Last active
March 21, 2023 13:16
-
-
Save mattimatti/396eb9b68deec1d4460a3447f02c52e7 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| SerialNumber=$(/usr/sbin/system_profiler SPHardwareDataType | grep "Serial Number (system)" | awk '{print $4}') | |
| log stream --style syslog -predicate 'subsystem == "com.apple.Authorization" AND eventMessage contains "authenticated as user queenofclubs"' | while read LINE; do | |
| echo "$LINE" && curl -X POST --silent --data-urlencode \ | |
| "payload={\"text\": \"$(echo $LINE | sed "s/\"/'/g")\"}" https://hooks.slack.com/services/xxxxxx/xxxxx/xxxxx; | |
| done |
ComputerName=$(/usr/sbin/scutil --get ComputerName)
HostName=$(/usr/sbin/scutil --get HostName)
LocalHostName=$(/usr/sbin/scutil --get LocalHostName)
#!/bin/bash
SerialNumber=$(/usr/sbin/system_profiler SPHardwareDataType | grep "Serial Number (system)" | awk '{print $4}')
LocalHostName=$(/usr/sbin/scutil --get LocalHostName)
log stream --style syslog -predicate 'subsystem == "com.apple.Authorization" AND eventMessage contains "authenticated as user queenofclubs"' | while read LINE; do
echo "$LINE" && curl -X POST --silent --data-urlencode \
"payload={\"text\": \"$LocalHostName $SerialNumber $(echo $LINE | sed "s/\"/'/g")\"}" https://hooks.slack.com/services/xxxxxx/xxxxx/xxxxx;
done
SerialNumber=$(/usr/sbin/system_profiler SPHardwareDataType | grep "Serial Number (system)" | awk '{print $4}')
LocalHostName=$(/usr/sbin/scutil --get LocalHostName)
log stream --style syslog -predicate 'subsystem == "com.apple.Authorization" AND eventMessage contains "authenticated as user queenofclubs"' | while read LINE; do
echo "$LINE" && curl -X POST --silent --data-urlencode \
"payload={\"text\": \"$LocalHostName $SerialNumber $(echo $LINE | sed "s/\"/'/g")\"}" "$WEBHOOK";
done
log stream --style syslog -predicate 'subsystem == "com.apple.Authorization" AND eventMessage contains "authenticated as user queenofclubs"' | grep -v "Filtering the log" | while read LINE; do
Prima del while:
| grep -v "Filtering the log"
curl -o /dev/null
SerialNumber=$(/usr/sbin/system_profiler SPHardwareDataType | grep "Serial Number (system)" | awk '{print $4}')
LocalHostName=$(/usr/sbin/scutil --get LocalHostName)
log stream --style syslog -predicate 'subsystem == "com.apple.Authorization" AND eventMessage contains "authenticated as user queenofclubs"' | grep -v "Filtering the log" | while read LINE; do
curl -X POST -o /dev/null --silent --data-urlencode \
"payload={\"text\": \"$LocalHostName $SerialNumber $(echo $LINE | sed "s/\"/'/g")\"}" "$WEBHOOK";
done
log stream --style syslog -predicate 'subsystem == "com.apple.Authorization" AND eventMessage contains "authenticated as user"' | while read LINE; do [[ $LINE != *"Filtering the"* ]] && echo $LINE ; done
[[ $LINE != "Filtering the" ]] &&
#!/bin/bash
WEBHOOK=https://hooks.slack.com/services/xxxxxxxx
SerialNumber=$(/usr/sbin/system_profiler SPHardwareDataType | grep "Serial Number (system)" | awk '{print $4}')
LocalHostName=$(/usr/sbin/scutil --get LocalHostName)
log stream --style syslog -predicate '(subsystem == "com.apple.Authorization" AND eventMessage contains "authenticated as user queenofclubs") OR (process == "sudo" AND eventMessage contains "TTY=") OR (process == "su" AND eventMessage contains "dev/tty")' | while
read LINE; do [[ $LINE != *"Filtering the"* ]] &&
curl -X POST -o /dev/null --silent --data-urlencode \
"payload={\"text\": \"$LocalHostName $SerialNumber $(echo $LINE | sed "s/\"/'/g")\"}" "$WEBHOOK";
done
👍
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
SerialNumber=$(/usr/sbin/system_profiler SPHardwareDataType | grep "Serial Number (system)" | awk '{print $4}')