'기술 노트' 카테고리의 글 목록 (19 Page)

기술 노트

PREV 이전 1 ···16 17 18 19 20 NEXT 다음

CBW 140AC 설정하기

2023. 2. 23. 17:29

Cisco Business Wireless 140AC Access Point를 설치하게 되어 기록을 남깁니다.

1. AP에 전원을 넣은 후 약 5분 전후를 기다립니다.

2. 무선 SSID "CiscoBusiness-Setup"을 접속합니다.

3. 비밀번호 "cisco123"을 사용하여 SSID에 연결합니다.

4. 웹브라우저에 "http://ciscobusiness.cisco" 입력하여 접속한다.

5. 아래 설정 마법사를 따라 한다.

위에서 설정한 IP는 Primary AP로 컨트롤러 역할을 수행하는 IP 입니다.

여기까지 전부 설정을 했다면 아래와 같이 설정 확인 후 적용을 누르면 됩니다.

적용 후 약 5분 정도 기다려 주신 후, 설정한 SSID로 접속을 하시면 됩니다.

3~5분정도 적용 시간이 필요하더군요.

이 후 설정한 IP로 접속하시어 상세 설정을 진행하시면 됩니다.

처음부터 MESH 설정을 적용하시면 작동이 안될 수 도 있어서, 공부 후에 MESH 설정 하는 것을 추천합니다.

저는 MESH 설정 후에 RAIDO가 올라가지 않아서 무선이 작동되지 않았습니다.

결과는..... 초기화로 해결하였습니다. ㅎㅎㅎㅎ

'기술 노트 > NETWORK' 카테고리의 다른 글

GNS3에 랜 추가하기 (0)	2024.10.13
HPE 1830 24G PoE+ (JL813A) 설정하기 (1)	2023.12.07
HPE 1820 8G PoE+ (J9982A) 설정하기 (1)	2023.12.06
UTM 2대를 내부 통신으로 연결하기 (1)	2023.06.08

elastalert 설치 (상세히)

2023. 2. 21. 14:35

설치하시다가 안되시면 댓글로 로그 같은 거 남겨주세요. 도와드릴 수 있는 만큼은 도와드리겠습니다. 해당 매뉴얼은 제가 설치할 때의 상황일 뿐, 각 환경마다 오류가 다를 것 같아요. 저도 이거 설치하느라 애 먹었습니다. 거의 3일간 삽질!

kibana에서 elastalert 구성 시 필수사항

python 3.6 (3.7, 3.8은 해보지 않아서 모르겠지만, 3.9 이상은 절대 설치 불가)

elastalert은 elasticsearch에 특정 메시지가 도착할 경우 알람을 주기 위한 서비스입니다.

elastialert install_1: https://github.com/Yelp/elastalert

elastialert install_2: https://github.com/bitsensor/elastalert

elastalert-plugin: https://github.com/karql/elastalert-kibana-plugin/releases

elastalert 설치한 RAW 데이터 입니다. 설치 방법만 보시고 싶으시다면 아래 게시물로 이동해주세요.

https://dirt-spoon.tistory.com/58

elastalert 설치 명령어 정리

# pip3 install --upgrade pip

# pip install setuptools-rust

# yum install gcc libffi-devel python36-devel openssl-devel

# pip install elastalert

# cd /opt

# git clone https://github.com/Yelp/elastalert.git

# cd elastalert

# pip install --ignore-installed PyYAML -r requirements.txt

# cd ..

# rm -rf ./elastalert/

# git clone https://github.com/bitsensor/elastalert.git && cd elastalert

# yum install npm bunyan babel-register babel-preset-es2015 express body-parser joi object-resolve-path mkdirp ws lodash elasticsearch tar fs-extra request-promise-native request randomstring cors util babel-cli raven eslint husky istanbul mocha

# python -m pip install --upgrade 'elasticsearch>=7.16,<8'

# echo \

'rules_folder: rules # 폴더명

run_every: # elasticsearch를 쿼리하는 빈도

minutes: 1

buffer_time: # 쿼리가 실행되는 시간부터 뒤로 늘어나는 쿼리 창의 크기

minutes: 15

es_host: 192.168.0.17 # elasticsearch host

es_port: 9200 # elasticsearch 사용 port

writeback_index: elastalert_status # elastalert2가 데이터를 저장할 index

alert_time_limit: # 실패한 경고에 대한 재시도 기간

days: 2' > config.yaml

pip 명령어가 없는 경우

[root@tmplogsvr opt]# pip3 install --upgrade pip
WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead.
Collecting pip
  Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)
    100% |████████████████████████████████| 1.7MB 1.2MB/s
Installing collected packages: pip
Successfully installed pip-21.3.1
You are using pip version 21.3.1, however version 23.0.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
[root@tmplogsvr opt]#

elastalert 설치

- 오류발생: ModuleNotFoundError: No module named 'setuptools_rust'

[root@tmplogsvr opt]# pip3 install elastalert
WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead.
Collecting elastalert
  Downloading https://files.pythonhosted.org/packages/fb/cc/58ae185e01eb9baad6108859287168c3c9592be50f546f40dc40470c3bf9/elastalert-0.2.4.tar.gz (128kB)
    100% |████████████████████████████████| 133kB 10.9MB/s
Collecting apscheduler>=3.3.0 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/d0/08/952d9570f4897dc2b30166fca5afd3a2cd19b3d408abdb470978484e8a09/APScheduler-3.10.1-py3-none-any.whl (59kB)
    100% |████████████████████████████████| 61kB 15.9MB/s
Collecting aws-requests-auth>=0.3.0 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/af/11/5dc8be418e1d54bed15eaf3a7461797e5ebb9e6a34869ad750561f35fa5b/aws_requests_auth-0.4.3-py2.py3-none-any.whl
Collecting blist>=1.3.6 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/6b/a8/dca5224abe81ccf8db81f8a2ca3d63e7a5fa7a86adc198d4e268c67ce884/blist-1.3.6.tar.gz (122kB)
    100% |████████████████████████████████| 122kB 13.7MB/s
Collecting boto3>=1.4.4 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/75/ca/d917b244919f1ebf96f7bbd5a00e4641f7e9191b0d070258f5dc10f5eaad/boto3-1.23.10-py3-none-any.whl (132kB)
    100% |████████████████████████████████| 133kB 12.7MB/s
Collecting configparser>=3.5.0 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/2b/af/0e28626b47c84172a112397f034bb1b6349960ca6e0fe7c96666e0ccae69/configparser-5.2.0-py3-none-any.whl
Collecting croniter>=0.3.16 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/0f/4d/0cc5a7f4bdcefecebdf8a95c8372606c13d3355e8536d9cd3e7070e94269/croniter-1.3.8-py2.py3-none-any.whl
Collecting elasticsearch==7.0.0 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/a8/27/d3a9ecd9f8f972d99da98672d4766b9f62ef64c323c40bb5e2557e538ea3/elasticsearch-7.0.0-py2.py3-none-any.whl (80kB)
    100% |████████████████████████████████| 81kB 13.8MB/s
Collecting envparse>=0.2.0 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/2f/8d/bee8a59732c169a455627ff1557d0db180f7c352b0274480267ad3e46875/envparse-0.2.0.tar.gz
Collecting exotel>=0.1.3 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/c6/68/6373dedcc7f7eadc017f9629e2f1b33393e8f740fb9c801962a3ce4dfa91/exotel-0.1.5.tar.gz
Collecting jira>=2.0.0 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/06/77/323bc398a16c0bd791d162dfe69e0dcc5be06da5d90e423ac48250ae9366/jira-3.2.0-py3-none-any.whl (69kB)
    100% |████████████████████████████████| 71kB 15.3MB/s
Collecting jsonschema>=3.0.2 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/c5/8f/51e89ce52a085483359217bc72cdbf6e75ee595d5b1d4b5ade40c7e018b8/jsonschema-3.2.0-py2.py3-none-any.whl (56kB)
    100% |████████████████████████████████| 61kB 17.4MB/s
Collecting mock>=2.0.0 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/e6/88/8a05e7ad0bb823246b2add3d2e97f990c41c71a40762c8db77a4bd78eedf/mock-5.0.1-py3-none-any.whl
Collecting prison>=0.1.2 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/f1/bd/e55e14cd213174100be0353824f2add41e8996c6f32081888897e8ec48b5/prison-0.2.1-py2.py3-none-any.whl
Collecting PyStaticConfiguration>=0.10.3 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/11/44/35e69af3cd5656fe71a984a31e2f4086c51011989ed0b5766541841c347a/PyStaticConfiguration-0.11.1-py3-none-any.whl
Requirement already satisfied: python-dateutil<2.7.0,>=2.6.0 in /usr/lib/python3.6/site-packages (from elastalert)
Requirement already satisfied: PyYAML>=3.12 in /usr/lib64/python3.6/site-packages (from elastalert)
Requirement already satisfied: requests>=2.10.0 in /usr/lib/python3.6/site-packages (from elastalert)
Collecting stomp.py>=4.1.17 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/b4/fd/3b44012986027cd0c85bbbb7c79487d6d48f614345797e7332a4511f0d06/stomp.py-8.1.0-py3-none-any.whl (42kB)
    100% |████████████████████████████████| 51kB 18.1MB/s
Collecting texttable>=0.8.8 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/ba/a7/2c12b543f853dae886286b824200eb9d7cd2466e3d14eff1799fbe8223b9/texttable-1.6.7-py2.py3-none-any.whl
Collecting twilio<6.1,>=6.0.0 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/f6/20/c6d72e0f29030206342e4b5bef9f573bdb7c305615ea77c11c81f5c0196d/twilio-6.0.0.tar.gz (304kB)
    100% |████████████████████████████████| 307kB 5.9MB/s
Collecting python-magic>=0.4.15 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/6c/73/9f872cb81fc5c3bb48f7227872c28975f998f3e7c2b1c16e95e6432bbb90/python_magic-0.4.27-py2.py3-none-any.whl
Collecting cffi>=1.11.5 (from elastalert)
  Downloading https://files.pythonhosted.org/packages/3a/12/d6066828014b9ccb2bbb8e1d9dc28872d20669b65aeb4a86806a0757813f/cffi-1.15.1-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (402kB)
    100% |████████████████████████████████| 409kB 4.7MB/s
Requirement already satisfied: pytz in /usr/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert)
Collecting tzlocal!=3.*,>=2.0 (from apscheduler>=3.3.0->elastalert)
  Downloading https://files.pythonhosted.org/packages/31/b7/3bc2c1868f27677139b772e4fde95265b93151912fd90eb874827943bfcf/tzlocal-4.2-py3-none-any.whl
Requirement already satisfied: setuptools>=0.7 in /usr/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert)
Requirement already satisfied: six>=1.4.0 in /usr/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert)
Collecting s3transfer<0.6.0,>=0.5.0 (from boto3>=1.4.4->elastalert)
  Downloading https://files.pythonhosted.org/packages/7b/9c/f51775ebe7df5a7aa4e7c79ed671bde94e154bd968aca8d65bb24aba0c8c/s3transfer-0.5.2-py3-none-any.whl (79kB)
    100% |████████████████████████████████| 81kB 16.0MB/s
Collecting botocore<1.27.0,>=1.26.10 (from boto3>=1.4.4->elastalert)
  Downloading https://files.pythonhosted.org/packages/09/b8/794e0bd260198538ded90c26b353ddb632eab01950d4e7e2e2b8ee510d12/botocore-1.26.10-py3-none-any.whl (8.8MB)
    100% |████████████████████████████████| 8.8MB 229kB/s
Collecting jmespath<2.0.0,>=0.7.1 (from boto3>=1.4.4->elastalert)
  Downloading https://files.pythonhosted.org/packages/07/cb/5f001272b6faeb23c1c9e0acc04d48eaaf5c862c17709d20e3469c6e0139/jmespath-0.10.0-py2.py3-none-any.whl
Requirement already satisfied: urllib3>=1.21.1 in /usr/lib/python3.6/site-packages (from elasticsearch==7.0.0->elastalert)
Collecting requests-toolbelt (from jira>=2.0.0->elastalert)
  Downloading https://files.pythonhosted.org/packages/05/d3/bf87a36bff1cb88fd30a509fd366c70ec30676517ee791b2f77e0e29817a/requests_toolbelt-0.10.1-py2.py3-none-any.whl (54kB)
    100% |████████████████████████████████| 61kB 19.8MB/s
Collecting typing-extensions>=3.7.4.2 (from jira>=2.0.0->elastalert)
  Downloading https://files.pythonhosted.org/packages/45/6b/44f7f8f1e110027cf88956b59f2fad776cca7e1704396d043f89effd3a0e/typing_extensions-4.1.1-py3-none-any.whl
Collecting requests-oauthlib>=1.1.0 (from jira>=2.0.0->elastalert)
  Downloading https://files.pythonhosted.org/packages/6f/bb/5deac77a9af870143c684ab46a7934038a53eb4aa975bc0687ed6ca2c610/requests_oauthlib-1.3.1-py2.py3-none-any.whl
Collecting keyring (from jira>=2.0.0->elastalert)
  Downloading https://files.pythonhosted.org/packages/a4/e9/104ec4bffcf971375c348146c2199d4e241294286cc04a428b12c02e5f81/keyring-23.4.1-py3-none-any.whl
Collecting defusedxml (from jira>=2.0.0->elastalert)
  Downloading https://files.pythonhosted.org/packages/07/6c/aa3f2f849e01cb6a001cd8554a88d4c77c5c1a31c95bdf1cf9301e6d9ef4/defusedxml-0.7.1-py2.py3-none-any.whl
Collecting pyrsistent>=0.14.0 (from jsonschema>=3.0.2->elastalert)
  Downloading https://files.pythonhosted.org/packages/6c/19/1af501f6f388a40ede6d0185ba481bdb18ffc99deab0dd0d092b173bc0f4/pyrsistent-0.18.0-cp36-cp36m-manylinux1_x86_64.whl (117kB)
    100% |████████████████████████████████| 122kB 13.5MB/s
Collecting attrs>=17.4.0 (from jsonschema>=3.0.2->elastalert)
  Downloading https://files.pythonhosted.org/packages/fb/6e/6f83bf616d2becdf333a1640f1d463fef3150e2e926b7010cb0f81c95e88/attrs-22.2.0-py3-none-any.whl (60kB)
    100% |████████████████████████████████| 61kB 16.5MB/s
Collecting importlib-metadata; python_version < "3.8" (from jsonschema>=3.0.2->elastalert)
  Downloading https://files.pythonhosted.org/packages/a0/a1/b153a0a4caf7a7e3f15c2cd56c7702e2cf3d89b1b359d1f1c5e59d68f4ce/importlib_metadata-4.8.3-py3-none-any.whl
Requirement already satisfied: chardet<3.1.0,>=3.0.2 in /usr/lib/python3.6/site-packages (from requests>=2.10.0->elastalert)
Requirement already satisfied: idna<2.8,>=2.5 in /usr/lib/python3.6/site-packages (from requests>=2.10.0->elastalert)
Collecting docopt<0.7.0,>=0.6.2 (from stomp.py>=4.1.17->elastalert)
  Downloading https://files.pythonhosted.org/packages/a2/55/8f8cab2afd404cf578136ef2cc5dfb50baa1761b68c9da1fb1e4eed343c9/docopt-0.6.2.tar.gz
Collecting websocket-client<2.0.0,>=1.2.3 (from stomp.py>=4.1.17->elastalert)
  Downloading https://files.pythonhosted.org/packages/35/21/8614b6de7c35d0bc584da13c45b8b08e404eee28a0504c1d00f5e1aa0a23/websocket_client-1.3.1-py3-none-any.whl (54kB)
    100% |████████████████████████████████| 61kB 17.7MB/s
Collecting PyJWT>=1.4.2 (from twilio<6.1,>=6.0.0->elastalert)
  Downloading https://files.pythonhosted.org/packages/1c/fb/b82e9601b00d88cf8bbee1f39b855ae773f9d5bcbcedb3801b2f72460696/PyJWT-2.4.0-py3-none-any.whl
Requirement already satisfied: pysocks in /usr/lib/python3.6/site-packages (from twilio<6.1,>=6.0.0->elastalert)
Collecting pycparser (from cffi>=1.11.5->elastalert)
  Downloading https://files.pythonhosted.org/packages/62/d5/5f610ebe421e85889f2e55e33b7f9a6795bd982198517d912eb1c76e1a53/pycparser-2.21-py2.py3-none-any.whl (118kB)
    100% |████████████████████████████████| 122kB 14.5MB/s
Collecting backports.zoneinfo; python_version < "3.9" (from tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert)
  Downloading https://files.pythonhosted.org/packages/f9/04/33e910faffe91a5680d68a064162525779259ae5de3b0c0c5bd9c4e900e0/backports.zoneinfo-0.2.1-cp36-cp36m-manylinux1_x86_64.whl (70kB)
    100% |████████████████████████████████| 71kB 15.6MB/s
Collecting pytz-deprecation-shim (from tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert)
  Downloading https://files.pythonhosted.org/packages/eb/73/3eaab547ca809754e67e06871cff0fc962bafd4b604e15f31896a0f94431/pytz_deprecation_shim-0.1.0.post0-py2.py3-none-any.whl
Collecting oauthlib>=3.0.0 (from requests-oauthlib>=1.1.0->jira>=2.0.0->elastalert)
  Downloading https://files.pythonhosted.org/packages/7e/80/cab10959dc1faead58dc8384a781dfbf93cb4d33d50988f7a69f1b7c9bbe/oauthlib-3.2.2-py3-none-any.whl (151kB)
    100% |████████████████████████████████| 153kB 11.8MB/s
Collecting SecretStorage>=3.2; sys_platform == "linux" (from keyring->jira>=2.0.0->elastalert)
  Downloading https://files.pythonhosted.org/packages/54/24/b4293291fa1dd830f353d2cb163295742fa87f179fcc8a20a306a81978b7/SecretStorage-3.3.3-py3-none-any.whl
Collecting jeepney>=0.4.2; sys_platform == "linux" (from keyring->jira>=2.0.0->elastalert)
  Downloading https://files.pythonhosted.org/packages/14/b8/bb3e34d71472140f9bfdf5d77cd063e2cc964b72b1bb0b70fe3c1e7db932/jeepney-0.7.1-py3-none-any.whl (54kB)
    100% |████████████████████████████████| 61kB 15.7MB/s
Collecting zipp>=0.5 (from importlib-metadata; python_version < "3.8"->jsonschema>=3.0.2->elastalert)
  Downloading https://files.pythonhosted.org/packages/bd/df/d4a4974a3e3957fd1c1fa3082366d7fff6e428ddb55f074bf64876f8e8ad/zipp-3.6.0-py3-none-any.whl
Collecting importlib-resources; python_version < "3.7" (from backports.zoneinfo; python_version < "3.9"->tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert)
  Downloading https://files.pythonhosted.org/packages/24/1b/33e489669a94da3ef4562938cd306e8fa915e13939d7b8277cb5569cb405/importlib_resources-5.4.0-py3-none-any.whl
Collecting tzdata; python_version >= "3.6" (from pytz-deprecation-shim->tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert)
  Downloading https://files.pythonhosted.org/packages/fa/5e/f99a7df3ae2079211d31ec23b1d34380c7870c26e99159f6e422dcbab538/tzdata-2022.7-py2.py3-none-any.whl (340kB)
    100% |████████████████████████████████| 348kB 6.2MB/s
Collecting cryptography>=2.0 (from SecretStorage>=3.2; sys_platform == "linux"->keyring->jira>=2.0.0->elastalert)
  Downloading https://files.pythonhosted.org/packages/fa/f3/f4b8c175ea9a1de650b0085858059050b7953a93d66c97ed89b93b232996/cryptography-39.0.2.tar.gz (604kB)
    100% |████████████████████████████████| 614kB 3.2MB/s
    Complete output from command python setup.py egg_info:

            =============================DEBUG ASSISTANCE==========================
            If you are seeing an error here please try the following to
            successfully install cryptography:

            Upgrade to the latest pip and try again. This will fix errors for most
            users. See: https://pip.pypa.io/en/stable/installing/#upgrading-pip
            =============================DEBUG ASSISTANCE==========================

    Traceback (most recent call last):
      File "<string>", line 1, in <module>
      File "/tmp/pip-build-j3urc0g_/cryptography/setup.py", line 18, in <module>
        from setuptools_rust import RustExtension
    ModuleNotFoundError: No module named 'setuptools_rust'

    ----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-j3urc0g_/cryptography/
[root@tmplogsvr opt]#

setuptools-rust 설치

[root@tmplogsvr opt]# pip3 install setuptools-rust
WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead.
Collecting setuptools-rust
  Downloading https://files.pythonhosted.org/packages/66/ca/66bdf8f326977098eff28c314c8f825bc28d6986944c590e40ad0f74c5f0/setuptools_rust-1.1.2-py3-none-any.whl
Collecting typing-extensions>=3.7.4.3 (from setuptools-rust)
  Using cached https://files.pythonhosted.org/packages/45/6b/44f7f8f1e110027cf88956b59f2fad776cca7e1704396d043f89effd3a0e/typing_extensions-4.1.1-py3-none-any.whl
Collecting setuptools>=46.1 (from setuptools-rust)
  Downloading https://files.pythonhosted.org/packages/b0/3a/88b210db68e56854d0bcf4b38e165e03be377e13907746f825790f3df5bf/setuptools-59.6.0-py3-none-any.whl (952kB)
    100% |████████████████████████████████| 962kB 2.0MB/s
Collecting semantic-version<3,>=2.8.2 (from setuptools-rust)
  Downloading https://files.pythonhosted.org/packages/6a/23/8146aad7d88f4fcb3a6218f41a60f6c2d4e3a72de72da1825dc7c8f7877c/semantic_version-2.10.0-py2.py3-none-any.whl
Installing collected packages: typing-extensions, setuptools, semantic-version, setuptools-rust
Successfully installed semantic-version-2.10.0 setuptools-59.6.0 setuptools-rust-1.1.2 typing-extensions-4.1.1
[root@tmplogsvr opt]#

pip를 설치하여 pip3가 아닌 pip로 elastalert 설치

- 오류발생: error: command 'gcc' failed with exit status 1

[root@tmplogsvr opt]# pip install elastalert
Collecting elastalert
  Using cached elastalert-0.2.4.tar.gz (128 kB)
  Preparing metadata (setup.py) ... done
Collecting apscheduler>=3.3.0
  Using cached APScheduler-3.10.1-py3-none-any.whl (59 kB)
Collecting aws-requests-auth>=0.3.0
  Using cached aws_requests_auth-0.4.3-py2.py3-none-any.whl (6.8 kB)
Collecting blist>=1.3.6
  Using cached blist-1.3.6.tar.gz (122 kB)
  Preparing metadata (setup.py) ... done
Collecting boto3>=1.4.4
  Using cached boto3-1.23.10-py3-none-any.whl (132 kB)
Collecting configparser>=3.5.0
  Using cached configparser-5.2.0-py3-none-any.whl (19 kB)
Collecting croniter>=0.3.16
  Using cached croniter-1.3.8-py2.py3-none-any.whl (18 kB)
Collecting elasticsearch==7.0.0
  Using cached elasticsearch-7.0.0-py2.py3-none-any.whl (80 kB)
Collecting envparse>=0.2.0
  Using cached envparse-0.2.0.tar.gz (7.6 kB)
  Preparing metadata (setup.py) ... done
Collecting exotel>=0.1.3
  Using cached exotel-0.1.5.tar.gz (2.2 kB)
  Preparing metadata (setup.py) ... done
Collecting jira>=2.0.0
  Using cached jira-3.2.0-py3-none-any.whl (69 kB)
Collecting jsonschema>=3.0.2
  Using cached jsonschema-3.2.0-py2.py3-none-any.whl (56 kB)
Collecting mock>=2.0.0
  Using cached mock-5.0.1-py3-none-any.whl (30 kB)
Collecting prison>=0.1.2
  Using cached prison-0.2.1-py2.py3-none-any.whl (5.8 kB)
Collecting PyStaticConfiguration>=0.10.3
  Using cached PyStaticConfiguration-0.11.1-py3-none-any.whl (27 kB)
Requirement already satisfied: python-dateutil<2.7.0,>=2.6.0 in /usr/lib/python3.6/site-packages (from elastalert) (2.6.1)
Requirement already satisfied: PyYAML>=3.12 in /usr/lib64/python3.6/site-packages (from elastalert) (3.12)
Requirement already satisfied: requests>=2.10.0 in /usr/lib/python3.6/site-packages (from elastalert) (2.20.0)
Collecting stomp.py>=4.1.17
  Using cached stomp.py-8.1.0-py3-none-any.whl (42 kB)
Collecting texttable>=0.8.8
  Using cached texttable-1.6.7-py2.py3-none-any.whl (10 kB)
Collecting twilio<6.1,>=6.0.0
  Using cached twilio-6.0.0.tar.gz (304 kB)
  Preparing metadata (setup.py) ... done
Collecting python-magic>=0.4.15
  Using cached python_magic-0.4.27-py2.py3-none-any.whl (13 kB)
Collecting cffi>=1.11.5
  Using cached cffi-1.15.1-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (402 kB)
Requirement already satisfied: urllib3>=1.21.1 in /usr/lib/python3.6/site-packages (from elasticsearch==7.0.0->elastalert) (1.24.2)
Requirement already satisfied: six>=1.4.0 in /usr/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert) (1.11.0)
Requirement already satisfied: pytz in /usr/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert) (2017.2)
Collecting tzlocal!=3.*,>=2.0
  Using cached tzlocal-4.2-py3-none-any.whl (19 kB)
Requirement already satisfied: setuptools>=0.7 in /usr/local/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert) (59.6.0)
Collecting s3transfer<0.6.0,>=0.5.0
  Using cached s3transfer-0.5.2-py3-none-any.whl (79 kB)
Collecting botocore<1.27.0,>=1.26.10
  Using cached botocore-1.26.10-py3-none-any.whl (8.8 MB)
Collecting jmespath<2.0.0,>=0.7.1
  Using cached jmespath-0.10.0-py2.py3-none-any.whl (24 kB)
Collecting pycparser
  Using cached pycparser-2.21-py2.py3-none-any.whl (118 kB)
Collecting defusedxml
  Using cached defusedxml-0.7.1-py2.py3-none-any.whl (25 kB)
Collecting requests-oauthlib>=1.1.0
  Using cached requests_oauthlib-1.3.1-py2.py3-none-any.whl (23 kB)
Collecting requests-toolbelt
  Using cached requests_toolbelt-0.10.1-py2.py3-none-any.whl (54 kB)
Collecting keyring
  Using cached keyring-23.4.1-py3-none-any.whl (33 kB)
Requirement already satisfied: typing-extensions>=3.7.4.2 in /usr/local/lib/python3.6/site-packages (from jira>=2.0.0->elastalert) (4.1.1)
Collecting importlib-metadata
  Using cached importlib_metadata-4.8.3-py3-none-any.whl (17 kB)
Collecting pyrsistent>=0.14.0
  Using cached pyrsistent-0.18.0-cp36-cp36m-manylinux1_x86_64.whl (117 kB)
Collecting attrs>=17.4.0
  Using cached attrs-22.2.0-py3-none-any.whl (60 kB)
Requirement already satisfied: chardet<3.1.0,>=3.0.2 in /usr/lib/python3.6/site-packages (from requests>=2.10.0->elastalert) (3.0.4)
Requirement already satisfied: idna<2.8,>=2.5 in /usr/lib/python3.6/site-packages (from requests>=2.10.0->elastalert) (2.5)
Collecting docopt<0.7.0,>=0.6.2
  Using cached docopt-0.6.2.tar.gz (25 kB)
  Preparing metadata (setup.py) ... done
Collecting websocket-client<2.0.0,>=1.2.3
  Using cached websocket_client-1.3.1-py3-none-any.whl (54 kB)
Collecting PyJWT>=1.4.2
  Using cached PyJWT-2.4.0-py3-none-any.whl (18 kB)
Requirement already satisfied: pysocks in /usr/lib/python3.6/site-packages (from twilio<6.1,>=6.0.0->elastalert) (1.6.8)
INFO: pip is looking at multiple versions of attrs to determine which version is compatible with other requirements. This could take a while.
Collecting attrs>=17.4.0
  Downloading attrs-22.1.0-py2.py3-none-any.whl (58 kB)
     |████████████████████████████████| 58 kB 12.4 MB/s
INFO: pip is looking at multiple versions of twilio to determine which version is compatible with other requirements. This could take a while.
INFO: pip is looking at multiple versions of texttable to determine which version is compatible with other requirements. This could take a while.
Collecting texttable>=0.8.8
  Downloading texttable-1.6.6-py2.py3-none-any.whl (11 kB)
INFO: pip is looking at multiple versions of stomp-py to determine which version is compatible with other requirements. This could take a while.
Collecting stomp.py>=4.1.17
  Downloading stomp.py-8.0.1-py3-none-any.whl (37 kB)
INFO: pip is looking at multiple versions of requests to determine which version is compatible with other requirements. This could take a while.
Collecting requests>=2.10.0
  Downloading requests-2.27.1-py2.py3-none-any.whl (63 kB)
     |████████████████████████████████| 63 kB 5.3 MB/s
Collecting charset-normalizer~=2.0.0
  Downloading charset_normalizer-2.0.12-py3-none-any.whl (39 kB)
Collecting certifi>=2017.4.17
  Downloading certifi-2022.12.7-py3-none-any.whl (155 kB)
     |████████████████████████████████| 155 kB 74.1 MB/s
Collecting urllib3>=1.21.1
  Downloading urllib3-1.26.15-py2.py3-none-any.whl (140 kB)
     |████████████████████████████████| 140 kB 69.9 MB/s
Collecting oauthlib>=3.0.0
  Using cached oauthlib-3.2.2-py3-none-any.whl (151 kB)
Collecting backports.zoneinfo
  Using cached backports.zoneinfo-0.2.1-cp36-cp36m-manylinux1_x86_64.whl (70 kB)
Collecting pytz-deprecation-shim
  Using cached pytz_deprecation_shim-0.1.0.post0-py2.py3-none-any.whl (15 kB)
Collecting zipp>=0.5
  Using cached zipp-3.6.0-py3-none-any.whl (5.3 kB)
Collecting jeepney>=0.4.2
  Using cached jeepney-0.7.1-py3-none-any.whl (54 kB)
Collecting SecretStorage>=3.2
  Using cached SecretStorage-3.3.3-py3-none-any.whl (15 kB)
Collecting cryptography>=2.0
  Downloading cryptography-39.0.2-cp36-abi3-manylinux_2_28_x86_64.whl (4.2 MB)
     |████████████████████████████████| 4.2 MB 78.6 MB/s
Collecting importlib-resources
  Using cached importlib_resources-5.4.0-py3-none-any.whl (28 kB)
Collecting tzdata
  Using cached tzdata-2022.7-py2.py3-none-any.whl (340 kB)
Using legacy 'setup.py install' for elastalert, since package 'wheel' is not installed.
Using legacy 'setup.py install' for blist, since package 'wheel' is not installed.
Using legacy 'setup.py install' for envparse, since package 'wheel' is not installed.
Using legacy 'setup.py install' for exotel, since package 'wheel' is not installed.
Using legacy 'setup.py install' for twilio, since package 'wheel' is not installed.
Using legacy 'setup.py install' for docopt, since package 'wheel' is not installed.
Installing collected packages: zipp, pycparser, importlib-resources, cffi, urllib3, tzdata, jmespath, jeepney, cryptography, charset-normalizer, certifi, backports.zoneinfo, SecretStorage, requests, pytz-deprecation-shim, oauthlib, importlib-metadata, botocore, websocket-client, tzlocal, s3transfer, requests-toolbelt, requests-oauthlib, pyrsistent, PyJWT, keyring, docopt, defusedxml, attrs, twilio, texttable, stomp.py, python-magic, PyStaticConfiguration, prison, mock, jsonschema, jira, exotel, envparse, elasticsearch, croniter, configparser, boto3, blist, aws-requests-auth, apscheduler, elastalert
  Attempting uninstall: urllib3
    Found existing installation: urllib3 1.24.2
    Uninstalling urllib3-1.24.2:
      Successfully uninstalled urllib3-1.24.2
  Attempting uninstall: requests
    Found existing installation: requests 2.20.0
    Uninstalling requests-2.20.0:
      Successfully uninstalled requests-2.20.0
    Running setup.py install for docopt ... done
    Running setup.py install for twilio ... done
    Running setup.py install for exotel ... done
    Running setup.py install for envparse ... done
    Running setup.py install for blist ... error
    ERROR: Command errored out with exit status 1:
     command: /usr/bin/python3.6 -u -c 'import io, os, sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-vw09qqdo/blist_5985a06eebc244dfbb6203841bf7f137/setup.py'"'"'; __file__='"'"'/tmp/pip-install-vw09qqdo/blist_5985a06eebc244dfbb6203841bf7f137/setup.py'"'"';f = getattr(tokenize, '"'"'open'"'"', open)(__file__) if os.path.exists(__file__) else io.StringIO('"'"'from setuptools import setup; setup()'"'"');code = f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' install --record /tmp/pip-record-9ratp9fl/install-record.txt --single-version-externally-managed --compile --install-headers /usr/local/include/python3.6m/blist
         cwd: /tmp/pip-install-vw09qqdo/blist_5985a06eebc244dfbb6203841bf7f137/
    Complete output (22 lines):
    running install
    /usr/local/lib/python3.6/site-packages/setuptools/command/install.py:37: SetuptoolsDeprecationWarning: setup.py install is deprecated. Use build and pip and other standards-based tools.
      setuptools.SetuptoolsDeprecationWarning,
    running build
    running build_py
    creating build
    creating build/lib.linux-x86_64-3.6
    creating build/lib.linux-x86_64-3.6/blist
    copying blist/_sorteddict.py -> build/lib.linux-x86_64-3.6/blist
    copying blist/_sortedlist.py -> build/lib.linux-x86_64-3.6/blist
    copying blist/_btuple.py -> build/lib.linux-x86_64-3.6/blist
    copying blist/__init__.py -> build/lib.linux-x86_64-3.6/blist
    running build_ext
    building 'blist._blist' extension
    creating build/temp.linux-x86_64-3.6
    creating build/temp.linux-x86_64-3.6/blist
    gcc -pthread -Wno-unused-result -Wsign-compare -DDYNAMIC_ANNOTATIONS_ENABLED=1 -DNDEBUG -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -D_GNU_SOURCE -fPIC -fwrapv -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -D_GNU_SOURCE -fPIC -fwrapv -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -D_GNU_SOURCE -fPIC -fwrapv -fPIC -DBLIST_FLOAT_RADIX_SORT=1 -I/usr/include/python3.6m -c blist/_blist.c -o build/temp.linux-x86_64-3.6/blist/_blist.o
    blist/_blist.c:38:10: fatal error: Python.h: 그런 파일이나 디렉터리가 없습니다
     #include <Python.h>
              ^~~~~~~~~~
    compilation terminated.
    error: command 'gcc' failed with exit status 1
    ----------------------------------------
ERROR: Command errored out with exit status 1: /usr/bin/python3.6 -u -c 'import io, os, sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-vw09qqdo/blist_5985a06eebc244dfbb6203841bf7f137/setup.py'"'"'; __file__='"'"'/tmp/pip-install-vw09qqdo/blist_5985a06eebc244dfbb6203841bf7f137/setup.py'"'"';f = getattr(tokenize, '"'"'open'"'"', open)(__file__) if os.path.exists(__file__) else io.StringIO('"'"'from setuptools import setup; setup()'"'"');code = f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' install --record /tmp/pip-record-9ratp9fl/install-record.txt --single-version-externally-managed --compile --install-headers /usr/local/include/python3.6m/blist Check the logs for full command output.
[root@tmplogsvr opt]#

