使用 Perl 建立 Line API 運用環境

本 LAB 平台

#cat /etc/redhat-release

CentOS release 6.8 (Final)

#perl -v

This is perl 5, version 24, subversion 0 (v5.24.0) built for x86_64-linux

Copyright 1987-2016, Larry Wall

Perl may be copied only under the terms of either the Artistic License or the

GNU General Public License, which may be found in the Perl 5 source kit.

Complete documentation for Perl, including FAQ lists, should be found on

this system using "man perl" or "perldoc perl".  If you have access to the

Internet, point your browser at http://www.perl.org/, the Perl Home Page.

參考 SDK

https://github.com/line/line-bot-sdk-perl

https://devdocs.line.me/en/?perl#push-message

   

本 LAB 目地的為建立一個自己專用的 line bot webhook URL

並透過 webhook 的機制取得 Line bot 專用的  line id (UID)

接下來才可以用 Push Message 的方式法做 Send Line Message

或 Reply API 等等運用

https://business.line.me/zh-hant/services/bot

Push API與Reply API

Push API指的是Bot能夠在任何時間點對用戶傳送訊息的API。

而Reply API指的則是公司或經營者針對用戶傳來的訊息進行回覆的API。

https://scdn.line-apps.com/n/_5/partner-center/img/lp/tw/msgapi-figure4.png

關於 line bot

https://business.line.me/zh-hant/services/bot

在開始之前可先看一下這個小筆記

http://www.vlab.com.tw/index.php/forum/21/15572-line-api

Line API 使用小筆記

line 已經推出官方版的 API 了

所以提供這個簡單的小筆記供需要的人參考

先去官網上申請一個 API 的帳號

且建立一個 Developer Trial 的帳號

並確認該帳號為 LINE@Developer

business.line.me/zh-hant/

程式開發可參閱

developers.line.me/ or devdocs.line.me/en/

=====================

以 Push Line Message 可參閱

devdocs.line.me/en/#push-message

以 PHP 為例

Push message API example

============

$httpClient = new \LINE\LINEBot\HTTPClient\CurlHTTPClient('<channel access token>');

$bot = new \LINE\LINEBot($httpClient, ［'channelSecret' => '<channel secret>'］);

$textMessageBuilder = new \LINE\LINEBot\MessageBuilder\TextMessageBuilder('hello');

$response = $bot->pushMessage('UID', $textMessageBuilder); "

echo $response->getHTTPStatus() . ' ' . $response->getRawBody(); "

=================

程式就是這麼簡單.

github.com/line/line-bot-sdk-php

安裝看上面這個 URL 的下方有寫到如何安裝這個 PHP 的 SDK

在寫 API 時會用到的資訊皆在官網上登入的頁面中可取得.

或者是透過 webhook .

其中重要的資訊如下所示: (1) (2) (3)

(1)<channel access token> 官網上登入可取得

(2) <channel secret> 官網上登入可取得

(3) UID

用這支去改

github.com/kkdai/LineBotTemplate

可取得

參考資訊 www.evanlin.com/create-your-line-bot-golang/

或

isbaas.azurewebsites.net/WebForms/LineTokenManage.aspx

參考資訊

studyhost.blogspot.tw/2016_11_01_archive.html

輸入Line Channel Access Token :

輸入監聽email :

產生 webhook url , 並在 API 官網上輸入亦可取得,透過 E-Mail 本文

或參考本文介紹的用 perl 建立 webhook URL

Line API

Push message

devdocs.line.me/en/?shell#push-message

shell

Push message API example

curl -X POST \

-H 'Content-Type:application/json' \

-H 'Authorization: Bearer {ENTER_ACCESS_TOKEN}' \

-d '{

"to": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",

"messages":[

{

"type":"text",

"text":"Hello, world1"

},

{

"type":"text",

"text":"Hello, world2"

}

]

}' api.line.me/v2/bot/message/push

本文開始 用 perl 建立 webhook URL

為 OS 安裝上新版的 perl

http://www.cpan.org/src/

Perl Source

Perl compiles on over 100 platforms, if you want to install from a binary instead see the ports page (especially for Windows).

How to install from source

     wget http://www.cpan.org/src/5.0/perl-5.24.0.tar.gz

     tar -xzf perl-5.24.0.tar.gz

     cd perl-5.24.0

     ./Configure -des -Dprefix=$HOME/localperl

     make

     make test

     make install

Read both INSTALL and README.yoursystem in the perl-5.24.0 directory for more detailed information.

用# mv + ln –s 的方式取代OS上內建的 perl ,確保系統預設使甪的 perl 為 5.24

 系統預設的 Perl 版本為 5.10.1

# perl.old -v

This is perl, v5.10.1 (*) built for x86_64-linux-thread-multi

Copyright 1987-2009, Larry Wall

Perl may be copied only under the terms of either the Artistic License or the

GNU General Public License, which may be found in the Perl 5 source kit.

Complete documentation for Perl, including FAQ lists, should be found on

this system using "man perl" or "perldoc perl".  If you have access to the

Internet, point your browser at http://www.perl.org/, the Perl Home Page.

透過 上述 方式安裝後 perl 的版本變更為 5.24.0

#perl -v

This is perl 5, version 24, subversion 0 (v5.24.0) built for x86_64-linux

Copyright 1987-2016, Larry Wall

Perl may be copied only under the terms of either the Artistic License or the

GNU General Public License, which may be found in the Perl 5 source kit.

Complete documentation for Perl, including FAQ lists, should be found on

this system using "man perl" or "perldoc perl".  If you have access to the

Internet, point your browser at http://www.perl.org/, the Perl Home Page.

  

安裝 cpanm

可參考 http://gugod.org/2010/02/cpanm-cpan/

cpanm: 快速輕便的 CPAN 模組安裝程式

Fri, 26 Feb 2010 22:23:23 +0100

cpanm 是個十分快速的小工具，不用任何設定，就可以開始安裝 cpan module。比起完整的 CPAN.pm Shell 而言，它有一點點不足之處，但實測幾次之後發現，那些都是比較無關痛養的部份。

安裝它

cpanm 是個單一的執行檔，只要下載下來放進 $PATH 裡就可以用:

curl -LO http://bit.ly/cpanm

chmod +x cpanm

sudo cp cpanm /usr/local/bin

使用方式

常用的使用形式如下:

cpanm Jifty

cpanm MIYAGAWA/Plack-0.99_05.tar.gz

cpanm http://backpan.perl.org/authors/id/L/LD/LDS/CGI.pm-3.20.tar.gz

cpanm ~/dists/MyCompany-Enterprise-1.00.tar.gz

參數可接模組名稱、帶版號的 Tarball 檔名、Tarball 網址、或是 Tarball 在本機上的路徑。可調整的選項有五個:

-v, --verbose : 輸出完整的資訊

-f, --force : 強制安裝。就算測試過程有錯誤也照樣安裝

-n, --notest : 不跑測試

-S, --sudo : 安裝時以 sudo 指令進行

--installdeps : 僅安裝依存的模組

這就是全部了。無論是新裝機器或是臨時要裝個 CPAN 模組，都十分的好用。

安裝 LINE::Bot::API & PLack ….

#cpanm install PLack & LINE::Bot::API…..

[root@bbb line]# cpanm install Plack

install is up to date. (0.01)

Plack is up to date. (1.0042)

[root@bbb line]#

[root@bbb bin]# cpanm  Plack

Plack is up to date. (1.0042)

[root@bbb bin]#

[root@bbb bin]#  cpanm install LINE::Bot::API

install is up to date. (0.01)

LINE::Bot::API is up to date. (1.01)

[root@bbb bin]#

[root@bbb bin]#   cpanm LINE::Bot::API

LINE::Bot::API is up to date. (1.01)

[root@bbb bin]#

Line WebHook 建立 參考 URL

關於 Plack

http://search.cpan.org/~miyagawa/Plack-1.0042/lib/Plack.pm

NAME

Plack - Perl Superglue for Web frameworks and Web Servers (PSGI toolkit)

DESCRIPTION

Plack is a set of tools for using the PSGI stack. It contains middleware components, a reference server and utilities for Web application frameworks. Plack is like Ruby's Rack or Python's Paste for WSGI.

