Update 'README.md'

README.md

@@ -28,6 +28,17 @@ Example crontab entry to check for updates every 4 hours:
 00 */4  * * *   root    bash /root/scripts/nextcloud-telegram-notify/checkupdates.sh
 ````
 
+## failedlogins.sh
+
+![screenshot](images/failedlogins.png)
+
+Run this as a cronjob. It will send you a Telegram whenever a failed login occurs.
+
+Example crontab entry to check for new failed logins every 5 minutes:
+````
+*/5 *  * * *   root    bash /root/scripts/nextcloud-telegram-notify/failedlogins.sh
+````
+
 ## logwatch.sh
 
 ![screenshot](images/logwatch.png)

failedlogins.sh

@@ -0,0 +1,72 @@
+#!/bin/bash
+
+tgapi=""
+tgch=""
+
+nextcloudpath="/var/www/html"
+wwwuser="www-data"
+logmax="250"
+logprefix="failedlogins"
+
+function sendtelegram {
+  echo "Nextcloud $c failed logins..." > /tmp/ncfailedloginsentryheader.txt
+  echo "Server: $(hostname)" >> /tmp/ncfailedloginsentryheader.txt
+  echo "Path: $nextcloudpath" >> /tmp/ncfailedloginsentryheader.txt
+  echo "Date: $(date)" >> /tmp/ncfailedloginsentryheader.txt
+  echo "" >> /tmp/ncfailedloginsentryheader.txt
+  string=$(cat /tmp/ncfailedloginsentryheader.txt /tmp/ncfailedloginsentry.txt)
+  wget -qO- "https://api.telegram.org/bot$tgapi/sendMessage?chat_id=$tgch&text=$string" &> /dev/null
+  errorcode=$?
+  updatelog $errorcode
+}
+
+function updatelog {
+  logdata="Telegram Sent"
+  if [[ ! -z $1 ]]; then
+    if [[ $1 == "0" ]]; then
+      logerror="Successful!"
+    else
+      logerror="Sending Failed: Exit Code $1"
+    fi
+  fi
+  echo "$(date +%y%m%d).$(date +%H%M) - $logprefix - $logdata - $logerror" >> /var/log/nextcloud-telegram-notify.log
+  logsize=$(cat /var/log/nextcloud-telegram-notify.log | wc -l)
+  if [[ $logsize -gt $logmax ]]; then
+    mv /var/log/nextcloud-telegram-notify.log /tmp/nextcloud-telegram-notify.log
+    tail -n $logmax /tmp/nextcloud-telegram-notify.log > /var/log/nextcloud-telegram-notify.log
+    rm /tmp/nextcloud-telegram-notify.log
+  fi
+}
+
+sudo -u $wwwuser php "$nextcloudpath/occ" user:list > /tmp/ncchecknewusers.txt
+
+array=($(cat $nextcloudpath/config/config.php | grep 'datadirectory'))
+nextcloudfilespath=${array[2]:1:-2}
+cat $nextcloudfilespath/nextcloud.log | grep '"level":2,' | grep '"Login failed:' > /tmp/ncfailedlogins.tmp
+
+if [[ -f /tmp/ncfailedlogins.old ]]; then
+  rm -f /tmp/ncfailedlogins.changes.tmp
+  cat /tmp/ncfailedlogins.old /tmp/ncfailedlogins.old /tmp/ncfailedlogins.tmp | sort | uniq -u >> /tmp/ncfailedlogins.changes.tmp
+  rm -f /tmp/ncfailedlogins.new.*.tmp
+  size=$(cat /tmp/ncfailedlogins.changes.tmp | wc -l)
+  if [[ $size -gt 0 ]]; then
+    n=0
+    while read -r entry; do
+      echo "$n" "/tmp/ncfailedlogins.new.$n.tmp"
+      echo $entry > "/tmp/ncfailedlogins.new.$((n++)).tmp"
+    done < /tmp/ncfailedlogins.changes.tmp
+    rm -f /tmp/ncfailedloginsentry.txt
+    for ((c=0; c<$n; c++)); do
+      echo "$(cat "/tmp/ncfailedlogins.new.$c.tmp" | jq -r .message)" >> /tmp/ncfailedloginsentry.txt
+      echo "Time: $(cat "/tmp/ncfailedlogins.new.$c.tmp" | jq -r .time)" >> /tmp/ncfailedloginsentry.txt
+      echo "" >> /tmp/ncfailedloginsentry.txt
+    done
+    sendtelegram
+  else
+    echo "There are no failed logins to send..."
+  fi
+else
+  echo "First run... saving current logins..."
+fi
+
+mv /tmp/ncfailedlogins.tmp /tmp/ncfailedlogins.old