elastalert을 설치하기 위한 구성 툴을 추가 설치

[root@tmplogsvr opt]# yum install gcc libffi-devel python36-devel openssl-devel
마지막 메타자료 만료확인 1:24:43 이전인: 2023년 03월 16일 (목) 오전 09시 47분 28초.
꾸러미 gcc-8.5.0-18.el8.x86_64가 이미 설치되어 있습니다.
꾸러미 openssl-devel-1:1.1.1k-7.el8.x86_64가 이미 설치되어 있습니다.
종속성이 해결되었습니다.
======================================================================================================================================================================================================
 꾸러미                                             구조                               버전                                                               레포지터리                             크기
======================================================================================================================================================================================================
설치 중:
 libffi-devel                                       x86_64                             3.1-24.el8                                                         baseos                                 29 k
 python36-devel                                     x86_64                             3.6.8-38.module_el8.5.0+895+a459eca8                               appstream                              16 k
향상 중:
 openssl                                            x86_64                             1:1.1.1k-9.el8                                                     baseos                                737 k
 openssl-devel                                      x86_64                             1:1.1.1k-9.el8                                                     baseos                                3.2 M
 openssl-libs                                       x86_64                             1:1.1.1k-9.el8                                                     baseos                                1.5 M
종속 꾸러미 설치 중:
 platform-python-devel                              x86_64                             3.6.8-51.el8                                                       appstream                             240 k
 python3-rpm-generators                             noarch                             5-8.el8                                                            appstream                              25 k

연결 요약
======================================================================================================================================================================================================
설치  4 꾸러미
향상  3 꾸러미

총계 내려받기 크기: 5.7 M
진행 할 까요? [y/N]: y
꾸러미 내려받기 중:
(1/7): python3-rpm-generators-5-8.el8.noarch.rpm                                                                                                                      533 kB/s |  25 kB     00:00
(2/7): python36-devel-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64.rpm                                                                                                 189 kB/s |  16 kB     00:00
(3/7): platform-python-devel-3.6.8-51.el8.x86_64.rpm                                                                                                                  2.6 MB/s | 240 kB     00:00
(4/7): openssl-1.1.1k-9.el8.x86_64.rpm                                                                                                                                4.1 MB/s | 737 kB     00:00
(5/7): openssl-libs-1.1.1k-9.el8.x86_64.rpm                                                                                                                            15 MB/s | 1.5 MB     00:00
(6/7): libffi-devel-3.1-24.el8.x86_64.rpm                                                                                                                              59 kB/s |  29 kB     00:00
(7/7): openssl-devel-1.1.1k-9.el8.x86_64.rpm                                                                                                                          5.3 MB/s | 3.2 MB     00:00
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
합계                                                                                                                                                                  2.8 MB/s | 5.7 MB     00:02
CentOS Stream 8 - AppStream                                                                                                                                           1.6 MB/s | 1.6 kB     00:00
GPG키 0x8483C65D 가져오는 중:
사용자 ID : "CentOS (CentOS Official Signing Key) <security@centos.org>"
지문: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D
출처 : /etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
진행 할 까요? [y/N]: y
키 가져오기에 성공했습니다
연결 확인 실행 중
연결 확인에 성공했습니다.
연결 시험 실행 중
연결 시험에 성공했습니다.
연결 실행 중
  준비 중           :                                                                                                                                                                             1/1
  향상 중           : openssl-libs-1:1.1.1k-9.el8.x86_64                                                                                                                                         1/10
  스크립트릿 실행 중: openssl-libs-1:1.1.1k-9.el8.x86_64                                                                                                                                         1/10
  설치 중           : python3-rpm-generators-5-8.el8.noarch                                                                                                                                      2/10
  설치 중           : platform-python-devel-3.6.8-51.el8.x86_64                                                                                                                                  3/10
  설치 중           : python36-devel-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64                                                                                                                 4/10
  스크립트릿 실행 중: python36-devel-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64                                                                                                                 4/10
  향상 중           : openssl-1:1.1.1k-9.el8.x86_64                                                                                                                                              5/10
  향상 중           : openssl-devel-1:1.1.1k-9.el8.x86_64                                                                                                                                        6/10
  설치 중           : libffi-devel-3.1-24.el8.x86_64                                                                                                                                             7/10
  스크립트릿 실행 중: libffi-devel-3.1-24.el8.x86_64                                                                                                                                             7/10
  정리              : openssl-1:1.1.1k-7.el8.x86_64                                                                                                                                              8/10
  정리              : openssl-devel-1:1.1.1k-7.el8.x86_64                                                                                                                                        9/10
  정리              : openssl-libs-1:1.1.1k-7.el8.x86_64                                                                                                                                        10/10
  스크립트릿 실행 중: openssl-libs-1:1.1.1k-7.el8.x86_64                                                                                                                                        10/10
  확인 중           : platform-python-devel-3.6.8-51.el8.x86_64                                                                                                                                  1/10
  확인 중           : python3-rpm-generators-5-8.el8.noarch                                                                                                                                      2/10
  확인 중           : python36-devel-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64                                                                                                                 3/10
  확인 중           : libffi-devel-3.1-24.el8.x86_64                                                                                                                                             4/10
  확인 중           : openssl-1:1.1.1k-9.el8.x86_64                                                                                                                                              5/10
  확인 중           : openssl-1:1.1.1k-7.el8.x86_64                                                                                                                                              6/10
  확인 중           : openssl-devel-1:1.1.1k-9.el8.x86_64                                                                                                                                        7/10
  확인 중           : openssl-devel-1:1.1.1k-7.el8.x86_64                                                                                                                                        8/10
  확인 중           : openssl-libs-1:1.1.1k-9.el8.x86_64                                                                                                                                         9/10
  확인 중           : openssl-libs-1:1.1.1k-7.el8.x86_64                                                                                                                                        10/10

향상되었습니다:
  openssl-1:1.1.1k-9.el8.x86_64                                 openssl-devel-1:1.1.1k-9.el8.x86_64                                 openssl-libs-1:1.1.1k-9.el8.x86_64
설치되었습니다:
  libffi-devel-3.1-24.el8.x86_64       platform-python-devel-3.6.8-51.el8.x86_64       python3-rpm-generators-5-8.el8.noarch       python36-devel-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64

완료되었습니다!
[root@tmplogsvr opt]#

elastalert 재설치 시도 및 완료

[root@tmplogsvr opt]# pip install elastalert
Collecting elastalert
  Using cached elastalert-0.2.4.tar.gz (128 kB)
  Preparing metadata (setup.py) ... done
Collecting apscheduler>=3.3.0
  Using cached APScheduler-3.10.1-py3-none-any.whl (59 kB)
Collecting aws-requests-auth>=0.3.0
  Using cached aws_requests_auth-0.4.3-py2.py3-none-any.whl (6.8 kB)
Collecting blist>=1.3.6
  Using cached blist-1.3.6.tar.gz (122 kB)
  Preparing metadata (setup.py) ... done
Requirement already satisfied: boto3>=1.4.4 in /usr/local/lib/python3.6/site-packages (from elastalert) (1.23.10)
Requirement already satisfied: configparser>=3.5.0 in /usr/local/lib/python3.6/site-packages (from elastalert) (5.2.0)
Requirement already satisfied: croniter>=0.3.16 in /usr/local/lib/python3.6/site-packages (from elastalert) (1.3.8)
Requirement already satisfied: elasticsearch==7.0.0 in /usr/local/lib/python3.6/site-packages (from elastalert) (7.0.0)
Requirement already satisfied: envparse>=0.2.0 in /usr/local/lib/python3.6/site-packages (from elastalert) (0.2.0)
Requirement already satisfied: exotel>=0.1.3 in /usr/local/lib/python3.6/site-packages (from elastalert) (0.1.5)
Requirement already satisfied: jira>=2.0.0 in /usr/local/lib/python3.6/site-packages (from elastalert) (3.2.0)
Requirement already satisfied: jsonschema>=3.0.2 in /usr/local/lib/python3.6/site-packages (from elastalert) (3.2.0)
Requirement already satisfied: mock>=2.0.0 in /usr/local/lib/python3.6/site-packages (from elastalert) (5.0.1)
Requirement already satisfied: prison>=0.1.2 in /usr/local/lib/python3.6/site-packages (from elastalert) (0.2.1)
Requirement already satisfied: PyStaticConfiguration>=0.10.3 in /usr/local/lib/python3.6/site-packages (from elastalert) (0.11.1)
Requirement already satisfied: python-dateutil<2.7.0,>=2.6.0 in /usr/lib/python3.6/site-packages (from elastalert) (2.6.1)
Requirement already satisfied: PyYAML>=3.12 in /usr/lib64/python3.6/site-packages (from elastalert) (3.12)
Requirement already satisfied: requests>=2.10.0 in /usr/local/lib/python3.6/site-packages (from elastalert) (2.27.1)
Requirement already satisfied: stomp.py>=4.1.17 in /usr/local/lib/python3.6/site-packages (from elastalert) (8.1.0)
Requirement already satisfied: texttable>=0.8.8 in /usr/local/lib/python3.6/site-packages (from elastalert) (1.6.7)
Requirement already satisfied: twilio<6.1,>=6.0.0 in /usr/local/lib/python3.6/site-packages (from elastalert) (6.0.0)
Requirement already satisfied: python-magic>=0.4.15 in /usr/local/lib/python3.6/site-packages (from elastalert) (0.4.27)
Requirement already satisfied: cffi>=1.11.5 in /usr/local/lib64/python3.6/site-packages (from elastalert) (1.15.1)
Requirement already satisfied: urllib3>=1.21.1 in /usr/local/lib/python3.6/site-packages (from elasticsearch==7.0.0->elastalert) (1.26.15)
Requirement already satisfied: setuptools>=0.7 in /usr/local/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert) (59.6.0)
Requirement already satisfied: pytz in /usr/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert) (2017.2)
Requirement already satisfied: tzlocal!=3.*,>=2.0 in /usr/local/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert) (4.2)
Requirement already satisfied: six>=1.4.0 in /usr/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert) (1.11.0)
Requirement already satisfied: botocore<1.27.0,>=1.26.10 in /usr/local/lib/python3.6/site-packages (from boto3>=1.4.4->elastalert) (1.26.10)
Requirement already satisfied: s3transfer<0.6.0,>=0.5.0 in /usr/local/lib/python3.6/site-packages (from boto3>=1.4.4->elastalert) (0.5.2)
Requirement already satisfied: jmespath<2.0.0,>=0.7.1 in /usr/local/lib/python3.6/site-packages (from boto3>=1.4.4->elastalert) (0.10.0)
Requirement already satisfied: pycparser in /usr/local/lib/python3.6/site-packages (from cffi>=1.11.5->elastalert) (2.21)
Requirement already satisfied: requests-oauthlib>=1.1.0 in /usr/local/lib/python3.6/site-packages (from jira>=2.0.0->elastalert) (1.3.1)
Requirement already satisfied: keyring in /usr/local/lib/python3.6/site-packages (from jira>=2.0.0->elastalert) (23.4.1)
Requirement already satisfied: requests-toolbelt in /usr/local/lib/python3.6/site-packages (from jira>=2.0.0->elastalert) (0.10.1)
Requirement already satisfied: typing-extensions>=3.7.4.2 in /usr/local/lib/python3.6/site-packages (from jira>=2.0.0->elastalert) (4.1.1)
Requirement already satisfied: defusedxml in /usr/local/lib/python3.6/site-packages (from jira>=2.0.0->elastalert) (0.7.1)
Requirement already satisfied: pyrsistent>=0.14.0 in /usr/local/lib64/python3.6/site-packages (from jsonschema>=3.0.2->elastalert) (0.18.0)
Requirement already satisfied: importlib-metadata in /usr/local/lib/python3.6/site-packages (from jsonschema>=3.0.2->elastalert) (4.8.3)
Requirement already satisfied: attrs>=17.4.0 in /usr/local/lib/python3.6/site-packages (from jsonschema>=3.0.2->elastalert) (22.2.0)
Requirement already satisfied: charset-normalizer~=2.0.0 in /usr/local/lib/python3.6/site-packages (from requests>=2.10.0->elastalert) (2.0.12)
Requirement already satisfied: certifi>=2017.4.17 in /usr/local/lib/python3.6/site-packages (from requests>=2.10.0->elastalert) (2022.12.7)
Requirement already satisfied: idna<4,>=2.5 in /usr/lib/python3.6/site-packages (from requests>=2.10.0->elastalert) (2.5)
Requirement already satisfied: websocket-client<2.0.0,>=1.2.3 in /usr/local/lib/python3.6/site-packages (from stomp.py>=4.1.17->elastalert) (1.3.1)
Requirement already satisfied: docopt<0.7.0,>=0.6.2 in /usr/local/lib/python3.6/site-packages (from stomp.py>=4.1.17->elastalert) (0.6.2)
Requirement already satisfied: PyJWT>=1.4.2 in /usr/local/lib/python3.6/site-packages (from twilio<6.1,>=6.0.0->elastalert) (2.4.0)
Requirement already satisfied: pysocks in /usr/lib/python3.6/site-packages (from twilio<6.1,>=6.0.0->elastalert) (1.6.8)
Requirement already satisfied: oauthlib>=3.0.0 in /usr/local/lib/python3.6/site-packages (from requests-oauthlib>=1.1.0->jira>=2.0.0->elastalert) (3.2.2)
Requirement already satisfied: pytz-deprecation-shim in /usr/local/lib/python3.6/site-packages (from tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert) (0.1.0.post0)
Requirement already satisfied: backports.zoneinfo in /usr/local/lib64/python3.6/site-packages (from tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert) (0.2.1)
Requirement already satisfied: zipp>=0.5 in /usr/local/lib/python3.6/site-packages (from importlib-metadata->jsonschema>=3.0.2->elastalert) (3.6.0)
Requirement already satisfied: SecretStorage>=3.2 in /usr/local/lib/python3.6/site-packages (from keyring->jira>=2.0.0->elastalert) (3.3.3)
Requirement already satisfied: jeepney>=0.4.2 in /usr/local/lib/python3.6/site-packages (from keyring->jira>=2.0.0->elastalert) (0.7.1)
Requirement already satisfied: cryptography>=2.0 in /usr/local/lib64/python3.6/site-packages (from SecretStorage>=3.2->keyring->jira>=2.0.0->elastalert) (39.0.2)
Requirement already satisfied: importlib-resources in /usr/local/lib/python3.6/site-packages (from backports.zoneinfo->tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert) (5.4.0)
Requirement already satisfied: tzdata in /usr/local/lib/python3.6/site-packages (from pytz-deprecation-shim->tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert) (2022.7)
Using legacy 'setup.py install' for elastalert, since package 'wheel' is not installed.
Using legacy 'setup.py install' for blist, since package 'wheel' is not installed.
Installing collected packages: blist, aws-requests-auth, apscheduler, elastalert
    Running setup.py install for blist ... done
    Running setup.py install for elastalert ... done
Successfully installed apscheduler-3.10.1 aws-requests-auth-0.4.3 blist-1.3.6 elastalert-0.2.4
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
[root@tmplogsvr opt]#

elastalert 구성요소 설치하기 폴더 삭제하기

[root@tmplogsvr ~]# cd /opt
[root@tmplogsvr opt]# git clone https://github.com/Yelp/elastalert.git
'elastalert'에 복제합니다...
remote: Enumerating objects: 11518, done.
remote: Total 11518 (delta 0), reused 0 (delta 0), pack-reused 11518
오브젝트를 받는 중: 100% (11518/11518), 3.61 MiB | 31.89 MiB/s, 완료.
델타를 알아내는 중: 100% (7978/7978), 완료.
[root@tmplogsvr opt]# ls -al
합계 12
drwxr-xr-x.  3 root root 4096  3월 16 11:37 .
dr-xr-xr-x. 18 root root 4096  3월 15 14:16 ..
drwxr-xr-x.  7 root root 4096  3월 16 11:37 elastalert
[root@tmplogsvr opt]# cd elastalert/
[root@tmplogsvr elastalert]# ls -al
합계 132
drwxr-xr-x. 7 root root  4096  3월 16 11:37 .
drwxr-xr-x. 3 root root  4096  3월 16 11:37 ..
-rw-r--r--. 1 root root   216  3월 16 11:37 .editorconfig
drwxr-xr-x. 8 root root  4096  3월 16 11:37 .git
-rw-r--r--. 1 root root   160  3월 16 11:37 .gitignore
-rw-r--r--. 1 root root   718  3월 16 11:37 .pre-commit-config.yaml
-rw-r--r--. 1 root root   574  3월 16 11:37 .secrets.baseline
-rw-r--r--. 1 root root  1262  3월 16 11:37 .travis.yml
-rw-r--r--. 1 root root   244  3월 16 11:37 Dockerfile-test
-rw-r--r--. 1 root root 11359  3월 16 11:37 LICENSE
-rw-r--r--. 1 root root   528  3월 16 11:37 Makefile
-rw-r--r--. 1 root root 16197  3월 16 11:37 README.md
-rw-r--r--. 1 root root 11649  3월 16 11:37 changelog.md
-rw-r--r--. 1 root root  3321  3월 16 11:37 config.yaml.example
-rw-r--r--. 1 root root   261  3월 16 11:37 docker-compose.yml
drwxr-xr-x. 3 root root  4096  3월 16 11:37 docs
drwxr-xr-x. 3 root root  4096  3월 16 11:37 elastalert
drwxr-xr-x. 2 root root  4096  3월 16 11:37 example_rules
-rw-r--r--. 1 root root    74  3월 16 11:37 pytest.ini
-rw-r--r--. 1 root root   114  3월 16 11:37 requirements-dev.txt
-rw-r--r--. 1 root root   389  3월 16 11:37 requirements.txt
-rw-r--r--. 1 root root   100  3월 16 11:37 setup.cfg
-rw-r--r--. 1 root root  1659  3월 16 11:37 setup.py
-rw-r--r--. 1 root root   780  3월 16 11:37 supervisord.conf.example
drwxr-xr-x. 2 root root  4096  3월 16 11:37 tests
-rw-r--r--. 1 root root   609  3월 16 11:37 tox.ini
[root@tmplogsvr elastalert]# pip install -r ./requirements.txt
Requirement already satisfied: apscheduler>=3.3.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 1)) (3.10.1)
Requirement already satisfied: aws-requests-auth>=0.3.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 2)) (0.4.3)
Requirement already satisfied: blist>=1.3.6 in /usr/local/lib64/python3.6/site-packages (from -r ./requirements.txt (line 3)) (1.3.6)
Requirement already satisfied: boto3>=1.4.4 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 4)) (1.23.10)
Requirement already satisfied: cffi>=1.11.5 in /usr/local/lib64/python3.6/site-packages (from -r ./requirements.txt (line 5)) (1.15.1)
Requirement already satisfied: configparser>=3.5.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 6)) (5.2.0)
Requirement already satisfied: croniter>=0.3.16 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 7)) (1.3.8)
Requirement already satisfied: elasticsearch>=7.0.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 8)) (7.0.0)
Requirement already satisfied: envparse>=0.2.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 9)) (0.2.0)
Requirement already satisfied: exotel>=0.1.3 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 10)) (0.1.5)
Collecting jira<1.0.15,>=1.0.10
  Downloading jira-1.0.14-py2.py3-none-any.whl (95 kB)
     |████████████████████████████████| 95 kB 9.4 MB/s
Requirement already satisfied: jsonschema>=3.0.2 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 12)) (3.2.0)
Requirement already satisfied: mock>=2.0.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 13)) (5.0.1)
Requirement already satisfied: prison>=0.1.2 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 14)) (0.2.1)
Collecting py-zabbix==1.1.3
  Downloading py_zabbix-1.1.3-py2.py3-none-any.whl (12 kB)
Requirement already satisfied: PyStaticConfiguration>=0.10.3 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 16)) (0.11.1)
Requirement already satisfied: python-dateutil<2.7.0,>=2.6.0 in /usr/lib/python3.6/site-packages (from -r ./requirements.txt (line 17)) (2.6.1)
Collecting PyYAML>=5.1
  Using cached PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)
Requirement already satisfied: requests>=2.0.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 19)) (2.27.1)
Requirement already satisfied: stomp.py>=4.1.17 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 20)) (8.1.0)
Requirement already satisfied: texttable>=0.8.8 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 21)) (1.6.7)
Requirement already satisfied: twilio==6.0.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 22)) (6.0.0)
Requirement already satisfied: six in /usr/lib/python3.6/site-packages (from twilio==6.0.0->-r ./requirements.txt (line 22)) (1.11.0)
Requirement already satisfied: pytz in /usr/lib/python3.6/site-packages (from twilio==6.0.0->-r ./requirements.txt (line 22)) (2017.2)
Requirement already satisfied: PyJWT>=1.4.2 in /usr/local/lib/python3.6/site-packages (from twilio==6.0.0->-r ./requirements.txt (line 22)) (2.4.0)
Requirement already satisfied: pysocks in /usr/lib/python3.6/site-packages (from twilio==6.0.0->-r ./requirements.txt (line 22)) (1.6.8)
Requirement already satisfied: tzlocal!=3.*,>=2.0 in /usr/local/lib/python3.6/site-packages (from apscheduler>=3.3.0->-r ./requirements.txt (line 1)) (4.2)
Requirement already satisfied: setuptools>=0.7 in /usr/local/lib/python3.6/site-packages (from apscheduler>=3.3.0->-r ./requirements.txt (line 1)) (59.6.0)
Requirement already satisfied: s3transfer<0.6.0,>=0.5.0 in /usr/local/lib/python3.6/site-packages (from boto3>=1.4.4->-r ./requirements.txt (line 4)) (0.5.2)
Requirement already satisfied: botocore<1.27.0,>=1.26.10 in /usr/local/lib/python3.6/site-packages (from boto3>=1.4.4->-r ./requirements.txt (line 4)) (1.26.10)
Requirement already satisfied: jmespath<2.0.0,>=0.7.1 in /usr/local/lib/python3.6/site-packages (from boto3>=1.4.4->-r ./requirements.txt (line 4)) (0.10.0)
Requirement already satisfied: pycparser in /usr/local/lib/python3.6/site-packages (from cffi>=1.11.5->-r ./requirements.txt (line 5)) (2.21)
Requirement already satisfied: urllib3>=1.21.1 in /usr/local/lib/python3.6/site-packages (from elasticsearch>=7.0.0->-r ./requirements.txt (line 8)) (1.26.15)
Requirement already satisfied: defusedxml in /usr/local/lib/python3.6/site-packages (from jira<1.0.15,>=1.0.10->-r ./requirements.txt (line 11)) (0.7.1)
Requirement already satisfied: requests-oauthlib>=0.6.1 in /usr/local/lib/python3.6/site-packages (from jira<1.0.15,>=1.0.10->-r ./requirements.txt (line 11)) (1.3.1)
Collecting pbr>=3.0.0
  Downloading pbr-5.11.1-py2.py3-none-any.whl (112 kB)
     |████████████████████████████████| 112 kB 80.8 MB/s
Requirement already satisfied: requests-toolbelt in /usr/local/lib/python3.6/site-packages (from jira<1.0.15,>=1.0.10->-r ./requirements.txt (line 11)) (0.10.1)
Requirement already satisfied: attrs>=17.4.0 in /usr/local/lib/python3.6/site-packages (from jsonschema>=3.0.2->-r ./requirements.txt (line 12)) (22.2.0)
Requirement already satisfied: pyrsistent>=0.14.0 in /usr/local/lib64/python3.6/site-packages (from jsonschema>=3.0.2->-r ./requirements.txt (line 12)) (0.18.0)
Requirement already satisfied: importlib-metadata in /usr/local/lib/python3.6/site-packages (from jsonschema>=3.0.2->-r ./requirements.txt (line 12)) (4.8.3)
Requirement already satisfied: typing-extensions in /usr/local/lib/python3.6/site-packages (from PyStaticConfiguration>=0.10.3->-r ./requirements.txt (line 16)) (4.1.1)
Requirement already satisfied: certifi>=2017.4.17 in /usr/local/lib/python3.6/site-packages (from requests>=2.0.0->-r ./requirements.txt (line 19)) (2022.12.7)
Requirement already satisfied: charset-normalizer~=2.0.0 in /usr/local/lib/python3.6/site-packages (from requests>=2.0.0->-r ./requirements.txt (line 19)) (2.0.12)
Requirement already satisfied: idna<4,>=2.5 in /usr/lib/python3.6/site-packages (from requests>=2.0.0->-r ./requirements.txt (line 19)) (2.5)
Requirement already satisfied: websocket-client<2.0.0,>=1.2.3 in /usr/local/lib/python3.6/site-packages (from stomp.py>=4.1.17->-r ./requirements.txt (line 20)) (1.3.1)
Requirement already satisfied: docopt<0.7.0,>=0.6.2 in /usr/local/lib/python3.6/site-packages (from stomp.py>=4.1.17->-r ./requirements.txt (line 20)) (0.6.2)
Requirement already satisfied: oauthlib>=3.0.0 in /usr/local/lib/python3.6/site-packages (from requests-oauthlib>=0.6.1->jira<1.0.15,>=1.0.10->-r ./requirements.txt (line 11)) (3.2.2)
Requirement already satisfied: backports.zoneinfo in /usr/local/lib64/python3.6/site-packages (from tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->-r ./requirements.txt (line 1)) (0.2.1)
Requirement already satisfied: pytz-deprecation-shim in /usr/local/lib/python3.6/site-packages (from tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->-r ./requirements.txt (line 1)) (0.1.0.post0)
Requirement already satisfied: zipp>=0.5 in /usr/local/lib/python3.6/site-packages (from importlib-metadata->jsonschema>=3.0.2->-r ./requirements.txt (line 12)) (3.6.0)
Requirement already satisfied: importlib-resources in /usr/local/lib/python3.6/site-packages (from backports.zoneinfo->tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->-r ./requirements.txt (line 1)) (5.4.0)
Requirement already satisfied: tzdata in /usr/local/lib/python3.6/site-packages (from pytz-deprecation-shim->tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->-r ./requirements.txt (line 1)) (2022.7)
Installing collected packages: pbr, PyYAML, py-zabbix, jira
  Attempting uninstall: PyYAML
    Found existing installation: PyYAML 3.12
ERROR: Cannot uninstall 'PyYAML'. It is a distutils installed project and thus we cannot accurately determine which files belong to it which would lead to only a partial uninstall.
[root@tmplogsvr elastalert]# pip install --ignore-installed PyYAML -r requirements.txt
Collecting PyYAML
  Using cached PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)
Collecting apscheduler>=3.3.0
  Using cached APScheduler-3.10.1-py3-none-any.whl (59 kB)
Collecting aws-requests-auth>=0.3.0
  Using cached aws_requests_auth-0.4.3-py2.py3-none-any.whl (6.8 kB)
Collecting blist>=1.3.6
  Using cached blist-1.3.6.tar.gz (122 kB)
  Preparing metadata (setup.py) ... done
Collecting boto3>=1.4.4
  Using cached boto3-1.23.10-py3-none-any.whl (132 kB)
Collecting cffi>=1.11.5
  Using cached cffi-1.15.1-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (402 kB)
Collecting configparser>=3.5.0
  Using cached configparser-5.2.0-py3-none-any.whl (19 kB)
Collecting croniter>=0.3.16
  Using cached croniter-1.3.8-py2.py3-none-any.whl (18 kB)
Collecting elasticsearch>=7.0.0
  Downloading elasticsearch-8.6.2-py3-none-any.whl (385 kB)
     |████████████████████████████████| 385 kB 19.2 MB/s
Collecting envparse>=0.2.0
  Using cached envparse-0.2.0.tar.gz (7.6 kB)
  Preparing metadata (setup.py) ... done
Collecting exotel>=0.1.3
  Using cached exotel-0.1.5.tar.gz (2.2 kB)
  Preparing metadata (setup.py) ... done
Collecting jira<1.0.15,>=1.0.10
  Using cached jira-1.0.14-py2.py3-none-any.whl (95 kB)
Collecting jsonschema>=3.0.2
  Using cached jsonschema-3.2.0-py2.py3-none-any.whl (56 kB)
Collecting mock>=2.0.0
  Using cached mock-5.0.1-py3-none-any.whl (30 kB)
Collecting prison>=0.1.2
  Using cached prison-0.2.1-py2.py3-none-any.whl (5.8 kB)
Collecting py-zabbix==1.1.3
  Using cached py_zabbix-1.1.3-py2.py3-none-any.whl (12 kB)
Collecting PyStaticConfiguration>=0.10.3
  Using cached PyStaticConfiguration-0.11.1-py3-none-any.whl (27 kB)
Collecting python-dateutil<2.7.0,>=2.6.0
  Downloading python_dateutil-2.6.1-py2.py3-none-any.whl (194 kB)
     |████████████████████████████████| 194 kB 60.7 MB/s
Collecting requests>=2.0.0
  Using cached requests-2.27.1-py2.py3-none-any.whl (63 kB)
Collecting stomp.py>=4.1.17
  Using cached stomp.py-8.1.0-py3-none-any.whl (42 kB)
Collecting texttable>=0.8.8
  Using cached texttable-1.6.7-py2.py3-none-any.whl (10 kB)
Collecting twilio==6.0.0
  Using cached twilio-6.0.0.tar.gz (304 kB)
  Preparing metadata (setup.py) ... done
Collecting six
  Downloading six-1.16.0-py2.py3-none-any.whl (11 kB)
Collecting pytz
  Downloading pytz-2022.7.1-py2.py3-none-any.whl (499 kB)
     |████████████████████████████████| 499 kB 68.4 MB/s
Collecting PyJWT>=1.4.2
  Using cached PyJWT-2.4.0-py3-none-any.whl (18 kB)
Collecting pysocks
  Downloading PySocks-1.7.1-py3-none-any.whl (16 kB)
Collecting tzlocal!=3.*,>=2.0
  Using cached tzlocal-4.2-py3-none-any.whl (19 kB)
Collecting setuptools>=0.7
  Using cached setuptools-59.6.0-py3-none-any.whl (952 kB)
Collecting s3transfer<0.6.0,>=0.5.0
  Using cached s3transfer-0.5.2-py3-none-any.whl (79 kB)
Collecting jmespath<2.0.0,>=0.7.1
  Using cached jmespath-0.10.0-py2.py3-none-any.whl (24 kB)
Collecting botocore<1.27.0,>=1.26.10
  Using cached botocore-1.26.10-py3-none-any.whl (8.8 MB)
Collecting pycparser
  Using cached pycparser-2.21-py2.py3-none-any.whl (118 kB)
Collecting elastic-transport<9,>=8
  Downloading elastic_transport-8.4.0-py3-none-any.whl (59 kB)
     |████████████████████████████████| 59 kB 20.2 MB/s
Collecting pbr>=3.0.0
  Using cached pbr-5.11.1-py2.py3-none-any.whl (112 kB)
Collecting defusedxml
  Using cached defusedxml-0.7.1-py2.py3-none-any.whl (25 kB)
Collecting requests-toolbelt
  Using cached requests_toolbelt-0.10.1-py2.py3-none-any.whl (54 kB)
Collecting requests-oauthlib>=0.6.1
  Using cached requests_oauthlib-1.3.1-py2.py3-none-any.whl (23 kB)
Collecting importlib-metadata
  Using cached importlib_metadata-4.8.3-py3-none-any.whl (17 kB)
Collecting pyrsistent>=0.14.0
  Using cached pyrsistent-0.18.0-cp36-cp36m-manylinux1_x86_64.whl (117 kB)
Collecting attrs>=17.4.0
  Using cached attrs-22.2.0-py3-none-any.whl (60 kB)
Collecting typing-extensions
  Using cached typing_extensions-4.1.1-py3-none-any.whl (26 kB)
Collecting urllib3<1.27,>=1.21.1
  Using cached urllib3-1.26.15-py2.py3-none-any.whl (140 kB)
Collecting idna<4,>=2.5
  Downloading idna-3.4-py3-none-any.whl (61 kB)
     |████████████████████████████████| 61 kB 338 kB/s
Collecting certifi>=2017.4.17
  Using cached certifi-2022.12.7-py3-none-any.whl (155 kB)
Collecting charset-normalizer~=2.0.0
  Using cached charset_normalizer-2.0.12-py3-none-any.whl (39 kB)
Collecting docopt<0.7.0,>=0.6.2
  Using cached docopt-0.6.2.tar.gz (25 kB)
  Preparing metadata (setup.py) ... done
Collecting websocket-client<2.0.0,>=1.2.3
  Using cached websocket_client-1.3.1-py3-none-any.whl (54 kB)
Collecting dataclasses
  Downloading dataclasses-0.8-py3-none-any.whl (19 kB)
Collecting oauthlib>=3.0.0
  Using cached oauthlib-3.2.2-py3-none-any.whl (151 kB)
Collecting pytz-deprecation-shim
  Using cached pytz_deprecation_shim-0.1.0.post0-py2.py3-none-any.whl (15 kB)
Collecting backports.zoneinfo
  Using cached backports.zoneinfo-0.2.1-cp36-cp36m-manylinux1_x86_64.whl (70 kB)
Collecting zipp>=0.5
  Using cached zipp-3.6.0-py3-none-any.whl (5.3 kB)
Collecting importlib-resources
  Using cached importlib_resources-5.4.0-py3-none-any.whl (28 kB)
Collecting tzdata
  Using cached tzdata-2022.7-py2.py3-none-any.whl (340 kB)
Using legacy 'setup.py install' for twilio, since package 'wheel' is not installed.
Using legacy 'setup.py install' for blist, since package 'wheel' is not installed.
Using legacy 'setup.py install' for envparse, since package 'wheel' is not installed.
Using legacy 'setup.py install' for exotel, since package 'wheel' is not installed.
Using legacy 'setup.py install' for docopt, since package 'wheel' is not installed.
Installing collected packages: zipp, six, importlib-resources, urllib3, tzdata, python-dateutil, jmespath, idna, charset-normalizer, certifi, backports.zoneinfo, typing-extensions, requests, pytz-deprecation-shim, oauthlib, dataclasses, botocore, websocket-client, tzlocal, setuptools, s3transfer, requests-toolbelt, requests-oauthlib, pytz, pysocks, pyrsistent, PyJWT, pycparser, pbr, importlib-metadata, elastic-transport, docopt, defusedxml, attrs, twilio, texttable, stomp.py, PyYAML, PyStaticConfiguration, py-zabbix, prison, mock, jsonschema, jira, exotel, envparse, elasticsearch, croniter, configparser, cffi, boto3, blist, aws-requests-auth, apscheduler
    Running setup.py install for docopt ... done
    Running setup.py install for twilio ... done
    Running setup.py install for exotel ... done
    Running setup.py install for envparse ... done
    Running setup.py install for blist ... done
ERROR: pips dependency resolver does not currently take into account all the packages that are installed. This behaviour is the source of the following dependency conflicts.
elastalert 0.2.4 requires elasticsearch==7.0.0, but you have elasticsearch 8.6.2 which is incompatible.
elastalert 0.2.4 requires jira>=2.0.0, but you have jira 1.0.14 which is incompatible.
Successfully installed PyJWT-2.4.0 PyStaticConfiguration-0.11.1 PyYAML-6.0 apscheduler-3.10.1 attrs-22.2.0 aws-requests-auth-0.4.3 backports.zoneinfo-0.2.1 blist-1.3.6 boto3-1.23.10 botocore-1.26.10 certifi-2022.12.7 cffi-1.15.1 charset-normalizer-2.0.12 configparser-5.2.0 croniter-1.3.8 dataclasses-0.8 defusedxml-0.7.1 docopt-0.6.2 elastic-transport-8.4.0 elasticsearch-8.6.2 envparse-0.2.0 exotel-0.1.5 idna-3.4 importlib-metadata-4.8.3 importlib-resources-5.4.0 jira-3.2.0 jmespath-0.10.0 jsonschema-3.2.0 mock-5.0.1 oauthlib-3.2.2 pbr-5.11.1 prison-0.2.1 py-zabbix-1.1.3 pycparser-2.21 pyrsistent-0.18.0 pysocks-1.7.1 python-dateutil-2.6.1 pytz-2022.7.1 pytz-deprecation-shim-0.1.0.post0 requests-2.27.1 requests-oauthlib-1.3.1 requests-toolbelt-0.10.1 s3transfer-0.5.2 setuptools-59.6.0 six-1.16.0 stomp.py-8.1.0 texttable-1.6.7 twilio-6.0.0 typing-extensions-4.1.1 tzdata-2022.7 tzlocal-4.2 urllib3-1.26.15 websocket-client-1.3.1 zipp-3.6.0
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
[root@tmplogsvr elastalert]#
[root@tmplogsvr elastalert]# cd ..
[root@tmplogsvr opt]# rm -rf ./elastalert/

