yep :
script en question :
log.log est créé avant l'appel de ce script et est créé par un script genre "logtail /var/log/fichierdelog > /root/log/log.log
Code :
- #!/bin/bash
- grep ssh /root/log/log.log | grep maps -v > /root/log/temp_log
- awk 'BEGIN { FS="\ "}
- $7=="publickey" { print $9" : "$2" "$1" "$3" : "$6" "$10" "$11 }
- $6=="pam_unix(sshd:session):" { print $11" : "$2" "$1" "$3" : "$7" "$8 }
- ' /root/log/temp_log >> /root/log/log.auth
- /bin/cat /root/log/log.log >> /root/log/backlog/log_brut-`/bin/date +%F`.log
- /bin/cat /root/log/temp_log >> /root/log/backlog/log_trie-`/bin/date +%F`.log
- /bin/rm /root/log/log.log
- /bin/rm /root/log/temp_log
|
log.log ... Avec ca ca marche pas
Code :
- Jan 3 08:17:01 ****** CRON[1644]: pam_unix(cron:session): session opened for user root by (uid=0)
- Jan 3 08:17:01 ****** CRON[1644]: pam_unix(cron:session): session closed for user root
- Jan 3 09:17:01 ****** CRON[1650]: pam_unix(cron:session): session opened for user root by (uid=0)
- Jan 3 09:17:01 ****** CRON[1650]: pam_unix(cron:session): session closed for user root
- Jan 3 10:17:01 ****** CRON[1656]: pam_unix(cron:session): session opened for user root by (uid=0)
- Jan 3 10:17:01 ****** CRON[1656]: pam_unix(cron:session): session closed for user root
|
et ca marchait avec :
Code :
- Dec 31 08:17:01 ****** CRON[1644]: pam_unix(cron:session): session opened for user root by (uid=0)
- Dec 31 08:17:01 ****** CRON[1644]: pam_unix(cron:session): session closed for user root
|
Pour que ca marche avec janvier, je dois ajouter 1 à tous les paramètres
---------------
Mon topic de vente - Mon feed-back