[ SEA-GHOST MINI SHELL]
#!/usr/bin/python
import json
import sys
import time
import csv
import smtplib
import mimetypes
from email.mime.multipart import MIMEMultipart
from email.mime.text import MIMEText
from email.mime.base import MIMEBase
from email import encoders
from datetime import datetime
from datetime import date
from pyzabbix.api import ZabbixAPI
ZURL = sys.argv[1]
ZUSER = sys.argv[2]
ZPASS = sys.argv[3]
TGNAME = sys.argv[4]
MAILTO = sys.argv[5]
dt = date.today()
dt_timestamp = time.mktime(dt.timetuple())
with open(TGNAME + '_report.csv', mode='w') as csv_file:
employee_writer = csv.writer(csv_file, delimiter=',', quotechar='"', quoting=csv.QUOTE_MINIMAL)
employee_writer.writerow(["TriggerID","Start Time","End Time","Duration(s)","Host","Trigger"])
zapi = ZabbixAPI(ZURL, user=ZUSER, password=ZPASS)
subgroups_get = zapi.do_request('hostgroup.get',{'output': 'extend'})
for group in subgroups_get.get("result"):
groupname = group["name"]
groupid = group["groupid"]
if TGNAME in groupname:
events_raw = zapi.do_request('event.get',{'output': 'extend', 'groupids': groupid, 'time_from': dt_timestamp, 'severities': 4})
for i in events_raw.get("result"):
triggerid = i["objectid"]
eventid = i["eventid"]
eventname = i["name"]
start_clock = i["clock"]
end_r_eventid = i["r_eventid"]
if int(end_r_eventid) != 0:
end_events_raw = zapi.do_request('event.get',{'output': 'extend', 'eventids': end_r_eventid})
res = end_events_raw.get("result")
k = json.dumps(res, indent=4)
end_clock = json.loads(k)[0]['clock']
duration = int(end_clock) - int(start_clock)
start_clock_dt = datetime.fromtimestamp(int(start_clock))
end_clock_dt = datetime.fromtimestamp(int(end_clock))
if int(duration) > 3600:
host_get = zapi.do_request('host.get',{'output': 'extend', 'triggerids': triggerid})
host_raw = host_get.get("result")
host_json = json.dumps(host_raw, indent=4)
host_name = json.loads(host_json)[0]['host']
with open(TGNAME + '_report.csv', mode='a') as csv_file:
employee_writer = csv.writer(csv_file, delimiter=',', quotechar='"', quoting=csv.QUOTE_MINIMAL)
employee_writer.writerow([triggerid,start_clock_dt,end_clock_dt,duration,host_name,eventname])
# print triggerid,start_clock_dt,end_clock_dt,duration,host_name,eventname
if sum(1 for line in open(TGNAME + '_report.csv')) > 1:
emailfrom = "zabbixmail@dreamscapenetworks.com"
emailto = MAILTO
fileToSend = TGNAME + "_report.csv"
username = "zabbixmail@dreamscapenetworks.com"
password = "qk5%vt}h<}P34sNN"
msg = MIMEMultipart()
msg["From"] = emailfrom
msg["To"] = emailto
msg["Subject"] = TGNAME + "| Daily trigger report"
body = 'This is daily stats of triggers with high severity which did not resolve more than 1 hour. In case of any questions look at problems page directly https://zabbix.au.ds.network/zabbix.php?action=problem.view or ask your questions to someone of the Monitoring team'
msg.attach(MIMEText(body,'plain'))
msg.preamble = TGNAME
ctype, encoding = mimetypes.guess_type(fileToSend)
if ctype is None or encoding is not None:
ctype = "application/octet-stream"
maintype, subtype = ctype.split("/", 1)
if maintype == "text":
fp = open(fileToSend)
# Note: we should handle calculating the charset
attachment = MIMEText(fp.read(), _subtype=subtype)
fp.close()
elif maintype == "image":
fp = open(fileToSend, "rb")
attachment = MIMEImage(fp.read(), _subtype=subtype)
fp.close()
elif maintype == "audio":
fp = open(fileToSend, "rb")
attachment = MIMEAudio(fp.read(), _subtype=subtype)
fp.close()
else:
fp = open(fileToSend, "rb")
attachment = MIMEBase(maintype, subtype)
attachment.set_payload(fp.read())
fp.close()
encoders.encode_base64(attachment)
attachment.add_header("Content-Disposition", "attachment", filename=fileToSend)
msg.attach(attachment)
server = smtplib.SMTP("email.dreamscapenetworks.com:587")
server.starttls()
server.login(username,password)
server.sendmail(emailfrom, emailto.split(','), msg.as_string())
server.quit()
SEA-GHOST - SHELL CODING BY SEA-GHOST