From 850df25914f53eeb1156d2389d92385a88cb216f Mon Sep 17 00:00:00 2001 From: Mark Sapiro Date: Fri, 15 Jun 2018 20:38:59 -0700 Subject: Updated contrib/mmdsr for security log. --- contrib/mmdsr | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'contrib/mmdsr') diff --git a/contrib/mmdsr b/contrib/mmdsr index bf5e71c9..03a35845 100644 --- a/contrib/mmdsr +++ b/contrib/mmdsr @@ -207,6 +207,11 @@ # Updated on: Sun Jun 4 17:12:54 PDT 2017 # Added -a to default (e)grep to account for logs that may # have non-ascii and be seen as binary. +# +# 0.0.28 Update by Mark Sapiro +# Updated on: Fri Jun 15 20:20:36 PDT 2018 +# Added report of new security log. +# Augmented 0.0.24 to do as well as . ############################################################################### # Set up locations of standard commands, directories, etc.... @@ -275,7 +280,7 @@ MAX_DATA_LINES=100 # Mailman Log files to check for errors. # No need to specify path, only log file name. ############################################################################### -ERR_LOGS="error fromusenet locks mischief post qrunner smtp-failure vette" +ERR_LOGS="error fromusenet locks mischief security post qrunner smtp-failure vette" ############################################################################### # Mailman Log files to summarize. @@ -499,6 +504,11 @@ do echo "------------------------------" >> $TMP $EGREP -vi '(Login failure with private rosters|Unsub attempt of non-member|Reminder attempt of non-member)' $TMPLOG | $SED 's/^.* ([0-9]*) //' | $SORT | $UNIQ -c | $SORT -nr >> $TMP + elif [ "${LOG}" = "security" ] ; then + + echo "" >> $TMP + $GREP 'Authorization failed' $TMPLOG | $SED 's/^.* ([0-9]*) //' | $SORT | $UNIQ -c | $SORT -nr >> $TMP + elif [ "${LOG}" = "post" ] ; then $GREP -vi 'success' $TMPLOG | $SED 's/^.* ([0-9]*) //' | $SORT | $UNIQ -c | $SORT -nr >> $TMP @@ -548,7 +558,7 @@ do echo "" >> $TMP echo "Banned Subscriptions" >> $TMP echo "------------------------------" >> $TMP - $GREP -i 'banned subscription' $TMPLOG | $AWK '{ print $6 " " $9 }' | $SED -e 's/\+[0-9][0-9]*@/+@/' | $SORT | $UNIQ -c | $SORT -nr >> $TMP + $GREP -i 'banned subscription' $TMPLOG | $AWK '{ print $6 " " $9 }' | $SED -e 's/\+[0-9][0-9]*@/+@/' -e 's/\+[a-z][a-z]*@/+@/' | $SORT | $UNIQ -c | $SORT -nr >> $TMP echo "" >> $TMP echo "DMARC lookups" >> $TMP -- cgit v1.2.3