yum install ccze (Red Hat/CentOS)
ou
apt-get install ccze (Debian/Ubuntu)
Uso:
tail -f /var/log/ufw.log | ccze
quando executo este comando do monitor
$ sudo tail -f /var/log/ufw.log | cat -n
1 May 23 03:04:25 Vultr-Ubuntu14-Tokyo kernel: [51809.671147] [UFW BLOCK] IN=eth0 OUT= MAC=56:00:00:27:45:2d:fe:00:00:27:45:2d:08:00 SRC=85.48.173.107 DST=45.32.41.183 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=25617 DF PROTO=TCP SPT=41052 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0
2 May 23 03:04:26 Vultr-Ubuntu14-Tokyo kernel: [51810.671232] [UFW BLOCK] IN=eth0 OUT= MAC=56:00:00:27:45:2d:fe:00:00:27:45:2d:08:00 SRC=85.48.173.107 DST=45.32.41.183 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=25618 DF PROTO=TCP SPT=41052 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0
3 May 23 03:04:27 Vultr-Ubuntu14-Tokyo kernel: [51811.671298] [UFW BLOCK] IN=eth0 OUT= MAC=56:00:00:27:45:2d:fe:00:00:27:45:2d:08:00 SRC=85.48.173.107 DST=45.32.41.183 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=25619 DF PROTO=TCP SPT=41052 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0
4 May 23 03:05:16 Vultr-Ubuntu14-Tokyo kernel: [51861.074788] [UFW BLOCK] IN=eth0 OUT= MAC=56:00:00:27:45:2d:fe:00:00:27:45:2d:08:00 SRC=125.212.219.135 DST=45.32.41.183 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=54321 PROTO=TCP SPT=43336 DPT=6379 WINDOW=65535 RES=0x00 SYN URGP=0
5 May 23 03:05:31 Vultr-Ubuntu14-Tokyo kernel: [51875.345595] [UFW BLOCK] IN=eth0 OUT= MAC=56:00:00:27:45:2d:fe:00:00:27:45:2d:08:00 SRC=61.153.142.165 DST=45.32.41.183 LEN=52 TOS=0x00 PREC=0x00 TTL=49 ID=1488 DF PROTO=TCP SPT=11916 DPT=19502 WINDOW=64240 RES=0x00 SYN URGP=0
6 May 23 03:05:34 Vultr-Ubuntu14-Tokyo kernel: [51878.297557] [UFW BLOCK] IN=eth0 OUT= MAC=56:00:00:27:45:2d:fe:00:00:27:45:2d:08:00 SRC=61.153.142.165 DST=45.32.41.183 LEN=52 TOS=0x00 PREC=0x00 TTL=49 ID=1788 DF PROTO=TCP SPT=11916 DPT=19502 WINDOW=64240 RES=0x00 SYN URGP=0
7 May 23 03:05:40 Vultr-Ubuntu14-Tokyo kernel: [51884.313934] [UFW BLOCK] IN=eth0 OUT= MAC=56:00:00:27:45:2d:fe:00:00:27:45:2d:08:00 SRC=61.153.142.165 DST=45.32.41.183 LEN=52 TOS=0x00 PREC=0x00 TTL=49 ID=2283 DF PROTO=TCP SPT=11916 DPT=19502 WINDOW=64240 RES=0x00 SYN URGP=0
8 May 23 03:07:47 Vultr-Ubuntu14-Tokyo kernel: [52011.511521] [UFW BLOCK] IN=eth0 OUT= MAC=56:00:00:27:45:2d:fe:00:00:27:45:2d:08:00 SRC=222.161.53.246 DST=45.32.41.183 LEN=52 TOS=0x00 PREC=0x00 TTL=106 ID=9610 DF PROTO=TCP SPT=30408 DPT=22905 WINDOW=8192 RES=0x00 SYN URGP=0
9 May 23 03:07:50 Vultr-Ubuntu14-Tokyo kernel: [52014.551342] [UFW BLOCK] IN=eth0 OUT= MAC=56:00:00:27:45:2d:fe:00:00:27:45:2d:08:00 SRC=222.161.53.246 DST=45.32.41.183 LEN=52 TOS=0x00 PREC=0x00 TTL=106 ID=13131 DF PROTO=TCP SPT=30408 DPT=22905 WINDOW=8192 RES=0x00 SYN URGP=0
10 May 23 03:07:56 Vultr-Ubuntu14-Tokyo kernel: [52020.556294] [UFW BLOCK] IN=eth0 OUT= MAC=56:00:00:27:45:2d:fe:00:00:27:45:2d:08:00 SRC=222.161.53.246 DST=45.32.41.183 LEN=48 TOS=0x00 PREC=0x00 TTL=106 ID=20064 DF PROTO=TCP SPT=30408 DPT=22905 WINDOW=8192 RES=0x00 SYN URGP=0
11 May 23 03:15:39 Vultr-Ubuntu14-Tokyo kernel: [52483.448066] [UFW BLOCK] IN=eth0 OUT= MAC=56:00:00:27:45:2d:fe:00:00:27:45:2d:08:00 SRC=93.174.93.50 DST=45.32.41.183 LEN=65 TOS=0x08 PREC=0x00 TTL=242 ID=54321 PROTO=UDP SPT=35266 DPT=53 LEN=45
parece bom, mas eu quero controlar mais, por exemplo, eu quero esconder Vultr-Ubuntu14-Tokyo que eu acho que é o nome do host, e eu também quero colocar uma linha em branco entre cada linha de log para que ele se torne mais solto e parece mais confortável,
e eu também quero mudar de cor para cada derectives etc.
Eu lembro que eu posso personalizar cor e posição e muitas outras coisas para PS1 no Ubuntu como abaixo, então eu estou querendo saber como pode fazer coisa semelhante para o log do Linux (Ubuntu).
export PS1="
$BBlue[\h] $BBlue\t $BBlue\u No.$BBlue\# -> $BBlue\w$Color_Off
\$ "
obrigado.