#!/bin/sh

GREP=/usr/bin/grep

$GREP -Eh 'pma|admin|sql|w00t|CONNECT|wp-admin|wp-login|wordpress|cgi-bin' /var/log/httpd/access_log | mutt -s "Suspicious Webserver URLs (celeste/new)" -- recipient@domain

$GREP -h '404' /var/log/httpd/access_log | grep ".zip" | mutt -s "Suspicious Webserver URLs (celeste/new) zip files" -- recipient@domain