I thought I would share this, as we who host and run our own servers do get a little paranoid
sometimes when it comes to running an FTP server always concerned about being hacked so
last night I had a brainstorm and wrote this little batch file from all the various snippets I collated over time it might be just what someone else is looking for.
:: THE FOLLOWING BATCH FILE MONITORS THE LOG FILE FOLDER OF A COMPUTER
:: ON THE LOCAL NETWORK AND IF YOU HAVE SAYSTATIC.EXE WILL GIVE TTS VOICE
:: NOTIFICATIONS WHEN THE LOG IS ACTIVELY CHANGING (GROWING) IN SIZE
:: YOU WILL NEED TO EDIT THE [ \\computer_to_Monitor\filezilla-Logs ] PATH
:: THIS PATH IS LOCATED IN 4 PLACES SO NEEDS TO BE ALTERED TO FIT YOUR
:: ENVIRONMENT
:: BEGIN BATCH CODE
@echo off
setlocal enabledelayedexpansion
goto logsize
:readlog
echo READLOG
cls
:: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
:: START FILEZILLA LOG SNOOPING LOOKING FOR ACTIVITY
:: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
call :getdate
:: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
set dwnldlog=C:\State\FTPMON.log
set message=RETREVAL MADE OF FILES from FTP Today: %YEAR%-%Month%-%Day%
:: —————————————————
if exist “\\computer_to_Monitor\filezilla-Logs\fzs-%YEAR%-%Month%-%Day%.log” (set filezilllog=”\\computer_to_Monitor\filezilla-Logs\fzs-%YEAR%-%Month%-%Day%.log”) else (goto noftpsnoop)
if exist %filezilllog% (goto checkm) else (goto donelog)
:checkm
>nul find “RETR ” %filezilllog% && (
echo =====================================================
echo.
echo We found FTP DOWNLOADS for RETR * Today.
echo.
echo =====================================================
goto logdn2
) || (
echo =====================================================
echo.
echo We have NOT found any DOWNLOADS today.
echo.
echo =====================================================
goto donelog
)
:logdn2
echo =====================================================
echo.
echo DOWNLOADS ARE IN PROGRESS ON FTP SERVER.
echo.
echo =====================================================
>> “%dwnldlog%” echo %message%
notepad %filezilllog%
:donelog
:: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
:: END FILEZILLA LOG SNOOPING LOOKING FOR ACTIVITY
:: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
pathping 127.0.0.1 -n -q 1 -p 60000 >nul 2>&1
goto end
:logsize
:: ################################################
:ftpsnoop
echo LOG FILE FTPSNOOP
call :getdate
if exist “\\computer_to_Monitor\filezilla-Logs\fzs-%YEAR%-%Month%-%Day%.log” (set filezilllog=”\\computer_to_Monitor\filezilla-Logs\fzs-%YEAR%-%Month%-%Day%.log”) else (goto noftpsnoop)
:: ————————————————
if not exist %filezilllog% goto noftpsnoop
for %%a in (%filezilllog%) do ( set before=%%~za)
:: ————————————————
pathping 127.0.0.1 -n -q 1 -p 30000 >nul 2>&1
:: ————————————————
echo.
for %%a in (%filezilllog%) do ( if %%~za gtr %before% echo NEW FTP ACTIVITY ON SERVER &&if exist SayStatic.exe SayStatic FTP Server Downloads ARE In Progress.)
:: ————————————————
cls
echo.
echo =====================================================
echo.
echo %date% – Filezilla LOG FILE SIZE IS: “%before%” bytes
echo.
echo =====================================================
echo.
:: if “%before%”==”0” cls &&echo LOG Appears Blank or Inactive &&goto noftpsnoop
:: ————————————————
if not exist ftpkill goto ftpsnoop
:: ————————————————
for %%a in (%filezilllog%) do ( if %%~za gtr %before% call readlog)
:: ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
:noftpsnoop
echo =====================================================
echo.
echo FINISHING NO LOGS TO MONITOR
pathping 127.0.0.1 -n -q 1 -p 8000 >nul 2>&1
echo.
echo =====================================================
cls
endlocal
goto end
:: ————————————————
:getdate
:: ### THE VARS BELOW MAY NEED CHANGING BASED ON LOCATION ###
:: ———————- FINDING DATE ———————–
@For /F “tokens=1,2,3,4 delims=/ ” %%A in (‘Date /t’) do @(
Set Day=%%A
Set Month=%%B
Set Year=%%C
)
:: ———————————————————–
:end
:: END BATCH CODE