R41D3NN/UnauthorizedLoginAttemptLogger.sh

## UnauthorizedLoginAttemptLogger.sh
#!/bin/bash
AUTH_LOG=/var/log/auth.log
LOG_FILE=/var/log/unauthorized-login-attempts.txt
IP_ADDR_REGEX='[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\s'

cat $AUTH_LOG | grep 'authentication failure' | grep -o $IP_ADDR_REGEX | sort | uniq >> $LOG_FILE
cat $LOG_FILE | sort | uniq > $LOG_FILE.tmp
mv -f $LOG_FILE.tmp $LOG_FILE
	#!/bin/bash
	AUTH_LOG=/var/log/auth.log
	LOG_FILE=/var/log/unauthorized-login-attempts.txt
	IP_ADDR_REGEX='[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\s'

	cat $AUTH_LOG \| grep 'authentication failure' \| grep -o $IP_ADDR_REGEX \| sort \| uniq >> $LOG_FILE
	cat $LOG_FILE \| sort \| uniq > $LOG_FILE.tmp
	mv -f $LOG_FILE.tmp $LOG_FILE