Update collector script with debug output, list rejected ssh users

In the check script print out current rejected (not allowed) ssh users

Collect log info script has now debug output and proper options flags

bin/check_last_login.sh

@@ -111,6 +111,11 @@ for user in $(cat /etc/group|grep "${ssh_group}:" | cut -d ":" -f 4 | sed -e 's/
 	fi;
 	printf "* Checking user %-20s: %s\n" "${user}" "${out_string}";
 done;
+echo "--------------------->"
+echo "Showing current SSH Reject users:"
+for user in $(cat /etc/group|grep "${ssh_reject_group}:" | cut -d ":" -f 4 | sed -e 's/,/ /g'); do
+	echo "${user}";
+done;
 if [ ! -z "${delete_accounts}" ]; then
 	echo "--------------------->"
 	echo "% Run list below to move users to reject ssh group";

bin/collect_login_data.sh

@@ -15,12 +15,36 @@ AUTH_LOG="${BASE_FOLDER}/../auth-log/user_auth.log";
 if [ ! -f "${AUTH_LOG}" ]; then
 	touch "${AUTH_LOG}";
 fi;
-# run full log check flag
+# debug flag
+DEBUG=0;
+# check all logs flag
 RUN_FULL_LOG=0;
-if [ ! -z "${1}" ] && [ "${1}" = "FULL" ]; then
-	echo "[!!!] Run through all log files to collect data";
-	RUN_FULL_LOG=1;
-fi;
+# option parsing
+while getopts ":fd" opt; do
+	case "${opt}" in
+		f|full)
+			echo "[!!!] Run through all log files to collect data";
+			RUN_FULL_LOG=1;
+			;;
+		d|deubg)
+			DEBUG=1;
+			;;
+	esac;
+done;
+
+function prD()
+{
+	message="${1}";
+	debug=${2:-0};
+	lb_off=${3:-0};
+	if [ ${debug} -eq 1 ]; then
+		if [ ${lb_off} -eq 1 ]; then
+			echo -n "${message}";
+		else
+			echo "${message}";
+		fi;
+	fi;
+}
 
 function parseLog()
 {
@@ -30,9 +54,9 @@ function parseLog()
 	auth_log="${2}";
 	start_year="${3}";
 	logger="${4}";
-	debug="${5}";
+	debug=${5:-0};
 
-	# echo "L: $line";
+	#prD "Line: $line" ${debug};
 	# auth user has . at the end, remove that one
 	if [ "${logger}" = "systemd" ]; then
 		# 2022-11-18T20:04:08+0900
@@ -44,21 +68,25 @@ function parseLog()
 	fi;
 	auth_date=$(echo "${auth_date}" | date +"%F %T" -f -);
 
-	# echo -n "USER: $auth_user | DATE: $auth_date";
-
+	# $(printf "USER: %-20s: %19s" "${auth_user}" "${auth_date}")
+	# prD "USER: $auth_user | DATE: $auth_date" ${debug} 1;
+	printf -v msg "Source: %-10s | Year: %4s | Last auth user: %-20s: %19s" "${logger}" "${start_year}" "${auth_user}" "${auth_date}"
+	prD "${msg}" ${debug} 1;
 	# find auth user in current auth file
 	# if not there attach, else replace date only
 	found=$(grep "${auth_user};" "${auth_log}");
 	if [ -z "${found}" ]; then
-		# echo -n " | Write new";
+		prD " | Write new" ${debug};
 		echo "${auth_user};${auth_date}" >> "${auth_log}";
 	else
-		# echo -n " | Replace old";
+		prD " | Replace old" ${debug};
 		sed -i "s/${auth_user};.*$/${auth_user};${auth_date}/" "${auth_log}";
 	fi;
-	# echo " [***]";
 }
 
+printf -v msg "Run date: %s %s" $(date +"%F %T")
+prD "${msg}" ${DEBUG};
+
 # Collector script for login information via journalctl
 # if no systemd installed, try to get info from /var/log/secure or /var/log/auth.log
 readonly init_version=$(/proc/1/exe --version | head -n 1);
@@ -84,7 +112,7 @@ if [ -z "${init_version##*systemd*}" ]; then
 		# " of user <username>"
 		# we want date + time + username
 		# prefix year with start date year
-		parseLog "${line}" "${AUTH_LOG}" "${START_YEAR}" "${LOG_TARGET}" 0;
+		parseLog "${line}" "${AUTH_LOG}" "${START_YEAR}" "${LOG_TARGET}" ${DEBUG};
 	done;
 else
 	LOG_TARGET="syslog";
@@ -96,7 +124,7 @@ else
 			START_YEAR=$(date +%Y -d @${tz});
 			bunzip2 -ck "${sfile}" | grep ": session opened for user" | grep " by (uid=0)" |
 			while read line; do
-				parseLog "${line}" "${AUTH_LOG}" "${START_YEAR}" "${LOG_TARGET}" 0;
+				parseLog "${line}" "${AUTH_LOG}" "${START_YEAR}" "${LOG_TARGET}" ${DEBUG};
 			done;
 		done;
 		# read all
@@ -105,7 +133,7 @@ else
 	START_YEAR=$(date +%Y -d "1 day ago");
 	cat /var/log/secure | grep "${START_DATE}" | grep ": session opened for user" | grep " by (uid=0)" |
 	while read line; do
-		parseLog "${line}" "${AUTH_LOG}" "${START_YEAR}" "${LOG_TARGET}" 0;
+		parseLog "${line}" "${AUTH_LOG}" "${START_YEAR}" "${LOG_TARGET}" ${DEBUG};
 	done;
 fi;