# create_new_user_push.ps1 생성 $events=Get-WinEvent -FilterHashtable @ -MaxEvents 1 foreach($Event in $Events){ $eventXMLs = [xml]$Event.ToXml() foreach($eventXML in $eventXMLs){ $logs = New-Object psobject -Property @{ newUser = $eventXML.Event.Eventdata.Data[0].'#text' Server = $eventXML.Event.Eventdata.Data[1].'#text' createuser = $eventXML.Event.Eventdata.Data[4].'#text' } } } $token = "#####..

# ps1파일 생성(예 : login_push.ps1) $Events = Get-WinEvent -FilterHashtable @ foreach($Event in $Events){ $eventXMLs = [xml]$Event.ToXml() foreach($eventXML in $eventXMLs){ #$eventXML.Event.EventData.Data $logs = New-Object psobject -Property @{ User = $eventXML.Event.UserData.EventXML.User IPAddress = $eventXML.Event.UserData.EventXML.Address TIME = $event.timecreated EventID = $eventXMLs.Event.syst..

pwgen을 이용하여 랜덤패스워드 생성하고 생성된 패스워드를 root패스워드에 반영하여 텔레그램으로 푸시해주는 방법입니다. 우선 yum을 이용하여 pwgen을 설치합니다. # yum -y install pwgen 그리고 .bashrc 아래와 같이 내용을 추가합니다. PW=`pwgen 10 1` echo "passwd root:${PW}| chpasswd" echo root:${PW}| chpasswd tokenid="[토큰ID]" chatid="[텔레그램 쳇 ID]" hostip=`ifconfig ens33 | grep 'inet' | grep -v 'inet6' |awk '{print $2}'` curl -F text="ALERT - Root Passwd Change:' $hostip root `ech..

아래 내용 test.ps1로 저장 $token = "#########################" $chatId = "################" $message = $args Invoke-RestMethod -Uri "https://api.telegram.org/bot$token/sendMessage?text=$message&chat_id=$chatId" 실행 powershell -executionpolicy bypass test.ps1 테스트~~~

설치환경 : centos7 파이썬3.6설치 [daraksharavim.tistory.com]$ yum -y install https://centos7.iuscommunity.org/ius-release.rpm [daraksharavim.tistory.com]$ yum -y install python36u python36u-libs python36u-devel python36u-pip [daraksharavim.tistory.com]$ ln -s /bin/python3.6 /bin/python3 [daraksharavim.tistory.com]$ ln -s /bin/pip3.6 /bin/pip [daraksharavim.tistory.com]$ pip install --upgrade pip [daraksh..