[Logwatch-Devel] samba filter patch

Anssi Kolehmainen akolehma at aketzu.iki.fi
Tue Jan 4 22:41:51 MST 2005


Hi,

Following patch fixes samba script.
With my Debian/Testing samba outputs

smbd/service.c:make_connection_snum(648)  antti (10.10.0.172) connect to service Yhteiset initially as user antti (uid=545, gid=510) (pid 24072) : 1 Time(s)

Original script doesn't have "initially" and therefore failes. I also 
added "signed" and better output:

Opened Sessions:
   Service EPC as user:
      antti      from host antti (10.10.0.172)       : 1 Time(s)
      aulis      from host aulis (10.10.0.199)       : 1 Time(s)



logwatch/scripts/services/samba
--- samba.org   2005-01-05 07:07:55.000000000 +0200
+++ samba.new   2005-01-05 07:07:47.000000000 +0200
@@ -69,7 +69,7 @@
                ($ThisLine =~ 
/===============================================================/)
    ) {
       #Don't care about these...
-       } elsif ( ($Host, $Service, $User) = ( $ThisLine =~ /([^ ]+ \([^ 
]+\)) connect to service ([^ ]+) as user ([^ ]+)/ ) ) {
+       } elsif ( ($Host, undef, $Service, undef, $User) = ( $ThisLine 
=~ /([^ ]+ \([^ ]+\)) (signed |)connect to service ([^ ]+) (initially 
|)as user ([^ ]+)/) ) {
                $Connect{$Service}{$User}{$Host}++;
        } elsif ( ($NoService) = ( $ThisLine =~ /couldn't find service 
(\S+)/ )) {
                $NoServ{$NoService}++;
@@ -211,9 +211,17 @@
    foreach $Serv (sort {$a cmp $b} keys %Connect) {
       print "   Service $Serv as user:\n";
       foreach $Us (sort {$a cmp $b} keys %{$Connect{$Serv}}) {
-         print "      $Us from host:\n";
-         foreach $Ho (sort {$a cmp $b} keys %{$Connect{$Serv}{$Us}}) {
-            print "         $Ho : $Connect{$Serv}{$Us}{$Ho} Time(s)\n";
+         print "      $Us " . (" " x (10 - length ($Us))) . "from host";
+         $size = keys %{$Connect{$Serv}{$Us}};
+         if ($size >= 2) {
+            print ":\n";
+            foreach $Ho (sort {$a cmp $b} keys %{$Connect{$Serv}{$Us}}) {
+               print "         $Ho : $Connect{$Serv}{$Us}{$Ho} Time(s)\n";
+            }
+         } else {
+            foreach $Ho (sort {$a cmp $b} keys %{$Connect{$Serv}{$Us}}) {
+               print " $Ho " . (" " x (25 - length($Ho))) . ": 
$Connect{$Serv}{$Us}{$Ho} Time(s)\n";
+            }
          }
       }
    }



More information about the Logwatch-Devel mailing list