3

我在 Stackoverflow 上有点新(您可能可以从我的声誉中看到),但我想知道如何对 RDP 失败登录尝试的自动轮询日志文件(特别是 XRDP)发出声音警报或其他类型的修改) 在 Rasbperry Pi 上的会话。

由于它是一个 Raspberry Pi,我相信你明白我为什么要无头运行它。

我做了很多搜索,似乎只找到了直接连接到 Pi 时发出声音警报的参考资料或方法。我希望在一个几乎无声的终端窗口中运行时发出此警报。我希望新日志活动发出哔声(如果日志文件大小已更改,哔声),然后以特定间隔(即每 30 秒或 1 分钟等)检查日志。

我的日志位置在这里,如果它有助于让我了解如何开始制作这个 Bash 脚本 /var/log/xrdp.log

4

1 回答 1

2

这是一个 bash 脚本的要点,它将通过 SSH 在 Raspberry Pi(或任何 Linux,实际上)上完全执行您想要的操作:

https://gist.github.com/free5ty1e/300adb0800ba45f3fe4e

#!/bin/bash

# xrdpLogMonitor.sh <optional timeout in seconds>
# This script will check and spit out your xrdp log file every X seconds
# (default 30 if not specified)
# If the file size has changed since your last check, your terminal will beep (system alert)

logFileName="/var/log/xrdp.log"

if [ $# -eq 0 ];
then
    echo "No arguments supplied, will use default time between log polls (30 seconds)"
    secondsBetweenLogPolls=30
else
    echo "Using supplied timeout of $1 seconds between log polls"
    secondsBetweenLogPolls=$1
fi


function updateLogModifiedTimeAndBeepIfChanged()
{
    lastLogModifiedTime=$LogModifiedTime
    LogModifiedTime="$(stat --printf="%Z" $logFileName)"
    if [ "$LogModifiedTime" != "$lastLogModifiedTime" ];
    then
        echo NEW LOG ACTIVITY CAPTURED!!!!

        #Below line creates the terminal beep
        echo -ne '\a'
    fi
}

while [  1 -lt 2 ]; do
    updateLogModifiedTimeAndBeepIfChanged
    echo "$(ls -l $logFileName)"
    echo "Polling  logfile $logFileName which was last modified at $LogModifiedTime..."

    #You will need sudo on the pi to cat this xrdp log
    sudo cat $logFileName

    #Uncomment the following line to search, for example, for "USER:" and display only those lines that contain it:
    #sudo cat $logFileName | grep USER:

    echo "$(date) <--- this is now"
    sleep $secondsBetweenLogPolls
done

创建 xrdpLogMonitor.sh 文件后,不要忘记通过键入以下命令将其设置为可执行文件:

chmod +x ./xrdpLogMonitor.sh

然后通过键入执行它:

./xrdpLogMonitor.sh
于 2014-12-13T06:36:44.060 回答