1、账号,最经登录时间和ip
1 2 3 4 |
task "lastlog", group => "all", sub { my $lastlog= run "lastlog|grep -v 'Never logged in'"; say connection->server.": $lastlog"; }; |
2、sshd尝试登陆失败的记录(/var/log/secure)
1 2 3 4 5 6 7 8 9 |
task "sshdfail", group => "all", sub { # say connection->server; # my $time= run "date -d 'yesterday' '+%b %e'"; # 昨天登录情况 my $time= run "date '+%b %e'"; # 今天情况 my $sc=q(grep 'Failed password for' /var/log/secure|grep -v grep|grep ').$time."'"; my $output= run $sc; say connection->server.": $output"; }; |