#!/bin/bash # rsyslog management # # source: # - https://selivan.github.io/2017/02/07/rsyslog-log-forward-save-filename-handle-multi-line-failover.html toolName="rsyslog" toolConfig="/etc/rsyslog.conf" # Get script working directory # (when called from a different directory) WDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >>/dev/null 2>&1 && pwd )" CONFIG_SNMP="$WDIR/${toolName}/10-snmp.conf" CONFIG_CRON="$WDIR/${toolName}/10-cron.conf" CONFIG_RNGD="$WDIR/${toolName}/10-rngd.conf" CONFIG_REMOTE="$WDIR/${toolName}/90-remote.conf" step_1_info() { echo "Install $toolName"; } step_1_alias() { ALIAS="install"; } step_1() { exe apt update exe apt install "$toolName" } step_2_info() { echo "Check configuration"; } step_2_alias() { ALIAS="checkconf"; } step_2() { exe rsyslogd -N 1 -f "$toolConfig" endReturn -o $? "Invalid $toolName configuration" } step_10_info() { echo "Reduce snmpd syslog messages"; } step_10_alias() { ALIAS="snmpd"; } step_10() { addConf -s -f "$CONFIG_SNMP" "$CONFIG_SNMP_DEST" endReturn -o $? step checkconf exe service rsyslog restart } CONFIG_SNMP_DEST="/etc/rsyslog.d/$(basename $CONFIG_SNMP)" step_12_info() { echo "Reduce cron syslog messages"; } step_12_alias() { ALIAS="cron"; } step_12() { addConf -s -f "$CONFIG_CRON" "$CONFIG_CRON_DEST" endReturn -o $? step checkconf exe service rsyslog restart } CONFIG_CRON_DEST="/etc/rsyslog.d/$(basename $CONFIG_CRON)" step_14_info() { echo "Reduce rngd syslog messages"; } step_14_alias() { ALIAS="rngd"; } step_14() { addConf -s -f "$CONFIG_RNGD" "$CONFIG_RNGD_DEST" endReturn -o $? step checkconf exe service rsyslog restart } CONFIG_RNGD_DEST="/etc/rsyslog.d/$(basename $CONFIG_RNGD)" step_16_info() { echo "Send syslog messages to remote syslog server "; } step_16_alias() { ALIAS="remote"; } step_16() { local rex='^[0-9\.]+\:[0-9]+$' local remoteHost="" # Check if string is a ipv4 address and port if [[ "$2" =~ $rex ]] ; then remoteHost=$2 else echoerr " [E] No valid IP:PORT detected: $2" return 1 fi addConf -s -f "$CONFIG_REMOTE" "$CONFIG_REMOTE_DEST" endReturn -o $? "Custom remote host $remoteHost not applied to destination or $MISSING_CONF" exe sed -i "s/12\.34\.56\.78\:514/${remoteHost}/" "$CONFIG_REMOTE_DEST" endReturn -o $? "Couldn't apply $remoteHost to $CONFIG_REMOTE_DEST" step checkconf exe service rsyslog restart } CONFIG_REMOTE_DEST="/etc/rsyslog.d/$(basename $CONFIG_REMOTE)" VERSION_SEQREV=8 . /usr/local/bin/sequencer.sh