bitsensor용 elastalert 설치

- 용도: kibana에서 elastalert을 구동하기 위한 필수 버전

[root@tmplogsvr opt]# git clone https://github.com/bitsensor/elastalert.git && cd elastalert
'elastalert'에 복제합니다...
remote: Enumerating objects: 1473, done.
remote: Total 1473 (delta 0), reused 0 (delta 0), pack-reused 1473
오브젝트를 받는 중: 100% (1473/1473), 287.83 KiB | 11.99 MiB/s, 완료.
델타를 알아내는 중: 100% (813/813), 완료.
[root@tmplogsvr elastalert]#

npm 설치

[root@tmplogsvr elastalert]# yum install npm
마지막 메타자료 만료확인 1:39:50 이전인: 2023년 03월 16일 (목) 오전 09시 47분 28초.
종속성이 해결되었습니다.
======================================================================================================================================================================================================
 꾸러미                                     구조                             버전                                                                           레포지터리                           크기
======================================================================================================================================================================================================
설치 중:
 npm                                        x86_64                           1:6.14.10-1.10.23.1.1.module_el8.4.0+645+9ce14ba2                              appstream                           3.7 M
종속 꾸러미 설치 중:
 nodejs                                     x86_64                           1:10.23.1-1.module_el8.4.0+645+9ce14ba2                                        appstream                           8.9 M
취약한 종속 꾸러미 설치 중:
 nodejs-full-i18n                           x86_64                           1:10.23.1-1.module_el8.4.0+645+9ce14ba2                                        appstream                           7.3 M
모듈 스트림 활성화:
 nodejs                                                                      10

연결 요약
======================================================================================================================================================================================================
설치  3 꾸러미

총계 내려받기 크기: 20 M
설치된 크기 : 71 M
진행 할 까요? [y/N]: y
꾸러미 내려받기 중:
(1/3): npm-6.14.10-1.10.23.1.1.module_el8.4.0+645+9ce14ba2.x86_64.rpm                                                                                                 7.4 MB/s | 3.7 MB     00:00
(2/3): nodejs-full-i18n-10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64.rpm                                                                                              6.3 MB/s | 7.3 MB     00:01
(3/3): nodejs-10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64.rpm                                                                                                        7.4 MB/s | 8.9 MB     00:01
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
합계                                                                                                                                                                   10 MB/s |  20 MB     00:01
연결 확인 실행 중
연결 확인에 성공했습니다.
연결 시험 실행 중
연결 시험에 성공했습니다.
연결 실행 중
  스크립트릿 실행 중: npm-1:6.14.10-1.10.23.1.1.module_el8.4.0+645+9ce14ba2.x86_64                                                                                                                1/1
  준비 중           :                                                                                                                                                                             1/1
  설치 중           : nodejs-full-i18n-1:10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64                                                                                                             1/3
  설치 중           : npm-1:6.14.10-1.10.23.1.1.module_el8.4.0+645+9ce14ba2.x86_64                                                                                                                2/3
  설치 중           : nodejs-1:10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64                                                                                                                       3/3
  스크립트릿 실행 중: nodejs-1:10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64                                                                                                                       3/3
  확인 중           : nodejs-1:10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64                                                                                                                       1/3
  확인 중           : nodejs-full-i18n-1:10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64                                                                                                             2/3
  확인 중           : npm-1:6.14.10-1.10.23.1.1.module_el8.4.0+645+9ce14ba2.x86_64                                                                                                                3/3

설치되었습니다:
  nodejs-1:10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64       nodejs-full-i18n-1:10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64       npm-1:6.14.10-1.10.23.1.1.module_el8.4.0+645+9ce14ba2.x86_64

완료되었습니다!
[root@tmplogsvr elastalert]#

npm 실행 오류 1 및 해결

[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

./scripts/start.sh: line 3: ./node_modules/.bin/bunyan: 그런 파일이나 디렉터리가 없습니다
internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'babel-register'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at Object.<anonymous> (/opt/elastalert/index.js:1:1)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:789:10)
    at Module.load (internal/modules/cjs/loader.js:653:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
    at Function.Module._load (internal/modules/cjs/loader.js:585:3)
npm ERR! code ELIFECYCLE
npm ERR! syscall spawn
npm ERR! file sh
npm ERR! errno ENOENT
npm ERR! @bitsensor/elastalert@3.0.0-beta.0 start: `sh ./scripts/start.sh`
npm ERR! spawn ENOENT
npm ERR!
npm ERR! Failed at the @bitsensor/elastalert@3.0.0-beta.0 start script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm WARN Local package.json exists, but node_modules missing, did you mean to install?

npm ERR! A complete log of this run can be found in:
npm ERR!     /root/.npm/_logs/2023-03-16T02_32_07_479Z-debug.log
[root@tmplogsvr elastalert]#
[root@tmplogsvr elastalert]# npm install bunyan

> dtrace-provider@0.8.8 install /opt/elastalert/node_modules/dtrace-provider
> node-gyp rebuild || node suppress-error.js

make: 디렉터리 '/opt/elastalert/node_modules/dtrace-provider/build' 들어감
  TOUCH Release/obj.target/DTraceProviderStub.stamp
make: 디렉터리 '/opt/elastalert/node_modules/dtrace-provider/build' 나감
npm notice created a lockfile as package-lock.json. You should commit this file.
+ bunyan@1.8.15
added 20 packages from 23 contributors and audited 20 packages in 2.499s

1 package is looking for funding
  run `npm fund` for details

found 0 vulnerabilities

[root@tmplogsvr elastalert]# npm install babel-register --save-dev
npm WARN deprecated core-js@2.6.12: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.

> core-js@2.6.12 postinstall /opt/elastalert/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"

Thank you for using core-js ( https://github.com/zloirock/core-js ) for polyfilling JavaScript standard library!

The project needs your help! Please consider supporting of core-js on Open Collective or Patreon:
> https://opencollective.com/core-js
> https://www.patreon.com/zloirock

Also, the author of core-js ( https://github.com/zloirock ) is looking for a good job -)

npm notice save babel-register is being moved from dependencies to devDependencies
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.

+ babel-register@6.26.0
added 51 packages from 53 contributors and audited 93 packages in 1.83s

3 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]#

npm 실행 오류 2 및 해결

[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

/opt/elastalert/node_modules/babel-core/lib/transformation/file/options/option-manager.js:328
        throw e;
        ^

Error: Couldnt find preset "es2015" relative to directory "/opt/elastalert"
    at /opt/elastalert/node_modules/babel-core/lib/transformation/file/options/option-manager.js:293:19
    at Array.map (<anonymous>)
    at OptionManager.resolvePresets (/opt/elastalert/node_modules/babel-core/lib/transformation/file/options/option-manager.js:275:20)
    at OptionManager.mergePresets (/opt/elastalert/node_modules/babel-core/lib/transformation/file/options/option-manager.js:264:10)
    at OptionManager.mergeOptions (/opt/elastalert/node_modules/babel-core/lib/transformation/file/options/option-manager.js:249:14)
    at OptionManager.init (/opt/elastalert/node_modules/babel-core/lib/transformation/file/options/option-manager.js:368:12)
    at compile (/opt/elastalert/node_modules/babel-register/lib/node.js:103:45)
    at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:14)
    at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (internal/modules/cjs/loader.js:653:32)
[root@tmplogsvr elastalert]# npm install babel-preset-es2015
npm WARN deprecated babel-preset-es2015@6.24.1: 🙌  Thanks for using Babel: we recommend using babel-preset-env now: please read https://babeljs.io/env to update!
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.

+ babel-preset-es2015@6.24.1
added 43 packages from 8 contributors and audited 136 packages in 2.904s

3 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'express'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at Object.<anonymous> (/opt/elastalert/src/elastalert_server.js:1:1)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
    at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (internal/modules/cjs/loader.js:653:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install express
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.

+ express@4.18.2
added 54 packages from 40 contributors and audited 190 packages in 1.574s

10 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'body-parser'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at Object.<anonymous> (/opt/elastalert/src/elastalert_server.js:2:1)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
    at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (internal/modules/cjs/loader.js:653:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install body-parser
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.

+ body-parser@1.20.2
added 2 packages from 3 contributors and audited 192 packages in 0.82s

10 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'joi'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at Object.<anonymous> (/opt/elastalert/src/common/config/server_config.js:1:1)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
    at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (internal/modules/cjs/loader.js:653:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install joi
npm WARN deprecated joi@13.7.0: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated topo@3.0.3: This module has moved and is now available at @hapi/topo. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.
npm WARN deprecated hoek@5.0.4: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated hoek@6.1.3: This module has moved and is now available at @hapi/hoek. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.

+ joi@13.7.0
added 6 packages from 1 contributor and audited 198 packages in 0.992s

10 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'object-resolve-path'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at Object.<anonymous> (/opt/elastalert/src/common/config/server_config.js:5:1)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
    at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (internal/modules/cjs/loader.js:653:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install object-resolve-path
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.

+ object-resolve-path@1.1.1
added 1 package from 1 contributor and audited 199 packages in 1.433s

10 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'mkdirp'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at Object.<anonymous> (/opt/elastalert/src/common/file_system.js:3:1)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
    at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (internal/modules/cjs/loader.js:653:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install mkdirp
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.

+ mkdirp@0.5.6
added 1 package from 1 contributor and audited 200 packages in 0.821s

10 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'ws'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at Object.<anonymous> (/opt/elastalert/src/common/websocket.js:1:1)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
    at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (internal/modules/cjs/loader.js:653:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install ws
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.

+ ws@6.2.2
added 2 packages from 2 contributors and audited 202 packages in 0.873s

10 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'lodash'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at Object.<anonymous> (/opt/elastalert/src/routes/route_setup.js:1:1)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
    at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (internal/modules/cjs/loader.js:653:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install lodash
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.

+ lodash@4.17.21
added 1 package from 2 contributors and audited 203 packages in 0.815s

10 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'elasticsearch'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at Object.<anonymous> (/opt/elastalert/src/common/elasticsearch_client.js:1:1)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
    at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (internal/modules/cjs/loader.js:653:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install elasticsearch
npm WARN deprecated elasticsearch@15.5.0: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.

+ elasticsearch@15.5.0
added 3 packages from 3 contributors and audited 207 packages in 0.943s

10 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'tar'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at Object.<anonymous> (/opt/elastalert/src/controllers/rules/index.js:3:1)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
    at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (internal/modules/cjs/loader.js:653:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install tar
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.

+ tar@4.4.19
added 6 packages from 1 contributor and audited 213 packages in 1.447s

10 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'fs-extra'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at Object.<anonymous> (/opt/elastalert/src/controllers/rules/index.js:4:1)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
    at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (internal/modules/cjs/loader.js:653:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install fs-extra
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.

+ fs-extra@5.0.0
added 4 packages from 2 contributors and audited 217 packages in 0.975s

10 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'request-promise-native'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at Object.<anonymous> (/opt/elastalert/src/controllers/rules/index.js:5:1)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
    at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (internal/modules/cjs/loader.js:653:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install request-promise-native
npm WARN deprecated request-promise-native@1.0.9: request-promise-native has been deprecated because it extends the now deprecated request package, see https://github.com/request/request/issues/3142
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
npm WARN request-promise-native@1.0.9 requires a peer of request@^2.34 but none is installed. You must install peer dependencies yourself.
npm WARN request-promise-core@1.1.4 requires a peer of request@^2.34 but none is installed. You must install peer dependencies yourself.

+ request-promise-native@1.0.9
added 5 packages from 9 contributors and audited 222 packages in 0.974s

10 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'request'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at /opt/elastalert/node_modules/request-promise-native/lib/rp.js:8:12
    at module.exports (/opt/elastalert/node_modules/stealthy-require/lib/index.js:62:23)
    at Object.<anonymous> (/opt/elastalert/node_modules/request-promise-native/lib/rp.js:7:15)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at Module._extensions..js (internal/modules/cjs/loader.js:789:10)
    at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:152:7)
[root@tmplogsvr elastalert]# npm install request
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated uuid@3.4.0: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.

+ request@2.88.2
added 40 packages from 43 contributors and audited 262 packages in 1.55s

11 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'randomstring'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at Object.<anonymous> (/opt/elastalert/src/controllers/test/index.js:5:1)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
    at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (internal/modules/cjs/loader.js:653:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install randomstring
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.

+ randomstring@1.2.3
added 3 packages from 2 contributors and audited 265 packages in 1.026s

11 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'cors'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at Object.<anonymous> (/opt/elastalert/src/elastalert_server.js:13:1)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
    at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (internal/modules/cjs/loader.js:653:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install cors
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.

+ cors@2.8.5
added 2 packages from 2 contributors and audited 267 packages in 1.027s

11 packages are looking for funding
  run `npm fund` for details

found 1 high severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]#

npm 실행 오류 3 및 해결

[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

03:04:12.912Z  INFO elastalert-server: Config:  No config.dev.json file was found in /opt/elastalert/config/config.dev.json.
03:04:12.913Z  INFO elastalert-server: Config:  Proceeding to look for normal config file.
03:04:12.913Z  INFO elastalert-server: Config:  A config file was found in /opt/elastalert/config/config.json. Using that config.
03:04:12.919Z  INFO elastalert-server: Router:  Listening for GET request on /.
03:04:12.919Z  INFO elastalert-server: Router:  Listening for GET request on /status.
03:04:12.919Z  INFO elastalert-server: Router:  Listening for GET request on /status/control/:action.
03:04:12.919Z  INFO elastalert-server: Router:  Listening for GET request on /status/errors.
03:04:12.919Z  INFO elastalert-server: Router:  Listening for GET request on /rules.
03:04:12.920Z  INFO elastalert-server: Router:  Listening for GET request on /rules/:id.
03:04:12.920Z  INFO elastalert-server: Router:  Listening for POST request on /rules/:id.
03:04:12.920Z  INFO elastalert-server: Router:  Listening for DELETE request on /rules/:id.
03:04:12.920Z  INFO elastalert-server: Router:  Listening for GET request on /templates.
03:04:12.920Z  INFO elastalert-server: Router:  Listening for GET request on /templates/:id.
03:04:12.920Z  INFO elastalert-server: Router:  Listening for POST request on /templates/:id.
03:04:12.920Z  INFO elastalert-server: Router:  Listening for DELETE request on /templates/:id.
03:04:12.921Z  INFO elastalert-server: Router:  Listening for POST request on /test.
03:04:12.921Z  INFO elastalert-server: Router:  Listening for GET request on /config.
03:04:12.921Z  INFO elastalert-server: Router:  Listening for POST request on /config.
03:04:12.921Z  INFO elastalert-server: Router:  Listening for POST request on /download.
03:04:12.921Z  INFO elastalert-server: Router:  Listening for GET request on /metadata/:type.
03:04:12.921Z  INFO elastalert-server: Router:  Listening for GET request on /mapping/:index.
03:04:12.921Z  INFO elastalert-server: Router:  Listening for POST request on /search/:index.
03:04:12.923Z  INFO elastalert-server: ProcessController:  Starting ElastAlert
03:04:12.923Z  INFO elastalert-server: ProcessController:  Creating index
03:04:13.089Z ERROR elastalert-server:
    ProcessController:  Traceback (most recent call last):
      File "/usr/lib64/python3.6/runpy.py", line 183, in _run_module_as_main
        mod_name, mod_spec, code = _get_module_details(mod_name, _Error)
      File "/usr/lib64/python3.6/runpy.py", line 109, in _get_module_details
        __import__(pkg_name)
      File "/usr/local/lib/python3.6/site-packages/elastalert/__init__.py", line 6, in <module>
        from elasticsearch import RequestsHttpConnection
    ImportError: cannot import name 'RequestsHttpConnection'

03:04:13.089Z ERROR elastalert-server: ProcessController:  Index create exited with code 1
03:04:13.089Z  WARN elastalert-server: ProcessController:  ElastAlert will start but might not be able to save its data!
03:04:13.089Z  INFO elastalert-server: ProcessController:  Starting elastalert with arguments [none]
03:04:13.093Z  INFO elastalert-server: ProcessController:  Started Elastalert (PID: 71989)
03:04:13.093Z  INFO elastalert-server: Server:  Server listening on port 3030
03:04:13.094Z  INFO elastalert-server: Server:  Websocket listening on port 3333
03:04:13.094Z  INFO elastalert-server: Server:  Server started
03:04:13.240Z ERROR elastalert-server:
    ProcessController:  Traceback (most recent call last):
      File "/usr/lib64/python3.6/runpy.py", line 183, in _run_module_as_main
        mod_name, mod_spec, code = _get_module_details(mod_name, _Error)
      File "/usr/lib64/python3.6/runpy.py", line 109, in _get_module_details
        __import__(pkg_name)
      File "/usr/local/lib/python3.6/site-packages/elastalert/__init__.py", line 6, in <module>
        from elasticsearch import RequestsHttpConnection
    ImportError: cannot import name 'RequestsHttpConnection'

03:04:13.255Z ERROR elastalert-server: ProcessController:  ElastAlert exited with code 1
03:04:13.255Z  INFO elastalert-server: Server:  Stopping server
03:04:13.255Z  INFO elastalert-server: ProcessController:  ElastAlert is not running
03:04:13.256Z  INFO elastalert-server: Server:  Server stopped. Bye!
[root@tmplogsvr elastalert]# python -m pip install --upgrade 'elasticsearch>=7.16,<8'
Collecting elasticsearch<8,>=7.16
  Downloading elasticsearch-7.17.9-py2.py3-none-any.whl (385 kB)
     |████████████████████████████████| 385 kB 40.4 MB/s
Requirement already satisfied: urllib3<2,>=1.21.1 in /usr/local/lib/python3.6/site-packages (from elasticsearch<8,>=7.16) (1.26.15)
Requirement already satisfied: certifi in /usr/local/lib/python3.6/site-packages (from elasticsearch<8,>=7.16) (2022.12.7)
Installing collected packages: elasticsearch
  Attempting uninstall: elasticsearch
    Found existing installation: elasticsearch 8.6.2
    Uninstalling elasticsearch-8.6.2:
      Successfully uninstalled elasticsearch-8.6.2
ERROR: pip's dependency resolver does not currently take into account all the packages that are installed. This behaviour is the source of the following dependency conflicts.
elastalert 0.2.4 requires elasticsearch==7.0.0, but you have elasticsearch 7.17.9 which is incompatible.
Successfully installed elasticsearch-7.17.9
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
[root@tmplogsvr elastalert]#

npm 실행 오류 4 및 해결

[root@tmplogsvr elastalert]# npm start

> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh

03:16:12.392Z  INFO elastalert-server: Config:  No config.dev.json file was found in /opt/elastalert/config/config.dev.json.
03:16:12.393Z  INFO elastalert-server: Config:  Proceeding to look for normal config file.
03:16:12.393Z  INFO elastalert-server: Config:  A config file was found in /opt/elastalert/config/config.json. Using that config.
03:16:12.399Z  INFO elastalert-server: Router:  Listening for GET request on /.
03:16:12.399Z  INFO elastalert-server: Router:  Listening for GET request on /status.
03:16:12.399Z  INFO elastalert-server: Router:  Listening for GET request on /status/control/:action.
03:16:12.399Z  INFO elastalert-server: Router:  Listening for GET request on /status/errors.
03:16:12.399Z  INFO elastalert-server: Router:  Listening for GET request on /rules.
03:16:12.400Z  INFO elastalert-server: Router:  Listening for GET request on /rules/:id.
03:16:12.400Z  INFO elastalert-server: Router:  Listening for POST request on /rules/:id.
03:16:12.400Z  INFO elastalert-server: Router:  Listening for DELETE request on /rules/:id.
03:16:12.400Z  INFO elastalert-server: Router:  Listening for GET request on /templates.
03:16:12.400Z  INFO elastalert-server: Router:  Listening for GET request on /templates/:id.
03:16:12.400Z  INFO elastalert-server: Router:  Listening for POST request on /templates/:id.
03:16:12.400Z  INFO elastalert-server: Router:  Listening for DELETE request on /templates/:id.
03:16:12.400Z  INFO elastalert-server: Router:  Listening for POST request on /test.
03:16:12.400Z  INFO elastalert-server: Router:  Listening for GET request on /config.
03:16:12.400Z  INFO elastalert-server: Router:  Listening for POST request on /config.
03:16:12.400Z  INFO elastalert-server: Router:  Listening for POST request on /download.
03:16:12.400Z  INFO elastalert-server: Router:  Listening for GET request on /metadata/:type.
03:16:12.400Z  INFO elastalert-server: Router:  Listening for GET request on /mapping/:index.
03:16:12.400Z  INFO elastalert-server: Router:  Listening for POST request on /search/:index.
03:16:12.403Z  INFO elastalert-server: ProcessController:  Starting ElastAlert
03:16:12.403Z  INFO elastalert-server: ProcessController:  Creating index
03:16:12.587Z  INFO elastalert-server: ProcessController:  Enter Elasticsearch host:
03:16:12.587Z ERROR elastalert-server:
    ProcessController:  Traceback (most recent call last):
      File "/usr/lib64/python3.6/runpy.py", line 193, in _run_module_as_main
        "__main__", mod_spec)
      File "/usr/lib64/python3.6/runpy.py", line 85, in _run_code
        exec(code, run_globals)
      File "/usr/local/lib/python3.6/site-packages/elastalert/create_index.py", line 268, in <module>
        main()
      File "/usr/local/lib/python3.6/site-packages/elastalert/create_index.py", line 215, in main
        host = args.host if args.host else input('Enter Elasticsearch host: ')
    EOFError: EOF when reading a line

03:16:12.587Z ERROR elastalert-server: ProcessController:  Index create exited with code 1
03:16:12.587Z  WARN elastalert-server: ProcessController:  ElastAlert will start but might not be able to save its data!
03:16:12.587Z  INFO elastalert-server: ProcessController:  Starting elastalert with arguments [none]
03:16:12.591Z  INFO elastalert-server: ProcessController:  Started Elastalert (PID: 72288)
03:16:12.592Z  INFO elastalert-server: Server:  Server listening on port 3030
03:16:12.592Z  INFO elastalert-server: Server:  Websocket listening on port 3333
03:16:12.592Z  INFO elastalert-server: Server:  Server started
03:16:12.883Z ERROR elastalert-server:
    ProcessController:  Traceback (most recent call last):
      File "/usr/lib64/python3.6/runpy.py", line 193, in _run_module_as_main
        "__main__", mod_spec)
      File "/usr/lib64/python3.6/runpy.py", line 85, in _run_code
        exec(code, run_globals)
      File "/usr/local/lib/python3.6/site-packages/elastalert/elastalert.py", line 2055, in <module>
        sys.exit(main(sys.argv[1:]))
      File "/usr/local/lib/python3.6/site-packages/elastalert/elastalert.py", line 2049, in main
        client = ElastAlerter(args)
      File "/usr/local/lib/python3.6/site-packages/elastalert/elastalert.py", line 138, in __init__
        self.conf = load_conf(self.args)
      File "/usr/local/lib/python3.6/site-packages/elastalert/config.py", line 45, in load_conf
        conf = yaml_loader(filename)
      File "/usr/local/lib/python3.6/site-packages/staticconf/loader.py", line 177, in yaml_loader
        with open(filename) as fh:
    FileNotFoundError: [Errno 2] No such file or directory: 'config.yaml'

03:16:12.916Z ERROR elastalert-server: ProcessController:  ElastAlert exited with code 1
03:16:12.916Z  INFO elastalert-server: Server:  Stopping server
03:16:12.916Z  INFO elastalert-server: ProcessController:  ElastAlert is not running
03:16:12.917Z  INFO elastalert-server: Server:  Server stopped. Bye!
[root@tmplogsvr elastalert]#
[root@tmplogsvr elastalert]# echo \
'rules_folder: rules # 폴더명

run_every: # elasticsearch를 쿼리하는 빈도
  minutes: 1

buffer_time: # 쿼리가 실행되는 시간부터 뒤로 늘어나는 쿼리 창의 크기
  minutes: 15
  
es_host: 192.168.0.17 # elasticsearch host

es_port: 9200 # elasticsearch 사용 port

writeback_index: elastalert_status # elastalert2가 데이터를 저장할 index

alert_time_limit: # 실패한 경고에 대한 재시도 기간
  days: 2' > config.yaml
  [root@tmplogsvr elastalert]#

'기술 노트 > elastalert' 카테고리의 다른 글

elastalert plugin 설치하기 (0)	2023.03.16
elastalert rule example 2 (0)	2023.03.06
elastalert rules example 1 (0)	2023.03.06
elastalert config.yaml (0)	2023.03.06
elastalert 실행하기 1 (0)	2023.03.06

logstash.conf_23.02.20

2023. 2. 20. 17:11

grok 패턴의 다양성을 위해서 config 설정 변경 시 내용 공유 합니다.

샘플로 이용을 해주시면 좋을 것 같아요.

설정 중 더 나은 코드 정보가 있으면 의견도 부탁드립니다.

input {
	file {
		path => "/var/log/rsyslog/192.168.10.2/*.log"
		start_position => "beginning"
		tags => ["ap1"]
	}
	file {
		path => "/var/log/rsyslog/192.168.10.3/*.log"
		start_position => "beginning"
		tags => ["ap2"]
	}
	file {
		path => "/var/log/rsyslog/192.168.10.4/*.log"
		start_position => "beginning"
		tags => ["ap3"]
	}
	file {
		path => "/var/log/rsyslog/192.168.10.5/*.log"
		start_position => "beginning"
		tags => ["ap4"]
	}
}

filter {
	if "ap1" in [tags] or "ap2" in [tags] or "ap3" in [tags] or "ap4" in [tags]  {
		grok {
			patterns_dir => ["/etc/logstash/pattern.d"]
				match => {
					"message" => [
						"%{SYSLOGTIMESTAMP:access_time} %{IPORHOST:ip_or_host} %{IPORHOST:process}\[%{BASE10NUM:process_id}\]\: %{GREEDYDATA:sub_message}",
						"%{SYSLOGTIMESTAMP:access_time} %{IPORHOST:ip_or_host} \[%{BASE10NUM:process_id}\]\: %{GREEDYDATA:sub_message}",
						"%{SYSLOGTIMESTAMP:access_time} %{IPORHOST:ip_or_host} %{WORD:process}\: User\: %{USER:User} %{GREEDYDATA:Reason} in %{GREEDYDATA:access_day}\#%{NUMBER:Deauthentication_Reason_Code}, to %{IP:Destination_IP}, from %{IP:Start_ip} using %{WORD:Access_Method}"
					]
				}
		}
		mutate { remove_field => [ "message" ] }
	}
}

output {
	if "ap1" in [tags] {
		elasticsearch {
			hosts => ["http://192.168.0.17:9200"]
			index => "logstash-ap1-index-%{+YYYY.MM.dd}"
		}
	}
	else if "ap2" in [tags] {
		elasticsearch {
			hosts => ["http://192.168.0.17:9200"]
			index => "logstash-ap2-index-%{+YYYY.MM.dd}"
		}
	}
	else if "ap3" in [tags] {
		elasticsearch {
			hosts => ["http://192.168.0.17:9200"]
			index => "logstash-ap3-index-%{+YYYY.MM.dd}"
		}
	}
	else if "ap4" in [tags] {
		elasticsearch {
			hosts => ["http://192.168.0.17:9200"]
			index => "logstash-ap4-index-%{+YYYY.MM.dd}"
		}
	}
}

'기술 노트 > logstash' 카테고리의 다른 글

logstash.conf_230405 (0)	2023.04.05
logstash.conf_230306 (0)	2023.03.06
logstash 파일 파싱하기 (0)	2023.02.20
logstash 설정 (0)	2023.02.20
grok pattern (0)	2023.02.17

logstash 파일 파싱하기

2023. 2. 20. 12:30

저는 syslog 서버를 기준으로 구축을 한다고 밝혔습니다.

그래서 ap에서 받은 syslog를 기준으로 설명을 진행하겠습니다.

rsyslog의 설정을 제가 한 대로 따라하셨다면, 해당 폴더에 syslog 를 수신한 폴더와 내부에 파일이 보일 겁니다.

[root@tmplogsvr rsyslog]# pwd

/var/log/rsyslog

[root@tmplogsvr rsyslog]# ls -al

합계 4

drwx------. 7 root root 106 2월 15 14:45 .

drwxr-xr-x. 17 root root 4096 2월 19 00:00 ..

drwx------. 2 root root 138 2월 20 00:12 192.168.0.54

drwx------. 2 root root 138 2월 20 00:00 192.168.10.2

drwx------. 2 root root 138 2월 20 08:23 192.168.10.3

drwx------. 2 root root 138 2월 20 08:31 192.168.10.4

drwx------. 2 root root 138 2월 20 01:39 192.168.10.5

[root@tmplogsvr rsyslog]#

해당 폴더에 들어가면 수신날자.log 형태의 파일을 확인할 수 있습니다.

[root@tmplogsvr 192.168.10.2]# ls -al

합계 3072

drwx------. 2 root root 138 2월 20 00:00 .

drwx------. 7 root root 106 2월 15 14:45 ..

-rw-------. 1 root root 703219 2월 15 23:57 2023-02-15.log

-rw-------. 1 root root 1129390 2월 16 18:29 2023-02-16.log

-rw-------. 1 root root 176330 2월 17 21:12 2023-02-17.log

-rw-------. 1 root root 504511 2월 18 23:59 2023-02-18.log

-rw-------. 1 root root 542715 2월 19 22:26 2023-02-19.log

-rw-------. 1 root root 71405 2월 20 11:17 2023-02-20.log

[root@tmplogsvr 192.168.10.2]#

kibana에서 보고 싶은 파일의 위치를 확인 하신 후 logstash의 설정을 합니다.

우선 먼저 어떻게 파일이 수신되는지 확인을 합니다.

저는 logstash의 로그 파싱 설정을 /etc/logstash/conf.d 폴더에 logstash.conf 로 작성하였습니다.

[root@tmplogsvr 192.168.10.2]# cat /etc/logstash/conf.d/logstash.conf
input { # logstash에서 파일을 받아들이겠다는 선언
        file { # 어떤 형태의 입력 type을 받겠다는 선언
                path => "/var/log/rsyslog/192.168.10.2/*.log" # 받아 들일 로그의 위치 선언
                start_position => "beginning" # 파일을 읽는 방식으로 차후 자세한 설명
                tags => ["ap1"] # 해당 경로의 파일인 경우 tag에 "ap1"을 표시
        }
}

output { #logstash에서 파일을 내보내겠다는 선언
        if "ap1" in [tags] { # 로그 중 tags에 "ap1"이 표시되어 있다면
                elasticsearch { # 로그를 elasticsearch에 보내겠다는 선언
                        hosts => ["http://192.168.0.17:9200"] # elasticsearch url 정보
                        index => "logstash-ap1-index-%{+YYYY.MM.dd}" # elasticsearch의 index 입력 방식
                }
        }
}

위의 설정대로 하신 후 logstash를 재시작 합니다.

이제 kibana에 접속을 합니다.

정상적으로 출력이 됐다면, logstash.conf 파일을 아래와 같이 수정

input {
  file {
    path => "/var/log/rsyslog/192.168.10.2/*.log"
    start_position => "beginning"
    tags => ["ap1"]
  }
}

filter {
  if "ap1" in [tags] { # tags에 "ap1"이 있다면
    grok { # grok 적용해라
      patterns_dir => ["/etc/logstash/patterns.d"] # grok 적용 전 패턴 등록
      match => { "message" => [ "%{SYSLOGTIMESTAMP:access_time} %{IPORHOST:ip} %{IPORHOST:process}\[%{BASE10NUM:process_id}\]\: %{GREEDYDATA:sub_message}" ] }
    }
    mutate { remove_field => [ "message" ] } # message 필드 삭제
  }
}

output {
        if "ap1" in [tags] {
                elasticsearch {
                        hosts => ["http://192.168.0.17:9200"]
                        index => "logstash-ap1-index-%{+YYYY.MM.dd}"
                }
        }
}

수정 후 logstash 재시작 수행

이 후 kibana에서 로그 확인 시 아래와 같이 변경된 것을 볼 수 있습니다.

'기술 노트 > logstash' 카테고리의 다른 글

logstash.conf_230306 (0)	2023.03.06
logstash.conf_23.02.20 (0)	2023.02.20
logstash 설정 (0)	2023.02.20
grok pattern (0)	2023.02.17
logstash 설치 (0)	2023.02.16

logstash 설정

2023. 2. 20. 10:30

[root@tmplogsvr logstash]# cat /etc/logstash/logstash.yml
# Settings file in YAML
#
# Settings can be specified either in hierarchical form, e.g.:
#
#   pipeline:
#     batch:
#       size: 125
#       delay: 5
#
# Or as flat keys:
#
#   pipeline.batch.size: 125
#   pipeline.batch.delay: 5
#
# ------------  Node identity ------------
#
# Use a descriptive name for the node:
#
# node.name: test
#
# If omitted the node name will default to the machine's host name
#
# ------------ Data path ------------------
#
# Which directory should be used by logstash and its plugins
# for any persistent needs. Defaults to LOGSTASH_HOME/data
#
path.data: /var/lib/logstash
#
# ------------ Pipeline Settings --------------
#
# The ID of the pipeline.
#
# pipeline.id: main
#
# Set the number of workers that will, in parallel, execute the filters+outputs
# stage of the pipeline.
#
# This defaults to the number of the host's CPU cores.
#
# pipeline.workers: 2
#
# How many events to retrieve from inputs before sending to filters+workers
#
# pipeline.batch.size: 125
#
# How long to wait in milliseconds while polling for the next event
# before dispatching an undersized batch to filters+outputs
#
# pipeline.batch.delay: 50
#
# Force Logstash to exit during shutdown even if there are still inflight
# events in memory. By default, logstash will refuse to quit until all
# received events have been pushed to the outputs.
#
# WARNING: Enabling this can lead to data loss during shutdown
#
# pipeline.unsafe_shutdown: false
#
# Set the pipeline event ordering. Options are "auto" (the default), "true" or "false".
# "auto" automatically enables ordering if the 'pipeline.workers' setting
# is also set to '1', and disables otherwise.
# "true" enforces ordering on the pipeline and prevent logstash from starting
# if there are multiple workers.
# "false" disables any extra processing necessary for preserving ordering.
#
# pipeline.ordered: auto
#
# Sets the pipeline's default value for `ecs_compatibility`, a setting that is
# available to plugins that implement an ECS Compatibility mode for use with
# the Elastic Common Schema.
# Possible values are:
# - disabled
# - v1
# - v8 (default)
# Pipelines defined before Logstash 8 operated without ECS in mind. To ensure a
# migrated pipeline continues to operate as it did before your upgrade, opt-OUT
# of ECS for the individual pipeline in its `pipelines.yml` definition. Setting
# it here will set the default for _all_ pipelines, including new ones.
#
# pipeline.ecs_compatibility: v8
#
# ------------ Pipeline Configuration Settings --------------
#
# Where to fetch the pipeline configuration for the main pipeline
#
# path.config:
#
# Pipeline configuration string for the main pipeline
#
# config.string:
#
# At startup, test if the configuration is valid and exit (dry run)
#
# config.test_and_exit: false
#
# Periodically check if the configuration has changed and reload the pipeline
# This can also be triggered manually through the SIGHUP signal
#
# config.reload.automatic: false
#
# How often to check if the pipeline configuration has changed (in seconds)
# Note that the unit value (s) is required. Values without a qualifier (e.g. 60)
# are treated as nanoseconds.
# Setting the interval this way is not recommended and might change in later versions.
#
# config.reload.interval: 3s
#
# Show fully compiled configuration as debug log message
# NOTE: --log.level must be 'debug'
#
# config.debug: false
#
# When enabled, process escaped characters such as \n and \" in strings in the
# pipeline configuration files.
#
# config.support_escapes: false
#
# ------------ API Settings -------------
# Define settings related to the HTTP API here.
#
# The HTTP API is enabled by default. It can be disabled, but features that rely
# on it will not work as intended.
#
# api.enabled: true
#
# By default, the HTTP API is not secured and is therefore bound to only the
# host's loopback interface, ensuring that it is not accessible to the rest of
# the network.
# When secured with SSL and Basic Auth, the API is bound to _all_ interfaces
# unless configured otherwise.
#
# api.http.host: 127.0.0.1
#
# The HTTP API web server will listen on an available port from the given range.
# Values can be specified as a single port (e.g., `9600`), or an inclusive range
# of ports (e.g., `9600-9700`).
#
# api.http.port: 9600-9700
#
# The HTTP API includes a customizable "environment" value in its response,
# which can be configured here.
#
# api.environment: "production"
#
# The HTTP API can be secured with SSL (TLS). To do so, you will need to provide
# the path to a password-protected keystore in p12 or jks format, along with credentials.
#
# api.ssl.enabled: false
# api.ssl.keystore.path: /path/to/keystore.jks
# api.ssl.keystore.password: "y0uRp4$$w0rD"
#
# The HTTP API can be configured to require authentication. Acceptable values are
#  - `none`:  no auth is required (default)
#  - `basic`: clients must authenticate with HTTP Basic auth, as configured
#             with `api.auth.basic.*` options below
# api.auth.type: none
#
# When configured with `api.auth.type` `basic`, you must provide the credentials
# that requests will be validated against. Usage of Environment or Keystore
# variable replacements is encouraged (such as the value `"${HTTP_PASS}"`, which
# resolves to the value stored in the keystore's `HTTP_PASS` variable if present
# or the same variable from the environment)
#
# api.auth.basic.username: "logstash-user"
# api.auth.basic.password: "s3cUreP4$$w0rD"
#
# When setting `api.auth.basic.password`, the password should meet
# the default password policy requirements.
# The default password policy requires non-empty minimum 8 char string that
# includes a digit, upper case letter and lower case letter.
# Policy mode sets Logstash to WARN or ERROR when HTTP authentication password doesn't
# meet the password policy requirements.
# The default is WARN. Setting to ERROR enforces stronger passwords (recommended).
#
# api.auth.basic.password_policy.mode: WARN
#
# ------------ Module Settings ---------------
# Define modules here.  Modules definitions must be defined as an array.
# The simple way to see this is to prepend each `name` with a `-`, and keep
# all associated variables under the `name` they are associated with, and
# above the next, like this:
#
# modules:
#   - name: MODULE_NAME
#     var.PLUGINTYPE1.PLUGINNAME1.KEY1: VALUE
#     var.PLUGINTYPE1.PLUGINNAME1.KEY2: VALUE
#     var.PLUGINTYPE2.PLUGINNAME1.KEY1: VALUE
#     var.PLUGINTYPE3.PLUGINNAME3.KEY1: VALUE
#
# Module variable names must be in the format of
#
# var.PLUGIN_TYPE.PLUGIN_NAME.KEY
#
# modules:
#
# ------------ Cloud Settings ---------------
# Define Elastic Cloud settings here.
# Format of cloud.id is a base64 value e.g. dXMtZWFzdC0xLmF3cy5mb3VuZC5pbyRub3RhcmVhbCRpZGVudGlmaWVy
# and it may have an label prefix e.g. staging:dXMtZ...
# This will overwrite 'var.elasticsearch.hosts' and 'var.kibana.host'
# cloud.id: <identifier>
#
# Format of cloud.auth is: <user>:<pass>
# This is optional
# If supplied this will overwrite 'var.elasticsearch.username' and 'var.elasticsearch.password'
# If supplied this will overwrite 'var.kibana.username' and 'var.kibana.password'
# cloud.auth: elastic:<password>
#
# ------------ Queuing Settings --------------
#
# Internal queuing model, "memory" for legacy in-memory based queuing and
# "persisted" for disk-based acked queueing. Defaults is memory
#
# queue.type: memory
#
# If `queue.type: persisted`, the directory path where the pipeline data files will be stored.
# Each pipeline will group its PQ files in a subdirectory matching its `pipeline.id`.
# Default is path.data/queue.
#
# path.queue:
#
# If using queue.type: persisted, the page data files size. The queue data consists of
# append-only data files separated into pages. Default is 64mb
#
# queue.page_capacity: 64mb
#
# If using queue.type: persisted, the maximum number of unread events in the queue.
# Default is 0 (unlimited)
#
# queue.max_events: 0
#
# If using queue.type: persisted, the total capacity of the queue in number of bytes.
# If you would like more unacked events to be buffered in Logstash, you can increase the
# capacity using this setting. Please make sure your disk drive has capacity greater than
# the size specified here. If both max_bytes and max_events are specified, Logstash will pick
# whichever criteria is reached first
# Default is 1024mb or 1gb
#
# queue.max_bytes: 1024mb
#
# If using queue.type: persisted, the maximum number of acked events before forcing a checkpoint
# Default is 1024, 0 for unlimited
#
# queue.checkpoint.acks: 1024
#
# If using queue.type: persisted, the maximum number of written events before forcing a checkpoint
# Default is 1024, 0 for unlimited
#
# queue.checkpoint.writes: 1024
#
# If using queue.type: persisted, the interval in milliseconds when a checkpoint is forced on the head page
# Default is 1000, 0 for no periodic checkpoint.
#
# queue.checkpoint.interval: 1000
#
# ------------ Dead-Letter Queue Settings --------------
# Flag to turn on dead-letter queue.
#
# dead_letter_queue.enable: false

# If using dead_letter_queue.enable: true, the maximum size of each dead letter queue. Entries
# will be dropped if they would increase the size of the dead letter queue beyond this setting.
# Default is 1024mb
# dead_letter_queue.max_bytes: 1024mb

# If using dead_letter_queue.enable: true, the interval in milliseconds where if no further events eligible for the DLQ
# have been created, a dead letter queue file will be written. A low value here will mean that more, smaller, queue files
# may be written, while a larger value will introduce more latency between items being "written" to the dead letter queue, and
# being available to be read by the dead_letter_queue input when items are written infrequently.
# Default is 5000.
#
# dead_letter_queue.flush_interval: 5000

# If using dead_letter_queue.enable: true, controls which entries should be dropped to avoid exceeding the size limit.
# Set the value to `drop_newer` (default) to stop accepting new events that would push the DLQ size over the limit.
# Set the value to `drop_older` to remove queue pages containing the oldest events to make space for new ones.
#
# dead_letter_queue.storage_policy: drop_newer

# If using dead_letter_queue.enable: true, the interval that events have to be considered valid. After the interval has
# expired the events could be automatically deleted from the DLQ.
# The interval could be expressed in days, hours, minutes or seconds, using as postfix notation like 5d,
# to represent a five days interval.
# The available units are respectively d, h, m, s for day, hours, minutes and seconds.
# If not specified then the DLQ doesn't use any age policy for cleaning events.
#
# dead_letter_queue.retain.age: 1d

# If using dead_letter_queue.enable: true, defines the action to take when the dead_letter_queue.max_bytes is reached,
# could be "drop_newer" or "drop_older".
# With drop_newer, messages that were inserted most recently are dropped, logging an error line.
# With drop_older setting, the oldest messages are dropped as new ones are inserted.
# Default value is "drop_newer".
# dead_letter_queue.storage_policy: drop_newer

# If using dead_letter_queue.enable: true, the directory path where the data files will be stored.
# Default is path.data/dead_letter_queue
#
# path.dead_letter_queue:
#
# ------------ Debugging Settings --------------
#
# Options for log.level:
#   * fatal
#   * error
#   * warn
#   * info (default)
#   * debug
#   * trace
#
# log.level: info
path.logs: /var/log/logstash
#
# ------------ Other Settings --------------
#
# Allow or block running Logstash as superuser (default: true)
# allow_superuser: false
#
# Where to find custom plugins
# path.plugins: []
#
# Flag to output log lines of each pipeline in its separate log file. Each log filename contains the pipeline.name
# Default is false
# pipeline.separate_logs: false
#
# ------------ X-Pack Settings (not applicable for OSS build)--------------
#
# X-Pack Monitoring
# https://www.elastic.co/guide/en/logstash/current/monitoring-logstash.html
#xpack.monitoring.enabled: false
#xpack.monitoring.elasticsearch.username: logstash_system
#xpack.monitoring.elasticsearch.password: password
#xpack.monitoring.elasticsearch.proxy: ["http://proxy:port"]
#xpack.monitoring.elasticsearch.hosts: ["https://es1:9200", "https://es2:9200"]
# an alternative to hosts + username/password settings is to use cloud_id/cloud_auth
#xpack.monitoring.elasticsearch.cloud_id: monitoring_cluster_id:xxxxxxxxxx
#xpack.monitoring.elasticsearch.cloud_auth: logstash_system:password
# another authentication alternative is to use an Elasticsearch API key
#xpack.monitoring.elasticsearch.api_key: "id:api_key"
#xpack.monitoring.elasticsearch.ssl.certificate_authority: "/path/to/ca.crt"
#xpack.monitoring.elasticsearch.ssl.ca_trusted_fingerprint: xxxxxxxxxx
#xpack.monitoring.elasticsearch.ssl.truststore.path: path/to/file
#xpack.monitoring.elasticsearch.ssl.truststore.password: password
#xpack.monitoring.elasticsearch.ssl.keystore.path: /path/to/file
#xpack.monitoring.elasticsearch.ssl.keystore.password: password
#xpack.monitoring.elasticsearch.ssl.verification_mode: certificate
#xpack.monitoring.elasticsearch.sniffing: false
#xpack.monitoring.collection.interval: 10s
#xpack.monitoring.collection.pipeline.details.enabled: true
#
# X-Pack Management
# https://www.elastic.co/guide/en/logstash/current/logstash-centralized-pipeline-management.html
#xpack.management.enabled: false
#xpack.management.pipeline.id: ["main", "apache_logs"]
#xpack.management.elasticsearch.username: logstash_admin_user
#xpack.management.elasticsearch.password: password
#xpack.management.elasticsearch.proxy: ["http://proxy:port"]
#xpack.management.elasticsearch.hosts: ["https://es1:9200", "https://es2:9200"]
# an alternative to hosts + username/password settings is to use cloud_id/cloud_auth
#xpack.management.elasticsearch.cloud_id: management_cluster_id:xxxxxxxxxx
#xpack.management.elasticsearch.cloud_auth: logstash_admin_user:password
# another authentication alternative is to use an Elasticsearch API key
#xpack.management.elasticsearch.api_key: "id:api_key"
#xpack.management.elasticsearch.ssl.ca_trusted_fingerprint: xxxxxxxxxx
#xpack.management.elasticsearch.ssl.certificate_authority: "/path/to/ca.crt"
#xpack.management.elasticsearch.ssl.truststore.path: /path/to/file
#xpack.management.elasticsearch.ssl.truststore.password: password
#xpack.management.elasticsearch.ssl.keystore.path: /path/to/file
#xpack.management.elasticsearch.ssl.keystore.password: password
#xpack.management.elasticsearch.ssl.verification_mode: certificate
#xpack.management.elasticsearch.sniffing: false
#xpack.management.logstash.poll_interval: 5s

# X-Pack GeoIP plugin
# https://www.elastic.co/guide/en/logstash/current/plugins-filters-geoip.html#plugins-filters-geoip-manage_update
#xpack.geoip.download.endpoint: "https://geoip.elastic.co/v1/database"

'기술 노트 > logstash' 카테고리의 다른 글

logstash.conf_230306 (0)	2023.03.06
logstash.conf_23.02.20 (0)	2023.02.20
logstash 파일 파싱하기 (0)	2023.02.20
grok pattern (0)	2023.02.17
logstash 설치 (0)	2023.02.16

grok pattern

2023. 2. 17. 16:49

자주 쓰는 패턴 모음입니다.

# Downloaded from: https://raw.githubusercontent.com/logstash-plugins/logstash-patterns-core/master/patterns/grok-patterns

USERNAME [a-zA-Z0-9._-]+
USER %{USERNAME}
EMAILLOCALPART [a-zA-Z][a-zA-Z0-9_.+-=:]+
EMAILADDRESS %{EMAILLOCALPART}@%{HOSTNAME}
HTTPDUSER %{EMAILADDRESS}|%{USER}
INT (?:[+-]?(?:[0-9]+))
BASE10NUM (?<![0-9.+-])(?>[+-]?(?:(?:[0-9]+(?:\.[0-9]+)?)|(?:\.[0-9]+)))
NUMBER (?:%{BASE10NUM})
BASE16NUM (?<![0-9A-Fa-f])(?:[+-]?(?:0x)?(?:[0-9A-Fa-f]+))
BASE16FLOAT \b(?<![0-9A-Fa-f.])(?:[+-]?(?:0x)?(?:(?:[0-9A-Fa-f]+(?:\.[0-9A-Fa-f]*)?)|(?:\.[0-9A-Fa-f]+)))\b

POSINT \b(?:[1-9][0-9]*)\b
NONNEGINT \b(?:[0-9]+)\b
WORD \b\w+\b
NOTSPACE \S+
SPACE \s*
DATA .*?
GREEDYDATA .*
QUOTEDSTRING (?>(?<!\\)(?>"(?>\\.|[^\\"]+)+"|""|(?>'(?>\\.|[^\\']+)+')|''|(?>`(?>\\.|[^\\`]+)+`)|``))
UUID [A-Fa-f0-9]{8}-(?:[A-Fa-f0-9]{4}-){3}[A-Fa-f0-9]{12}

# Networking
MAC (?:%{CISCOMAC}|%{WINDOWSMAC}|%{COMMONMAC})
CISCOMAC (?:(?:[A-Fa-f0-9]{4}\.){2}[A-Fa-f0-9]{4})
WINDOWSMAC (?:(?:[A-Fa-f0-9]{2}-){5}[A-Fa-f0-9]{2})
COMMONMAC (?:(?:[A-Fa-f0-9]{2}:){5}[A-Fa-f0-9]{2})
IPV6 ((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?
IPV4 (?<![0-9])(?:(?:[0-1]?[0-9]{1,2}|2[0-4][0-9]|25[0-5])[.](?:[0-1]?[0-9]{1,2}|2[0-4][0-9]|25[0-5])[.](?:[0-1]?[0-9]{1,2}|2[0-4][0-9]|25[0-5])[.](?:[0-1]?[0-9]{1,2}|2[0-4][0-9]|25[0-5]))(?![0-9])
IP (?:%{IPV6}|%{IPV4})
HOSTNAME \b(?:[0-9A-Za-z][0-9A-Za-z-]{0,62})(?:\.(?:[0-9A-Za-z][0-9A-Za-z-]{0,62}))*(\.?|\b)
IPORHOST (?:%{IP}|%{HOSTNAME})
HOSTPORT %{IPORHOST}:%{POSINT}

# paths
PATH (?:%{UNIXPATH}|%{WINPATH})
UNIXPATH (/([\w_%!$@:.,~-]+|\\.)*)+
TTY (?:/dev/(pts|tty([pq])?)(\w+)?/?(?:[0-9]+))
WINPATH (?>[A-Za-z]+:|\\)(?:\\[^\\?*]*)+
URIPROTO [A-Za-z]+(\+[A-Za-z+]+)?
URIHOST %{IPORHOST}(?::%{POSINT:port})?
# uripath comes loosely from RFC1738, but mostly from what Firefox
# doesn't turn into %XX
URIPATH (?:/[A-Za-z0-9$.+!*'(){},~:;=@#%_\-]*)+
#URIPARAM \?(?:[A-Za-z0-9]+(?:=(?:[^&]*))?(?:&(?:[A-Za-z0-9]+(?:=(?:[^&]*))?)?)*)?
URIPARAM \?[A-Za-z0-9$.+!*'|(){},~@#%&/=:;_?\-\[\]<>]*
URIPATHPARAM %{URIPATH}(?:%{URIPARAM})?
URI %{URIPROTO}://(?:%{USER}(?::[^@]*)?@)?(?:%{URIHOST})?(?:%{URIPATHPARAM})?

# Months: January, Feb, 3, 03, 12, December
MONTH \b(?:Jan(?:uary|uar)?|Feb(?:ruary|ruar)?|M(?:a|ä)?r(?:ch|z)?|Apr(?:il)?|Ma(?:y|i)?|Jun(?:e|i)?|Jul(?:y)?|Aug(?:ust)?|Sep(?:tember)?|O(?:c|k)?t(?:ober)?|Nov(?:ember)?|De(?:c|z)(?:ember)?)\b
MONTHNUM (?:0?[1-9]|1[0-2])
MONTHNUM2 (?:0[1-9]|1[0-2])
MONTHDAY (?:(?:0[1-9])|(?:[12][0-9])|(?:3[01])|[1-9])

# Days: Monday, Tue, Thu, etc...
DAY (?:Mon(?:day)?|Tue(?:sday)?|Wed(?:nesday)?|Thu(?:rsday)?|Fri(?:day)?|Sat(?:urday)?|Sun(?:day)?)

# Years?
YEAR (?>\d\d){1,2}
HOUR (?:2[0123]|[01]?[0-9])
MINUTE (?:[0-5][0-9])
# '60' is a leap second in most time standards and thus is valid.
SECOND (?:(?:[0-5]?[0-9]|60)(?:[:.,][0-9]+)?)
TIME (?!<[0-9])%{HOUR}:%{MINUTE}(?::%{SECOND})(?![0-9])
# datestamp is YYYY/MM/DD-HH:MM:SS.UUUU (or something like it)
DATE_US %{MONTHNUM}[/-]%{MONTHDAY}[/-]%{YEAR}
DATE_EU %{MONTHDAY}[./-]%{MONTHNUM}[./-]%{YEAR}
ISO8601_TIMEZONE (?:Z|[+-]%{HOUR}(?::?%{MINUTE}))
ISO8601_SECOND (?:%{SECOND}|60)
TIMESTAMP_ISO8601 %{YEAR}-%{MONTHNUM}-%{MONTHDAY}[T ]%{HOUR}:?%{MINUTE}(?::?%{SECOND})?%{ISO8601_TIMEZONE}?
DATE %{DATE_US}|%{DATE_EU}
DATESTAMP %{DATE}[- ]%{TIME}
TZ (?:[PMCE][SD]T|UTC)
DATESTAMP_RFC822 %{DAY} %{MONTH} %{MONTHDAY} %{YEAR} %{TIME} %{TZ}
DATESTAMP_RFC2822 %{DAY}, %{MONTHDAY} %{MONTH} %{YEAR} %{TIME} %{ISO8601_TIMEZONE}
DATESTAMP_OTHER %{DAY} %{MONTH} %{MONTHDAY} %{TIME} %{TZ} %{YEAR}
DATESTAMP_EVENTLOG %{YEAR}%{MONTHNUM2}%{MONTHDAY}%{HOUR}%{MINUTE}%{SECOND}
HTTPDERROR_DATE %{DAY} %{MONTH} %{MONTHDAY} %{TIME} %{YEAR}

# Syslog Dates: Month Day HH:MM:SS
SYSLOGTIMESTAMP %{MONTH} +%{MONTHDAY} %{TIME}
PROG [\x21-\x5a\x5c\x5e-\x7e]+
SYSLOGPROG %{PROG:program}(?:\[%{POSINT:pid}\])?
SYSLOGHOST %{IPORHOST}
SYSLOGFACILITY <%{NONNEGINT:facility}.%{NONNEGINT:priority}>
HTTPDATE %{MONTHDAY}/%{MONTH}/%{YEAR}:%{TIME} %{INT}

# Shortcuts
QS %{QUOTEDSTRING}

# Log formats
SYSLOGBASE %{SYSLOGTIMESTAMP:timestamp} (?:%{SYSLOGFACILITY} )?%{SYSLOGHOST:logsource} %{SYSLOGPROG}:
COMMONAPACHELOG %{IPORHOST:clientip} %{HTTPDUSER:ident} %{USER:auth} \[%{HTTPDATE:timestamp}\] "(?:%{WORD:verb} %{NOTSPACE:request}(?: HTTP/%{NUMBER:httpversion})?|%{DATA:rawrequest})" %{NUMBER:response} (?:%{NUMBER:bytes}|-)
COMBINEDAPACHELOG %{COMMONAPACHELOG} %{QS:referrer} %{QS:agent}
HTTPD20_ERRORLOG \[%{HTTPDERROR_DATE:timestamp}\] \[%{LOGLEVEL:loglevel}\] (?:\[client %{IPORHOST:clientip}\] ){0,1}%{GREEDYDATA:errormsg}
HTTPD24_ERRORLOG \[%{HTTPDERROR_DATE:timestamp}\] \[%{WORD:module}:%{LOGLEVEL:loglevel}\] \[pid %{POSINT:pid}:tid %{NUMBER:tid}\]( \(%{POSINT:proxy_errorcode}\)%{DATA:proxy_errormessage}:)?( \[client %{IPORHOST:client}:%{POSINT:clientport}\])? %{DATA:errorcode}: %{GREEDYDATA:message}
HTTPD_ERRORLOG %{HTTPD20_ERRORLOG}|%{HTTPD24_ERRORLOG}


# Log Levels
LOGLEVEL ([Aa]lert|ALERT|[Tt]race|TRACE|[Dd]ebug|DEBUG|[Nn]otice|NOTICE|[Ii]nfo|INFO|[Ww]arn?(?:ing)?|WARN?(?:ING)?|[Ee]rr?(?:or)?|ERR?(?:OR)?|[Cc]rit?(?:ical)?|CRIT?(?:ICAL)?|[Ff]atal|FATAL|[Ss]evere|SEVERE|EMERG(?:ENCY)?|[Ee]merg(?:ency)?)

