This article is just starting. Probably will need Dickson's help on this topic.
Email Login Events
On servers that are managed by only a few administrators it is often useful to know if someone has logged in.
On more larger system it is more manageable to only send notification when sudo access is attempted.
Here are the contents of the login notification script,
sentry-login.sh
echo "User $LOGNAME logged in $(date)" | mail -s "Sentry Alert" bhitch@imagecomics.com
Add this to the global startup scripts.
Email Sudo Events
On small systems, you will want to be emailed sudo events.
Failed Login
Actually send an email on failed login...
Login
Email alert upon the first sudo command...
File Integrity Check
Verify that files are not modified without your knowledge...
Securing Passwd
...