if [ ! -d "/opt/backup" ]; then
  sudo mkdir /opt/backup
fi

echo "COPYING"
sudo /opt/splunk/bin/splunk stop && sudo cp /opt/splunk/var/lib/splunk/defaultdb /opt/backup/ -R
echo "DELETE"
sudo dpkg -r splunk && sudo dpkg -P splunk && sudo rm /opt/splunk -r
echo "INSTALL"
sudo dpkg -i splunk-7.1.0.deb
sudo /opt/splunk/bin/splunk start
echo "OPEN BROWSER, I'LL SLEEP FOR 5 MINUTES"
sleep 300s
sudo /opt/splunk/bin/splunk stop && sudo cp /opt/backup/defaultdb /opt/splunk/var/lib/splunk/ -R

sudo apt install nmap && sudo nmap localhost -p 1-65535 &&
sudo /opt/splunk/bin/splunk enable listen 9997 &&
sudo /opt/splunk/bin/splunk enable listen 514 &&
sudo /opt/splunk/bin/splunk enable listen 5140 &&
sudo /opt/splunk/bin/splunk start


 cat splunk_reinstall_half.sh
sudo /opt/splunk/bin/splunk stop && sudo cp /opt/backup/defaultdb /opt/splunk/var/lib/splunk/ -R

sudo apt install nmap && sudo nmap localhost -p 1-65535 &&
sudo /opt/splunk/bin/splunk enable listen 9997 &&
sudo /opt/splunk/bin/splunk enable listen 514 &&
sudo /opt/splunk/bin/splunk enable listen 5140 &&
sudo /opt/splunk/bin/splunk start


30  1  *   *   *    root    /opt/splunkforwarder/bin/splunk restart
# Debian & Ubuntu
30  2  *   *   *    root    /usr/bin/rkhunter -c --sk
30  3  *   *   *    root    /usr/sbin/lynis -Q
# CentOS
30  2  *   *   *    root    /bin/rkhunter -c --sk
40  3  *   *   *    root    /bin/lynis -Q
# If error happened
50  2  *   *   *    root    /usr/bin/rkhunter --cronjob
00  3  *   *   *    root    /bin/rkhunter --cronjob
40  3  *   *   *    root    /usr/bin/lynis -Q
50  3  *   *   *    root    /bin/lynis --cronjob
# Clamscan
55  3  *   *   *    root    /usr/bin/clamscan -l /var/log/clamscan.log /
05  4  *   *   *    root    /usr/bin/clamscan --infected --remove --recursive /
# Freshclam only for CentOS
00 01,13 * *   *    root    /usr/bin/freshclam --quiet