#!/usr/local/bin/perl -w # msg_log - A sysadmin tool... # Scans indicated files for indicated things... # Written by -Sneex- :] on Aug 22nd, 1999 at 09:30AM # Copyright (C) Sneex 1999; All Rights Rserved... use strict; use diagnostics; # Set your path to sendmail... my $SENDMAIL = '/usr/lib/sendmail'; # Example of DATE: Tue Feb 2 19:34:24 EST 1999 my @months = qw(Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec); my @days = qw(Sun Mon Tue Wed Thu Fri Sat); my ($sec,$min,$hour,$mday,$mon,$year,$wday) = localtime; # ( 00 20 20 16 10 63 06 197 01); # Last two not used... # Ex: $days[$wday] $months[$mon] $mday $hour:$min:$sec $year my $today = $months[$mon] . " " . $mday; # Get just today's Date... my $ntday = sprintf("%02d", ++$mon) . '/' . sprintf("%02d", $mday); # Get just today's Numbers... # Please set the correct path to your logs (the paths shown are examples.) # Find out if there are any errors of type ... grep -i ???? ... my $cmd = 'echo \$cmd -Disabled-'; #"cat /var/adm/messages |grep -w \'$today\'"; my $cmd0 = "cat /var/adm/sulog |grep -w \'$ntday\' | grep -i su"; my $cmd1 = "cat /var/adm/messages |grep -w \'$today\' | grep -i fail"; my $cmd2 = "cat /var/adm/messages |grep -w \'$today\' | grep -i snif"; my $cmd3 = "cat /var/adm/messages |grep -w \'$today\' | grep -i unkn"; my $cmd4 = "cat /var/log/syslog |grep -w \'$today\' | grep -i denied"; my $cmd5 = "cat /var/adm/messages |grep -w \'$today\' | grep -i denied"; my $cmd6 = "cat /var/adm/messages |grep -w \'$today\' | grep -i root"; # But do it only for log entries for $today... open (MAIL, "| $SENDMAIL userid") || die ("$0: Can't open $SENDMAIL: $!\n"); print MAIL "Reply-to: root\@localhost\n"; print MAIL "From: \"host.Message.Log\" \\n"; print MAIL "To: userid\n"; print MAIL "Subject: MsgLog Report at ", scalar localtime, "\n"; print MAIL "\n"; print MAIL "=================== List Your Hostname Here =====================\n"; print MAIL "NOTE: This message was sent through the Msg.Monitor Perl System,\n"; print MAIL " Msg Monitor v0.01s (Alpha) by -Sneex- :] (WC Jones), JaxPM\n"; print MAIL "=================================================================\n"; print MAIL "\n"; print MAIL "\nSummary:\n--------\n\n"; print MAIL `$cmd`; print MAIL "\n....................\n"; print MAIL `$cmd0`; print MAIL "\n....................\n"; print MAIL `$cmd1`; print MAIL "\n....................\n"; print MAIL `$cmd2`; print MAIL "\n....................\n"; print MAIL `$cmd3`; print MAIL "\n....................\n"; print MAIL `$cmd4`; print MAIL "\n....................\n"; print MAIL `$cmd5`; print MAIL "\n....................\n"; print MAIL `$cmd6`; print MAIL "\n\nEnd of Report...\n"; close (MAIL); __END__