Home Directory Plugins Security Failed logins last hour

Search Exchange

Search All Sites

Nagios Live Webinars

Let our experts show you how Nagios can help your organization.

Contact Us

Phone: 1-888-NAGIOS-1
Email: sales@nagios.com

Login

Remember Me

Failed logins last hour

Rating
0 votes
Favoured:
0
Current Version
1.0
Last Release Date
2019-01-25
Compatible With
  • Nagios 4.x
  • Nagios XI
Owner
License
GPL
Hits
1171
Files:
FileDescription
check_failed_logins_rh.shcheck_failed_logins_rh.sh
Network Monitoring Software - Download Nagios XI
Log Management Software - Nagios Log Server - Download
Netflow Analysis Software - Nagios Network Analyzer - Download
This is a plugin to monitor failed login attempts in RedHat/CentOS servers.
This plugin is ment to run in the monitoring target host, so you will need another plugin, like NRPE, installed and configured in your environment.

Example usage:
check_failed_logins.sh -w 5 -c 10
This will check for failed login attempts and return a warning when 5 to 9 attempts fail and a critical when 10 or more attempts fail.

SETUP (with NRPE, with other plugin should be a similar process):
1.- Copy the plugin to the RedHat server you want to monitor.
/usr/lib64/nagios/plugins/check_failed_logins_rh.sh
2.- Define an entry in nrpe.cfg:
command[check_failed_logins]=/usr/lib64/nagios/plugins/check_failed_logins_rh.sh -w 5 -c 10 2>&1
3.- Restart NRPE service.
4.- Create a command in nagios:
define command {
command_name check_failed_logins_rh
command_line $USER1$/check_failed_logins_rh.sh -w $ARG1$ -c $ARG2$
}

Any suggestions will be appreciated.