|
|
@@ -2,8 +2,14 @@
|
|
|
setlocal EnableExtensions EnableDelayedExpansion
|
|
|
|
|
|
REM =====================================================
|
|
|
-REM getlog - NetScaler Case File Downloader
|
|
|
-REM Downloads case files from sjanalysis.citrite.net
|
|
|
+REM ____ _ ____ ____ _ _
|
|
|
+REM | _ \ __ _ _ ____ _( )___ / ___| _ \| | | |
|
|
|
+REM | |_) / _` | '__\ \ / /|// __|| | | | | | | | |
|
|
|
+REM | __/ (_| | | \ V / \__ \| |___| |_| | |_| |
|
|
|
+REM |_| \__,_|_| \_/ |___(_)____|____/ \___/
|
|
|
+REM
|
|
|
+REM Parv's Case Download Utility (PCDU)
|
|
|
+REM Downloads case files from analysis server
|
|
|
REM =====================================================
|
|
|
|
|
|
REM Check for pscp.exe (PuTTY SCP) or scp.exe
|
|
|
@@ -80,16 +86,16 @@ set "COLLECTOR_LIST=%TEMP%\collectors_%CASENO%.txt"
|
|
|
set "ALL_FILES_LIST=%TEMP%\allfiles_%CASENO%.txt"
|
|
|
|
|
|
echo.
|
|
|
-echo =====================================================
|
|
|
-echo NetScaler Case Download Utility
|
|
|
-echo =====================================================
|
|
|
-echo Case Number : %CASENO%
|
|
|
-echo Remote Server : %REMOTE_SERVER%
|
|
|
-echo Remote Path : %REMOTE_CASE_PATH%
|
|
|
-echo Local Dest : %DEST%
|
|
|
-echo SCP Tool : %SCP_TYPE%
|
|
|
-echo User : %USERNAME%
|
|
|
-echo =====================================================
|
|
|
+echo ============================================================
|
|
|
+echo ^|^> Parv's Case Download Utility ^(PCDU^) v1.0
|
|
|
+echo ============================================================
|
|
|
+echo Case Number : %CASENO%
|
|
|
+echo Remote Server : %REMOTE_SERVER%
|
|
|
+echo Remote Path : %REMOTE_CASE_PATH%
|
|
|
+echo Local Dest : %DEST%
|
|
|
+echo SCP Tool : %SCP_TYPE%
|
|
|
+echo User : %USERNAME%
|
|
|
+echo ============================================================
|
|
|
echo.
|
|
|
|
|
|
REM Create destination if missing
|
|
|
@@ -107,18 +113,21 @@ if not exist "%DEST%\captures" mkdir "%DEST%\captures"
|
|
|
if not exist "%DEST%\media" mkdir "%DEST%\media"
|
|
|
|
|
|
REM Initialize log file
|
|
|
-echo Download Log - Case: %CASENO% > "%LOGFILE%"
|
|
|
-echo Date/Time: %DATE% %TIME% >> "%LOGFILE%"
|
|
|
-echo Remote Server: %REMOTE_SERVER% >> "%LOGFILE%"
|
|
|
-echo User: %USERNAME% >> "%LOGFILE%"
|
|
|
-echo ================================================== >> "%LOGFILE%"
|
|
|
+echo ============================================================ > "%LOGFILE%"
|
|
|
+echo Parv's Case Download Utility ^(PCDU^) - Download Log >> "%LOGFILE%"
|
|
|
+echo ============================================================ >> "%LOGFILE%"
|
|
|
+echo Case Number : %CASENO% >> "%LOGFILE%"
|
|
|
+echo Date/Time : %DATE% %TIME% >> "%LOGFILE%"
|
|
|
+echo Remote Server: %REMOTE_SERVER% >> "%LOGFILE%"
|
|
|
+echo User : %USERNAME% >> "%LOGFILE%"
|
|
|
+echo ============================================================ >> "%LOGFILE%"
|
|
|
echo. >> "%LOGFILE%"
|
|
|
|
|
|
REM =====================================================
|
|
|
REM Test SSH connection and verify case directory
|
|
|
REM =====================================================
|
|
|
echo [1/5] Testing SSH connection...
