Date: Tue, 5 Mar 2002 22:02:15 +0200 From: Giorgos Keramidas <keramida@freebsd.org> To: Tom Beer <mailings@analogon.com> Cc: freebsd-newbies@freebsd.org Subject: Re: Security on Workstations Message-ID: <20020305200215.GA4550@hades.hell.gr> In-Reply-To: <00c401c1c436$47abbd00$0901a8c0@system> References: <20020304185950.C995437B419@hub.freebsd.org> <20020305032308.GA3537@hades.hell.gr> <00c401c1c436$47abbd00$0901a8c0@system>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2002-03-05 12:09, Tom Beer wrote: > > > > Finally, for those services that I have open, I run cronjobs that grep > > through the daily logs, and mail root@localhost at the end of every day, > > with any messages this service has generated. Another log grep wrapper > > filters all the random stuff, and sends only 'unrecognized' messages to > > another post to root@localhost. > > Can you post a/or some sample script/s that you execute with cronjob? Sure, I've uploaded at freefall the set of scripts I have at home. The idea behind them was copied a year ago from /etc/periodic scripts. You can find a sample set of log filters at: http://people.FreeBSD.org/~keramida/today.tgz The tarball contains a today/* hierarchy. The today/run.sh script is suitable for putting in a crontab. The scripts assume that all your messages go into /var/log/messages, and that they will be able to read this file. A bit of editing might be needed to bring today/run.sh into shape. Giorgos Keramidas FreeBSD Documentation Project keramida@{freebsd.org,ceid.upatras.gr} http://www.FreeBSD.org/docproj/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-newbies" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020305200215.GA4550>