Munin contributed plugins

#!/bin/bash

#

# Plugin to monitor SSH

#

# Parameters understood:

#

# 	config   (required)

# 	autoconf (optional)

#

# Made by Sven Breunig ( sven AT breunig DOT be )

#

mktempfile () {

mktemp -t

}

AUTH_LOG=${logfile:-/var/log/auth.log}

STATEFILE=$MUNIN_PLUGSTATE/sshd.offset

LOGTAIL=${logtail:-`which logtail`}

if [ "$1" = "autoconf" ]; then

        if [ -f "${AUTH_LOG}"  -a -n "${LOGTAIL}" -a -x "${LOGTAIL}" ] ; then

		echo yes

	else

		echo no

	fi

	exit 0

fi

if [ "$1" = "config" ]; then

	echo 'graph_title SSH Statistics'

	echo 'graph_order refused invalid accepted'

	echo 'graph_category security'

	echo 'graph_vlabel Count'

	echo 'graph_scale no'

##	echo 'graph_args --base 1000 -l 0'

	echo 'refused.label refused'

#	echo 'delayed.type DERIVE'

	echo 'invalid.label invalid'

#	echo 'passed.type DERIVE'

	echo 'accepted.label accepted'

#	echo 'whitelisted.type DERIVE'

	echo 'failedpass.label Failed password'

        exit 0

fi

refused=0

invalid=0

accepted=0

failed=0

TEMP_FILE=`mktempfile munin-sshd.XXXXXX`

if [ -n "$TEMP_FILE" -a -f "$TEMP_FILE" ]

then

	$LOGTAIL ${AUTH_LOG} $STATEFILE | grep 'sshd' > ${TEMP_FILE}

	refused=`grep -ic 'refused' ${TEMP_FILE}`

	accepted=`grep -ic 'accepted' ${TEMP_FILE}`

	invalid=`grep -ic 'invalid user' ${TEMP_FILE}`

	failed=`grep -ic 'failed password' ${TEMP_FILE}`

	/bin/rm -f $TEMP_FILE

fi

echo "refused.value ${refused}"

echo "accepted.value ${accepted}"

echo "invalid.value ${invalid}"

echo "failedpass.value ${failed}"