API tools faq
paste
Advertisement
sergio_educacionit

audit.sh

sergio_educacionit
Apr 13th, 2022
180
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 0.62 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2.  
  3. file=/root/audit.files
  4.  
  5. # vaciamos reglas
  6.  
  7. auditctl -D
  8.  
  9. # funcion enviar mail
  10.  
  11. enviar_mail() {
  12.    
  13.     # codigo para uso de
  14.     # correo.
  15.     echo "$1" | mail -s "Resporte de audit $(date)" educacionit
  16.     echo ""
  17.  
  18. }
  19.  
  20. while read -r line; do
  21.     # cargar reglas
  22.     auditctl -w $line -p wa -k reglas
  23. done < "$file"
  24.  
  25. while :;do
  26.  
  27.     reporte=$(ausearch --start recent --raw | aureport --file)
  28.  
  29.     if [ $(echo $reporte | grep 'no events of interest were found' >> /dev/null) ];then
  30.         echo "nada que reportar"
  31.     else
  32.         echo "Cambios para reportar:"
  33.         echo "$reporte"
  34.         enviar_mail "$reporte"
  35.     fi
  36. sleep 10
  37.  
  38. done
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!