27 lines
693 B
Bash
Executable File
27 lines
693 B
Bash
Executable File
#!/bin/bash
|
|
#
|
|
# Yigid BALABAN, <fyb@fybx.dev>
|
|
# login mailer
|
|
#
|
|
|
|
# set env var EMAIL and ENDPOINT
|
|
LOG_FILE="/var/log/auth.log"
|
|
HOSTNAME=$(hostname)
|
|
|
|
if [[ ! -f "$LAST_LINE_FILE" ]]; then
|
|
echo "0" >"$LAST_LINE_FILE"
|
|
fi
|
|
|
|
LAST_LINE=$(cat "$LAST_LINE_FILE")
|
|
NEW_LINES=$(sed -n "$((LAST_LINE + 1)),\$p" "$LOG_FILE")
|
|
|
|
if echo "$NEW_LINES" | grep "sshd.*Accepted"; then
|
|
LOGIN_INFO=$(echo "$NEW_LINES" | grep "sshd.*Accepted" | awk '{print $9 " from " $11}')
|
|
|
|
curl -H "content-type: application/json" \
|
|
-d "{\"subject\": \"New login on $HOSTNAME\", \"text\": \"SSH login detected: $LOGIN_INFO\", \"recipient\": \"$EMAIL\"}" \
|
|
"$ENDPOINT"
|
|
fi
|
|
|
|
wc -l <"$LOG_FILE" >"$LAST_LINE_FILE"
|