ssh登录异常\错误关键字\安装mailx脚本

ssh登录异常\错误关键字\安装mailx脚本

标签: shell  

安装mailx

#! /bin/bash
command_exists() {
        command -v "$@" > /dev/null 2>&1
}

if command_exists lsb_release -d; then
    apt -y install bsd-mailx
else
    yum -y install mailx
fi

echo "set from=xk-monitor@139.com smtp=mail.139.com" >>/etc/mail.rc

echo "set smtp-auth-user=xk-monitor@139.com smtp-auth-password=Wrx@081116" >>/etc/mail.rc
echo "set smtp-auth=login" >>/etc/mail.rc

异常登录提醒

#! /bin/bash
IP=`/sbin/ifconfig -a|grep inet|grep 10.|grep -v inet6|awk '{print $2}'|tr -d "addr:"`

command_exists() {
        command -v "$@" > /dev/null 2>&1
}

EIP=''
STATUS=''

if command_exists lsb_release -d; then
    EIP=`tail /var/log/auth.log|awk '/password/{print $(NF-3)}'|sort -u | grep -vE "10.4.33.5|10.4.33.7|10.32.166.24|10.32.144.195"`
    STATUS=`tail /var/log/auth.log|awk '/password/{print $(NF-3)}'|sort -u | grep -vE "10.4.33.7|10.32.166.24|10.32.144.195" |wc -l`
else
    EIP=`tail /var/log/secure|awk '/password/{print $(NF-3)}'|sort -u | grep -vE "10.4.33.5|10.4.33.7|10.32.166.24|10.32.144.195"`
    STATUS=`tail /var/log/secure|awk '/password/{print $(NF-3)}'|sort -u | grep -vE "10.4.33.7|10.32.166.24|10.32.144.195" |wc -l`
fi

if [ $STATUS -gt 0 ]; then

    echo $EIP
    echo -e "服务器IP: $IP \n note: 出现$EIP 异常登录 \n Datetime: $(date)" | mail -s "SSH登录异常告警-服务器IP:$IP 出现$EIP 异常登录" 87512674@qq.com,wang-youwei@neusoft.com

fi

「真诚赞赏,手留余香」

Uwei

请我喝杯咖啡?

使用微信扫描二维码完成支付

相关文章