|
|
|
-echo Testing SSH connection... >> "%LOGFILE%"
|
|
|
+echo [1/5] Testing SSH connection... >> "%LOGFILE%"
|
|
|
|
|
|
if "%SCP_TYPE%"=="PSCP" (
|
|
|
echo y | plink.exe -batch -pw "%PASSWORD%" %USERNAME%@%REMOTE_SERVER% "test -d %REMOTE_CASE_PATH% && echo OK || echo NOTFOUND" 2>nul | findstr /V /C:"Keyboard" /C:"prompts from server" > "%TEMP_LIST%"
|
|
|
@@ -148,8 +157,8 @@ if !ERRORLEVEL! NEQ 0 (
|
|
|
exit /b 1
|
|
|
)
|
|
|
|
|
|
-echo Connection successful.
|
|
|
-echo Connection successful. >> "%LOGFILE%"
|
|
|
+echo Connection successful.
|
|
|
+echo Connection successful. >> "%LOGFILE%"
|
|
|
|
|
|
REM =====================================================
|
|
|
REM Single SSH call to get all required info
|
|
|
@@ -157,7 +166,7 @@ REM Collectors + All files in case root
|
|
|
REM =====================================================
|
|
|
echo.
|
|
|
echo [2/5] Scanning case directory...
|
|
|
-echo Scanning case directory... >> "%LOGFILE%"
|
|
|
+echo [2/5] Scanning case directory... >> "%LOGFILE%"
|
|
|
|
|
|
if "%SCP_TYPE%"=="PSCP" (
|
|
|
plink.exe -batch -pw "%PASSWORD%" %USERNAME%@%REMOTE_SERVER% "echo '===COLLECTORS==='; find %REMOTE_CASE_PATH% -maxdepth 1 -type d -name 'collector_*' 2>/dev/null; echo '===FILES==='; find %REMOTE_CASE_PATH% -maxdepth 1 -type f \( -name '*.cap' -o -name '*.pcap' -o -name '*.pcapng' -o -name '*.sslkeys' -o -name '*.keys' -o -name '*.har' -o -name '*.xml' -o -name '*.jpg' -o -name '*.jpeg' -o -name '*.png' -o -name '*.gif' -o -name '*.bmp' -o -name '*.webp' -o -name '*.tiff' -o -name '*.svg' -o -name '*.txt' -o -name '*.log' -o -name '*.csv' -o -name '*.json' \) 2>/dev/null" 2>nul | findstr /V /C:"Keyboard" /C:"prompts from server" > "%ALL_FILES_LIST%"
|
|
|
@@ -209,17 +218,17 @@ for /f "usebackq delims=" %%A in ("%COLLECTOR_LIST%") do (
|
|
|
echo !LINE! | findstr /C:"collector_" >nul
|
|
|
if !ERRORLEVEL! EQU 0 (
|
|
|
set /a COLLECTOR_COUNT+=1
|
|
|
- for %%B in ("!LINE!") do echo Found: %%~nxB
|
|
|
- echo Found collector: !LINE! >> "%LOGFILE%"
|
|
|
+ for %%B in ("!LINE!") do echo Found: %%~nxB
|
|
|
+ echo Found collector: !LINE! >> "%LOGFILE%"
|
|
|
)
|
|
|
)
|
|
|
)
|
|
|
|
|
|
if %COLLECTOR_COUNT% EQU 0 (
|
|
|
- echo No collector bundles found.
|
|
|
- echo No collector bundles found. >> "%LOGFILE%"
|
|
|
+ echo No collector bundles found.
|
|
|
+ echo No collector bundles found. >> "%LOGFILE%"
|
|
|
) else (
|
|
|
- echo Total collectors found: %COLLECTOR_COUNT%
|
|
|
+ echo Total collectors found: %COLLECTOR_COUNT%
|
|
|
)
|
|
|
|
|
|
REM =====================================================
|
|
|
@@ -228,7 +237,7 @@ REM Inside collector bundles only
|
|
|
REM =====================================================
|
|
|
echo.
