rsyslogクライアントはスクリプトを自動的に配置し、テストで正常に使用
2951 ワード
自動書き込みrsyslogクライアント自動構成スクリプト、テストで正常に使用
Rsyslog+LogAnalyzer正常使用
#!/bin/bash
#Install & Config the rsyslog
#Release 0.3
#date 2016.10.10
#set -x
# log
# syslog, rsyslog
# ,
# /etc/rsyslog , /etc/init.d/rsyslog restart
# user.* @172.16.16.20
# authpriv.* @172.16.16.20
# *.warning @172.16.16.20
# user.*;authpriv.*;*.warning @172.16.16.20
# /etc/bashrc , source /etc/bashrc
#export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
#
#PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
PATH=$PATH:~/bin
export PATH
#
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
function timecmd(){
ntpdate pool.ntp.org
}
if [ ! -e "/usr/sbin/ntpdate" ]; then
yum install -y ntpdate && timecmd
else
timecmd
echo -e "
error"
fi
#
#cfg(){
#sed -i '$a #Send the log information to the server' $log
#sed -i '$a user.* @172.16.16.20' $log
#sed -i '$a authpriv.* @172.16.16.20' $log
#sed -i '$a *.warning @172.16.16.20' $log
#}
#cfgs(){
#sed -i '$a #Send the log information to the server' $logs
#sed -i '$a user.* @172.16.16.20' $logs
#sed -i '$a authpriv.* @172.16.16.20' $logs
#sed -i '$a *.warning @172.16.16.20' $logs
#}
logr=/etc/rsyslog.conf
logs=/etc/syslog.conf
cfg(){
sed -i '$a #Send the log information to the server' $logr
sed -i '$a *.warning;user.*;authpriv.* @172.16.16.20' $logr
}
cfgs(){
sed -i '$a #Send the log information to the server' $logs
sed -i '$a *.warning;user.*;authpriv.* @172.16.16.20' $logs
}
#
autoboot(){
(/etc/init.d/rsyslog start && chkconfig rsyslog on)
}
autoboots(){
(/etc/init.d/syslog start && chkconfig syslog on)
}
# rsyslog
irsyslog(){
yum install -y rsyslog || echo "Install error" && exit 3
}
rsyscfg=$(cat /etc/rsyslog.conf | grep "@172.16.16.20" | grep -v '#' | awk '{print $2}')
ipadd='@172.16.16.20'
if [ -f $logs ]; then
cfgs
elif [ "$rsyscfg" == "$ipadd" ]; then
echo "172.16.16.20 in rsyslog.conf" && exit 4
elif [ -f $logr ]; then
cfg
else
irsyslog && cfgs
fi
# shell
usercmd=$(cat /etc/bashrc | grep '#Record-the-input-cmd')
cmdinfo=#Record-the-input-cmd
bashrcfile=/etc/bashrc
shrc(){
sed -i '$a #Record-the-input-cmd' $bashrcfile
echo export PROMPT_COMMAND=\''{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'\' >> $bashrcfile
}
if [ "$usercmd" == "$cmdinfo" ];then
echo "commandinfo is exist " && exit 5
elif [ -e /etc/bashrc ]; then
shrc
else
echo "error: not import to the /etc/bashrc "
fi
source /etc/bashrc
autoboot || autoboots
Rsyslog+LogAnalyzer正常使用