Create collectroothistory.sh

2025-07-25 01:28:51 +00:00 · 2019-02-18 17:27:25 +05:30
parent a4c06e5e90
commit 9df7b4c92a
1 changed files with 26 additions and 0 deletions
--- a/collectroothistory.sh
+++ b/collectroothistory.sh
@ -0,0 +1,26 @@
+#!/bin/bash
+## Collect Root Commands History
+
+# Mailing List
+MAILLIST="YOUREMAIL@DOMAIN"
+
+# Log path
+AUDLOG="/rootcommands"
+
+cp /root/.bash_history /tmp/history
+sed -i 's/#//g' /tmp/history
+for i in `cat /tmp/history |grep ^[0-9]`
+do
+CONVT=`date -d @$i`
+sed -i "s/$i/$CONVT/g" /tmp/history
+done
+
+sed -i 'N;s/\n/ /' /tmp/history
+sleep 10
+
+/bin/touch ${AUDLOG}$HOSTNAME-root-hist.log.`date +%h%d%y`
+/bin/grep "$DATE" /tmp/history > ${AUDLOG}$HOSTNAME-root-hist.log.`date +%h%d%y`
+/bin/chmod 0440 ${AUDLOG}$HOSTNAME-root-hist.log.`date +%h%d%y`
+
+# Mail notification
+/bin/cat ${AUDLOG}$HOSTNAME-root-hist.log.`date +%h%d%y` |mail -s "HOST: $HOSTNAME - `whoami` Daily root Commands Log" ${MAILLIST}