programs
This commit is contained in:
tofasthacker
parent
1bd72f53a8
commit
c742a328a3
18
log_sshd
Executable file
18
log_sshd
Executable file
@ -0,0 +1,18 @@
|
||||
#!/bin/bash
|
||||
|
||||
DATE=$(date +"%Y_%m_%d")
|
||||
NUMBER="/nas/share/brickman/logs/sshd/ssh_attempts.log"
|
||||
DAILY_FILE="/nas/share/brickman/logs/sshd/ssh_${DATE}.log"
|
||||
|
||||
|
||||
echo -n "`date +"%b %e"`: " >> $NUMBER
|
||||
ATTEMPTS=$(cat /var/log/auth.log /var/log/auth.log.1 | grep "`date +"%b %e"`" | zgrep sshd | grep rhost | sed -re 's/.*rhost=([^ ]+).*/\1/' | sort | wc -l)
|
||||
echo $ATTEMPTS >> $NUMBER
|
||||
|
||||
echo "-----$(date)-----" >> $DAILY_FILE
|
||||
echo >> $DAILY_FILE
|
||||
echo "Total Number of Failed Attempts: ${ATTEMPTS}" >> $DAILY_FILE
|
||||
echo " COUNT | IP ADDRESS" >> $DAILY_FILE
|
||||
cat /var/log/auth.log* | grep "`date +"%b %e"`" | zgrep sshd | grep rhost | sed -re 's/.*rhost=([^ ]+).*/\1/' | sort | uniq -c | sort -u >> $DAILY_FILE
|
||||
|
||||
echo >> $DAILY_FILE
|
||||
43
log_stats
Executable file
43
log_stats
Executable file
@ -0,0 +1,43 @@
|
||||
#!/bin/bash
|
||||
|
||||
|
||||
DATE=$(date +"%Y_%m_%d")
|
||||
FILE="/nas/share/brickman/logs/nginx/log_${DATE}_FULL.log"
|
||||
FILE_M="/nas/share/brickman/logs/nginx/log_${DATE}_SHORT.log"
|
||||
|
||||
# Complete file
|
||||
echo "-----$(date)-----" >> $FILE
|
||||
echo "" >> $FILE
|
||||
# Short File
|
||||
echo "-----$(date)-----" >> $FILE_M
|
||||
echo "" >> $FILE_M
|
||||
|
||||
|
||||
for IP in `grep -E -o "^[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}" /var/log/nginx/access.log | sort | uniq`
|
||||
do
|
||||
REQ_NUM=$(grep $IP /var/log/nginx/access.log | wc -l)
|
||||
|
||||
|
||||
echo "--------------------" >> $FILE
|
||||
echo "IP: $IP" >> $FILE
|
||||
echo "NUMBER OF REQUESTS: ${REQ_NUM}" >> $FILE
|
||||
echo "HTTP Status Codes" >> $FILE
|
||||
echo " COUNT | HTTP CODE" >> $FILE
|
||||
grep $IP /var/log/nginx/access.log | grep -o " [1-5][0-9][0-9] "| sort | uniq -c >> $FILE
|
||||
echo >> $FILE
|
||||
|
||||
if [ $REQ_NUM -gt 25 ]
|
||||
then
|
||||
echo "--------------------" >> $FILE_M
|
||||
echo "IP: $IP" >> $FILE_M
|
||||
echo "NUMBER OF REQUESTS: ${REQ_NUM}" >> $FILE_M
|
||||
echo "HTTP Status Codes" >> $FILE_M
|
||||
echo " COUNT | HTTP CODE" >> $FILE_M
|
||||
grep $IP /var/log/nginx/access.log | grep -o " [1-5][0-9][0-9] "| sort | uniq -c >> $FILE_M
|
||||
echo >> $FILE_M
|
||||
fi
|
||||
done
|
||||
|
||||
|
||||
echo "-----DONE-----" >> $FILE
|
||||
echo "-----DONE-----" >> $FILE_M
|
||||
Loading…
Reference in New Issue
Block a user