[Nagios-users] problems with a Script on nagios
Hi Nagiosexchange users!!! I have some problems with this bash script. The objetive is to monitor all the incorrect logins to the sistem so I created this script. check_acces --- #!/bin/bash di=`date '+%B %d'` for i in `cut -f1 -d: /etc/passwd`; do kkY=`grep \Failed\ \keyboard-interactive/pam\ \for\ \$i /var/log/messages |cut -c1-15|awk /$di/` if [ $kkY != ] then sa1=$sa1 User: $i Date of Attempts:$kkY fi done kk6=`grep \Failed\ \keyboard-interactive/pam\ \for\ \illegal\ \user /var/log/messages |cut -c1-15 |awk /$di/` sal2=EXISTING USERS:$sa1 NO EXISTING USERS: Date of Attempts:$kk6 sal3=`echo $sal2` echo $sal3 The script works fine on shell, I execute the script like this ./check_acces and it returns this EXISTING USERS: User: root Date of Attempts:May 31 08:40:03 May 31 08:40:04 May 31 08:40:15 May 31 08:40:17 May 31 08:40:18 User: jon Date of Attempts:May 31 08:40:33 May 31 08:40:34 May 31 08:40:35 May 31 08:40:36 May 31 08:40:38 NO EXISTING USERS: Date of Attempts:May 31 08:40:54 May 31 08:40:56 May 31 08:40:57 May 31 08:40:59 May 31 08:41:01 May 31 08:41:02 May 31 08:41:04 May 31 08:41:14 May 31 08:41:15 May 31 08:41:16 May 31 08:41:17 May 31 08:41:19 May 31 08:41:20 May 31 08:41:23 this is ok, it works fine. But when I declare a service and a command on Nagios with this script something extrange happends, only appears this on Nagios, where are the incorect logins? They doesn´t appear. Service Status Last Check Duration AttemptStatus information Incorrect Access OK 05-31-2007 09:30:46 2d 23h 30m 55s 1/4 EXISTING USERS: NO EXISTING USERS: Date of Attempts: I dont know why when the script is executed by nagios it doesn´t return anything and it works fine on shell. The script executed by nagios it doesn´t return the same as when you executed on shell. Someone knows something about this? Thank you for help!!! Aritz.- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] problems with a Script on nagios
Because the user on shell is "root" and you have rights to process /etc/passwd, but the user of NAGIOS doesnt have rights to read /etc/passwd [EMAIL PROTECTED] escribi: Hi Nagiosexchange users!!! I have some problems with this bash script. The objetive is to monitor all the incorrect logins to the sistem so I created this script. check_acces --- #!/bin/bash di=`date '+%B %d'` for i in `cut -f1 -d: /etc/passwd`; do kkY=`grep \Failed\ \keyboard-interactive/pam\ \for\ \$i /var/log/messages |cut -c1-15|awk "/$di/"` if [ "$kkY" != "" ] then sa1="$sa1 User: $i Date of Attempts:$kkY" fi done kk6=`grep \Failed\ \keyboard-interactive/pam\ \for\ \illegal\ \user /var/log/messages |cut -c1-15 |awk "/$di/"` sal2="EXISTING USERS:$sa1 NO EXISTING USERS: Date of Attempts:$kk6" sal3=`echo $sal2` echo $sal3 The script works fine on shell, I execute the script like this ./check_acces and it returns this EXISTING USERS: User: root Date of Attempts:May 31 08:40:03 May 31 08:40:04 May 31 08:40:15 May 31 08:40:17 May 31 08:40:18 User: jon Date of Attempts:May 31 08:40:33 May 31 08:40:34 May 31 08:40:35 May 31 08:40:36 May 31 08:40:38 NO EXISTING USERS: Date of Attempts:May 31 08:40:54 May 31 08:40:56 May 31 08:40:57 May 31 08:40:59 May 31 08:41:01 May 31 08:41:02 May 31 08:41:04 May 31 08:41:14 May 31 08:41:15 May 31 08:41:16 May 31 08:41:17 May 31 08:41:19 May 31 08:41:20 May 31 08:41:23 this is ok, it works fine. But when I declare a service and a command on Nagios with this script something extrange happends, only appears this on Nagios, where are the incorect logins? They doesnt appear. Service Status Last Check Duration Attempt Status information Incorrect Access OK 05-31-2007 09:30:46 2d 23h 30m 55s 1/4 EXISTING USERS: NO EXISTING USERS: Date of Attempts: I dont know why when the script is executed by nagios it doesnt return anything and it works fine on shell. The script executed by nagios it doesnt return the same as when you executed on shell. Someone knows something about this? Thank you for help!!! Aritz. - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Jose Luis Fernndez Snchez Jos Lus Fernndez Snchez rea de Nuevas Tecnologas C/ Marie Curie, n 6 bajo derecha. 29590. PTA. Mlaga Tel. +34 951 299 524 Fax: +34 951 299 596 Correo-e: [EMAIL PROTECTED] www.juntadeandalucia.es/fundaciondeserviciossociales Este mensaje se dirige exclusivamente a su destinatario y puede contener informacin privilegiada o confidencial. Si no es Ud. el destinatario indicado, queda notificado de que la utilizacin, divulgacin y/o copia sin autorizacin est prohibida en virtud de la legislacin vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma va y proceda a su destruccin. This message is intended exclusively for its addressee and may contain information that is CONFIDENTIAL and protected by professional privilege. If you are not the intended recipient your are hereby notified that any dissemination, copy or disclosure of this communication is strictly prohibited by law. If this message has been received in error, please immediately notify us via e-mail and delete it. P Antes de imprimir, piense en su compromiso con el MEDIO AMBIENTE! -
Re: [Nagios-users] problems with a Script on nagios
