https://github.com/dharmit/secure
Python program that keeps an eye on /var/log/secure and reports "Failed password" attempts.
https://github.com/dharmit/secure
Last synced: 12 months ago
JSON representation
Python program that keeps an eye on /var/log/secure and reports "Failed password" attempts.
- Host: GitHub
- URL: https://github.com/dharmit/secure
- Owner: dharmit
- License: mit
- Created: 2014-03-21T15:45:21.000Z (about 12 years ago)
- Default Branch: master
- Last Pushed: 2014-04-18T06:41:58.000Z (about 12 years ago)
- Last Synced: 2025-04-04T21:14:09.535Z (about 1 year ago)
- Language: Python
- Homepage:
- Size: 289 KB
- Stars: 3
- Watchers: 2
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
secure
======
Python program that keeps an eye on `/var/log/secure` and reports "Failed password" attempts.
Features:
--------
* Checks the file `/var/log/secure` every minute for new occurrence of **Failed password** message(s).
* If new attempt is found, it stores details in the SQLite database.
* After adding details to the database, it raises a desktop notification informing the user about the break-in attempt.
Requirements:
------------
To obtain expected results using `secure`, you need to configure `rsyslog` to log dates compatible with RFC 3146. This is because by default `rsyslog` doesn't log year in the messages. To enable RFC 3146 compatibility, comment out below line from `/etc/rsyslog.conf`:
~~~
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
~~~
and add below two lines:
~~~
$template RFC3164fmt,"<%PRI%>%TIMESTAMP% %HOSTNAME% %syslogtag%%msg%"
*.* /var/log/all-messages.log;ExampleFormat"
~~~
Usage:
------
~~~
$python secure.py
~~~