Skip to content

Instantly share code, notes, and snippets.

@gustavohenrique

gustavohenrique/swatch-linux-shell.md

Last active December 26, 2018 22:43
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save gustavohenrique/af920fe12531442fb7d71ba7c01badd2 to your computer and use it in GitHub Desktop.
Save gustavohenrique/af920fe12531442fb7d71ba7c01badd2 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
swatch-linux-shell.md

Instalar swatchdog:

$ sudo apt install swatch	hashtag#Ubuntu/Debian
$ sudo yum install epel-release && sudo yum install swatch	hashtag#RHEL/CentOS

Configuração do swatchdog: $ sudo vi .swatchrc

watchfor  /sudo/
	echo red
	mail=admin@phantasy.com, subject="Sudo Command"

watchfor /FAILED/
	echo red
	mail=admin@phantasy.com, subject="Failed Login Attempt"

watchfor /ROOT LOGIN/
	echo red
	mail=admin@phantasy.com, subject="Successful Root Login"

watchfor /ssh.*: Failed password/
	echo red
	mail=admin@phantasy.com, subject="Failed SSH Login Attempt"

watchfor /ssh.*: session opened for user root/ 
	echo red
	mail=admin@phantasy.com, subject="Successful SSH Root Login"

Rodar swatchdog como daemon:

$ sudo swatch -c ~/.swatchrc -t /var/log/auth.log --daemon hashtag#Debian/Ubuntu
$ sudo swatchdog -c ~/.swatchrc -t /var/log/secure --daemon hashtag#RHEL/CentOS
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment