#!/opt/bin/bash # # logwatch dla tomato | shibby # #### KONFIGURACJA #### # ustaw domyslne wartosci logwatcha i wskaz jakie informacje chcesz otrzymywac: # 1 - tak # 0 - nie KIEDY=`date | awk '{print $2" "$3}'` ADRESAT="adres@email.pl" TEMAT="[TOMATO] Logwatch report" FTP_LOG=1 #wysylaj wszystkie logi FTP FTP_OK=1 #wysylaj info i poprawnych logowaniach FTP FTP_FAIL=1 #wysylaj bledne proby logowan ftp SSH_LOG=1 #wysylaj wszystkie logi ssh SSH_OK=1 #wysylaj info o poprawnych logowaniach SSH SSH_FAIL=1 #wysylaj bledne proby logowan ssh CRON_LOG=1 #wysylaj logi schedulera TRANS_LOG=1 #wysylaj logi transmission NTPC_LOG=1 #wysylaj logi serwera czasu DHCP_LOG=1 #wysylaj logi serwera dhcp #### KONIEC KONFIGURACJI ### #### DEFINICJE #### # definicji nie ruszamy KIEDY=`date | awk '{print $2" "$3}'` FTP_LOG_T=`cat /var/log/messages* | grep 'vsftp' | grep "$KIEDY"` FTP_OK_T=`cat /var/log/messages* | grep 'vsftp' | grep 'OK LOGIN' | grep "$KIEDY"` FTP_FAIL_T=`cat /var/log/messages* | grep 'vsftp' | grep 'FAIL LOGIN' | grep "$KIEDY"` SSH_LOG_T=`cat /var/log/messages* | grep authpriv | grep "$KIEDY"` SSH_OK_T=`cat /var/log/messages* | grep authpriv | grep succeeded | grep "$KIEDY"` SSH_FAIL_T=`cat /var/log/messages* | grep authpriv | grep 'bad password' | grep "$KIEDY"` CRON_LOG_T=`cat /var/log/messages* | grep sched | grep "$KIEDY"` TRANS_LOG_T=`cat /var/log/messages* | grep 'transmission-daemon' | grep "$KIEDY"` NTPC_LOG_T=`cat /var/log/messages* | grep ntpc | grep "$KIEDY"` DHCP_LOG_T=`cat /var/log/messages* | grep dhcp | grep "$KIEDY"` FTP_LOG_WCL=`cat /var/log/messages* | grep 'vsftp' | grep "$KIEDY" | wc -l` FTP_OK_WCL=`cat /var/log/messages* | grep 'vsftp' | grep 'OK LOGIN' | grep "$KIEDY" | wc -l` FTP_FAIL_WCL=`cat /var/log/messages* | grep 'vsftp' | grep 'FAIL LOGIN' | grep "$KIEDY" | wc -l` SSH_LOG_WCL=`cat /var/log/messages* | grep authpriv | grep "$KIEDY" | wc -l` SSH_OK_WCL=`cat /var/log/messages* | grep authpriv | grep succeeded | grep "$KIEDY" | wc -l` SSH_FAIL_WCL=`cat /var/log/messages* | grep authpriv | grep 'bad password' | grep "$KIEDY" | wc -l` CRON_LOG_WCL=`cat /var/log/messages* | grep sched | grep "$KIEDY" | wc -l` TRANS_LOG_WCL=`cat /var/log/messages* | grep 'transmission-daemon' | grep "$KIEDY" | wc -l` NTPC_LOG_WCL=`cat /var/log/messages* | grep ntpc | grep "$KIEDY" | wc -l` DHCP_LOG_WCL=`cat /var/log/messages* | grep dhcp | grep "$KIEDY" | wc -l` HR="########################################" #### KONIEC DEFINICJI #### #### SKRYPT WLASCIWY #### echo "To: $ADRESAT" > /tmp/mail.txt echo "Subject: $TEMAT" >> /tmp/mail.txt echo " " >> /tmp/mail.txt echo "$HR" >> /tmp/mail.txt echo " " >> /tmp/mail.txt if [ "$FTP_LOG" == "1" ]; then if [ ! "$FTP_LOG_WCL" == "0" ]; then echo "#### Logi serwera FTP ####" >> /tmp/mail.txt echo "$FTP_LOG_T" >> /tmp/mail.txt echo " " >> /tmp/mail.txt echo "$HR" >> /tmp/mail.txt echo " " >> /tmp/mail.txt fi fi if [ "$FTP_OK" == "1" ]; then if [ ! "$FTP_OK_WCL" == "0" ]; then echo "#### Logi serwera FTP - Poprawne logowania ####" >> /tmp/mail.txt echo "$FTP_OK_T" >> /tmp/mail.txt echo " " >> /tmp/mail.txt echo "$HR" >> /tmp/mail.txt echo " " >> /tmp/mail.txt fi fi if [ "$FTP_FAIL" == "1" ]; then if [ ! "$FTP_FAIL_WCL" == "0" ]; then echo "#### Logi serwera FTP - Bledne logowania ####" >> /tmp/mail.txt echo "$FTP_FAIL_T" >> /tmp/mail.txt echo " " >> /tmp/mail.txt echo "$HR" >> /tmp/mail.txt echo " " >> /tmp/mail.txt fi fi if [ "$SSH_LOG" == "1" ]; then if [ ! "$SSH_LOG_WCL" == "0" ]; then echo "#### Logi serwera SSH ####" >> /tmp/mail.txt echo "$SSH_LOG_T" >> /tmp/mail.txt echo " " >> /tmp/mail.txt echo "$HR" >> /tmp/mail.txt echo " " >> /tmp/mail.txt fi fi if [ "$SSH_OK" == "1" ]; then if [ ! "$SSH_OK_WCL" == "0" ]; then echo "#### Logi serwera SSH - Poprawne logowania ####" >> /tmp/mail.txt echo "$SSH_OK_T" >> /tmp/mail.txt echo " " >> /tmp/mail.txt echo "$HR" >> /tmp/mail.txt echo " " >> /tmp/mail.txt fi fi if [ "$SSH_FAIL" == "1" ]; then if [ ! "$SSH_FAIL_WCL" == "0" ]; then echo "#### Logi serwera SSH - Bledne logowania ####" >> /tmp/mail.txt echo "$SSH_FAIL_T" >> /tmp/mail.txt echo " " >> /tmp/mail.txt echo "$HR" >> /tmp/mail.txt echo " " >> /tmp/mail.txt fi fi if [ "$NTPC_LOG" == "1" ]; then if [ ! "$NTPC_LOG_WCL" == "0" ]; then echo "#### Logi serwera czasu ####" >> /tmp/mail.txt echo "$NTPC_LOG_T" >> /tmp/mail.txt echo " " >> /tmp/mail.txt echo "$HR" >> /tmp/mail.txt echo " " >> /tmp/mail.txt fi fi if [ "$DHCP_LOG" == "1" ]; then if [ ! "$DHCP_LOG_WCL" == "0" ]; then echo "#### Logi serwera DHCP ####" >> /tmp/mail.txt echo "$DHCP_LOG_T" >> /tmp/mail.txt echo " " >> /tmp/mail.txt echo "$HR" >> /tmp/mail.txt echo " " >> /tmp/mail.txt fi fi if [ "$CRON_LOG" == "1" ]; then if [ ! "$CRON_LOG_WCL" == "0" ]; then echo "#### Logi Schedulera ####" >> /tmp/mail.txt echo "$CRON_LOG_T" >> /tmp/mail.txt echo " " >> /tmp/mail.txt echo "$HR" >> /tmp/mail.txt echo " " >> /tmp/mail.txt fi fi if [ "$TRANS_LOG" == "1" ]; then if [ ! "$TRANS_LOG_WCL" == "0" ]; then echo "#### Logi transmission-daemon ####" >> /tmp/mail.txt echo "$TRANS_LOG_T" >> /tmp/mail.txt echo " " >> /tmp/mail.txt echo "$HR" >> /tmp/mail.txt echo " " >> /tmp/mail.txt fi fi #### WYSYLKA I POZADKI #### cat /tmp/mail.txt | msmtp -t rm -r /tmp/mail.txt