Server IP : 162.0.209.157 / Your IP : 3.145.32.238 [ Web Server : LiteSpeed System : Linux premium178.web-hosting.com 4.18.0-513.24.1.lve.2.el8.x86_64 #1 SMP Fri May 24 12:42:50 UTC 2024 x86_64 User : balaoqob ( 2395) PHP Version : 8.0.30 Disable Function : NONE Domains : 1 Domains MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /lib64/nagios/plugins/nccustom/ |
Upload File : |
#!/bin/bash # Default values for the log file path and time threshold log_file="/var/log/nc_audit/suspicious_file_detector.log" allowed_time_diff=3600 # Default: 3600 seconds (1 hour) # Function to display usage usage() { echo "Usage: $0 [-f log_file] [-t allowed_time_difference_in_seconds]" exit 3 } # Parse command-line arguments while getopts "f:t:" opt; do case ${opt} in f) log_file="${OPTARG}" ;; t) allowed_time_diff="${OPTARG}" ;; *) usage ;; esac done # Check if the log file exists and is not empty if [[ ! -f "${log_file}" || ! -s "${log_file}" ]]; then echo "ERROR: Log file ${log_file} does not exist or is empty." exit 1 fi # Check the last modification time of the log file current_time=$(date +%s) file_mod_time=$(stat -c %Y "${log_file}") time_diff=$((current_time - file_mod_time)) if (( time_diff > allowed_time_diff )); then echo "CRITICAL!: Log file was modified more than $((allowed_time_diff / 60)) minutes ago." exit 2 fi # Get the last line of the log file last_line=$(tail -n 1 "$log_file") if [[ "${last_line}" == *"CRITICAL!"* ]]; then echo "${last_line}" exit 2 elif [[ "${last_line}" == *"WARNING"* ]]; then echo "${last_line}" exit 1 elif [[ "${last_line}" == *"OK!"* ]]; then echo "${last_line}" exit 0 else echo "UNKNOWN: ${last_line}" exit 3 fi