See PSGI for the PSGI specification and PSGI::FAQ to know what PSGI and Plack are and why we need them.

如何運行 PSGI

http://search.cpan.org/~miyagawa/Plack-1.0042/script/plackup

.psgi

  plackup --host 127.0.0.1 --port 9090 /path/to/app.psgi

參考 echo.psgi 的 webhook Source Code

https://github.com/line/line-bot-sdk-perl/blob/master/eg/echo.psgi

全抄就對了.

在  echo.psgi 該頁 的下方式有提到使用方式

    $ export CHANNEL_SECRET=YOUR CHANNEL SECRET

    $ export CHANNEL_ACCESS_TOKEN=YOUR CHANNEL ACCESS TOKEN

    $ plackup eg/echo.psgi

#plackup --host 127.0.0.1 --port 9090 echo.psgi  

比照辦理 準沒錯!

在網路上有 google 到有高手談到 ngrok 這個方式.

簡單的說透過它可以達到內網的主機,直接打通 Firewall + DNS URL,

讓外面的人直接進入內網的測試主機.進行相關測試.

ngrok.com/

# ./ngrok http 9090

設定  line webhook URL

  

Test webHook (echo bot)

其它運用 Push Message

https://devdocs.line.me/en/?perl#push-message

Push message API example

use LINE::Bot::API;

use LINE::Bot::API::Builder::SendMessage;

my $bot = LINE::Bot::API->new(

    channel_secret       => "<channel secret>",

    channel_access_token => "<channel access token>",

);

my $messages = LINE::Bot::API::Builder::SendMessage->new(

)->add_text(

    text => 'hello',

);

my $res = $bot->push_message("<to>", $messages->build);

unless ($res->is_success) {

    # error handling

    ....

}

論 logfmon 簡單的網管運用

依據 NetAdmin網管人文章

2016/5/24
用logfmon即時比對 Log 透過 gcalcli 存入線上行事曆
指令列串接 Google 日曆打造超炫全自動系統日誌
吳惠麟
URL http://netadmin.pcuser.com.tw/article_content.aspx?sn=1605130016&jump=1

這個 Idea 真的很好,但我這裡僅只試了 logfmon 這個程式.
主要拿它來做簡單的網管運用,
依據上面的文章 logfmon 這支程式是放在
http://sourceforge.net/projects/logfmon/
供人下載與安裝,但我使用之時,它是在 github 上.
https://github.com/nicm/logfmon
不過沒差,還是OK的.
看一下 logfmon 流程
http://netadmin.pcuser.com.tw/images/news/NP160513001616051315272705.png

應該跟 Swatch 的用法差不多,
https://sourceforge.net/projects/swatch/

拿它來做簡單的網路設備 log 分析應該不錯.
所以參照我之前用 Swatch 的技法,
改為 logfmon 的技法!

Swatch 的技法,請自行參閱

http://xrcd2.blogspot.tw/2012/05/cacti-xsmsapi-soap-cacti-sms.html
or
http://xrcd2.blogspot.tw/2016/01/cisco-ios-configuration-cisco-config.html

本文開始


以 CentOS 6.X Linux 為 LAB

(1) 安裝 logfmon


#git clone https://github.com/nicm/logfmon
#cd logfmon
#./autogen.sh
#./configure
#make
#make install

預設裝在哪??

[root@bbb logfmon]# whereis logfmon
logfmon: /usr/local/bin/logfmon

man 一下好了..

