2ban_status() {
    if [ "$OS_NAME" != "Darwin" ]; then
        if command_exists fail2ban-client && [ "$(id -u)" -eq 0 ]; then
            if fail2ban-client status | grep -q "sshd"; then
                execute_command fail2ban-client status
                execute_command fail2ban-client status sshd
            fi
        fi
    fi
}

# Gather logs
gather_logs() {
    display_log "/var/log/auth.log" "Accepted" "Accepted publickey for (munin|git)"
    display_log "/var/log/syslog" "attack"
    display_log "/var/log/auth.log" "(Fail|refuse)"
}

# Main entry point of the script
main() {
    case "$1" in
        -h|--help|-v|--version) usage ;;
    esac

    gather_system_info
    gather_os_specific_info
    gather_network_info
    check_fail2ban_status
    gather_logs
    return 0
}

# Execute main function
main "$@"