|
|
|
echo [3/5] Downloading saved configurations ^(ns.conf^)...
|
|
|
-echo Downloading saved configurations... >> "%LOGFILE%"
|
|
|
+echo [3/5] Downloading saved configurations... >> "%LOGFILE%"
|
|
|
|
|
|
set "CONFIG_COUNT=0"
|
|
|
for /f "usebackq delims=" %%C in ("%COLLECTOR_LIST%") do (
|
|
|
@@ -240,7 +249,7 @@ for /f "usebackq delims=" %%C in ("%COLLECTOR_LIST%") do (
|
|
|
if !ERRORLEVEL! EQU 0 (
|
|
|
for %%D in ("!COLLECTOR_PATH!") do set "COLLECTOR_NAME=%%~nxD"
|
|
|
|
|
|
- echo Checking !COLLECTOR_NAME! for ns.conf...
|
|
|
+ echo Checking !COLLECTOR_NAME!...
|
|
|
|
|
|
set "DEST_FILENAME=ns.conf_!COLLECTOR_NAME!"
|
|
|
|
|
|
@@ -251,17 +260,17 @@ for /f "usebackq delims=" %%C in ("%COLLECTOR_LIST%") do (
|
|
|
)
|
|
|
|
|
|
if exist "%DEST%\configs\!DEST_FILENAME!" (
|
|
|
- echo Downloaded: !DEST_FILENAME!
|
|
|
- echo Downloaded: !DEST_FILENAME! >> "%LOGFILE%"
|
|
|
+ echo [OK] !DEST_FILENAME!
|
|
|
+ echo [OK] Downloaded: !DEST_FILENAME! >> "%LOGFILE%"
|
|
|
set /a CONFIG_COUNT+=1
|
|
|
) else (
|
|
|
- echo ns.conf not found in !COLLECTOR_NAME!
|
|
|
+ echo [--] ns.conf not found
|
|
|
)
|
|
|
)
|
|
|
)
|
|
|
)
|
|
|
|
|
|
-echo Saved configs downloaded: %CONFIG_COUNT%
|
|
|
+echo Saved configs downloaded: %CONFIG_COUNT%
|
|
|
|
|
|
REM =====================================================
|
|
|
REM Download Running Config (ns_running_config.conf)
|
|
|
@@ -269,7 +278,7 @@ REM Inside collector bundles only
|
|
|
REM =====================================================
|
|
|
echo.
|
|
|
echo [4/5] Downloading running configurations...
|
|
|
-echo Downloading running configurations... >> "%LOGFILE%"
|
|
|
+echo [4/5] Downloading running configurations... >> "%LOGFILE%"
|
|
|
|
|
|
set "RUNNING_COUNT=0"
|
|
|
for /f "usebackq delims=" %%C in ("%COLLECTOR_LIST%") do (
|
|
|
@@ -281,7 +290,7 @@ for /f "usebackq delims=" %%C in ("%COLLECTOR_LIST%") do (
|
|
|
if !ERRORLEVEL! EQU 0 (
|
|
|
for %%D in ("!COLLECTOR_PATH!") do set "COLLECTOR_NAME=%%~nxD"
|
|
|
|
|
|
- echo Checking !COLLECTOR_NAME! for running config...
|
|
|
+ echo Checking !COLLECTOR_NAME!...
|
|
|
|
|
|
set "DEST_FILENAME=ns_running_config.conf_!COLLECTOR_NAME!"
|
|
|
|
|
|
@@ -292,17 +301,17 @@ for /f "usebackq delims=" %%C in ("%COLLECTOR_LIST%") do (
|
|
|
)
|
|
|
|
|
|
if exist "%DEST%\configs\!DEST_FILENAME!" (
|
|
|
- echo Downloaded: !DEST_FILENAME!
|
|
|
- echo Downloaded: !DEST_FILENAME! >> "%LOGFILE%"
|
|
|
+ echo [OK] !DEST_FILENAME!
