|
Packit |
57988d |
|
|
Packit |
57988d |
##########################################################################
|
|
Packit |
57988d |
# $Id$
|
|
Packit |
57988d |
##########################################################################
|
|
Packit |
57988d |
|
|
Packit |
57988d |
########################################################
|
|
Packit |
57988d |
# This was written and is maintained by:
|
|
Packit |
57988d |
# Kenneth Porter <shiva@well.com>
|
|
Packit |
57988d |
#
|
|
Packit |
57988d |
# Please send all comments, suggestions, bug reports,
|
|
Packit |
57988d |
# etc, to shiva@well.com.
|
|
Packit |
57988d |
########################################################
|
|
Packit |
57988d |
|
|
Packit |
57988d |
#####################################################
|
|
Packit |
57988d |
## Copyright (c) 2008 Kenneth Porter
|
|
Packit |
57988d |
## Covered under the included MIT/X-Consortium License:
|
|
Packit |
57988d |
## http://www.opensource.org/licenses/mit-license.php
|
|
Packit |
57988d |
## All modifications and contributions by other persons to
|
|
Packit |
57988d |
## this script are assumed to have been donated to the
|
|
Packit |
57988d |
## Logwatch project and thus assume the above copyright
|
|
Packit |
57988d |
## and licensing terms. If you want to make contributions
|
|
Packit |
57988d |
## under your own copyright or a different license this
|
|
Packit |
57988d |
## must be explicitly stated in the contribution an the
|
|
Packit |
57988d |
## Logwatch project reserves the right to not accept such
|
|
Packit |
57988d |
## contributions. If you have made significant
|
|
Packit |
57988d |
## contributions to this script and want to claim
|
|
Packit |
57988d |
## copyright please contact logwatch-devel@lists.sourceforge.net.
|
|
Packit |
57988d |
#########################################################
|
|
Packit |
57988d |
|
|
Packit |
57988d |
$Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0;
|
|
Packit |
57988d |
|
|
Packit |
57988d |
while (defined($ThisLine = <STDIN>)) {
|
|
Packit |
57988d |
if ( ($ThisLine =~ /xsender/) or
|
|
Packit |
57988d |
( $ThisLine =~ /.drac.:/ ) or
|
|
Packit |
57988d |
( $ThisLine =~ /Timing/ ) or
|
|
Packit |
57988d |
( $ThisLine =~ /-ERR \[AUTH\]/ ) or
|
|
Packit |
57988d |
( $ThisLine =~ /canonical name of client/ ) or
|
|
Packit |
57988d |
( $ThisLine =~ /I\/O error flushing output to client/ ) or
|
|
Packit |
57988d |
( $ThisLine =~ /-ERR SIGHUP or SIGPIPE flagged/ ) or
|
|
Packit |
57988d |
( $ThisLine =~ /-ERR POP hangup/ ) or
|
|
Packit |
57988d |
( $ThisLine =~ /-ERR POP EOF or I\/O Error/ ) or
|
|
Packit |
57988d |
( $ThisLine =~ /-ERR \[IN-USE\] / ) or
|
|
Packit |
57988d |
( $ThisLine =~ /Incorrect octet count/ ) ) {
|
|
Packit |
57988d |
# We don't care about these
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
## Stats: <UserID> 0 0 0 0 <Host> <IP>
|
|
Packit |
57988d |
elsif (($UserID, $NumDeleted, $BytesDeleted, $NumLeft, $BytesLeft) = ( $ThisLine =~ /Stats: ([^ ]+) ([^ ]+) ([^ ]+) ([^ ]+) ([^ ]+)/ )) {
|
|
Packit |
57988d |
$Stats{$UserID}{"Times"}++;
|
|
Packit |
57988d |
$Stats{$UserID}{"NumDel"} += $NumDeleted;
|
|
Packit |
57988d |
$Stats{$UserID}{"BytesDel"} += $BytesDeleted;
|
|
Packit |
57988d |
$Stats{$UserID}{"NumLeft"} = $NumLeft;
|
|
Packit |
57988d |
$Stats{$UserID}{"BytesLeft"} = $BytesLeft;
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
elsif (($UserID) = ($ThisLine =~ /^\[AUTH\] Failed attempted login to ([^ ]+) from host/ )) {
|
|
Packit |
57988d |
$FailedLogin{$UserID}++;
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
elsif ( $ThisLine =~ s/^connect from ([^ ]+)$/$1/ ) {
|
|
Packit |
57988d |
$Connections{$ThisLine}++;
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
elsif ( $ThisLine =~ s/^\(v[0-9.]+\) POP login by user "?[^ ]+"? at \([^ ]+\) ([^ ]+)$/$1/ ) {
|
|
Packit |
57988d |
$Connections{$ThisLine}++;
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
elsif ( $ThisLine =~ s/^apop \"(.*)\".*/$1/ ) {
|
|
Packit |
57988d |
$ApopConnections{$ThisLine}++;
