Need help with quick Grep Script

noimad1

Well-Known Member
Mar 27, 2003
626
0
166
Hi,

I'd like to write a quick cron job script that could search through my logs for a specific string, then e-mail me if it is found.

Something like:

grep "hacker.txt" /var/log/messages

Then if it finds something, e-mail me?

Can someone help me write that really quick? I'm pretty sure it is an easy script, I just can't figure out the proper coding.
 

mohit

Well-Known Member
Jul 12, 2005
553
0
166
Sticky On Internet
grep is not the best method to do this, until you have something custom in mind.

if you want this for the suspicious file, csf does that, it will not only secure your server and mail you as soon as any suspect process/script is found.
 

noimad1

Well-Known Member
Mar 27, 2003
626
0
166
Thanks, but what is CSF?

Mainly right now I need a bandaid fix for a problem we are having with customers who's passwords have been compromised.

The hackers are using automated scripts to upload spamming scripts through ftp, then spam, then remove the scripts. They always use the same filenames at this point.

So as a quick fix I want to just be notified if anyone uploads files with matching names. That way I can stop it right away.