|
|
|
+ echo [OK] Downloaded: !DEST_FILENAME! >> "%LOGFILE%"
|
|
|
set /a RUNNING_COUNT+=1
|
|
|
) else (
|
|
|
- echo Running config not found in !COLLECTOR_NAME!
|
|
|
+ echo [--] Running config not found
|
|
|
)
|
|
|
)
|
|
|
)
|
|
|
)
|
|
|
|
|
|
-echo Running configs downloaded: %RUNNING_COUNT%
|
|
|
+echo Running configs downloaded: %RUNNING_COUNT%
|
|
|
|
|
|
REM =====================================================
|
|
|
REM Download Capture and Media Files
|
|
|
@@ -311,7 +320,7 @@ REM Using pre-fetched file list
|
|
|
REM =====================================================
|
|
|
echo.
|
|
|
echo [5/5] Downloading files from case directory...
|
|
|
-echo Downloading files from case root... >> "%LOGFILE%"
|
|
|
+echo [5/5] Downloading files from case root... >> "%LOGFILE%"
|
|
|
|
|
|
set "CAPTURE_COUNT=0"
|
|
|
set "MEDIA_COUNT=0"
|
|
|
@@ -357,7 +366,7 @@ for /f "usebackq delims=" %%F in ("%TEMP_LIST%") do (
|
|
|
|
|
|
REM Download the file
|
|
|
if defined FILE_DEST (
|
|
|
- echo Downloading: !FILENAME!
|
|
|
+ echo Downloading: !FILENAME!
|
|
|
|
|
|
if "%SCP_TYPE%"=="PSCP" (
|
|
|
pscp.exe -batch -pw "%PASSWORD%" -q "%USERNAME%@%REMOTE_SERVER%:!REMOTE_FILE!" "!FILE_DEST!" >nul 2>&1
|
|
|
@@ -366,8 +375,8 @@ for /f "usebackq delims=" %%F in ("%TEMP_LIST%") do (
|
|
|
)
|
|
|
|
|
|
if exist "!FILE_DEST!" (
|
|
|
- echo Downloaded: !FILENAME!
|
|
|
- echo Downloaded !FILE_TYPE!: !FILENAME! >> "%LOGFILE%"
|
|
|
+ echo [OK] !FILENAME!
|
|
|
+ echo [OK] Downloaded !FILE_TYPE!: !FILENAME! >> "%LOGFILE%"
|
|
|
|
|
|
if "!FILE_TYPE!"=="capture" set /a CAPTURE_COUNT+=1
|
|
|
if "!FILE_TYPE!"=="media" set /a MEDIA_COUNT+=1
|
|
|
@@ -380,9 +389,9 @@ for /f "usebackq delims=" %%F in ("%TEMP_LIST%") do (
|
|
|
)
|
|
|
|
|
|
echo.
|
|
|
-echo Capture files downloaded: %CAPTURE_COUNT%
|
|
|
-echo Media files downloaded: %MEDIA_COUNT%
|
|
|
-echo Other files downloaded: %OTHER_COUNT%
|
|
|
+echo Capture files downloaded: %CAPTURE_COUNT%
|
|
|
+echo Media files downloaded : %MEDIA_COUNT%
|
|
|
+echo Other files downloaded : %OTHER_COUNT%
|
|
|
|
|
|
REM =====================================================
|
|
|
REM Cleanup and Summary
|
|
|
@@ -398,44 +407,41 @@ for %%D in (configs captures media) do (
|
|
|
)
|
|
|
|
|
|
echo.
|
|
|
-echo =====================================================
|
|
|
-echo Download Complete - Summary
|
|
|
-echo =====================================================
|
|
|
+echo ============================================================
|
|
|
+echo ^|^> Download Complete - Summary
|
|
|
+echo ============================================================
|
|
|
echo.
