Thursday, May 10, 2012

Perl script to list all Failed Login attempts in Linux

#!/usr/bin/perl -w
# Description             :  Upon execution, this script will list all the Failed Login attempts on a Linux Server
# Mode of Execution  :  As 'root' user from shell prompt
# Developed by          :  Ashok Raj
# Version                   :  1.2
# -------------------------------------------------------------------------------------------------------------------------

$osnam=`uname -s`;
chomp($osnam);
$cnt=0;

if($osnam eq 'Linux')
{
chdir "/var/log" or die "$!";
@arylog = `cat ./secure*|grep 'Failed password'`;
print "\n";
print "REPORT ON FAILED ATTEMPT LOGINS\n\n";
print " DATE/TIME       USERNAME\tHOSTNAME/IPADDRESS\n";
print "---------------------------------------------\n";
foreach(@arylog)
 {
 if($_ =~ m/(\w+\s+\d+\s\d\d:\d\d:\d\d)\s\S+\ssshd\[\d+\]:\s+Failed\s.*?\sfor.*?\s(\w+)\sfrom\s+(\S+)/)
            {
              printf "%-16s   %-16s%-16s\n",$1,$2,$3;
              $cnt++;
            }
}
}
print "\nTotal Number of Failed Attempts: $cnt \n\n";

No comments:

Post a Comment

Popular Posts

About Me

My photo
The intent of this blog is to share my work experience and spread some smart solutions on Linux to System Administrators. I'm hoping the solutions shared in this Blog would be helpful and come as a handy for Viewers. Brief about me: I have 18+ years work experience in System and Cloud Administration domain, primarily works on VMware Cloud Products (vSphere, vCloud Director, vRealize Automation, NSX Adv. Load Balancer, vROps).