'기술 노트 > logstash' 카테고리의 다른 글

logstash.conf_230306 (0)	2023.03.06
logstash.conf_23.02.20 (0)	2023.02.20
logstash 파일 파싱하기 (0)	2023.02.20
logstash 설정 (0)	2023.02.20
logstash 설치 (0)	2023.02.16

kibana 설정

2023. 2. 17. 16:21

# For more configuration options see the configuration guide for Kibana in
# https://www.elastic.co/guide/index.html

# =================== System: Kibana Server ===================
# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601

# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: "0.0.0.0"

# Enables you to specify a path to mount Kibana at if you are running behind a proxy.
# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath
# from requests it receives, and to prevent a deprecation warning at startup.
# This setting cannot end in a slash.
#server.basePath: ""

# Specifies whether Kibana should rewrite requests that are prefixed with
# `server.basePath` or require that they are rewritten by your reverse proxy.
# Defaults to `false`.
#server.rewriteBasePath: false

# Specifies the public URL at which Kibana is available for end users. If
# `server.basePath` is configured this URL should end with the same basePath.
#server.publicBaseUrl: ""

# The maximum payload size in bytes for incoming server requests.
#server.maxPayload: 1048576

# The Kibana server's name. This is used for display purposes.
server.name: "tmplogsvr"

# =================== System: Kibana Server (Optional) ===================
# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
# These settings enable SSL for outgoing requests from the Kibana server to the browser.
#server.ssl.enabled: false
#server.ssl.certificate: /path/to/your/server.crt
#server.ssl.key: /path/to/your/server.key

# =================== System: Elasticsearch ===================
# The URLs of the Elasticsearch instances to use for all your queries.
elasticsearch.hosts: ["http://localhost:9200"]

# If your Elasticsearch is protected with basic authentication, these settings provide
# the username and password that the Kibana server uses to perform maintenance on the Kibana
# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
# is proxied through the Kibana server.
#elasticsearch.username: "kibana_system"
#elasticsearch.password: "pass"

# Kibana can also authenticate to Elasticsearch via "service account tokens".
# Service account tokens are Bearer style tokens that replace the traditional username/password based configuration.
# Use this token instead of a username/password.
# elasticsearch.serviceAccountToken: "my_token"

# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of
# the elasticsearch.requestTimeout setting.
#elasticsearch.pingTimeout: 1500

# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value
# must be a positive integer.
#elasticsearch.requestTimeout: 30000

# The maximum number of sockets that can be used for communications with elasticsearch.
# Defaults to `Infinity`.
#elasticsearch.maxSockets: 1024

# Specifies whether Kibana should use compression for communications with elasticsearch
# Defaults to `false`.
#elasticsearch.compression: false

# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side
# headers, set this value to [] (an empty list).
#elasticsearch.requestHeadersWhitelist: [ authorization ]

# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten
# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.
#elasticsearch.customHeaders: {}

# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.
#elasticsearch.shardTimeout: 30000

# =================== System: Elasticsearch (Optional) ===================
# These files are used to verify the identity of Kibana to Elasticsearch and are required when
# xpack.security.http.ssl.client_authentication in Elasticsearch is set to required.
#elasticsearch.ssl.certificate: /path/to/your/client.crt
#elasticsearch.ssl.key: /path/to/your/client.key

# Enables you to specify a path to the PEM file for the certificate
# authority for your Elasticsearch instance.
#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]

# To disregard the validity of SSL certificates, change this setting's value to 'none'.
#elasticsearch.ssl.verificationMode: full

# =================== System: Logging ===================
# Set the value of this setting to off to suppress all logging output, or to debug to log everything. Defaults to 'info'
#logging.root.level: debug

# Enables you to specify a file where Kibana stores log output.
logging:
  appenders:
    file:
      type: file
      fileName: /var/log/kibana/kibana.log
      layout:
        type: json
  root:
    appenders:
      - default
      - file
#  layout:
#    type: json

# Logs queries sent to Elasticsearch.
#logging.loggers:
#  - name: elasticsearch.query
#    level: debug

# Logs http responses.
#logging.loggers:
#  - name: http.server.response
#    level: debug

# Logs system usage information.
#logging.loggers:
#  - name: metrics.ops
#    level: debug

# =================== System: Other ===================
# The path where Kibana stores persistent data not saved in Elasticsearch. Defaults to data
#path.data: data

# Specifies the path where Kibana creates the process ID file.
pid.file: /run/kibana/kibana.pid

# Set the interval in milliseconds to sample system and process performance
# metrics. Minimum is 100ms. Defaults to 5000ms.
#ops.interval: 5000

# Specifies locale to be used for all localizable strings, dates and number formats.
# Supported languages are the following: English (default) "en", Chinese "zh-CN", Japanese "ja-JP", French "fr-FR".
#i18n.locale: "en"

# =================== Frequently used (Optional)===================

# =================== Saved Objects: Migrations ===================
# Saved object migrations run at startup. If you run into migration-related issues, you might need to adjust these settings.

# The number of documents migrated at a time.
# If Kibana can't start up or upgrade due to an Elasticsearch `circuit_breaking_exception`,
# use a smaller batchSize value to reduce the memory pressure. Defaults to 1000 objects per batch.
#migrations.batchSize: 1000

# The maximum payload size for indexing batches of upgraded saved objects.
# To avoid migrations failing due to a 413 Request Entity Too Large response from Elasticsearch.
# This value should be lower than or equal to your Elasticsearch cluster’s `http.max_content_length`
# configuration option. Default: 100mb
#migrations.maxBatchSizeBytes: 100mb

# The number of times to retry temporary migration failures. Increase the setting
# if migrations fail frequently with a message such as `Unable to complete the [...] step after
# 15 attempts, terminating`. Defaults to 15
#migrations.retryAttempts: 15

# =================== Search Autocomplete ===================
# Time in milliseconds to wait for autocomplete suggestions from Elasticsearch.
# This value must be a whole number greater than zero. Defaults to 1000ms
#unifiedSearch.autocomplete.valueSuggestions.timeout: 1000

# Maximum number of documents loaded by each shard to generate autocomplete suggestions.
# This value must be a whole number greater than zero. Defaults to 100_000
#unifiedSearch.autocomplete.valueSuggestions.terminateAfter: 100000

'기술 노트 > kibana' 카테고리의 다른 글

map에서 ip로 지역 표시하기 (0)	2023.08.23
kibana에서 fortigate 로그 확인 (0)	2023.04.05
kibana 설치 (0)	2023.02.16

firewall 서비스 중지

2023. 2. 17. 12:33

[root@tmplogsvr ~]# systemctl stop firewalld.service

[root@tmplogsvr ~]# systemctl disable firewalld.service

Removed "/etc/systemd/system/multi-user.target.wants/firewalld.service".

Removed "/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service".

'기술 노트 > OS' 카테고리의 다른 글

원격데스크탑 접속 오류 (0)	2023.04.27
시간 동기화 (0)	2023.04.04
NetworkManager의 IPv6 오류 메시지 (0)	2023.04.04
python default 버전 설정 (0)	2023.03.16
GPG키 오류 날 경우 (0)	2023.02.16

AWS 콘솔 점검 스크립트

2023. 2. 17. 10:41

해당 스크립트는 회사에서 자동화를 위해 직접 작성한 것이고, 작성 시기는 3년전 입니다.

(현재의 회사에서는 AWS를 사용하지 않아요.)

사용 할 경우 검토하여 수정해서 사용하시기 바랍니다.

첨부파일은 확장자는 sh로 변경해서 사용하시면 됩니다.

aws_check_list_script.txt

0.28MB

사용법.txt

0.00MB

#!/bin/bash
# Made By KSM

#----------------------------------------------------------------------------------------------#
# macOS에서 실행할 경우 필요한 설치 프로그램: coreutils, jq, aws cli                           #
# 사용법.txt 파일을 반드시 확인해 주시기 바랍니다.                                             #
# 재배포는 상관 없지만, 작성자는 꼭 남겨주시기 바랍니다.                                         #
#----------------------------------------------------------------------------------------------#


TODAY=`gdate +%Y%m%d`
YESTERDAY=`gdate +%Y%m%d -d yesterday`

#REGION_ID=("us-east-1" "us-east-2" "us-west-1" "us-west-2" "ap-south-1" "ap-northeast-2" "ap-northeast-1" "ap-southeast-2" "ap-southeast-1" "ca-central-1" "eu-central-1" "eu-west-1" "eu-west-2" "eu-west-3" "eu-north-1" "sa-east-1")
REGION_ID=("ap-northeast-2")

ADMIN=`aws iam list-virtual-mfa-devices | grep root-account-mfa-device -A 8 | grep UserName | sed -e 's/,//g' | sed -e 's/"//g' | awk '{ print $2 }'`

mkdir -p ${TODAY}/${ACCOUNT}/${REGION_ID}

touch ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "체크리스트 항목" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "[EC2 공통영역 - 계정보안] / (중요도)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AWS-001: 키 페어 / (상)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AWS-002: AWS 접근 패스워드 설정 / (상)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AWS-003: Multi Factor 인증 / (중)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AWS-004: 액세스 키 / (상)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AWS-005: IAM(자격 증명 기반 정책) 계정 보안 / (하)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AWS-006: IAM(자격 증명 기반 정책) 보안 정책 설정 (EC2/ECS/ECR) / (상)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "[EC2 공통영역 - 네트워크 보안] / (중요도)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ VPC-001: Security Group / (중)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ VPC-002: ACL / (중)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ VPC-003: NAT Gateway / (하)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ VPC-004: Internet Gateway / (하)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ VPC-005: Routing Tables / (중)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ VPC-006: Elastic IP / (하)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "[RDS 공통영역] / (중요도)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS-001: RDS 리소스 액세스 권한 관리 / (중)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS-002: RDS API 작업 권한 부여 / (중)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS-003: 서브넷 가용 영역 / (하)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS-004: IAM(자격 증명 기반 정책) 보안 정책 설정(RDS) / (상)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "[RDS 옵션정책 / (중요도)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS-101: RDS 파라미터 관리 영역 설정 / (하)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS-102: MariaDB/MySQL 감사 플러그인 설정 / (하) - 설정되어 있지 않아 점검 하지 않음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "[RDS 로깅] / (중요도)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS-201: MariaDB/MySQL 보안 로그 설정 / (하) - 점검하지 않음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS-202: MSSQL 보안 로그 설정 / (하) - 점검하지 않음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS-203: Oracle 보안 로그 설정 / (하) - 해당되지 않아 점검하지 않음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS-204: PostgreSQL 보안 로그 설정 / (하) - 점검하지 않음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "[S3 데이터보안] / (중요도)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ S3-001: 버킷 접근 보안 / (중)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ S3-002: 기본 암호화 설정 / (상)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ S3-003: 로그 파일의 수집 및 권한 설정 / (중)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ S3-004: IAM(자격 증명 기반 정책) 보안 정책 설정(S3) / (상)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "[중요도 설명]" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 상: 관리자 계정 및 주요 정보 유출로 인한 치명적인 피해 발생" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 중: 노출된 정보를 통해 서비스/시스템 관련 추가 정보 유출 발생 우려" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 하: 타 취약점과 연계 가능한 잠재적인 위협 내재" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "EC2 공통영역 - 계정보안" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "EC2 공통영역 - 계정보안"

#키 페어 점검
echo "AWS-001. 키 페어"
echo "AWS-001. 키 페어" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 키 페어를 관리하고 있는 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "   - 키 페어의 삭제 기준 수립" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "   - 사용하지 않고 있는 키 페어의 삭제" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 키 페어를 관리하고 있지 않은 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "AWS-001. 키 페어 점검 중"

#키 페어 정리 파일 폴더 생성
mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-001"
aws ec2 describe-key-pairs --output text > ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-001/key_pare.txt

KEY_PARE_COUNT=(`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-001/key_pare.txt | wc -l`)
KEY_PARE_ARR=(`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-001/key_pare.txt | awk -F " " '{print $3}'`)

cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-001/key_pare.txt | awk -F " " '{print $3}' > ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-001/key_pare_diff1.txt

echo " ㅇ 키 페어 수량: ${KEY_PARE_COUNT}개" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

for i in ${KEY_PARE_ARR[@]}
do
	echo "   -" ${i} >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
done

aws ec2 describe-instances | grep KeyName | sed -e 's/\"//g' | sed -e 's/\,//g' | awk -F ": " '{ print $2 }' | sed -e 's/" "//g' | sort -f | uniq > ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-001/key_pare_diff2.txt

KEY_PARE_DIFF3_COUNT=(`diff -wu ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-001/key_pare_diff1.txt ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-001/key_pare_diff2.txt | grep -E "^\-[0-9,a-z,A-Z]" | sed 's/^-//g' | wc -l`)
KEY_PARE_DIFF3_ATRR=(`diff -wu ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-001/key_pare_diff1.txt ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-001/key_pare_diff2.txt | grep -E "^\-[0-9,a-z,A-Z]" | sed 's/^-//g'`)

echo "키 페어 전체 수량 확인 완료"

echo " ㅇ 사용하지 않는 키: ${KEY_PARE_DIFF3_COUNT}개" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "사용하지 않는 키 확인 중"

for i in ${KEY_PARE_DIFF3_ATRR[@]}
do
	echo "   -" ${i} >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
done

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "사용 하지 않는 키 확인 완료"
echo "AWS-001. 키 페어 점검 완료"

#패스워드 설정 정책
echo "AWS-002. AWS 접근 패스워드 설정"
echo "AWS-002. AWS 접근 패스워드 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 패스워드 복잡성 기준을 준수하였을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "   - AWS Root Account의 패스워드 복잡성 기준 준수" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "   - IAM 계정의 패스워드 복잡성 기준 준수" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 패스워드 복잡성 기준을 준수하지 않았을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "   - AWS Root Account의 패스워드 복잡성 기준 미준수" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "   - IAM 계정의 패스워드 복잡성 기준 미준수" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "AWS-002. AWS 접근 패스워드 설정 정책 점검 중"
#패스워드 정책 정리 파일 폴더 생성
mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002"

aws iam get-account-password-policy | grep "        " | sed -e 's/^        //g' | sed -e 's/\"//g' | sed -e 's/\,//g' > ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt


if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep AllowUsersToChangePassword | wc -l ` ]; then
	echo " ㅇ IAM 사용자가 자신의 암호를 변경할 수 있는가?(AllowUsersToChangePassword):" `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep AllowUsersToChangePassword | awk -F ": " '{ print $2 }'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi

if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep RequireLowercaseCharacters | wc -l ` ]; then
	echo " ㅇ IAM 사용자 암호에 소문자를 요구하는가?(RequireLowercaseCharacters):" `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep RequireLowercaseCharacters | awk -F ": " '{ print $2 }'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi

if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep RequireUppercaseCharacters | wc -l ` ]; then
	echo " ㅇ IAM 사용자 암호에 대문자를 요구하는가?(RequireUppercaseCharacters):" `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep RequireUppercaseCharacters | awk -F ": " '{ print $2 }'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi

if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep MinimumPasswordLength | wc -l ` ]; then
	echo " ㅇ IAM 사용자 암호에 필요한 최소 길이는?(MinimumPasswordLength):" `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep MinimumPasswordLength | awk -F ": " '{ print $2 }'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi

if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep RequireNumbers | wc -l ` ]; then
	echo " ㅇ IAM 사용자 암호에 숫자를 요구하는가?(RequireNumbers):" `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep RequireNumbers | awk -F ": " '{ print $2 }'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi

if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep PasswordReusePrevention | wc -l ` ]; then
	echo " ㅇ IAM 사용자가 재사용 할 수없는 이전 암호의 수는?(PasswordReusePrevention):" `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep PasswordReusePrevention | awk -F ": " '{ print $2 }'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi

if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep HardExpiry | wc -l ` ]; then
	echo " ㅇ IAM 사용자가 암호가 만료 된 후 새 암호를 설정할 수 없는가?(HardExpiry):" `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep HardExpiry | awk -F ": " '{ print $2 }'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi

if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep RequireSymbols | wc -l ` ]; then
	echo " ㅇ IAM 사용자 암호에 특수기호를 요구하는가?(RequireSymbols):" `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep RequireSymbols | awk -F ": " '{ print $2 }'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi

if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep MaxPasswordAge | wc -l ` ]; then
	echo " ㅇ IAM 사용자 암호가 유효한 일 수는?(MaxPasswordAge):" `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep MaxPasswordAge | awk -F ": " '{ print $2 }'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi

if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep ExpirePasswords | wc -l ` ]; then
	echo " ㅇ 계정의 암호가 만료되는지 여부를 표시하는가?(ExpirePasswords):" `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-002/password_policy.txt | grep ExpirePasswords | awk -F ": " '{ print $2 }'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi

echo "패스워드 정책 점검 완료"

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#Multi Factor 인증
echo "AWS-003. Multi Factor 인증"
echo "AWS-003. Multi Factor 인증" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AWS 계정 및 IAM 사용자 계정 로그인 시 MFA가 활성화되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AWS 계정 및 IAM 사용자 계정 로그인 시 MFA가 활성화되어 있지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#MULTI FACOTR 정책 정리 파일 폴더
mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-003"

aws iam list-users | grep UserName | sed -e 's/^            //g' | sed -e 's/\"//g' | sed -e 's/\,//g' | awk -F " " '{ print $2 }' | sort -f > ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-003/user_list.txt
aws iam list-virtual-mfa-devices > ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-003/ori_mfa_user_list.txt
cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-003/ori_mfa_user_list.txt | grep "Arn" | grep -v root | sed -e 's/\"//g' | awk -F "/" '{ print $2 }' | sort -f > ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-003/mfa_user_list.txt

USER_LIST_ATTR=(`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-003/user_list.txt`)

if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-003/ori_mfa_user_list.txt | grep root-account-mfa-device | wc -l` ]; then
	echo " ㅇ Root Account: "`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-003/ori_mfa_user_list.txt | grep root-account-mfa-device -A 8 | grep UserName | sed -e 's/,//g' | sed -e 's/"//g' | awk '{ print $2 " / MFA 설정되어 있음" }'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
else
	echo " ㅇ Root Account: "`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-003/ori_mfa_user_list.txt | grep root-account-mfa-device -A 8 | grep UserName | sed -e 's/,//g' | sed -e 's/"//g' | awk '{ print $2 " / MFA 설정되어 있지 않음" }'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi

echo " ㅇ 전체 사용자 리스트: `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-003/user_list.txt | wc -l | sed -e 's/^      //g'`명" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 전체 사용자 리스트 확인 중"

for i in ${USER_LIST_ATTR[@]}
do
	echo "   -" ${i} >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
done

MFA_NOT_USE_USER_COUNT=(`diff -wu ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-003/user_list.txt ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-003/mfa_user_list.txt | grep -E "^\-[0-9,a-z,A-Z]" | sed 's/^-//g' | wc -l`)
MFA_NOT_USE_USER_ATTR=(`diff -wu ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-003/user_list.txt ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-003/mfa_user_list.txt | grep -E "^\-[0-9,a-z,A-Z]" | sed 's/^-//g'`)

echo " ㅇ 전체 사용자 리스트 확인 완료"

echo " ㅇ MFA 사용하지 않는 사용자 리스트: ${MFA_NOT_USE_USER_COUNT}명" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo " ㅇ MFA 사용하지 않는 사용자 리스트 확인 중"

for i in ${MFA_NOT_USE_USER_ATTR[@]}
do
	echo "   -" ${i} >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
done

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo " ㅇ MFA 사용하지 않는 사용자 리스트 확인 완료"

#엑세스 키 점검
echo "AWS-004. 액세스 키"
echo "AWS-004. 액세스 키" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AWS Root Account에 액세스 키가 존재하지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 액세스 키가 존재하는 IAM User Account에 AWS 전체권한(Administrator IAM 관련)이 할당되어 있지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ IAM User Account 액세스 키를 주기에 맞게 관리하고 있을 경우(60일) / 스크립트 개선 필요" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AWS Root Account에 액세스 키가 존재할 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 액세스 키가 존재하는 IAM User Account에 AWS 전체권한(Administrator IAM 관련)이 할당되어 있는 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ IAM User Account 액세스 키를 주기에 맞게 관리하고 있지 않을 경우(60일) / 스크립트 개선 필요" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AWS Root Account에 액세스 키가 존재하는가?" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AWS Root Account에 액세스 키가 존재 확인 중"

#ACCESS_KEY 정책 정리 파일 폴더
mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004"

touch ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ROOT_ACCESS_KEY.txt

for i in ${ADMIN[@]}
do
	aws iam list-access-keys --user-name ${i} >> ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${i}_AccessKey.txt

	if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${i}_AccessKey.txt | grep AccessKeyId  | wc -l` ]; then

		ROOT_ACCESS_KEY_ATTR=(`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${i}_AccessKey.txt | grep AccessKeyId | sed -e 's/\"//g' | awk -F ": " '{ print $2 }'`)

		for j in ${ROOT_ACCESS_KEY_ATTR[@]}
		do
			echo "   -" ${i}의 Key 존재: ${j} >> ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ROOT_ACCESS_KEY.txt
		done
	fi
done

if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ROOT_ACCESS_KEY.txt | wc -l` ]; then
	cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ROOT_ACCESS_KEY.txt >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
else
	echo "   - root 계정의 Access_Key가 존재하지 않음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi

echo " ㅇ AWS Root Account에 액세스 키가 존재 확인 완료"

ADMIN_POLICY_ATTR=("AdministratorAccess")

aws iam get-account-authorization-details > ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL.json

cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL.json | jq '.UserDetailList[]' > ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json

USER_GROUP_LIST=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL.json | jq '.UserDetailList[]|.GroupList[]' | sed -e 's/"//g' | sort -f | uniq`

for i in ${ADMIN_POLICY_ATTR[@]}
do
	echo " ㅇ ${i} 권한을 가지고 있는 계정이 있는가?" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	echo " ㅇ ${i} 전체 권한을 가지고 있는 계정이 있는 지 확인 중"
	echo "   - AWS 관리형 권한을 가진 계정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	touch ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${i}_USER_LIST.txt

	for j in ${USER_GROUP_LIST[@]}
	do
		aws iam list-attached-group-policies --group-name ${j} > ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${j}.json

		if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${j}.json | grep ${i} | wc -l` ]; then
			aws iam get-group --group-name ${j} | grep UserName | sed -e 's/"//g' | sed -e 's/,//g' | sort -f | awk -F ": " '{print "     · " $2}' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${i}_USER_LIST.txt
		fi
	done

	if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${i}_USER_LIST.txt | wc -l` ]; then
		cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${i}_USER_LIST.txt | sort -f | uniq  >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	else
		echo "     · ${i} 권한을 가지고 있는 계정이 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	fi

	touch ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_USER_LIST_2.txt
	echo "   - 계정에 직접 ${i} 권한을 가진 계정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

	if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -ne "\"PolicyName\": \"${i}\"\," | wc -l` ]; then

		ADMIN_DOCS_NUM=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -ne "\"PolicyName\": \"${i}\"" | awk -F ":" '{print $1}'`

		for k in ${ADMIN_DOCS_NUM[@]}
		do
			LINE_NUM=100
			while [ 0 -lt ${LINE_NUM} ]
			do
				if [ 1 -eq `cat -b ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -B ${LINE_NUM} ${k} | grep UserName | wc -l` ]; then
					cat -b ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -B ${LINE_NUM} ${k} | grep UserName | sed -e 's/\"//g' | sed -e 's/\,//g' | awk -F ": " '{ print "     · " $2 }' | sort -f | uniq >> ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_USER_LIST_2.txt
					break;
				else
					LINE_NUM=`expr ${LINE_NUM} - 1`
				fi
			done
		done
		cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_USER_LIST_2.txt >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	else
		echo "     · ${i} 권한을 직접 가지고 있는 계정이 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	fi

	touch ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_USER_LIST_3.txt
	echo "   - 계정에 직접 ${i} 권한을 Custom으로 가진 계정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

	if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -nE "\"Action\": \"\*\"\," -A 2 | grep -E "\"Resource\": \"\*\"\," -A 1 | grep -E "\"Effect\": \"Allow\"" | awk -F "-" '{print $1}' | wc -l` ]; then

		ADMIN_DOCS_NUM2=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -nE "\"Action\": \"\*\"\," -A 2 | grep -E "\"Resource\": \"\*\"\," -A 1 | grep -E "\"Effect\": \"Allow\"" | awk -F "-" '{print $1}'`

		for l in ${ADMIN_DOCS_NUM2[@]}
		do
			LINE_NUM=100
			while [ 0 -lt ${LINE_NUM} ]
			do
				if [ 1 -eq `cat -b ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -B ${LINE_NUM} " ${l}" | grep UserName | wc -l` ]; then
					cat -b ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -B ${LINE_NUM} " ${l}" | grep UserName | sed -e 's/\"//g' | sed -e 's/\,//g' | awk -F ": " '{ print "     · " $2 }' | sort -f | uniq >> ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_USER_LIST_3.txt
					break;
				else
					LINE_NUM=`expr ${LINE_NUM} - 1`
				fi
			done
		done
		cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_USER_LIST_3.txt >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	else
		echo "     · ${i} 권한을 Custom으로 가지고 있는 계정이 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	fi
done

echo "   - AdministratorAccess권한을 가지고 있으면서 AccessKey를 가지고 있는 계정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

touch ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_TOTAL_USER_LIST.txt
touch ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_AccessKey_USER_LIST.txt
cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_USER_LIST.txt >> ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_TOTAL_USER_LIST.txt
cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_USER_LIST_2.txt >> ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_TOTAL_USER_LIST.txt
cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_USER_LIST_3.txt >> ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_TOTAL_USER_LIST.txt

AdministratorAccess_TOTAL_USER_LIST=(`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_TOTAL_USER_LIST.txt | awk '{ print $2}'`)
for i in ${AdministratorAccess_TOTAL_USER_LIST[@]}
do
	if [ 1 -ge `aws iam list-access-keys --user-name ${i} | grep AccessKeyId | wc -l` ]; then
		echo "     · ${i}" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_AccessKey_USER_LIST.txt
	fi
done
if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_AccessKey_USER_LIST.txt | wc -l` ]; then
	cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/AdministratorAccess_AccessKey_USER_LIST.txt >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
else
	echo "     · AdministratorAccess권한을 가지고 있으면서 AccessKey를 가지고 있는 계정 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi
			
echo " ㅇ ${i} 권한을 가지고 있는 계정이 있는 지 확인 완료"

IAM_POLICY_ATTR=("IAMFullAccess")

for i in ${IAM_POLICY_ATTR[@]}
do
	echo " ㅇ ${i} 권한을 가지고 있는 계정이 있는가?" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	echo "   - AWS 관리형 권한을 가진 계정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

	touch ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${i}_ADMIN_USER_LIST.txt

	for j in ${USER_GROUP_LIST[@]}
	do
		if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${j}.json | grep ${i} | wc -l` ]; then
			aws iam get-group --group-name ${j} | grep UserName | sed -e 's/"//g' | sed -e 's/,//g' | sort -f | awk -F ": " '{print "     · " $2}' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${i}_ADMIN_USER_LIST.txt
		fi
	done

	if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${i}_ADMIN_USER_LIST.txt | wc -l` ]; then
		cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${i}_ADMIN_USER_LIST.txt | sort -f | uniq >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	else
		echo "     · ${i} 권한을 가지고 있는 계정이 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	fi

	echo "   - 계정에 직접 ${i} 권한을 가진 계정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
        
	if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -ne "\"PolicyName\": \"${i}\"\," | wc -l` ]; then

		ADMIN_DOCS_NUM=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -ne "\"PolicyName\": \"${i}\"" | awk -F ":" '{print $1}'`

		for k in ${ADMIN_DOCS_NUM[@]}
		do
			LINE_NUM=100
			while [ 0 -lt ${LINE_NUM} ]
			do
				if [ 1 -eq `cat -b ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -B ${LINE_NUM} ${k} | grep UserName | wc -l` ]; then
					cat -b ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -B ${LINE_NUM} ${k} | grep UserName | sed -e 's/\"//g' | sed -e 's/\,//g' | awk -F ": " '{ print "     · " $2 }' | sort -f | uniq >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
					break;
				else
					LINE_NUM=`expr ${LINE_NUM} - 1`
				fi
			done
		done
	else
		echo "     · ${i} 권한을 직접 가지고 있는 계정이 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	fi

	echo " ㅇ ${i} 권한을 가지고 있는 계정이 있는 지 확인 완료"

done

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt


#IAM(자격 증명 기반 정책) 계정 보안
echo "AWS-005. IAM(자격 증명 기반 정책)계정 보안"
echo "AWS-005. IAM(자격 증명 기반 정책)계정 보안" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ IAM Group이 보유하고 있는 정책이 역할에 맞게 설정되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ IAM Group이 보유하고 있는 정책이 역할에 맞지 않게 설정되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ IAM Group이 보유하고 있는 정책이 역할에 맞게 설정되어 있는지 수동 검토 필요: 결과 AWS-006 참조"
echo " ㅇ IAM Group이 보유하고 있는 정책이 역할에 맞게 설정되어 있는지 수동 검토 필요: 결과 AWS-006 참조" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#IAM 정책 정리 파일 폴더
mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-006"

#IAM(자격 증명 기반 정책) 보안 정책 설정
echo "AWS-006. IAM(자격 증명 기반 정책) 보안 정책 설정(EC2/ECS/ECR)"
echo "AWS-006. IAM(자격 증명 기반 정책) 보안 정책 설정(EC2/ECS/ECR)" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 1명의 사용자가 다수의 IAM 계정을 사용하지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ EC2/ECS/ECR 서비스의 IAM 계정 사용 권한이 각각 서비스 역할에 맞게 설정되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 1명의 사용자가 다수의 IAM 계정을 사용할 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ EC2/ECS/ECR 서비스의 IAM 계정 사용 권한이 각각 서비스 역할에 맞게 설정되어 있지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

FULL_POLICY_ATTR=("AmazonEC2ContainerRegistryFullAccess" "AmazonEC2ContainerServiceFullAccess" "AmazonEC2FullAccess")

for i in ${FULL_POLICY_ATTR[@]}
do
	touch ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-006/${i}_ADMIN_USER_LIST.txt

	echo " ㅇ ${i} 권한을 가지고 있는 계정이 있는가?" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	echo "   - AWS 관리형 권한을 가진 계정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

	for j in ${USER_GROUP_LIST[@]}
	do

		if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${j}.json | grep ${i} | wc -l` ]; then
			aws iam get-group --group-name ${j} | grep UserName | sed -e 's/"//g' | sed -e 's/,//g' | sort -f | awk -F ": " '{print "     · " $2}' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-006/${i}_ADMIN_USER_LIST.txt
		fi
	done

	if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-006/${i}_ADMIN_USER_LIST.txt | wc -l` ]; then
		cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-006/${i}_ADMIN_USER_LIST.txt >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	else
		echo "     · ${i} 권한을 가지고 있는 계정이 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	fi

	echo "   - 계정에 직접 ${i} 권한을 가진 계정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

	if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -ne "\"PolicyName\": \"${i}\"\," | wc -l` ]; then

