From 2842814b7c67c5a1aae8c9326844c5fc74c9220c Mon Sep 17 00:00:00 2001 From: shwetajain148 Date: Fri, 13 Oct 2017 14:58:19 +0530 Subject: [PATCH 1/2] Fix the indentation to 2 spaces --- .editorconfig | 12 + Linux Script/configure-linux.sh | 1514 ++++++++--------- Mac Script/configure-mac.sh | 937 +++++----- Modular Scripts/Apache2/configure-apache.sh | 747 ++++---- .../configure-file-monitoring.sh | 1113 ++++++------ Modular Scripts/Nginx/configure-nginx.sh | 686 ++++---- .../configure-s3-file-monitoring.sh | 743 ++++---- Modular Scripts/Tomcat/configure-tomcat.sh | 1045 ++++++------ ltomcatsetup.sh | 1107 ++++++------ 9 files changed, 3877 insertions(+), 4027 deletions(-) create mode 100644 .editorconfig diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..2c06e1e --- /dev/null +++ b/.editorconfig @@ -0,0 +1,12 @@ +# This file is for unifying the coding style for different editors and IDEs +# editorconfig.org + +root = true + +[*.sh] +indent_style = space +indent_size = 2 + +[*.py] +indent_style = space +indent_size = 4 diff --git a/Linux Script/configure-linux.sh b/Linux Script/configure-linux.sh index b8caeb0..9dae97e 100644 --- a/Linux Script/configure-linux.sh +++ b/Linux Script/configure-linux.sh @@ -5,9 +5,9 @@ trap ctrl_c INT -function ctrl_c() { - logMsgToConfigSysLog "INFO" "INFO: Aborting the script." - exit 1 +function ctrl_c() { + logMsgToConfigSysLog "INFO" "INFO: Aborting the script." + exit 1 } ########## Variable Declarations - Start ########## @@ -108,436 +108,414 @@ INSECURE_MODE="false" #check if the Linux environment is compatible with Loggly. #Also set few variables after the check. -checkLinuxLogglyCompatibility() -{ - #check if the user has root permission to run this script - checkIfUserHasRootPrivileges +checkLinuxLogglyCompatibility() { + #check if the user has root permission to run this script + checkIfUserHasRootPrivileges - #check if the OS is supported by the script. If no, then exit - checkIfSupportedOS + #check if the OS is supported by the script. If no, then exit + checkIfSupportedOS - #check if required dependencies to run the script are not installed. If yes, ask user to install them manually and run the script again. - checkIfRequiredDependenciesAreNotInstalled - - #check if package-manager is present on the machine - checkIfPackageManagerIsPresent + #check if required dependencies to run the script are not installed. If yes, ask user to install them manually and run the script again. + checkIfRequiredDependenciesAreNotInstalled - #set the basic variables needed by this script - setLinuxVariables + #check if package-manager is present on the machine + checkIfPackageManagerIsPresent - #check if the Loggly servers are accessible. If no, ask user to check network connectivity & exit - checkIfLogglyServersAccessible + #set the basic variables needed by this script + setLinuxVariables - #check if user credentials are valid. If no, then exit - checkIfValidUserNamePassword + #check if the Loggly servers are accessible. If no, ask user to check network connectivity & exit + checkIfLogglyServersAccessible - #get authentication token if not provided - getAuthToken + #check if user credentials are valid. If no, then exit + checkIfValidUserNamePassword - #check if authentication token is valid. If no, then exit. - checkIfValidAuthToken + #get authentication token if not provided + getAuthToken - #checking if syslog-ng is configured as a service - checkifSyslogNgConfiguredAsService + #check if authentication token is valid. If no, then exit. + checkIfValidAuthToken - #check if systemd is present in machine. - checkIfSystemdConfigured + #checking if syslog-ng is configured as a service + checkifSyslogNgConfiguredAsService - #check if rsyslog is configured as service. If no, then exit - checkIfRsyslogConfiguredAsService + #check if systemd is present in machine. + checkIfSystemdConfigured - #check if multiple rsyslog are present in the system. If yes, then exit - checkIfMultipleRsyslogConfigured + #check if rsyslog is configured as service. If no, then exit + checkIfRsyslogConfiguredAsService - #check for the minimum version of rsyslog i.e 5.8.0. If no, then exit - checkIfMinVersionOfRsyslog + #check if multiple rsyslog are present in the system. If yes, then exit + checkIfMultipleRsyslogConfigured - #check if selinux service is enforced. if yes, ask the user to manually disable and exit the script - checkIfSelinuxServiceEnforced - - #update rsyslog.conf and adds $MaxMessageSize in it - modifyMaxMessageSize + #check for the minimum version of rsyslog i.e 5.8.0. If no, then exit + checkIfMinVersionOfRsyslog - LINUX_ENV_VALIDATED="true" + #check if selinux service is enforced. if yes, ask the user to manually disable and exit the script + checkIfSelinuxServiceEnforced + + #update rsyslog.conf and adds $MaxMessageSize in it + modifyMaxMessageSize + + LINUX_ENV_VALIDATED="true" } # executing the script for loggly to install and configure rsyslog. -installLogglyConf() -{ - #log message indicating starting of Loggly configuration - logMsgToConfigSysLog "INFO" "INFO: Initiating Configure Loggly for Linux." - - if [ "$LINUX_ENV_VALIDATED" = "false" ]; then - checkLinuxLogglyCompatibility - fi - - #create rsyslog dir if it doesn't exist, Modify the permission on rsyslog directory if exist on Ubuntu - createRsyslogDir - - #if all the above check passes, write the 22-loggly.conf file - checkAuthTokenAndWriteContents - - if [ "$LINUX_DO_VERIFICATION" = "true" ]; then - #check if the logs are going to loggly fro linux system now - checkIfLogsMadeToLoggly - fi - - if [ "$IS_INVOKED" = "" ]; then - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Linux system successfully configured to send logs via Loggly." - fi +installLogglyConf() { + #log message indicating starting of Loggly configuration + logMsgToConfigSysLog "INFO" "INFO: Initiating Configure Loggly for Linux." + + if [ "$LINUX_ENV_VALIDATED" = "false" ]; then + checkLinuxLogglyCompatibility + fi + + #create rsyslog dir if it doesn't exist, Modify the permission on rsyslog directory if exist on Ubuntu + createRsyslogDir + + #if all the above check passes, write the 22-loggly.conf file + checkAuthTokenAndWriteContents + + if [ "$LINUX_DO_VERIFICATION" = "true" ]; then + #check if the logs are going to loggly fro linux system now + checkIfLogsMadeToLoggly + fi + + if [ "$IS_INVOKED" = "" ]; then + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Linux system successfully configured to send logs via Loggly." + fi } #remove loggly configuration from Linux system -removeLogglyConf() -{ - #log message indicating starting of Loggly configuration - logMsgToConfigSysLog "INFO" "INFO: Initiating uninstall Loggly for Linux." +removeLogglyConf() { + #log message indicating starting of Loggly configuration + logMsgToConfigSysLog "INFO" "INFO: Initiating uninstall Loggly for Linux." + + #check if the user has root permission to run this script + checkIfUserHasRootPrivileges - #check if the user has root permission to run this script - checkIfUserHasRootPrivileges - - #check if the OS is supported by the script. If no, then exit - checkIfSupportedOS + #check if the OS is supported by the script. If no, then exit + checkIfSupportedOS - #set the basic variables needed by this script - setLinuxVariables + #set the basic variables needed by this script + setLinuxVariables - #remove systemd-rsyslog configuration - revertSystemdChanges + #remove systemd-rsyslog configuration + revertSystemdChanges - #remove 22-loggly.conf file - remove22LogglyConfFile + #remove 22-loggly.conf file + remove22LogglyConfFile - #restart rsyslog service - restartRsyslog + #restart rsyslog service + restartRsyslog - #log success message - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Uninstalled Loggly configuration from Linux system." + #log success message + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Uninstalled Loggly configuration from Linux system." } #checks if user has root privileges -checkIfUserHasRootPrivileges() -{ - #This script needs to be run as root - if [[ $EUID -ne 0 ]]; then - logMsgToConfigSysLog "ERROR" "ERROR: This script must be run as root." - exit 1 - fi +checkIfUserHasRootPrivileges() { + #This script needs to be run as root + if [[ $EUID -ne 0 ]]; then + logMsgToConfigSysLog "ERROR" "ERROR: This script must be run as root." + exit 1 + fi } #check if package-manager is present on the machine -checkIfPackageManagerIsPresent() -{ - if [ -x "$(command -v apt-get)" ]; then - PKG_MGR="apt-get" - else - if [ -x "$(command -v yum)" ]; then - PKG_MGR="yum" - fi - fi +checkIfPackageManagerIsPresent() { + if [ -x "$(command -v apt-get)" ]; then + PKG_MGR="apt-get" + else + if [ -x "$(command -v yum)" ]; then + PKG_MGR="yum" + fi + fi } #check if required dependencies to run the script are not installed, If yes then ask user to install them manually and run the script again -checkIfRequiredDependenciesAreNotInstalled() -{ - if ! [ -x "$(command -v curl)" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: 'Curl' executable could not be found on your machine, since it is a dependent package to run this script, please install it manually and then run the script again."; - exit 1 - elif ! [ -x "$(command -v ping)" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: 'Ping' executable could not be found on your machine, since it is a dependent package to run this script, please install it manually and then run the script again."; - exit 1 - fi +checkIfRequiredDependenciesAreNotInstalled() { + if ! [ -x "$(command -v curl)" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: 'Curl' executable could not be found on your machine, since it is a dependent package to run this script, please install it manually and then run the script again." + exit 1 + elif ! [ -x "$(command -v ping)" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: 'Ping' executable could not be found on your machine, since it is a dependent package to run this script, please install it manually and then run the script again." + exit 1 + fi } #check if supported operating system -checkIfSupportedOS() -{ - getOs - - LINUX_DIST_IN_LOWER_CASE=$(echo $LINUX_DIST | tr "[:upper:]" "[:lower:]") - - case "$LINUX_DIST_IN_LOWER_CASE" in - *"ubuntu"* ) - echo "INFO: Operating system is Ubuntu." - ;; - *"red"* ) - echo "INFO: Operating system is Red Hat." - ;; - *"centos"* ) - echo "INFO: Operating system is CentOS." - ;; - *"debian"* ) - echo "INFO: Operating system is Debian." - ;; - *"amazon"* ) - echo "INFO: Operating system is Amazon AMI." - ;; - *"darwin"* ) - #if the OS is mac then exit - logMsgToConfigSysLog "ERROR" "ERROR: This script is for Linux systems, and Darwin or Mac OSX are not currently supported. You can find alternative options here: https://www.loggly.com/docs/send-mac-logs-to-loggly/" - exit 1 - ;; - * ) - logMsgToConfigSysLog "WARN" "WARN: The linux distribution '$LINUX_DIST' has not been previously tested with Loggly." - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; do - read -p "Would you like to continue anyway? (yes/no)" yn - case $yn in - [Yy]* ) - break;; - [Nn]* ) - exit 1 - ;; - * ) echo "Please answer yes or no.";; - esac - done - fi - ;; - esac +checkIfSupportedOS() { + getOs + + LINUX_DIST_IN_LOWER_CASE=$(echo $LINUX_DIST | tr "[:upper:]" "[:lower:]") + + case "$LINUX_DIST_IN_LOWER_CASE" in + *"ubuntu"*) + echo "INFO: Operating system is Ubuntu." + ;; + *"red"*) + echo "INFO: Operating system is Red Hat." + ;; + *"centos"*) + echo "INFO: Operating system is CentOS." + ;; + *"debian"*) + echo "INFO: Operating system is Debian." + ;; + *"amazon"*) + echo "INFO: Operating system is Amazon AMI." + ;; + *"darwin"*) + #if the OS is mac then exit + logMsgToConfigSysLog "ERROR" "ERROR: This script is for Linux systems, and Darwin or Mac OSX are not currently supported. You can find alternative options here: https://www.loggly.com/docs/send-mac-logs-to-loggly/" + exit 1 + ;; + *) + logMsgToConfigSysLog "WARN" "WARN: The linux distribution '$LINUX_DIST' has not been previously tested with Loggly." + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "Would you like to continue anyway? (yes/no)" yn + case $yn in + [Yy]*) + break + ;; + [Nn]*) + exit 1 + ;; + *) echo "Please answer yes or no." ;; + esac + done + fi + ;; + esac } -getOs() -{ - # Determine OS platform - UNAME=$(uname | tr "[:upper:]" "[:lower:]") - # If Linux, try to determine specific distribution - if [ "$UNAME" == "linux" ]; then - # If available, use LSB to identify distribution - if [ -f /etc/lsb-release -o -d /etc/lsb-release.d ]; then - LINUX_DIST=$(lsb_release -i | cut -d: -f2 | sed s/'^\t'//) - # If system-release is available, then try to identify the name - elif [ -f /etc/system-release ]; then - LINUX_DIST=$(cat /etc/system-release | cut -f 1 -d " ") - # Otherwise, use release info file - else - LINUX_DIST=$(ls -d /etc/[A-Za-z]*[_-][rv]e[lr]* | grep -v "lsb" | cut -d'/' -f3 | cut -d'-' -f1 | cut -d'_' -f1) - fi - fi - - # For everything else (or if above failed), just use generic identifier - if [ "$LINUX_DIST" == "" ]; then - LINUX_DIST=$(uname) - fi +getOs() { + # Determine OS platform + UNAME=$(uname | tr "[:upper:]" "[:lower:]") + # If Linux, try to determine specific distribution + if [ "$UNAME" == "linux" ]; then + # If available, use LSB to identify distribution + if [ -f /etc/lsb-release -o -d /etc/lsb-release.d ]; then + LINUX_DIST=$(lsb_release -i | cut -d: -f2 | sed s/'^\t'//) + # If system-release is available, then try to identify the name + elif [ -f /etc/system-release ]; then + LINUX_DIST=$(cat /etc/system-release | cut -f 1 -d " ") + # Otherwise, use release info file + else + LINUX_DIST=$(ls -d /etc/[A-Za-z]*[_-][rv]e[lr]* | grep -v "lsb" | cut -d'/' -f3 | cut -d'-' -f1 | cut -d'_' -f1) + fi + fi + + # For everything else (or if above failed), just use generic identifier + if [ "$LINUX_DIST" == "" ]; then + LINUX_DIST=$(uname) + fi } #sets linux variables which will be used across various functions -setLinuxVariables() -{ - #set host name - HOST_NAME=$(hostname) +setLinuxVariables() { + #set host name + HOST_NAME=$(hostname) - #set loggly account url - LOGGLY_ACCOUNT_URL=https://$LOGGLY_ACCOUNT.loggly.com + #set loggly account url + LOGGLY_ACCOUNT_URL=https://$LOGGLY_ACCOUNT.loggly.com } #checks if all the various endpoints used for configuring loggly are accessible -checkIfLogglyServersAccessible() -{ - echo "INFO: Checking if $LOGS_01_HOST can be pinged." - if [ $(ping -c 1 $LOGS_01_HOST | grep "1 packets transmitted, 1 received, 0% packet loss" | wc -l) == 1 ]; then - echo "INFO: $LOGS_01_HOST can be pinged." - else - logMsgToConfigSysLog "WARNING" "WARNING: $LOGS_01_HOST cannot be pinged. Please check your network and firewall settings." - fi - - echo "INFO: Checking if $LOGS_01_HOST is reachable." - ( /dev/null 2>&1 - if [ $? -eq 0 ]; then - echo "INFO: $LOGS_01_HOST is reachable." - else - logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable. Please check your network and firewall settings." - exit 1 - fi - - echo "INFO: Checking if $LOGS_01_HOST is reachable via $LOGGLY_SYSLOG_PORT port. This may take some time." - if [ $(curl --connect-timeout 10 $LOGS_01_HOST:$LOGGLY_SYSLOG_PORT 2>&1 | grep "Empty reply from server" | wc -l) == 1 ]; then - echo "INFO: $LOGS_01_HOST is reachable via $LOGGLY_SYSLOG_PORT port." - else - logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable via $LOGGLY_SYSLOG_PORT port. Please check your network and firewall settings." - exit 1 - fi - - echo "INFO: Checking if '$LOGGLY_ACCOUNT' subdomain is valid." - if [ $(curl --head -s --request GET $LOGGLY_ACCOUNT_URL/login | grep "200 OK\|HTTP/2 200" | wc -l) > 0 ]; then - echo "INFO: $LOGGLY_ACCOUNT_URL is valid and reachable." - else - logMsgToConfigSysLog "ERROR" "ERROR: This is not a recognized subdomain. Please ask the account owner for the subdomain they signed up with." - exit 1 - fi - - echo "INFO: Checking if Gen2 account." - if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "404 NOT FOUND" | wc -l) == 1 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: This scripts need a Gen2 account. Please contact Loggly support." - exit 1 - else - echo "INFO: It is a Gen2 account." - fi +checkIfLogglyServersAccessible() { + echo "INFO: Checking if $LOGS_01_HOST can be pinged." + if [ $(ping -c 1 $LOGS_01_HOST | grep "1 packets transmitted, 1 received, 0% packet loss" | wc -l) == 1 ]; then + echo "INFO: $LOGS_01_HOST can be pinged." + else + logMsgToConfigSysLog "WARNING" "WARNING: $LOGS_01_HOST cannot be pinged. Please check your network and firewall settings." + fi + + echo "INFO: Checking if $LOGS_01_HOST is reachable." + (/dev/null 2>&1 + if [ $? -eq 0 ]; then + echo "INFO: $LOGS_01_HOST is reachable." + else + logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable. Please check your network and firewall settings." + exit 1 + fi + + echo "INFO: Checking if $LOGS_01_HOST is reachable via $LOGGLY_SYSLOG_PORT port. This may take some time." + if [ $(curl --connect-timeout 10 $LOGS_01_HOST:$LOGGLY_SYSLOG_PORT 2>&1 | grep "Empty reply from server" | wc -l) == 1 ]; then + echo "INFO: $LOGS_01_HOST is reachable via $LOGGLY_SYSLOG_PORT port." + else + logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable via $LOGGLY_SYSLOG_PORT port. Please check your network and firewall settings." + exit 1 + fi + + echo "INFO: Checking if '$LOGGLY_ACCOUNT' subdomain is valid." + if [ $(curl --head -s --request GET $LOGGLY_ACCOUNT_URL/login | grep "200 OK\|HTTP/2 200" | wc -l) ] >0; then + echo "INFO: $LOGGLY_ACCOUNT_URL is valid and reachable." + else + logMsgToConfigSysLog "ERROR" "ERROR: This is not a recognized subdomain. Please ask the account owner for the subdomain they signed up with." + exit 1 + fi + + echo "INFO: Checking if Gen2 account." + if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "404 NOT FOUND" | wc -l) == 1 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: This scripts need a Gen2 account. Please contact Loggly support." + exit 1 + else + echo "INFO: It is a Gen2 account." + fi } #check if user name and password is valid -checkIfValidUserNamePassword() -{ - echo "INFO: Checking if provided username and password is correct." - if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "Unauthorized" | wc -l) == 1 ]; then - logMsgToConfigSysLog "INFO" "INFO: Please check your username or reset your password at $LOGGLY_ACCOUNT_URL/account/users/" - logMsgToConfigSysLog "ERROR" "ERROR: Invalid Loggly username or password. Your username is visible at the top right of the Loggly console before the @ symbol. You can reset your password at http://.loggly.com/login." - exit 1 - else - logMsgToConfigSysLog "INFO" "INFO: Username and password authorized successfully." - fi +checkIfValidUserNamePassword() { + echo "INFO: Checking if provided username and password is correct." + if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "Unauthorized" | wc -l) == 1 ]; then + logMsgToConfigSysLog "INFO" "INFO: Please check your username or reset your password at $LOGGLY_ACCOUNT_URL/account/users/" + logMsgToConfigSysLog "ERROR" "ERROR: Invalid Loggly username or password. Your username is visible at the top right of the Loggly console before the @ symbol. You can reset your password at http://.loggly.com/login." + exit 1 + else + logMsgToConfigSysLog "INFO" "INFO: Username and password authorized successfully." + fi } -getAuthToken() -{ - if [ "$LOGGLY_AUTH_TOKEN" = "" ]; then - logMsgToConfigSysLog "INFO" "INFO: Authentication token not provided. Trying to retrieve it from $LOGGLY_ACCOUNT_URL account." - #get authentication token if user has not provided one - tokenstr=$(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep -v "token") +getAuthToken() { + if [ "$LOGGLY_AUTH_TOKEN" = "" ]; then + logMsgToConfigSysLog "INFO" "INFO: Authentication token not provided. Trying to retrieve it from $LOGGLY_ACCOUNT_URL account." + #get authentication token if user has not provided one + tokenstr=$(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep -v "token") - #get the string from index 0 to first occurence of , - tokenstr=${tokenstr%%,*} + #get the string from index 0 to first occurence of , + tokenstr=${tokenstr%%,*} - #get the string from index 0 to last occurence of " - tokenstr=${tokenstr%\"*} + #get the string from index 0 to last occurence of " + tokenstr=${tokenstr%\"*} - #get the string from first occurence of " to the end - tokenstr=${tokenstr#*\"} + #get the string from first occurence of " to the end + tokenstr=${tokenstr#*\"} - LOGGLY_AUTH_TOKEN=$tokenstr + LOGGLY_AUTH_TOKEN=$tokenstr - logMsgToConfigSysLog "INFO" "INFO: Retrieved authentication token: $LOGGLY_AUTH_TOKEN" - fi + logMsgToConfigSysLog "INFO" "INFO: Retrieved authentication token: $LOGGLY_AUTH_TOKEN" + fi } #check if authentication token is valid -checkIfValidAuthToken() -{ - echo "INFO: Checking if provided auth token is correct." - if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep \"$LOGGLY_AUTH_TOKEN\" | wc -l) == 1 ]; then - logMsgToConfigSysLog "INFO" "INFO: Authentication token validated successfully." - else - logMsgToConfigSysLog "ERROR" "ERROR: Invalid authentication token $LOGGLY_AUTH_TOKEN. You can get valid authentication token by following instructions at https://www.loggly.com/docs/customer-token-authentication-token/." - exit 1 - fi +checkIfValidAuthToken() { + echo "INFO: Checking if provided auth token is correct." + if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep \"$LOGGLY_AUTH_TOKEN\" | wc -l) == 1 ]; then + logMsgToConfigSysLog "INFO" "INFO: Authentication token validated successfully." + else + logMsgToConfigSysLog "ERROR" "ERROR: Invalid authentication token $LOGGLY_AUTH_TOKEN. You can get valid authentication token by following instructions at https://www.loggly.com/docs/customer-token-authentication-token/." + exit 1 + fi } #check if rsyslog is configured as service. If it is configured as service and not started, start the service -checkIfRsyslogConfiguredAsService() -{ - if [ -f /etc/init.d/$RSYSLOG_SERVICE ]; then - logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is present as service." - elif [ -f /usr/lib/systemd/system/$RSYSLOG_SERVICE.service ]; then - logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is present as service." - else - logMsgToConfigSysLog "ERROR" "ERROR: $RSYSLOG_SERVICE is not present as service." - exit 1 - fi - - #checking if syslog-ng is running as a service - checkifSyslogNgConfiguredAsService - - if [ $(ps -A | grep "$RSYSLOG_SERVICE" | wc -l) -eq 0 ]; then - logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is not running. Attempting to start service." - service $RSYSLOG_SERVICE start - fi +checkIfRsyslogConfiguredAsService() { + if [ -f /etc/init.d/$RSYSLOG_SERVICE ]; then + logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is present as service." + elif [ -f /usr/lib/systemd/system/$RSYSLOG_SERVICE.service ]; then + logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is present as service." + else + logMsgToConfigSysLog "ERROR" "ERROR: $RSYSLOG_SERVICE is not present as service." + exit 1 + fi + + #checking if syslog-ng is running as a service + checkifSyslogNgConfiguredAsService + + if [ $(ps -A | grep "$RSYSLOG_SERVICE" | wc -l) -eq 0 ]; then + logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is not running. Attempting to start service." + service $RSYSLOG_SERVICE start + fi } -checkifSyslogNgConfiguredAsService() -{ - if [ $(ps -A | grep "$SYSLOG_NG_SERVICE" | wc -l) -gt 0 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: This script does not currently support syslog-ng. Please follow the instructions on this page https://www.loggly.com/docs/syslog-ng-manual-configuration" - exit 1 - fi +checkifSyslogNgConfiguredAsService() { + if [ $(ps -A | grep "$SYSLOG_NG_SERVICE" | wc -l) -gt 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: This script does not currently support syslog-ng. Please follow the instructions on this page https://www.loggly.com/docs/syslog-ng-manual-configuration" + exit 1 + fi } #check if systemd is present in machine. -checkIfSystemdConfigured() -{ - FILE="/etc/systemd/journald.conf"; - if [ -f "$FILE" ]; then - logMsgToConfigSysLog "INFO" "INFO: Systemd is present. Configuring logs from Systemd to rsyslog." - cp /etc/systemd/journald.conf /etc/systemd/journald.conf.loggly.bk - sed -i 's/.*ForwardToSyslog.*/ForwardToSyslog=Yes/g' /etc/systemd/journald.conf - logMsgToConfigSysLog "INFO" "INFO: Restarting Systemd-journald" - systemctl restart systemd-journald - fi +checkIfSystemdConfigured() { + FILE="/etc/systemd/journald.conf" + if [ -f "$FILE" ]; then + logMsgToConfigSysLog "INFO" "INFO: Systemd is present. Configuring logs from Systemd to rsyslog." + cp /etc/systemd/journald.conf /etc/systemd/journald.conf.loggly.bk + sed -i 's/.*ForwardToSyslog.*/ForwardToSyslog=Yes/g' /etc/systemd/journald.conf + logMsgToConfigSysLog "INFO" "INFO: Restarting Systemd-journald" + systemctl restart systemd-journald + fi } #check if multiple versions of rsyslog is configured -checkIfMultipleRsyslogConfigured() -{ - if [ $(ps -A | grep "$RSYSLOG_SERVICE" | wc -l) -gt 1 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Multiple (more than 1) $RSYSLOG_SERVICE is running." - exit 1 - fi +checkIfMultipleRsyslogConfigured() { + if [ $(ps -A | grep "$RSYSLOG_SERVICE" | wc -l) -gt 1 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Multiple (more than 1) $RSYSLOG_SERVICE is running." + exit 1 + fi } #check if minimum version of rsyslog required to configure loggly is met -checkIfMinVersionOfRsyslog() -{ - RSYSLOG_VERSION=$($RSYSLOGD -version | grep "$RSYSLOGD") - RSYSLOG_VERSION=${RSYSLOG_VERSION#* } - RSYSLOG_VERSION=${RSYSLOG_VERSION%,*} - RSYSLOG_VERSION=$RSYSLOG_VERSION | tr -d " " - if [ $(compareVersions $RSYSLOG_VERSION $MIN_RSYSLOG_VERSION 3) -lt 0 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Minimum rsyslog version required to run this script is 5.8.0. Please upgrade your rsyslog version or follow the manual instructions." - exit 1 - fi +checkIfMinVersionOfRsyslog() { + RSYSLOG_VERSION=$($RSYSLOGD -version | grep "$RSYSLOGD") + RSYSLOG_VERSION=${RSYSLOG_VERSION#* } + RSYSLOG_VERSION=${RSYSLOG_VERSION%,*} + RSYSLOG_VERSION=$RSYSLOG_VERSION | tr -d " " + if [ $(compareVersions $RSYSLOG_VERSION $MIN_RSYSLOG_VERSION 3) -lt 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Minimum rsyslog version required to run this script is 5.8.0. Please upgrade your rsyslog version or follow the manual instructions." + exit 1 + fi } #check if SeLinux service is enforced -checkIfSelinuxServiceEnforced() -{ - isSelinuxInstalled=$(getenforce -ds 2>/dev/null) - if [ $? -ne 0 ]; then - logMsgToConfigSysLog "INFO" "INFO: selinux status is not enforced." - elif [ $(getenforce | grep "Enforcing" | wc -l) -gt 0 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: selinux status is 'Enforcing'. Please manually restart the rsyslog daemon or turn off selinux by running 'setenforce 0' and then rerun the script." - exit 1 - fi +checkIfSelinuxServiceEnforced() { + isSelinuxInstalled=$(getenforce -ds 2>/dev/null) + if [ $? -ne 0 ]; then + logMsgToConfigSysLog "INFO" "INFO: selinux status is not enforced." + elif [ $(getenforce | grep "Enforcing" | wc -l) -gt 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: selinux status is 'Enforcing'. Please manually restart the rsyslog daemon or turn off selinux by running 'setenforce 0' and then rerun the script." + exit 1 + fi } #update rsyslog.conf and adds $MaxMessageSize in it -modifyMaxMessageSize() -{ - if grep -q '$MaxMessageSize' "/etc/rsyslog.conf"; then - sed -i 's/.*$MaxMessageSize.*/$MaxMessageSize 64k/g' /etc/rsyslog.conf - else - sed -i '1 a $MaxMessageSize 64k' /etc/rsyslog.conf - fi - logMsgToConfigSysLog "INFO" "INFO: Modified \$MaxMessageSize to 64k in rsyslog.conf" +modifyMaxMessageSize() { + if grep -q '$MaxMessageSize' "/etc/rsyslog.conf"; then + sed -i 's/.*$MaxMessageSize.*/$MaxMessageSize 64k/g' /etc/rsyslog.conf + else + sed -i '1 a $MaxMessageSize 64k' /etc/rsyslog.conf + fi + logMsgToConfigSysLog "INFO" "INFO: Modified \$MaxMessageSize to 64k in rsyslog.conf" } #check if authentication token is valid and then write contents to 22-loggly.conf file to /etc/rsyslog.d directory -checkAuthTokenAndWriteContents() -{ - if [ "$LOGGLY_AUTH_TOKEN" != "" ]; then - writeContents $LOGGLY_ACCOUNT $LOGGLY_AUTH_TOKEN $LOGGLY_DISTRIBUTION_ID $LOGS_01_HOST $LOGGLY_SYSLOG_PORT - restartRsyslog - else - logMsgToConfigSysLog "ERROR" "ERROR: Loggly auth token is required to configure rsyslog. Please pass -a while running script." - exit 1 - fi +checkAuthTokenAndWriteContents() { + if [ "$LOGGLY_AUTH_TOKEN" != "" ]; then + writeContents $LOGGLY_ACCOUNT $LOGGLY_AUTH_TOKEN $LOGGLY_DISTRIBUTION_ID $LOGS_01_HOST $LOGGLY_SYSLOG_PORT + restartRsyslog + else + logMsgToConfigSysLog "ERROR" "ERROR: Loggly auth token is required to configure rsyslog. Please pass -a while running script." + exit 1 + fi } -downloadTlsCerts() -{ - echo "DOWNLOADING CERTIFICATE" - mkdir -pv /etc/rsyslog.d/keys/ca.d - curl -O https://logdog.loggly.com/media/logs-01.loggly.com_sha12.crt - sudo cp -Prf logs-01.loggly.com_sha12.crt /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt - sudo rm logs-01.loggly.com_sha12.crt - if [ ! -f /etc/rsyslog.d/keys/ca.d//logs-01.loggly.com_sha12.crt ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Certificate could not be downloaded." - exit 1 - fi +downloadTlsCerts() { + echo "DOWNLOADING CERTIFICATE" + mkdir -pv /etc/rsyslog.d/keys/ca.d + curl -O https://logdog.loggly.com/media/logs-01.loggly.com_sha12.crt + sudo cp -Prf logs-01.loggly.com_sha12.crt /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt + sudo rm logs-01.loggly.com_sha12.crt + if [ ! -f /etc/rsyslog.d/keys/ca.d//logs-01.loggly.com_sha12.crt ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Certificate could not be downloaded." + exit 1 + fi } -confString() -{ - RSYSLOG_VERSION_TMP=$(echo $RSYSLOG_VERSION | cut -d "." -f1 ) - inputStr_TLS_RSYS_7=" +confString() { + RSYSLOG_VERSION_TMP=$(echo $RSYSLOG_VERSION | cut -d "." -f1) + inputStr_TLS_RSYS_7=" # ------------------------------------------------------- # Syslog Logging Directives for Loggly ($LOGGLY_ACCOUNT.loggly.com) # ------------------------------------------------------- @@ -564,8 +542,8 @@ confString() *.* @@$LOGS_01_HOST:$LOGGLY_SYSLOG_PORT;LogglyFormat #################END CONFIG FILE######################### - " - inputStr_TLS_RSYS_8=" + " + inputStr_TLS_RSYS_8=" # ------------------------------------------------------- # Syslog Logging Directives for Loggly ($LOGGLY_ACCOUNT.loggly.com) # ------------------------------------------------------- @@ -587,9 +565,9 @@ string=\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-na # Send messages to Loggly over TCP using the template. action(type=\"omfwd\" protocol=\"tcp\" target=\"$LOGS_01_HOST\" port=\"$LOGGLY_SYSLOG_PORT\" template=\"LogglyFormat\" StreamDriver=\"gtls\" StreamDriverMode=\"1\" StreamDriverAuthMode=\"x509/name\" StreamDriverPermittedPeers=\"*.loggly.com\") - " - - inputStr_NO_TLS=" + " + + inputStr_NO_TLS=" # ------------------------------------------------------- # Syslog Logging Directives for Loggly ($LOGGLY_ACCOUNT.loggly.com) # ------------------------------------------------------- @@ -606,423 +584,408 @@ action(type=\"omfwd\" protocol=\"tcp\" target=\"$LOGS_01_HOST\" port=\"$LOGGLY_S # Send messages to Loggly over TCP using the template. *.* @@$LOGS_01_HOST:$LOGGLY_SYSLOG_PORT;LogglyFormat # ------------------------------------------------------- - " -if [ "$RSYSLOG_VERSION_TMP" -le "7" ]; then - inputStrTls=$inputStr_TLS_RSYS_7 -elif [ "$RSYSLOG_VERSION_TMP" -ge "8" ]; then - inputStrTls=$inputStr_TLS_RSYS_8 -fi -inputStr=$inputStr_NO_TLS + " + if [ "$RSYSLOG_VERSION_TMP" -le "7" ]; then + inputStrTls=$inputStr_TLS_RSYS_7 + elif [ "$RSYSLOG_VERSION_TMP" -ge "8" ]; then + inputStrTls=$inputStr_TLS_RSYS_8 + fi + inputStr=$inputStr_NO_TLS } #install the certificate and check if gnutls package is installed -installTLSDependencies() -{ -if [ $LOGGLY_TLS_SENDING == "true" ]; then - downloadTlsCerts - if [ "$SUPPRESS_PROMPT" == "true" ]; then - /bin/bash -c "sudo $PKG_MGR install -y rsyslog-gnutls" - else - /bin/bash -c "sudo $PKG_MGR install rsyslog-gnutls" - fi - if [ "$PKG_MGR" == "yum" ]; then - if [ $(rpm -qa | grep -c "rsyslog-gnutls") -eq 0 ]; then - DEPENDENCIES_INSTALLED="false"; - if [ "$FORCE_SECURE" == "true" ]; then - logMsgToConfigSysLog "WARN" "WARN: The rsyslog-gnutls package could not be download automatically because your package manager could not be found. Please install it and restart the rsyslog service to send logs to Loggly." - fi - fi - elif [ "$PKG_MGR" == "apt-get" ]; then - if [ $(dpkg-query -W -f='${Status}' rsyslog-gnutls 2>/dev/null | grep -c "ok installed") -eq 0 ]; then - DEPENDENCIES_INSTALLED="false"; - if [ "$FORCE_SECURE" == "true" ]; then - logMsgToConfigSysLog "WARN" "WARN: The rsyslog-gnutls package could not be download automatically because your package manager could not be found. Please install it and restart the rsyslog service to send logs to Loggly." - fi - fi - else - DEPENDENCIES_INSTALLED="false"; - fi - inputStr=$inputStrTls -fi +installTLSDependencies() { + if [ $LOGGLY_TLS_SENDING == "true" ]; then + downloadTlsCerts + if [ "$SUPPRESS_PROMPT" == "true" ]; then + /bin/bash -c "sudo $PKG_MGR install -y rsyslog-gnutls" + else + /bin/bash -c "sudo $PKG_MGR install rsyslog-gnutls" + fi + if [ "$PKG_MGR" == "yum" ]; then + if [ $(rpm -qa | grep -c "rsyslog-gnutls") -eq 0 ]; then + DEPENDENCIES_INSTALLED="false" + if [ "$FORCE_SECURE" == "true" ]; then + logMsgToConfigSysLog "WARN" "WARN: The rsyslog-gnutls package could not be download automatically because your package manager could not be found. Please install it and restart the rsyslog service to send logs to Loggly." + fi + fi + elif [ "$PKG_MGR" == "apt-get" ]; then + if [ $(dpkg-query -W -f='${Status}' rsyslog-gnutls 2>/dev/null | grep -c "ok installed") -eq 0 ]; then + DEPENDENCIES_INSTALLED="false" + if [ "$FORCE_SECURE" == "true" ]; then + logMsgToConfigSysLog "WARN" "WARN: The rsyslog-gnutls package could not be download automatically because your package manager could not be found. Please install it and restart the rsyslog service to send logs to Loggly." + fi + fi + else + DEPENDENCIES_INSTALLED="false" + fi + inputStr=$inputStrTls + fi } -#prompt users if they want to switch to insecure mode on gnutls-package download failure -switchToInsecureModeIfTLSNotFound() -{ -if [ "$FORCE_SECURE" == "false" ]; then - if [ "$DEPENDENCIES_INSTALLED" == "false" ]; then - if [ "$SUPPRESS_PROMPT" == "false" ]; then - logMsgToConfigSysLog "WARN" "WARN: The rsyslog-gnutls package could not download automatically either because of your package manager could not be found or due to some other reason." - while true; - do - read -p "Do you wish to continue with insecure mode? (yes/no)" yn - case $yn in - [Yy]* ) - logMsgToConfigSysLog "INFO" "INFO: Going to overwrite the conf file: $LOGGLY_RSYSLOG_CONFFILE with insecure configuration"; - LOGGLY_SYSLOG_PORT=514 - break;; - [Nn]* ) - logMsgToConfigSysLog "INFO" "INFO: Since the rsyslog-gnutls package could not be installed automatically, please install it yourself and then re-run the script using the --force-secure flag. This option will force the secure TLS configuration instead of falling back on insecure mode. It is useful for Linux distributions where this script cannot automatically detect the dependency using yum or apt-get."; - exit 1;; - * ) echo "Please answer yes or no.";; - esac - done - else - logMsgToConfigSysLog "WARN" "WARN: The rsyslog-gnutls package could not download automatically either because of your package manager could not be found or due to some other reason, continuing with insecure mode." - LOGGLY_SYSLOG_PORT=514 - - fi - confString - fi -fi +#prompt users if they want to switch to insecure mode on gnutls-package download failure +switchToInsecureModeIfTLSNotFound() { + if [ "$FORCE_SECURE" == "false" ]; then + if [ "$DEPENDENCIES_INSTALLED" == "false" ]; then + if [ "$SUPPRESS_PROMPT" == "false" ]; then + logMsgToConfigSysLog "WARN" "WARN: The rsyslog-gnutls package could not download automatically either because of your package manager could not be found or due to some other reason." + while true; do + read -p "Do you wish to continue with insecure mode? (yes/no)" yn + case $yn in + [Yy]*) + logMsgToConfigSysLog "INFO" "INFO: Going to overwrite the conf file: $LOGGLY_RSYSLOG_CONFFILE with insecure configuration" + LOGGLY_SYSLOG_PORT=514 + break + ;; + [Nn]*) + logMsgToConfigSysLog "INFO" "INFO: Since the rsyslog-gnutls package could not be installed automatically, please install it yourself and then re-run the script using the --force-secure flag. This option will force the secure TLS configuration instead of falling back on insecure mode. It is useful for Linux distributions where this script cannot automatically detect the dependency using yum or apt-get." + exit 1 + ;; + *) echo "Please answer yes or no." ;; + esac + done + else + logMsgToConfigSysLog "WARN" "WARN: The rsyslog-gnutls package could not download automatically either because of your package manager could not be found or due to some other reason, continuing with insecure mode." + LOGGLY_SYSLOG_PORT=514 + + fi + confString + fi + fi } #write the contents to 22-loggly.conf file -writeContents() -{ -confString -checkScriptRunningMode -installTLSDependencies -switchToInsecureModeIfTLSNotFound -WRITE_SCRIPT_CONTENTS="false" - - if [ -f "$LOGGLY_RSYSLOG_CONFFILE" ]; then - logMsgToConfigSysLog "INFO" "INFO: Loggly rsyslog file $LOGGLY_RSYSLOG_CONFFILE already exist." - - STR_SIZE=${#inputStr} - SIZE_FILE=$(stat -c%s "$LOGGLY_RSYSLOG_CONFFILE") - - #actual file size and variable size with same contents always differ in size with one byte - STR_SIZE=$(( STR_SIZE + 1 )) - - if [ "$STR_SIZE" -ne "$SIZE_FILE" ]; then - - logMsgToConfigSysLog "WARN" "WARN: Loggly rsyslog file /etc/rsyslog.d/22-loggly.conf content has changed." - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; - do - read -p "Do you wish to override $LOGGLY_RSYSLOG_CONFFILE and re-verify configuration? (yes/no)" yn - case $yn in - [Yy]* ) - logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $LOGGLY_RSYSLOG_CONFFILE to $LOGGLY_RSYSLOG_CONFFILE_BACKUP"; - mv -f $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP; - WRITE_SCRIPT_CONTENTS="true" - break;; - [Nn]* ) - LINUX_DO_VERIFICATION="false" - logMsgToConfigSysLog "INFO" "INFO: Skipping Linux verification." - break;; - * ) echo "Please answer yes or no.";; - esac - done - else - logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $LOGGLY_RSYSLOG_CONFFILE to $LOGGLY_RSYSLOG_CONFFILE_BACKUP"; - mv -f $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP; - WRITE_SCRIPT_CONTENTS="true" - fi - else - LINUX_DO_VERIFICATION="false" - fi - else - WRITE_SCRIPT_CONTENTS="true" - fi - - if [ "$WRITE_SCRIPT_CONTENTS" == "true" ]; then - -cat << EOIPFW >> $LOGGLY_RSYSLOG_CONFFILE +writeContents() { + confString + checkScriptRunningMode + installTLSDependencies + switchToInsecureModeIfTLSNotFound + WRITE_SCRIPT_CONTENTS="false" + + if [ -f "$LOGGLY_RSYSLOG_CONFFILE" ]; then + logMsgToConfigSysLog "INFO" "INFO: Loggly rsyslog file $LOGGLY_RSYSLOG_CONFFILE already exist." + + STR_SIZE=${#inputStr} + SIZE_FILE=$(stat -c%s "$LOGGLY_RSYSLOG_CONFFILE") + + #actual file size and variable size with same contents always differ in size with one byte + STR_SIZE=$((STR_SIZE + 1)) + + if [ "$STR_SIZE" -ne "$SIZE_FILE" ]; then + + logMsgToConfigSysLog "WARN" "WARN: Loggly rsyslog file /etc/rsyslog.d/22-loggly.conf content has changed." + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "Do you wish to override $LOGGLY_RSYSLOG_CONFFILE and re-verify configuration? (yes/no)" yn + case $yn in + [Yy]*) + logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $LOGGLY_RSYSLOG_CONFFILE to $LOGGLY_RSYSLOG_CONFFILE_BACKUP" + mv -f $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP + WRITE_SCRIPT_CONTENTS="true" + break + ;; + [Nn]*) + LINUX_DO_VERIFICATION="false" + logMsgToConfigSysLog "INFO" "INFO: Skipping Linux verification." + break + ;; + *) echo "Please answer yes or no." ;; + esac + done + else + logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $LOGGLY_RSYSLOG_CONFFILE to $LOGGLY_RSYSLOG_CONFFILE_BACKUP" + mv -f $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP + WRITE_SCRIPT_CONTENTS="true" + fi + else + LINUX_DO_VERIFICATION="false" + fi + else + WRITE_SCRIPT_CONTENTS="true" + fi + + if [ "$WRITE_SCRIPT_CONTENTS" == "true" ]; then + + cat <>$LOGGLY_RSYSLOG_CONFFILE $inputStr EOIPFW - fi + fi } #create /var/spool/rsyslog directory if not already present. Modify the permission of this directory for Ubuntu -createRsyslogDir() -{ - if [ -d "$RSYSLOG_DIR" ]; then - logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_DIR already exist, so not creating directory." - if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then - logMsgToConfigSysLog "INFO" "INFO: Changing the permission on the rsyslog in /var/spool" - chown -R syslog:adm $RSYSLOG_DIR - fi - else - logMsgToConfigSysLog "INFO" "INFO: Creating directory $SYSLOGDIR" - mkdir -v $RSYSLOG_DIR - if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then - chown -R syslog:adm $RSYSLOG_DIR - fi - fi +createRsyslogDir() { + if [ -d "$RSYSLOG_DIR" ]; then + logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_DIR already exist, so not creating directory." + if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then + logMsgToConfigSysLog "INFO" "INFO: Changing the permission on the rsyslog in /var/spool" + chown -R syslog:adm $RSYSLOG_DIR + fi + else + logMsgToConfigSysLog "INFO" "INFO: Creating directory $SYSLOGDIR" + mkdir -v $RSYSLOG_DIR + if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then + chown -R syslog:adm $RSYSLOG_DIR + fi + fi } #check if the logs made it to Loggly -checkIfLogsMadeToLoggly() -{ - logMsgToConfigSysLog "INFO" "INFO: Sending test message to Loggly." - uuid=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) - - queryParam="syslog.appName%3ALOGGLYVERIFY%20$uuid" - logger -t "LOGGLYVERIFY" "LOGGLYVERIFY-Test message for verification with UUID $uuid" - - counter=1 - maxCounter=10 - finalCount=0 - - queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" - logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" - - logMsgToConfigSysLog "INFO" "INFO: Verifying if the log made it to Loggly." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - searchAndFetch finalCount "$queryUrl" - let counter=$counter+1 - - while [ "$finalCount" -eq 0 ]; do - echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." - sleep 30 - echo "INFO: Done waiting. Verifying again." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - searchAndFetch finalCount "$queryUrl" - let counter=$counter+1 - if [ "$counter" -gt "$maxCounter" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Logs did not make to Loggly in time. Please check network and firewall settings and retry." - exit 1 - fi - done - - if [ "$finalCount" -eq 1 ]; then - if [ "$IS_INVOKED" = "" ]; then - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Linux system logs to Loggly." - exit 0 - else - logMsgToConfigSysLog "INFO" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Linux system logs to Loggly." - fi - fi +checkIfLogsMadeToLoggly() { + logMsgToConfigSysLog "INFO" "INFO: Sending test message to Loggly." + uuid=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) + + queryParam="syslog.appName%3ALOGGLYVERIFY%20$uuid" + logger -t "LOGGLYVERIFY" "LOGGLYVERIFY-Test message for verification with UUID $uuid" + + counter=1 + maxCounter=10 + finalCount=0 + + queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" + logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Verifying if the log made it to Loggly." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch finalCount "$queryUrl" + let counter=$counter+1 + + while [ "$finalCount" -eq 0 ]; do + echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." + sleep 30 + echo "INFO: Done waiting. Verifying again." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch finalCount "$queryUrl" + let counter=$counter+1 + if [ "$counter" -gt "$maxCounter" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Logs did not make to Loggly in time. Please check network and firewall settings and retry." + exit 1 + fi + done + + if [ "$finalCount" -eq 1 ]; then + if [ "$IS_INVOKED" = "" ]; then + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Linux system logs to Loggly." + exit 0 + else + logMsgToConfigSysLog "INFO" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Linux system logs to Loggly." + fi + fi } #delete 22-loggly.conf file -remove22LogglyConfFile() -{ - if [ -f "$LOGGLY_RSYSLOG_CONFFILE" ]; then - rm -rf "$LOGGLY_RSYSLOG_CONFFILE" - fi +remove22LogglyConfFile() { + if [ -f "$LOGGLY_RSYSLOG_CONFFILE" ]; then + rm -rf "$LOGGLY_RSYSLOG_CONFFILE" + fi } -revertSystemdChanges() -{ - FILE="/etc/systemd/journald.conf.loggly.bk"; - if [ -f "$FILE" ]; then - cp /etc/systemd/journald.conf.loggly.bk /etc/systemd/journald.conf - rm /etc/systemd/journald.conf.loggly.bk - logMsgToConfigSysLog "INFO" "INFO: Reverted Systemd-rsyslog configuration" - systemctl restart systemd-journald - fi +revertSystemdChanges() { + FILE="/etc/systemd/journald.conf.loggly.bk" + if [ -f "$FILE" ]; then + cp /etc/systemd/journald.conf.loggly.bk /etc/systemd/journald.conf + rm /etc/systemd/journald.conf.loggly.bk + logMsgToConfigSysLog "INFO" "INFO: Reverted Systemd-rsyslog configuration" + systemctl restart systemd-journald + fi } #compares two version numbers, used for comparing versions of various softwares -compareVersions () -{ - typeset IFS='.' - typeset -a v1=( $1 ) - typeset -a v2=( $2 ) - typeset n diff - - for (( n=0; n<$3; n+=1 )); do - diff=$((v1[n]-v2[n])) - if [ $diff -ne 0 ] ; then - [ $diff -le 0 ] && echo '-1' || echo '1' - return - fi - done - echo '0' +compareVersions() { + typeset IFS='.' + typeset -a v1=($1) + typeset -a v2=($2) + typeset n diff + + for ((n = 0; n < $3; n += 1)); do + diff=$((v1[n] - v2[n])) + if [ $diff -ne 0 ]; then + [ $diff -le 0 ] && echo '-1' || echo '1' + return + fi + done + echo '0' } #restart rsyslog -restartRsyslog() -{ - logMsgToConfigSysLog "INFO" "INFO: Restarting the $RSYSLOG_SERVICE service." - service $RSYSLOG_SERVICE restart - if [ $? -ne 0 ]; then - logMsgToConfigSysLog "WARNING" "WARNING: $RSYSLOG_SERVICE did not restart gracefully. Please restart $RSYSLOG_SERVICE manually." - fi +restartRsyslog() { + logMsgToConfigSysLog "INFO" "INFO: Restarting the $RSYSLOG_SERVICE service." + service $RSYSLOG_SERVICE restart + if [ $? -ne 0 ]; then + logMsgToConfigSysLog "WARNING" "WARNING: $RSYSLOG_SERVICE did not restart gracefully. Please restart $RSYSLOG_SERVICE manually." + fi } #logs message to config syslog -logMsgToConfigSysLog() -{ - #$1 variable will be SUCCESS or ERROR or INFO or WARNING - #$2 variable will be the message - cslStatus=$1 - cslMessage=$2 - echo "$cslMessage" - currentTime=$(date) - - #for Linux system, we need to use -d switch to decode base64 whereas - #for Mac system, we need to use -D switch to decode - varUname=$(uname) - if [[ $varUname == 'Linux' ]]; then - enabler=$(echo -n MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -d) - elif [[ $varUname == 'Darwin' ]]; then - enabler=$(echo MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -D) - fi - - if [ $? -ne 0 ]; then - echo "ERROR: Base64 decode is not supported on your Operating System. Please update your system to support Base64." - exit 1 - fi - - sendPayloadToConfigSysLog "$cslStatus" "$cslMessage" "$enabler" - - #if it is an error, then log message "Script Failed" to config syslog and exit the script - if [[ $cslStatus == "ERROR" ]]; then - sendPayloadToConfigSysLog "ERROR" "Script Failed" "$enabler" - if [ "$varUname" != "Darwin" ]; then - echo $MANUAL_CONFIG_INSTRUCTION - fi - exit 1 - fi - - #if it is a success, then log message "Script Succeeded" to config syslog and exit the script - if [[ $cslStatus == "SUCCESS" ]]; then - sendPayloadToConfigSysLog "SUCCESS" "Script Succeeded" "$enabler" - exit 0 - fi +logMsgToConfigSysLog() { + #$1 variable will be SUCCESS or ERROR or INFO or WARNING + #$2 variable will be the message + cslStatus=$1 + cslMessage=$2 + echo "$cslMessage" + currentTime=$(date) + + #for Linux system, we need to use -d switch to decode base64 whereas + #for Mac system, we need to use -D switch to decode + varUname=$(uname) + if [[ $varUname == 'Linux' ]]; then + enabler=$(echo -n MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -d) + elif [[ $varUname == 'Darwin' ]]; then + enabler=$(echo MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -D) + fi + + if [ $? -ne 0 ]; then + echo "ERROR: Base64 decode is not supported on your Operating System. Please update your system to support Base64." + exit 1 + fi + + sendPayloadToConfigSysLog "$cslStatus" "$cslMessage" "$enabler" + + #if it is an error, then log message "Script Failed" to config syslog and exit the script + if [[ $cslStatus == "ERROR" ]]; then + sendPayloadToConfigSysLog "ERROR" "Script Failed" "$enabler" + if [ "$varUname" != "Darwin" ]; then + echo $MANUAL_CONFIG_INSTRUCTION + fi + exit 1 + fi + + #if it is a success, then log message "Script Succeeded" to config syslog and exit the script + if [[ $cslStatus == "SUCCESS" ]]; then + sendPayloadToConfigSysLog "SUCCESS" "Script Succeeded" "$enabler" + exit 0 + fi } #payload construction to send log to config syslog -sendPayloadToConfigSysLog() -{ - if [ "$APP_TAG" = "" ]; then - var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", \"messages\":\"$2\",\"rsyslog-version\":\"$RSYSLOG_VERSION\",\"insecure-mode\":\"$INSECURE_MODE\",\"suppress-enabled\":\"$SUPPRESS_PROMPT\",\"force-secure-enabled\":\"$FORCE_SECURE\",\"loggly-removed\":\"$LOGGLY_REMOVE\"}" - else - var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", $APP_TAG, \"messages\":\"$2\",\"rsyslog-version\":\"$RSYSLOG_VERSION\",\"insecure-mode\":\"$INSECURE_MODE\",\"suppress-enabled\":\"$SUPPRESS_PROMPT\",\"force-secure-enabled\":\"$FORCE_SECURE\",\"loggly-removed\":\"$LOGGLY_REMOVE\"}" - fi - curl -s -H "content-type:application/json" -d "$var" $LOGS_01_URL/inputs/$3 > /dev/null 2>&1 +sendPayloadToConfigSysLog() { + if [ "$APP_TAG" = "" ]; then + var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", \"messages\":\"$2\",\"rsyslog-version\":\"$RSYSLOG_VERSION\",\"insecure-mode\":\"$INSECURE_MODE\",\"suppress-enabled\":\"$SUPPRESS_PROMPT\",\"force-secure-enabled\":\"$FORCE_SECURE\",\"loggly-removed\":\"$LOGGLY_REMOVE\"}" + else + var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", $APP_TAG, \"messages\":\"$2\",\"rsyslog-version\":\"$RSYSLOG_VERSION\",\"insecure-mode\":\"$INSECURE_MODE\",\"suppress-enabled\":\"$SUPPRESS_PROMPT\",\"force-secure-enabled\":\"$FORCE_SECURE\",\"loggly-removed\":\"$LOGGLY_REMOVE\"}" + fi + curl -s -H "content-type:application/json" -d "$var" $LOGS_01_URL/inputs/$3 >/dev/null 2>&1 } #$1 return the count of records in loggly, $2 is the query param to search in loggly -searchAndFetch() -{ - url=$2 - - result=$(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $url) - - if [ -z "$result" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Please check your network/firewall settings & ensure Loggly subdomain, username and password is specified correctly." - exit 1 - fi - id=$(echo "$result" | grep -v "{" | grep id | awk '{print $2}') - # strip last double quote from id - id="${id%\"}" - # strip first double quote from id - id="${id#\"}" - url="$LOGGLY_ACCOUNT_URL/apiv2/events?rsid=$id" - - # retrieve the data - result=$(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $url) - count=$(echo "$result" | grep total_events | awk '{print $2}') - count="${count%\,}" - eval $1="'$count'" - if [ "$count" -gt 0 ]; then - timestamp=$(echo "$result" | grep timestamp) - fi +searchAndFetch() { + url=$2 + + result=$(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $url) + + if [ -z "$result" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Please check your network/firewall settings & ensure Loggly subdomain, username and password is specified correctly." + exit 1 + fi + id=$(echo "$result" | grep -v "{" | grep id | awk '{print $2}') + # strip last double quote from id + id="${id%\"}" + # strip first double quote from id + id="${id#\"}" + url="$LOGGLY_ACCOUNT_URL/apiv2/events?rsid=$id" + + # retrieve the data + result=$(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $url) + count=$(echo "$result" | grep total_events | awk '{print $2}') + count="${count%\,}" + eval $1="'$count'" + if [ "$count" -gt 0 ]; then + timestamp=$(echo "$result" | grep timestamp) + fi } #get password in the form of asterisk -getPassword() -{ - unset LOGGLY_PASSWORD - prompt="Please enter Loggly Password:" - while IFS= read -p "$prompt" -r -s -n 1 char - do - if [[ $char == $'\0' ]] - then - break - fi - prompt='*' - LOGGLY_PASSWORD+="$char" - done - echo +getPassword() { + unset LOGGLY_PASSWORD + prompt="Please enter Loggly Password:" + while IFS= read -p "$prompt" -r -s -n 1 char; do + if [[ $char == $'\0' ]]; then + break + fi + prompt='*' + LOGGLY_PASSWORD+="$char" + done + echo } #function to switch system logging to insecure mode if user runs the modular script in insecure mode -switchSystemLoggingToInsecure() -{ - if [ -f $LOGGLY_RSYSLOG_CONFFILE ]; then - EXISTING_SYSLOG_PORT=$(grep -Eow 6514 $LOGGLY_RSYSLOG_CONFFILE) - if [[ $EXISTING_SYSLOG_PORT == 6514 ]]; then - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; - do - read -p "You are running the script using insecure mode, but your system logs are using secure mode. The script only supports a single mode for both, so would you like to switch your system logs to insecure mode? (yes/no)" yn - case $yn in - [Yy]* ) - logMsgToConfigSysLog "INFO" "INFO: Going to overwrite the conf file: $LOGGLY_RSYSLOG_CONFFILE with insecure configuration"; - LOGGLY_TLS_SENDING="false" - LOGGLY_SYSLOG_PORT=514 - break;; - [Nn]* ) - logMsgToConfigSysLog "INFO" "INFO: Please re-run the script in secure mode if you want to setup secure logging" - exit 1;; - * ) echo "Please answer yes or no.";; - esac - done - else - logMsgToConfigSysLog "WARN" "WARNING: You are running the script using insecure mode, but your system logs are using secure mode. The script only supports a single mode for both, so we are switching the system logs to insecure mode as well." - LOGGLY_TLS_SENDING="false" - LOGGLY_SYSLOG_PORT=514 - fi - fi - fi +switchSystemLoggingToInsecure() { + if [ -f $LOGGLY_RSYSLOG_CONFFILE ]; then + EXISTING_SYSLOG_PORT=$(grep -Eow 6514 $LOGGLY_RSYSLOG_CONFFILE) + if [[ $EXISTING_SYSLOG_PORT == 6514 ]]; then + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "You are running the script using insecure mode, but your system logs are using secure mode. The script only supports a single mode for both, so would you like to switch your system logs to insecure mode? (yes/no)" yn + case $yn in + [Yy]*) + logMsgToConfigSysLog "INFO" "INFO: Going to overwrite the conf file: $LOGGLY_RSYSLOG_CONFFILE with insecure configuration" + LOGGLY_TLS_SENDING="false" + LOGGLY_SYSLOG_PORT=514 + break + ;; + [Nn]*) + logMsgToConfigSysLog "INFO" "INFO: Please re-run the script in secure mode if you want to setup secure logging" + exit 1 + ;; + *) echo "Please answer yes or no." ;; + esac + done + else + logMsgToConfigSysLog "WARN" "WARNING: You are running the script using insecure mode, but your system logs are using secure mode. The script only supports a single mode for both, so we are switching the system logs to insecure mode as well." + LOGGLY_TLS_SENDING="false" + LOGGLY_SYSLOG_PORT=514 + fi + fi + fi } #function to switch system logging to secure mode if user runs the modular script in secure mode -switchSystemLoggingToSecure() -{ - if [ -f $LOGGLY_RSYSLOG_CONFFILE ]; then - EXISTING_SYSLOG_PORT=$(grep -Eow 514 $LOGGLY_RSYSLOG_CONFFILE) - if [[ $EXISTING_SYSLOG_PORT == 514 ]]; then - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; - do - read -p "You are running the script using secure mode, but your system logs are using insecure mode. The script only supports a single mode for both, so would you like to switch your system logs to secure mode? (yes/no)" yn - case $yn in - [Yy]* ) - logMsgToConfigSysLog "INFO" "INFO: Going to overwrite the conf file: $LOGGLY_RSYSLOG_CONFFILE with secure configuration"; - LOGGLY_TLS_SENDING="true" - LOGGLY_SYSLOG_PORT=6514 - break;; - [Nn]* ) - logMsgToConfigSysLog "INFO" "INFO: Please re-run the script in insecure mode if you want to setup insecure logging" - exit 1;; - * ) echo "Please answer yes or no.";; - esac - done - else - logMsgToConfigSysLog "WARN" "WARNING: You are running the script using secure mode, but your system logs are using insecure mode. The script only supports a single mode for both, so we are switching the system logs to secure mode as well." - LOGGLY_TLS_SENDING="true" - LOGGLY_SYSLOG_PORT=6514 - fi - fi - fi +switchSystemLoggingToSecure() { + if [ -f $LOGGLY_RSYSLOG_CONFFILE ]; then + EXISTING_SYSLOG_PORT=$(grep -Eow 514 $LOGGLY_RSYSLOG_CONFFILE) + if [[ $EXISTING_SYSLOG_PORT == 514 ]]; then + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "You are running the script using secure mode, but your system logs are using insecure mode. The script only supports a single mode for both, so would you like to switch your system logs to secure mode? (yes/no)" yn + case $yn in + [Yy]*) + logMsgToConfigSysLog "INFO" "INFO: Going to overwrite the conf file: $LOGGLY_RSYSLOG_CONFFILE with secure configuration" + LOGGLY_TLS_SENDING="true" + LOGGLY_SYSLOG_PORT=6514 + break + ;; + [Nn]*) + logMsgToConfigSysLog "INFO" "INFO: Please re-run the script in insecure mode if you want to setup insecure logging" + exit 1 + ;; + *) echo "Please answer yes or no." ;; + esac + done + else + logMsgToConfigSysLog "WARN" "WARNING: You are running the script using secure mode, but your system logs are using insecure mode. The script only supports a single mode for both, so we are switching the system logs to secure mode as well." + LOGGLY_TLS_SENDING="true" + LOGGLY_SYSLOG_PORT=6514 + fi + fi + fi } #check whether the user is running the script in secure or insecure mode and then switch system logging accordingly. -checkScriptRunningMode() -{ - if [ "$FORCE_SECURE" == "false" ]; then - if [[ $LOGGLY_SYSLOG_PORT == 514 ]]; then - switchSystemLoggingToInsecure - else - switchSystemLoggingToSecure - fi - fi +checkScriptRunningMode() { + if [ "$FORCE_SECURE" == "false" ]; then + if [[ $LOGGLY_SYSLOG_PORT == 514 ]]; then + switchSystemLoggingToInsecure + else + switchSystemLoggingToSecure + fi + fi } #display usage syntax -usage() -{ -cat << EOF +usage() { + cat <&1 | grep "Empty reply from server" | wc -l) == 1 ]; then - echo "INFO: $LOGS_01_HOST is reachable via $LOGGLY_SYSLOG_PORT port." - else - logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable via $LOGGLY_SYSLOG_PORT port. Please check your network and firewall settings." - exit 1 - fi - - echo "INFO: Checking if '$LOGGLY_ACCOUNT' subdomain is valid." - if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/login | grep "200 OK" | wc -l) == 1 ]; then - echo "INFO: $LOGGLY_ACCOUNT_URL is valid and reachable." - else - logMsgToConfigSysLog "ERROR" "ERROR: This is not a recognized subdomain. Please ask the account owner for the subdomain they signed up with." - exit 1 - fi +checkIfLogglyServersAccessible() { + logMsgToConfigSysLog "INFO" "INFO: Checking if $LOGS_01_HOST is reachable." + if [ $(ping -c 1 $LOGS_01_HOST | grep "1 packets transmitted, 1 packets received, 0.0% packet loss" | wc -l) == 1 ]; then + logMsgToConfigSysLog "INFO" "INFO: $LOGS_01_HOST is reachable." + else + logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable. Please check your network and firewall settings." + exit 1 + fi + + echo "INFO: Checking if $LOGS_01_HOST is reachable via $LOGGLY_SYSLOG_PORT port. This may take some time." + if [ $(curl --connect-timeout 10 $LOGS_01_HOST:$LOGGLY_SYSLOG_PORT 2>&1 | grep "Empty reply from server" | wc -l) == 1 ]; then + echo "INFO: $LOGS_01_HOST is reachable via $LOGGLY_SYSLOG_PORT port." + else + logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable via $LOGGLY_SYSLOG_PORT port. Please check your network and firewall settings." + exit 1 + fi + + echo "INFO: Checking if '$LOGGLY_ACCOUNT' subdomain is valid." + if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/login | grep "200 OK" | wc -l) == 1 ]; then + echo "INFO: $LOGGLY_ACCOUNT_URL is valid and reachable." + else + logMsgToConfigSysLog "ERROR" "ERROR: This is not a recognized subdomain. Please ask the account owner for the subdomain they signed up with." + exit 1 + fi } #check if user name and password is valid -checkIfValidUserNamePassword() -{ - echo "INFO: Checking if provided username and password is correct." - if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "Unauthorized" | wc -l) == 1 ]; then - logMsgToConfigSysLog "INFO" "INFO: Please check your username or reset your password at $LOGGLY_ACCOUNT_URL/account/users/" - logMsgToConfigSysLog "ERROR" "ERROR: Invalid Loggly username or password. Your username is visible at the top right of the Loggly console before the @ symbol. You can reset your password at http://.loggly.com/login." - exit 1 - else - logMsgToConfigSysLog "INFO" "INFO: Username and password authorized successfully." - fi +checkIfValidUserNamePassword() { + echo "INFO: Checking if provided username and password is correct." + if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "Unauthorized" | wc -l) == 1 ]; then + logMsgToConfigSysLog "INFO" "INFO: Please check your username or reset your password at $LOGGLY_ACCOUNT_URL/account/users/" + logMsgToConfigSysLog "ERROR" "ERROR: Invalid Loggly username or password. Your username is visible at the top right of the Loggly console before the @ symbol. You can reset your password at http://.loggly.com/login." + exit 1 + else + logMsgToConfigSysLog "INFO" "INFO: Username and password authorized successfully." + fi } #gets the authentication token from the Loggly server -getAuthToken() -{ - if [ "$LOGGLY_AUTH_TOKEN" = "" ]; then - logMsgToConfigSysLog "INFO" "INFO: Authentication token not provided. Trying to retrieve it from $LOGGLY_ACCOUNT_URL account." - #get authentication token if user has not provided one - tokenstr=$(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep -v "token") - - #get the string from index 0 to first occurence of , - tokenstr=${tokenstr%%,*} - - #get the string from index 0 to last occurence of " - tokenstr=${tokenstr%\"*} - - #get the string from first occurence of " to the end - tokenstr=${tokenstr#*\"} - - LOGGLY_AUTH_TOKEN=$tokenstr - - logMsgToConfigSysLog "INFO" "INFO: Retrieved authentication token: $LOGGLY_AUTH_TOKEN" - fi -} +getAuthToken() { + if [ "$LOGGLY_AUTH_TOKEN" = "" ]; then + logMsgToConfigSysLog "INFO" "INFO: Authentication token