Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

shell script to alert if a file has been modified

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting shell script to alert if a file has been modified
# 1  
Old 07-18-2012
shell script to alert if a file has been modified
Hi ,

I want a script who will send alert the moment someone edit any file in a directory in LINUX. Can some one throw some light on this please.!!
# 2  
Old 07-18-2012
OSes often bring auditing or intrusion detection systems along to handle this. Maybe set up something like tripwire or whatever is commonly used on the OS you are using.
# 3  
Old 07-18-2012
Thanks zaxxon...i am using centos [LINUX]...And i don't want to use tripwire or such for this. Is there any wayout in shell script to trigger alert at the moment config files is modified...?
# 4  
Old 07-18-2012
One approach could be a script, that runs as a demon in the background and compares a list of files with their unmodified status (cksum?) and checks if anything changes. Has to run as root and makes no sense if the other users are also using the root account of course.
The list also needs to be updated in case there is any legal change to the files in a way, that daemon running in the background knows it is a legal change.
This would also only work when the file is already written.
To notice when any of the files in that directory are opened for a write might be more tricky and not be to handle by a shell script.

In your case I would use one of the already existing softwares or auditing.
# 5  
Old 07-18-2012
Quote:
Originally Posted by d8011
And i don't want to use tripwire or such for this.
There is also Samhain/Beltane which is a host-based intrusion detection system too. IMHO it doesn't make much sense to try to program somthing in shell code what someone has already written in a higher programming language as a complete and mature package.

Shell code has its limitations, it was never intended as an application programming device and it is only fit for this purpose up to a point.

There is a way to do what you want on a rather low level: intercept the respective system calls (fopen(), etc.) and build these interceptions into a library, then use this library as PRELOAD. You might want to compare with "Snoopylogger" which uses this same method to intercept execve() calls. As feasible as such a method would be it will not be possible to do it in shell at all, though.

I hope this helps.

bakunin
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Shell script for alert

Hi Experts, Im new in shell script , please help to achieve the below requirement, We have some replication setup in unix server, in that if there is any exception or error occurs immediately the rep_exception.log will have the exception detail, this log will be updated if any error occurs no... (8 Replies)
Discussion started by: pandiyan
8 Replies

2. Shell Programming and Scripting

Script to FTP a modified file

Hello, I am fairly new to shell scripting. I see a lot of examples out there of how to find if a file has been modified within a certain period of time. What I'm looking for help with is a script that will run and I'm thinking check for the last 24 hours but if not just check at runtime to see... (6 Replies)
Discussion started by: PyroPlasm
6 Replies

3. Shell Programming and Scripting

Script to check for the file existence, if file exists it should echo the no of modified days

Hi, I am looking for a shell script with the following. 1. It should check whether a particular file exists in a location #!/bin/sh if ; then echo "xxx.txt File Exists" else echo "File Not Found" fi 2. If file exists, it should check for the modified date and run a command... (2 Replies)
Discussion started by: karthikeyan_mac
2 Replies

4. Shell Programming and Scripting

Shell script to use the last modified filename in a variable

Forgive me if this is a trivial question, but I haven't been able to find the answer to this. Basically I've got a list of files in a particular directory that have the general form t_*.dat. (I have other files in the same directory as well). Essentially what I want to do is obtain the name... (1 Reply)
Discussion started by: lost.identity
1 Replies

5. UNIX for Advanced & Expert Users

Send a mail when a shell script is modified

I would like to know, whether is there any command/tool in Linux (something like Oracle Trigger function) to send a mail if a particular shell script has been modified with details like, modification time, modified by, etc. Thanking in advance, (1 Reply)
Discussion started by: apsprabhu
1 Replies

6. Shell Programming and Scripting

how to write a shell script that print the last modified file ?

Hi guys, -could any one help me with this (I'm new to UNIX) how to write a shell script that tell me the last modified file in the current directory? so if I run the script in a diferent directory,will work. and can I write the script by C++ language and run it in the shell ? I tried... (5 Replies)
Discussion started by: FunnyWolF
5 Replies

7. UNIX for Dummies Questions & Answers

File Modified : Alert me

I would like to alert myself when a file has been modified using a script but im not sure where to begin the only command i can think to use is the touch command (6 Replies)
Discussion started by: StrengthThaDon
6 Replies

8. Shell Programming and Scripting

Shell script to find out 2 last modified files in a folder..PLZ HELP!!!!!!!!!

hi all, I need to find out the last 2 modified files in a folder.There is some way by which,we can check the timestamp and find out..??please help this is urgent. Thanks in Advance Anju (3 Replies)
Discussion started by: anju
3 Replies

9. Shell Programming and Scripting

Finding modified File List after the chosen date in Korne Shell...

I am trying to write a Korne Shell asking the user for a date and a directory and then search recursively in this directory the list of files modified after the date chosen. But I am not getting good results when I Test it... #!/usr/bin/ksh echo "Enter a date (YYYYMMDD) " read date touch -t... (2 Replies)
Discussion started by: marconi
2 Replies

10. UNIX for Dummies Questions & Answers

how to retrieve original contents of a modified file (modified using vi)

Made changes to a file using vi editor and saved those changes now realised that the changes are not required How can I get the previous version of the file.i.e the one which was there on which I had made changes (3 Replies)
Discussion started by: novice100
3 Replies
Login or Register to Ask a Question