		ADMIN_DOCS_NUM=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -ne "\"PolicyName\": \"${i}\"" | awk -F ":" '{print $1}'`

		for k in ${ADMIN_DOCS_NUM[@]}
		do
			LINE_NUM=100
			while [ 0 -lt ${LINE_NUM} ]
			do
				if [ 1 -eq `cat -b ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -B ${LINE_NUM} ${k} | grep UserName | wc -l` ]; then
					cat -b ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -B ${LINE_NUM} ${k} | grep UserName | sed -e 's/\"//g' | sed -e 's/\,//g' | awk -F ": " '{ print "     · " $2 }' | sort -f | uniq >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
					break;
				else
					LINE_NUM=`expr ${LINE_NUM} - 1`
				fi
			done
		done
	else
		echo "     · ${i} 권한을 직접 가지고 있는 계정이 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	fi

	echo " ㅇ ${i} 권한을 가지고 있는 계정이 있는 지 확인 완료"
done

	echo " ㅇ 현재 사용 중인 권한 리스트 목록" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
        cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep PolicyName | sed -e 's/"//g' | sed -e 's/,//g' | awk '{print "   - " $2}' | sort -f | uniq >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

	echo " ㅇ 현재 사용 중인 권한 그룹 목록" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
        cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | jq '.GroupList[]' | sed -e 's/"//g' | awk '{print "   - " $1}' | sort -f | uniq >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "EC2 공통영역 - 네트워크 보안" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "EC2 공통영역 - 네트워크 보안"

# 날짜별 리전 폴더 생성
for  i in ${REGION_ID[@]};
do
	#전체 리전에 대한 전체 Security Group 추출 폴더 생성
	mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL"

	# 리전별 전체 Security Group ID 추출
	aws ec2 describe-security-groups --region=${i} --query 'SecurityGroups[*].GroupId' --output text | tr '\t' '\n' | sort -f | uniq > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL_SECURITY_GROUP_LIST.txt
	ALL_SECURITY_GROUP_ID=(`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL_SECURITY_GROUP_LIST.txt`)

		for j in ${ALL_SECURITY_GROUP_ID[@]}
		do

			# 리전별 EC2의 Security-Group을 json으로 추출
			aws ec2 describe-security-groups --region=${i} --group-id=${j} > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL/${j}.json

			echo "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL/${j}.json 추출 성공"
		done

		#전체 리전 중 EC2에서 사용중인 Security Group 추출 폴더 생성
		mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/USE"

		#EC2에서 사용 중인 Security Group ID 추출
		aws ec2 describe-instances --region=${i} --query 'Reservations[*].Instances[*].SecurityGroups[*].GroupId' --output text | tr '\t' '\n' | sort -f | uniq > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/EC2_USE_SECURITY_GROUP_LIST.txt

		EC2_USE_SECURITY_GROUP_ID=(`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/EC2_USE_SECURITY_GROUP_LIST.txt`)

		for k in ${EC2_USE_SECURITY_GROUP_ID[@]}
		do

			#EC2에서 사용 중인 Security Group을 json으로 추출
			cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL/${k}.json > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/USE/${k}.json
			echo "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL/${k}.json 추출 성공"

			# brew install jq 실행
			# Security-Gorup별 유입 정책 Count 확인
			IpPermissions_Policy_Count=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/USE/${k}.json | jq '.SecurityGroups[].IpPermissions[] | length'| wc -l`

			# 출력시 탭 한칸 추가 여부
			VAR=${k}

			# Security-Group별 유입 정책 Count 만큼 반복으로 정책 확인
			for (( n = 0; n < ${IpPermissions_Policy_Count}; n++))
			do
				IpPermissions=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/USE/${k}.json | jq '.SecurityGroups[].IpPermissions['$n'] | .IpProtocol, .FromPort, .ToPort, .IpRanges[].CidrIp, .UserIdGroupPairs[].GroupId' | sed -e 's/"//g' | tr "\n" "\t"`
				# Security-Group별 유입 정책 로깅 처리
				if [ 14 -gt ${#VAR} ]; then
					echo " ㅇ EC2		${i}		${k}			${IpPermissions[@]}" > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/06_SECURITY_IN_POLICY.txt
                		else
					echo " ㅇ EC2		${i}		${k}		${IpPermissions[@]}" > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/06_SECURITY_IN_POLICY.txt
                		fi
			done
		done


		#전체 리전에 대한 네트워크 인터페이스에 할당된 Security Group 추출 폴더 생성
		mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/NETWORK_SECURITY_GROUP"

		aws ec2 describe-network-interfaces --query 'NetworkInterfaces[].Groups[].GroupId' --output text | tr '\t' '\n' | sort -f | uniq > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/NETWORK_SECURITY_GROUP/NETWORK_SECURITY_GROUP_LIST.txt

		# 리전별 Network Interface에서 사용 중인 Security Group의 Group ID 추출, 단, EC2에서 사용중인 Security Group은 제외.
		comm -13 <(cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/EC2_USE_SECURITY_GROUP_LIST.txt) <(cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/NETWORK_SECURITY_GROUP/NETWORK_SECURITY_GROUP_LIST.txt) > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/NETWORK_SECURITY_GROUP/NETWORK_USE_SECURITY_GROUP_LIST.txt
		NETWORK_USE_SECURITY_GROUP=(`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/NETWORK_SECURITY_GROUP/NETWORK_USE_SECURITY_GROUP_LIST.txt`)

		for l in ${NETWORK_USE_SECURITY_GROUP[@]}
		do
			# 리전별 Network Interface의 Security-Group을 json으로 추출
			aws ec2 describe-security-groups --region=${i} --group-id=${l} > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/NETWORK_SECURITY_GROUP/${l}.json
			cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/NETWORK_SECURITY_GROUP/${l}.json > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/USE/${l}.json
			echo "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/NETWORK_SECURITY_GROUP/${l}.json 추출 성공"
			IpPermissions_Policy_Count=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/NETWORK_SECURITY_GROUP/${l}.json | jq '.SecurityGroups[].IpPermissions[] | length'| wc -l`
			# Security-Group별 유입 정책 Count 만큼 반복으로 정책 확인
			for (( n = 0; n < ${IpPermissions_Policy_Count}; n++))
			do
				IpPermissions=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/NETWORK_SECURITY_GROUP/${l}.json | jq '.SecurityGroups[].IpPermissions['$n'] | .IpProtocol, .FromPort, .ToPort, .IpRanges[].CidrIp, .UserIdGroupPairs[].GroupId' | sed -e 's/"//g' | tr "\n" "\t"`
				# Security-Group별 유입 정책 로깅 처리
				echo " ㅇ NETWORK		${i}		${l}		${IpPermissions[@]}" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/06_SECURITY_IN_POLICY.txt
			done
		done

		#EC2와 네트워크에서 사용 중인 Security Group을 제외한 나머지 정책 추출 폴더 생성
		mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/REST_SECURITY_GROUP"
		#EC2와 Network Interface의 Security-Group을 제외한 Security Group
		comm -23 <(cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL_SECURITY_GROUP_LIST.txt) <(cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/NETWORK_SECURITY_GROUP/NETWORK_SECURITY_GROUP_LIST.txt) > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/REST_SECURITY_GROUP/REST_SECURITY_GROUP_LIST.txt
		REST_SECURITY_GROUP=(`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/REST_SECURITY_GROUP/REST_SECURITY_GROUP_LIST.txt`)

		# 리전별 사용하지 않는 Security-Group을 json으로 추출
		for m in ${REST_SECURITY_GROUP[@]}
		do
			cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL/${m}.json > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/REST_SECURITY_GROUP/${m}.json
			echo "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/REST_SECURITY_GROUP/${m}.json 추출 성공"
			# Security-Gorup별 유입 정책 Count 확인
			IpPermissions_Policy_Count=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/REST_SECURITY_GROUP/${m}.json | jq '.SecurityGroups[].IpPermissions[] | length'| wc -l`
			# Security-Group별 유입 정책 Count 만큼 반복으로 정책 확인
				for (( n = 0; n < ${IpPermissions_Policy_Count}; n++))
				do
					IpPermissions=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/REST_SECURITY_GROUP/${m}.json | jq '.SecurityGroups[].IpPermissions['$n'] | .IpProtocol, .FromPort, .ToPort, .IpRanges[].CidrIp, .UserIdGroupPairs[].GroupId' | sed -e 's/"//g' | tr "\n" "\t"`
					# Security-Group별 유입 정책 로깅 처리
					echo " ㅇ REST		${i}		${m}		${IpPermissions[@]}" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/06_SECURITY_IN_POLICY.txt
				done
		done

		# elasticbeanstalk 환경 추출 폴더 생성
		mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/EB"
		# 리전별 elasticbeanstalk에서 사용 중인 EnvironmentId 추출
		aws elasticbeanstalk describe-environments --region=${i} --query 'Environments[].EnvironmentId' --output text | tr '\t' '\n' > "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/EB/EB_LIST.txt"
		EB_ID=(`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/EB/EB_LIST.txt`)

		for o in ${EB_ID[@]}; do
		# 리전별 elasticbeanstalk에서 사용 중인 EnvironmentId를 이용하여 사용 중인 Security Group ID를 추출
		EB_SECURITY_GROUP=`find ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL/ -name "*" | xargs grep -nr "\"${o}\"" | cut -d "/" -f 8 | awk -F"." '{print $1}' | sort -f | uniq`
			for p in ${EB_SECURITY_GROUP[@]}; do
			# Security-Gorup별 유입 정책 Count 확인
			IpPermissions_Policy_Count=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL/${p}.json | jq '.SecurityGroups[].IpPermissions[] | length'| wc -l`
			# Security-Group별 유입 정책 Count 만큼 반복으로 정책 확인
				for (( n = 0; n < ${IpPermissions_Policy_Count}; n++))
				do
					IpPermissions=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL/${p}.json | jq '.SecurityGroups[].IpPermissions['$n'] | .IpProtocol, .FromPort, .ToPort, .IpRanges[].CidrIp, .UserIdGroupPairs[].GroupId' | sed -e 's/"//g' | tr "\n" "\t"`
					# Security-Group별 유입 정책 로깅 처리
					echo " ㅇ EB		${i}		${p}		${IpPermissions[@]}" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/06_SECURITY_IN_POLICY.txt
					echo "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL/${p}.json 추출 성공"
				done
			done
		done

		# VPC 환경 추출 폴더 생성
		mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/VPC"

		# 리전별 VPC에서 사용 중인 VPC ID 추출
		aws ec2 describe-vpcs --region=${i} --query 'Vpcs[].VpcId' --output text | tr '\t' '\n' | sort -f | uniq > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/VPC/VPC_ID_LIST.txt
		VPC_ID=(`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/VPC/VPC_ID_LIST.txt`)
		# 리전별 VPC에서 사용 중인 VPC ID를 이용하여 사용 중인 Security Group ID를 추출
		for q in ${VPC_ID[@]}; do
			#VPC를 가지고 있지만 사용하지 않고 있는 Security Group을 추출
			USE_VPC_SECURITY_GROUP=`comm -13 <(cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/EC2_USE_SECURITY_GROUP_LIST.txt) <(grep -r . ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL/* | grep \"${q}\" | cut -d "/" -f 8 | awk -F"." '{print $1}' | sort -f | uniq)`
			for r in ${USE_VPC_SECURITY_GROUP[@]}
			do
				# Security-Gorup별 유입 정책 Count 확인
				IpPermissions_Policy_Count=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL/${r}.json | jq '.SecurityGroups[].IpPermissions[] | length'| wc -l`
				# Security-Group별 유입 정책 Count 만큼 반복으로 정책 확인
					for (( n = 0; n < ${IpPermissions_Policy_Count}; n++))
					do
						IpPermissions=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL/${r}.json | jq '.SecurityGroups[].IpPermissions['$n'] | .IpProtocol, .FromPort, .ToPort, .IpRanges[].CidrIp, .UserIdGroupPairs[].GroupId' | sed -e 's/"//g' | tr "\n" "\t" | awk '{ print $1 "\t" $2 "\t" $3 "\t" $4 "\t" $5 }'`
						# Security-Group별 유입 정책 로깅 처리
						echo " ㅇ VPC		${i}		${r}		${IpPermissions[@]}" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/06_SECURITY_IN_POLICY.txt
						echo "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/SECURITY_GROUP/ALL/${r}.json 추출 성공"
					done
			done
		done
done


#Security Group 점검
echo "VPC-001. Security Group"
echo "VPC-001. Security Group" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ EC2 인스턴스에 대한 IN/OUT BOUND의 Port가 Any로 허용되어 있지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ EC2 인스턴스에 대한 IN/OUT BOUND Source와 Destination의 설정 규칙이 Any로 허용되어 있지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ EC2 인스턴스에 대한 IN/OUT BOUND의 Port가 Any로 허용되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ EC2 인스턴스에 대한 IN/OUT BOUND Source와 Destination의 설정 규칙이 Any로 허용되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "Security Group 점검 진행 중"
echo "* 제외항목: 80 Port, 443 Port, ICMP, OUT Bound" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "ResourceTYPE		Region				S/G			Proto	From	To	Target" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-001/06_SECURITY_IN_POLICY.txt | grep -v "\t80\t80\t" | grep -v "\t443\t443\t" | grep -v icmp | grep "\t0.0.0.0/0" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "Security Group 점검 완료"

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#Network ACL 점검
#Network ACL 환경 폴더 생성
mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-002"
#NETWORK_ACL_LIST 확인
aws ec2 describe-network-acls | jq '.NetworkAcls[].Associations[].NetworkAclId' | sed -e 's/"//g' | sort -f | uniq > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-002/NETWORK_ACL_LIST.txt

NETWORK_ACL_LIST=(`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-002/NETWORK_ACL_LIST.txt`)

echo "VPC-002. ACL"
echo "VPC-002. ACL" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ IN/OUT BOUND에 대한 모든 트래픽이 허용되어 있지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ IN/OUT BOUND에 대한 모든 트래픽이 허용되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "NETWORK ACL 점검 중"
echo "NETWORK_ACL_ID				RuleNumber	Protocol	Egress		CidrBlock		RuleAction" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#NETWORK ACL ID별 ACL 확인
for i in ${NETWORK_ACL_LIST[@]}
do
	#NETWORK ACL별 정책 Count 확인
	aws ec2 describe-network-acls --network-acl-ids ${i} > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-002/${i}.json
	NETWORK_ACL_COUNT=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-002/${i}.json | jq '.NetworkAcls[].Entries[] | length' | wc -l`


	#탭 1번 or 2번 여부 결정
	VAR=${i}

	#NETWORK ACL 정책 Count 만큼 반복으로 확인
	for (( n = 0; n < $NETWORK_ACL_COUNT; n++))
	do
		NETWORK_ACL_POLICY=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-002/${i}.json | jq '.NetworkAcls[].Entries['$n'] | .RuleNumber, .Protocol, .Egress, .CidrBlock, .RuleAction' | sed -e 's/"//g' | tr "\n" "\t" | awk '{ print $1 "\t\t" $2 "\t\t" $3 "\t\t" $4 "\t\t" $5 }'`
		if [ 14 -gt ${#VAR} ]; then
			echo " ㅇ ${i}			${NETWORK_ACL_POLICY[@]}" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-002/${i}.txt
		else
			echo " ㅇ ${i}		${NETWORK_ACL_POLICY[@]}" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-002/${i}.txt
		fi
	done

cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-002/${i}.txt >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

done

echo "NETWORK ACL 점검 완료"

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#NAT GATEWAY 점검
echo "VPC-003. NAT GATEWAY"
echo "VPC-003. NAT GATEWAY" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ NAT Gateway가 설정되어 있지 않거나 실사용 중인 Private 서브넷 인스턴스가 연결되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ NAT Gateway를 사용할 경우 사용하지 않는 Private 서브넷 인스턴스가 연결되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "VPC-003. NAT GATEWAY 점검 중"

#NAT GATEWAY 관련 폴더 생성
mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-003/NAT_GATEWAY_LIST"

aws ec2 describe-nat-gateways | jq '.NatGateways[].NatGatewayId' | sed -e 's/\"//g' > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-003/NAT_GATEWAY_LIST.txt
NAT_GATEWAY_LIST=(`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-003/NAT_GATEWAY_LIST.txt`)
aws ec2 describe-instances | jq '.Reservations[].Instances[].SubnetId' | grep -v null | sed -e 's/"//g' | sort -f | uniq > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-003/USE_SUBNET_LIST.txt
USE_SUBNET_LIST=(`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-003/USE_SUBNET_LIST.txt`)

for i in ${NAT_GATEWAY_LIST[@]}
do
	aws ec2 describe-nat-gateways --nat-gateway-ids=${i} > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-003/NAT_GATEWAY_LIST/${i}.json
done

for i in ${NAT_GATEWAY_LIST[@]}
do
	for j in ${USE_SUBNET_LIST[@]}
	do
		if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-003/NAT_GATEWAY_LIST/${i}.json | grep ${j} | wc -l` ]; then
			echo " ㅇ NAT-GATEWAY: ${i} / Subnet: ${j} 사용 중" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-003/USE_NAT_GATEWAY.txt
		fi
	done

	if [ 0 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-003/USE_NAT_GATEWAY.txt | grep ${i} | wc -l` ]; then
		echo " ㅇ NAT-GATEWAY: ${i}에서 사용하는 Subnet 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-003/USE_NAT_GATEWAY.txt
	fi
done

cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-003/USE_NAT_GATEWAY.txt >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "NAT GATEWAY 점검 완료"

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#INTERNET GATEWAY 점검
echo "VPC-004. INTERNET GATEWAY"
echo "VPC-004. INTERNET GATEWAY" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 다수의 Internet Gateway 관리 시 연결된 VPC 내 인스턴스가 존재할 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 다수의 Internet Gateway 관리 시 연결된 VPC 내 인스턴스가 존재하지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "VPC-004. INTERNET GATEWAY 점검 중"

#INTERNET GATEWAY 관련 폴더 생성
mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-004"
touch ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-004/USE_INTERNET_GATEWAY_LIST.txt

aws ec2 describe-internet-gateways | jq '.InternetGateways[] | .InternetGatewayId' | sed -e 's/\"//g' > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-004/INTERNET_GATEWAY_LIST.txt
INTERNET_GATEWAY_LIST=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-004/INTERNET_GATEWAY_LIST.txt`

aws ec2 describe-instances | jq '.Reservations[] | .Instances[] | .VpcId' | sed -e 's/\"//g' | sort -f | uniq | grep -v null > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-004/USE_VPC_LIST.txt
USE_VPC_LIST=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-004/USE_VPC_LIST.txt`

for i in ${INTERNET_GATEWAY_LIST[@]}
do
	aws ec2 describe-internet-gateways --internet-gateway-ids=${i} > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-004/${i}.json
done

for i in ${INTERNET_GATEWAY_LIST[@]}
do
	for j in ${USE_VPC_LIST[@]}
	do
		if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-004/${i}.json | jq '.InternetGateways[] | .Attachments[] | .VpcId' | sed -e 's/\"//g' | grep ${j} | wc -l` ]; then
			echo " ㅇ INTERNET_GATEWAY: ${i} / VPC:${j} = 인스턴스 존재" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-004/USE_INTERNET_GATEWAY_LIST.txt
		fi
	done

	if [ 0 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-004/USE_INTERNET_GATEWAY_LIST.txt | grep ${i} | wc -l` ]; then
		echo " ㅇ INTERNET_GATEWAY: ${i}에서 사용하는 VPC 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-004/USE_INTERNET_GATEWAY_LIST.txt
	fi
done

cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-004/USE_INTERNET_GATEWAY_LIST.txt >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "INTERNET GATEWAY 점검 완료"

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt


#Routing Tables 점검
echo "VPC-005. Routing Tables"
echo "VPC-005. Routing Tables" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 목적지가 Any로 설정되어 있지 않고, 서비스 타깃별로 설정 및 활성화되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 목적지가 Any로 설정되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "VPC-005. Routing Tables 점검 중"

#Routing Tables 관련 폴더 생성
mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-ID"
touch ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-TOTAL.txt

#Routing Table ID 확인
aws ec2 describe-route-tables --query 'RouteTables[].RouteTableId' | awk -F "\"" '{print $2}' | grep rtb > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/ROUTE_TABLE_ID.txt

#Routing Table ID 변수화
ROUTE_TABLE_ID=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/ROUTE_TABLE_ID.txt`

for i in ${ROUTE_TABLE_ID[@]}
do
	aws ec2 describe-route-tables --route-table-ids ${i} --output text > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-ID/${i}.txt
	echo " ㅇ Routing Table ID: ${i}" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-TOTAL.txt
	cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-ID/${i}.txt | grep ROUTETABLES | awk '{print "   - VPC: " $4}' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-TOTAL.txt
	cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-ID/${i}.txt | grep ASSOCIATIONS | awk '{print "   - Subnet: " $5}' | grep subnet- >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-TOTAL.txt
	echo "   - Routing Tables" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-TOTAL.txt
	cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-ID/${i}.txt | grep ROUTES | grep local | awk '{print "     · " $2 "\t\t" $5 "\t" $3}' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-TOTAL.txt
	cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-ID/${i}.txt | grep ROUTES | grep -v local | grep -v 0.0.0.0/0 | awk '{print "     · " $2 "\t\t" $4 "\t" $5}' | grep -v blackhole | grep -v "     · [a-z]" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-TOTAL.txt

	if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-ID/${i}.txt | grep ROUTES | grep -v local | grep -v 0.0.0.0/0 | awk '{print $2 "\t\t" $3 "\t" $4 "\t" $5}' | grep "^[a-z,A-Z]" | wc -l` ]; then
		cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-ID/${i}.txt | grep ROUTES | grep -v local | grep -v 0.0.0.0/0 | awk '{print "     · " $2 "\t\t" $5 "\t" $3}' | grep "     · [a-z]" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-TOTAL.txt
	fi

	cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-ID/${i}.txt | grep ROUTES | grep -v local | grep -v 0.0.0.0/0 | awk '{print "     · " $2 "\t\t" $4 "\t" $5}' | grep blackhole >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-TOTAL.txt
	cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-ID/${i}.txt | grep ROUTES | grep 0.0.0.0/0 | grep -v eni- | awk '{print "     · " $2 "\t\t" $5 "\t" $3}' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-TOTAL.txt
	cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-ID/${i}.txt | grep ROUTES | grep 0.0.0.0/0 | grep eni- | awk '{print "     · " $2 "\t\t" $7 "\t" $5}' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-TOTAL.txt
done

cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-005/RTB-TOTAL.txt >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "Routing Tables 점검 완료"
echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#Elastic IP 점검
echo "VPC-006. Elastic IP"
echo "VPC-006. Elastic IP" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ Elastic IP 주소를 사용 중인 EC2 인스턴스의 Open Port가 Any로 허용되어 있지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ Elastic IP 주소를 사용 중인 EC2 인스턴스의 Open Port가 Any로 허용되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "VPC-006. Elastic IP 점검 중"

#Elastic IP 관련 폴더 생성
mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-006"
aws ec2 describe-addresses --query 'Addresses[].InstanceId' | grep i- | awk -F "\"" '{print $2}' > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-006/INSTANCE_ID.txt
INSTANCE_ID=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-006/INSTANCE_ID.txt`

for  i in ${REGION_ID[@]};
do
	for j in ${INSTANCE_ID[@]}
	do
		mkdir ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-006/${j}
		touch ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-006/${j}/${j}.txt
		echo " ㅇ Instance_ID: ${j}" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-006/${j}/${j}.txt
		aws ec2 describe-instances --instance-ids=${j} | grep GroupId | awk -F "\"" '{print $4}' | sort -f | uniq > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-006/${j}/${j}_SG.txt
		SECURITY_GROUP_ID=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-006/${j}/${j}_SG.txt`

		for k in ${SECURITY_GROUP_ID[@]}
		do
			aws ec2 describe-security-groups --region=${i} --group-id=${k} > ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-006/${j}/${k}.json

			IpPermissions_Policy_Count=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-006/${j}/${k}.json | jq '.SecurityGroups[].IpPermissions[] | length'| wc -l`
			for (( n = 0; n < ${IpPermissions_Policy_Count}; n++))
			do
				IpPermissions=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-006/${j}/${k}.json | jq '.SecurityGroups[].IpPermissions['$n'] | .IpProtocol, .FromPort, .ToPort, .IpRanges[].CidrIp, .UserIdGroupPairs[].GroupId' | sed -e 's/"//g' | tr "\n" "\t"`
				echo "     - ${j}	${k}	${IpPermissions[@]}" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-006/${j}/${j}.txt
			done
		done
		cat ${TODAY}/${ACCOUNT}/${REGION_ID}/VPC-006/${j}/${j}.txt >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	done
done

echo "VPC-006. Elastic IP 점검 완료"

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "RDS 공통영역"
#RDS 리소스 액세스 권한 관리 점검
echo "RDS-001. RDS 리소스 액세스 권한 관리"
echo "RDS-001. RDS 리소스 액세스 권한 관리" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AWS Root 계정 관리자가 다수 사용자에게 RDS 리소스 생성 권한을 설정하지 않았을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 역할에 교차 계정 권한을 부여하지 않았을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AWS Root 계정 관리자가 다수 사용자에게 RDS 리소스 생성 권한을 설정했을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 역할에 교차 계정 권한을 부여했을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "RDS-001. RDS 리소스 액세스 권한 관리 점검 중"

RDS_ADMIN_POLICY_ATTR=("AmazonRDSDataFullAccess" "AmazonRDSFullAccess")

#RDS  IP 관련 폴더 생성
mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-001"

for i in ${RDS_ADMIN_POLICY_ATTR[@]}
do
	echo " ㅇ ${i} 권한을 가지고 있는 계정이 있는가?" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	echo "   - AWS 관리형 권한을 가진 계정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

	touch ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-001/${i}_USER_LIST.txt

	for j in ${USER_GROUP_LIST[@]}
	do
		if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${j}.json | grep ${i} | wc -l` ]; then
			aws iam get-group --group-name ${j} | grep UserName | sed -e 's/"//g' | sed -e 's/,//g' | sort -f | awk -F ": " '{print "     · " $2}' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-001/${i}_USER_LIST.txt
		fi
	done

	if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-001/${i}_USER_LIST.txt | wc -l` ]; then
		cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-001/${i}_USER_LIST.txt | sort -f | uniq  >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	else
		echo "     · ${i} 권한을 가지고 있는 계정이 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	fi

	echo "   - 계정에 직접 ${i} 권한을 가진 계정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

	if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -ne "\"PolicyName\": \"${i}\"\," | wc -l` ]; then

		ADMIN_DOCS_NUM=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -ne "\"PolicyName\": \"${i}\"" | awk -F ":" '{print $1}'`

		for k in ${ADMIN_DOCS_NUM[@]}
		do
			LINE_NUM=100
			while [ 0 -lt ${LINE_NUM} ]
			do
				if [ 1 -eq `cat -b ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -B ${LINE_NUM} ${k} | grep UserName | wc -l` ]; then
					cat -b ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -B ${LINE_NUM} ${k} | grep UserName | sed -e 's/\"//g' | sed -e 's/\,//g' | awk -F ": " '{ print "     · " $2 }' | sort -f | uniq >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
					break;
				else
					LINE_NUM=`expr ${LINE_NUM} - 1`
				fi
			done
		done
	else
		echo "     · ${i} 권한을 직접 가지고 있는 계정이 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	fi
done

echo "RDS-001.  RDS 리소스 액세스 권한 관리 점검 완료"
echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#RDS 리소스 액세스 권한 관리 점검
echo "RDS-002. RDS API 작업 권한 부여"
echo "RDS-002. RDS API 작업 권한 부여" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ IAM 일반 사용자 권한에 RDS API 기능을 사용할 수 있는 권한이 부여되어 있지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ IAM 일반 사용자 권한에 RDS API 기능을 사용할 수 있는 권한이 부여되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "RDS-002. RDS API 작업 권한 점검 중"

#RDS  IP 관련 폴더 생성
mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-002"

RDS_AUTH_POLICY_ATTR=("AmazonRDSDataFullAccess" "AmazonRDSFullAccess" "AmazonRDSReadOnlyAccess" "AWSApplicationAutoscalingRDSClusterPolicy" "AmazonRDSBetaServiceRolePolicy" "AmazonRDSDirectoryServiceAccess" "AmazonRDSEnhancedMonitoringRole" "AmazonRDSPreviewServiceRolePolicy" "AmazonRDSServiceRolePolicy" "AWSQuickSightDescribeRDS" "RDSCloudHsmAuthorizationRole")

for i in ${RDS_AUTH_POLICY_ATTR[@]}
do
        echo " ㅇ ${i} 권한을 가지고 있는 계정이 있는가?" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
        echo "   - AWS 관리형 권한을 가진 계정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
        touch ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-002/${i}_USER_LIST.txt

        for j in ${USER_GROUP_LIST[@]}
        do
                if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${j}.json | grep ${i} | wc -l` ]; then
                        aws iam get-group --group-name ${j} | grep UserName | sed -e 's/"//g' | sed -e 's/,//g' | sort -f | awk -F ": " '{print "     · " $2}' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-002/${i}_USER_LIST.txt
                fi
        done

        if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-002/${i}_USER_LIST.txt | wc -l` ]; then
                cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-002/${i}_USER_LIST.txt >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
        else
                echo "     · ${i} 권한을 가지고 있는 계정이 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
        fi

        echo "   - 계정에 직접 ${i} 권한을 가진 계정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt


	if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -ne "\"PolicyName\": \"${i}\"\," | wc -l` ]; then

		ADMIN_DOCS_NUM=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -ne "\"PolicyName\": \"${i}\"" | awk -F ":" '{print $1}'`

		for k in ${ADMIN_DOCS_NUM[@]}
		do
			LINE_NUM=100
			while [ 0 -lt ${LINE_NUM} ]
			do
				if [ 1 -eq `cat -b ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -B ${LINE_NUM} ${k} | grep UserName | wc -l` ]; then
					cat -b ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -B ${LINE_NUM} ${k} | grep UserName | sed -e 's/\"//g' | sed -e 's/\,//g' | awk -F ": " '{ print "     · " $2 }' | sort -f | uniq >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
					break;
				else
					LINE_NUM=`expr ${LINE_NUM} - 1`
				fi
			done
		done
	else
		echo "     · ${i} 권한을 직접 가지고 있는 계정이 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	fi
done

echo "RDS-002.  RDS 리소스 액세스 권한 관리 점검 완료"
echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt


#서브넷 가용 영역
echo "RDS-003. 서브넷 가용 영역"
echo "RDS-003. 서브넷 가용 영역" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ EC2 인스턴스와 RDS 연결간의 서브넷이 설정되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ EC2 인스턴스와 RDS 연결간의 불필요한 서브넷이 설정되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "RDS-003. 서브넷 가용 영역 점검 중"

#RDS  IP 관련 폴더 생성
mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-003/RDS_SUBNET_LIST"

DB_DBSUBNET_GROUP=`aws rds describe-db-subnet-groups | jq '.DBSubnetGroups[].DBSubnetGroupName' | sed -e 's/\"//g'`

for i in ${DB_DBSUBNET_GROUP[@]}
do
	aws rds describe-db-subnet-groups --db-subnet-group-name ${i} > ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-003/RDS_SUBNET_LIST/${i}.json
	cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-003/RDS_SUBNET_LIST/${i}.json | grep DBSubnetGroupName | sed -e 's/\"//g' | awk '{print " ㅇ " $1 " " $2}' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-003/RDS_SUBNET_LIST/${i}.json | grep VpcId | sed -e 's/\"//g' | sed -e 's/\,//g' | awk '{print "   - " $1 " " $2}' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
	cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-003/RDS_SUBNET_LIST/${i}.json | grep SubnetIdentifier | sed -e 's/\"//g' | sed -e 's/\,//g' | awk '{print "     · " $1 " " $2}' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
done

echo "RDS-003.  서브넷 가용 영역 점검 완료"
echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt


