Quote:
Originally Posted by ilikejam
Hi.
Remove the /dev/null redirection and add -n, so you can see where and in which file the grep is picking up false positives:
Code:
if grep -n "Login: $user " /var/log/dovecot.*.info.log.*; then
Dave
|
Thanks for the advice; unfortunately, this doesn't seem to help. There is no output from the grep statement for the false positives, but the script still says the user has logged on. It's as if for some reason the exit status of the grep command is positive -- at some point, somehow, when going through the various log files -- even though it doesn't actually find a match. For example:
$ sudo ./activeacct
root has logged on
daemon has logged on
adm has logged on
sync has logged on
shutdown has logged on
/var/log/dovecot.imap.info.log.21.gz:3897:imap-login: Nov 23 10:57:58 Info: Login: jjames [130.X.X.X]
jjames has logged on
skane1 has logged on
As you can see, grep does find something for jjames and correctly reports that he has logged on, but it doesn't find anything for daemon, adm, sync, etc, yet still reports that they have logged on. (By the way, I'm using zgrep instead of grep, since most of the logs are zipped).