56 lines
1.8 KiB
YAML
56 lines
1.8 KiB
YAML
---
|
|
- name: Check Latest Grafana Access - Client IP Analysis
|
|
hosts: production
|
|
gather_facts: no
|
|
become: no
|
|
|
|
tasks:
|
|
- name: Get latest Grafana access logs
|
|
shell: |
|
|
cd ~/deployment/stacks/traefik
|
|
echo "=== Latest 5 Grafana Access Logs ==="
|
|
tail -100 logs/access.log | grep -i grafana | tail -5
|
|
args:
|
|
executable: /bin/bash
|
|
register: latest_logs
|
|
ignore_errors: yes
|
|
failed_when: false
|
|
|
|
- name: Extract client IPs from latest logs
|
|
shell: |
|
|
cd ~/deployment/stacks/traefik
|
|
tail -50 logs/access.log | grep -i grafana | tail -10 | grep -oP '"ClientHost":"[^"]*"' | sed 's/"ClientHost":"//;s/"//' | sort -u
|
|
args:
|
|
executable: /bin/bash
|
|
register: client_ips
|
|
ignore_errors: yes
|
|
failed_when: false
|
|
|
|
- name: Display latest logs
|
|
debug:
|
|
msg: "{{ latest_logs.stdout_lines }}"
|
|
|
|
- name: Display client IPs
|
|
debug:
|
|
msg: "{{ client_ips.stdout_lines }}"
|
|
|
|
- name: Analyze if traffic comes from VPN
|
|
shell: |
|
|
cd ~/deployment/stacks/traefik
|
|
if tail -20 logs/access.log | grep -i grafana | tail -5 | grep -oP '"ClientHost":"[^"]*"' | grep -q "10.8.0"; then
|
|
echo "? Traffic kommt ?ber VPN! (ClientHost: 10.8.0.x)"
|
|
elif tail -20 logs/access.log | grep -i grafana | tail -5 | grep -oP '"ClientHost":"[^"]*"' | grep -q "89.246.96.244"; then
|
|
echo "? Traffic kommt NICHT ?ber VPN (ClientHost: 89.246.96.244 - ?ffentliche IP)"
|
|
else
|
|
echo "?? Keine aktuellen Grafana-Logs gefunden. Bitte mache einen Zugriff auf https://grafana.michaelschiemer.de"
|
|
fi
|
|
args:
|
|
executable: /bin/bash
|
|
register: analysis
|
|
ignore_errors: yes
|
|
failed_when: false
|
|
|
|
- name: Display analysis
|
|
debug:
|
|
msg: "{{ analysis.stdout_lines }}"
|