cai/CAI-Watchdog
1
1
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

README updated

Browse Source 
README updated
This commit is contained in:
Alexander I. Chebykin 2022-06-28 22:32:49 +03:00
parent ff8c7bae7b
commit 719562239a
3 changed files with 45 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@ -8,4 +8,5 @@
*.sw? *.sw?
# Build files # Build files
target target
Cargo.lock

4
Cargo.lock generated
View File

@ -402,9 +402,9 @@ checksum = "a3e378b66a060d48947b590737b30a1be76706c8dd7b8ba0f2fe3989c68a853f"
[[package]] [[package]]
name = "memchr" name = "memchr"
version = "2.3.4" version = "2.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0ee1c47aaa256ecabcaea351eae4a9b01ef39ed810004e298d2511ed284b1525" checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d"
[[package]] [[package]]
name = "mime" name = "mime"

46
README.md
View File

@ -26,13 +26,13 @@ You can specify config file as parameter: ```cai-watchdog /path/to/config/config
``` ```
[main] [main]
check_interval - Interval between checks in seconds check_interval = Interval between checks in seconds
rules_count - Rules count to be loaded from config. Rules sections must be enumerated continuously [rule1], [rule2] ... etc rules_count = Rules count to be loaded from config. Rules sections must be enumerated continuously [rule1], [rule2] ... etc
[notifications] [notifications]
email - E-mail address for system notifications. Can be empty email = E-mail address for system notifications. Can be empty
command - Command to send notification command = Command to send notification
service_start - Send program start notification [true | false] service_start = Send program start notification [true | false]
[rule1] [rule1]
service = Service name service = Service name
@ -102,3 +102,39 @@ Next you need to find your Telegram Chat ID.
1. From the Telegram home screen, search for ```chatid_echo_bot```. Click Chat ID Echo to open a chat 1. From the Telegram home screen, search for ```chatid_echo_bot```. Click Chat ID Echo to open a chat
1. Enter ```/start``` to get the bot to send you your Telegram Chat ID 1. Enter ```/start``` to get the bot to send you your Telegram Chat ID
1. Take note of the Telegram Chat ID returned 1. Take note of the Telegram Chat ID returned
## User logins monitoring (*nix)
Watchdog can send notifications on user login. Just add to ```/etc/profile.d/sshinfo.sh``` next lines:
- For Telegram:
1. ```User=$(whoami)```
1. ```send-telegram "SSH: User ${Users} is logged in"```
- For e-mail:
1. ```User=$(whoami)```
1. ```send-mail your@mail.addr 'SSH: User ${Users} is logged in' 'SSH: User ${Users} is logged in'```
## User logouts monitoring (*nix)
1. Create file ```/etc/pam.d/pam_session.sh``` with next content:
For Telegram:
```
#!/bin/sh
if [ "$PAM_TYPE" = "close_session" ]; then
send-telegram "SSH: User is logged out"
fi
```
For e-mail:
```
#!/bin/sh
if [ "$PAM_TYPE" = "close_session" ]; then
send-mail your@mail.addr 'SSH: User is logged out' 'SSH: User is logged out'
fi
```
and set executable flag on it
1. Modify ```/etc/pam.d/sshd```, add line ```session optional pam_exec.so quiet /etc/pam.d/pam_session.sh```