#!/bin/bash
# /var/log/rkhunter.log
LOGFILE=~/logs/security-log.log
TMPLOG=~/logs/tmpS.log
DATEFMT=%X:%x
SHNAME=`basename $0`
SLEEP=8m #wait till box is presumably less-loaded
echo -e "$SHNAME start sleep $SLEEP \t\t\t\t"`date +$DATEFMT` > $TMPLOG;
cat $LOGFILE >> $TMPLOG;
mv $TMPLOG $LOGFILE;
sleep $SLEEP;
echo -e "$SHNAME rkhunter --update \t\t\t\t"`date +$DATEFMT` > $TMPLOG;
cat $LOGFILE >> $TMPLOG;
mv $TMPLOG $LOGFILE;
sudo rkhunter --update;
echo -e "$SHNAME rkhunter --rwo --sk --checkall \t\t"`date +$DATEFMT` > $TMPLOG;
sudo rkhunter --rwo --sk --checkall >> $TMPLOG;
cat $LOGFILE >> $TMPLOG;
mv $TMPLOG $LOGFILE;
echo -e "$SHNAME chkrootkit -n -e -x \t\t\t"`date +$DATEFMT` > $TMPLOG;
sudo chkrootkit -n -e -x | grep "INFECTED" >> $TMPLOG;
cat $LOGFILE >> $TMPLOG;
mv $TMPLOG $LOGFILE;
exit 0