#!/bin/bash
( /usr/src/chkrootkit-$VERSION/chkrootkit ) | # Binary
grep 'INFECTED|Vulnerable' | # Only get found issues
/bin/mail -s 'CHROOTKIT Weekly Run ($SERVERNAME)' $EMAIL # Send EMail
This still sends e-mails even if nothing is found.
What would be a way to only send if something is grepped?
Simply use -E switch in mail command:
man -Pcol\ -b mail | grep empty
     -E      Don't send messages with an empty body.
#!/bin/bash
( /usr/src/chkrootkit-$VERSION/chkrootkit ) | # Binary
grep 'INFECTED|Vulnerable' | # Only get found issues
/bin/mail -E -s 'CHROOTKIT Weekly Run ($SERVERNAME)' $EMAIL # Send EMail
or place your check in a crontab for automatic processing, for ex once a day:
@daily  ( /usr/src/chkrootkit-$VERSION/chkrootkit ) | grep 'INFECTED|Vulnerable'
Cron will send a mail if command output something.
If there is no need to forward any part of the mail in the alert, there is no need to use the pipe |.
So you could use condition in this way:
#!/bin/bash
( /usr/src/chkrootkit-$VERSION/chkrootkit ) | # Binary
    grep -q 'INFECTED|Vulnerable' &&
    /bin/mail -s 'CHROOTKIT Weekly Run ($SERVERNAME)' $EMAIL
The -q switch to grep ensure to stay quiet.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With