Home/ Questions/Q 9229143
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-18T05:29:59+00:00

#!/bin/bash ( /usr/src/chkrootkit-$VERSION/chkrootkit ) | # Binary grep ‘INFECTED|Vulnerable’ | # Only get found

  • 0
#!/bin/bash
( /usr/src/chkrootkit-$VERSION/chkrootkit ) | # Binary
grep 'INFECTED|Vulnerable' | # Only get found issues
/bin/mail -s 'CHROOTKIT Weekly Run ($SERVERNAME)' $EMAIL # Send EMail

This still sends e-mails even if nothing is found.

What would be a way to only send if something is grepped?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This maybe…

    Simply use -E switch in mail command:

    man -Pcol\ -b mail | grep empty
     -E      Don't send messages with an empty body.


#!/bin/bash
( /usr/src/chkrootkit-$VERSION/chkrootkit ) | # Binary
grep 'INFECTED|Vulnerable' | # Only get found issues
/bin/mail -E -s 'CHROOTKIT Weekly Run ($SERVERNAME)' $EMAIL # Send EMail

    or place your check in a crontab for automatic processing, for ex once a day:

    @daily  ( /usr/src/chkrootkit-$VERSION/chkrootkit ) | grep 'INFECTED|Vulnerable'

    Cron will send a mail if command output something.

    But, after re-reading this

    If there is no need to forward any part of the mail in the alert, there is no need to use the pipe |.

    So you could use condition in this way:

    #!/bin/bash
( /usr/src/chkrootkit-$VERSION/chkrootkit ) | # Binary
    grep -q 'INFECTED|Vulnerable' &&
    /bin/mail -s 'CHROOTKIT Weekly Run ($SERVERNAME)' $EMAIL

    The -q switch to grep ensure to stay quiet.

    • 0