#RDS IAM(자격 증명 기반 정책) 보안 정책 설정
echo "RDS-004. IAM(자격 증명 기반 정책) 보안 정책 설정"
echo "RDS-004. IAM(자격 증명 기반 정책) 보안 정책 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 1명의 사용자가 다수의 IAM 계정을 사용하지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS 서비스의 IAM 계정 사용 권한이 각각 서비스 역할에 맞게 설정되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 1명의 사용자가 다수의 IAM 계정을 사용할 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS 서비스의 IAM 계정 사용 권한이 각각 서비스 역할에 맞게 설정되어 있지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS-002. RDS API 작업 권한 부여 내역 검토 필요" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS-002. RDS API 작업 권한 부여 내역 검토 필요"
echo "RDS-004. IAM(자격 증명 기반 정책) 보안 정책 점검 완료"

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#RDS 옵션정책
echo "RDS-101. RDS 파라미터 관리 영역 설정"
echo "RDS-101. RDS 파라미터 관리 영역 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS(MariaDB/MySQL/Oracle/PostgreSQL) 파라미터 값이 Default 값으로 설정되어 있는 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ RDS(MariaDB/MySQL/Oracle/PostgreSQL) 파라미터 값이 Default 값 외 다른 값으로 설정되어 있는 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " => 신규 파라미터 추가 및 변경 시 담당자 확인이 필요함" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#파라미터 관리 점검 폴
mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP"

aws rds describe-db-instances > ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/describe-db-instances.json

RDS_PARAMETER_GROUPNAME=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/describe-db-instances.json | jq '.DBInstances[].DBParameterGroups[].DBParameterGroupName' | sed -e 's/\"//g' | sort -f | uniq`

for i in ${RDS_PARAMETER_GROUPNAME[@]}
do
	aws rds describe-db-parameters --db-parameter-group-name ${i} --source system > ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json
done

for i in ${RDS_PARAMETER_GROUPNAME[@]}
do
	if [ 0 -lt  `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep mysql | wc -l` ]; then
		if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterValue": "/rdsdbbin/oscar"' | wc -l` ]; then

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "binlog_cache_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "binlog_cache_size",' -A 1 -B 1 | grep '"ParameterValue": "32768",' | wc -l` ]; then
					echo '   - "ParameterName": "binlog_cache_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 트랜잭션 중에 이진 로그에 대한 SQL 문을 보유하는 캐시의 크기' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "binlog_cache_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "32768"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "binlog_cache_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "binlog_format",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "binlog_format",' -A 1 -B 1 | grep '"ParameterValue": "MIXED",' | wc -l` ]; then
					echo '   - "ParameterName": "binlog_format": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json'
				else
					echo '   * 행 또는 혼합 복제' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "binlog_format"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json'
					echo '     - 기본설정: "ParameterValue": "MIXED"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "binlog_format",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "default_password_lifetime",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "default_password_lifetime",' -A 1 -B 1 | grep '"ParameterValue": "0",' | wc -l` ]; then
					echo '   - "ParameterName": "default_password_lifetime": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 자동 암호 만료 정책 정의' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "default_password_lifetime"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "default_password_lifetime",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "explicit_defaults_for_timestamp",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "explicit_defaults_for_timestamp",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "explicit_defaults_for_timestamp": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 5.6.7에 필요한 필수 요소' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "explicit_defaults_for_timestamp"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "explicit_defaults_for_timestamp",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "gtid-mode",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "gtid-mode",' -A 1 -B 1 | grep '"ParameterValue": "OFF_PERMISSIVE",' | wc -l` ]; then
					echo '   - "ParameterName": "gtid-mode": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * GTID 기반 로깅을 사용할지 여부와 로그에 포함할 수 있는 트랜잭션 유형 설명' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "gtid-mode"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "OFF_PERMISSIVE"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "gtid-mode",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_buffer_pool_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_buffer_pool_size",' -A 1 -B 1 | grep '"ParameterValue": "{DBInstanceClassMemory\*3/4}",' | wc -l` ]; then
					echo '   - "ParameterName": "innodb_buffer_pool_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Innodb가 테이블의 데이터와 인덱스를 캐시하기 위해 사용하는 메모리 버퍼의 크기(Byte)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "innodb_buffer_pool_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "{DBInstanceClassMemory\*3/4}"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_buffer_pool_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_file_per_table",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_file_per_table",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "innodb_file_per_table": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Innodb에 테이블 스페이스/파일을 선택' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "innodb_file_per_table"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_file_per_table",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_flush_method",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_flush_method",' -A 1 -B 1 | grep '"ParameterValue": "O_DIRECT",' | wc -l` ]; then
					echo '   - "ParameterName": "innodb_flush_method": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Innodb의 플러시 메소드를 결정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "innodb_flush_method"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "O_DIRECT"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_flush_method",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_buffer_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_buffer_size",' -A 1 -B 1 | grep '"ParameterValue": "8388608",' | wc -l` ]; then
					echo '   - "ParameterName": "innodb_log_buffer_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Innodb가 디스크의 로그 파일에 쓰는 데 사용하는 버퍼의 크기(Byte)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "innodb_log_buffer_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "8388608"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_buffer_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_file_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_file_size",' -A 1 -B 1 | grep '"ParameterValue": "134217728",' | wc -l` ]; then
					echo '   - "ParameterName": "innodb_log_file_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 로그 그룹의 각 로그 파일 크기(Byte)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "innodb_log_file_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "134217728"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_file_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "key_buffer_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "key_buffer_size",' -A 1 -B 1 | grep '"ParameterValue": "16777216",' | wc -l` ]; then
					echo '   - "ParameterName": "key_buffer_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 인덱스 블록(모든 읽기 및 다중 쓰기의 경우)에 사용되는 향상된 인덱스 처리를 얻으려면 버퍼 크기를 늘릴 것' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "key_buffer_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "16777216"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "key_buffer_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "local_infile",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "local_infile",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "local_infile": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * LOAD DATA INFILE에 대해 LOCAL 컨트롤 지원' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "local_infile"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "local_infile",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_output",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_output",' -A 1 -B 1 | grep '"ParameterValue": "FILE",' | wc -l` ]; then
					echo '   - "ParameterName": "log_output": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 쿼리 로그를 저장할 위치 제어' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_output"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "FILE"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_output",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "master-info-repository",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "master-info-repository",' -A 1 -B 1 | grep '"ParameterValue": "TABLE",' | wc -l` ]; then
					echo '   - "ParameterName": "master-info-repository": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 이 옵션을 사용하면 서버가 마스터 정보 로그를 파일이나 테이블에 기록' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "master-info-repository"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "TABLE"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "master-info-repository",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_connections",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_connections",' -A 1 -B 1 | grep '"ParameterValue": "GREATEST' | wc -l` ]; then
					echo '   - "ParameterName": "max_connections": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 허용되는 동시 클라이언트 연결 수' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "max_connections"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "GREATEST"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_connections",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "performance_schema",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "performance_schema",' -A 1 -B 1 | grep '"ParameterValue": "0",' | wc -l` ]; then
					echo '   - "ParameterName": "performance_schema": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 성능 스키마를 사용하거나 사용하지 않도록 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "performance_schema"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "performance_schema",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_buffer_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_buffer_size",' -A 1 -B 1 | grep '"ParameterValue": "262144",' | wc -l` ]; then
					echo '   - "ParameterName": "read_buffer_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 순차 스캔을 수행하는 각 스레드는 이 버퍼를 할당. 많은 순차적 스캔을 수행하여 값이 증가하면 성능 향상에 도움' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "read_buffer_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "262144"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_buffer_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_only",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_only",' -A 1 -B 1 | grep '"ParameterValue": "{TrueIfReplica}",' | wc -l` ]; then
					echo '   - "ParameterName": "read_only": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 활성화되면 서버는 슬레이브 스레드가 수행한 업데이트를 제외하고 업데이트를 비허용' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "read_only"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "{TrueIfReplica}"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_only",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_rnd_buffer_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_rnd_buffer_size",' -A 1 -B 1 | grep '"ParameterValue": "524288",' | wc -l` ]; then
					echo '   - "ParameterName": "read_rnd_buffer_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 키 정렬 작업 후에 정렬된 순서로 행을 읽을 때 디스크 읽기를 방지. 큰 값은 ORDER BY 성능을 향상시킬 수 있음' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "read_rnd_buffer_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "524288"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_rnd_buffer_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay_log_info_repository",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay_log_info_repository",' -A 1 -B 1 | grep '"ParameterValue": "TABLE",' | wc -l` ]; then
					echo '   - "ParameterName": "relay_log_info_repository": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 이 옵션을 사용하면 서버가 릴레이 로그 정보를 파일이나 테이블에 기록' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "relay_log_info_repository"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "TABLE"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay_log_info_repository",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "sync_binlog",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "sync_binlog",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "sync_binlog": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * binlog 동기화 (MySQL이 디스크로 플러시되거나 OS에 의존)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "sync_binlog"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "sync_binlog",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "table_open_cache_instances",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "table_open_cache_instances",' -A 1 -B 1 | grep '"ParameterValue": "16",' | wc -l` ]; then
					echo '   - "ParameterName": "table_open_cache_instances": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 열린 테이블 캐시 인스턴스의 수' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "table_open_cache_instances"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "16"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "table_open_cache_instances",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "thread_stack",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "thread_stack",' -A 1 -B 1 | grep '"ParameterValue": "262144",' | wc -l` ]; then
					echo '   - "ParameterName": "thread_stack": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 스레드 스택 크기가 너무 작으면 서버가 처리 할 수 있는 SQL 문의 복잡성, 저장프로시저의 재귀 수준 및 기타 메모리 소비 작업을 제한' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "thread_stack"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "262144"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "thread_stack",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "basedir",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "basedir",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbbin/oscar",' | wc -l` ]; then
					echo '   - "ParameterName": "basedir": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * MySQL 설치베이스 디렉토리' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "basedir"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbbin/oscar"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "basedir",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "datadir",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "datadir",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/db/",' | wc -l` ]; then
					echo '   - "ParameterName": "datadir": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * MySQL 데이터 디렉토리' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "datadir"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/db/"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "datadir",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "default_storage_engine",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "default_storage_engine",' -A 1 -B 1 | grep '"ParameterValue": "InnoDB",' | wc -l` ]; then
					echo '   - "ParameterName": "default_storage_engine": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 기본 저장소 엔진(테이블 형식)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "default_storage_engine"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "InnoDB"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "default_storage_engine",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "general_log_file",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "general_log_file",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/log/general/mysql-general.log",' | wc -l` ]; then
					echo '   - "ParameterName": "general_log_file": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * MySQL 일반 로그의 위치' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "general_log_file"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/log/general/mysql-general.log"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "general_log_file",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_data_home_dir",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_data_home_dir",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/db/innodb",' | wc -l` ]; then
					echo '   - "ParameterName": "innodb_data_home_dir": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Innodb 파일이 저장된 디렉토리' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "innodb_data_home_dir"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/db/innodb"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_data_home_dir",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_group_home_dir",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_group_home_dir",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/log/innodb",' | wc -l` ]; then
					echo '   - "ParameterName": "innodb_log_group_home_dir": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Innodb 로그 파일의 디렉토리 경로' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "innodb_log_group_home_dir"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/log/innodb"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_group_home_dir",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log-bin",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log-bin",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/log/binlog/mysql-bin-changelog",' | wc -l` ]; then
					echo '   - "ParameterName": "log-bin": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 바이너리 로깅 제어' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log-bin"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/log/binlog/mysql-bin-changelog"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log-bin",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_error",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_error",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/log/error/mysql-error.log",' | wc -l` ]; then
					echo '   - "ParameterName": "log_error": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 오류 로그의 위치' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_error"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/log/error/mysql-error.log"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_error",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_slave_updates",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_slave_updates",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "log_slave_updates": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 체인 복제 허용' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_slave_updates"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_slave_updates",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_binlog_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_binlog_size",' -A 1 -B 1 | grep '"ParameterValue": "134217728",' | wc -l` ]; then
					echo '   - "ParameterName": "max_binlog_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 이 크기에 도달하면 서버가 binlog를 변경' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "max_binlog_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "134217728"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_binlog_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "pid_file",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "pid_file",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/log/mysql-{EndPointPort}.pid",' | wc -l` ]; then
					echo '   - "ParameterName": "pid_file": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 프로세스 ID 파일의 경로 이름. 이 파일은 mysqld_safe와 같은 다른 프로그램에서 서버의 프로세스 ID를 결정하는 데 사용' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "pid_file"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/log/mysql-{EndPointPort}.pid"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "pid_file",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "port",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "port",' -A 1 -B 1 | grep '"ParameterValue": "{EndPointPort}",' | wc -l` ]; then
					echo '   - "ParameterName": "port": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 서버가 TC/IP 연결을 청취하는 포트의 번호' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "port"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "{EndPointPort}"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "port",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay-log",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay-log",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/log/relaylog/relaylog",' | wc -l` ]; then
					echo '   - "ParameterName": "relay-log": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 릴레이 로그의 기본 이름' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "relay-log"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/log/relaylog/relaylog"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay-log",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay_log_recovery",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay_log_recovery",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "relay_log_recovery": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 서버 시작 직후 자동 릴레이 로그 복구를 사용 가능하게 함' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "relay_log_recovery"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay_log_recovery",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "secure_file_priv",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "secure_file_priv",' -A 1 -B 1 | grep '"ParameterValue": "/tmp",' | wc -l` ]; then
					echo '   - "ParameterName": "secure_file_priv": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * LOAD_FILE(), LOAD_DATA 및 SELECT의 효과 제한' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "secure_file_priv"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/tmp"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "secure_file_priv",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "server_id",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "server_id",' -A 1 -B 1 | grep '"ParameterValue": "{ServerId}",' | wc -l` ]; then
					echo '   - "ParameterName": "server_id": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 복제 그룹에서 인스턴스를 식별하는데 사용되는 정수 값' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "server_id"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "{ServerId}"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "server_id",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "skip-slave-start",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "skip-slave-start",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "skip-slave-start": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 슬레이브 서버가 서버를 시작할 때 슬레이브 스레드를 시작하지 못하게 함' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "skip-slave-start"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "skip-slave-start",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "slow_query_log_file",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "slow_query_log_file",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/log/slowquery/mysql-slowquery.log",' | wc -l` ]; then
					echo '   - "ParameterName": "slow_query_log_file": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * MySQL 저속 질의 로그 파일의 위치' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "slow_query_log_file"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/log/slowquery/mysql-slowquery.log"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "slow_query_log_file",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "socket",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "socket",' -A 1 -B 1 | grep '"ParameterValue": "/tmp/mysql.sock",' | wc -l` ]; then
					echo '   - "ParameterName": "socket": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * (UNIX) 소켓 파일 및 로컬 연결에 사용되는 (WINODWS) 명명 된 파이프' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "socket"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/tmp/mysql.sock"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "socket",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "tmpdir",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "tmpdir",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/tmp/",' | wc -l` ]; then
					echo '   - "ParameterName": "tmpdir": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 임시 파일 및 임시 테이블에 사용되는 디렉토리' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "tmpdir"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/tmp/"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "tmpdir",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi		


		else

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "binlog_cache_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "binlog_cache_size",' -A 1 -B 1 | grep '"ParameterValue": "32768",' | wc -l` ]; then
					echo '   - "ParameterName": "binlog_cache_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 트랜잭션 중에 이진 로그에 대한 SQL 문을 보유하는 캐시의 크기' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "binlog_cache_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "32768"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "binlog_cache_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "binlog_format",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "binlog_format",' -A 1 -B 1 | grep '"ParameterValue": "MIXED",' | wc -l` ]; then
					echo '   - "ParameterName": "binlog_format": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 행 또는 혼합 복제' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "binlog_format"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "MIXED"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "binlog_format",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "default_password_lifetime",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "default_password_lifetime",' -A 1 -B 1 | grep '"ParameterValue": "0",' | wc -l` ]; then
					echo '   - "ParameterName": "default_password_lifetime": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 자동 암호 만료 정책 정의' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "default_password_lifetime"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "default_password_lifetime",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "explicit_defaults_for_timestamp",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "explicit_defaults_for_timestamp",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "explicit_defaults_for_timestamp": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 5.6.7에 필요한 필수 요소' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "explicit_defaults_for_timestamp"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "explicit_defaults_for_timestamp",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "gtid-mode",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "gtid-mode",' -A 1 -B 1 | grep '"ParameterValue": "OFF_PERMISSIVE",' | wc -l` ]; then
					echo '   - "ParameterName": "gtid-mode": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * GTID 기반 로깅을 사용할지 여부와 로그에 포함할 수 있는 트랜잭션 유형 설명' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "gtid-mode"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "OFF_PERMISSIVE"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "gtid-mode",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_buffer_pool_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_buffer_pool_size",' -A 1 -B 1 | grep '"ParameterValue": "{DBInstanceClassMemory\*3/4}",' | wc -l` ]; then
					echo '   - "ParameterName": "innodb_buffer_pool_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Innodb가 테이블의 데이터와 인덱스를 캐시하기 위해 사용하는 메모리 버퍼의 크기(Byte)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "innodb_buffer_pool_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "{DBInstanceClassMemory\*3/4}"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_buffer_pool_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_file_per_table",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_file_per_table",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "innodb_file_per_table": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Innodb에 테이블 스페이스/파일을 선택' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "innodb_file_per_table"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_file_per_table",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_flush_method",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_flush_method",' -A 1 -B 1 | grep '"ParameterValue": "O_DIRECT",' | wc -l` ]; then
					echo '   - "ParameterName": "innodb_flush_method": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Innodb의 플러시 메소드를 결정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "innodb_flush_method"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "O_DIRECT"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_flush_method",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_buffer_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_buffer_size",' -A 1 -B 1 | grep '"ParameterValue": "8388608",' | wc -l` ]; then
					echo '   - "ParameterName": "innodb_log_buffer_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Innodb가 디스크의 로그 파일에 쓰는 데 사용하는 버퍼의 크기(Byte)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "innodb_log_buffer_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "8388608"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_buffer_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_file_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_file_size",' -A 1 -B 1 | grep '"ParameterValue": "134217728",' | wc -l` ]; then
					echo '   - "ParameterName": "innodb_log_file_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 로그 그룹의 각 로그 파일 크기(Byte)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "innodb_log_file_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "134217728"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_file_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "key_buffer_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "key_buffer_size",' -A 1 -B 1 | grep '"ParameterValue": "16777216",' | wc -l` ]; then
					echo '   - "ParameterName": "key_buffer_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 인덱스 블록(모든 읽기 및 다중 쓰기의 경우)에 사용되는 향상된 인덱스 처리를 얻으려면 버퍼 크기를 늘릴 것' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "key_buffer_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "16777216"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "key_buffer_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "local_infile",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "local_infile",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "local_infile": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * LOAD DATA INFILE에 대해 LOCAL 컨트롤 지원' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "local_infile"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "local_infile",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_output",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_output",' -A 1 -B 1 | grep '"ParameterValue": "TABLE",' | wc -l` ]; then
					echo '   - "ParameterName": "log_output": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 쿼리 로그를 저장할 위치 제어' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_output"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "TABLE"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_output",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "master-info-repository",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "master-info-repository",' -A 1 -B 1 | grep '"ParameterValue": "TABLE",' | wc -l` ]; then
					echo '   - "ParameterName": "master-info-repository": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 이 옵션을 사용하면 서버가 마스터 정보 로그를 파일이나 테이블에 기록' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "master-info-repository"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "TABLE"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "master-info-repository",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_connections",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_connections",' -A 1 -B 1 | grep '"ParameterValue": "{DBInstanceClassMemory/12582880}",' | wc -l` ]; then
					echo '   - "ParameterName": "max_connections": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 허용되는 동시 클라이언트 연결 수' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "max_connections"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "{DBInstanceClassMemory/12582880}"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_connections",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "performance_schema",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "performance_schema",' -A 1 -B 1 | grep '"ParameterValue": "0",' | wc -l` ]; then
					echo '   - "ParameterName": "performance_schema": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 성능 스키마를 사용하거나 사용하지 않도록 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "performance_schema"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "performance_schema",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_buffer_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_buffer_size",' -A 1 -B 1 | grep '"ParameterValue": "262144",' | wc -l` ]; then
					echo '   - "ParameterName": "read_buffer_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 순차 스캔을 수행하는 각 스레드는 이 버퍼를 할당. 많은 순차적 스캔을 수행하여 값이 증가하면 성능 향상에 도움' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "read_buffer_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "262144"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_buffer_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_only",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_only",' -A 1 -B 1 | grep '"ParameterValue": "{TrueIfReplica}",' | wc -l` ]; then
					echo '   - "ParameterName": "read_only": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 활성화되면 서버는 슬레이브 스레드가 수행한 업데이트를 제외하고 업데이트를 비허용' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "read_only"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "{TrueIfReplica}"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_only",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_rnd_buffer_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_rnd_buffer_size",' -A 1 -B 1 | grep '"ParameterValue": "524288",' | wc -l` ]; then
					echo '   - "ParameterName": "read_rnd_buffer_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 키 정렬 작업 후에 정렬된 순서로 행을 읽을 때 디스크 읽기를 방지. 큰 값은 ORDER BY 성능을 향상시킬 수 있음' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "read_rnd_buffer_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "524288"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "read_rnd_buffer_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay_log_info_repository",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay_log_info_repository",' -A 1 -B 1 | grep '"ParameterValue": "TABLE",' | wc -l` ]; then
					echo '   - "ParameterName": "relay_log_info_repository": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 이 옵션을 사용하면 서버가 릴레이 로그 정보를 파일이나 테이블에 기록' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "relay_log_info_repository"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "TABLE"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay_log_info_repository",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "sync_binlog",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "sync_binlog",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "sync_binlog": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * binlog 동기화 (MySQL이 디스크로 플러시되거나 OS에 의존)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "sync_binlog"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "sync_binlog",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "table_open_cache_instances",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "table_open_cache_instances",' -A 1 -B 1 | grep '"ParameterValue": "16",' | wc -l` ]; then
					echo '   - "ParameterName": "table_open_cache_instances": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 열린 테이블 캐시 인스턴스의 수' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "table_open_cache_instances"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "16"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "table_open_cache_instances",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "thread_stack",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "thread_stack",' -A 1 -B 1 | grep '"ParameterValue": "262144",' | wc -l` ]; then
					echo '   - "ParameterName": "thread_stack": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 스레드 스택 크기가 너무 작으면 서버가 처리 할 수 있는 SQL 문의 복잡성, 저장프로시저의 재귀 수준 및 기타 메모리 소비 작업을 제한' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "thread_stack"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "262144"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "thread_stack",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "basedir",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "basedir",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbbin/mysql",' | wc -l` ]; then
					echo '   - "ParameterName": "basedir": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * MySQL 설치베이스 디렉토리' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "basedir"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbbin/mysql"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "basedir",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "datadir",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "datadir",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/db/",' | wc -l` ]; then
					echo '   - "ParameterName": "datadir": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * MySQL 데이터 디렉토리' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "datadir"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/db/"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "datadir",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "default_storage_engine",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "default_storage_engine",' -A 1 -B 1 | grep '"ParameterValue": "InnoDB",' | wc -l` ]; then
					echo '   - "ParameterName": "default_storage_engine": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 기본 저장소 엔진(테이블 형식)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "default_storage_engine"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "InnoDB"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "default_storage_engine",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "general_log_file",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "general_log_file",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/log/general/mysql-general.log",' | wc -l` ]; then
					echo '   - "ParameterName": "general_log_file": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * MySQL 일반 로그의 위치' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "general_log_file"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/log/general/mysql-general.log"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "general_log_file",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_data_home_dir",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_data_home_dir",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/db/innodb",' | wc -l` ]; then
					echo '   - "ParameterName": "innodb_data_home_dir": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Innodb 파일이 저장된 디렉토리' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "innodb_data_home_dir"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/db/innodb"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_data_home_dir",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_group_home_dir",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_group_home_dir",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/log/innodb",' | wc -l` ]; then
					echo '   - "ParameterName": "innodb_log_group_home_dir": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Innodb 로그 파일의 디렉토리 경로' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "innodb_log_group_home_dir"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/log/innodb"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "innodb_log_group_home_dir",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log-bin",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log-bin",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/log/binlog/mysql-bin-changelog",' | wc -l` ]; then
					echo '   - "ParameterName": "log-bin": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 바이너리 로깅 제어' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log-bin"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/log/binlog/mysql-bin-changelog"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log-bin",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_error",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_error",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/log/error/mysql-error.log",' | wc -l` ]; then
					echo '   - "ParameterName": "log_error": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 오류 로그의 위치' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_error"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/log/error/mysql-error.log"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_error",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_slave_updates",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_slave_updates",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "log_slave_updates": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 체인 복제 허용' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_slave_updates"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_slave_updates",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_binlog_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_binlog_size",' -A 1 -B 1 | grep '"ParameterValue": "134217728",' | wc -l` ]; then
					echo '   - "ParameterName": "max_binlog_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 이 크기에 도달하면 서버가 binlog를 변경' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "max_binlog_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "134217728"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_binlog_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "pid_file",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "pid_file",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/log/mysql-{EndPointPort}.pid",' | wc -l` ]; then
					echo '   - "ParameterName": "pid_file": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 프로세스 ID 파일의 경로 이름. 이 파일은 mysqld_safe와 같은 다른 프로그램에서 서버의 프로세스 ID를 결정하는 데 사용' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "pid_file"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/log/mysql-{EndPointPort}.pid"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "pid_file",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "port",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "port",' -A 1 -B 1 | grep '"ParameterValue": "{EndPointPort}",' | wc -l` ]; then
					echo '   - "ParameterName": "port": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 서버가 TC/IP 연결을 청취하는 포트의 번호' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "port"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "{EndPointPort}"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "port",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay-log",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay-log",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/log/relaylog/relaylog",' | wc -l` ]; then
					echo '   - "ParameterName": "relay-log": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 릴레이 로그의 기본 이름' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "relay-log"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/log/relaylog/relaylog"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay-log",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay_log_recovery",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay_log_recovery",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "relay_log_recovery": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 서버 시작 직후 자동 릴레이 로그 복구를 사용 가능하게 함' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "relay_log_recovery"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "relay_log_recovery",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "secure_file_priv",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "secure_file_priv",' -A 1 -B 1 | grep '"ParameterValue": "/tmp",' | wc -l` ]; then
					echo '   - "ParameterName": "secure_file_priv": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * LOAD_FILE(), LOAD_DATA 및 SELECT의 효과 제한' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "secure_file_priv"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/tmp"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "secure_file_priv",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "server_id",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "server_id",' -A 1 -B 1 | grep '"ParameterValue": "{ServerId}",' | wc -l` ]; then
					echo '   - "ParameterName": "server_id": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 복제 그룹에서 인스턴스를 식별하는데 사용되는 정수 값' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "server_id"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "{ServerId}"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "server_id",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "skip-slave-start",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "skip-slave-start",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "skip-slave-start": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 슬레이브 서버가 서버를 시작할 때 슬레이브 스레드를 시작하지 못하게 함' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "skip-slave-start"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "skip-slave-start",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "slow_query_log_file",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "slow_query_log_file",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/log/slowquery/mysql-slowquery.log",' | wc -l` ]; then
					echo '   - "ParameterName": "slow_query_log_file": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * MySQL 저속 질의 로그 파일의 위치' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "slow_query_log_file"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/log/slowquery/mysql-slowquery.log"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "slow_query_log_file",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "socket",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "socket",' -A 1 -B 1 | grep '"ParameterValue": "/tmp/mysql.sock",' | wc -l` ]; then
					echo '   - "ParameterName": "socket": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * (UNIX) 소켓 파일 및 로컬 연결에 사용되는 (WINODWS) 명명 된 파이프' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "socket"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/tmp/mysql.sock"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "socket",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
	
