Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- use v6 ;
- use IO::TailFile;
- my $line ;
- my $i = 0;
- react {
- whenever IO::TailFile.watch("/var/log/asterisk/security", :chomp) -> $line {
- if $line ~~ m/ "InvalidPassword" / {
- my $lineseq = $line.split(/","/) ;
- $lineseq.WHAT ;
- my $RAseq = $lineseq[8].split(/"/"/) ;
- say "IP to be banned is: \t $RAseq[2]" ;
- say "\n \n $line \n That is the original security log line" ;
- $i++ ;
- if $i > 0 { exit ; }
- }
- } ;
- } ;
- Outputs
- IP to be banned is: 54.36.131.232
- # see the RemoteAddress below:
- [Apr 30 12:47:52] SECURITY[16463] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-30T12:47:52.197-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="0046633915842",SessionID="0x7f644006d7d8",LocalAddress="IPV4/UDP/my-server-ip-addr/5060",RemoteAddress="IPV4/UDP/54.36.131.232/60807",Challenge="7ae8567a",ReceivedChallenge="7ae8567a",ReceivedHash="8a7a2223ae49538447fb4f80037f5e94"
- That is the original security log line
Add Comment
Please, Sign In to add comment