73 lines
1.5 KiB
Plaintext
73 lines
1.5 KiB
Plaintext
|
#!/bin/bash
|
||
|
#
|
||
|
# Plugin to monitor SSH
|
||
|
#
|
||
|
# Parameters understood:
|
||
|
#
|
||
|
# config (required)
|
||
|
# autoconf (optional)
|
||
|
#
|
||
|
# Made by Sven Breunig ( sven AT breunig DOT be )
|
||
|
#
|
||
|
|
||
|
mktempfile () {
|
||
|
mktemp -t
|
||
|
}
|
||
|
|
||
|
AUTH_LOG=${logfile:-/var/log/auth.log}
|
||
|
STATEFILE=/var/lib/munin/plugin-state/sshd.offset
|
||
|
LOGTAIL=${logtail:-`which logtail`}
|
||
|
|
||
|
if [ "$1" = "autoconf" ]; then
|
||
|
if [ -f "${AUTH_LOG}" -a -n "${LOGTAIL}" -a -x "${LOGTAIL}" ] ; then
|
||
|
echo yes
|
||
|
exit 0
|
||
|
else
|
||
|
echo no
|
||
|
exit 1
|
||
|
fi
|
||
|
fi
|
||
|
|
||
|
if [ "$1" = "config" ]; then
|
||
|
echo 'graph_title SSH Statistics'
|
||
|
echo 'graph_order refused invalid accepted'
|
||
|
echo 'graph_category ssh'
|
||
|
echo 'graph_vlabel Count'
|
||
|
echo 'graph_scale no'
|
||
|
|
||
|
## echo 'graph_args --base 1000 -l 0'
|
||
|
echo 'refused.label refused'
|
||
|
# echo 'delayed.type DERIVE'
|
||
|
echo 'invalid.label invalid'
|
||
|
# echo 'passed.type DERIVE'
|
||
|
echo 'accepted.label accepted'
|
||
|
# echo 'whitelisted.type DERIVE'
|
||
|
echo 'failedpass.label Failed password'
|
||
|
exit 0
|
||
|
fi
|
||
|
|
||
|
|
||
|
refused=0
|
||
|
invalid=0
|
||
|
accepted=0
|
||
|
failed=0
|
||
|
|
||
|
TEMP_FILE=`mktempfile munin-sshd.XXXXXX`
|
||
|
|
||
|
if [ -n "$TEMP_FILE" -a -f "$TEMP_FILE" ]
|
||
|
then
|
||
|
$LOGTAIL ${AUTH_LOG} $STATEFILE | grep 'sshd' > ${TEMP_FILE}
|
||
|
|
||
|
refused=`grep -ic 'refused' ${TEMP_FILE}`
|
||
|
accepted=`grep -ic 'accepted' ${TEMP_FILE}`
|
||
|
invalid=`grep -ic 'invalid user' ${TEMP_FILE}`
|
||
|
failed=`grep -ic 'failed password' ${TEMP_FILE}`
|
||
|
|
||
|
/bin/rm -f $TEMP_FILE
|
||
|
fi
|
||
|
|
||
|
echo "refused.value ${refused}"
|
||
|
echo "accepted.value ${accepted}"
|
||
|
echo "invalid.value ${invalid}"
|
||
|
echo "failedpass.value ${failed}"
|