[root@bbb logfmon]# man logfmon
LOGFMON(8)                BSD System Manager’s Manual               LOGFMON(8)

NAME
     logfmon - log file monitoring daemon

SYNOPSIS
     logfmon [-dsv] [-f conffile] [-c cachefile] [-p pidfile]

DESCRIPTION
     The logfmon daemon monitors a set of syslog log files and matches each new entry against the rules defined in its configuration file. Each rule may be
     tested against entries from a single file, a set of files or from all files. Depending on the rule, a command may be executed or the entry may be
     ignored. All unmatched messages are batched together and mailed every 15 minutes, or whatever alternative time is specified in the configuration file.

     Messages may also be collected into contexts and piped to a command after a final message is found or a number of messages is reached. See
     logfmon.conf(5) for more details of this.

     The options are as follows:

     -c cachefile
                 Specify the cache file location. Default is /var/db/logfmon.cache.

                 This overrides any location specified in the configuration file.

     -d          Run in the foreground and log to stderr.

                 This option also causes additional debugging messages to be generated.  This option may be specified multiple times for increasing levels of
                 verbosity.

     -s          Monitor stdin.  This causes logfmon to remain in the foreground and filter log messages passed on stdin.

     -f conffile
                 Specify the configuration file location. Default is /etc/logfmon.conf.

     -p pidfile  Specify the pid file location. Default is /var/run/logfmon.pid.

                 This overrides any location specified in the configuration file.

     -v          Display the logfmon version, and exit.

FILES
     /etc/logfmon.conf     default logfmon configuration file

SEE ALSO
     syslog(3), logfmon.conf(5)

.....


這樣  logfmon 就裝好了.

(2) 設定 rsyslog

[root@bbb net]# vi /etc/rsyslog.conf
      1 # rsyslog v5 configuration file
      2
      3 # For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html
      4 # If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html
      5
      6 #### MODULES ####
      7
      8 $ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
      9 $ModLoad imklog   # provides kernel logging support (previously done by rklogd)
     10 #$ModLoad immark  # provides --MARK-- message capability
     11
     12 # Provides UDP syslog reception
     13 $ModLoad imudp
     14 $UDPServerRun 514

設定 rsyslog 可以對外收 syslog message

     12 # Provides UDP syslog reception
    --> $ModLoad imudp
    --> $UDPServerRun 514

並指定收到  主機或某網段 的 syslog message 存入某一個檔案中,
預備成為  logfmon 被監控的檔案

    --> 88 if $fromhost-ip == '192.168.111.61' then  /var/log/net/vyos.log

重啟 rsyslog 服務

#service rsyslog restart


設定 192.168.111.61 (client )這台 vyos 的 config ,
宣告它的 syslog host 為 192.168.111.247 ( Rsyslog + logfmon Server )

所以 topolog 為 192.168.111.61 (client ) ---> 192.168.111.247 (Server)

Client 端只要是支援標準的 syslog 即可使用.
Server 端是透過 Rsyslog 作為 syslog server 的角色.
用其它的也可,只是 logfmon 只能用在 log 檔案的分析.


vyos 的設定如下;(模擬成網路設備,Client 端角色)

vyos@vyos:~$ show configuration commands
set interfaces ethernet eth0 address 'dhcp'
set interfaces ethernet eth0 duplex 'auto'
set interfaces ethernet eth0 smp-affinity 'auto'
set interfaces ethernet eth0 speed 'auto'
set interfaces loopback 'lo'
set service ssh port '22'
set system config-management commit-revisions '20'
set system host-name 'vyos'
set system login user vyos authentication encrypted-password '$6$wycLUv4kpl$WEywQMIvFUqIC9yA3HPb42IG0328X1iNqa1967sFWEce6oC6SrvcV3Nn2hQF1n4bTE/vyQ9e9LyF813VEx9HS.'
set system login user vyos authentication plaintext-password ''
set system login user vyos level 'admin'
set system name-server '168.95.1.1'
set system name-server '168.95.192.1'
set system ntp server 'clock.hinet.net'
set system syslog global facility all level 'notice'
set system syslog global facility protocols level 'debug'
set system syslog host 192.168.111.247 facility all level 'all'
set system time-zone 'Asia/Taipei'
vyos@vyos:~$


到目前為止,已有 Syslog Message Client + Server 也安裝好了  logfmon 了.


