Python for beginners-a linux User Logon monitoring tool, python-linux

Python for beginners-a linux User Logon monitoring tool, python-linux

 

 

In the past few days, I want to learn Python. After reading some basic information, I felt a little boring, so I wanted to do something. If you think about it, just get a tool to detect Linux User logon ~

First, clarify the functions:

1. Capture login information of linux users. (This is easy and there are many methods)

2. the captured information can be recorded. (What else do you need this information ......)

3. It is best to send an email to the Administrator as soon as someone finds login. (This function is more practical ~)

4. Don't think about it. (Functions can be improved continuously)

 

Well, now we have to solve the technical difficulties (it may be difficult for me. After all, I have read a few days of books ......).

1. Capture linux logon information.

This can be used to query logs. The logs under the/var/log/directory are very detailed. However, I chose to use the linux Command-lastlog.

　　　　　　

The output information of this command is easier to read and better to filter.

Python can use the OS. popen () function to execute Linux commands. Of course there are other methods, but we need to capture echo, so OS. popen () is more appropriate. This function will display the ECHO as a file pointer (I don't know if this is true ......) . As follows:

LastLogList = OS. popen ('lastlog'). readlines (). # In this way, each line of command output can be obtained.

The specific process is: Every time (I think 60 seconds is good ~ After all, there is no need for high timeliness). You can query a logon record and compare it with the logon record backed up by the program. This is the user information you log on to within 60 seconds. Back up the login information again and wait for the next query.

　　　　　　

2. record information.

This is quite casual. You can directly append the captured information to the file. (However, optimize or regularly clean up logon-intensive systems. I just wrote it ). The following code is used to write a file ):

F = open ('test. log', 'A ')

F. write (''. join (lastLogList) # The obtained information is in the list format. Therefore, it is written into a string and written to the file. You're just a lazy guy ~

 

3. After the information is captured, the email is sent to the Administrator.

This is a bit painful (not troublesome, But I encountered some trouble in the process ).

The first thing to acknowledge is that Python has provided a complete email operation library for us. I use smtplib and email. I will not talk about the details. I will refer to the online tutorials (that is, highlight a word: lazy ).

However, I would like to remind you that if you use the starttls () function to encrypt the connection to the server. In earlier versions of Python (possibly before 2.6), you need to call the ehlo () function before starttls () function. Otherwise, the following error occurs: smtp auth extension not supported by server.

All the tough issues have been solved ~.

 

In fact, I have already built the Code. For Beginners, the code is too ugly to be released. Let's take a look ~

This is part of the login information recorded by the Program:

　　　　

　　　　

This is one of the emails sent by the Program:

　　　　

 

　　

If you have any questions, please leave a message to learn from us. If you have any suggestions or comments, please leave a message or send a private message. Your good words are the beacon for guiding my progress. Thank you ~ What is it.