Dynmotd: add a find command to get the last auth.log file and print the
number of sudo and ssh auth failed.
This commit is contained in:
parent
f001d412de
commit
2469487031
25
dynmotd
25
dynmotd
|
@ -87,11 +87,13 @@ PROC_COUNT=$(expr $PROC_COUNT - 5)
|
||||||
PROC_LIMIT=$(ulimit)
|
PROC_LIMIT=$(ulimit)
|
||||||
|
|
||||||
#++++++++++++: Authentication Information :+++++++++++++
|
#++++++++++++: Authentication Information :+++++++++++++
|
||||||
#AUTH_LOG_FILE=$(find /var/log -iname "auth.log")
|
# Get only one "auth.log" file path, the most recent
|
||||||
#SSH_USER_LOGIN=$(grep 'session opened' "${AUTH_LOG_FILE}" | awk '/sshd/' | awk "/${USERNAME}/" | wc -l)
|
# Simpliest way to get it?
|
||||||
#SSH_FAIL_LOGIN=$(grep sshd "${AUTH_LOG_FILE}" | awk '/Failed/' | wc -l)
|
AUTH_LOG_FILE=$(find /var/log -iname 'auth.log' -type f -printf '%TY-%Tm-%Td_%TT %p\n' | sort -r | tail -n1 | cut -d' ' -f2)
|
||||||
#SUDO_FAIL=$(grep sudo "${AUTH_LOG_FILE}" | awk '/authentication failure/' | wc -l)
|
SSH_USER_LOGIN=$(grep 'session opened' "${AUTH_LOG_FILE}" | awk '/sshd/' | awk "/${USERNAME}/" | wc -l)
|
||||||
#SUDO_3_FAIL=$(grep sudo "${AUTH_LOG_FILE}" | awk '/3 incorrect password/' | wc -l)
|
SSH_FAIL_LOGIN=$(grep sshd "${AUTH_LOG_FILE}" | awk '/Failed/' | wc -l)
|
||||||
|
SUDO_FAIL=$(grep sudo "${AUTH_LOG_FILE}" | awk '/authentication failure/' | wc -l)
|
||||||
|
SUDO_3_FAIL=$(grep sudo "${AUTH_LOG_FILE}" | awk '/3 incorrect password/' | wc -l)
|
||||||
|
|
||||||
|
|
||||||
MOTD_ORIG='/etc/motd.orig'
|
MOTD_ORIG='/etc/motd.orig'
|
||||||
|
@ -122,18 +124,17 @@ ${MAGENTA}+ ${WHITE}Processes\t${MAGENTA}= ${GREEN}$PROC_COUNT of ${PROC_LIMIT}
|
||||||
|
|
||||||
|
|
||||||
printf '%b' "\n${MAGENTA}++++++++++++: ${WHITE}Authentication Information${MAGENTA} :+++++++++++++${RESET}"
|
printf '%b' "\n${MAGENTA}++++++++++++: ${WHITE}Authentication Information${MAGENTA} :+++++++++++++${RESET}"
|
||||||
|
|
||||||
#echo -e "${MAGENTA}++++++++++++: ${WHITE}Authentication Information${MAGENTA} :+++++++++++++${RESET} "
|
|
||||||
## Count the number of session for all standard's user (with a home/)
|
## Count the number of session for all standard's user (with a home/)
|
||||||
#for SSH_USER in `ls -1 /home/`; do
|
#for SSH_USER in `ls -1 /home/`; do
|
||||||
#echo -e "${MAGENTA}+ ${WHITE}SSH login ${MAGENTA}= ${GREEN}`grep 'session opened' "${AUTH_LOG_FILE}" | awk '/sshd/' | awk "/${SSH_USER}/" | wc -l` times this week ("${SSH_USER}")"
|
#echo -e "${MAGENTA}+ ${WHITE}SSH login ${MAGENTA}= ${GREEN}`grep 'session opened' "${AUTH_LOG_FILE}" | awk '/sshd/' | awk "/${SSH_USER}/" | wc -l` times this week ("${SSH_USER}")"
|
||||||
##echo -e "${MAGENTA}+ ${WHITE}SSH login ${MAGENTA}= ${GREEN}`grep 'session opened' "${AUTH_LOG_FILE}".1 | awk '/login/' | awk "/${SSH_USER}/" | wc -l` times this week ("${SSH_USER}")"
|
##echo -e "${MAGENTA}+ ${WHITE}SSH login ${MAGENTA}= ${GREEN}`grep 'session opened' "${AUTH_LOG_FILE}".1 | awk '/login/' | awk "/${SSH_USER}/" | wc -l` times this week ("${SSH_USER}")"
|
||||||
#done
|
#done
|
||||||
## Count the number of failed ssh authentication
|
# Count the number of failed ssh authentication
|
||||||
#echo -e "${MAGENTA}+ ${WHITE}SSH fail ${MAGENTA}= ${GREEN}${SSH_FAIL_LOGIN} fail(s) this week"
|
printf '%b' "\n${MAGENTA}+ ${WHITE}SSH fail\t${MAGENTA}= ${GREEN}${SSH_FAIL_LOGIN} fail(s) this week"
|
||||||
## Count the number of failed sudo authentication
|
# Count the number of failed sudo authentication
|
||||||
#echo -e "${MAGENTA}+ ${WHITE}Sudo fail ${MAGENTA}= ${GREEN}${SUDO_FAIL} fail(s) this week
|
printf '%b' "\n${MAGENTA}+ ${WHITE}Sudo fail\t${MAGENTA}= ${GREEN}${SUDO_FAIL} fail(s) this week
|
||||||
#${MAGENTA}+ ${WHITE}Sudo 3 fails ${MAGENTA}= ${GREEN}${SUDO_3_FAIL} fail(s) this week"
|
${MAGENTA}+ ${WHITE}Sudo 3 fails\t${MAGENTA}= ${GREEN}${SUDO_3_FAIL} fail(s) this week"
|
||||||
|
|
||||||
|
|
||||||
printf '%b' "\n${MAGENTA}++++++++++++++++++++: ${WHITE}Disk Usage${MAGENTA} :+++++++++++++++++++++${RESET}"
|
printf '%b' "\n${MAGENTA}++++++++++++++++++++: ${WHITE}Disk Usage${MAGENTA} :+++++++++++++++++++++${RESET}"
|
||||||
# Root partition
|
# Root partition
|
||||||
|
|
Loading…
Reference in New Issue