Skip to content

Instantly share code, notes, and snippets.

@gfoss
Last active Dec 12, 2015
Embed
What would you like to do?
simple cronjob to alert on 'unknown/unexpected' access to a system.
0 */1 * * * last -5 | grep -v '[user]\|wtmp\|reboot\|shutdown' && last -10 | grep -v '[user]\|wtmp\|reboot\|shutdown' >> ~/Desktop/ALERT && wall -g [group] ~/Desktop/ALERT
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment