briantissue · August 29, 2015 14:14
diff --git a/gistfile1.txt b/gistfile1.txt
 #!/bin/bash
 # Daily report of IP addresses that have hit the server
 # This script will filter out the private IP addresses
 # You could use this script to generate a report for white-lists; or auditing purposes

 # Check if root
 if [ "$(whoami)" != "root" ]; then
 echo "Not running as root. Exiting..."
 exit 0
 else
 echo "Running as root. Good"
 fi

 if [ -f "current-audit-log-sorted.txt" ]
 then
    > current-audit-log-sorted.txt
 else
    touch current-audit-log-sorted.txt
 fi

 cat /var/log/audit/audit* | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | sort -u | grep -v "^192."|grep -v "^10."|grep -v "^172.*"| sort -n >> current-audit-log-sorted.txt
 cat current-audit-log-sorted.txt
	#!/bin/bash
	# Daily report of IP addresses that have hit the server
	# This script will filter out the private IP addresses
	# You could use this script to generate a report for white-lists; or auditing purposes

	# Check if root
	if [ "$(whoami)" != "root" ]; then
	echo "Not running as root. Exiting..."
	exit 0
	else
	echo "Running as root. Good"
	fi

	if [ -f "current-audit-log-sorted.txt" ]
	then
	> current-audit-log-sorted.txt
	else
	touch current-audit-log-sorted.txt
	fi

	cat /var/log/audit/audit* \| grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' \| sort -u \| grep -v "^192."\|grep -v "^10."\|grep -v "^172.*"\| sort -n >> current-audit-log-sorted.txt
	cat current-audit-log-sorted.txt