find /usr/local/mod_security_summary/`date +%Y%m%d`/ -type f | while read line;do severity=$line; if [ `grep Action $severity | grep Intercepted | wc -l` = 0 ];then mkdir -p /tmp/`date +%Y%m%d`/passed/ ; cp -p $severity /tmp/`date +%Y%m%d`/passed/ ;fi ; done
※防げなかった攻撃を洗い出すのに使用
コメント