#!/bin/sh 
#SYSTEMS: Solaris, Linux
MSG="# Checking if auth.notice is logged, and if a loghost is present..."
SYSTEM=`uname -s`
######Solaris & Linux######
if [ "$SYSTEM" = "SunOS" -o "$SYSTEM" = "Linux" ]; then
  echo ""; echo "$MSG"
  #Syslog check
  if [ -f /etc/syslog.conf ]; then
    CHK=`awk '{print $1}' /etc/syslog.conf | grep -v "#" | grep -c "auth.notice"`
    if [ $CHK -eq 0 ]; then
      echo "--INFO-- [SYSLOG001i] Syslog NOT auditing auth.notice messages."
    fi
  fi
  #Loghost check
  if [ -f /etc/hosts ]; then #Need to 'tr' (translate) tabs to spaces while checking...
    LH=`cat /etc/hosts | tr "\t" " " | grep "^[^#]*[ ]loghost"`
    if [ -z "$LH" ]; then 
      echo "--INFO-- [HOSTS001i] Loghost is not defined in /etc/hosts."
    fi
  fi
fi


