Shell script which help to create a dynamic json file and run python script based on the arguments
#!/bin/bash
# @author: Keshav Mohta
# file use to pump events using python script; this shell script help to build the required json data
# call as `sh kep_flag.sh -a <appName> -e <event> -t <eventType> -h <hostname>`
# example sh kep_flag.sh -a "Magento" -e "Attack" -t "Buffer Error" -h "20.20.1.47"
# event = Attack | Threat | File|
# appName: Magento | Sap | OpenText | Nginx | Tomcat | Wondercare
# eventType
# Attack : "ReflectiveXSS" | "File Integrity" | "SQLi"| "Spectre" | "DLLi" | "CSRF" | "CMDi" | "Buffer Error"
# Threat: "ReflectiveXSS" | "File Integrity" | "CSRF" |
# content of additional sh file such as m.sh
# #########
#!/bin/bash
# # Magento root ID list
# export APPID=100103
# export AIID=5
# export SID=200203
# export PID=300303
# ##################
if [ $# -lt 1 ]; then
echo "Your command line contains $# arguments"
exit 1
fi
while getopts a:e:h:t: option
do
case "${option}"
in
a)
APP_NAME=${OPTARG}
;;
e)
EVENT=${OPTARG}
;;
h)
HOST=${OPTARG}
;;
t)
EVENT_TYPE=${OPTARG}
;;
\?)
echo "Invalid option: -$OPTARG" >&2
exit 2;;
esac
done
count=$(gshuf -i 2-50 -n 1) #generate random number
# application wise addition details
if [ "$APP_NAME" == "Magento" ]; then
source app/m.sh
fi
if [ "$APP_NAME" == "Nginx" ]; then
source app/n.sh
fi
if [ "$APP_NAME" == "OpenText" ]; then
source app/o.sh
fi
if [ "$APP_NAME" == "Sap" ]; then
source app/s.sh
fi
if [ "$APP_NAME" == "Tomcat" ]; then
source app/t.sh
fi
if [ "$APP_NAME" == "Wondercare" ]; then
source app/w.sh
fi
json_data=$(cat <<EOF
{
"type_of_event": "$EVENT",
"cronus_event_type": "$EVENT_TYPE",
"count": "$count",
"time_interval": 1,
"start_time": "",
"application_name": "$APP_NAME",
"application_id": $APPID,
"AI_id": $AIID,
"AI_name": "AppInstance_New",
"applicationService_id": $SID,
"process_id": $PID,
"AE_id": 1234,
"AE_name": "AnalysisEngine_new",
"Canary_id": 4424,
"Time_Out":"False"
}
EOF
)
echo "$json_data";
echo "$json_data" > incident.json
python3 ./KEP.py --zeus-host-ip="$HOST" --zeus-port=9092 --master-json=incident.json