linux下syslogd在那个目录下,鸟哥的 Linux 私房菜26-- log files 的分析

# 2.3a FTP {for proftpd}

echo "========================== "                                                           >> $logfile

echo "3. 关于 FTP  登录档的登入次数统计"                                                     >> $logfile

echo "账号   来源地址 次数 "|awk '{printf("\%-15s \%-25s \%-4s\n", $1, $2, $3)}'             >> $logfile

echo "FTP登入次数: `cat $basedir/messageslog|grep "FTP session opened." | wc -l`"|awk '{printf( "\%-41s \%3d\n", $1, $2)}' >> $logfile

# add login ip script

cat $basedir/messageslog | grep "FTP session opened."|awk '{print $7}'|cut -d"[" -f2 | cut -d"]" -f1 >"$basedir/ftploginip"

/bin/awk '{ for( i=0; i<1; i++ ) Number[$i]++ };

END{ for( course in Number )

printf( "\%-41s \%3d\n", course, Number[course])}' $basedir/ftploginip|sort +2 -gr |awk '{printf("\%-41s \%3d\n", $1, $2)}'>>$logfile

echo " "      >> $logfile

echo "FTP登入成功账号"      >> $logfile

cat $basedir/messageslog | grep "(ftp) session opened for user" | awk '{print $11}' > "$basedir/messagesftp"

/bin/awk '{ for( i=0; i<1; i++ ) Number[$i]++ };

END{ for( course in Number )

printf( "\%-41s \%3d\n", course, Number[course])}' $basedir/messagesftp|sort +2 -gr|awk '{printf("\%-41s \%3d\n", $1, $2)}'>>$logfile

echo " "      >> $logfile

cat $basedir/messageslog|grep "Authentication failure." >$basedir/ftperr

cat $basedir/messageslog|grep "no such user '" >>$basedir/ftperr

echo "FTP错误登入次数:`cat $basedir/ftperr| wc -l`"|awk '{printf( "\%-41s \%3d\n", $1, $2)}' >> $logfile

cat $basedir/ftperr|grep "failure."|awk '{print $7 " " $9}'|cut -d'[' -f2|cut -d':' -f1|awk '{print $2 " " $1}'|cut -d'M' -f2|cut -d']' -f1>"$basedir/ftpfail"

/bin/awk '{ for( i=0; i<1; i++ ) Number[$i]++ };

END{ for( course in Number )

printf( "\%-15s \%3d\n", course, Number[course])}' $basedir/ftpfail|sort +2 -gr|awk '{printf("\%-15s \%-25s \%3d\n", $1, $2, $3)}'>>$logfile

cat $basedir/ftperr|grep "no such user '"|awk '{print $7 " " $12}'|cut -d'[' -f2|awk '{print $2 " " $1}'|cut -d']' -f1>"$basedir/ftpxusr"

/bin/awk '{ for( i=0; i<1; i++ ) Number[$i]++ };

END{ for( course in Number )

printf( "\%-15s \%3d\n", course, Number[course])}' $basedir/ftpxusr|sort +2 -gr|awk '{printf("\%-15s \%-25s \%3d\n", $1, $2, $3)}'>>$logfile

echo " "      >> $logfile