If you want to monitor who is logged in to the NagiosXI web console then schedule this below script in your crontab it will check for User Activities and it will send you a Mail alert.
#!/bin/bash
# Purpose: To get alerts when user is logged in to Nagiosxi console
# Author: Ankam Ravi Kumar
# Date: 13-Feb-2015
# NagiosXI Console Login check Script START
DT=`date +%Y-%m-%d`
psql -U nagiosxi -d nagiosxi -t -A -F"," -c "select * from xi_auditlog;" > /tmp/auditlog.txt
cat /tmp/auditlog.txt |grep $DT > /tmp/today.txt
EPOCTIME=`cat /tmp/today.txt |awk -F, '{print $2}' |tail -1`
ENDTIME=$(date +%s)
STARTIME=$(date +%s -d"$EPOCTIME")
echo $((ENDTIME-STARTIME)) | awk '{print int($1/60)}' > /tmp/value1
count=`cat /tmp/value1`
if [ $count -lt 8 ]
then
cat /tmp/auditlog.txt |grep $DT |tail -1 > /tmp/mail
mail -s "NagiosXI Login ALERT: User `cat /tmp/mail | awk -F, '{print $4}'` `cat /tmp/mail | awk -F, '{print $6}'` to `hostname`" aravikumar48@gmail.com < /tmp/mail
fi
rm -rf /tmp/auditlog.txt /tmp/today.txt /tmp/value1 /tmp/mail
#END
#!/bin/bash
# Purpose: To get alerts when user is logged in to Nagiosxi console
# Author: Ankam Ravi Kumar
# Date: 13-Feb-2015
# NagiosXI Console Login check Script START
DT=`date +%Y-%m-%d`
psql -U nagiosxi -d nagiosxi -t -A -F"," -c "select * from xi_auditlog;" > /tmp/auditlog.txt
cat /tmp/auditlog.txt |grep $DT > /tmp/today.txt
EPOCTIME=`cat /tmp/today.txt |awk -F, '{print $2}' |tail -1`
ENDTIME=$(date +%s)
STARTIME=$(date +%s -d"$EPOCTIME")
echo $((ENDTIME-STARTIME)) | awk '{print int($1/60)}' > /tmp/value1
count=`cat /tmp/value1`
if [ $count -lt 8 ]
then
cat /tmp/auditlog.txt |grep $DT |tail -1 > /tmp/mail
mail -s "NagiosXI Login ALERT: User `cat /tmp/mail | awk -F, '{print $4}'` `cat /tmp/mail | awk -F, '{print $6}'` to `hostname`" aravikumar48@gmail.com < /tmp/mail
fi
rm -rf /tmp/auditlog.txt /tmp/today.txt /tmp/value1 /tmp/mail
#END
No comments:
Post a Comment