log_scripts/log_sshd

#!/bin/bash

DATE=$(date +"%Y_%m_%d")
NUMBER="/nas/share/brickman/logs/sshd/ssh_attempts.log"
DAILY_FILE="/nas/share/brickman/logs/sshd/ssh_${DATE}.log"


echo -n "`date +"%b %e"`: " >> $NUMBER
ATTEMPTS=$(cat /var/log/auth.log /var/log/auth.log.1 | grep "`date +"%b %e"`" | zgrep sshd | grep rhost | sed -re 's/.*rhost=([^ ]+).*/\1/' | sort | wc -l)
echo $ATTEMPTS >> $NUMBER

echo "-----$(date)-----" >> $DAILY_FILE
echo  >> $DAILY_FILE
echo "Total Number of Failed Attempts: ${ATTEMPTS}" >> $DAILY_FILE
echo " COUNT | IP ADDRESS" >> $DAILY_FILE
cat /var/log/auth.log* | grep "`date +"%b %e"`" | zgrep sshd | grep rhost | sed -re 's/.*rhost=([^ ]+).*/\1/' | sort | uniq -c | sort -u >> $DAILY_FILE

echo >> $DAILY_FILE
programs 2024-02-27 00:15:09 +00:00			`#!/bin/bash`

			`DATE=$(date +"%Y_%m_%d")`
			`NUMBER="/nas/share/brickman/logs/sshd/ssh_attempts.log"`
			`DAILY_FILE="/nas/share/brickman/logs/sshd/ssh_${DATE}.log"`


			echo -n "`date +"%b %e"`: " >> $NUMBER
			ATTEMPTS=$(cat /var/log/auth.log /var/log/auth.log.1 \| grep "`date +"%b %e"`" \| zgrep sshd \| grep rhost \| sed -re 's/.rhost=([^ ]+)./\1/' \| sort \| wc -l)
			`echo $ATTEMPTS >> $NUMBER`

			`echo "-----$(date)-----" >> $DAILY_FILE`
			`echo >> $DAILY_FILE`
			`echo "Total Number of Failed Attempts: ${ATTEMPTS}" >> $DAILY_FILE`
			`echo " COUNT \| IP ADDRESS" >> $DAILY_FILE`
			cat /var/log/auth.log* \| grep "`date +"%b %e"`" \| zgrep sshd \| grep rhost \| sed -re 's/.rhost=([^ ]+)./\1/' \| sort \| uniq -c \| sort -u >> $DAILY_FILE

			`echo >> $DAILY_FILE`