polprog/fail2ban-analyze.sh

## fail2ban-analyze.sh
#!/bin/bash
#Analyze fail2ban logs and make a top 10 list of abusers!


if [[ $1 == "today" ]]; then
    echo "Top abusers today:"
    grep "Ban " /var/log/fail2ban.log | grep `date +%Y-%m-%d` | awk '{print $NF}' | sort | awk '{print $1,"("$1")"}' | logresolve | uniq -c | sort -n
else

echo "Top abusers:"
grep "Ban " /var/log/fail2ban.log | awk -F[\ \:] '{print $10,$8}' | sort | uniq -c |  sort -n

echo "Run '$0 today' to get todays suspicious activity"
fi;
	#!/bin/bash
	#Analyze fail2ban logs and make a top 10 list of abusers!


	if [[ $1 == "today" ]]; then
	echo "Top abusers today:"
	grep "Ban " /var/log/fail2ban.log \| grep `date +%Y-%m-%d` \| awk '{print $NF}' \| sort \| awk '{print $1,"("$1")"}' \| logresolve \| uniq -c \| sort -n
	else

	echo "Top abusers:"
	grep "Ban " /var/log/fail2ban.log \| awk -F[\ \:] '{print $10,$8}' \| sort \| uniq -c \| sort -n

	echo "Run '$0 today' to get todays suspicious activity"
	fi;