Strange behaviour when user is in Llama (AuthKeysFile) 

ssh_env file is not created in case user is in Llama, which is okay. But watchdog ssh should be able to handle this as well. If ssh_env file is empty, it should read llama file and match ssh key with the file. if there is match, log on slack that some admin user logged in. otherwise log that malicious user logged in