403Webshell
Server IP : 66.29.132.124  /  Your IP : 3.144.30.14
Web Server : LiteSpeed
System : Linux business141.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
User : wavevlvu ( 1524)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /lib64/nagios/plugins/nccustom/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /lib64/nagios/plugins/nccustom/check_suspicious_files_status.sh
#!/bin/bash

# Default values for the log file path and time threshold
log_file="/var/log/nc_audit/suspicious_file_detector.log"
allowed_time_diff=3600  # Default: 3600 seconds (1 hour)

# Function to display usage
usage() {
    echo "Usage: $0 [-f log_file] [-t allowed_time_difference_in_seconds]"
    exit 3
}

# Parse command-line arguments
while getopts "f:t:" opt; do
    case ${opt} in
        f)
            log_file="${OPTARG}"
            ;;
        t)
            allowed_time_diff="${OPTARG}"
            ;;
        *)
            usage
            ;;
    esac
done

# Check if the log file exists and is not empty
if [[ ! -f "${log_file}" || ! -s "${log_file}" ]]; then
    echo "ERROR: Log file ${log_file} does not exist or is empty."
    exit 1
fi

# Check the last modification time of the log file
current_time=$(date +%s)
file_mod_time=$(stat -c %Y "${log_file}")
time_diff=$((current_time - file_mod_time))

if (( time_diff > allowed_time_diff )); then
    echo "CRITICAL!: Log file was modified more than $((allowed_time_diff / 60)) minutes ago."
    exit 2
fi

# Get the last line of the log file
last_line=$(tail -n 1 "$log_file")

if [[ "${last_line}" == *"CRITICAL!"* ]]; then
    echo "${last_line}"
    exit 2
elif [[ "${last_line}" == *"WARNING"* ]]; then
    echo "${last_line}"
    exit 1
elif [[ "${last_line}" == *"OK!"* ]]; then
    echo "${last_line}"
    exit 0
else
    echo "UNKNOWN: ${last_line}"
    exit 3
fi

Youez - 2016 - github.com/yon3zu
LinuXploit