|
|
|
-echo FROM COLLECTOR BUNDLES:
|
|
|
-echo Collector bundles found : %COLLECTOR_COUNT%
|
|
|
-echo Saved configs ^(ns.conf^) : %CONFIG_COUNT%
|
|
|
-echo Running configs : %RUNNING_COUNT%
|
|
|
+echo FROM COLLECTOR BUNDLES:
|
|
|
+echo Collector bundles found : %COLLECTOR_COUNT%
|
|
|
+echo Saved configs ^(ns.conf^) : %CONFIG_COUNT%
|
|
|
+echo Running configs : %RUNNING_COUNT%
|
|
|
echo.
|
|
|
-echo FROM CASE ROOT DIRECTORY:
|
|
|
-echo Capture files ^(pcap,har^) : %CAPTURE_COUNT%
|
|
|
-echo Media files ^(images^) : %MEDIA_COUNT%
|
|
|
-echo Other files ^(xml,txt^) : %OTHER_COUNT%
|
|
|
+echo FROM CASE ROOT DIRECTORY:
|
|
|
+echo Capture files ^(pcap,har^) : %CAPTURE_COUNT%
|
|
|
+echo Media files ^(images^) : %MEDIA_COUNT%
|
|
|
+echo Other files ^(xml,txt^) : %OTHER_COUNT%
|
|
|
echo.
|
|
|
-echo Destination folder:
|
|
|
-echo %DEST%
|
|
|
-echo.
|
|
|
-echo Log file:
|
|
|
-echo %LOGFILE%
|
|
|
+echo Destination : %DEST%
|
|
|
+echo Log file : %LOGFILE%
|
|
|
echo.
|
|
|
|
|
|
REM Write summary to log
|
|
|
echo. >> "%LOGFILE%"
|
|
|
-echo ================================================== >> "%LOGFILE%"
|
|
|
-echo SUMMARY >> "%LOGFILE%"
|
|
|
-echo ================================================== >> "%LOGFILE%"
|
|
|
-echo FROM COLLECTOR BUNDLES: >> "%LOGFILE%"
|
|
|
-echo Collector bundles found : %COLLECTOR_COUNT% >> "%LOGFILE%"
|
|
|
-echo Saved configs : %CONFIG_COUNT% >> "%LOGFILE%"
|
|
|
-echo Running configs : %RUNNING_COUNT% >> "%LOGFILE%"
|
|
|
+echo ============================================================ >> "%LOGFILE%"
|
|
|
+echo SUMMARY >> "%LOGFILE%"
|
|
|
+echo ============================================================ >> "%LOGFILE%"
|
|
|
+echo FROM COLLECTOR BUNDLES: >> "%LOGFILE%"
|
|
|
+echo Collector bundles found : %COLLECTOR_COUNT% >> "%LOGFILE%"
|
|
|
+echo Saved configs : %CONFIG_COUNT% >> "%LOGFILE%"
|
|
|
+echo Running configs : %RUNNING_COUNT% >> "%LOGFILE%"
|
|
|
echo. >> "%LOGFILE%"
|
|
|
-echo FROM CASE ROOT DIRECTORY: >> "%LOGFILE%"
|
|
|
-echo Capture files : %CAPTURE_COUNT% >> "%LOGFILE%"
|
|
|
-echo Media files : %MEDIA_COUNT% >> "%LOGFILE%"
|
|
|
-echo Other files : %OTHER_COUNT% >> "%LOGFILE%"
|
|
|
-echo ================================================== >> "%LOGFILE%"
|
|
|
+echo FROM CASE ROOT DIRECTORY: >> "%LOGFILE%"
|
|
|
+echo Capture files : %CAPTURE_COUNT% >> "%LOGFILE%"
|
|
|
+echo Media files : %MEDIA_COUNT% >> "%LOGFILE%"
|
|
|
+echo Other files : %OTHER_COUNT% >> "%LOGFILE%"
|
|
|
+echo ============================================================ >> "%LOGFILE%"
|
|
|
|
|
|
-echo =====================================================
|
|
|
+echo ============================================================
|
|
|
echo.
|
|
|
|
|
|
REM Open destination folder
|