設定 logfmon.conf (依據 man 的說明是寫在 /etc/logfmon.conf 中),
內容依實務需求撰寫之.

# cat /etc/logfmon.conf
set logregexp "(.*)"
file "/var/log/net/vyos.log" tag login
match in  login  "(.*)(Accepted password for)(.*)"  exec  "/usr/bin/perl /root/shell/sendmail.pl \"$1\" \"$2\" \"$3\""
match in  login  "(.*)(session closed for user)(.*)"  exec  "/usr/bin/perl /root/shell/sendmail.pl \"$1\" \"$2\" \"$3\""


原始的 log 內文 如下.

Nov 18 14:00:25 vyos sshd[7071]: Accepted password for vyos from 192.168.1.115 port 50960 ssh2
Nov 18 14:01:08 vyos sshd[7071]: pam_unix(sshd:session): session closed for user vyos

參照(正規化表示法比對)

match in  login  "(.*)(Accepted password for)(.*)"
match in  login  "(.*)(session closed for user)(.*)"


exec ... sendmail .... (執行自定指令)


# cat /root/shell/sendmail.pl

#!/usr/bin/perl
use Mail::Sender;
print " \n Start \n ";
$sender = new Mail::Sender
{smtp => '192.168.1.xxx', from => 'Test-Alert@abc.com.tw'}  or die "Error in mailing : $Mail::Sender::Error\n";
$sender->MailMsg({to => 'xrcd2@abc.com.tw',subject => 'Test_Alert',msg => "My Test \n\n $ARGV[0] $ARGV[1] $ARGV[2] \n ",debug => $DEBUG,debug_level => 4});
print " \n END \n\n";
print " \n $DEBUG \n ";

DEMO

執行 logfmon

[root@bbb net]# logfmon -f /etc/logfmon.conf

驗證 logfmon 是否有被正常執行,如它無法正常被執行,
請再檢核該 conf 的設定與配置是否正確?!

[root@bbb net]# ps -ef | grep logfmon
root     19091     1  0 15:56 ?        00:00:00 logfmon -f /etc/logfmon.conf
root     19113 15664  0 15:59 pts/1    00:00:00 grep logfmon
[root@bbb net]#

rsyslog 收到 log 後會存入於此.

[root@bbb net]# pwd
/var/log/net
[root@bbb net]# ll
total 0
-rw------- 1 root root 0 Nov 18 15:58 vyos.log
[root@bbb net]#


ssh 到 vyos 做 登入與登出的以驗證 rsyslog + logfmon + sendmail

[root@bbb net]# cat  /var/log/net/vyos.log
Nov 18 16:04:01 vyos sshd[7653]: error: Could not load host key: /etc/ssh/ssh_host_ed25519_key
Nov 18 16:04:05 vyos sshd[7653]: Accepted password for vyos from 192.168.1.115 port 52045 ssh2
Nov 18 16:04:05 vyos sshd[7653]: pam_unix(sshd:session): session opened for user vyos by (uid=0)
Nov 18 16:04:34 vyos sshd[7655]: error: Received disconnect from 192.168.1.115: 0:
Nov 18 16:04:34 vyos sshd[7653]: pam_unix(sshd:session): session closed for user vyos
[root@bbb net]#


 Accepted password for   ( Mail Alert )

session closed for user  ( Mail Alert )

Topology

運用的實例可參考如下:

圖中的 syslog2msn 即為 rsyslog + logfmon + shell (組合變化而來)

http://xrcd2.blogspot.tw/2012/05/cacti-xsmsapi-soap-cacti-sms.html




其它更進階的運如下:

那個 Swatch 可由 logfmon 取代之,也是可由 rsyslog + swatch + shell (組合變化而來)

http://xrcd2.blogspot.tw/2016/01/cisco-ios-configuration-cisco-config.html

FortiGate Firmware Upgrade Paths

FortiGate Firmware Upgrade

有時候,它就是一版,一版升上來..

