Install SEC on Debian

 $ apt-get install sec

Create a config file: nano /root/root.conf

add this content to the file:

type=Single
ptype=RegExp
pattern=(^.+\d+ \d+:\d+:\d+)(.+)sshd\[\d+\]: Accepted password for root from (.+)
desc=direct ssh root login on $2 from $3 @ $1
action=pipe 'direct ssh root login on $2 from $3 @ $1' /usr/bin/mail -s "Direct root login on $2 from $3" name@email.com

   sec -detach -conf=/root/root.conf -input=/var/log/auth.log

sec, secu, debian, mail, root, ssh

Page	Date	Linkbacks	Étiquettes
Debian tips	2017/04/15 11:48	linkbacks Linkbacks	debian
Windows Plugin	2020/04/07 15:23	linkbacks Linkbacks	windows
Tag Page	2020/04/07 16:10	linkbacks Linkbacks	all-tag, tag
info	2017/04/15 11:49	linkbacks Linkbacks	secu, debian

Install SEC on Debian

On Debian :

To start the monitoring:

Echo Wiki