(c) 2000 by Matthias Arndt / ASM Software
the GNU GPL applies - see COPYING for details
The following program was developed under Suse Linux 6.4. It should work on almost any distribution of Linux.
Perhaps a port to other Unices like Solaris, FreeBSD, or AIX is possible without many changes. I assume you only need to change the sha-bang to #!/bin/sh to make it work.
This is a simple Bourne Shell script. It mails a report to root about the login (attempts) of the last day. It mails the logs of the Apache Server and a copy of the system log too. The system log is cleared thereafter.
The script should be either invoked daily by crond or by using a script
at bootup. This little program includes some code to check the current
day. (alright, you could invoke the script once at 23:50 and at 00:01.
The script will then think that one day has gone and redo. however, the
resulting logs will not contain much usefull information.)
A special feature mails a reminder to a local user to inform me that
the maintenance has been done. I'll then login as root to check
the reports.
#!/bin/bash
#
# program: maintenance
# version: 1.0
#
# (c) 2000 by Matthias Arndt / ASM Software
# written for ASM Software
#
# the GPL applies
#
# this script should be run when the system has been booted
# it mails a report file out of the systemn logs
# it clears the system and the apache logs
#
# Author's email adress is: matthiasarndt@gmx.net
#
TMPFILE=/tmp/maintenance.$$
TMPDATE=/tmp/tmpdate.$$
#
# substitute your ordinary user account name here....
# this user will get a mail that the reports have been mailed to root
USER_TO_INFORM=marndt
date +%j >$TMPDATE
DOIT=0
if [ -f /root/mdate ]
then
cat /root/mdate|diff - $TMPDATE >/dev/null
if [ $? -eq 0 ]
then
echo "Daily maintenance already done...."
else
DOIT=1
fi
else
date +%j >/root/mdate
DOIT=1
fi
if [ $DOIT -eq 1 ]
then
echo "Daily maintenance running..."
# allright then, do the maintenance work
# first of all, mail a report file out of the contents of the sys log
echo "Telnet connections:" >$TMPFILE
cat /var/log/messages | grep telnet >>$TMPFILE
echo "------------------------------------------------" >>$TMPFILE
echo "FTP connections:" >>$TMPFILE
cat /var/log/messages | grep ftp >>$TMPFILE
echo "------------------------------------------------" >>$TMPFILE
echo "Failed console or telnet logins:" >>$TMPFILE
cat /var/log/messages | grep "FAILED LOGIN" >>$TMPFILE
echo "------------------------------------------------" >>$TMPFILE
cat /var/log/messages|mail -s "latest System log" root
echo "LOGFILE mailed" >>$TMPFILE
cat $TMPFILE|mail -s "Daily maintenance: syslog report" root
rm -f $TMPFILE
# mail me at my default user account to inform me that the report has been
# created and send
echo "Daily maintenace done - read root mail"| mail -s "Daily maintenance" $USER_TO_INFORM
# clear the sys log
cat /dev/null >/var/log/messages
cat /var/log/httpd/*|mail -s "Daily maintenance: Apache Logs" root
rm -f /var/log/httpd/*
fi
# now, everthing is done...
# save the date: the script should run only once a day
#
rm -f $TMPDATE
date +%j>/root/mdate
You may cut and paste the script from here.