I require a bash script that can be run from a cron to do the following:
1)scan /var/log/messages for a customizable set of keywords. This needs to be a a list that I can easily add to or edit. The scan should only scan the last 12 or max 24 hours of the log file.
2)When found send an email with a list of files/entries that match the keywords.
3)Scan the log file for IP's that are trying to login to multiple accounts. eg same ip but multiple usernames would trigger and email alert.
This will run on a centos 5 machine.