On Sun, Apr 4, 2010 at 6:09 PM, Kay947
<[email protected]> wrote:
> Hi I need to write a shell script (in bash).
> I need the script to look in the system logs for faiiled attempts to
> login as the root user. Mail the results to the root user and create
grep <some junk here>
> a file in the /tmp directory which contains the line with actual
> string that was found in the log. This job should run every 15
/tmp is not guaranteed to persist after the process that created the
file ends. Realistically speaking anything in /tmp should be deleted
by programs once they exit, but obviously this isn't always the case.
You should put something in /var/log for this sort of purpose.
> minutes and the filename should be named results.DATETIME. With
grep <somejunkhere> > /var/log/rootSpoof.`date -<some flag here>`
Following which, just use sendmail or something to email yourself if
the filesize is greater than zero. Or better yet, output a date in a
single log file, appending the grep results to that file. Then if the
size of the file changes, send the email.
There are tools to figure out file sizes, and the maths interpreter
(bc?) is quite capable from what I hear.
Given a little footwork you can easily do this on your own.
Pedagogically speaking I've already given you far too much to work
with. :)
> DATETIME being the current date and time. Any help would be greatly
> appreciated. Kay
Don't give thanks in advance:
http://www.catb.org/~esr/faqs/smart-questions.html#courtesy
--
Registered Linux Addict #431495
http://profile.xfire.com/mrstalinman | John 3:16!
http://www.fsdev.net/ | http://lordsauron.wordpress.com/
Parents, Take Responsibility For Your Kids! http://www.whattheyplay.com/
--
Registered Linux Addict #431495
For Faith and Family! | John 3:16!
http://www.fsdev.net/
--
You received this message because you are subscribed to the Linux Users Group.
To post a message, send email to [email protected]
To unsubscribe, send email to [email protected]
For more options, visit our group at
http://groups.google.com/group/linuxusersgroup
To unsubscribe, reply using "remove me" as the subject.
