programs
This commit is contained in:
tofasthacker
parent
1bd72f53a8
commit
c742a328a3
18
log_sshd
Executable file
18
log_sshd
Executable file
@ -0,0 +1,18 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
DATE=$(date +"%Y_%m_%d")
|
||||||
|
NUMBER="/nas/share/brickman/logs/sshd/ssh_attempts.log"
|
||||||
|
DAILY_FILE="/nas/share/brickman/logs/sshd/ssh_${DATE}.log"
|
||||||
|
|
||||||
|
|
||||||
|
echo -n "`date +"%b %e"`: " >> $NUMBER
|
||||||
|
ATTEMPTS=$(cat /var/log/auth.log /var/log/auth.log.1 | grep "`date +"%b %e"`" | zgrep sshd | grep rhost | sed -re 's/.*rhost=([^ ]+).*/\1/' | sort | wc -l)
|
||||||
|
echo $ATTEMPTS >> $NUMBER
|
||||||
|
|
||||||
|
echo "-----$(date)-----" >> $DAILY_FILE
|
||||||
|
echo >> $DAILY_FILE
|
||||||
|
echo "Total Number of Failed Attempts: ${ATTEMPTS}" >> $DAILY_FILE
|
||||||
|
echo " COUNT | IP ADDRESS" >> $DAILY_FILE
|
||||||
|
cat /var/log/auth.log* | grep "`date +"%b %e"`" | zgrep sshd | grep rhost | sed -re 's/.*rhost=([^ ]+).*/\1/' | sort | uniq -c | sort -u >> $DAILY_FILE
|
||||||
|
|
||||||
|
echo >> $DAILY_FILE
|
||||||
43
log_stats
Executable file
43
log_stats
Executable file
@ -0,0 +1,43 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
|
||||||
|
DATE=$(date +"%Y_%m_%d")
|
||||||
|
FILE="/nas/share/brickman/logs/nginx/log_${DATE}_FULL.log"
|
||||||
|
FILE_M="/nas/share/brickman/logs/nginx/log_${DATE}_SHORT.log"
|
||||||
|
|
||||||
|
# Complete file
|
||||||
|
echo "-----$(date)-----" >> $FILE
|
||||||
|
echo "" >> $FILE
|
||||||
|
# Short File
|
||||||
|
echo "-----$(date)-----" >> $FILE_M
|
||||||
|
echo "" >> $FILE_M
|
||||||
|
|
||||||
|
|
||||||
|
for IP in `grep -E -o "^[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}" /var/log/nginx/access.log | sort | uniq`
|
||||||
|
do
|
||||||
|
REQ_NUM=$(grep $IP /var/log/nginx/access.log | wc -l)
|
||||||
|
|
||||||
|
|
||||||
|
echo "--------------------" >> $FILE
|
||||||
|
echo "IP: $IP" >> $FILE
|
||||||
|
echo "NUMBER OF REQUESTS: ${REQ_NUM}" >> $FILE
|
||||||
|
echo "HTTP Status Codes" >> $FILE
|
||||||
|
echo " COUNT | HTTP CODE" >> $FILE
|
||||||
|
grep $IP /var/log/nginx/access.log | grep -o " [1-5][0-9][0-9] "| sort | uniq -c >> $FILE
|
||||||
|
echo >> $FILE
|
||||||
|
|
||||||
|
if [ $REQ_NUM -gt 25 ]
|
||||||
|
then
|
||||||
|
echo "--------------------" >> $FILE_M
|
||||||
|
echo "IP: $IP" >> $FILE_M
|
||||||
|
echo "NUMBER OF REQUESTS: ${REQ_NUM}" >> $FILE_M
|
||||||
|
echo "HTTP Status Codes" >> $FILE_M
|
||||||
|
echo " COUNT | HTTP CODE" >> $FILE_M
|
||||||
|
grep $IP /var/log/nginx/access.log | grep -o " [1-5][0-9][0-9] "| sort | uniq -c >> $FILE_M
|
||||||
|
echo >> $FILE_M
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
|
||||||
|
echo "-----DONE-----" >> $FILE
|
||||||
|
echo "-----DONE-----" >> $FILE_M
|
||||||
Loading…
Reference in New Issue
Block a user