After spending too much time manually checking Linux servers - SSHing in to review logs, monitor security changes, and track updates - I decided to automate it.
Built a collection of bash scripts that handle the repetitive parts:
Security Monitoring
Tracks new user creation, sudoers modifications, and critical file changes. Identifies who made the changes and from which IP address.
Log Collection
Automated gathering of Apache, MySQL, PHP-FPM, Redis, and application logs. Compresses and sends them to Discord when troubleshooting is needed.
Update Notifications
Real-time alerts for system package updates and OWASP ModSecurity Core Rule Set updates before applying them.
SSH Access Tracking
PAM integration for instant login alerts showing user, IP, and timestamp for every connection.
Everything sends notifications via Discord webhooks, so there's no need to constantly SSH into servers to check status.
Built for Debian/Ubuntu running LAMP/LEMP stacks. Open sourced it if others find it useful.
https://github.com/eugeniogiusti/linux-server-toolkit
Top comments (0)