Ridicously simple auth.log file parser.

It does no attempt at anything fancy, just greps for 3 particular strings

• "illegal user"
• "breakin attemp"
• "authentication failure"

Would be nice to have something more "sophisticated"

In my very humble opinion it should be

... | grep "`date '+%b %e'`" |wc -l

on line 37, 40 and 42 as syslog uses blank-padded day of month.

My system install was on other language than en_GB, so i needed to add a line to make it work:

export LANG=en_GB

Another way is to unset this variable in the beginning of the script with:

unset LANG