blob: 69e912264c6751ab88d74add59bfd51b9002bed7 (
plain)
- #!/bin/sh
- #
- # /usr/local/sbin/localshowuserfromip
- # Copyright 2007 Jonas Smedegaard <dr@jones.dk>
- #
- # $Id: localshowuserfromip,v 1.3 2007-11-14 13:31:37 jonas Exp $
- #
- # List recent identifiable users from some IP address
- #
- input="${input:-user}"
- output="${output:-shortline}"
- logfilecount="${logfilecount:-1}"
- pattern="${pattern:-user_dovecot}"
- sed_longline='s/^\(.\{15\}\) [^:]*: /\1 /'
- sed_time='s/^\(.\{15\}\) .*$/\1 /'
- case $pattern in
- user_dovecot)
- # Dovecot "deliver"
- egrep_before='dovecot: .*: Login: .*, rip=('
- egrep_after='), lip='
- sed_shortline='s/^\(.\{15\}\) [^:]*: \([^-]*\)-login: Login: user=</\1 (\2) /;s/>, .*$//'
- sed_username='s/^.* user=<//;s/>, .*$//'
- ;;
- *)
- echo >&2 "ERROR: unknwon pattern \"$pattern\""
- exit 1
- ;;
- esac
- case $output in
- shortline)
- sedstring="$sed_shortline"
- ;;
- longline)
- sedstring="$sed_longline"
- ;;
- username)
- sedstring="$sed_msgid"
- ;;
- *)
- echo >&2 "ERROR: unknwon output \"$output\""
- exit 1
- ;;
- esac
- ip="$1"
- find /var/log -name 'syslog*' | sort -nr -t. -k3 | tail -n "$logfilecount" | xargs zcat -f \
- | egrep -- "$egrep_before$ip$egrep_after" \
- | sed "$sedstring"
|