diff options
author | Jonas Smedegaard <dr@jones.dk> | 2007-11-14 13:23:55 +0000 |
---|---|---|
committer | Jonas Smedegaard <dr@jones.dk> | 2007-11-14 13:23:55 +0000 |
commit | 0f8d8c542fba2202842ddc25d3b50df72f365738 (patch) | |
tree | b67fd80474ef0b67cd0aeb96442d05aeebaa1a56 /localshowuserfromip | |
parent | 828a6e23cfa2463a87206b1b1a0586f5e511775f (diff) |
New script (derived from localshowmaildelivered).
Diffstat (limited to 'localshowuserfromip')
-rwxr-xr-x | localshowuserfromip | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/localshowuserfromip b/localshowuserfromip new file mode 100755 index 0000000..48398e2 --- /dev/null +++ b/localshowuserfromip @@ -0,0 +1,53 @@ +#!/bin/sh +# +# /usr/local/sbin/localshowuserfromip +# Copyright 2007 Jonas Smedegaard <dr@jones.dk> +# +# $Id: localshowuserfromip,v 1.1 2007-11-14 13:23:55 jonas Exp $ +# +# List recent identifiable users from some IP address +# + +input="${input:-user}" +output="${output:-shortline}" +logfilecount="${logfilecount:-1}" +pattern="${pattern:-user_dovecot}" + +sed_longline='s/^\(.\{15\}\) [^:]*: /\1 /' +sed_time='s/^\(.\{15\}\) .*$/\1 /' + +case $pattern in + user_dovecot) + # Dovecot "deliver" + egrep_before=', rip=(' + egrep_after='), lip=' + sed_shortline='s/^\(.\{15\}\) [^:]*: [^-]*-login: Login: user=</\1/;s/>, method=[^,]*, rip=/ /;s/, lip=.*$//' + sed_username='s/^.* user=<//;s/>, .*$//' + ;; + *) + echo >&2 "ERROR: unknwon pattern \"$pattern\"" + exit 1 + ;; +esac + +case $output in + shortline) + sedstring="$sed_shortline" + ;; + longline) + sedstring="$sed_longline" + ;; + username) + sedstring="$sed_msgid" + ;; + *) + echo >&2 "ERROR: unknwon output \"$output\"" + exit 1 + ;; +esac + +ip="$1" + +find /var/log -name 'syslog*' | sort -nr -t. -k3 | tail -n "$logfilecount" | xargs zcat -f \ + | egrep -- "$egrep_before$ip$egrep_after" \ + | sed "$sedstring" |