#							   +----+----+----+----+
# 							   |    |    |    |    |
# Author: Mark David Scott Cunningham			   | M  | D  | S  | C  |
# 							   +----+----+----+----+
# Created: 2015-07-28
# Updated: 2015-07-28
#
#
#!/bin/bash

dash(){ for ((i=1;i<=$1;i++)); do printf $2; done; }
section_header(){ echo -e "\n$1\n$(dash 40 -)"; }

section_header "Failed cpaneld IPs"
grep 'FAILED LOGIN cpaneld' /usr/local/cpanel/logs/login_log\
 | cut -d' ' -f1,3,9- | sort | uniq -c | sort -rn | head

section_header "Failed webmaild IPs"
grep 'FAILED LOGIN webmaild' /usr/local/cpanel/logs/login_log\
 | cut -d' ' -f1,3,9- | sort | uniq -c | sort -rn | head

# section_header "Successful SSH IPs"
# awk '/Accept/{print $(NF-5),$(NF-3)}' /var/log/secure* | sort | uniq -c | sort -rn | head;

section_header "Failed SSH IPs"
awk '/Failed/{print $(NF-5),$(NF-3)}' /var/log/secure* | sort | uniq -c | sort -rn | head; echo

section_header "Failed SMTP/IMAP IPs"
grep 'authenticator failed' /var/log/exim_mainlog | perl -pe 's/.*\ \[(.*?)\]:.*/\1/g'\
 | awk '{freq[$1]++} END {for (x in freq) {printf "%8s %s\n",freq[x],x}}'\
 | sort -rn | head