ssh\u3067\u306e\u30ed\u30b0\u30a4\u30f3\u3092\u4e00\u5f8b\u76e3\u67fb\u3059\u308b\u3002<\/p>\n
\u8d77\u52d5\u30b9\u30af\u30ea\u30d7\u30c8\u306a\u3069\u306f\u4e0b\u8a18\u3092\u53c2\u8003\u306b\u3055\u305b\u3066\u3082\u3089\u3063\u305f \u5fc5\u8981\u7269\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/p>\n \/etc\/swatch\/secure.conf \u306e\u3000\u4f5c\u6210<\/p>\n \/etc\/rc.d\/init.d\/swatch\u3000\u306e\u4f5c\u6210<\/p>\n \u81ea\u52d5\u8d77\u52d5\u8a2d\u5b9a<\/p>\n ssh\u3067\u306e\u30ed\u30b0\u30a4\u30f3\u3092\u4e00\u5f8b\u76e3\u67fb\u3059\u308b\u3002 \u8d77\u52d5\u30b9\u30af\u30ea\u30d7\u30c8\u306a\u3069\u306f\u4e0b\u8a18\u3092\u53c2\u8003\u306b\u3055\u305b\u3066\u3082\u3089\u3063\u305f link \u5fc5\u8981\u7269\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb sudo yum –enablerepo=epel -y install swatch sudo yu[\u30fb\u30fb\u30fb\u7d9a\u304d\u3092\u8aad\u3080]<\/b><\/a><\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/www.white-box.biz\/index.php?rest_route=\/wp\/v2\/posts\/1276"}],"collection":[{"href":"https:\/\/www.white-box.biz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.white-box.biz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.white-box.biz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.white-box.biz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1276"}],"version-history":[{"count":9,"href":"https:\/\/www.white-box.biz\/index.php?rest_route=\/wp\/v2\/posts\/1276\/revisions"}],"predecessor-version":[{"id":2348,"href":"https:\/\/www.white-box.biz\/index.php?rest_route=\/wp\/v2\/posts\/1276\/revisions\/2348"}],"wp:attachment":[{"href":"https:\/\/www.white-box.biz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1276"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.white-box.biz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1276"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.white-box.biz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1276"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nlink<\/p>\nsudo yum --enablerepo=epel -y install swatch\r\nsudo yum --enablerepo=epel install perl-File-Tail<\/code><\/blockquote><\/pre>\n\r\n# logfile \/var\/log\/secure\r\n# \u30ed\u30b0\u30a4\u30f3\u6210\u529f\r\n# Accepted password for yamagyu from xxx.xxx.xxx.xxx\r\nwatchfor \/Accepted\/\r\nmail=hoge@gmail.com,subject=ssh_accepted\r\n\r\n# \u767b\u9332\u3057\u3066\u3044\u306a\u3044\u30e6\u30fc\u30b6\u30fc\r\n# Invalid user hoge from xxx.xxx.xxx.xxx\r\nwatchfor \/Invalid\/\r\nmail=hoge@gmail.com,subject=ssh_invalid\r\n\r\n# \u30d1\u30b9\u30ef\u30fc\u30c9\u9593\u9055\u3044\r\n# Failed password for yamagyu from xxx.xxx.xxx.xxx\r\nwatchfor \/Failed\/\r\nmail=hoge@gmail.com,subject=ssh_failed<\/code><\/blockquote><\/pre>\n\r\n
\r\n#!\/bin\/bash\r\n#\r\n# swatch\r\n#\r\n# chkconfig: 2345 90 35\r\n# description: swatch start\/stop script\r\n \r\n# Source function library.\r\n. \/etc\/rc.d\/init.d\/functions\r\n \r\nPATH=\/sbin:\/usr\/local\/bin:\/bin:\/usr\/bin\r\n \r\nmkdir -p \/var\/log\/swatch\r\n \r\nstart() {\r\n # Start daemons.\r\n ls \/var\/run\/swatch_*.pid > \/dev\/null 2>&1\r\n if [ $? -ne 0 ]; then\r\n echo -n \"Starting swatch\"\r\n pno=0\r\n for conf in \/etc\/swatch\/*.conf\r\n do\r\n pno=`expr $pno + 1`\r\n WATCHLOG=`grep \"^# logfile\" $conf | awk '{ print $3 }'`\r\n swatch --config-file $conf --tail-file $WATCHLOG \\\r\n --script-dir=\/tmp --awk-field-syntax --use-cpan-file-tail --daemon \\\r\n --pid-file \/var\/run\/swatch_$pno.pid \\\r\n >> \/var\/log\/swatch\/swatch.log 2>&1\r\n RETVAL=$?\r\n [ $RETVAL != 0 ] && return $RETVAL\r\n done\r\n echo\r\n [ $RETVAL = 0 ] && touch \/var\/lock\/subsys\/swatch\r\n return $RETVAL\r\n else\r\n echo \"swatch is already started\"\r\n fi\r\n}\r\n \r\nstop() {\r\n # Stop daemons.\r\n ls \/var\/run\/swatch_*.pid > \/dev\/null 2>&1\r\n if [ $? -eq 0 ]; then\r\n echo -n \"Shutting down swatch\"\r\n for pid in \/var\/run\/swatch_*.pid\r\n do\r\n kill $(cat $pid)\r\n rm -f $pid\r\n done\r\n echo\r\n rm -f \/var\/lock\/subsys\/swatch \/tmp\/.swatch_script.*\r\n else\r\n echo \"swatch is not running\"\r\n fi\r\n}\r\n \r\nstatus() {\r\n ls \/var\/run\/swatch_*.pid > \/dev\/null 2>&1\r\n if [ $? -eq 0 ]; then\r\n echo -n \"swatch (pid\"\r\n for pid in \/var\/run\/swatch_*.pid\r\n do\r\n echo -n \" `cat $pid`\"\r\n done\r\n echo \") is running...\"\r\n else\r\n echo \"swatch is stopped\"\r\n fi\r\n}\r\n \r\ncase \"$1\" in\r\n start)\r\n start\r\n ;;\r\n stop)\r\n stop\r\n ;;\r\n restart)\r\n stop\r\n start\r\n ;;\r\n status)\r\n status\r\n ;;\r\n *)\r\n echo \"Usage: swatch {start|stop|restart|status}\"\r\n exit 1\r\nesac\r\n \r\nexit $RETVAL\r\n<\/code><\/blockquote>\r\n<\/pre>\nchkconfig --add swatch<\/code><\/blockquote><\/pre>\n","protected":false},"excerpt":{"rendered":"