Monitor whether a directory has been changed under Linux

Last Update:2018-01-10 Source: Internet

Author: User

Tags diff mail account

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Requirements: A directory (such as/data/test) to monitor, when the file or sub-directory in this directory changes (such as modification, creation, deletion, renaming, etc.), send mail!
For the above requirements, write the shell script as follows:

[[email protected] opt]# vim file_monit.sh#!/bin/bash# This script is used to detect whether important files of the Linux system have been changed, if the change is to use the mail alarm # recommended to execute this script with a timed task, If executed every 5 minutes, you can also modify this script for Dead loop detection #ver:1.0#http://www.cnblogs.com/kevingrace# define the directory where the validation files filedir= '/var/checkfile ' # Get the hostname or your own definition hostname=$ (hostname) #定义邮件参数: XMTP address, send mail account, send email password, receive email address, message subject, message content mail_smtp= "smtp.wangshibo.com" Mail_ User= "[email protected]" mail_pass= "[email protected]" mail_from= "[email protected]" Mail_To= "[ Email protected] "mail_subject=" ${hostname}:there is changes to system files "mail_conntent=" ${hostname}:there is changes to system files "#定义需要验证的文件目录. What I'm monitoring here is the/data/test directory checkdir= (/data/test) #生成所定义需验证的文件样本日志函数OldFile () {For i in ${checkdir[@]}do/bin/find ${i}-type F | Xargs md5sum >> ${filedir}/old.logdone}newfile () {For i in ${checkdir[@]}do/bin/find ${i}-type F |xargs md5sum ;> ${filedir}/new.logdone} #生成所定义文件新日志函数SendEMail () {/usr/local/bin/sendemail-f $Mail _from-t $Mail _to-s $Mail _ Smtp-u $Mail _subject-xu $Mail _user-xp $Mail _pass-m $Mail _conntent}if [!-D ${filedir}]thenmkdir ${filedir}fi# If the Verify file directory does not exist then create if [!-F ${filedir}/old.log]thenoldfilefi# If no sen is installed Demail installs if [!-f/usr/local/bin/sendemail]thencd/usr/local/src/wget Http://caspian.dotconf.net/menu/Software/ SENDEMAIL/SENDEMAIL-V1.56.TAR.GZTAR-XF SENDEMAIL-V1.56.TAR.GZCD SENDEMAIL-V1.56CP Sendemail/usr/local/binchmod 0755/usr/local/bin/sendemailfi# generate a new validation log newfile# a new validation log compared to the sample log/usr/bin/diff ${filedir}/new.log ${filedir}/old.log >${filedir}/diff.logstatus=$? #假如比较结果有变化, send mail alarm if [${status}-ne 0]thenmail_conntent= "$ (grep ' < ' ${filedir}/ Diff.log |awk ' {print $} ') "sendemailfi# clears old and new logs, backs up the comparison results/bin/mv-f ${filedir}/diff.log ${filedir}/diff$ (date +%f__%t) . logcat/dev/null > ${filedir}/old.logcat/dev/null > ${filedir}/new.log# Regenerate sample log oldfile# Delete the comparison results from the directory 30 days ago backup File/ Bin/find ${filedir}-type f-mtime +30 |xargs rm-f

Ensure that this function connects the 25 good ports of the SMTP server specified in the shell script

[[Email protected] opt]# telnet smtp.wangshibo.com 25Trying 223.252.214.65...Connected to Smtp.wangshibo.com.Escape Character is ' ^] '. Icoremail.net anti-spam GT for Coremail System (icoremail-gateway-smtp[20170531])

Start testing below

[[email protected] test]# cd/opt/[[email protected] opt]# cd/data/test/[[email protected] test]# Lltotal 0[[email protected] test]# mkdir haha[[email protected] test]# echo "123456" > haha/heihei[[email& Nbsp;protected] test]# lltotal 4drwxr-xr-x.  2 root root 4096 Jan 01:42 haha[[email protected] test]# echo "abcdef" > test.txt[[email protected] test]# Lltotal 8drwxr-xr-x. 2 root root 4096 Jan 01:42 haha-rw-r--r--. 1 root root 7 Jan 01:42 test.txt Execute Monitoring script [[email protected] test]# sh-x/opt/file_monit.sh Note: When the script is first executed, due to the monitored directory The file does not change, so no mail is sent! View the post-comparison log [[email protected] test]# ll-d/var/checkfile/drwxr-xr-x. 2 root root 4096 Jan 01:44/var/checkfile/[[email protected] test]# ll/var/checkfile/total 4-rw-r--r--. 1 root root 0 Jan 01:44 diff2018-01-10__01:44:30.log-rw-r--r--. 1 root root 0 Jan 01:44 new.log-rw-r--r--. 1 root root 166 Jan 01:44 old.log[[email protected] test]# cat/var/checkfile/diff2018-01-10__01\:44\:30.log [[email protected] test]# cat/var/checkfile/new.log [[Email pro Tected] test]# cat/var/checkfile/old.log 237267ea7fefa88360c22ab6fd582d7e/data/test/. hhhh.swp5ab557c937e38f15291c04b7e99544ad/data/test/test.txtf447b20a7fcbf53a5d5be013ea0b15af/data/test/haha/ heihei========================================================================================================= ===================== now begins to make changes to the files under the/data/test directory [[email protected] test]# echo "aaaaaa" >> test.txt [email  protected] test]# Touch haha/bobo[[email protected] test]# mkdir heihei[[email protected] test]# Lltotal 12drwxr-xr-x. 2 root root 4096 Jan 01:47 hahadrwxr-xr-x. 2 root root 4096 Jan 01:47 heihei-rw-r--r--. 1 root root 01:47 test.txt execute monitoring script [[[email protected] test]# sh-x/opt/file_monit.sh View the log after comparison [[Email p] Rotected] test]# ll/var/checkfile/total 8-rw-r--r--. 1 root root 0 Jan 01:44 diff2018-01-10__01: 44:30.log-rw-r--r--. 1 root root 179 Jan 01:47 diff2018-01-10__01:47:41.log-rw-r--r--. 1 root root 0 Jan 01:47 new.log-rw-r--r--. 1 root root 221 Jan 01:47 old.log[[email protected] test]# cat/var/checkfile/diff2018-01-10__01\:47\:41.log 2,3c 2< 4533551682ca49b2f9b1f2829bf3b29d/data/test/test.txt< d41d8cd98f00b204e9800998ecf8427e/data/test/haha/ Bobo---> 5ab557c937e38f15291c04b7e99544ad/data/test/test.txt[[email protected] test]# cat/var/checkfile/ Old.log 237267ea7fefa88360c22ab6fd582d7e/data/test/.hhhh.swp4533551682ca49b2f9b1f2829bf3b29d/data/test/ test.txtd41d8cd98f00b204e9800998ecf8427e/data/test/haha/bobof447b20a7fcbf53a5d5be013ea0b15af/data/test/haha/ Heihei through the diff log above, you can see that the newly changed files or subdirectories have been recorded in the log.

To view the message, you can see the changed file or subdirectory information in the/data/test directory.

Perform a check every 5 minutes with crontab Scheduled tasks:

[[email protected] test]# CRONTAB-E*/5 * * * *  /bin/bash-x/opt/file_monit.sh >/dev/null 2>&1

The above script can also be used to detect whether important files of Linux system have been changed, simply change the directory from the script/data/test to/etc!

Monitor whether a directory has been changed under Linux

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More