/plugins/system/auth - Annoter - Munin contributed plugins - Koumbit's Redmine

1f80b893

tex

#!/bin/sh

2

3

# A Munin Plugin to show auth stuff

4

# Created by Dominik Schulz <lkml@ds.gauner.org>

5

# http://developer.gauner.org/munin/

6

# Based on a work of "jintxo"

7

8

# Parameters understood:

9

10

# 	config   (required)

11

# 	autoconf (optional - used by munin-config)

12

13

14

# Magic markers (optional - used by munin-config and installation

15

# scripts):

16

17

#%# family=auto

18

#%# capabilities=autoconf

19

20

21

#############################

22

# Configuration

23

#############################

24

MAXLABEL=20

25

STAT_FILE=/var/lib/munin/plugin-state/plugin-auth.state

26

EXPR_BIN=/usr/bin/expr

27

#############################

28

29

if [ "$1" = "autoconf" ]; then

30

	echo yes

31

	exit 0

32

fi

33

34

if [ "$1" = "config" ]; then

35

36

	echo 'graph_title Auth Log Parser'

37

	echo 'graph_args --base 1000 -l 0'

38

	echo 'graph_vlabel Daily Auth Counters'

39

	echo 'graph_category system'

40

	echo 'illegal_user.label Illegal User'

41

	echo 'possible_breakin.label Breakin Attempt'

42

	echo 'authentication_failure.label Authentication Fail'

43

	echo 'valid_login.label Valid Login'

44

	exit 0

45

fi

46

47

#############################

48

# Initialization

49

#############################

50

if [ ! -r $STAT_FILE ]; then

51

	echo "ILL=0" > $STAT_FILE

52

	echo "POS=0" >> $STAT_FILE

53

	echo "AUT=0" >> $STAT_FILE

54

	echo "VAL=0" >> $STAT_FILE

55

fi

56

#############################

57

58

#############################

59

# Illegal User

60

#############################

61

echo -en "illegal_user.value "

62

NEW_ILL=$(grep "Illegal user\|no such user" /var/log/auth.log | grep "`date '+%b %d'`" | wc -l)

63

OLD_ILL=$(grep ILL $STAT_FILE | cut -f2 -d '=')

64

ILL=$($EXPR_BIN $NEW_ILL - $OLD_ILL)

65

if [ $ILL -gt 0 ]; then

66

	echo "$ILL"

67

else

68

	echo "0"

69

fi

70

echo -n

71

#############################

72

# Possible Breakins

73

#############################

74

echo -en "possible_breakin.value "

75

NEW_POS=$(grep -i "breakin attempt" /var/log/auth.log | grep "`date '+%b %d'`" | wc -l)

76

OLD_POS=$(grep POS $STAT_FILE | cut -f2 -d '=')

77

POS=$($EXPR_BIN $NEW_POS - $OLD_POS)

78

if [ $POS -gt 0 ]; then

79

	echo "$POS"

80

else

81

	echo "0"

82

fi

83

echo -n

84

#############################

85

# Authentication Failures

86

#############################

87

echo -en "authentication_failure.value "

88

NEW_AUT=$(grep "authentication failure" /var/log/auth.log | grep "`date '+%b %d'`" | wc -l)

89

OLD_AUT=$(grep AUT $STAT_FILE | cut -f2 -d '=')

90

AUT=$($EXPR_BIN $NEW_AUT - $OLD_AUT)

91

if [ $AUT -gt 0 ]; then

92

	echo "$AUT"

93

else

94

	echo "0"

95

fi

96

echo -n

97

#############################

98

# Valid Logins

99

#############################

100

echo -en "valid_login.value "

101

NEW_VAL=$(grep "sshd.*Accepted" /var/log/auth.log | grep "`date '+%b %d'`" | wc -l)

102

OLD_VAL=$(grep VAL $STAT_FILE | cut -f2 -d '=')

103

VAL=$($EXPR_BIN $NEW_VAL - $OLD_VAL)

104

if [ $VAL -gt 0 ]; then

105

	echo "$VAL"

106

else

107

	echo "0"

108

fi

109

echo -n

110

###

111

# Save the current values

112

###

113

echo "ILL=$NEW_ILL" > $STAT_FILE

114

echo "POS=$NEW_POS" >> $STAT_FILE

115

echo "AUT=$NEW_AUT" >> $STAT_FILE

116

echo "VAL=$NEW_VAL" >> $STAT_FILE

Projet

Général

Profil

Munin contributed plugins

root / plugins / system / auth @ e5ce7492