Shell 脚本检查成功登陆和尝试登录失败的用户,并邮件通知管理员。

guiyun affiliate

我在本教程中包含了两个 shell 脚本。

第一个shell 脚本查看 “/var/log/secure”文件中任何可用日期的用户访问信息。

第二个 bash 脚本允许您每天发送一封包含用户访问信息的邮件。

1、 检查成功和失败的用户登录尝试的 Shell 脚本.

shell1 Shell 脚本检查成功登陆和尝试登录失败的用户,并邮件通知管理员。  Linux shell 第1张

# vi /opt/scripts/user-access-details.sh

#!/bin/bash
echo ""
echo -e "Enter the Date, Use Double Space for date from 1 to 9 (May  3) and use Single Space for date from 10 to 31 (May 30): \c"
read yday
MYPATH=/var/log/secure*
tuser=$(grep "$yday" $MYPATH | grep "Accepted|Failed" | wc -l)
suser=$(grep "$yday" $MYPATH | grep "Accepted password|Accepted publickey|keyboard-interactive" | wc -l)
fuser=$(grep "$yday" $MYPATH | grep "Failed password" | wc -l)
scount=$(grep "$yday" $MYPATH | grep "Accepted" | awk '{print $9;}' | sort | uniq -c)
fcount=$(grep "$yday" $MYPATH | grep "Failed" | awk '{print $9;}' | sort | uniq -c)
echo "--------------------------------------------"
echo "       User Access Report on: $yday"
echo "--------------------------------------------"
echo "Number of Users logged on System: $tuser"
echo "Successful logins attempt: $suser"
echo "Failed logins attempt: $fuser"
echo "--------------------------------------------"
echo -e "Success User Details:\n $scount"
echo "--------------------------------------------"
echo -e "Failed User Details:\n $fcount"
echo "--------------------------------------------"



执行脚本,效果如下:

shell2 Shell 脚本检查成功登陆和尝试登录失败的用户,并邮件通知管理员。  Linux shell 第2张



2.邮件通知管理员,脚本检查成功登录和失败登录尝试的结果。

shell3 Shell 脚本检查成功登陆和尝试登录失败的用户,并邮件通知管理员。  Linux shell 第3张


# vi /opt/scripts/user-access-details-2.sh

#!/bin/bash
/tmp/u-access.txt
SUBJECT="User Access Reports on "date""
MESSAGE="/tmp/u-access.txt"
TO="daygeek@gmail.com"
MYPATH=/var/log/secure*
yday=$(date --date='yesterday' | awk '{print $2,$3}')
tuser=$(grep "$yday" $MYPATH | grep "Accepted|Failed" | wc -l)
suser=$(grep "$yday" $MYPATH | grep "Accepted password|Accepted publickey|keyboard-interactive" | wc -l)
fuser=$(grep "$yday" $MYPATH | grep "Failed password" | wc -l)
scount=$(grep "$yday" $MYPATH | grep "Accepted" | awk '{print $9;}' | sort | uniq -c)
fcount=$(grep "$yday" $MYPATH | grep "Failed" | awk '{print $9;}' | sort | uniq -c)
echo "--------------------------------------------" >> $MESSAGE
echo "       User Access Report on: $yday" >> $MESSAGE
echo "--------------------------------------------" >> $MESSAGE
echo "Number of Users logged on System: $tuser" >> $MESSAGE
echo "Successful logins attempt: $suser" >> $MESSAGE
echo "Failed logins attempt: $fuser" >> $MESSAGE
echo "--------------------------------------------" >> $MESSAGE
echo -e "Success User Details:\n $scount" >> $MESSAGE
echo "--------------------------------------------" >> $MESSAGE
echo -e "Failed User Details:\n $fcount" >> $MESSAGE
echo "--------------------------------------------" >> $MESSAGE
mail -s "$SUBJECT" "$TO" < $MESSAGE


最后添加一个任务计划。让它在每天 8 点运行。


# crontab -e0 8 * * * /bin/bash /opt/scripts/user-access-details-2.sh

脚本文件:

Shell 脚本检查成功登陆和尝试登录失败的用户,并邮件通知管理员。  Linux shell 第4张脚本.zip



guiyun affiliate

标签: Linux shell

作者头像
南宫俊逸创始人

君子好学,自强不息~

上一篇:极力推荐的9款彩色激光打印机?
下一篇:Shell 脚本监控Linux系统(CPU,内存,交换内存使用情况),并通过邮件告警。

发表评论

腾讯-云服务器2核4G,首年70元