From 44a321cb8a42d6c0ea2d96a1086a17f2134c89cc Mon Sep 17 00:00:00 2001
From: Ethan Galstad <egalstad@users.sourceforge.net>
Date: Thu, 28 Feb 2002 06:42:51 +0000
Subject: Initial revision

git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@2 f882894a-f735-0410-b71e-b25c423dba1c
---
 contrib/aix/check_failed | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)
 create mode 100644 contrib/aix/check_failed

(limited to 'contrib/aix/check_failed')

diff --git a/contrib/aix/check_failed b/contrib/aix/check_failed
new file mode 100644
index 00000000..50cdf7e1
--- /dev/null
+++ b/contrib/aix/check_failed
@@ -0,0 +1,48 @@
+#!/usr/bin/perl
+#======================
+# Created May 25, 2000
+#======================
+
+# This scripts is for checking for failed root login attempts on
+# any machine running AIX which has a failedlogin file in /etc/security
+# The purpose is to thwart (good word) any unauthorised people from
+# even trying to log in as root. This plugin has been developed for Nagios
+# running on AIX.  
+# Lonny Selinger SpEnTBoY lonny@abyss.za.org
+# May
+
+
+my $server = $ARGV[0];
+
+if (!$ARGV[0]) {
+	print "You must specify a server to check\n";
+	print "usage: ./check_failed <Server Name>\n";
+	exit (-1);
+	} else {
+		open (DATE, "/bin/date '+%b %d' |");
+ 		while (<DATE>) {
+			$dline = $_;
+			@dresults = $dline;
+			chop $dresults[0];
+		}	
+		open (SULOG, "rsh $server -l root who /etc/security/failedlogin | grep root |");
+ 		while (<SULOG>) {
+			$line = $_;
+			@results = split (/\s+/,$line);
+			if ($line =~ /^root/) {
+			if (join(' ', @results[2,3]) eq $dresults[0]) {	
+				print "FAILED root login on $dresults[0], node: $ARGV[0] from $results[5]\n";
+				exit(2);
+			}
+		}
+	}
+}	
+if (join(' ', @results[2,3]) ne $dresults[0]) {
+	print "No Failed Root Logins on This Node\n";
+	exit(0);
+}
+exit(0);
+close(SULOG);
+close(DATE);
+
+
-- 
cgit v1.2.3-74-g34f1