script sh cpfw sessions
!/bin/bash
sendemail() {
msg="$1"
who="$2"
recipients=$(echo "${who}" | sed -e 's/,/ /g')
smbin="/usr/sbin/sendmail -C /opt/netsec/etc/conf/sendmail.cfg"
subject="dbfms:script:${scriptname}:monitor eagleye session usage"
#send the email
${smbin} ${recipients} << EOF
subject:${subject}
$(echo -e ${msg})
EOF
}
sessioncheck() {
#script login using local
dmn="${1}"
sess=$(mgmtcli -r true -d ${dmn} login session-name ${sname} session-description ${sdesc} --format json)
sid=$(jq -r '.sid' <<< "${sess}")
cmd="${mgmtclibin} --session-id ${sid} --format json"
#main query to extract session data - max per user is 100 so use 200 as limit, should be enough
sessdata=$(${cmd} show sessions limit 200 details-level full)
echo "=====>${sessdata}" >> /var/tmp/ee
#use jq to filter out the UIDs
uidslist=$($jqbin --arg u ${uname} '.objects[] | select (."application" == "WEBAPI" and .state"open" and ."expired-session"true and ."user-name"$u) | .uid' <<< "${sessdata}")
uidscount=$(echo "${uids_list}" | wc -l)
$cmd logout
}
close_sessions() {
l="${1}"
#tify up the ee sessions
for uid in $l ; do
echo "discarding ${uid}"
${cmd} discard uid "${uid}"
done
}
usage() {
cat <<-EOF
/opt/netsec/scripts/chk_eesession [-c ]
options
-c if given will also close the sessions and not just report
-d run for a single domain, can be used in combination with -c
-h this menu
-r email address in csv list
EOF
}
MAIN starts here
set +x
log file, will be managed by logrotate
logf=/var/log/chk_eesessions.log
exec 1> >( tee $logf)
exec 2> >( tee -a $logf)
disconnect=0
while getopts "d:hcr:" OPTION ; do
case $OPTION in
d) dmnarg=${OPTARG} ;;
h)
usage
exit 0
;;
r) list=${OPTARG}
[[ -z "${list}" ]]
;;
c) #disconnect the sessions , default just report
disconnect=1
;;
*)
usage
exit 0
;;
esac
done
jqbin=$(which jq)
mgmtclibin=$(which mgmtcli)
scriptname=$(basename $0)
sname="fmscript:${scriptname}"
sdesc="scripttomonitoreagleyesessionusage"
only interested in ee user for now
uname="eagleeye"
msg=""
cycle domains
for i in $(ls -1 /opt/CPmds-R80/customers/ | egrep -e "-Primary" | sed -e "s/-Primary//" | egrep -e "${dmnarg}\$") ; do
for i in "London_Mgmt21" ; do
uidslist=""
uidscount=""
sessioncheck "${i}"
#send via email
msg+="open expired sessions for eagleye in domain ${dmn} : ${uidscount}"
#msg+="\n$uidslist"
msg+="\n"
if [[ $disconnect -eq 1 ]] ; then
echo "INFO: close session requested, closing sessions"
closesessions "${uids_list}"
fi
done
send report via email smtp
echo ${msg}
[[ -z "${list}" ]] && list="richard-i.carson@db.com"
send_email "${msg}" "${list}"
logout
${cmd} publish
${cmd} logout