[Xymon] Alert for WHO column possible?
Steven Carr
sjcarr at gmail.com
Tue Jul 21 12:37:26 CEST 2020
I have a script that runs on the server side, checking the clientlog
information for logins, currently this is set to alert when root is
detected, but could easily be modded to negate and look for another
user...
<code>
#!/bin/bash
HOSTTAG=who
COLUMN=$HOSTTAG
$XYMONHOME/bin/xymongrep $HOSTTAG | while read L
do
set $L
HOSTIP="$1"
MACHINEDOTS="$2"
WHO=`$XYMON $XYMSRV "clientlog $MACHINEDOTS section=who"`
if echo "$WHO" | grep "^root" >/dev/null; then
MSG="status $MACHINEDOTS.$COLUMN red root logins detected"
else
MSG="status $MACHINEDOTS.$COLUMN green no root logins detected"
fi
$XYMON $XYMSRV "$MSG
$WHO"
done
exit 0
</code>
More information about the Xymon
mailing list