Shell File Audit

Source: Internet
Author: User
Tags inotify

#!/bin/bash

####################

#Data: 2017/7/19

####################

#set-X

#监控文件目录

Init_path= "/home/test/share"

#生成日志目录

File_dir= "/tyk"

File_type= (Reguar directory character block link socket pipe symbolic)

file_magic= (text/plain inode/chardevice inode/symlink application/rtf audio/basic video/mpeg application/x-gzip Application/x-tar inode/x-empty text/x-c Application/x-javascript)

email= ([email protected])

file_suf= (Tar tar.gz)

file_tmpd= "$FILE _dir/file_tmpd"

file_list= "$FILE _dir/file_list"

file_listd= "$FILE _dir/file_listd"

file_log= "$FILE _dir/fileerror_log"

sudo dpkg-l |egrep ' Sendmail|nfs-common ' >/dev/null 2>&1

If [$?-ne 0]

Then

sudo apt-get install sendmail-y

sudo apt-get install mailutils-y

sudo apt-get install nfs-common-y

Fi

filecheck= ' sudo dpkg-l |grep inotify-tools|awk ' {print $} '

If [-Z $filecheck]

Then

sudo apt-get install rsync inotify-tools-y

Fi

File_package () {

mkdir tmp

Case $ in

Application/x-tar)

TAR-XVF "/" $file-C $ "/" tmp

;;

Application/x-gzip)

gunzip-d "/" tmp

;;

Application/zip)

Unzip "/" $file-D $ "/" tmp

;;

Esac


}


Read_dir () {

For file in ' ls $ '

Do

If [-D $ '/' $file]

Then

echo "/" $file >> $FILE _tmpd

Read_dir "/" $file

Else

File-i "/" $file >> $FILE _list

File_t= ' file-i $ '/' $file |awk ' {print $} ' |cut-d '; '-f1 '

File_package $file _t $ $file

Fi

Done

}

Send_email () {

Filename=$1

Send_message= "Nifo: $filename file type is not supported, please check....,thanks!!! -there is and the files have a problem--"

date=$ (date-d "Today" + "%y-%m-%d_%h:%m:%s")

echo "' Date + '%y-%m-%d%h:%m:%s ' $send _message" >> $FILE _log

For EMAIL1 in ${email[@]}

Do

echo "$send _message" |mail-s "Check file" $email 1

Wait


Done

}

File_check () {

File_num=0

File_act=$1

File_typ=$2

echo $file _typ

Number= ' cat $file _act |wc-l '

For i in ' seq $number '

Do

File_reg=0

File_type= ' cat $file _act |sed-n "$i" P|awk ' {print $} ' |cut-d '; '-f1 '

For filetype in ${file_typ[@]}

Do

If ["$file _type" = "$filetype"]

Then

File_reg=1

Break 1

Fi

Done

If ["$file _reg"-eq "0"]

Then

Let File_num+=1

Filename= ' cat $file _act |sed-n "$i" p|cut-d ""-f1 "

Send_email $filename $file _num

Fi

Done


}

Send_info () {

file_dir= $FILE _dir/file_dir

file_doc= $FILE _dir/file_doc

Sort $FILE _listd|uniq > $file _dir

Sort $FILE _list|uniq > $file _doc

For file in $file _dir $file _doc

Do

If ["$file" = "$file _dir"]

Then

File_check $file "${file_type[*]}"

Else

File_check $file "${file_magic[*]}"

Fi

Done

}

File_view () {

M=0

/usr/bin/inotifywait-mrq--timefmt '%d/%m/%y%h:%m '--format '%T%w%f%e '-e create,modify,attrib,move $INIT _path | While read files

Do

Let M+=1

echo "file has been change .... $m ..."

Read_dir $INIT _path

File-f $FILE _tmpd > $FILE _listd

Send_info

#rm-fr $FILE _dir/file_*

Done

}

File_view


Shell File Audit

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.