I am interested in having someone build a script that would use AstroGrep to run via a .bat file (or whatever makes sense.)
The script would grep server logs for a specified string. This script would need to be able to be run via a command line so that I can configure it as a scheduled task. Upon locating such a string, two actions would be required.
1 - send an e-mail to me indicating that such a discovery was made.
2 - block the IP via the Windows Firewall.
There would need to be support for a whitelist. I know from personal experience that there is at least one instance where the specified string will be found in the logs, but it is NOT indicative of the problem I am attempting to stop. So if the IP that appears on a log entry is in the whitelist, no action must be taken.
I am interested in having someone build a script that would use AstroGrep to run via a .bat file (or whatever makes sense.)
The script would grep server logs for a specified string. This script would need to be able to be run via a command line so that I can configure it as a scheduled task. Upon locating such a string, two actions would be required.
1 - send an e-mail to me indicating that such a discovery was made.
2 - block the IP via the Windows Firewall.
There would need to be support for a whitelist. I know from personal experience that there is at least one instance where the specified string will be found in the logs, but it is NOT indicative of the problem I am attempting to stop. So if the IP that appears on a log entry is in the whitelist, no action must be taken.
Is anyone interested in such a task?
The above screen capture shows what is presented when one runs "astrogrep.exe /?" via the CMD screen.
You may use Swiss File Knife (sfk) to analyze the logs.
https://sourceforge.net/projects/swissfileknife/
And then something from this list, for example:
https://www.raymond.cc/blog/sending-email-using-command-line-useful-for-downtime-alert-notification/
Last edit: DV 2022-02-10