not provided. Trying to retrieve it from $LOGGLY_ACCOUNT_URL account." + #get authentication token if user has not provided one + tokenstr=$(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep -v "token") + + #get the string from index 0 to first occurence of , + tokenstr=${tokenstr%%,*} + + #get the string from index 0 to last occurence of " + tokenstr=${tokenstr%\"*} + #get the string from first occurence of " to the end + tokenstr=${tokenstr#*\"} + + LOGGLY_AUTH_TOKEN=$tokenstr + + logMsgToConfigSysLog "INFO" "INFO: Retrieved authentication token: $LOGGLY_AUTH_TOKEN" + fi +} #check if authentication token is valid -checkIfValidAuthToken() -{ - echo "INFO: Checking if provided auth token is correct." - if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep \"$LOGGLY_AUTH_TOKEN\" | wc -l) == 1 ]; then - logMsgToConfigSysLog "INFO" "INFO: Authentication token validated successfully." - else - logMsgToConfigSysLog "ERROR" "ERROR: Invalid authentication token $LOGGLY_AUTH_TOKEN. You can get valid authentication token by following instructions at https://www.loggly.com/docs/customer-token-authentication-token/." - exit 1 - fi +checkIfValidAuthToken() { + echo "INFO: Checking if provided auth token is correct." + if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep \"$LOGGLY_AUTH_TOKEN\" | wc -l) == 1 ]; then + logMsgToConfigSysLog "INFO" "INFO: Authentication token validated successfully." + else + logMsgToConfigSysLog "ERROR" "ERROR: Invalid authentication token $LOGGLY_AUTH_TOKEN. You can get valid authentication token by following instructions at https://www.loggly.com/docs/customer-token-authentication-token/." + exit 1 + fi } #this functions check if the min required version is installed in the system -checkIfMinRubyVersionInstalled() -{ - RUBY_VERSION=$(sudo $RUBY --version | grep "$RUBY") - RUBY_VERSION=${RUBY_VERSION%p*} - RUBY_VERSION=${RUBY_VERSION#* } - RUBY_VERSION=$RUBY_VERSION | tr -d " " - if [ $(compareVersions $RUBY_VERSION $MIN_RUBY_VERSION 3) -lt 0 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Min ruby version required is 1.9.3." - exit 1 - fi +checkIfMinRubyVersionInstalled() { + RUBY_VERSION=$(sudo $RUBY --version | grep "$RUBY") + RUBY_VERSION=${RUBY_VERSION%p*} + RUBY_VERSION=${RUBY_VERSION#* } + RUBY_VERSION=$RUBY_VERSION | tr -d " " + if [ $(compareVersions $RUBY_VERSION $MIN_RUBY_VERSION 3) -lt 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Min ruby version required is 1.9.3." + exit 1 + fi } -checkIfXCodeCommandlineToolsInstalled() -{ - logMsgToConfigSysLog "INFO" "INFO: Checking if Xcode command line tools are installed." - - if [ $(xcode-select -p 2>/dev/null | wc -l ) == 0 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: $MANUAL_XCODE_INSTALL_INSTRUCTION" - exit 1 - else - logMsgToConfigSysLog "INFO" "INFO: Xcode command line tools are installed in your system." - fi +checkIfXCodeCommandlineToolsInstalled() { + logMsgToConfigSysLog "INFO" "INFO: Checking if Xcode command line tools are installed." + + if [ $(xcode-select -p 2>/dev/null | wc -l) == 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: $MANUAL_XCODE_INSTALL_INSTRUCTION" + exit 1 + else + logMsgToConfigSysLog "INFO" "INFO: Xcode command line tools are installed in your system." + fi } #this functions checks if the Fluentd gem is installed in the system -checkIfFluentdInstalled() -{ - if [ $(sudo fluentd --setup $LOGGLY_HOME/fluent 2>/dev/null | grep ".loggly/fluent/fluent.conf" | wc -l ) == 1 ]; then - logMsgToConfigSysLog "INFO" "INFO: Fluentd is already installed. Not installing." - else - logMsgToConfigSysLog "INFO" "INFO: Fluentd is not installed. Installing Fluentd. This may take a while." - installFluentd - fi +checkIfFluentdInstalled() { + if [ $(sudo fluentd --setup $LOGGLY_HOME/fluent 2>/dev/null | grep ".loggly/fluent/fluent.conf" | wc -l) == 1 ]; then + logMsgToConfigSysLog "INFO" "INFO: Fluentd is already installed. Not installing." + else + logMsgToConfigSysLog "INFO" "INFO: Fluentd is not installed. Installing Fluentd. This may take a while." + installFluentd + fi } #this function installs the Fluentd in the system -installFluentd() -{ - #install fluentd gem http://docs.fluentd.org/articles/install-by-gem - sudo gem install fluentd --no-ri --no-rdoc -n/usr/local/bin - - if [[ ! -d "$LOGGLY_HOME" ]]; then - mkdir $LOGGLY_HOME - fi - - #to check fluentd installed successfully - if [ $(sudo fluentd --setup $LOGGLY_HOME/fluent 2>/dev/null | grep ".loggly/fluent/fluent.conf" | wc -l ) == 1 ]; then - logMsgToConfigSysLog "INFO" "INFO: Fluentd installed Successfully" - else - logMsgToConfigSysLog "ERROR" "ERROR: Unable to install fluentd" - exit 1 - fi +installFluentd() { + #install fluentd gem http://docs.fluentd.org/articles/install-by-gem + sudo gem install fluentd --no-ri --no-rdoc -n/usr/local/bin + + if [[ ! -d "$LOGGLY_HOME" ]]; then + mkdir $LOGGLY_HOME + fi + + #to check fluentd installed successfully + if [ $(sudo fluentd --setup $LOGGLY_HOME/fluent 2>/dev/null | grep ".loggly/fluent/fluent.conf" | wc -l) == 1 ]; then + logMsgToConfigSysLog "INFO" "INFO: Fluentd installed Successfully" + else + logMsgToConfigSysLog "ERROR" "ERROR: Unable to install fluentd" + exit 1 + fi } #this function installs Loggly fluentd plugin -installLogglyFluentdPlugin() -{ - logMsgToConfigSysLog "INFO" "INFO: Installing Loggly plugin for Fluentd" - sudo gem install fluent-plugin-loggly - logMsgToConfigSysLog "INFO" "INFO: Loggly fluentd plugin installed successfully." +installLogglyFluentdPlugin() { + logMsgToConfigSysLog "INFO" "INFO: Installing Loggly plugin for Fluentd" + sudo gem install fluent-plugin-loggly + logMsgToConfigSysLog "INFO" "INFO: Loggly fluentd plugin installed successfully." } #function to write the contents of fluentd config file -writeLogglyConfFile() -{ +writeLogglyConfFile() { + + FLUENTD_CONF="$HOME/.loggly/fluentd-loggly.conf" + + if [ -f "$FLUENTD_CONF" ]; then + echo "INFO: Conf file already exists. Creating Backup $FLUENTD_CONF $FLUENTD_CONF.bk" + sudo mv $FLUENTD_CONF $FLUENTD_CONF.bk + fi - FLUENTD_CONF="$HOME/.loggly/fluentd-loggly.conf" + logMsgToConfigSysLog "INFO" "INFO: Creating file $FLUENTD_CONF" - if [ -f "$FLUENTD_CONF" ]; then - echo "INFO: Conf file already exists. Creating Backup $FLUENTD_CONF $FLUENTD_CONF.bk" - sudo mv $FLUENTD_CONF $FLUENTD_CONF.bk - fi - - logMsgToConfigSysLog "INFO" "INFO: Creating file $FLUENTD_CONF" + sudo touch $FLUENTD_CONF - sudo touch $FLUENTD_CONF - -inputStr=" + inputStr=" type tail format none @@ -389,256 +367,242 @@ inputStr=" loggly_url http://logs-01.loggly.com/inputs/$LOGGLY_AUTH_TOKEN/tag/Mac " -sudo cat << EOIPFW >> $FLUENTD_CONF + sudo cat <>$FLUENTD_CONF $inputStr EOIPFW } #delete 22-loggly.conf file -removeLogglyConfFile() -{ - if [ -f "$HOME/.loggly/fluentd-loggly.conf" ]; then - logMsgToConfigSysLog "INFO" "INFO: Deleting file fluentd-loggly.conf" - sudo rm -rf "$HOME/.loggly/fluentd-loggly.conf" - - logMsgToConfigSysLog "INFO" "INFO: Removing Fluentd service" - sudo launchctl unload -F /Library/LaunchDaemons/com.loggly.loggly_fluentd.plist > /dev/null 2>&1 - sudo rm -rf /Library/LaunchDaemons/com.loggly.loggly_fluentd.plist - else - logMsgToConfigSysLog "ERROR" "ERROR: There is no conf file to delete" - exit 1 - fi +removeLogglyConfFile() { + if [ -f "$HOME/.loggly/fluentd-loggly.conf" ]; then + logMsgToConfigSysLog "INFO" "INFO: Deleting file fluentd-loggly.conf" + sudo rm -rf "$HOME/.loggly/fluentd-loggly.conf" + + logMsgToConfigSysLog "INFO" "INFO: Removing Fluentd service" + sudo launchctl unload -F /Library/LaunchDaemons/com.loggly.loggly_fluentd.plist >/dev/null 2>&1 + sudo rm -rf /Library/LaunchDaemons/com.loggly.loggly_fluentd.plist + else + logMsgToConfigSysLog "ERROR" "ERROR: There is no conf file to delete" + exit 1 + fi } #this function creates a fluentd daemon to send logs to Loggly -configureFluentdAsService() -{ - logMsgToConfigSysLog "INFO" "INFO: Creating daemon for Loggly conf file." - - #this sets the fluentd installation location - FLUENTD_LOCATION=$(which fluentd) - - PROP_FILE="/Library/LaunchDaemons/com.loggly.loggly_fluentd.plist" - - #if loggly fluentd is already running as a service then unload it - if [ $(sudo launchctl list | grep 'com.loggly.loggly_fluentd' | wc -l) == 1 ]; then - sudo launchctl unload -F $PROP_FILE > /dev/null 2>&1 - - #if there was some error while unloading, just remove it - sudo launchctl remove com.loggly.loggly_fluentd > /dev/null 2>&1 - fi - - #if plist file is already there then delete it - if [ -f "$PROP_FILE" ]; then - sudo rm -f $PROP_FILE - fi - - sudo touch $PROP_FILE - sudo chmod +x $PROP_FILE - -propStr=" +configureFluentdAsService() { + logMsgToConfigSysLog "INFO" "INFO: Creating daemon for Loggly conf file." + + #this sets the fluentd installation location + FLUENTD_LOCATION=$(which fluentd) + + PROP_FILE="/Library/LaunchDaemons/com.loggly.loggly_fluentd.plist" + + #if loggly fluentd is already running as a service then unload it + if [ $(sudo launchctl list | grep 'com.loggly.loggly_fluentd' | wc -l) == 1 ]; then + sudo launchctl unload -F $PROP_FILE >/dev/null 2>&1 + + #if there was some error while unloading, just remove it + sudo launchctl remove com.loggly.loggly_fluentd >/dev/null 2>&1 + fi + + #if plist file is already there then delete it + if [ -f "$PROP_FILE" ]; then + sudo rm -f $PROP_FILE + fi + + sudo touch $PROP_FILE + sudo chmod +x $PROP_FILE + + propStr=" - - Label - com.loggly.loggly_fluentd - ProgramArguments - - $FLUENTD_LOCATION - -c - $HOME/.loggly/fluentd-loggly.conf - - RunAtLoad - - StandardErrorPath - /tmp/loggly_fluentd.err - StandardOutPath - /tmp/loggly_fluentd.out - + + Label + com.loggly.loggly_fluentd + ProgramArguments + + $FLUENTD_LOCATION + -c + $HOME/.loggly/fluentd-loggly.conf + + RunAtLoad + + StandardErrorPath + /tmp/loggly_fluentd.err + StandardOutPath + /tmp/loggly_fluentd.out + " -sudo cat << EOIPFW >> $PROP_FILE + sudo cat <>$PROP_FILE $propStr EOIPFW } #starts Fluentd Service -startFluentdService() -{ - logMsgToConfigSysLog "INFO" "INFO: Starting Fluentd as a service" - sudo launchctl load -F $PROP_FILE - logMsgToConfigSysLog "INFO" "INFO: Fluentd started successfully" +startFluentdService() { + logMsgToConfigSysLog "INFO" "INFO: Starting Fluentd as a service" + sudo launchctl load -F $PROP_FILE + logMsgToConfigSysLog "INFO" "INFO: Fluentd started successfully" } #check if the logs made it to Loggly -checkIfLogsMadeToLoggly() -{ - logMsgToConfigSysLog "INFO" "INFO: Sending test message to Loggly. Waiting for 30 secs." - - #sleeping for 30 secs so that fluentd service can start doing its work properly - sleep 30 - uuid=$(cat /dev/urandom | env LC_CTYPE=C tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) - - queryParam="tag%3AMac%20$uuid" - logger -t "Mac" "Mac-Test message for verification with UUID $uuid" - - counter=1 - maxCounter=10 - finalCount=0 - - queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" - logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" - - logMsgToConfigSysLog "INFO" "INFO: Verifying if the log made it to Loggly." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - searchAndFetch finalCount "$queryUrl" - let counter=$counter+1 - - while [ "$finalCount" -eq 0 ]; do - echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." - sleep 30 - echo "INFO: Done waiting. Verifying again." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - searchAndFetch finalCount "$queryUrl" - let counter=$counter+1 - if [ "$counter" -gt "$maxCounter" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Logs did not make to Loggly in time. Please check network and firewall settings and retry." - exit 1 - fi - done - - if [ "$finalCount" -eq 1 ]; then - if [ "$IS_INVOKED" = "" ]; then - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Mac system logs to Loggly." - exit 0 - else - logMsgToConfigSysLog "INFO" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Mac system logs to Loggly." - fi - fi +checkIfLogsMadeToLoggly() { + logMsgToConfigSysLog "INFO" "INFO: Sending test message to Loggly. Waiting for 30 secs." + + #sleeping for 30 secs so that fluentd service can start doing its work properly + sleep 30 + uuid=$(cat /dev/urandom | env LC_CTYPE=C tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) + + queryParam="tag%3AMac%20$uuid" + logger -t "Mac" "Mac-Test message for verification with UUID $uuid" + + counter=1 + maxCounter=10 + finalCount=0 + + queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" + logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Verifying if the log made it to Loggly." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch finalCount "$queryUrl" + let counter=$counter+1 + + while [ "$finalCount" -eq 0 ]; do + echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." + sleep 30 + echo "INFO: Done waiting. Verifying again." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch finalCount "$queryUrl" + let counter=$counter+1 + if [ "$counter" -gt "$maxCounter" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Logs did not make to Loggly in time. Please check network and firewall settings and retry." + exit 1 + fi + done -} + if [ "$finalCount" -eq 1 ]; then + if [ "$IS_INVOKED" = "" ]; then + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Mac system logs to Loggly." + exit 0 + else + logMsgToConfigSysLog "INFO" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Mac system logs to Loggly." + fi + fi -compareVersions () -{ - typeset IFS='.' - typeset -a v1=( $1 ) - typeset -a v2=( $2 ) - typeset n diff - - for (( n=0; n<$3; n+=1 )); do - diff=$((v1[n]-v2[n])) - if [ $diff -ne 0 ] ; then - [ $diff -le 0 ] && echo '-1' || echo '1' - return - fi - done - echo '0' } +compareVersions() { + typeset IFS='.' + typeset -a v1=($1) + typeset -a v2=($2) + typeset n diff + + for ((n = 0; n < $3; n += 1)); do + diff=$((v1[n] - v2[n])) + if [ $diff -ne 0 ]; then + [ $diff -le 0 ] && echo '-1' || echo '1' + return + fi + done + echo '0' +} #logs message to config syslog -logMsgToConfigSysLog() -{ - #$1 variable will be SUCCESS or ERROR or INFO or WARNING - #$2 variable will be the message - cslStatus=$1 - cslMessage=$2 - echo "$cslMessage" - currentTime=$(date) - - #for Linux system, we need to use -d switch to decode base64 whereas - #for Mac system, we need to use -D switch to decode - varUname=$(uname) - if [[ $varUname == 'Linux' ]]; then - enabler=$(echo -n MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 --decode) - elif [[ $varUname == 'Darwin' ]]; then - enabler=$(echo MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 --decode) - fi - - if [ $? -ne 0 ]; then - echo "ERROR: Base64 decode is not supported on your Operating System. Please update your system to support Base64." - exit 1 - fi - - sendPayloadToConfigSysLog "$cslStatus" "$cslMessage" "$enabler" - - #if it is an error, then log message "Script Failed" to config syslog and exit the script - if [[ $cslStatus == "ERROR" ]]; then - sendPayloadToConfigSysLog "ERROR" "Script Failed" "$enabler" - echo $MANUAL_CONFIG_INSTRUCTION - exit 1 - fi - - #if it is a success, then log message "Script Succeeded" to config syslog and exit the script - if [[ $cslStatus == "SUCCESS" ]]; then - sendPayloadToConfigSysLog "SUCCESS" "Script Succeeded" "$enabler" - exit 0 - fi +logMsgToConfigSysLog() { + #$1 variable will be SUCCESS or ERROR or INFO or WARNING + #$2 variable will be the message + cslStatus=$1 + cslMessage=$2 + echo "$cslMessage" + currentTime=$(date) + + #for Linux system, we need to use -d switch to decode base64 whereas + #for Mac system, we need to use -D switch to decode + varUname=$(uname) + if [[ $varUname == 'Linux' ]]; then + enabler=$(echo -n MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 --decode) + elif [[ $varUname == 'Darwin' ]]; then + enabler=$(echo MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 --decode) + fi + + if [ $? -ne 0 ]; then + echo "ERROR: Base64 decode is not supported on your Operating System. Please update your system to support Base64." + exit 1 + fi + + sendPayloadToConfigSysLog "$cslStatus" "$cslMessage" "$enabler" + + #if it is an error, then log message "Script Failed" to config syslog and exit the script + if [[ $cslStatus == "ERROR" ]]; then + sendPayloadToConfigSysLog "ERROR" "Script Failed" "$enabler" + echo $MANUAL_CONFIG_INSTRUCTION + exit 1 + fi + + #if it is a success, then log message "Script Succeeded" to config syslog and exit the script + if [[ $cslStatus == "SUCCESS" ]]; then + sendPayloadToConfigSysLog "SUCCESS" "Script Succeeded" "$enabler" + exit 0 + fi } - #payload construction to send log to config syslog -sendPayloadToConfigSysLog() -{ - if [ "$APP_TAG" = "" ]; then - var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"Mac-distribution\":\"$MAC_DIST\", \"messages\":\"$2\",\"ruby-version\":\"$RUBY_VERSION\"}" - else - var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"Mac-distribution\":\"$MAC_DIST\", $APP_TAG, \"messages\":\"$2\",\"ruby-version\":\"$RUBY_VERSION\"}" - fi - curl -s -H "content-type:application/json" -d "$var" $LOGS_01_URL/inputs/$3 > /dev/null 2>&1 +sendPayloadToConfigSysLog() { + if [ "$APP_TAG" = "" ]; then + var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"Mac-distribution\":\"$MAC_DIST\", \"messages\":\"$2\",\"ruby-version\":\"$RUBY_VERSION\"}" + else + var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"Mac-distribution\":\"$MAC_DIST\", $APP_TAG, \"messages\":\"$2\",\"ruby-version\":\"$RUBY_VERSION\"}" + fi + curl -s -H "content-type:application/json" -d "$var" $LOGS_01_URL/inputs/$3 >/dev/null 2>&1 } #$1 return the count of records in loggly, $2 is the query param to search in loggly -searchAndFetch() -{ - url=$2 - - result=$(curl -s -u "$LOGGLY_USERNAME":"$LOGGLY_PASSWORD" "$url" ) - - if [ -z "$result" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Please check your network/firewall settings & ensure Loggly subdomain, username and password is specified correctly." - exit 1 - fi - id=$(echo "$result" | grep -v "{" | grep id | awk '{print $2}') - # strip last double quote from id - id="${id%\"}" - # strip first double quote from id - id="${id#\"}" - url="$LOGGLY_ACCOUNT_URL/apiv2/events?rsid=$id" - - # retrieve the data - result=$(curl -s -u "$LOGGLY_USERNAME":"$LOGGLY_PASSWORD" "$url" ) - count=$(echo "$result" | grep total_events | awk '{print $2}') - count="${count%\,}" - eval $1="'$count'" - if [ "$count" -gt 0 ]; then - timestamp=$(echo "$result" | grep timestamp) - fi +searchAndFetch() { + url=$2 + + result=$(curl -s -u "$LOGGLY_USERNAME":"$LOGGLY_PASSWORD" "$url") + + if [ -z "$result" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Please check your network/firewall settings & ensure Loggly subdomain, username and password is specified correctly." + exit 1 + fi + id=$(echo "$result" | grep -v "{" | grep id | awk '{print $2}') + # strip last double quote from id + id="${id%\"}" + # strip first double quote from id + id="${id#\"}" + url="$LOGGLY_ACCOUNT_URL/apiv2/events?rsid=$id" + + # retrieve the data + result=$(curl -s -u "$LOGGLY_USERNAME":"$LOGGLY_PASSWORD" "$url") + count=$(echo "$result" | grep total_events | awk '{print $2}') + count="${count%\,}" + eval $1="'$count'" + if [ "$count" -gt 0 ]; then + timestamp=$(echo "$result" | grep timestamp) + fi } #get password in the form of asterisk -getPassword() -{ - unset LOGGLY_PASSWORD - prompt="Please enter Loggly Password:" - while IFS= read -p "$prompt" -r -s -n 1 char - do - if [[ $char == $'\0' ]] - then - break - fi - prompt='*' - LOGGLY_PASSWORD+="$char" - done - echo +getPassword() { + unset LOGGLY_PASSWORD + prompt="Please enter Loggly Password:" + while IFS= read -p "$prompt" -r -s -n 1 char; do + if [[ $char == $'\0' ]]; then + break + fi + prompt='*' + LOGGLY_PASSWORD+="$char" + done + echo } #display usage syntax -usage() -{ -cat << EOF +usage() { + cat </dev/null; then - logMsgToConfigSysLog "INFO" "INFO: Apache is present as a service." - else - logMsgToConfigSysLog "ERROR" "ERROR: Apache is not configured as a service" - exit 1 - fi - - #get the version of apache installed - getApacheVersion - - #check if apache is supported - checkIfSupportedApacheVersion - - #set all the required apache variables by this script - setApacheVariables +checkApacheDetails() { + getApacheServiceName + + #verify if apache is installed as service + if [ -f /etc/init.d/$SERVICE ]; then + logMsgToConfigSysLog "INFO" "INFO: Apache is present as a service." + elif [[ $(which systemctl) && $(systemctl list-unit-files $SERVICE.service | grep "$SERVICE.service") ]] &>/dev/null; then + logMsgToConfigSysLog "INFO" "INFO: Apache is present as a service." + else + logMsgToConfigSysLog "ERROR" "ERROR: Apache is not configured as a service" + exit 1 + fi + + #get the version of apache installed + getApacheVersion + + #check if apache is supported + checkIfSupportedApacheVersion + + #set all the required apache variables by this script + setApacheVariables } #Get the apache service name on various linux flavors -getApacheServiceName() -{ - #checking if the Linux is yum based or apt-get based - YUM_BASED=$(command -v yum) - APT_GET_BASED=$(command -v apt-get) - - if [ "$YUM_BASED" != "" ]; then - SERVICE="httpd" - APACHE_ACCESS_LOG_FILE="access_log" - APACHE_ERROR_LOG_FILE="error_log" - - elif [ "$APT_GET_BASED" != "" ]; then - SERVICE="apache2" - APACHE_ACCESS_LOG_FILE="access.log" - APACHE_ERROR_LOG_FILE="error.log" - fi +getApacheServiceName() { + #checking if the Linux is yum based or apt-get based + YUM_BASED=$(command -v yum) + APT_GET_BASED=$(command -v apt-get) + + if [ "$YUM_BASED" != "" ]; then + SERVICE="httpd" + APACHE_ACCESS_LOG_FILE="access_log" + APACHE_ERROR_LOG_FILE="error_log" + + elif [ "$APT_GET_BASED" != "" ]; then + SERVICE="apache2" + APACHE_ACCESS_LOG_FILE="access.log" + APACHE_ERROR_LOG_FILE="error.log" + fi } #sets apache variables which will be used across various functions -setApacheVariables() -{ - LOGGLY_APACHE_LOG_HOME=/var/log/$SERVICE +setApacheVariables() { + LOGGLY_APACHE_LOG_HOME=/var/log/$SERVICE } #gets the version of apache installed on the unix box -getApacheVersion() -{ - APACHE_VERSION=$($SERVICE -v | grep "Server version: Apache") - APACHE_VERSION=${APACHE_VERSION#*/} - APACHE_VERSION=${APACHE_VERSION% *} - APACHE_VERSION=$APACHE_VERSION | tr -d ' ' - APP_TAG="\"apache-version\":\"$APACHE_VERSION\"" - logMsgToConfigSysLog "INFO" "INFO: Apache version: $APACHE_VERSION" +getApacheVersion() { + APACHE_VERSION=$($SERVICE -v | grep "Server version: Apache") + APACHE_VERSION=${APACHE_VERSION#*/} + APACHE_VERSION=${APACHE_VERSION% *} + APACHE_VERSION=$APACHE_VERSION | tr -d ' ' + APP_TAG="\"apache-version\":\"$APACHE_VERSION\"" + logMsgToConfigSysLog "INFO" "INFO: Apache version: $APACHE_VERSION" } #checks if the apache version is supported by this script, currently the script #only supports apache2 -checkIfSupportedApacheVersion() -{ - apacheMajorVersion=${APACHE_VERSION%%.