Add warning message for logins

2023-12-21 13:46:58 +09:00
parent 8452a1b8c0
commit 68b450baaf
1 changed files with 11 additions and 4 deletions
--- a/bin/check_last_login.sh
+++ b/bin/check_last_login.sh
@@ -12,6 +12,7 @@ ssh_reject_group='sshreject';
 now=$(date +"%s");
 # max age for last login or account create without login
 max_age_login=90;
+warn_age_login=80;
 max_age_create=30;
 # one day in seconds
 day=86400;
@@ -59,12 +60,14 @@ if [ "${OUTPUT_TARGET}" == "text" ]; then
 	echo "Hostname           : "$(hostname);
 	echo "Run date           : "$(date +"%F %T");
 	echo "Max age last login : ${max_age_login} days";
+	echo "Warn age last login: ${warn_age_login} days";
 	echo "Max age no login   : ${max_age_create} days";
 elif [ "${OUTPUT_TARGET}" == "json" ]; then
 	echo '"Info": {'
 	echo '"Hostname": "'$(hostname)'",';
 	echo '"Date": "'$(date +"%F %T")'",';
 	echo '"MaxAgeLogin": '${max_age_login}',';
+	echo '"WarnAgeLogin": '${warn_age_login}',';
 	echo '"MaxAgeCreate": '${max_age_create}'';
 	echo '},'
 	echo '"Users": ['
@@ -170,6 +173,8 @@ for ssh_group in ${ssh_groups[@]}; do
 			if [ ${last_login} -gt ${max_age_login} ]; then
 				out_string="[!] last ssh log in ${last_login} days ago";
 				lock_user=1;
+			elif [ ${last_login} -gt ${warn_age_login} ]; then
+				out_string="OK [last ssh login ${last_login} days ago";
 			else
 				out_string="OK [ssh]";
 			fi;
@@ -186,6 +191,8 @@ for ssh_group in ${ssh_groups[@]}; do
 			if [ ${last_login} -gt ${max_age_login} ]; then
 				out_string="[!] last terminal log in ${last_login} days ago";
 				lock_user=1;
+			elif [ ${last_login} -gt ${warn_age_login} ]; then
+				out_string="OK [last terminal login ${last_login} days ago";
 			else
 				out_string="OK [lastlog]";
 			fi;