Issue
write a script that take going on date(like Mar 1) as argument and find invalid hits coming to the server and for the next day it will automatically update the date
i have tried this not working
d=date "+%h %d"
sudo cat /var/log/secure | grep d | grep Invalid | awk {print $1,$2,$8,$10} | sort | uniq -c
it is showing me(./currentlog.sh: line 32: +%h %e: command not found) but it is printing Feb 28 invalid as well as Mar 1 invalid user
Solution
You have multiple syntax errors here.
d=dateassigns the stringdateto the variabledand then attempts to run the token"+%h %d"as a command while this assignment is in place. You seem to be looking ford=$(date "+%h %d")which runsdate "+%h %d"and assigns the output to the variabled.- You then use
grep dbut this will of course grep for the literal stringd, not the variable. - Without quoting, the Awk script will have
$1replaced with the first argument to the current shell script,$2with the second, etc. You are likely to receive a syntax error from Awk unless all these variables happen to contain valid Awk code. - You'll also want to avoid those useless
greps
You probably were trying to write something like
sudo cat /var/log/secure |
awk -v d="$(date "+%h %d")" '
/Invalid/ && ($0 ~ d) { print $1,$2,$8,$10}' |
sort | uniq -c
In some more detail, we assign the output of date to the Awk variable d and use the Awk pattern-matching language to only print lines which match this variable and the static pattern Invalid.
Answered By - tripleee