########################################################################## # $Id$ ########################################################################## # $Log: saslauthd,v $ # Revision 1.4 2008/06/30 23:07:51 kirk # fixed copyright holders for files where I know who they should be # # Revision 1.3 2008/03/24 23:31:26 kirk # added copyright/license notice to each script # # Revision 1.2 2005/02/24 17:08:05 kirk # Applying consolidated patches from Mike Tremaine # # Revision 1.2 2005/02/16 00:43:28 mgt # Added #vi tag to everything, updated ignore.conf with comments, added emerge and netopia to the tree from Laurent -mgt # # Revision 1.1 2005/02/13 23:50:42 mgt # Tons of patches from Pawel and PLD Linux folks...Thanks! -mgt # # Revision 1.2 2004/10/02 14:21:47 blues # - fix # # Revision 1.1 2004/10/02 14:16:50 blues # - initial version of saslauthd filter. # ########################################################################## ####################################################### ## Copyright (c) 2008 Paweł Gołaszewski ## Covered under the included MIT/X-Consortium License: ## http://www.opensource.org/licenses/mit-license.php ## All modifications and contributions by other persons to ## this script are assumed to have been donated to the ## Logwatch project and thus assume the above copyright ## and licensing terms. If you want to make contributions ## under your own copyright or a different license this ## must be explicitly stated in the contribution an the ## Logwatch project reserves the right to not accept such ## contributions. If you have made significant ## contributions to this script and want to claim ## copyright please contact logwatch-devel@lists.sourceforge.net. ######################################################### ######################################################## # This was written by: # Paweł Gołaszewski # # Please send all comments, suggestions, bug reports, # logwatch-devel@lists.sourceforge.net # ######################################################## my $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0; my $Debug = $ENV{'LOGWATCH_DEBUG'} || 0; $AuthFailures = 0; $Startups = 0; $Shutdowns = 0; while (defined($ThisLine = )) { if ( ( $ThisLine =~ m/^DEBUG: / ) or ( $ThisLine =~ m/^ipc_init : listening on socket:/ ) or ( $ThisLine =~ m/^pam_sm_authenticate:/ ) or ( $ThisLine =~ m/^pam_\w+\(\w+:auth\): / ) ) { # We don't care about these } elsif ( ($User,$Service,$Realm,$Mechanism,$Reason) = ($ThisLine =~ /^do_auth : auth failure: \[user=(.*)\] \[service=([^ ]*)\] \[realm=([^ ]*)\] \[mech=([^ ]*)\] \[reason=(.*)\]$/) ) { $AuthFailures++; $AuthFailServiceCount{"$Service ($Mechanism)"}++; $AuthFailRealmCount{"$Service ($Mechanism)"}{$Realm}++; $AuthFail{"$Service ($Mechanism)"}{$Realm}{"$User - $Reason"}++; } elsif ( $ThisLine =~ m/^detach_tty : master pid is: \d+$/) { $Startups++; } elsif ( $ThisLine =~ m/^server_exit : master exited: \d+$/) { $Shutdowns++; } else { push @OtherList,$ThisLine; } } ################################################################## if ($Startups > 0) { print "Startups: $Startups\n"; } if ($Shutdowns > 0) { print "Shutdowns: $Shutdowns\n"; } if (keys %AuthFail) { print "\nSASL Authentications failed $AuthFailures Time(s)\n"; foreach $Service (sort {$a cmp $b} keys %AuthFail) { print "Service $Service - $AuthFailServiceCount{$Service} Time(s):\n"; foreach $Realm (sort {$a cmp $b} keys %{$AuthFail{$Service}} ) { print " Realm $Realm - $AuthFailRealmCount{$Service}{$Realm} Time(s):\n"; foreach $User (sort {$a cmp $b} keys %{$AuthFail{$Service}{$Realm}} ) { print " User: $User - $AuthFail{$Service}{$Realm}{$User} Time(s):\n"; } } } } if ($#OtherList >= 0) { print "\n\n**Unmatched Entries**\n\n"; print @OtherList; } exit(0); # vi: shiftwidth=3 tabstop=3 syntax=perl et # Local Variables: # mode: perl # perl-indent-level: 3 # indent-tabs-mode: nil # End: