sudo apt install clamav clamav-freshclam debsums ufw rsnapshot

#!/bin/sh # This is a shell script to automate various checks that should happen on a regular basis. # If you need to change anything and are having trouble, there is a good site to learn from: # http://linuxcommand.org/lc3_writing_shell_scripts.php # Define the filename based on the date. You can change the directory for the file as well. NOW=$(date +"%Y%m%d") OUTFILE="/var/log/sysreport/sysreport_$NOW.txt" # Create the file echo "System Monitoring Report for $NOW\n" > $OUTFILE # The next set of lines run different checks. You can add more based on whatever you think you may need. # Create a disk utilization report echo "**** Disk Utilization ****" >> $OUTFILE df -h >> $OUTFILE echo "\n" >> $OUTFILE # Create a report of upgradable packages echo "**** Upgradable Packages ****" >> $OUTFILE apt update >/dev/null apt install -y --only-upgrade clamav-freshclam >/dev/null apt install -y --only-upgrade clamav-base >/dev/null apt install -y --only-upgrade clamav >/dev/null apt update 2>/dev/null | grep packages >> $OUTFILE echo "\n" >> $OUTFILE # Create a SSL expiration report echo "**** GL Analytics SSL ****" >> $OUTFILE expirationdate=$(date -d "$(: | openssl s_client -connect mysite.mydomain:443 -servername mysite.mydomain 2>/dev/null \ | openssl x509 -text \ | grep 'Not After' \ |awk '{print $4,$5,$7}')" '+%s'); in7days=$(($(date +%s) + (86400*7))); if [ $in7days -gt $expirationdate ]; then echo "Warning - Certificate for mysite.mydomain expires in less than 7 days, on $(date -d @$expirationdate '+%Y-%m-%d')" >> $OUTFILE echo "Log into the analytics server and run: sudo certbot renew --nginx" >> $OUTFILE else EDHR=$(openssl s_client -servername mysite.mydomain -connect mysite.mydomain:443 2>&- | openssl x509 -enddate -noout | sed -e s/notAfter=//g) echo "OK - Certificate expires on $EDHR" >> $OUTFILE; fi; echo "\n" >> $OUTFILE # Create a backup report echo "**** On Site Backups ****" >> $OUTFILE ls -l /mnt/backup | grep hourly.0 >> $OUTFILE find /mnt/backup/hourly.0 -maxdepth 2 >> $OUTFILE ls -l /mnt/backup | grep daily.0 >> $OUTFILE ls -l /mnt/backup | grep weekly.0 >> $OUTFILE echo "\n" >> $OUTFILE # Create a discrepancy report echo "**** Discrepancies vs. Debian Source Files ****" >> $OUTFILE ionice debsums -csa >> $OUTFILE echo "\n" >> $OUTFILE # Create a firewall report echo "**** Firewall Status ****" >> $OUTFILE ufw status verbose >> $OUTFILE echo "\n" >> $OUTFILE # Create a virus report echo "**** Virus Scan ****" >> $OUTFILE rm -rf /var/log/clamav/freshclam.log freshclam >> $OUTFILE ionice clamscan -r -i / | grep FOUND >> $OUTFILE echo "\n" >> $OUTFILE