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "tmpdir",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "tmpdir",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/tmp",' | wc -l` ]; then
					echo '   - "ParameterName": "tmpdir": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 임시 파일 및 임시 테이블에 사용되는 디렉토리' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "tmpdir"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/tmp"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "tmpdir",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi
		fi

	else 
	
		if [ 0 -lt  `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep postgresql.log | wc -l` ]; then
			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "autovacuum_analyze_scale_factor",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "autovacuum_analyze_scale_factor",' -A 1 -B 1 | grep '"ParameterValue": "0.05",' | wc -l` ]; then
					echo '   - "ParameterName": "autovacuum_analyze_scale_factor": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * reltuples의 일부로 분석하기 전에 튜플 삽입, 업데이트 또는 삭제의 수' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "autovacuum_analyze_scale_factor"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0.05"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "autovacuum_analyze_scale_factor",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "autovacuum_naptime",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "autovacuum_naptime",' -A 1 -B 1 | grep '"ParameterValue": "30",' | wc -l` ]; then
					echo '   - "ParameterName": "autovacuum_naptime": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * autovacuum 자동 실행 주기(초)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "autovacuum_naptime"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "30"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "autovacuum_naptime",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "autovacuum_vacuum_scale_factor",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "autovacuum_vacuum_scale_factor",' -A 1 -B 1 | grep '"ParameterValue": "0.1",' | wc -l` ]; then
					echo '   - "ParameterName": "autovacuum_vacuum_scale_factor": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * reltuples의 일부로 진공 이전의 튜플 업데이트 또는 삭제 횟수' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "autovacuum_vacuum_scale_factor"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0.1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "autovacuum_vacuum_scale_factor",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "checkpoint_completion_target",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "checkpoint_completion_target",' -A 1 -B 1 | grep '"ParameterValue": "0.9",' | wc -l` ]; then
					echo '   - "ParameterName": "checkpoint_completion_target": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 검사 시간 동안 불필요한 버퍼를 플러시하는데 소요되는 시간 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "checkpoint_completion_target"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0.9"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "checkpoint_completion_target",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "client_encoding",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "client_encoding",' -A 1 -B 1 | grep '"ParameterValue": "UTF8",' | wc -l` ]; then
					echo '   - "ParameterName": "client_encoding": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 클라이언트 문자 세트 인코딩 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "client_encoding"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "UTF8"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "client_encoding",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "effective_cache_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "effective_cache_size",' -A 1 -B 1 | grep '"ParameterValue": "{DBInstanceClassMemory/16384}",' | wc -l` ]; then
					echo '   - "ParameterName": "effective_cache_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 디스크 캐시의 크기에 대한 용량 설정(8KB)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "effective_cache_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "{DBInstanceClassMemory/16384}"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "effective_cache_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "huge_pages",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "huge_pages",' -A 1 -B 1 | grep '"ParameterValue": "off",' | wc -l` ]; then
					echo '   - "ParameterName": "huge_pages": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Linux에서의 큰 페이지 사용 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "huge_pages"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "off"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "huge_pages",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_checkpoints",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_checkpoints",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "log_checkpoints": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 각 검사 점 기록' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_checkpoints"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_checkpoints",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_destination",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_destination",' -A 1 -B 1 | grep '"ParameterValue": "stderr",' | wc -l` ]; then
					echo '   - "ParameterName": "log_destination": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 서버 로그 출력의 대상 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_destination"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "stderr"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_destination",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_filename",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_filename",' -A 1 -B 1 | grep '"ParameterValue": "postgresql.log.%Y-%m-%d-%H' | wc -l` ]; then
					echo '   - "ParameterName": "log_filename": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 로그 파일의 파일 이름 패턴 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_filename"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "postgresql.log.%Y-%m-%d-%H"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_filename",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_hostname",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_hostname",' -A 1 -B 1 | grep '"ParameterValue": "1",' | wc -l` ]; then
					echo '   - "ParameterName": "log_hostname": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 연결 로그에 호스트 이름 기록 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_hostname"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_hostname",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_rotation_age",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_rotation_age",' -A 1 -B 1 | grep '"ParameterValue": "60",' | wc -l` ]; then
					echo '   - "ParameterName": "log_rotation_age": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 자동 로그 파일 회전은 N분 후에 발생(분)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_rotation_age"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "60"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_rotation_age",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "maintenance_work_mem",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "maintenance_work_mem",' -A 1 -B 1 | grep '"ParameterValue": "GREATEST' | wc -l` ]; then
					echo '   - "ParameterName": "maintenance_work_mem": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 유지 보수 작업에 사용할 최대 메모리 설정(KB)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "maintenance_work_mem"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "GREATEST"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "maintenance_work_mem",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_connections",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_connections",' -A 1 -B 1 | grep '"ParameterValue": "LEAST' | wc -l` ]; then
					echo '   - "ParameterName": "max_connections": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 최대 동시 연결 수 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "max_connections"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "LEAST"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_connections",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_locks_per_transaction",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_locks_per_transaction",' -A 1 -B 1 | grep '"ParameterValue": "64",' | wc -l` ]; then
					echo '   - "ParameterName": "max_locks_per_transaction": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 트랜잭션 당 최대 잠금 수 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "max_locks_per_transaction"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "64"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_locks_per_transaction",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_prepared_transactions",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_prepared_transactions",' -A 1 -B 1 | grep '"ParameterValue": "0"' | wc -l` ]; then
					echo '   - "ParameterName": "max_prepared_transactions": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 동시 준비 트랜잭션의 최대 수 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "max_prepared_transactions"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_prepared_transactiions",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_replication_slots",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_replication_slots",' -A 1 -B 1 | grep '"ParameterValue": "5"' | wc -l` ]; then
					echo '   - "ParameterName": "max_replication_slots": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 서버가 지원할 수 있는 최대 복제 슬롯 수 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "max_replication_slots"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "5"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_replication_slots",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_stack_depth",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_stack_depth",' -A 1 -B 1 | grep '"ParameterValue": "6144"' | wc -l` ]; then
					echo '   - "ParameterName": "max_stack_depth": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '"   * 최대 스택 깊이를 킬로바이트 단위로 설정(KB)"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "max_stack_depth"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "6144"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_stack_depth",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_wal_senders",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_wal_senders",' -A 1 -B 1 | grep '"ParameterValue": "10"' | wc -l` ]; then
					echo '   - "ParameterName": "max_wal_senders": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 동시에 실행중인 WAL 발신자 프로세스의 최대 수 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "max_wal_senders"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "10"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_stack_depth",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_wal_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_wal_size",' -A 1 -B 1 | grep '"ParameterValue": "128"' | wc -l` ]; then
					echo '   - "ParameterName": "max_wal_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 검사 점을 트리거 하는 WAL 크기 설정(16MB)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "max_wal_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "128"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_wal_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_worker_processes",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_worker_processes",' -A 1 -B 1 | grep '"ParameterValue": "8"' | wc -l` ]; then
					echo '   - "ParameterName": "max_worker_processes": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 동시 작업자 프로세스의 최대 수 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "max_worker_processes"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "8"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_wal_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "min_wal_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "min_wal_size",' -A 1 -B 1 | grep '"ParameterValue": "16"' | wc -l` ]; then
					echo '   - "ParameterName": "min_wal_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * WAL을 축소 할 최소 크기 설정(16MB)' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "min_wal_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "16"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "max_wal_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "postgis.gdal_enabled_drivers",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "postgis.gdal_enabled_drivers",' -A 1 -B 1 | grep '"ParameterValue": "ENABLE_ALL"' | wc -l` ]; then
					echo '   - "ParameterName": "postgis.gdal_enabled_drivers": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * PostgresSQL 9.3.5 이상에서 PostGIS와 함께 사용되는 GDAL 드라이버 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "postgis.gdal_enabled_drivers"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "ENABLE_ALL"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "postgis.gdal_enabled_drivers",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.custom_dns_resolution",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.custom_dns_resolution",' -A 1 -B 1 | grep '"ParameterValue": "0"' | wc -l` ]; then
					echo '   - "ParameterName": "rds.custom_dns_resolution": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 고객 VPC에서 DNS 확인 허용 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "rds.custom_dns_resolution"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.custom_dns_resolution",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.force_ssl",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.force_ssl",' -A 1 -B 1 | grep '"ParameterValue": "0"' | wc -l` ]; then
					echo '   - "ParameterName": "rds.force_ssl": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 강제 SSL 연결 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "rds.force_ssl"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.force_ssl",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.log_retention_period",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.log_retention_period",' -A 1 -B 1 | grep '"ParameterValue": "4320"' | wc -l` ]; then
					echo '   - "ParameterName": "rds.log_retention_period": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Amazon RDS는 N분보다 오래된 PostgreSQL 로그 삭제 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "rds.log_retention_period"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "4320"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.log_retention_period",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.logical_replication",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.logical_replication",' -A 1 -B 1 | grep '"ParameterValue": "0"' | wc -l` ]; then
					echo '   - "ParameterName": "rds.logical_replication": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 논리 디코딩 사용 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "rds.logical_replication"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.logical_replication",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.pg_stat_ramdisk_size",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.pg_stat_ramdisk_size",' -A 1 -B 1 | grep '"ParameterValue": "0"' | wc -l` ]; then
					echo '   - "ParameterName": "rds.pg_stat_ramdisk_size": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 통계 램 디스크의 크기. 0이 아닌 값은 램 디스크 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "rds.pg_stat_ramdisk_size"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.pg_stat_ramdisk_size",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.rds_superuser_reserved_connections",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.rds_superuser_reserved_connections",' -A 1 -B 1 | grep '"ParameterValue": "2"' | wc -l` ]; then
					echo '   - "ParameterName": "rds.rds_superuser_reserved_connections": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * rds_superusers에 예약된 연결 슬롯 수 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "rds.rds_superuser_reserved_connections"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "2"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.rds_superuser_reserved_connections",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "shared_buffers",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "shared_buffers",' -A 1 -B 1 | grep '"ParameterValue": "{DBInstanceClassMemory/32768}"' | wc -l` ]; then
					echo '   - "ParameterName": "shared_buffers": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 서버가 사용하는 공유 메모리 버퍼 수 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "shared_buffers"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "ParameterValue": "{DBInstanceClassMemory/32768}"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "shared_buffers",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "ssl",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "ssl",' -A 1 -B 1 | grep '"ParameterValue": "1"' | wc -l` ]; then
					echo '   - "ParameterName": "ssl": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * SSL 연결 사용 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "ssl"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "ssl",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "synchronous_commit",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "synchronous_commit",' -A 1 -B 1 | grep '"ParameterValue": "on"' | wc -l` ]; then
					echo '   - "ParameterName": "synchronous_commit": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 현재 트랜잭션 동기화 수준 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "synchronous_commit"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "on"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "synchronous_commit",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "timezone",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "timezone",' -A 1 -B 1 | grep '"ParameterValue": "UTC"' | wc -l` ]; then
					echo '   - "ParameterName": "timezone": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 타임 스탬프를 표시하고 해석하기 위한 표준 시간대 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "timezone"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "UTC"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "timezone",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "wal_keep_segments",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "wal_keep_segments",' -A 1 -B 1 | grep '"ParameterValue": "32"' | wc -l` ]; then
					echo '   - "ParameterName": "wal_keep_segments": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 대기 서버에 보관되는 WAL 파일 수 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "wal_keep_segments"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "32"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "wal_keep_segments",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "wal_receiver_timeout",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "wal_receiver_timeout",' -A 1 -B 1 | grep '"ParameterValue": "30000"' | wc -l` ]; then
					echo '   - "ParameterName": "wal_receiver_timeout": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 1차 서버로부터 데이터를 수신할 최대 대기 시간 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "wal_receiver_timeout"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "30000"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "wal_receiver_timeout",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "wal_sender_timeout",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "wal_sender_timeout",' -A 1 -B 1 | grep '"ParameterValue": "30000"' | wc -l` ]; then
					echo '   - "ParameterName": "wal_sender_timeout": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * WAL 복제를 기다리는 최대 시간 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "wal_sender_timeout"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "30000"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "wal_sender_timeout",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "archive_command",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "archive_command",' -A 1 -B 1 | grep '"ParameterValue": "/etc/rds/dbbin/pgscripts/rds_wal_archive %p' | wc -l` ]; then
					echo '   - "ParameterName": "archive_command": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * WAL 파일을 보관하기 위해 호출할 쉘 명령 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "archive_command"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/etc/rds/dbbin/pgscripts/rds_wal_archive %p"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "archive_command",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "archive_timeout",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "archive_timeout",' -A 1 -B 1 | grep '"ParameterValue": "300"' | wc -l` ]; then
					echo '   - "ParameterName": "archive_timeout": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '"   * 새 파일이 N초 내에 시작되지 않은 경우 다음 xlog 파일 전환 설정(초)"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "archive_timeout"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "300"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "archive_timeout",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "config_file",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "config_file",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/config/postgresql.conf"' | wc -l` ]; then
					echo '   - "ParameterName": "config_file": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 서버 기본 구성 파일 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "config_file"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/config/postgresql.conf"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "config_file",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "data_directory",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "data_directory",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/db"' | wc -l` ]; then
					echo '   - "ParameterName": "data_directory": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 서버 데이터 디렉토리 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "data_directory"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/db"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "data_directory",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "fsync",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "fsync",' -A 1 -B 1 | grep '"ParameterValue": "1"' | wc -l` ]; then
					echo '   - "ParameterName": "fsync": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 업데이트를 디스크에 강제 동기화 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "fsync"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "fsync",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "full_page_writes",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "full_page_writes",' -A 1 -B 1 | grep '"ParameterValue": "1"' | wc -l` ]; then
					echo '   - "ParameterName": "full_page_writes": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 검사 시점 이후 처음 수정 될 때 전체 페이지 WAL 쓰기 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "full_page_writes"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "full_page_writes",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "hba_file",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "hba_file",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/config/pg_hba.conf"' | wc -l` ]; then
					echo '   - "ParameterName": "hba_file": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 서버 hba 구성 파일 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "hba_file"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/config/pg_hba.conf"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "hba_file",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "ident_file",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "ident_file",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/config/pg_ident.conf"' | wc -l` ]; then
					echo '   - "ParameterName": "ident_file": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 서버 ident 구성 파일 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "ident_file"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/config/pg_ident.conf"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "ident_file",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "listen_addresses",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "listen_addresses",' -A 1 -B 1 | grep '"ParameterValue": "\*"' | wc -l` ]; then
					echo '   - "ParameterName": "listen_addresses": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 청취할 호스트 이름 또는 IP 주소 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "listen_addresses"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "*"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "listen_addresses",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "lo_compat_privileges",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "lo_compat_privileges",' -A 1 -B 1 | grep '"ParameterValue": "0"' | wc -l` ]; then
					echo '   - "ParameterName": "lo_compat_privileges": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 대형 객체에 대한 권한 검사에 대해 이전 버전과의 호환 모드 활성화' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "lo_compat_privileges"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "lo_compat_privileges",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_directory",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_directory",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/log/error"' | wc -l` ]; then
					echo '   - "ParameterName": "log_directory": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 로그 파일의 대상 디렉토리 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_directory"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/log/error"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_directory",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_file_mode",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_file_mode",' -A 1 -B 1 | grep '"ParameterValue": "0644"' | wc -l` ]; then
					echo '   - "ParameterName": "log_file_mode": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 로그 파일에 대한 파일 권한 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_file_mode"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0644"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_file_mode",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_line_prefix",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_line_prefix",' -A 1 -B 1 | grep '"ParameterValue": "%t:%r:%u@%d:\[%p\]:"' | wc -l` ]; then
					echo '   - "ParameterName": "log_line_prefix": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 각 로그 라인 앞에 접두사가 붙은 정보 제어 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_line_prefix"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "%t:%r:%u@%d:[%p]:"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_line_prefix",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_timezone",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_timezone",' -A 1 -B 1 | grep '"ParameterValue": "UTC"' | wc -l` ]; then
					echo '   - "ParameterName": "log_timezone": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 로그 메시지에 사용할 표준 시간대 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_timezone"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "UTC"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_timezone",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_truncate_on_rotation",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_truncate_on_rotation",' -A 1 -B 1 | grep '"ParameterValue": "0"' | wc -l` ]; then
					echo '   - "ParameterName": "log_truncate_on_rotation": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 로그를 순환하는 동안 같은 이름의 기존 로그 파일 변경 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "log_truncate_on_rotation"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "log_truncate_on_rotation",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "logging_collector",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "logging_collector",' -A 1 -B 1 | grep '"ParameterValue": "1"' | wc -l` ]; then
					echo '   - "ParameterName": "logging_collector": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 하위 프로세스를 시작하여 stderr 출력 및 / 또는 svclog를 로그 파일 캡쳐 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "logging_collector"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "1"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "logging_collector",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "port",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "port",' -A 1 -B 1 | grep '"ParameterValue": "{EndPointPort}"' | wc -l` ]; then
					echo '   - "ParameterName": "port": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 서버가 수신 대기하는 TCP 포트 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "port"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "{EndPointPort}"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "port",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.max_tcp_buffers",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.max_tcp_buffers",' -A 1 -B 1 | grep '"ParameterValue": "33554432"' | wc -l` ]; then
					echo '   - "ParameterName": "rds.max_tcp_buffers": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * tcp 버퍼의 최대 크기 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "rds.max_tcp_buffers"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "33554432"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.max_tcp_buffers",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.superuser_variables",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.superuser_variables",' -A 1 -B 1 | grep '"ParameterValue": "session_replication_role"' | wc -l` ]; then
					echo '   - "ParameterName": "rds.superuser_variables": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * rds_superuser 수정문을 향상시키는 슈퍼 유저 전용 변수 목록' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "rds.superuser_variables"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "session_replication_role"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "rds.superuser_variables",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "ssl_ca_file",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "ssl_ca_file",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/rds-metadata/ca-cert.pem"' | wc -l` ]; then
					echo '   - "ParameterName": "ssl_ca_file": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * SSL 서버 권한 파일 위치 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "ssl_ca_file"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/rds-metadata/ca-cert.pem"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "ssl_ca_file",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "ssl_cert_file",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "ssl_cert_file",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/rds-metadata/server-cert.pem"' | wc -l` ]; then
					echo '   - "ParameterName": "ssl_cert_file": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * SSL 서버 인증 파일 위치 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "ssl_cert_file"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/rds-metadata/server-cert.pem"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "ssl_cert_file",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "ssl_key_file",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "ssl_key_file",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/rds-metadata/server-key.pem"' | wc -l` ]; then
					echo '   - "ParameterName": "ssl_key_file": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * SSL 서버 개인용 키 파일 위치 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "ssl_key_file"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/rds-metadata/server-key.pem"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "ssl_key_file",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "stats_temp_directory",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "stats_temp_directory",' -A 1 -B 1 | grep '"ParameterValue": "/rdsdbdata/db/pg_stat_tmp"' | wc -l` ]; then
					echo '   - "ParameterName": "stats_temp_directory": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 임시 통계 파일을 지정된 디렉토리 기록 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "stats_temp_directory"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/rdsdbdata/db/pg_stat_tmp"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "stats_temp_directory",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "superuser_reserved_connections",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "superuser_reserved_connections",' -A 1 -B 1 | grep '"ParameterValue": "3"' | wc -l` ]; then
					echo '   - "ParameterName": "superuser_reserved_connections": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 슈퍼 유저용으로 예약된 연결 슬롯 수 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "superuser_reserved_connections"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "3"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "superuser_reserved_connections",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "unix_socket_directories",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "unix_socket_directories",' -A 1 -B 1 | grep '"ParameterValue": "/tmp"' | wc -l` ]; then
					echo '   - "ParameterName": "unix_socket_directories": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Unix 도메인 소켓을 작성할 디렉터리 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "unix_socket_directories"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "/tmp"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "unix_socket_directories",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "unix_socket_group",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "unix_socket_group",' -A 1 -B 1 | grep '"ParameterValue": "rdsdb"' | wc -l` ]; then
					echo '   - "ParameterName": "unix_socket_group": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * Unix 도메인 소켓의 액세스 권한 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "unix_socket_group"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "rdsdb"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 현재설정:' `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "unix_socket_group",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

			if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "unix_socket_permissions",' | wc -l` ]; then
				if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "unix_socket_permissions",' -A 1 -B 1 | grep '"ParameterValue": "0700"' | wc -l` ]; then
					echo '   - "ParameterName": "unix_socket_permissions": YES' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				else
					echo '   * 디스크로 WAL 업데이트를 강제하는데 사용되는 방법 설정' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 파라미터: "ParameterName": "unix_socket_permissions"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo '     - 기본설정: "ParameterValue": "0700"' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
					echo "     - 현재설정:" `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}.json | grep '"ParameterName": "unix_socket_permissions",' -A 1 -B 1 | grep "ParameterValue" | sed -e 's/,//g' | sed -e 's/            //g'` >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json
				fi
			fi

		fi
	fi

	echo " ㅇ DB 파라미터 명: ${i}" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt		
	cat ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-101/RDS/RDS_PARAMETER_GROUP/${i}_RESULT.json | grep -v YES >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
done

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#RDS-102. MariaDB/MySQL 감사 플러그인 설정
echo "RDS-102. MariaDB/MySQL 감사 플러그인 설정"
echo "RDS-102. MariaDB/MySQL 감사 플러그인 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " * 회사 내부 RDS 중 감사 플러그인 사용 RDS 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#RDS-103. Oracle APEX Listener 설정 
echo "RDS-103. Oracle APEX Listener 설정"
echo "RDS-103. Oracle APEX Listener 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " * 회사 내부 RDS 중 Oracle RDS 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#RDS-104. Oracle 기본 네트워크 암호화 (NNE) 설정 
echo "RDS-104. Oracle 기본 네트워크 암호화 (NNE) 설정"
echo "RDS-104. Oracle 기본 네트워크 암호화 (NNE) 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " * 회사 내부 RDS 중 Oracle RDS 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#RDS-105. Oracle SSL 설정
echo "RDS-105. Oracle SSL 설정"
echo "RDS-105. Oracle SSL 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " * 회사 내부 RDS 중 Oracle RDS 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#RDS-106. Oracle Enterprise Manager (OEM) 설정
echo "RDS-106. Oracle Enterprise Manager (OEM) 설정"
echo "RDS-106. Oracle Enterprise Manager (OEM) 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " * 회사 내부 RDS 중 Oracle RDS 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#RDS-107. Oracle UTL_MAIL 설정
echo "RDS-107. Oracle UTL_MAIL 설정"
echo "RDS-107. Oracle UTL_MAIL 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " * 회사 내부 RDS 중 Oracle RDS 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "RDS 로깅"
echo "RDS 로깅" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
#RDS-201. MariaDB/MySQL 보안 로그 설정
echo "RDS-201. MariaDB/MySQL 보안 로그 설정"
echo "RDS-201. MariaDB/MySQL 보안 로그 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " * 정보 부족으로 설정 점검 진행하지 않음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#RDS-202. MSSQL 보안 로그 설정
echo "RDS-202. MSSQL 보안 로그 설정"
echo "RDS-202. MSSQL 보안 로그 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " * 회사 내부 RDS 중 MSSQL RDS 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#RDS-203. Oracle 보안 로그 설정
echo "RDS-203. Oracle 보안 로그 설정"
echo "RDS-203. Oracle 보안 로그 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " * 회사 내부 RDS 중 Oracle RDS 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#RDS-204. PostgreSQL 보안 로그 설정
echo "RDS-204. PostgreSQL 보안 로그 설정"
echo "RDS-204. PostgreSQL 보안 로그 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " * 정보 부족으로 설정 점검 진행하지 않음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "S3 데이터 보안"
echo "S3 데이터 보안" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

#S3 버킷 권한 점검
echo "S3-001. 버킷 접근 보안"
echo "S3-001. 버킷 접근 보안" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ Everyone 그룹에 권한이 모두 미설정일 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 다른 AWS 계정에 대한 액세스 설정이 존재하지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ Everyone 그룹에 객체목록생성, 객체쓰기, 버킷읽기권한, 버킷쓰기권한이 부여되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 다른 AWS 계정에 대한 액세스 설정이 존재할 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "  => AWS 계정 보유자의 역할 확인 필요" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "S3-001. 버킷 접근 보안 중"

mkdir -p ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-001

BUCKET_LIST=`aws s3api list-buckets | grep Name | sed -e 's/"//g' | awk '{print $2 }' | sort -f | uniq`

echo -e "\n"

echo " ㅇ Public으로 설정되어 있는 버킷" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "아래 메시지처럼 나오는 상황은 무시하셔도 됩니다."
echo "An error occurred (NoSuchBucketPolicy) ~~~~~~"

for i in ${BUCKET_LIST[@]}
do
        if [ 1 -eq `aws s3api get-bucket-policy-status --bucket ${i} | grep -E 'IsPublic\": true' | wc -l` ]; then
                echo "   -" ${i} > ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-001/${i}.txt
        else
                echo "   - ${i}: 확인되지 않음" > ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-001/${i}.txt
        fi


done

if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-001/*.txt | grep -v "확인되지 않음" | wc -l` ]; then
        cat ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-001/*.txt | grep -v "확인되지 않음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
else
        echo "   - Public로 설정되어 있는 버킷 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi

echo "S3-001. 버킷 접근 보안 확인 완료"

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "S3-002. 기본 암호화 설정"
echo "S3-002. 기본 암호화 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AES-256으로 서버 측 암호화 사용 또는 AWS-KMS로 서버측 암호화가 설정되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ AES-256으로 서버 측 암호화 사용 또는 AWS-KMS로 서버측 암호화가 설정되어 있지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 아래 리스트는 암호화 설정이 되어 있지 않은 것만 출력" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "S3-002. 기본 암호화 설정 점검 중"

mkdir -p ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-002

BUCKET_LIST=`aws s3api list-buckets | grep Name | sed -e 's/"//g' | awk '{print $2 }' | sort -f | uniq`

echo -e "\n"

echo "아래 메시지처럼 나오는 상황은 무시하셔도 됩니다."
echo "An error occurred (ServerSideEncryptionConfigurationNotFoundError)~~~~~~~~"

for i in ${BUCKET_LIST[@]}
do
        if [ 1 -eq `aws s3api get-bucket-encryption --bucket ${i} | grep SSEAlgorithm | sed -e 's/"//g' | awk '{print $2}' | wc -l` ]; then
                echo " ㅇ 버킷 명/암호화 여부: ${i} /" `aws s3api get-bucket-encryption --bucket ${i} | grep SSEAlgorithm | sed -e 's/"//g' | awk '{print $2}'`  > ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-002/${i}.txt
        else
                echo " ㅇ 버킷 명/암호화 여부: ${i} / 암호화 설정 되지 않음"  > ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-002/${i}.txt
        fi
done

if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-002/*.txt | grep "암호화 설정 되지 않음" | wc -l` ]; then
        cat ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-002/*.txt | grep "암호화 설정 되지 않음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
else
        echo " ㅇ 전체 암호화 설정 되어 있음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi

echo "S3-002. 기본 암호화 설정 점검 완료"

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "S3-003. 로그 파일의 수집 및 권한 설정"
echo "S3-003. 로그 파일의 수집 및 권한 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ S3 버킷에 대한 서버 액세스 로깅이 활성화되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ S3 버킷에 대한 서버 액세스 로깅이 활성화되어 있지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 아래 리스트는 로깅 설정이 되어 있지 않은 것만 출력" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "S3-003. 로그 파일의 수집 및 권한 설정 확인 중"

mkdir -p ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-003

BUCKET_LIST=`aws s3api list-buckets | grep Name | sed -e 's/"//g' | awk '{print $2 }' | sort -f | uniq`

for i in ${BUCKET_LIST[@]}
do
        aws s3api get-bucket-logging --bucket ${i} > ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-003/${i}.json

        if [ 1 -eq `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-003/${i}.json | grep LoggingEnabled | wc -l` ]; then
                echo " ㅇ 버킷 명: "${i} - 로깅 설정 되어 있음  > ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-003/${i}.txt
        else
                echo " ㅇ 버킷 명: "${i} - 로깅 설정 되어 있지 않음   > ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-003/${i}.txt
        fi
done

if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-003/*.txt | grep "되어 있지 않음" | wc -l` ]; then
        cat ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-003/*.txt | grep "되어 있지 않음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
else
        echo " ㅇ 전체 버킷 로깅 설정 되어 있음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
fi

echo "S3-003. 로그 파일의 수집 및 권한 설정 확인 완료"

echo -e "\n" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

echo "S3-004. IAM(자격 증명 기반 정책) 보안 정책 설정"
echo "S3-004. IAM(자격 증명 기반 정책) 보안 정책 설정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 양호기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 1명의 사용자가 다수의 IAM 계정을 사용하지 않을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ S3 서비스의 IAM 계정 사용 권한이 각각 서비스 역할에 맞게 설정되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "* 취약기준" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ 1명의 사용자가 다수의 IAM 계정을 사용할 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo " ㅇ S3 서비스의 IAM 계정 사용 권한이 각각 서비스 역할에 맞지 않게 설정되어 있을 경우" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "----------" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
echo "S3-004. IAM(자격 증명 기반 정책) 보안 정책 설정 점검 중"

#S3 관련 폴더 생성
mkdir -p "${TODAY}/${ACCOUNT}/${REGION_ID}/S3-004"

S3_ADMIN_POLICY_ATTR=("AmazonS3FullAccess" "AmazonDMSRedshiftS3Role" "AmazonS3ReadOnlyAccess" "QuickSightAccessForS3StorageManagementAnalyticsReadOnly")

for i in ${S3_ADMIN_POLICY_ATTR[@]}
do
        echo " ㅇ ${i} 권한을 가지고 있는 계정이 있는가?" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
        echo "   - AWS 관리형 권한을 가진 계정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

        touch ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-004/${i}_USER_LIST.txt

        for j in ${USER_GROUP_LIST[@]}
        do
                if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/${j}.json | grep ${i} | wc -l` ]; then
                        aws iam get-group --group-name ${j} | grep UserName | sed -e 's/"//g' | sed -e 's/,//g' | sort -f | awk -F ": " '{print "     · " $2}' >> ${TODAY}/${ACCOUNT}/${REGION_ID}/RDS-001/${i}_USER_LIST.txt
                fi
        done

        if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-004/${i}_USER_LIST.txt | wc -l` ]; then
                cat ${TODAY}/${ACCOUNT}/${REGION_ID}/S3-004/${i}_USER_LIST.txt | sort -f | uniq  >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
        else
                echo "     · ${i} 권한을 가지고 있는 계정이 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
        fi

        echo "   - 계정에 직접 ${i} 권한을 가진 계정" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt

        if [ 0 -lt `cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -ne "\"PolicyName\": \"${i}\"\," | wc -l` ]; then

                ADMIN_DOCS_NUM=`cat ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -ne "\"PolicyName\": \"${i}\"" | awk -F ":" '{print $1}'`

                for k in ${ADMIN_DOCS_NUM[@]}
                do
                        LINE_NUM=100
                        while [ 0 -lt ${LINE_NUM} ]
                        do
                                if [ 1 -eq `cat -b ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -B ${LINE_NUM} ${k} | grep UserName | wc -l` ]; then
                                        cat -b ${TODAY}/${ACCOUNT}/${REGION_ID}/AWS-004/ACCOUNT_DETAIL_USER.json | grep -B ${LINE_NUM} ${k} | grep UserName | sed -e 's/\"//g' | sed -e 's/\,//g' | awk -F ": " '{ print "     · " $2 }' | sort -f | uniq >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
                                        break;
                                else
                                        LINE_NUM=`expr ${LINE_NUM} - 1`
                                fi
                        done
                done
        else
                echo "     · ${i} 권한을 직접 가지고 있는 계정이 없음" >> ${TODAY}/${ACCOUNT}/${REGION_ID}/${TODAY}_RESULT.txt
        fi
done

echo "S3-004. IAM(자격 증명 기반 정책) 보안 정책 설정 점검 완료"

'기술 노트 > AWS' 카테고리의 다른 글

AWS 콘솔 모니터링 (0)	2024.03.04

elasticsearch 설정

2023. 2. 16. 17:11

elasticsearch 8.6.0 버전은 기본적으로 SSL 암호화 통신을 합니다.

저는 현재 설정은 SSL을 사용하지 않는 방법을 이용하겠습니다.

향후 SSL 적용 매뉴얼도 작성해서 올리도록 하겠습니다.

SSL 암호화 통신 하지 않음
cluster 설정 사용
- cluster를 사용할 경우 로그: /var/log/elasticsearch/{cluster.name}.log
- cluster를 사용하지 않을 경우 로그: /var/log/elasticsearch/elasticsearch.log

클러스터 설정 사용하지 않을 경우

# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
# 클러스터 사용할 경우 아래 항목 활성화
# cluster.name: my-application
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: tmplogsvr
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
# discovery.seed_hosts: ["127.0.0.1"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
# 클러스터 사용할 경우 아래 항목 설정 적용
# cluster.initial_master_nodes: ["tmplogsvr"]
#
# For more information, consult the discovery and cluster formation module documentation.
#

설정에 맞게 사용 (전체 설정 내용)

# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: my-application
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: tmplogsvr
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
network.host: 0.0.0.0
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
#discovery.seed_hosts: ["127.0.0.1", "[::1]"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
cluster.initial_master_nodes: ["tmplogsvr"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# --------------------------------- Readiness ----------------------------------
#
# Enable an unauthenticated TCP readiness endpoint on localhost
#
#readiness.port: 9399
#
# ---------------------------------- Various -----------------------------------
#
# Allow wildcard deletion of indices:
#
#action.destructive_requires_name: false

#----------------------- BEGIN SECURITY AUTO CONFIGURATION -----------------------
#
# The following settings, TLS certificates, and keys have been automatically
# generated to configure Elasticsearch security features on 16-02-2023 03:11:46
#
# --------------------------------------------------------------------------------

# Enable security features
xpack.security.enabled: false

xpack.security.enrollment.enabled: false

# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
  enabled: false
  keystore.path: certs/http.p12

# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
  enabled: false
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
#cluster.initial_master_nodes: ["localhost"]

# Allow HTTP API connections from anywhere
# Connections are encrypted and require user authentication
http.host: 0.0.0.0

# Allow other nodes to join the cluster from anywhere
# Connections are encrypted and mutually authenticated
#transport.host: 0.0.0.0

#----------------------- END SECURITY AUTO CONFIGURATION -------------------------
# Error 로그에exception during geoip databases update 가 있는 경우
ingest.geoip.downloader.enabled: false

'기술 노트 > elasticsearch' 카테고리의 다른 글

elasticsearch shards 늘려주는 명령어 (0)	2023.06.15
elasticsearch 설치 (0)	2023.02.16

기술 노트

'기술 노트 > NETWORK' 카테고리의 다른 글

kibana에서 elastalert 구성 시 필수사항

elastalert 설치한 RAW 데이터 입니다. 설치 방법만 보시고 싶으시다면 아래 게시물로 이동해주세요.

elastalert 설치 명령어 정리

pip 명령어가 없는 경우

elastalert 설치

setuptools-rust 설치

pip를 설치하여 pip3가 아닌 pip로 elastalert 설치

elastalert을 설치하기 위한 구성 툴을 추가 설치

elastalert 재설치 시도 및 완료

elastalert 구성요소 설치하기 폴더 삭제하기

bitsensor용 elastalert 설치

npm 설치

npm 실행 오류 1 및 해결

npm 실행 오류 2 및 해결

npm 실행 오류 3 및 해결

npm 실행 오류 4 및 해결

'기술 노트 > elastalert' 카테고리의 다른 글

'기술 노트 > logstash' 카테고리의 다른 글

'기술 노트 > logstash' 카테고리의 다른 글

'기술 노트 > logstash' 카테고리의 다른 글

'기술 노트 > logstash' 카테고리의 다른 글

'기술 노트 > kibana' 카테고리의 다른 글

'기술 노트 > OS' 카테고리의 다른 글

'기술 노트 > AWS' 카테고리의 다른 글

클러스터 설정 사용하지 않을 경우

설정에 맞게 사용 (전체 설정 내용)

'기술 노트 > elasticsearch' 카테고리의 다른 글

티스토리툴바