如 5.0.12 --> 5.2.8 ---> 5.4.2


在 fortios-v5.4.2-release-notes.pdf 有指出
...

Upgrade Information

Upgrading to FortiOS 5.4.2
FortiOS version 5.4.2 officially supports upgrading from version 5.4.0 and later and 5.2.8 and later.
.....

=================

另在 fortios-v5.2.8-release-notes.pdf 又指出

..

Upgrade Information


Upgrading from FortiOS 5.0.12 or later
FortiOS version 5.2.8 officially supports upgrade from version 5.0.12 or later

.....

================

其實另外亦也可以參考  Upgrade Paths 的 URL

http://cookbook.fortinet.com/sysadmins-notebook/supported-upgrade-paths-fortios/3/

照它上面是寫 應該也是 OK 的....待驗證

如 5.0.12--> 5.2.9 ---> 5.4.2

三論 SNMP OIDs

三論 SNMP OIDs

基礎入門

(1)利用SNMP OIDs 加入 Zabbix 監控
http://xrcd2.blogspot.tw/2012/10/snmp-oids-zabbix.html

(2)再論 SNMP OIDs
http://xrcd2.blogspot.tw/2012/10/snmp-oid.html

本文開始

(3)三論 SNMP OIDs


在 CheckPoint官網  DownLoad 該 MIB 以 R77 為例.
透過修改 snmpd.conf 的方式,可載入該 MIB.


[root@bbb /]# cat /etc/snmp/snmpd.conf
rocommunity public 127.0.0.1/32
MIB +/usr/share/snmp/mibs/CHECK-R77-MIB.txt
[root@bbb /]#



CHECK-R77-MIB 內文
.....

CHECKPOINT-MIB DEFINITIONS ::= BEGIN

 -- SUBTREE: 1.3.6.1.4.1.2620.1
 -- iso.org.dod.internet.private.enterprises.checkpoint.products

.....

checkpoint OBJECT IDENTIFIER ::= { enterprises 2620 }
products OBJECT IDENTIFIER ::= { checkpoint 1 }
tables      OBJECT IDENTIFIER ::= { checkpoint 500 }
fw OBJECT IDENTIFIER ::= { products 1 }

.....

fwPolicyStat  OBJECT IDENTIFIER ::= { fw 25 }

.......

fwNumConn OBJECT-TYPE
  SYNTAX  INTEGER
  ACCESS  read-only
  STATUS  mandatory
  DESCRIPTION
         "Number of connections"
  ::= { fwPolicyStat 3 }

.......


下面這個值是可以從上面的內文中看出....當然用 snmptranslate 這個最快...
但是要會找 MIB 文中的 Key Word...因為這才是根本的出處...
要不然 fwNumConn 這個東西怎麼來呢??!!

MIB OID ===> .1.3.6.1.4.1.2620.1.1.25.3.0
====> "Number of connections"


驗證

[root@bbb tmp]#  snmptranslate -m CHECKPOINT-MIB  -IR -On    fwNumConn
.1.3.6.1.4.1.2620.1.1.25.3
[root@bbb tmp]#


[root@bbb tmp]#  snmptranslate -m CHECKPOINT-MIB  -IR -Onf    fwNumConn
.iso.org.dod.internet.private.enterprises.checkpoint.products.fw.fwPolicyStat.fwNumConn
[root@bbb tmp]#


取得

[root@bbb tmp]#  snmpget -v2c -c public 192.168.xxx.xxx  .1.3.6.1.4.1.2620.1.1.25.3.0
SNMPv2-SMI::enterprises.2620.1.1.25.3.0 = Counter32: 2
[root@bbb tmp]#


那網管軟體就可以做 template 了,以 cacti 為例:

其它參考資訊.

https://sc1.checkpoint.com/documents/R76/CP_R76_Splat_AdminGuide/51553.htm

http://www.oidview.com/mibs/2620/CHECKPOINT-MIB.html

其它 監控 

SmartView Monitor