*} - if [[ ($apacheMajorVersion -ne 2 ) ]]; then - logMsgToConfigSysLog "ERROR" "ERROR: This script only supports Apache version 2." - exit 1 - fi +checkIfSupportedApacheVersion() { + apacheMajorVersion=${APACHE_VERSION%%.*} + if [[ ($apacheMajorVersion -ne 2) ]]; then + logMsgToConfigSysLog "ERROR" "ERROR: This script only supports Apache version 2." + exit 1 + fi } -checkLogFileSize() -{ - accessFileSize=$(wc -c "$1" | cut -f 1 -d ' ') - errorFileSize=$(wc -c "$2" | cut -f 1 -d ' ') - fileSize=$((accessFileSize+errorFileSize)) - if [ $fileSize -ge 102400000 ]; then - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; do - read -p "WARN: There are currently large log files which may use up your allowed volume. Please rotate your logs before continuing. Would you like to continue now anyway? (yes/no)" yn - case $yn in - [Yy]* ) - logMsgToConfigSysLog "INFO" "INFO: Current apache logs size is $fileSize bytes. Continuing with Apache Loggly configuration."; - break;; - [Nn]* ) - logMsgToConfigSysLog "INFO" "INFO: Current apache logs size is $fileSize bytes. Discontinuing with Apache Loggly configuration." - exit 1 - break;; - * ) echo "Please answer yes or no.";; - esac - done - else - logMsgToConfigSysLog "WARN" "WARN: There are currently large log files which may use up your allowed volume." - logMsgToConfigSysLog "INFO" "INFO: Current apache logs size is $fileSize bytes. Continuing with Apache Loggly configuration." - fi - elif [ $fileSize -eq 0 ]; then - logMsgToConfigSysLog "WARN" "WARN: There are no recent logs from Apache there so won't be any sent to Loggly. You can generate some logs by visiting a page on your web server." - exit 1 - fi +checkLogFileSize() { + accessFileSize=$(wc -c "$1" | cut -f 1 -d ' ') + errorFileSize=$(wc -c "$2" | cut -f 1 -d ' ') + fileSize=$((accessFileSize + errorFileSize)) + if [ $fileSize -ge 102400000 ]; then + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "WARN: There are currently large log files which may use up your allowed volume. Please rotate your logs before continuing. Would you like to continue now anyway? (yes/no)" yn + case $yn in + [Yy]*) + logMsgToConfigSysLog "INFO" "INFO: Current apache logs size is $fileSize bytes. Continuing with Apache Loggly configuration." + break + ;; + [Nn]*) + logMsgToConfigSysLog "INFO" "INFO: Current apache logs size is $fileSize bytes. Discontinuing with Apache Loggly configuration." + exit 1 + break + ;; + *) echo "Please answer yes or no." ;; + esac + done + else + logMsgToConfigSysLog "WARN" "WARN: There are currently large log files which may use up your allowed volume." + logMsgToConfigSysLog "INFO" "INFO: Current apache logs size is $fileSize bytes. Continuing with Apache Loggly configuration." + fi + elif [ $fileSize -eq 0 ]; then + logMsgToConfigSysLog "WARN" "WARN: There are no recent logs from Apache there so won't be any sent to Loggly. You can generate some logs by visiting a page on your web server." + exit 1 + fi } -write21ApacheConfFile() -{ - #Create apache syslog config file if it doesn't exist - echo "INFO: Checking if apache sysconf file $APACHE_SYSLOG_CONFFILE exist." - if [ -f "$APACHE_SYSLOG_CONFFILE" ]; then - - logMsgToConfigSysLog "WARN" "WARN: Apache syslog file $APACHE_SYSLOG_CONFFILE already exist." - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; do - read -p "Do you wish to override $APACHE_SYSLOG_CONFFILE? (yes/no)" yn - case $yn in - [Yy]* ) - logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $APACHE_SYSLOG_CONFFILE to $APACHE_SYSLOG_CONFFILE_BACKUP"; - sudo mv -f $APACHE_SYSLOG_CONFFILE $APACHE_SYSLOG_CONFFILE_BACKUP; - write21ApacheFileContents; - break;; - [Nn]* ) break;; - * ) echo "Please answer yes or no.";; - esac - done - else - logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $APACHE_SYSLOG_CONFFILE to $APACHE_SYSLOG_CONFFILE_BACKUP"; - sudo mv -f $APACHE_SYSLOG_CONFFILE $APACHE_SYSLOG_CONFFILE_BACKUP; - write21ApacheFileContents; - fi - else - write21ApacheFileContents - fi +write21ApacheConfFile() { + #Create apache syslog config file if it doesn't exist + echo "INFO: Checking if apache sysconf file $APACHE_SYSLOG_CONFFILE exist." + if [ -f "$APACHE_SYSLOG_CONFFILE" ]; then + + logMsgToConfigSysLog "WARN" "WARN: Apache syslog file $APACHE_SYSLOG_CONFFILE already exist." + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "Do you wish to override $APACHE_SYSLOG_CONFFILE? (yes/no)" yn + case $yn in + [Yy]*) + logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $APACHE_SYSLOG_CONFFILE to $APACHE_SYSLOG_CONFFILE_BACKUP" + sudo mv -f $APACHE_SYSLOG_CONFFILE $APACHE_SYSLOG_CONFFILE_BACKUP + write21ApacheFileContents + break + ;; + [Nn]*) break ;; + *) echo "Please answer yes or no." ;; + esac + done + else + logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $APACHE_SYSLOG_CONFFILE to $APACHE_SYSLOG_CONFFILE_BACKUP" + sudo mv -f $APACHE_SYSLOG_CONFFILE $APACHE_SYSLOG_CONFFILE_BACKUP + write21ApacheFileContents + fi + else + write21ApacheFileContents + fi } -addTagsInConfiguration() -{ - #split tags by comman(,) - IFS=, read -a array <<< "$LOGGLY_FILE_TAG" - for i in "${array[@]}" - do - TAG="$TAG tag=\\\"$i\\\" " - done +addTagsInConfiguration() { + #split tags by comman(,) + IFS=, read -a array <<<"$LOGGLY_FILE_TAG" + for i in "${array[@]}"; do + TAG="$TAG tag=\\\"$i\\\" " + done } #function to write the contents of apache syslog config file -write21ApacheFileContents() -{ - logMsgToConfigSysLog "INFO" "INFO: Creating file $APACHE_SYSLOG_CONFFILE" - sudo touch $APACHE_SYSLOG_CONFFILE - sudo chmod o+w $APACHE_SYSLOG_CONFFILE - commonContent=" - \$ModLoad imfile - \$InputFilePollInterval 10 - \$WorkDirectory $RSYSLOG_DIR - " - - if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then - commonContent+="\$PrivDropToGroup adm - " - fi - - imfileStr=$commonContent" - - \$ActionSendStreamDriver gtls - \$ActionSendStreamDriverMode 1 - \$ActionSendStreamDriverAuthMode x509/name - \$ActionSendStreamDriverPermittedPeer *.loggly.com - - #RsyslogGnuTLS - \$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt - - # Apache access file: - \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ACCESS_LOG_FILE - \$InputFileTag apache-access: - \$InputFileStateFile stat-apache-access - \$InputFileSeverity info - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - - #Apache Error file: - \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ERROR_LOG_FILE - \$InputFileTag apache-error: - \$InputFileStateFile stat-apache-error - \$InputFileSeverity error - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - - #Add a tag for apache events - \$template LogglyFormatApache,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" - - if \$programname == 'apache-access' then @@logs-01.loggly.com:6514;LogglyFormatApache - if \$programname == 'apache-access' then ~ - if \$programname == 'apache-error' then @@logs-01.loggly.com:6514;LogglyFormatApache - if \$programname == 'apache-error' then ~ - " - imfileStrNonTls=$commonContent" - - # Apache access file: - \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ACCESS_LOG_FILE - \$InputFileTag apache-access: - \$InputFileStateFile stat-apache-access - \$InputFileSeverity info - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - - #Apache Error file: - \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ERROR_LOG_FILE - \$InputFileTag apache-error: - \$InputFileStateFile stat-apache-error - \$InputFileSeverity error - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - - #Add a tag for apache events - \$template LogglyFormatApache,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" - - if \$programname == 'apache-access' then @@logs-01.loggly.com:514;LogglyFormatApache - if \$programname == 'apache-access' then ~ - if \$programname == 'apache-error' then @@logs-01.loggly.com:514;LogglyFormatApache - if \$programname == 'apache-error' then ~ - " - - if [ $TLS_SENDING == "false" ]; - then - imfileStr=$imfileStrNonTls - fi - - #change the apache-21 file to variable from above and also take the directory of the apache log file. -sudo cat << EOIPFW >> $APACHE_SYSLOG_CONFFILE +write21ApacheFileContents() { + logMsgToConfigSysLog "INFO" "INFO: Creating file $APACHE_SYSLOG_CONFFILE" + sudo touch $APACHE_SYSLOG_CONFFILE + sudo chmod o+w $APACHE_SYSLOG_CONFFILE + commonContent=" + \$ModLoad imfile + \$InputFilePollInterval 10 + \$WorkDirectory $RSYSLOG_DIR + " + + if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then + commonContent+="\$PrivDropToGroup adm + " + fi + + imfileStr=$commonContent" + + \$ActionSendStreamDriver gtls + \$ActionSendStreamDriverMode 1 + \$ActionSendStreamDriverAuthMode x509/name + \$ActionSendStreamDriverPermittedPeer *.loggly.com + + #RsyslogGnuTLS + \$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt + + # Apache access file: + \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ACCESS_LOG_FILE + \$InputFileTag apache-access: + \$InputFileStateFile stat-apache-access + \$InputFileSeverity info + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #Apache Error file: + \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ERROR_LOG_FILE + \$InputFileTag apache-error: + \$InputFileStateFile stat-apache-error + \$InputFileSeverity error + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #Add a tag for apache events + \$template LogglyFormatApache,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" + + if \$programname == 'apache-access' then @@logs-01.loggly.com:6514;LogglyFormatApache + if \$programname == 'apache-access' then ~ + if \$programname == 'apache-error' then @@logs-01.loggly.com:6514;LogglyFormatApache + if \$programname == 'apache-error' then ~ + " + imfileStrNonTls=$commonContent" + + # Apache access file: + \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ACCESS_LOG_FILE + \$InputFileTag apache-access: + \$InputFileStateFile stat-apache-access + \$InputFileSeverity info + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #Apache Error file: + \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ERROR_LOG_FILE + \$InputFileTag apache-error: + \$InputFileStateFile stat-apache-error + \$InputFileSeverity error + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #Add a tag for apache events + \$template LogglyFormatApache,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" + + if \$programname == 'apache-access' then @@logs-01.loggly.com:514;LogglyFormatApache + if \$programname == 'apache-access' then ~ + if \$programname == 'apache-error' then @@logs-01.loggly.com:514;LogglyFormatApache + if \$programname == 'apache-error' then ~ + " + + if [ $TLS_SENDING == "false" ]; then + imfileStr=$imfileStrNonTls + fi + + #change the apache-21 file to variable from above and also take the directory of the apache log file. + sudo cat <>$APACHE_SYSLOG_CONFFILE $imfileStr EOIPFW - restartRsyslog + restartRsyslog } - #checks if the apache logs made to loggly -checkIfApacheLogsMadeToLoggly() -{ - counter=1 - maxCounter=10 - - apacheInitialLogCount=0 - apacheLatestLogCount=0 - - TAGS= - IFS=, read -a array <<< "$LOGGLY_FILE_TAG" - for i in "${array[@]}" - do - if [ "$TAGS" == "" ]; then - TAGS="tag%3A$i" - else - TAGS="$TAGS%20tag%3A$i" - fi - done - - queryParam="$TAGS&from=-15m&until=now&size=1" - queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" - logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" - - logMsgToConfigSysLog "INFO" "INFO: Getting initial apache log count." - #get the initial count of apache logs for past 15 minutes - searchAndFetch apacheInitialLogCount "$queryUrl" - - logMsgToConfigSysLog "INFO" "INFO: Verifying if the apache logs made it to Loggly." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - #get the final count of apache logs for past 15 minutes - searchAndFetch apacheLatestLogCount "$queryUrl" - let counter=$counter+1 - - while [ "$apacheLatestLogCount" -le "$apacheInitialLogCount" ]; do - echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." - sleep 30 - echo "INFO: Done waiting. Verifying again." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - searchAndFetch apacheLatestLogCount "$queryUrl" - let counter=$counter+1 - if [ "$counter" -gt "$maxCounter" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Apache logs did not make to Loggly in time. Please check network and firewall settings and retry." - exit 1 - fi - done - - if [ "$apacheLatestLogCount" -gt "$apacheInitialLogCount" ]; then - logMsgToConfigSysLog "INFO" "INFO: Apache logs successfully transferred to Loggly! You are now sending Apache logs to Loggly." - checkIfLogsAreParsedInLoggly - fi +checkIfApacheLogsMadeToLoggly() { + counter=1 + maxCounter=10 + + apacheInitialLogCount=0 + apacheLatestLogCount=0 + + TAGS= + IFS=, read -a array <<<"$LOGGLY_FILE_TAG" + for i in "${array[@]}"; do + if [ "$TAGS" == "" ]; then + TAGS="tag%3A$i" + else + TAGS="$TAGS%20tag%3A$i" + fi + done + + queryParam="$TAGS&from=-15m&until=now&size=1" + queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" + logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Getting initial apache log count." + #get the initial count of apache logs for past 15 minutes + searchAndFetch apacheInitialLogCount "$queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Verifying if the apache logs made it to Loggly." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + #get the final count of apache logs for past 15 minutes + searchAndFetch apacheLatestLogCount "$queryUrl" + let counter=$counter+1 + + while [ "$apacheLatestLogCount" -le "$apacheInitialLogCount" ]; do + echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." + sleep 30 + echo "INFO: Done waiting. Verifying again." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch apacheLatestLogCount "$queryUrl" + let counter=$counter+1 + if [ "$counter" -gt "$maxCounter" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Apache logs did not make to Loggly in time. Please check network and firewall settings and retry." + exit 1 + fi + done + + if [ "$apacheLatestLogCount" -gt "$apacheInitialLogCount" ]; then + logMsgToConfigSysLog "INFO" "INFO: Apache logs successfully transferred to Loggly! You are now sending Apache logs to Loggly." + checkIfLogsAreParsedInLoggly + fi } #verifying if the logs are being parsed or not -checkIfLogsAreParsedInLoggly() -{ - apacheInitialLogCount=0 - TAG_PARSER= - IFS=, read -a array <<< "$LOGGLY_FILE_TAG" - - for i in "${array[@]}" - do - TAG_PARSER="$TAG_PARSER%20tag%3A$i " - done - queryParam="logtype%3Aapache$TAG_PARSER&from=-15m&until=now&size=1" - queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" - searchAndFetch apacheInitialLogCount "$queryUrl" - logMsgToConfigSysLog "INFO" "INFO: Verifying if the Apache logs are parsed in Loggly." - if [ "$apacheInitialLogCount" -gt 0 ]; then - logMsgToConfigSysLog "INFO" "INFO: Apache logs successfully parsed in Loggly!" - else - logMsgToConfigSysLog "WARN" "WARN: We received your logs but they do not appear to use one of our automatically parsed formats. You can still do full text search and counts on these logs, but you won't be able to use our field explorer. Please consider switching to one of our automated formats https://www.loggly.com/docs/automated-parsing/" - fi +checkIfLogsAreParsedInLoggly() { + apacheInitialLogCount=0 + TAG_PARSER= + IFS=, read -a array <<<"$LOGGLY_FILE_TAG" + + for i in "${array[@]}"; do + TAG_PARSER="$TAG_PARSER%20tag%3A$i " + done + queryParam="logtype%3Aapache$TAG_PARSER&from=-15m&until=now&size=1" + queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" + searchAndFetch apacheInitialLogCount "$queryUrl" + logMsgToConfigSysLog "INFO" "INFO: Verifying if the Apache logs are parsed in Loggly." + if [ "$apacheInitialLogCount" -gt 0 ]; then + logMsgToConfigSysLog "INFO" "INFO: Apache logs successfully parsed in Loggly!" + else + logMsgToConfigSysLog "WARN" "WARN: We received your logs but they do not appear to use one of our automatically parsed formats. You can still do full text search and counts on these logs, but you won't be able to use our field explorer. Please consider switching to one of our automated formats https://www.loggly.com/docs/automated-parsing/" + fi } #remove 21apache.conf file -remove21ApacheConfFile() -{ - echo "INFO: Deleting the loggly apache syslog conf file." - if [ -f "$APACHE_SYSLOG_CONFFILE" ]; then - sudo rm -rf "$APACHE_SYSLOG_CONFFILE" - fi - echo "INFO: Removed all the modified files." - restartRsyslog +remove21ApacheConfFile() { + echo "INFO: Deleting the loggly apache syslog conf file." + if [ -f "$APACHE_SYSLOG_CONFFILE" ]; then + sudo rm -rf "$APACHE_SYSLOG_CONFFILE" + fi + echo "INFO: Removed all the modified files." + restartRsyslog } #display usage syntax -usage() -{ -cat << EOF +usage() { + cat <.conf file - write21ConfFileContents - - fi - - #restart rsyslog - restartRsyslog - - #verify if the file logs made it to loggly - checkIfFileLogsMadeToLoggly - - - if [ "$IS_FILE_MONITOR_SCRIPT_INVOKED" = "false" ]; then - #log success message - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Successfully configured to send $LOGGLY_FILE_TO_MONITOR logs via Loggly." - fi +installLogglyConfForFile() { + #log message indicating starting of Loggly configuration + logMsgToConfigSysLog "INFO" "INFO: Initiating configure Loggly for file monitoring." + + #check if the linux environment is compatible for Loggly + checkLinuxLogglyCompatibility + + #checks if the file name contain spaces, if yes, the exit + checkIfFileLocationContainSpaces + + if [ "$IS_DIRECTORY" == "true" ]; then + + configureDirectoryFileMonitoring + + else + + #check if file to monitor exists + checkIfFileExist + + #construct variables using filename and filealias + constructFileVariables + + #check if the alias is already taken + checkIfFileAliasExist + + #check for the log file size + checkLogFileSize $LOGGLY_FILE_TO_MONITOR + + #checks if the file has proper read permission + checkFileReadPermission + + #configure loggly for Linux + installLogglyConf + + #multiple tags + addTagsInConfiguration + + #create 21.conf file + write21ConfFileContents + + fi + + #restart rsyslog + restartRsyslog + + #verify if the file logs made it to loggly + checkIfFileLogsMadeToLoggly + + if [ "$IS_FILE_MONITOR_SCRIPT_INVOKED" = "false" ]; then + #log success message + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Successfully configured to send $LOGGLY_FILE_TO_MONITOR logs via Loggly." + fi } #executing script to remove loggly configuration for File -removeLogglyConfForFile() -{ - logMsgToConfigSysLog "INFO" "INFO: Initiating rollback." +removeLogglyConfForFile() { + logMsgToConfigSysLog "INFO" "INFO: Initiating rollback." - #check if the user has root permission to run this script - checkIfUserHasRootPrivileges + #check if the user has root permission to run this script + checkIfUserHasRootPrivileges - #check if the OS is supported by the script. If no, then exit - checkIfSupportedOS + #check if the OS is supported by the script. If no, then exit + checkIfSupportedOS - #construct variables using filename and filealias - constructFileVariables + #construct variables using filename and filealias + constructFileVariables - #checks if the conf file exists. if not, then