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
else {
|
|
Packit |
57988d |
# Report any unmatched entries...
|
|
Packit |
57988d |
chomp($ThisLine);
|
|
Packit |
57988d |
$OtherList{$ThisLine}++;
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
|
|
Packit |
57988d |
if ( (keys %Connections) and ($Detail >= 10) ) {
|
|
Packit |
57988d |
print "\nPlaintext Connections:\n";
|
|
Packit |
57988d |
foreach $ThisOne (keys %Connections) {
|
|
Packit |
57988d |
print " " . $Connections{$ThisOne} . " from " . $ThisOne;
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
|
|
Packit |
57988d |
if ( (keys %ApopConnections) and ($Detail >= 10) ) {
|
|
Packit |
57988d |
print "\nAPOP Connections:\n";
|
|
Packit |
57988d |
foreach $ThisOne (keys %ApopConnections) {
|
|
Packit |
57988d |
print " " . $ApopConnections{$ThisOne} . " from " . $ThisOne;
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
|
|
Packit |
57988d |
if ((keys %Stats) and ($Detail >= 10)) {
|
|
Packit |
57988d |
print "\nUser Statistics:\n";
|
|
Packit |
57988d |
print " | Deleted | Kept |\n";
|
|
Packit |
57988d |
print "User Name Times | Num KBytes | Num KBytes |\n";
|
|
Packit |
57988d |
foreach $UserID (sort {$Stats{$b}{"BytesDel"}<=>$Stats{$a}{"BytesDel"}} keys %Stats)
|
|
Packit |
57988d |
{
|
|
Packit |
57988d |
printf("%-15s %5d | %5d %6d | %5d %6d |\n", $UserID, $Stats{$UserID}{"Times"}, $Stats{$UserID}{"NumDel"}, $Stats{$UserID}{"BytesDel"}/1024, $Stats{$UserID}{"NumLeft"}, $Stats{$UserID}{"BytesLeft"}/1024);
|
|
Packit |
57988d |
$Times += $Stats{$UserID}{"Times"};
|
|
Packit |
57988d |
$NumDel += $Stats{$UserID}{"NumDel"};
|
|
Packit |
57988d |
$BytesDel += $Stats{$UserID}{"BytesDel"};
|
|
Packit |
57988d |
$NumLeft += $Stats{$UserID}{"NumLeft"};
|
|
Packit |
57988d |
$BytesLeft += $Stats{$UserID}{"BytesLeft"};
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
print "------------------------+----------------+----------------+\n";
|
|
Packit |
57988d |
printf("TOTALS %5d | %5d %6d | %5d %6d |\n", $Times, $NumDel, $BytesDel/1024, $NumLeft, $BytesLeft/1024);
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
|
|
Packit |
57988d |
if (keys %FailedLogin) {
|
|
Packit |
57988d |
print "\nFailed Logins:\n";
|
|
Packit |
57988d |
foreach $UserID (sort {$FailedLogin{$b}<=>$FailedLogin{$a} } keys %FailedLogin) {
|
|
Packit |
57988d |
print " $UserID: $FailedLogin{$UserID} time(s).\n";
|
|
Packit |
57988d |
}; # foreach
|
|
Packit |
57988d |
}; # if
|
|
Packit |
57988d |
|
|
Packit |
57988d |
if (keys %OtherList) {
|
|
Packit |
57988d |
print "\n**Unmatched Entries**\n";
|
|
Packit |
57988d |
foreach $line (sort {$OtherList{$b}<=>$OtherList{$a} } keys %OtherList)
|
|
Packit |
57988d |
{
|
|
Packit |
57988d |
print " $line: $OtherList{$line} Time(s)\n";
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
}
|
|
Packit |
57988d |
|
|
Packit |
57988d |
exit(0);
|
|
Packit |
57988d |
|
|
Packit |
57988d |
# vi: shiftwidth=3 tabstop=3 syntax=perl et
|
|
Packit |
57988d |
# Local Variables:
|
|
Packit |
57988d |
# mode: perl
|
|
Packit |
57988d |
# perl-indent-level: 3
|
|
Packit |
57988d |
# indent-tabs-mode: nil
|
|
Packit |
57988d |
# End:
|