Run script to curl a URL 5 minutes
120 views
Skip to first unread message
Saddique Khan
Oct 10, 2023, 6:57:45 AM10/10/23
to Wazuh | Mailing List
Hello Team,
I am running Wazuh cluster on Kubernetes.I need to run a script inside the pod every five minutes. The script curls a URL. Now is there anyway, I can achieve this? Is an active-response will help me to customize it or is there any better way to achieve it? If we can achieve it with an active - response, what would be the command section with parametters..
Regards,
Saddique
Rolly Davany Mougoue Kakanou
Oct 10, 2023, 8:08:33 AM10/10/23
to Wazuh | Mailing List
Hello Saddique and thanks for using Wazuh,
If you are looking to execute a script every 5mins, an easy way would be to use a cronjob. Lets assume your script is script1.sh located at /etc/scripts and you are looking to run it and log the output to a file lets say logs located at ~/cron-logs, then the cronjob syntax will be ass follows:
*/5 * * * * /etc/scripts/script1.sh > ~/cron-logs/logs
You can copy & paste the above to your crontab file (You can open the file by using command crontab –e) while replacing with your own script name and path.
*/5 * * * * /etc/scripts/script1.sh > ~/cron-logs/logs
You can copy & paste the above to your crontab file (You can open the file by using command crontab –e) while replacing with your own script name and path.
Hope this answers your question.
Best Regards,
Best Regards,
Rolly
Saddique Khan
Oct 10, 2023, 9:05:04 AM10/10/23
to Wazuh | Mailing List
Hello Rolly,
Thanks for the suggestion but in master pod, the crontab -e is not working in Wazuh on kubernetes. I have attached the error for your reference. could you please enlighten this?
Regards,
Saddique
Rolly Davany Mougoue Kakanou
Oct 10, 2023, 7:30:24 PM10/10/23
to Wazuh | Mailing List
Hello Saddique and sorry for the late response. For a better approach to your question may I ask what OS are you running on your different nodes.
Looking forward for your feedback.
Looking forward for your feedback.
Saddique Khan
Oct 11, 2023, 4:34:09 AM10/11/23
to Wazuh | Mailing List
Hello Rolly,
This is the manager container OS:
root-wazuh-manager-master-0:/var/ossec/feeds# cat /etc/*release*
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=20.04
DISTRIB_CODENAME=focal
DISTRIB_DESCRIPTION="Ubuntu 20.04.6 LTS"
NAME="Ubuntu"
VERSION="20.04.6 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.6 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=20.04
DISTRIB_CODENAME=focal
DISTRIB_DESCRIPTION="Ubuntu 20.04.6 LTS"
NAME="Ubuntu"
VERSION="20.04.6 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.6 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal
Regards,
Saddique
Reply all
Reply to author
Forward
0 new messages