>/e...">
美文网首页
shell脚本监控linux日志(secure)发现ssh异常登

shell脚本监控linux日志(secure)发现ssh异常登

作者: 苏唯希_43fe | 来源:发表于2018-05-02 17:50 被阅读86次

    #! /bin/bash

    echo "set from=发送者邮箱(可为公网) smtp=邮箱发件服务器  >>/etc/mail.rc

    echo "set smtp-auth-user=公网邮箱  smtp-auth-password=邮箱密码 smtp-auth=login"  >>/etc/mail.rc

    cat /var/log/secure|awk '/Failed/{print $(NF-3)}'|sort|uniq -c|awk '{print $2"="$1;}' > /root/satools/black.txt

    DEFINE="3"

    for i in `cat /root/satools/black.txt`

    do

    IP=`echo $i |awk -F= '{print $1}'`

    NUM=`echo $i|awk -F= '{print $2}'`

    if [ $NUM -gt $DEFINE ]; then

    mail_ip="$IP the num $NUM"

    echo $mail_ip|mail  -s "the ip is bad"  接收者邮箱

    fi

    done

    相关文章

      网友评论

          本文标题:shell脚本监控linux日志(secure)发现ssh异常登

          本文链接:https://www.haomeiwen.com/subject/mzkpkftx.html