Hola Jose Luis, Primero gracias por responderme, te lo agradezco. La cuestion es que le he dado los permisos al usuario nagios y todo sigue igual si se te ocurre algo mas nuevamente gracias por la ayuda! Aritz. - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] problems with a Script on nagios
Title: Jose Luis Fernndez Snchez Mi espaol es un poco mejor, lol A mi me ha pasado algo parecido con otros scripts y mis pruebas han pasado por logarme con el usuario nagios y ejecutarlo. Tambin se me ocurre que coloques el fichero passwd en el home del usuario nagiosdonde no es susceptiblede estar protegido por selinux. Un saludo [EMAIL PROTECTED] escribi: Hola Jose Luis, Primero gracias por responderme, te lo agradezco. La cuestion es que le he dado los permisos al usuario nagios y todo sigue igual si se te ocurre algo mas nuevamente gracias por la ayuda! Aritz. -- Jos Lus Fernndez Snchez rea de Nuevas Tecnologas C/ Marie Curie, n 6 bajo derecha. 29590. PTA. Mlaga Tel. +34 951 299 524 Fax: +34 951 299 596 Correo-e: [EMAIL PROTECTED] www.juntadeandalucia.es/fundaciondeserviciossociales Este mensaje se dirige exclusivamente a su destinatario y puede contener informacin privilegiada o confidencial. Si no es Ud. el destinatario indicado, queda notificado de que la utilizacin, divulgacin y/o copia sin autorizacin est prohibida en virtud de la legislacin vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma va y proceda a su destruccin. This message is intended exclusively for its addressee and may contain information that is CONFIDENTIAL and protected by professional privilege. If you are not the intended recipient your are hereby notified that any dissemination, copy or disclosure of this communication is strictly prohibited by law. If this message has been received in error, please immediately notify us via e-mail and delete it. P Antes de imprimir, piense en su compromiso con el MEDIO AMBIENTE! - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] problems with a Script on nagios
Every user should have rights to read '/etc/passwd'. More likely you don't have rights to read /var/log/messages as nagios. On Thu, 2007-05-31 at 10:14 +0200, Jose luis Fernandez wrote: Because the user on shell is root and you have rights to process /etc/passwd, but the user of NAGIOS doesn´t have rights to read /etc/passwd [EMAIL PROTECTED] escribió: Hi Nagiosexchange users!!! I have some problems with this bash script. The objetive is to monitor all the incorrect logins to the sistem so I created this script. check_acces --- #!/bin/bash di=`date '+%B %d'` for i in `cut -f1 -d: /etc/passwd`; do kkY=`grep \Failed\ \keyboard-interactive/pam\ \for\ \ $i /var/log/messages |cut -c1-15|awk /$di/` if [ $kkY != ] then sa1=$sa1 User: $i Date of Attempts:$kkY fi done kk6=`grep \Failed\ \keyboard-interactive/pam\ \for\ \illegal\ \user /var/log/messages |cut -c1-15 |awk /$di/` sal2=EXISTING USERS:$sa1 NO EXISTING USERS: Date of Attempts:$kk6 sal3=`echo $sal2` echo $sal3 The script works fine on shell, I execute the script like this ./check_acces and it returns this EXISTING USERS: User: root Date of Attempts:May 31 08:40:03 May 31 08:40:04 May 31 08:40:15 May 31 08:40:17 May 31 08:40:18 User: jon Date of Attempts:May 31 08:40:33 May 31 08:40:34 May 31 08:40:35 May 31 08:40:36 May 31 08:40:38 NO EXISTING USERS: Date of Attempts:May 31 08:40:54 May 31 08:40:56 May 31 08:40:57 May 31 08:40:59 May 31 08:41:01 May 31 08:41:02 May 31 08:41:04 May 31 08:41:14 May 31 08:41:15 May 31 08:41:16 May 31 08:41:17 May 31 08:41:19 May 31 08:41:20 May 31 08:41:23 this is ok, it works fine. But when I declare a service and a command on Nagios with this script something extrange happends, only appears this on Nagios, where are the incorect logins? They doesn´t appear. Service Status Last Check Duration Attempt Status information Incorrect Access OK 05-31-2007 09:30:46 2d 23h 30m 55s 1/4 EXISTING USERS: NO EXISTING USERS: Date of Attempts: I dont know why when the script is executed by nagios it doesn´t return anything and it works fine on shell. The script executed by nagios it doesn´t return the same as when you executed on shell. Someone knows something about this? Thank you for help!!! Aritz. - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- José Luís Fernández Sánchez Área de Nuevas Tecnologías C/ Marie Curie, nº 6 – bajo derecha. 29590. PTA. Málaga Tel. +34 951 299 524 – Fax: +34 951 299 596 Correo-e: [EMAIL PROTECTED] www.juntadeandalucia.es/fundaciondeserviciossociales Este mensaje se dirige exclusivamente a su destinatario y puede contener información privilegiada o confidencial. Si no es Ud. el destinatario indicado, queda notificado de que la utilización, divulgación y/o copia sin autorización está prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción. This message is intended exclusively for its addressee and may contain information that is CONFIDENTIAL and protected by professional privilege. If you are not the intended recipient your are hereby notified that any dissemination, copy or disclosure of this communication is strictly prohibited by law. If this message has been received in error, please immediately notify us via e-mail and delete it. P Antes de imprimir, piense en su compromiso con el MEDIO AMBIENTE! - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ Nagios-users