anderbytes 139 Posted June 18, 2016 Share Posted June 18, 2016 Hello. I want to share a Linux script I made (in Bash) to give some privacy to users that send logs to Emby devs. It simply substitutes the critical parts (that usually don't make a difference to log analysis) that security-freak folks like me don't want shared. Here it goes. Any improvements tips are appreciated. #!/bin/bash LOGSPATH="/media/SEAGATE_S1000_DRIVE/emby/logs" # Write here the official Emby Logs path SERVER="realserver.realdomain.com" # Here goes your external server name or IP HTTP_PORT="9797" # Here goes your internal Emby port HTTPS_PORT="9898" # Here goes your external Emby port HIDDEN_PATH="SEAGATE_S1000_DRIVE/mountpoint/movies_tv" # Here goes your main media path to be obfuscated PROG_PATH=$(sed "s|/logs||g" <<< "$LOGSPATH") if [ ! -f "$1" ]; then echo "No Logfile specified. Searching for the latest..."; FILE=$(ls $LOGSPATH/server-* --sort=time | head -1) echo "Found latest Logfile: $FILE" elif [[ "$1" == *"$LOGSPATH"* ]] && [ "${1: -3}" == "txt" ]; then FILE="$1" else echo "[ERROR] Chosen Logfile is not valid. Please ensure it is a text file inside Emby's Logs Path and try again."; exit fi FNAME=$(basename "$FILE") cp -f "$FILE" "./LOG_$FNAME" if [ ! -f "./LOG_$FNAME" ]; then echo "Obfuscated LOG generation is impossible. Please review folder permissions."; exit; fi #### SUBSTITUTIONS #### sed -i "s|$PROG_PATH|/my_drive/emby|g" "./LOG_$FNAME" sed -i "s|$SERVER|server.domain.com|g" "./LOG_$FNAME" sed -i "s|$HTTP_PORT|8096|g" "./LOG_$FNAME" sed -i "s|$HTTPS_PORT|8920|g" "./LOG_$FNAME" sed -i "s|$HIDDEN_PATH|my_drive/media_folder|g" "./LOG_$FNAME" sed -i "s|_key=[a-zA-Z0-9]*|_key=####API_KEY_HERE####|g" "./LOG_$FNAME" # This hides API KEYS used in remote calls echo "##########################################################################################" echo "# Obfuscated LOG successfully generated at: $(pwd)/LOG_$FNAME" echo "##########################################################################################" What do you think? 2 Link to comment Share on other sites More sharing options...
Luke 37051 Posted June 18, 2016 Share Posted June 18, 2016 Well done, great stuff! Link to comment Share on other sites More sharing options...
Compix 0 Posted April 17, 2017 Share Posted April 17, 2017 Thanks very helpfull... Link to comment Share on other sites More sharing options...
d00zah 127 Posted April 17, 2017 Share Posted April 17, 2017 (edited) While it doesn't add much, I think the use of an associative array simplifies addition of new substitutions.YMMV Note: I execute this in Windows using Cygwin (with optional 'dos2unix' pkg). This was my approach: =========== #!/usr/bin/bash# Display usage note(s) if no argif [ "$1" = "" ]; then echo -e "\n\t usage: $0 [logfilename1] [logfilename2] ..." exitfi# Define text strings to be redacteddeclare -A redact# redact[KEYVALUE]='textasitappearsinlog'redact[EXDOMAIN]='hostname.somedomain.com'redact[EXPORTNO]='8096'redact[NICMACAD]='00-14-22-01-23-45'redact[METAROOT]='Z:\\\\Emby-Data'redact[sRVNETID]='EMBY_SERVER'redact[sRVNETIP]='192.168.7.42'redact[ADMINACT]='Administrator'redact[EMBYUSER]='Snuffy'redact[NASNETID]='FileServer'# Process each log passed as argfor log; do # Iterate through defined keys & redact all instances for key in ${!redact[@]}; do if [ "${redact[$key]}" != "" ]; then sed -i s/"${redact[$key]}"/\[$key\]/g $log fi done # Restore windows line-breaks if [ `uname -o` = "Cygwin" ]; then unix2dos -q $log fidone Edited April 21, 2017 by d00zah Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now