Revision: 58242
Initial Code
Initial URL
Initial Description
Initial Title
Initial Tags
Initial Language
at July 4, 2012 01:16 by _reydin_
Initial Code
#!/bin/bash auth=/var/log/auth.log if [ "$1" != "" ]; then #check that there is an argument if [ "$1" = success ]; then #check the entered argument for success for i in `grep Accepted ${auth} | cut -d: -f3 | cut -c18-23` #search and cut the session id do id=$i user=`grep Accepted ${auth} | grep ${id} | cut -d: -f4 | cut -d' ' -f5` month=`grep Accepted ${auth} | grep ${id} | cut -d" " -f1` day=`grep Accepted ${auth} | grep ${id} | cut -c4-6 | cut -c1-3` atime=`grep Accepted ${auth} | grep ${id} | cut -c7-15` echo "Status: [success] Account name: $user Date:$month,$day,$atime" done elif [ "$1" = fail ]; then #check the entered argument for fail for i in `grep Failed ${auth} | grep password | cut -c8-15` #search and cut the time do id=$i user=`grep Failed ${auth} | grep ${id} | grep password | cut -d: -f4 | cut -d" " -f5` month=`grep Failed ${auth} | grep ${id} | grep password | cut -c1-3` day=`grep Failed ${auth} | grep ${id} | grep password | cut -c4-6` #atime=`grep Failed ${auth} | grep ${id} | cut -d" " -f3` atime=$i echo "Status: [fail] Account name: $user Date: $month, $day, $atime" done else #if more than one argument is entered or it doesn't match fail or success exit exit 0 fi else echo "Example: ./auth.sh [success | fail]" #if there is no argument entered show example exit 0 fi
Initial URL
Initial Description
This script will parse the auth.log and return results depending on the argument entered. To run the script enter one of the following. ./auth success or ./auth fail
Initial Title
Linux auth.log parser
Initial Tags
Bash
Initial Language
Bash