#!/usr/bin/perl

# Noon Virus report combining data from all 3 NERC relays
#                                                      RC March 2003
# adapted GWM 2007


$ENV{PATH} = '/usr/local/bin:/sbin:/usr/sbin:/bin:/usr/bin:/usr/ucb' ; # safe $PATH
$TMPLOG = "" ;
@relays = qw(relay1.nerc.ac.uk relay2.nerc.ac.uk relay3.nerc.ac.uk) ;

for $relay ( @relays ) {
    # virus-report is authorized for a forced command only
    $TMPLOG .=  `ssh  -l root -i /etc/mail/.ssh/vid $relay "egrep -i :INFECTED:  /var/log/maillog" `
    }

@TMPLINES =  split  /^/ , $TMPLOG ;

@ctime =split " " , scalar localtime ;

for $line (@TMPLINES)  {
   if ( $line =~ /^$ctime[1]  ?$ctime[2]/o ) { $TODAY = 1 } 
      else  { $TODAY = 0 } ;
   if ( $line =~ /SophosSAVI::INFECTED:: (\S+)::/ ) {
        $sophos{$1}++  ;
	if ( $TODAY ) { $sophos_today{$1}++ } ;
	}
    elsif ( $line =~ /ClamAV\s*Module::INFECTED:: (\S+)::/ ) {
        $clam{$1}++ ;
	if ( $TODAY ) { $clam_today{$1}++ } ;
	}
    elsif ( $line =~ /\w{14}\/.+:infected: (\S+)/ ) {
        $bitdef{$1}++ ;
        if ( $TODAY ) { $bitdef_today{$1}++ } ;
        }

    }


open MESSAGE , "| /usr/lib/sendmail -oi -t " ;
print MESSAGE <<EOM ;
To:  <me\@nerc.ac.uk>
From: <you\@nerc.ac.uk>  (NERC Email Relays)
Subject: Noon Virus Report

Here are the total numbers of email viruses/worms which have been found on the
NERC email relays today and since Sunday morning. There are reports for the
ClamAV, Sophos and Bitdefender AV Scanners.

Be aware that the names and classifications vary somewhat between AV vendors.

EOM

print MESSAGE "\n      Today only (starting at 00:00)" ;
print MESSAGE "\n\n  ClamAV\n" ;
foreach $k ( sort { $clam_today{$b} <=> $clam_today{$a} } keys %clam_today ) {
    printf MESSAGE "\n%6d    %-20s", $clam_today{$k},$k ;
    }
print MESSAGE "\n\n  Sophos\n" ;
foreach $k ( sort { $sophos_today{$b} <=> $sophos_today{$a} } keys %sophos_today ) {
    printf MESSAGE "\n%6d    %-20s", $sophos_today{$k},$k ;
    }
print MESSAGE "\n\n  Bitdefender\n" ;
foreach $k ( sort { $bitdef_today{$b} <=> $bitdef_today{$a} } keys %bitdef_today ) {
    printf MESSAGE "\n%6d    %-20s", $bitdef_today{$k},$k ;
    }
print MESSAGE "\n\n      This week only (starting Sunday 00:00)" ;
print MESSAGE "\n\n  ClamAV\n" ;
foreach $k ( sort { $clam{$b} <=> $clam{$a} } keys %clam ) {
    printf MESSAGE "\n%6d     %-20s", $clam{$k},$k ;
    }
print MESSAGE "\n\n  Sophos\n" ;
foreach $k ( sort { $sophos{$b}<=> $sophos{$a} } keys %sophos ) {
    printf MESSAGE "\n%6d     %-20s", $sophos{$k},$k ;
    }
print MESSAGE "\n\n  Bitdefender\n" ;
foreach $k ( sort { $bitdef{$b}<=> $bitdef{$a} } keys %bitdef ) {
    printf MESSAGE "\n%6d     %-20s", $bitdef{$k},$k ;
    }

close MESSAGE ; # and send