I've set up a script that notifies me of failed connect attempts (wrong passwords) Via E-mail, SMS and Telegram instant-messages.
I edited and ran the script from mikrotik wiki on log monitoring and alert systems at :
https://wiki.mikrotik.com/wiki/Monitor_ ... run_script
It's running smoothly on my switch which is my CAPsMAN. it sends a message immediately after an attempt. The issue is it sends 2 more redundant messages once at 00:00 local time ( GMT +3:30 Tehran) and once at 00:00 GMT .
Would you be so kind to review my code and tell me how I can make it so I'll only receive one alert immediately and no more redundant messages.
Thanks in advance.
Code: Select all
# BEGIN SETUP
:local scheduleName "Wifi-LoginFailure"
:local startBuf [:toarray [/log find message~"4-way handshake"]]
:local removeThese
#Email
:local emailAddress "Email@gmail.com"
#SMS-Info
:local SmsUsername "Username"
:local SmsPassword "Password"
:local SendMobileNum "5000221000"
:local AliNum "09012223344"
:local SmsMsg
:local SmsMsgFix
#Telegram-Info
:local BotToken "720638877:AAFwcEy5n5TN130yVFMIeQ7zG-XXXXXXXXX"
:local AliID "136000000"
:local TelOutput
#Msg Count
:local Msgcounter 0
# END SETUP
# warn if schedule does not exist
:if ([:len [/system scheduler find name="$scheduleName"]] = 0) do={
/log warning "[LOGMON] ERROR: Schedule does not exist. Create schedule and edit script to match name"
}
# get last time
:local lastTime [/system scheduler get [find name="$scheduleName"] comment]
# for checking time of each log entry
:local currentTime
# log message
:local message
# final output
:local output
:local keepOutput false
# if lastTime is empty, set keepOutput to true
:if ([:len $lastTime] = 0) do={
:set keepOutput true
}
:local counter 0
# loop through all log entries that have been found
:foreach i in=$startBuf do={
# loop through all removeThese array items
:local keepLog true
:foreach j in=$removeThese do={
# if this log entry contains any of them, it will be ignored
:if ([/log get $i message] ~ "$j") do={
:set keepLog false
}
}
:if ($keepLog = true) do={
:set message [/log get $i message]
# LOG DATE
# depending on log date/time, the format may be different. 3 known formats
# format of jan/01/2002 00:00:00 which shows up at unknown date/time. Using as default
:set currentTime [ /log get $i time ]
# format of 00:00:00 which shows up on current day's logs
:if ([:len $currentTime] = 8 ) do={
:set currentTime ([:pick [/system clock get date] 0 11]." ".$currentTime)
} else={
# format of jan/01 00:00:00 which shows up on previous day's logs
:if ([:len $currentTime] = 15 ) do={
:set currentTime ([:pick $currentTime 0 6]."/".[:pick [/system clock get date] 7 11]." ".[:pick $currentTime 7 15])
}
}
# if keepOutput is true, add this log entry to output
:if ($keepOutput = true) do={
:set output ($output.$currentTime." ".$message."\r\n")
set Msgcounter ($Msgcounter + 1)
if ($Msgcounter < 11 ) do={
# Only First 10 Message For Telegram
:set TelOutput ($TelOutput.$currentTime." - ".$message."%0A")
}
if ($Msgcounter < 4 ) do={
# Only First 3 Message For SMS
:set SmsMsg ($SmsMsg.$currentTime." - ".$message."%0A")
}
}
# if currentTime = lastTime, set keepOutput so any further logs found will be added to output
# reset output in the case we have multiple identical date/time entries in a row as the last matching logs
# otherwise, it would stop at the first found matching log, thus all following logs would be output
:if ($currentTime = $lastTime) do={
:set keepOutput true
:set output ""
:set TelOutput ""
:set SmsMsg ""
}
}
# if this is last log entry
:if ($counter = ([:len $startBuf]-1)) do={
# If keepOutput is still false after loop, this means lastTime has a value, but a matching currentTime was never found.
# This can happen if 1) The router was rebooted and matching logs stored in memory were wiped, or 2) An item is added
# to the removeThese array that then ignores the last log that determined the lastTime variable.
# This resets the comment to nothing. The next run will be like the first time, and you will get all matching logs
:if ($keepOutput = false) do={
# if previous log was found, this will be our new lastTime entry
:if ([:len $message] > 0) do={
:set output ($output.$currentTime." ".$message."\r\n")
:set Msgcounter ($Msgcounter + 1)
# Last Message For Telegram
:set TelOutput ($TelOutput.$currentTime." - ".$message."%0A")
# Last Message For SMS
:set SmsMsg ($SmsMsg.$currentTime." - ".$message."%0A")
}
}
}
:set counter ($counter + 1)
}
# If we have output, save new date/time, and send email
if ([:len $output] > 0) do={
/system scheduler set [find name="$scheduleName"] comment=$currentTime
/log info "Start Sending Email, Telegram and SMS Message For Wifi Login Failure Alert"
/tool e-mail send to="$emailAddress" subject="WIFI Login Failure Alert" body="WIFI Login Failure Alert - $currentTime \r\n $output"
/tool fetch url="https://api.telegram.org/bot$BotToken/sendmessage?chat_id=$AliID&text=WIFI Login Failure Alert :%0A(Run : $currentTime)%0A$TelOutput" mode=https keep-result=no
:set SmsMsg ("WIFI%20Login%20Failure%20:%0A(Run%20:%20".$currentTime.")%0A".$SmsMsg)
# Replace Spase With %20 For Sms String
:if ([:find $SmsMsg " " -1] > 0) do={
:for i from=0 to=([:len $SmsMsg] -1) step=1 do={
:local actualchar value=[:pick $SmsMsg $i];
:if ($actualchar = " ") do={ :set actualchar value="%20" };
:set SmsMsgFix value=($SmsMsgFix.$actualchar);
}
}
/tool fetch ascii=yes mode=https keep-result=no url="https://raygansms.com/SendMessageWithUrl.ashx?Username=$SmsUsername&Password=$SmsPassword&PhoneNumber=$SendMobileNum&MessageBody=$SmsMsgFix&RecNumber=$AliNum&Smsclass=1"
/log info "[LOGMON] New logs found, WIFI Login Failure, sended alert"
}