exit. - checkIfConfFileExist + #checks if the conf file exists. if not, then exit. + checkIfConfFileExist - #remove 21.conf file - remove21ConfFile + #remove 21.conf file + remove21ConfFile - #restart rsyslog - restartRsyslog - - removeStatFile - - #log success message - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Rollback completed." + #restart rsyslog + restartRsyslog + + removeStatFile + + #log success message + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Rollback completed." } -checkIfFileLocationContainSpaces() -{ - case "$LOGGLY_FILE_TO_MONITOR" in - *\ * ) - logMsgToConfigSysLog "ERROR" "ERROR: File location cannot contain spaces." - exit 1;; - *) ;; - esac +checkIfFileLocationContainSpaces() { + case "$LOGGLY_FILE_TO_MONITOR" in + *\ *) + logMsgToConfigSysLog "ERROR" "ERROR: File location cannot contain spaces." + exit 1 + ;; + *) ;; + esac } -constructFileVariables() -{ - #conf file name - FILE_SYSLOG_CONFFILE="$RSYSLOG_ETCDIR_CONF/21-filemonitoring-$FILE_ALIAS.conf" +constructFileVariables() { + #conf file name + FILE_SYSLOG_CONFFILE="$RSYSLOG_ETCDIR_CONF/21-filemonitoring-$FILE_ALIAS.conf" - #conf file backup name - FILE_SYSLOG_CONFFILE_BACKUP="$RSYSLOG_ETCDIR_CONF/$FILE_ALIAS.loggly.bk" + #conf file backup name + FILE_SYSLOG_CONFFILE_BACKUP="$RSYSLOG_ETCDIR_CONF/$FILE_ALIAS.loggly.bk" - #application tag - APP_TAG="\"file-alias\":\"$LOGGLY_FILE_TO_MONITOR_ALIAS\"" + #application tag + APP_TAG="\"file-alias\":\"$LOGGLY_FILE_TO_MONITOR_ALIAS\"" } #configures the directory files for file monitoring -configureDirectoryFileMonitoring() -{ - addTagsInConfiguration - TOTAL_FILES_IN_DIR=$(ls -1 ${LOGGLY_FILE_TO_MONITOR} | wc -l) - logMsgToConfigSysLog "INFO" "INFO: There are $TOTAL_FILES_IN_DIR files in directory. Configuring each file for monitoring present in this directory." - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; do - read -p "There are $TOTAL_FILES_IN_DIR files present in this directory. Would you like to configure all the files (yes/no)?" yn - case $yn in - [Yy]* ) - installLogglyConf - for file in $(find $LOGGLY_FILE_TO_MONITOR -name '*') - do - configureFilesPresentInDirectory $file $FILE_ALIAS - done - break;; - [Nn]* ) - exit 1 - break;; - * ) echo "Please answer yes or no.";; - esac - done - while true; do - read -p "Would you like install a Cron job to sync the files currently in your Directory every 5 minutes? (yes/no)" yn - case $yn in - [Yy]* ) - doCronInstallation - break;; - [Nn]* ) - logMsgToConfigSysLog "INFO" "INFO: Skipping Cron installation." - break;; - * ) echo "Please answer yes or no.";; - esac - done - else - installLogglyConf - for file in $(find $LOGGLY_FILE_TO_MONITOR -name '*') - do - configureFilesPresentInDirectory $file $FILE_ALIAS - done - if [[ ! -f "/root/.loggly/file-monitoring-cron-$FILE_ALIAS.sh" ]]; then - doCronInstallation - fi - fi +configureDirectoryFileMonitoring() { + addTagsInConfiguration + TOTAL_FILES_IN_DIR=$(ls -1 ${LOGGLY_FILE_TO_MONITOR} | wc -l) + logMsgToConfigSysLog "INFO" "INFO: There are $TOTAL_FILES_IN_DIR files in directory. Configuring each file for monitoring present in this directory." + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "There are $TOTAL_FILES_IN_DIR files present in this directory. Would you like to configure all the files (yes/no)?" yn + case $yn in + [Yy]*) + installLogglyConf + for file in $(find $LOGGLY_FILE_TO_MONITOR -name '*'); do + configureFilesPresentInDirectory $file $FILE_ALIAS + done + break + ;; + [Nn]*) + exit 1 + break + ;; + *) echo "Please answer yes or no." ;; + esac + done + while true; do + read -p "Would you like install a Cron job to sync the files currently in your Directory every 5 minutes? (yes/no)" yn + case $yn in + [Yy]*) + doCronInstallation + break + ;; + [Nn]*) + logMsgToConfigSysLog "INFO" "INFO: Skipping Cron installation." + break + ;; + *) echo "Please answer yes or no." ;; + esac + done + else + installLogglyConf + for file in $(find $LOGGLY_FILE_TO_MONITOR -name '*'); do + configureFilesPresentInDirectory $file $FILE_ALIAS + done + if [[ ! -f "/root/.loggly/file-monitoring-cron-$FILE_ALIAS.sh" ]]; then + doCronInstallation + fi + fi } #actually configures a file present in the directory for monitoring -configureFilesPresentInDirectory() -{ - FILE_TO_MONITOR=$1 - fileNameWithExt=${1##*/} - uniqueFileName=$(echo "$fileNameWithExt" | tr . _) - var=$(file $FILE_TO_MONITOR) - - #checking if it is a text file otherwise ignore it - #it may be possible that the "text" may contain some uppercase letters like "Text" - var=$(echo $var | tr "[:upper:]" "[:lower:]") - if [[ $var == *text* ]]; then - LOGGLY_FILE_TO_MONITOR_ALIAS=$uniqueFileName-$2 - if [ -f ${FILE_TO_MONITOR} ]; then - constructFileVariables - checkFileReadPermission - checkLogFileSize $FILE_TO_MONITOR - STATE_FILE_ALIAS=$(echo -n "$uniqueFileName" | md5sum | tr -d ' ')$FILE_ALIAS - write21ConfFileContents - fi - fi +configureFilesPresentInDirectory() { + FILE_TO_MONITOR=$1 + fileNameWithExt=${1##*/} + uniqueFileName=$(echo "$fileNameWithExt" | tr . _) + var=$(file $FILE_TO_MONITOR) + + #checking if it is a text file otherwise ignore it + #it may be possible that the "text" may contain some uppercase letters like "Text" + var=$(echo $var | tr "[:upper:]" "[:lower:]") + if [[ $var == *text* ]]; then + LOGGLY_FILE_TO_MONITOR_ALIAS=$uniqueFileName-$2 + if [ -f ${FILE_TO_MONITOR} ]; then + constructFileVariables + checkFileReadPermission + checkLogFileSize $FILE_TO_MONITOR + STATE_FILE_ALIAS=$(echo -n "$uniqueFileName" | md5sum | tr -d ' ')$FILE_ALIAS + write21ConfFileContents + fi + fi } -checkIfWildcardExist() -{ - TOTAL_FILES_IN_DIR=$(ls -1 ${LOGGLY_FILE_TO_MONITOR} 2> /dev/null | wc -l ) - WILDCARDS=( '*' '.' '?' '|' ']' '[' ) - for WILDCARD in "${WILDCARDS[@]}"; - do - if [[ $LOGGLY_FILE_TO_MONITOR == *"${WILDCARD}"* && $TOTAL_FILES_IN_DIR -gt 0 ]]; then - IS_WILDCARD="true" - return 0 - else - return 1 - fi - done +checkIfWildcardExist() { + TOTAL_FILES_IN_DIR=$(ls -1 ${LOGGLY_FILE_TO_MONITOR} 2>/dev/null | wc -l) + WILDCARDS=('*' '.' '?' '|' ']' '[') + for WILDCARD in "${WILDCARDS[@]}"; do + if [[ $LOGGLY_FILE_TO_MONITOR == *"${WILDCARD}"* && $TOTAL_FILES_IN_DIR -gt 0 ]]; then + IS_WILDCARD="true" + return 0 + else + return 1 + fi + done } #checks if the file to be monitored exist -checkIfFileExist() -{ - if [ -f "$LOGGLY_FILE_TO_MONITOR" ]; then - logMsgToConfigSysLog "INFO" "INFO: File $LOGGLY_FILE_TO_MONITOR exists." - else - logMsgToConfigSysLog "ERROR" "ERROR: File $LOGGLY_FILE_TO_MONITOR does not exist. Kindly recheck." - exit 1 - fi +checkIfFileExist() { + if [ -f "$LOGGLY_FILE_TO_MONITOR" ]; then + logMsgToConfigSysLog "INFO" "INFO: File $LOGGLY_FILE_TO_MONITOR exists." + else + logMsgToConfigSysLog "ERROR" "ERROR: File $LOGGLY_FILE_TO_MONITOR does not exist. Kindly recheck." + exit 1 + fi } #deletes the state file for the current alias, if exists -deleteStateFile() -{ - restartRsyslog - sudo rm -f $RSYSLOG_DIR/stat-$FILE_ALIAS - restartRsyslog +deleteStateFile() { + restartRsyslog + sudo rm -f $RSYSLOG_DIR/stat-$FILE_ALIAS + restartRsyslog } #check if the file alias is already taken -checkIfFileAliasExist() -{ - if [ -f "$FILE_SYSLOG_CONFFILE" ]; then - logMsgToConfigSysLog "WARN" "WARN: This file alias is already taken. You must choose a unique file alias for each file." - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; do - read -p "Would you like to overwrite the configuration for this file alias (yes/no)?" yn - case $yn in - [Yy]* ) - logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $FILE_SYSLOG_CONFFILE to $FILE_SYSLOG_CONFFILE_BACKUP"; - sudo mv -f $FILE_SYSLOG_CONFFILE $FILE_SYSLOG_CONFFILE_BACKUP - deleteStateFile - break;; - [Nn]* ) - logMsgToConfigSysLog "INFO" "INFO: Not overwriting the existing configuration. Exiting" - exit 1 - break;; - * ) echo "Please answer yes or no.";; - esac - done - else - logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $FILE_SYSLOG_CONFFILE to $FILE_SYSLOG_CONFFILE_BACKUP"; - sudo mv -f $FILE_SYSLOG_CONFFILE $FILE_SYSLOG_CONFFILE_BACKUP - deleteStateFile - fi - fi +checkIfFileAliasExist() { + if [ -f "$FILE_SYSLOG_CONFFILE" ]; then + logMsgToConfigSysLog "WARN" "WARN: This file alias is already taken. You must choose a unique file alias for each file." + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "Would you like to overwrite the configuration for this file alias (yes/no)?" yn + case $yn in + [Yy]*) + logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $FILE_SYSLOG_CONFFILE to $FILE_SYSLOG_CONFFILE_BACKUP" + sudo mv -f $FILE_SYSLOG_CONFFILE $FILE_SYSLOG_CONFFILE_BACKUP + deleteStateFile + break + ;; + [Nn]*) + logMsgToConfigSysLog "INFO" "INFO: Not overwriting the existing configuration. Exiting" + exit 1 + break + ;; + *) echo "Please answer yes or no." ;; + esac + done + else + logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $FILE_SYSLOG_CONFFILE to $FILE_SYSLOG_CONFFILE_BACKUP" + sudo mv -f $FILE_SYSLOG_CONFFILE $FILE_SYSLOG_CONFFILE_BACKUP + deleteStateFile + fi + fi } #check the size of the log file. If the size is greater than 100MB give a warning to the user. If the file size is 0 #then exit -checkLogFileSize() -{ - monitorFileSize=$(wc -c "$1" | cut -f 1 -d ' ') - if [ $monitorFileSize -ge 102400000 ]; then - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; do - read -p "WARN: There are currently large log files which may use up your allowed volume. Please rotate your logs before continuing. Would you like to continue now anyway? (yes/no)" yn - case $yn in - [Yy]* ) - logMsgToConfigSysLog "INFO" "INFO: Current size of $LOGGLY_FILE_TO_MONITOR is $monitorFileSize bytes. Continuing with File Loggly configuration."; - break;; - [Nn]* ) - logMsgToConfigSysLog "INFO" "INFO: Current size of $LOGGLY_FILE_TO_MONITOR is $monitorFileSize bytes. Discontinuing with File Loggly configuration." - exit 1 - break;; - * ) echo "Please answer yes or no.";; - esac - done - else - logMsgToConfigSysLog "WARN" "WARN: There are currently large log files which may use up your allowed volume." - logMsgToConfigSysLog "INFO" "INFO: Current size of $LOGGLY_FILE_TO_MONITOR is $monitorFileSize bytes. Continuing with File Loggly configuration."; - fi - elif [ $monitorFileSize -eq 0 ]; then - logMsgToConfigSysLog "WARN" "WARN: There are no recent logs from $LOGGLY_FILE_TO_MONITOR so there won't be any data sent to Loggly. You can generate some logs by writing to this file." - exit 1 - else - logMsgToConfigSysLog "INFO" "INFO: File size of $FILE_TO_MONITOR is $monitorFileSize bytes." - fi +checkLogFileSize() { + monitorFileSize=$(wc -c "$1" | cut -f 1 -d ' ') + if [ $monitorFileSize -ge 102400000 ]; then + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "WARN: There are currently large log files which may use up your allowed volume. Please rotate your logs before continuing. Would you like to continue now anyway? (yes/no)" yn + case $yn in + [Yy]*) + logMsgToConfigSysLog "INFO" "INFO: Current size of $LOGGLY_FILE_TO_MONITOR is $monitorFileSize bytes. Continuing with File Loggly configuration." + break + ;; + [Nn]*) + logMsgToConfigSysLog "INFO" "INFO: Current size of $LOGGLY_FILE_TO_MONITOR is $monitorFileSize bytes. Discontinuing with File Loggly configuration." + exit 1 + break + ;; + *) echo "Please answer yes or no." ;; + esac + done + else + logMsgToConfigSysLog "WARN" "WARN: There are currently large log files which may use up your allowed volume." + logMsgToConfigSysLog "INFO" "INFO: Current size of $LOGGLY_FILE_TO_MONITOR is $monitorFileSize bytes. Continuing with File Loggly configuration." + fi + elif [ $monitorFileSize -eq 0 ]; then + logMsgToConfigSysLog "WARN" "WARN: There are no recent logs from $LOGGLY_FILE_TO_MONITOR so there won't be any data sent to Loggly. You can generate some logs by writing to this file." + exit 1 + else + logMsgToConfigSysLog "INFO" "INFO: File size of $FILE_TO_MONITOR is $monitorFileSize bytes." + fi } - -#checks the input file has proper read permissions -checkFileReadPermission() -{ - LINUX_DIST_IN_LOWER_CASE=$(echo $LINUX_DIST | tr "[:upper:]" "[:lower:]") - #no need to check read permissions with RedHat and CentOS as they also work with ---------- (000)permissions - case "$LINUX_DIST_IN_LOWER_CASE" in - *"redhat"* ) - ;; - *"centos"* ) - ;; - * ) - FILE_PERMISSIONS=$(ls -l $LOGGLY_FILE_TO_MONITOR) - #checking if the file has read permission for others - PERMISSION_READ_OTHERS=${FILE_PERMISSIONS:7:1} - if [[ $PERMISSION_READ_OTHERS != r ]]; then - logMsgToConfigSysLog "WARN" "WARN: $LOGGLY_FILE_TO_MONITOR does not have proper read permissions. Verification step may fail." - fi - ;; - esac +#checks the input file has proper read permissions +checkFileReadPermission() { + LINUX_DIST_IN_LOWER_CASE=$(echo $LINUX_DIST | tr "[:upper:]" "[:lower:]") + #no need to check read permissions with RedHat and CentOS as they also work with ---------- (000)permissions + case "$LINUX_DIST_IN_LOWER_CASE" in + *"redhat"*) ;; + + *"centos"*) ;; + + *) + FILE_PERMISSIONS=$(ls -l $LOGGLY_FILE_TO_MONITOR) + #checking if the file has read permission for others + PERMISSION_READ_OTHERS=${FILE_PERMISSIONS:7:1} + if [[ $PERMISSION_READ_OTHERS != r ]]; then + logMsgToConfigSysLog "WARN" "WARN: $LOGGLY_FILE_TO_MONITOR does not have proper read permissions. Verification step may fail." + fi + ;; + esac } -addTagsInConfiguration() -{ - #split tags by comman(,) - IFS=, read -a array <<< "$LOGGLY_FILE_TAG" - for i in "${array[@]}" - do - TAG="$TAG tag=\\\"$i\\\" " - done +addTagsInConfiguration() { + #split tags by comman(,) + IFS=, read -a array <<<"$LOGGLY_FILE_TAG" + for i in "${array[@]}"; do + TAG="$TAG tag=\\\"$i\\\" " + done } -doCronInstallation() -{ - if [[ ! -d "/root/.loggly" ]]; then - mkdir /root/.loggly - fi - CRON_SCRIPT="/root/.loggly/file-monitoring-cron-$FILE_ALIAS.sh" - logMsgToConfigSysLog "INFO" "INFO: Creating cron script $CRON_SCRIPT" +doCronInstallation() { + if [[ ! -d "/root/.loggly" ]]; then + mkdir /root/.loggly + fi + CRON_SCRIPT="/root/.loggly/file-monitoring-cron-$FILE_ALIAS.sh" + logMsgToConfigSysLog "INFO" "INFO: Creating cron script $CRON_SCRIPT" -sudo touch $CRON_SCRIPT -sudo chmod +x $CRON_SCRIPT + sudo touch $CRON_SCRIPT + sudo chmod +x $CRON_SCRIPT -cronScriptStr="#!/bin/bash + cronScriptStr="#!/bin/bash curl -s -o configure-file-monitoring.sh https://www.loggly.com/install/configure-file-monitoring.sh sudo mv -f $FILE_SYSLOG_CONFFILE $FILE_SYSLOG_CONFFILE.bk sudo rm -f $FILE_SYSLOG_CONFFILE sudo bash configure-file-monitoring.sh -a $LOGGLY_ACCOUNT -u $LOGGLY_USERNAME -p $LOGGLY_PASSWORD -f $LOGGLY_FILE_TO_MONITOR -l $FILE_ALIAS -tag $LOGGLY_FILE_TAG -s " -#write to cron script file + #write to cron script file -sudo cat << EOIPFW >> $CRON_SCRIPT + sudo cat <>$CRON_SCRIPT $cronScriptStr EOIPFW - CRON_JOB_TO_MONITOR_FILES="*/10 * * * * sudo bash $CRON_SCRIPT" - CRON_FILE="/tmp/File_Monitor_Cron" - - EXISTING_CRONS=$(sudo crontab -l 2>&1) - case $EXISTING_CRONS in - no*) - ;; - *) - echo "$EXISTING_CRONS" >> $CRON_FILE - ;; - esac - - echo "$CRON_JOB_TO_MONITOR_FILES" >> $CRON_FILE - sudo crontab $CRON_FILE - sudo rm -fr $CRON_FILE + CRON_JOB_TO_MONITOR_FILES="*/10 * * * * sudo bash $CRON_SCRIPT" + CRON_FILE="/tmp/File_Monitor_Cron" + + EXISTING_CRONS=$(sudo crontab -l 2>&1) + case $EXISTING_CRONS in + no*) ;; + + *) + echo "$EXISTING_CRONS" >>$CRON_FILE + ;; + esac + + echo "$CRON_JOB_TO_MONITOR_FILES" >>$CRON_FILE + sudo crontab $CRON_FILE + sudo rm -fr $CRON_FILE } #function to write the contents of syslog config file -write21ConfFileContents() -{ - logMsgToConfigSysLog "INFO" "INFO: Creating file $FILE_SYSLOG_CONFFILE" - sudo touch $FILE_SYSLOG_CONFFILE - sudo chmod o+w $FILE_SYSLOG_CONFFILE - - rsyslog_version="$(rsyslogd -v)" - r_ver=${rsyslog_version:9:1} - if [ $r_ver -le 7 ] - then - imfileStr=" - \$ModLoad imfile - \$InputFilePollInterval 10 - \$WorkDirectory $RSYSLOG_DIR - \$ActionSendStreamDriver gtls - \$ActionSendStreamDriverMode 1 - \$ActionSendStreamDriverAuthMode x509/name - \$ActionSendStreamDriverPermittedPeer *.loggly.com - - #RsyslogGnuTLS - \$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt - - # File access file: - \$InputFileName $FILE_TO_MONITOR - \$InputFileTag $LOGGLY_FILE_TO_MONITOR_ALIAS - \$InputFileStateFile stat-$STATE_FILE_ALIAS - \$InputFileSeverity info - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - - #Add a tag for file events - template (name=\"$CONF_FILE_FORMAT_NAME\" type=\"string\" string=\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\") - - if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then action(type=\"omfwd\" protocol=\"tcp\" target=\"logs-01.loggly.com\" port=\"6514\" template=\"$CONF_FILE_FORMAT_NAME\") - if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then stop - " - imfileStrNonTls=" - \$ModLoad imfile - \$InputFilePollInterval 10 - \$WorkDirectory $RSYSLOG_DIR - - # File access file: - \$InputFileName $FILE_TO_MONITOR - \$InputFileTag $LOGGLY_FILE_TO_MONITOR_ALIAS - \$InputFileStateFile stat-$STATE_FILE_ALIAS - \$InputFileSeverity info - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - - #Add a tag for file events - template (name=\"$CONF_FILE_FORMAT_NAME\" type=\"string\" string=\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\") - - if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then action(type=\"omfwd\" protocol=\"tcp\" target=\"logs-01.loggly.com\" port=\"514\" template=\"$CONF_FILE_FORMAT_NAME\") - if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then stop - " - else - imfileStr=" - module(load=\"imfile\") - - #RsyslogGnuTLS - \$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt - - # Input for FILE1 - input(type=\"imfile\" tag=\"$LOGGLY_FILE_TO_MONITOR_ALIAS\" ruleset=\"filelog\" file=\"$FILE_TO_MONITOR\") #wildcard is allowed at file level only - - # Add a tag for file events - template(name=\"$CONF_FILE_FORMAT_NAME\" type=\"string\" string=\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\") - - ruleset(name=\"filelog\"){ - action(type=\"omfwd\" protocol=\"tcp\" target=\"logs-01.loggly.com\" port=\"6514\" template=\"$CONF_FILE_FORMAT_NAME\" StreamDriver=\"gtls\" StreamDriverMode=\"1\" StreamDriverAuthMode=\"x509/name\" StreamDriverPermittedPeers=\"*.loggly.com\") - } - " - imfileStrNonTls=" - - module(load=\"imfile\") - - # Input for FILE1 - input(type=\"imfile\" tag=\"$LOGGLY_FILE_TO_MONITOR_ALIAS\" ruleset=\"filelog\" file=\"$FILE_TO_MONITOR\") #wildcard is allowed at file level only - - # Add a tag for file events - template(name=\"$CONF_FILE_FORMAT_NAME\" type=\"string\" string=\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\") - - ruleset(name=\"filelog\"){ - action(type=\"omfwd\" protocol=\"tcp\" target=\"logs-01.loggly.com\" port=\"514\" template=\"$CONF_FILE_FORMAT_NAME\") stop - } - " - fi - - if [ $FILE_TLS_SENDING == "false" ]; - then - imfileStr=$imfileStrNonTls - fi - - #write to 21-.conf file -sudo cat << EOIPFW >> $FILE_SYSLOG_CONFFILE +write21ConfFileContents() { + logMsgToConfigSysLog "INFO" "INFO: Creating file $FILE_SYSLOG_CONFFILE" + sudo touch $FILE_SYSLOG_CONFFILE + sudo chmod o+w $FILE_SYSLOG_CONFFILE + + rsyslog_version="$(rsyslogd -v)" + r_ver=${rsyslog_version:9:1} + if [ $r_ver -le 7 ]; then + imfileStr=" + \$ModLoad imfile + \$InputFilePollInterval 10 + \$WorkDirectory $RSYSLOG_DIR + \$ActionSendStreamDriver gtls + \$ActionSendStreamDriverMode 1 + \$ActionSendStreamDriverAuthMode x509/name + \$ActionSendStreamDriverPermittedPeer *.loggly.com + + #RsyslogGnuTLS + \$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt + + # File access file: + \$InputFileName $FILE_TO_MONITOR + \$InputFileTag $LOGGLY_FILE_TO_MONITOR_ALIAS + \$InputFileStateFile stat-$STATE_FILE_ALIAS + \$InputFileSeverity info + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #Add a tag for file events + template (name=\"$CONF_FILE_FORMAT_NAME\" type=\"string\" string=\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\") + + if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then action(type=\"omfwd\" protocol=\"tcp\" target=\"logs-01.loggly.com\" port=\"6514\" template=\"$CONF_FILE_FORMAT_NAME\") + if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then stop + " + imfileStrNonTls=" + \$ModLoad imfile + \$InputFilePollInterval 10 + \$WorkDirectory $RSYSLOG_DIR + + # File access file: + \$InputFileName $FILE_TO_MONITOR + \$InputFileTag $LOGGLY_FILE_TO_MONITOR_ALIAS + \$InputFileStateFile stat-$STATE_FILE_ALIAS + \$InputFileSeverity info + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #Add a tag for file events + template (name=\"$CONF_FILE_FORMAT_NAME\" type=\"string\" string=\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\") + + if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then action(type=\"omfwd\" protocol=\"tcp\" target=\"logs-01.loggly.com\" port=\"514\" template=\"$CONF_FILE_FORMAT_NAME\") + if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then stop + " + else + imfileStr=" + module(load=\"imfile\") + + #RsyslogGnuTLS + \$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt + + # Input for FILE1 + input(type=\"imfile\" tag=\"$LOGGLY_FILE_TO_MONITOR_ALIAS\" ruleset=\"filelog\" file=\"$FILE_TO_MONITOR\") #wildcard is allowed at file level only + + # Add a tag for file events + template(name=\"$CONF_FILE_FORMAT_NAME\" type=\"string\" string=\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\") + + ruleset(name=\"filelog\"){ + action(type=\"omfwd\" protocol=\"tcp\" target=\"logs-01.loggly.com\" port=\"6514\" template=\"$CONF_FILE_FORMAT_NAME\" StreamDriver=\"gtls\" StreamDriverMode=\"1\" StreamDriverAuthMode=\"x509/name\" StreamDriverPermittedPeers=\"*.loggly.com\") + } + " + imfileStrNonTls=" + + module(load=\"imfile\") + + # Input for FILE1 + input(type=\"imfile\" tag=\"$LOGGLY_FILE_TO_MONITOR_ALIAS\" ruleset=\"filelog\" file=\"$FILE_TO_MONITOR\") #wildcard is allowed at file level only + + # Add a tag for file events + template(name=\"$CONF_FILE_FORMAT_NAME\" type=\"string\" string=\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\") + + ruleset(name=\"filelog\"){ + action(type=\"omfwd\" protocol=\"tcp\" target=\"logs-01.loggly.com\" port=\"514\" template=\"$CONF_FILE_FORMAT_NAME\") stop + } + " + fi + + if [ $FILE_TLS_SENDING == "false" ]; then + imfileStr=$imfileStrNonTls + fi + + #write to 21-.conf file + sudo cat <>$FILE_SYSLOG_CONFFILE $imfileStr EOIPFW } #checks if the apache logs made to loggly -checkIfFileLogsMadeToLoggly() -{ - counter=1 - maxCounter=10 - - fileInitialLogCount=0 - fileLatestLogCount=0 - queryParam="syslog.appName%3A$LOGGLY_FILE_TO_MONITOR_ALIAS&from=-15m&until=now&size=1" - - queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" - logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" - - logMsgToConfigSysLog "INFO" "INFO: Getting initial log count." - #get the initial count of file logs for past 15 minutes - searchAndFetch fileInitialLogCount "$queryUrl" - - logMsgToConfigSysLog "INFO" "INFO: Verifying if the logs made it to Loggly." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - #get the final count of file logs for past 15 minutes - searchAndFetch fileLatestLogCount "$queryUrl" - let counter=$counter+1 - - while [ "$fileLatestLogCount" -le "$fileInitialLogCount" ]; do - echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." - sleep 30 - echo "INFO: Done waiting. Verifying again." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - searchAndFetch fileLatestLogCount "$queryUrl" - let counter=$counter+1 - if [ "$counter" -gt "$maxCounter" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: File logs did not make to Loggly in time. Please check network and firewall settings and retry." - exit 1 - fi - done - - if [ "$fileLatestLogCount" -gt "$fileInitialLogCount" ]; then - logMsgToConfigSysLog "INFO" "INFO: Logs successfully transferred to Loggly! You are now sending $LOGGLY_FILE_TO_MONITOR logs to Loggly." - checkIfLogsAreParsedInLoggly - fi +checkIfFileLogsMadeToLoggly() { + counter=1 + maxCounter=10 + + fileInitialLogCount=0 + fileLatestLogCount=0 + queryParam="syslog.appName%3A$LOGGLY_FILE_TO_MONITOR_ALIAS&from=-15m&until=now&size=1" + + queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" + logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Getting initial log count." + #get the initial count of file logs for past 15 minutes + searchAndFetch fileInitialLogCount "$queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Verifying if the logs made it to Loggly." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + #get the final count of file logs for past 15 minutes + searchAndFetch fileLatestLogCount "$queryUrl" + let counter=$counter+1 + + while [ "$fileLatestLogCount" -le "$fileInitialLogCount" ]; do + echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." + sleep 30 + echo "INFO: Done waiting. Verifying again." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch fileLatestLogCount "$queryUrl" + let counter=$counter+1 + if [ "$counter" -gt "$maxCounter" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: File logs did not make to Loggly in time. Please check network and firewall settings and retry." + exit 1 + fi + done + + if [ "$fileLatestLogCount" -gt "$fileInitialLogCount" ]; then + logMsgToConfigSysLog "INFO" "INFO: Logs successfully transferred to Loggly! You are now sending $LOGGLY_FILE_TO_MONITOR logs to Loggly." + checkIfLogsAreParsedInLoggly + fi } #verifying if the logs are being parsed or not -checkIfLogsAreParsedInLoggly() -{ - fileInitialLogCount=0 - TAG_PARSER= - IFS=, read -a array <<< "$LOGGLY_FILE_TAG" - for i in "${array[@]}" - do - TAG_PARSER="$TAG_PARSER%20tag%3A$i " - done - - queryParam="syslog.appName%3A$LOGGLY_FILE_TO_MONITOR_ALIAS$TAG_PARSER&from=-15m&until=now&size=1" - queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" - searchAndFetch fileInitialLogCount "$queryUrl" - if [ "$fileInitialLogCount" -gt 0 ]; then - logMsgToConfigSysLog "INFO" "INFO: File logs successfully parsed in Loggly!" - else - logMsgToConfigSysLog "WARN" "WARN: We received your logs but they do not appear to use one of our automatically parsed formats. You can still do full text search and counts on these logs, but you won't be able to use our field explorer. Please consider switching to one of our automated formats https://www.loggly.com/docs/automated-parsing/" - fi +checkIfLogsAreParsedInLoggly() { + fileInitialLogCount=0 + TAG_PARSER= + IFS=, read -a array <<<"$LOGGLY_FILE_TAG" + for i in "${array[@]}"; do + TAG_PARSER="$TAG_PARSER%20tag%3A$i " + done + + queryParam="syslog.appName%3A$LOGGLY_FILE_TO_MONITOR_ALIAS$TAG_PARSER&from=-15m&until=now&size=1" + queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" + searchAndFetch fileInitialLogCount "$queryUrl" + if [ "$fileInitialLogCount" -gt 0 ]; then + logMsgToConfigSysLog "INFO" "INFO: File logs successfully parsed in Loggly!" + else + logMsgToConfigSysLog "WARN" "WARN: We received your logs but they do not appear to use one of our automatically parsed formats. You can still do full text search and counts on these logs, but you won't be able to use our field explorer. Please consider switching to one of our automated formats https://www.loggly.com/docs/automated-parsing/" + fi } #checks if the conf file exist. Name of conf file is constructed using the file alias name provided -checkIfConfFileExist() -{ - if [[ ! -f "$FILE_SYSLOG_CONFFILE" ]]; then - if [ $(sudo crontab -l 2>/dev/null | grep "file-monitoring-cron-$FILE_ALIAS.sh" | wc -l) -eq 1 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Cron is running to refresh configuration. Please try again after sometime." - exit 1 - else - logMsgToConfigSysLog "ERROR" "ERROR: Invalid File Alias provided." - exit 1 - fi - fi +checkIfConfFileExist() { + if [[ ! -f "$FILE_SYSLOG_CONFFILE" ]]; then + if [ $(sudo crontab -l 2>/dev/null | grep "file-monitoring-cron-$FILE_ALIAS.sh" | wc -l) -eq 1 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Cron is running to refresh configuration. Please try again after sometime." + exit 1 + else + logMsgToConfigSysLog "ERROR" "ERROR: Invalid File Alias provided." + exit 1 + fi + fi } #remove 21.conf file -remove21ConfFile() -{ - echo "INFO: Deleting the loggly syslog conf file $FILE_SYSLOG_CONFFILE." - if [ -f "$FILE_SYSLOG_CONFFILE" ]; then - sudo rm -rf "$FILE_SYSLOG_CONFFILE" - deleteFileFromCrontab - if [ "$IS_FILE_MONITOR_SCRIPT_INVOKED" = "false" ]; then - echo "INFO: Removed all the modified files." - fi - else - logMsgToConfigSysLog "WARN" "WARN: $FILE_SYSLOG_CONFFILE file was not found." - fi +remove21ConfFile() { + echo "INFO: Deleting the loggly syslog conf file $FILE_SYSLOG_CONFFILE." + if [ -f "$FILE_SYSLOG_CONFFILE" ]; then + sudo rm -rf "$FILE_SYSLOG_CONFFILE" + deleteFileFromCrontab + if [ "$IS_FILE_MONITOR_SCRIPT_INVOKED" = "false" ]; then + echo "INFO: Removed all the modified files." + fi + else + logMsgToConfigSysLog "WARN" "WARN: $FILE_SYSLOG_CONFFILE file was not found." + fi } -deleteFileFromCrontab() -{ - if [ -f "/root/.loggly/file-monitoring-cron-$FILE_ALIAS.sh" ];then +deleteFileFromCrontab() { + if [ -f "/root/.loggly/file-monitoring-cron-$FILE_ALIAS.sh" ]; then + + logMsgToConfigSysLog "INFO" "INFO: Deleting sync Cron." + + #delete cron + sudo crontab -l | grep -v "file-monitoring-cron-$FILE_ALIAS.sh" | crontab - + + #delete cron script + sudo rm -f /root/.loggly/file-monitoring-cron-$FILE_ALIAS.sh - logMsgToConfigSysLog "INFO" "INFO: Deleting sync Cron." - - #delete cron - sudo crontab -l | grep -v "file-monitoring-cron-$FILE_ALIAS.sh" | crontab - - - #delete cron script - sudo rm -f /root/.loggly/file-monitoring-cron-$FILE_ALIAS.sh - - fi + fi } -removeStatFile() -{ - sudo rm -f $RSYSLOG_DIR/stat-*$FILE_ALIAS +removeStatFile() { + sudo rm -f $RSYSLOG_DIR/stat-*$FILE_ALIAS } #display usage syntax -usage() -{ -cat << EOF +usage() { + cat </dev/null; then - logMsgToConfigSysLog "INFO" "INFO: Nginx is present as a service." - else - logMsgToConfigSysLog "ERROR" "ERROR: Nginx is not configured as a service" - exit 1 - fi - - #get the version of nginx installed - getNginxVersion - - #set all the required nginx variables by this script - setNginxVariables +checkNginxDetails() { + #verify if nginx is installed as service + if [ -f /etc/init.d/$SERVICE ]; then + logMsgToConfigSysLog "INFO" "INFO: Nginx is present as a service." + elif [[ $(which systemctl) && $(systemctl list-unit-files $SERVICE.service | grep "$SERVICE.service") ]] &>/dev/null; then + logMsgToConfigSysLog "INFO" "INFO: Nginx is present as a service." + else + logMsgToConfigSysLog "ERROR" "ERROR: Nginx is not configured as a service" + exit 1 + fi + + #get the version of nginx installed + getNginxVersion + + #set all the required nginx variables by this script + setNginxVariables } - #sets nginx variables which will be used across various functions -setNginxVariables() -{ - LOGGLY_NGINX_LOG_HOME=/var/log/$SERVICE +setNginxVariables() { + LOGGLY_NGINX_LOG_HOME=/var/log/$SERVICE } #gets the version of nginx installed on the unix box -getNginxVersion() -{ - NGINX_VERSION=$(nginx -v 2>&1) - NGINX_VERSION=${NGINX_VERSION#*/} - APP_TAG="\"nginx-version\":\"$NGINX_VERSION\"" - logMsgToConfigSysLog "INFO" "INFO: nginx version: $NGINX_VERSION" +getNginxVersion() { + NGINX_VERSION=$(nginx -v 2>&1) + NGINX_VERSION=${NGINX_VERSION#*/} + APP_TAG="\"nginx-version\":\"$NGINX_VERSION\"" + logMsgToConfigSysLog "INFO" "INFO: nginx version: $NGINX_VERSION" } -checkLogFileSize() -{ - accessFileSize=$(wc -c "$1" | cut -f 1 -d ' ') - errorFileSize=$(wc -c "$2" | cut -f 1 -d ' ') - fileSize=$((accessFileSize+errorFileSize)) - if [ $fileSize -ge 102400000 ]; then - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; do - read -p "WARN: There are currently large log files which may use up your allowed volume. Please rotate your logs before continuing. Would you like to continue now anyway? (yes/no)" yn - case $yn in - [Yy]* ) - logMsgToConfigSysLog "INFO" "INFO: Current nginx logs size is $fileSize bytes. Continuing with nginx Loggly configuration."; - break;; - [Nn]* ) - logMsgToConfigSysLog "INFO" "INFO: Current nginx logs size is $fileSize bytes. Discontinuing with nginx Loggly configuration." - exit 1 - break;; - * ) echo "Please answer yes or no.";; - esac - done - else - logMsgToConfigSysLog "WARN" "WARN: There are currently large log files which may use up your allowed volume." - logMsgToConfigSysLog "INFO" "INFO: Current nginx logs size is $fileSize bytes. Continuing with nginx Loggly configuration."; - fi - elif [ $fileSize -eq 0 ]; then - logMsgToConfigSysLog "WARN" "WARN: There are no recent logs from nginx there so won't be any sent to Loggly. You can generate some logs by visiting a page on your web server." - exit 1 - fi +checkLogFileSize() { + accessFileSize=$(wc -c "$1" | cut -f 1 -d ' ') + errorFileSize=$(wc -c "$2" | cut -f 1 -d ' ') + fileSize=$((accessFileSize + errorFileSize)) + if [ $fileSize -ge 102400000 ]; then + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "WARN: There are currently large log files which may use up your allowed volume. Please rotate your logs before continuing. Would you like to continue now anyway? (yes/no)" yn + case $yn in + [Yy]*) + logMsgToConfigSysLog "INFO" "INFO: Current nginx logs size is $fileSize bytes. Continuing with nginx Loggly configuration." + break + ;; + [Nn]*) + logMsgToConfigSysLog "INFO" "INFO: Current nginx logs size is $fileSize bytes. Discontinuing with nginx Loggly configuration." + exit 1 + break + ;; + *) echo "Please answer yes or no." ;; + esac + done + else + logMsgToConfigSysLog "WARN" "WARN: There are currently large log files which may use up your allowed volume." + logMsgToConfigSysLog "INFO" "INFO: Current nginx logs size is $fileSize bytes. Continuing with nginx Loggly configuration." + fi + elif [ $fileSize -eq 0 ]; then + logMsgToConfigSysLog "WARN" "WARN: There are no recent logs from nginx there so won't be any sent to Loggly. You can generate some logs by visiting a page on your web server." + exit 1 + fi } -write21NginxConfFile() -{ - #Create nginx syslog config file if it doesn't exist - echo "INFO: Checking if nginx sysconf file $NGINX_SYSLOG_CONFFILE exist." - if [ -f "$NGINX_SYSLOG_CONFFILE" ]; then - logMsgToConfigSysLog "WARN" "WARN: nginx syslog file $NGINX_SYSLOG_CONFFILE already exist." - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; do - read -p "Do you wish to override $NGINX_SYSLOG_CONFFILE? (yes/no)" yn - case $yn in - [Yy]* ) - logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $NGINX_SYSLOG_CONFFILE to $NGINX_SYSLOG_CONFFILE_BACKUP"; - sudo mv -f $NGINX_SYSLOG_CONFFILE $NGINX_SYSLOG_CONFFILE_BACKUP; - write21NginxFileContents; - break;; - [Nn]* ) break;; - * ) echo "Please answer yes or no.";; - esac - done - else - logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $NGINX_SYSLOG_CONFFILE to $NGINX_SYSLOG_CONFFILE_BACKUP"; - sudo mv -f $NGINX_SYSLOG_CONFFILE $NGINX_SYSLOG_CONFFILE_BACKUP; - write21NginxFileContents; - fi - else - write21NginxFileContents - fi +write21NginxConfFile() { + #Create nginx syslog config file if it doesn't exist + echo "INFO: Checking if nginx sysconf file $NGINX_SYSLOG_CONFFILE exist." + if [ -f "$NGINX_SYSLOG_CONFFILE" ]; then + logMsgToConfigSysLog "WARN" "WARN: nginx syslog file $NGINX_SYSLOG_CONFFILE already exist." + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "Do you wish to override $NGINX_SYSLOG_CONFFILE? (yes/no)" yn + case $yn in + [Yy]*) + logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $NGINX_SYSLOG_CONFFILE to $NGINX_SYSLOG_CONFFILE_BACKUP" + sudo mv -f $NGINX_SYSLOG_CONFFILE $NGINX_SYSLOG_CONFFILE_BACKUP + write21NginxFileContents + break + ;; + [Nn]*) break ;; + *) echo "Please answer yes or no." ;; + esac + done + else + logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $NGINX_SYSLOG_CONFFILE to $NGINX_SYSLOG_CONFFILE_BACKUP" + sudo mv -f $NGINX_SYSLOG_CONFFILE $NGINX_SYSLOG_CONFFILE_BACKUP + write21NginxFileContents + fi + else + write21NginxFileContents + fi } -addTagsInConfiguration() -{ - #split tags by comman(,) - IFS=, read -a array <<< "$LOGGLY_FILE_TAG" - for i in "${array[@]}" - do - TAG="$TAG tag=\\\"$i\\\" " - done +addTagsInConfiguration() { + #split tags by comman(,) + IFS=, read -a array <<<"$LOGGLY_FILE_TAG" + for i in "${array[@]}"; do + TAG="$TAG tag=\\\"$i\\\" " + done } #function to write the contents of nginx syslog config file -write21NginxFileContents() -{ - logMsgToConfigSysLog "INFO" "INFO: Creating file $NGINX_SYSLOG_CONFFILE" - sudo touch $NGINX_SYSLOG_CONFFILE - sudo chmod o+w $NGINX_SYSLOG_CONFFILE - - commonContent=" - \$ModLoad imfile - \$InputFilePollInterval 10 - \$WorkDirectory $RSYSLOG_DIR - " - if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then - commonContent+="\$PrivDropToGroup adm - " - fi - - imfileStr+=$commonContent" - - \$ActionSendStreamDriver gtls - \$ActionSendStreamDriverMode 1 - \$ActionSendStreamDriverAuthMode x509/name - \$ActionSendStreamDriverPermittedPeer *.loggly.com - - #RsyslogGnuTLS - \$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt - - # nginx access file: - \$InputFileName $LOGGLY_NGINX_LOG_HOME/$NGINX_ACCESS_LOG_FILE - \$InputFileTag nginx-access: - \$InputFileStateFile stat-nginx-access - \$InputFileSeverity info - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - - #nginx Error file: - \$InputFileName $LOGGLY_NGINX_LOG_HOME/$NGINX_ERROR_LOG_FILE - \$InputFileTag nginx-error: - \$InputFileStateFile stat-nginx-error - \$InputFileSeverity error - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - - #Add a tag for nginx events - \$template LogglyFormatNginx,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" - - if \$programname == 'nginx-access' then @@logs-01.loggly.com:6514;LogglyFormatNginx - if \$programname == 'nginx-access' then ~ - if \$programname == 'nginx-error' then @@logs-01.loggly.com:6514;LogglyFormatNginx - if \$programname == 'nginx-error' then ~ - " - - imfileStrNonTls=$commonContent" - # nginx access file: - \$InputFileName $LOGGLY_NGINX_LOG_HOME/$NGINX_ACCESS_LOG_FILE - \$InputFileTag nginx-access: - \$InputFileStateFile stat-nginx-access - \$InputFileSeverity info - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - - #nginx Error file: - \$InputFileName $LOGGLY_NGINX_LOG_HOME/$NGINX_ERROR_LOG_FILE - \$InputFileTag nginx-error: - \$InputFileStateFile stat-nginx-error - \$InputFileSeverity error - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - - #Add a tag for nginx events - \$template LogglyFormatNginx,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" - - if \$programname == 'nginx-access' then @@logs-01.loggly.com:514;LogglyFormatNginx - if \$programname == 'nginx-access' then ~ - if \$programname == 'nginx-error' then @@logs-01.loggly.com:514;LogglyFormatNginx - if \$programname == 'nginx-error' then ~ - " - - if [ $TLS_SENDING == "false" ]; - then - imfileStr=$imfileStrNonTls - fi - - #change the nginx-21 file to variable from above and also take the directory of the nginx log file. -sudo cat << EOIPFW >> $NGINX_SYSLOG_CONFFILE +write21NginxFileContents() { + logMsgToConfigSysLog "INFO" "INFO: Creating file $NGINX_SYSLOG_CONFFILE" + sudo touch $NGINX_SYSLOG_CONFFILE + sudo chmod o+w $NGINX_SYSLOG_CONFFILE + + commonContent=" + \$ModLoad imfile + \$InputFilePollInterval 10 + \$WorkDirectory $RSYSLOG_DIR + " + if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then + commonContent+="\$PrivDropToGroup adm + " + fi + + imfileStr+=$commonContent" + + \$ActionSendStreamDriver gtls + \$ActionSendStreamDriverMode 1 + \$ActionSendStreamDriverAuthMode x509/name + \$ActionSendStreamDriverPermittedPeer *.loggly.com + + #RsyslogGnuTLS + \$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt + + # nginx access file: + \$InputFileName $LOGGLY_NGINX_LOG_HOME/$NGINX_ACCESS_LOG_FILE + \$InputFileTag nginx-access: + \$InputFileStateFile stat-nginx-access + \$InputFileSeverity info + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #nginx Error file: + \$InputFileName $LOGGLY_NGINX_LOG_HOME/$NGINX_ERROR_LOG_FILE + \$InputFileTag nginx-error: + \$InputFileStateFile stat-nginx-error + \$InputFileSeverity error + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #Add a tag for nginx events + \$template LogglyFormatNginx,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" + + if \$programname == 'nginx-access' then @@logs-01.loggly.com:6514;LogglyFormatNginx + if \$programname == 'nginx-access' then ~ + if \$programname == 'nginx-error' then @@logs-01.loggly.com:6514;LogglyFormatNginx + if \$programname == 'nginx-error' then ~ + " + + imfileStrNonTls=$commonContent" + # nginx access file: + \$InputFileName $LOGGLY_NGINX_LOG_HOME/$NGINX_ACCESS_LOG_FILE + \$InputFileTag nginx-access: + \$InputFileStateFile stat-nginx-access + \$InputFileSeverity info + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #nginx Error file: + \$InputFileName $LOGGLY_NGINX_LOG_HOME/$NGINX_ERROR_LOG_FILE + \$InputFileTag nginx-error: + \$InputFileStateFile stat-nginx-error + \$InputFileSeverity error + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #Add a tag for nginx events + \$template LogglyFormatNginx,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" + + if \$programname == 'nginx-access' then @@logs-01.loggly.com:514;LogglyFormatNginx + if \$programname == 'nginx-access' then ~ + if \$programname == 'nginx-error' then @@logs-01.loggly.com:514;LogglyFormatNginx + if \$programname == 'nginx-error' then ~ + " + + if [ $TLS_SENDING == "false" ]; then + imfileStr=$imfileStrNonTls + fi + + #change the nginx-21 file to variable from above and also take the directory of the nginx log file. + sudo cat <>$NGINX_SYSLOG_CONFFILE $imfileStr EOIPFW - restartRsyslog + restartRsyslog } #checks if the nginx logs made to loggly -checkIfNginxLogsMadeToLoggly() -{ - counter=1 - maxCounter=10 - - nginxInitialLogCount=0 - nginxLatestLogCount=0 - - TAGS= - IFS=, read -a array <<< "$LOGGLY_FILE_TAG" - for i in "${array[@]}" - do - if [ "$TAGS" == "" ]; then - TAGS="tag%3A$i" - else - TAGS="$TAGS%20tag%3A$i" - fi - done - - queryParam="$TAGS&from=-15m&until=now&size=1" - queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" - logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" - - logMsgToConfigSysLog "INFO" "INFO: Getting initial nginx log count." - #get the initial count of nginx logs for past 15 minutes - searchAndFetch nginxInitialLogCount "$queryUrl" - - logMsgToConfigSysLog "INFO" "INFO: Verifying if the nginx logs made it to Loggly." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - #get the final count of nginx logs for past 15 minutes - searchAndFetch nginxLatestLogCount "$queryUrl" - let counter=$counter+1 - - while [ "$nginxLatestLogCount" -le "$nginxInitialLogCount" ]; do - echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." - sleep 30 - echo "INFO: Done waiting. Verifying again." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - searchAndFetch nginxLatestLogCount "$queryUrl" - let counter=$counter+1 - if [ "$counter" -gt "$maxCounter" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Nginx logs did not make to Loggly in time. Please check network and firewall settings and retry." - exit 1 - fi - done - - if [ "$nginxLatestLogCount" -gt "$nginxInitialLogCount" ]; then - logMsgToConfigSysLog "INFO" "INFO: Nginx logs successfully transferred to Loggly! You are now sending Nginx logs to Loggly." - checkIfLogsAreParsedInLoggly - fi +checkIfNginxLogsMadeToLoggly() { + counter=1 + maxCounter=10 + + nginxInitialLogCount=0 + nginxLatestLogCount=0 + + TAGS= + IFS=, read -a array <<<"$LOGGLY_FILE_TAG" + for i in "${array[@]}"; do + if [ "$TAGS" == "" ]; then + TAGS="tag%3A$i" + else + TAGS="$TAGS%20tag%3A$i" + fi + done + + queryParam="$TAGS&from=-15m&until=now&size=1" + queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" + logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Getting initial nginx log count." + #get the initial count of nginx logs for past 15 minutes + searchAndFetch nginxInitialLogCount "$queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Verifying if the nginx logs made it to Loggly." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + #get the final count of nginx logs for past 15 minutes + searchAndFetch nginxLatestLogCount "$queryUrl" + let counter=$counter+1 + + while [ "$nginxLatestLogCount" -le "$nginxInitialLogCount" ]; do + echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." + sleep 30 + echo "INFO: Done waiting. Verifying again." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch nginxLatestLogCount "$queryUrl" + let counter=$counter+1 + if [ "$counter" -gt "$maxCounter" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Nginx logs did not make to Loggly in time. Please check network and firewall settings and retry." + exit 1 + fi + done + + if [ "$nginxLatestLogCount" -gt "$nginxInitialLogCount" ]; then + logMsgToConfigSysLog "INFO" "INFO: Nginx logs successfully transferred to Loggly! You are now sending Nginx logs to Loggly." + checkIfLogsAreParsedInLoggly + fi } #verifying if the logs are being parsed or not -checkIfLogsAreParsedInLoggly() -{ - nginxInitialLogCount=0 - TAG_PARSER= - IFS=, read -a array <<< "$LOGGLY_FILE_TAG" - for i in "${array[@]}" - do - TAG_PARSER="$TAG_PARSER%20tag%3A$i " - done - queryParam="logtype%3Anginx$TAG_PARSER&from=-15m&until=now&size=1" - queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" - searchAndFetch nginxInitialLogCount "$queryUrl" - logMsgToConfigSysLog "INFO" "INFO: Verifying if the Nginx logs are parsed in Loggly." - if [ "$nginxInitialLogCount" -gt 0 ]; then - logMsgToConfigSysLog "INFO" "INFO: Nginx logs successfully parsed in Loggly!" - else - logMsgToConfigSysLog "WARN" "WARN: We received your logs but they do not appear to use one of our automatically parsed formats. You can still do full text search and counts on these logs, but you won't be able to use our field explorer. Please consider switching to one of our automated formats https://www.loggly.com/docs/automated-parsing/" - fi +checkIfLogsAreParsedInLoggly() { + nginxInitialLogCount=0 + TAG_PARSER= + IFS=, read -a array <<<"$LOGGLY_FILE_TAG" + for i in "${array[@]}"; do + TAG_PARSER="$TAG_PARSER%20tag%3A$i " + done + queryParam="logtype%3Anginx$TAG_PARSER&from=-15m&until=now&size=1" + queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" + searchAndFetch nginxInitialLogCount "$queryUrl" + logMsgToConfigSysLog "INFO" "INFO: Verifying if the Nginx logs are parsed in Loggly." + if [ "$nginxInitialLogCount" -gt 0 ]; then + logMsgToConfigSysLog "INFO" "INFO: Nginx logs successfully parsed in Loggly!" + else + logMsgToConfigSysLog "WARN" "WARN: We received your logs but they do not appear to use one of our automatically parsed formats. You can still do full text search and counts on these logs, but you won't be able to use our field explorer. Please consider switching to one of our automated formats https://www.loggly.com/docs/automated-parsing/" + fi } #remove 21nginx.conf file -remove21NginxConfFile() -{ - echo "INFO: Deleting the loggly nginx syslog conf file." - if [ -f "$NGINX_SYSLOG_CONFFILE" ]; then - sudo rm -rf "$NGINX_SYSLOG_CONFFILE" - fi - echo "INFO: Removed all the modified files." - restartRsyslog +remove21NginxConfFile() { + echo "INFO: Deleting the loggly nginx syslog conf file." + if [ -f "$NGINX_SYSLOG_CONFFILE" ]; then + sudo rm -rf "$NGINX_SYSLOG_CONFFILE" + fi + echo "INFO: Removed all the modified files." + restartRsyslog } #display usage syntax -usage() -{ -cat << EOF +usage() { + cat < /dev/null; then - logMsgToConfigSysLog "ERROR" "ERROR: $LOGGLY_S3_ALIAS is already taken. Please try with another one." - exit 1 - fi +checkIfS3AliasAlreadyTaken() { + if ls $RSYSLOG_ETCDIR_CONF/*$LOGGLY_S3_ALIAS.conf &>/dev/null; then + logMsgToConfigSysLog "ERROR" "ERROR: $LOGGLY_S3_ALIAS is already taken. Please try with another one." + exit 1 + fi } #check if s3cmd utility is installed and configured -checkIfS3cmdInstalledAndConfigured() -{ - if hash s3cmd 2>/dev/null; then - checkIfS3cmdConfigured - else - logMsgToConfigSysLog "INFO" "INFO: s3cmd is not present on your system. Setting it up on your system" - downloadS3cmd - configureS3cmd - fi +checkIfS3cmdInstalledAndConfigured() { + if hash s3cmd 2>/dev/null; then + checkIfS3cmdConfigured + else + logMsgToConfigSysLog "INFO" "INFO: s3cmd is not present on your system. Setting it up on your system" + downloadS3cmd + configureS3cmd + fi } #check if s3cmd utility is configured -checkIfS3cmdConfigured() -{ - var=$(sudo s3cmd ls 2>/dev/null) - if [ "$var" != "" ]; then - if [ "$IS_S3CMD_CONFIGURED_BY_SCRIPT" == "false" ]; then - logMsgToConfigSysLog "INFO" "INFO: s3cmd is already configured on your system" - else - logMsgToConfigSysLog "INFO" "INFO: s3cmd configured successfully" - fi - else - if [ "$IS_S3CMD_CONFIGURED_BY_SCRIPT" == "false" ]; then - logMsgToConfigSysLog "INFO" "INFO: s3cmd is not configured on your system. Trying to configure." - configureS3cmd - else - logMsgToConfigSysLog "ERROR" "ERROR: s3cmd is not configured correctly. Please configure s3cmd using command s3cmd --configure" - exit 1 - fi - fi +checkIfS3cmdConfigured() { + var=$(sudo s3cmd ls 2>/dev/null) + if [ "$var" != "" ]; then + if [ "$IS_S3CMD_CONFIGURED_BY_SCRIPT" == "false" ]; then + logMsgToConfigSysLog "INFO" "INFO: s3cmd is already configured on your system" + else + logMsgToConfigSysLog "INFO" "INFO: s3cmd configured successfully" + fi + else + if [ "$IS_S3CMD_CONFIGURED_BY_SCRIPT" == "false" ]; then + logMsgToConfigSysLog "INFO" "INFO: s3cmd is not configured on your system. Trying to configure." + configureS3cmd + else + logMsgToConfigSysLog "ERROR" "ERROR: s3cmd is not configured correctly. Please configure s3cmd using command s3cmd --configure" + exit 1 + fi + fi } #download and install s3cmd -downloadS3cmd() -{ - #checking if the Linux is yum based or apt-get based - YUM_BASED=$(command -v yum) - APT_GET_BASED=$(command -v apt-get) - - if [ "$YUM_BASED" != "" ]; then - sudo yum install s3cmd || { logMsgToConfigSysLog "ERROR" "ERROR: s3cmd installation failed on $LINUX_DIST. Please ensure you have EPEL installed." ; exit 1; } - elif [ "$APT_GET_BASED" != "" ]; then - sudo apt-get install s3cmd || { logMsgToConfigSysLog "ERROR" "ERROR: s3cmd installation failed on $LINUX_DIST." ; exit 1; } - else - logMsgToConfigSysLog "ERROR" "ERROR: s3cmd installation failed on $LINUX_DIST." - exit 1 - fi +downloadS3cmd() { + #checking if the Linux is yum based or apt-get based + YUM_BASED=$(command -v yum) + APT_GET_BASED=$(command -v apt-get) + + if [ "$YUM_BASED" != "" ]; then + sudo yum install s3cmd || { + logMsgToConfigSysLog "ERROR" "ERROR: s3cmd installation failed on $LINUX_DIST. Please ensure you have EPEL installed." + exit 1 + } + elif [ "$APT_GET_BASED" != "" ]; then + sudo apt-get install s3cmd || { + logMsgToConfigSysLog "ERROR" "ERROR: s3cmd installation failed on $LINUX_DIST." + exit 1 + } + else + logMsgToConfigSysLog "ERROR" "ERROR: s3cmd installation failed on $LINUX_DIST." + exit 1 + fi } #configure s3cmd -configureS3cmd() -{ - sudo s3cmd --configure - IS_S3CMD_CONFIGURED_BY_SCRIPT="true" - #check if s3cmd configured successfully now - checkIfS3cmdConfigured +configureS3cmd() { + sudo s3cmd --configure + IS_S3CMD_CONFIGURED_BY_SCRIPT="true" + #check if s3cmd configured successfully now + checkIfS3cmdConfigured } #check if s3bucket is valid -checkIfValidS3Bucket() -{ - #check if valid Bucket name - if [[ $LOGGLY_S3_BUCKET_NAME != s3://* ]]; then - logMsgToConfigSysLog "Error" "Error: Invalid s3 Bucket name. Bucket name should start with 's3://'" - exit 1 - fi - - if [ "$LOGGLY_S3_BUCKET_NAME" != "" ]; then - logMsgToConfigSysLog "INFO" "INFO: Check if valid S3 Bucket name." - BUCKET_INFO=$(sudo s3cmd ls -r $LOGGLY_S3_BUCKET_NAME 2>&1) - case $BUCKET_INFO in - ERROR*) - #logging actual error message returned by s3cmd - logMsgToConfigSysLog "ERROR" "$BUCKET_INFO" - exit 1 - ;; - "") - logMsgToConfigSysLog "ERROR" "ERROR: No files found in the S3 Bucket $LOGGLY_S3_BUCKET_NAME." - exit 1 - ;; - *) - logMsgToConfigSysLog "INFO" "INFO: '$LOGGLY_S3_BUCKET_NAME' is a valid Bucket and accessible." - ;; - esac - fi +checkIfValidS3Bucket() { + #check if valid Bucket name + if [[ $LOGGLY_S3_BUCKET_NAME != s3://* ]]; then + logMsgToConfigSysLog "Error" "Error: Invalid s3 Bucket name. Bucket name should start with 's3://'" + exit 1 + fi + + if [ "$LOGGLY_S3_BUCKET_NAME" != "" ]; then + logMsgToConfigSysLog "INFO" "INFO: Check if valid S3 Bucket name." + BUCKET_INFO=$(sudo s3cmd ls -r $LOGGLY_S3_BUCKET_NAME 2>&1) + case $BUCKET_INFO in + ERROR*) + #logging actual error message returned by s3cmd + logMsgToConfigSysLog "ERROR" "$BUCKET_INFO" + exit 1 + ;; + "") + logMsgToConfigSysLog "ERROR" "ERROR: No files found in the S3 Bucket $LOGGLY_S3_BUCKET_NAME." + exit 1 + ;; + *) + logMsgToConfigSysLog "INFO" "INFO: '$LOGGLY_S3_BUCKET_NAME' is a valid Bucket and accessible." + ;; + esac + fi } - -createTempDir() -{ - TEMP_DIR=/tmp/s3monitoring/$LOGGLY_S3_ALIAS - if [ -d "$TEMP_DIR" ]; then - if [ "$(ls -A $TEMP_DIR)" ]; then - logMsgToConfigSysLog "WARN" "WARN: There are some files/folders already present in $TEMP_DIR. If you continue, the files currently inside the $TEMP_DIR will also be configured to send logs to loggly." - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; do - read -p "Would you like to continue now anyway? (yes/no)" yn - case $yn in - [Yy]* ) - break;; - [Nn]* ) - logMsgToConfigSysLog "INFO" "INFO: Discontinuing with s3 file monitoring configuration." - exit 1 - break;; - * ) echo "Please answer yes or no.";; - esac - done - fi - fi - else - if [ -d "/tmp/s3monitoring" ]; then - mkdir /tmp/s3monitoring/$LOGGLY_S3_ALIAS - else - mkdir /tmp/s3monitoring - mkdir /tmp/s3monitoring/$LOGGLY_S3_ALIAS - fi - fi +createTempDir() { + TEMP_DIR=/tmp/s3monitoring/$LOGGLY_S3_ALIAS + if [ -d "$TEMP_DIR" ]; then + if [ "$(ls -A $TEMP_DIR)" ]; then + logMsgToConfigSysLog "WARN" "WARN: There are some files/folders already present in $TEMP_DIR. If you continue, the files currently inside the $TEMP_DIR will also be configured to send logs to loggly." + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "Would you like to continue now anyway? (yes/no)" yn + case $yn in + [Yy]*) + break + ;; + [Nn]*) + logMsgToConfigSysLog "INFO" "INFO: Discontinuing with s3 file monitoring configuration." + exit 1 + break + ;; + *) echo "Please answer yes or no." ;; + esac + done + fi + fi + else + if [ -d "/tmp/s3monitoring" ]; then + mkdir /tmp/s3monitoring/$LOGGLY_S3_ALIAS + else + mkdir /tmp/s3monitoring + mkdir /tmp/s3monitoring/$LOGGLY_S3_ALIAS + fi + fi } -downloadS3Bucket() -{ - if [ "$LOGGLY_S3_BUCKET_NAME" != "" ]; then - #Files are downloaded in nested directory - cd $TEMP_DIR - echo "Downloading files, may take some time..." - sudo s3cmd get -r -f $LOGGLY_S3_BUCKET_NAME > /dev/null 2>&1 - if [ $? -ne 0 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Error downloading files recursively from $LOGGLY_S3_BUCKET_NAME" - exit 1 - fi - fi +downloadS3Bucket() { + if [ "$LOGGLY_S3_BUCKET_NAME" != "" ]; then + #Files are downloaded in nested directory + cd $TEMP_DIR + echo "Downloading files, may take some time..." + sudo s3cmd get -r -f $LOGGLY_S3_BUCKET_NAME >/dev/null 2>&1 + if [ $? -ne 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Error downloading files recursively from $LOGGLY_S3_BUCKET_NAME" + exit 1 + fi + fi } -invokeS3FileMonitoring() -{ - dir=/tmp/s3monitoring/$LOGGLY_S3_ALIAS - LOGGLY_FILE_TO_MONITOR=$dir - - configureDirectoryFileMonitoring +invokeS3FileMonitoring() { + dir=/tmp/s3monitoring/$LOGGLY_S3_ALIAS + LOGGLY_FILE_TO_MONITOR=$dir + + configureDirectoryFileMonitoring - IS_ANY_FILE_CONFIGURED="true" + IS_ANY_FILE_CONFIGURED="true" - if [ "$IS_ANY_FILE_CONFIGURED" != "false" ]; then - restartRsyslog - fi + if [ "$IS_ANY_FILE_CONFIGURED" != "false" ]; then + restartRsyslog + fi } -installCronToSyncS3BucketPeriodically() -{ - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; do - read -p "Would you like install a Cron job to sync the files currently in your bucket every 5 minutes? (yes/no)" yn - case $yn in - [Yy]* ) - doS3CronInstallation - break;; - [Nn]* ) - logMsgToConfigSysLog "INFO" "INFO: Skipping Cron installation." - break;; - * ) echo "Please answer yes or no.";; - esac - done - else - doS3CronInstallation - fi +installCronToSyncS3BucketPeriodically() { + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "Would you like install a Cron job to sync the files currently in your bucket every 5 minutes? (yes/no)" yn + case $yn in + [Yy]*) + doS3CronInstallation + break + ;; + [Nn]*) + logMsgToConfigSysLog "INFO" "INFO: Skipping Cron installation." + break + ;; + *) echo "Please answer yes or no." ;; + esac + done + else + doS3CronInstallation + fi } -doS3CronInstallation() -{ - #copying .s3cfg file to /root so that it can be used by crontab for sync - if ! sudo test -f "/root/.s3cfg" ; then - sudo cp $HOME/.s3cfg /root - fi - - CRON_FILE="/tmp/s3monitoring/cron_$LOGGLY_S3_ALIAS" - CRON_SYNC_PATH="/tmp/s3monitoring/$LOGGLY_S3_ALIAS" - - #checking if the provided s3 path if of directory or file - IS_DIR="true" - BUCKET_URL_LAST_VALUE=$(echo ${LOGGLY_S3_BUCKET_NAME##*/}) - - if [ "$BUCKET_URL_LAST_VALUE" != "" ]; then - for fle in $(find $CRON_SYNC_PATH -name $BUCKET_URL_LAST_VALUE) - do - if [ -f $fle ]; then - IS_DIR="false" - break - fi - done - fi - - #adding file name to the sync folder as the bucket path is - #provided upto a file - if [ "$IS_DIR" == "false" ]; then - CRON_SYNC_PATH="$CRON_SYNC_PATH/$BUCKET_URL_LAST_VALUE" - fi - - logMsgToConfigSysLog "INFO" "INFO: Creating a Cron job to sync $LOGGLY_S3_BUCKET_NAME files to $CRON_SYNC_PATH in every five minutes." - - #setting up cron job - CRON_JOB_TO_SYNC_S3_BUCKET="*/5 * * * * s3cmd sync $LOGGLY_S3_BUCKET_NAME --preserve $CRON_SYNC_PATH" - - EXISTING_CRONS=$(sudo crontab -l 2>&1) - case $EXISTING_CRONS in - no*) - ;; - *) - echo "$EXISTING_CRONS" >> $CRON_FILE - ;; - esac - - echo "$CRON_JOB_TO_SYNC_S3_BUCKET" >> $CRON_FILE - sudo crontab $CRON_FILE - sudo rm -fr $CRON_FILE +doS3CronInstallation() { + #copying .s3cfg file to /root so that it can be used by crontab for sync + if ! sudo test -f "/root/.s3cfg"; then + sudo cp $HOME/.s3cfg /root + fi + + CRON_FILE="/tmp/s3monitoring/cron_$LOGGLY_S3_ALIAS" + CRON_SYNC_PATH="/tmp/s3monitoring/$LOGGLY_S3_ALIAS" + + #checking if the provided s3 path if of directory or file + IS_DIR="true" + BUCKET_URL_LAST_VALUE=$(echo ${LOGGLY_S3_BUCKET_NAME##*/}) + + if [ "$BUCKET_URL_LAST_VALUE" != "" ]; then + for fle in $(find $CRON_SYNC_PATH -name $BUCKET_URL_LAST_VALUE); do + if [ -f $fle ]; then + IS_DIR="false" + break + fi + done + fi + + #adding file name to the sync folder as the bucket path is + #provided upto a file + if [ "$IS_DIR" == "false" ]; then + CRON_SYNC_PATH="$CRON_SYNC_PATH/$BUCKET_URL_LAST_VALUE" + fi + + logMsgToConfigSysLog "INFO" "INFO: Creating a Cron job to sync $LOGGLY_S3_BUCKET_NAME files to $CRON_SYNC_PATH in every five minutes." + + #setting up cron job + CRON_JOB_TO_SYNC_S3_BUCKET="*/5 * * * * s3cmd sync $LOGGLY_S3_BUCKET_NAME --preserve $CRON_SYNC_PATH" + + EXISTING_CRONS=$(sudo crontab -l 2>&1) + case $EXISTING_CRONS in + no*) ;; + + *) + echo "$EXISTING_CRONS" >>$CRON_FILE + ;; + esac + + echo "$CRON_JOB_TO_SYNC_S3_BUCKET" >>$CRON_FILE + sudo crontab $CRON_FILE + sudo rm -fr $CRON_FILE } -deleteTempDir() -{ - if [ -d "$TEMP_DIR" ]; then - sudo rm -fr $TEMP_DIR - fi +deleteTempDir() { + if [ -d "$TEMP_DIR" ]; then + sudo rm -fr $TEMP_DIR + fi } -checkIfS3LogsMadeToLoggly() -{ - counter=1 - maxCounter=10 - - fileInitialLogCount=0 - fileLatestLogCount=0 - queryParam="syslog.appName%3A%2A$LOGGLY_S3_ALIAS&from=-5m&until=now&size=1" - - queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" - logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" - - logMsgToConfigSysLog "INFO" "INFO: Verifying if the logs made it to Loggly." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - #get the final count of file logs for past 5 minutes - searchAndFetch fileLatestLogCount "$queryUrl" - let counter=$counter+1 - - while [ "$fileLatestLogCount" -le "$fileInitialLogCount" ]; do - echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." - sleep 30 - echo "INFO: Done waiting. Verifying again." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - searchAndFetch fileLatestLogCount "$queryUrl" - let counter=$counter+1 - if [ "$counter" -gt "$maxCounter" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: S3 logs did not make to Loggly in time. Please check network and firewall settings and retry." - exit 1 - fi - done - - if [ "$fileLatestLogCount" -gt "$fileInitialLogCount" ]; then - if [ "$LOGGLY_S3_BUCKET_NAME" != "" ]; then - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Logs successfully transferred to Loggly! You are now sending $LOGGLY_S3_BUCKET_NAME logs to Loggly." - - fi - fi +checkIfS3LogsMadeToLoggly() { + counter=1 + maxCounter=10 + + fileInitialLogCount=0 + fileLatestLogCount=0 + queryParam="syslog.appName%3A%2A$LOGGLY_S3_ALIAS&from=-5m&until=now&size=1" + + queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" + logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Verifying if the logs made it to Loggly." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + #get the final count of file logs for past 5 minutes + searchAndFetch fileLatestLogCount "$queryUrl" + let counter=$counter+1 + + while [ "$fileLatestLogCount" -le "$fileInitialLogCount" ]; do + echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." + sleep 30 + echo "INFO: Done waiting. Verifying again." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch fileLatestLogCount "$queryUrl" + let counter=$counter+1 + if [ "$counter" -gt "$maxCounter" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: S3 logs did not make to Loggly in time. Please check network and firewall settings and retry." + exit 1 + fi + done + + if [ "$fileLatestLogCount" -gt "$fileInitialLogCount" ]; then + if [ "$LOGGLY_S3_BUCKET_NAME" != "" ]; then + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Logs successfully transferred to Loggly! You are now sending $LOGGLY_S3_BUCKET_NAME logs to Loggly." + + fi + fi } -checkIfS3AliasExist() -{ - if ! ls $RSYSLOG_ETCDIR_CONF/*$LOGGLY_S3_ALIAS.conf &> /dev/null; then - #logMsgToConfigSysLog "INFO" "INFO: $LOGGLY_S3_ALIAS found." - #else - logMsgToConfigSysLog "ERROR" "ERROR: $LOGGLY_S3_ALIAS does not exist. Please provide the correct s3 alias." - exit 1 - fi +checkIfS3AliasExist() { + if ! ls $RSYSLOG_ETCDIR_CONF/*$LOGGLY_S3_ALIAS.conf &>/dev/null; then + #logMsgToConfigSysLog "INFO" "INFO: $LOGGLY_S3_ALIAS found." + #else + logMsgToConfigSysLog "ERROR" "ERROR: $LOGGLY_S3_ALIAS does not exist. Please provide the correct s3 alias." + exit 1 + fi } -removeS3FileMonitoring() -{ - FILES=$RSYSLOG_ETCDIR_CONF/*$LOGGLY_S3_ALIAS.conf - for f in $FILES - do - aliasName=${f##*/} - aliasName=${aliasName%.*} - aliasName=${aliasName#21-filemonitoring-} - - LOGGLY_FILE_TO_MONITOR_ALIAS=$aliasName - constructFileVariables - remove21ConfFile - done - echo "INFO: Removed all the modified files." - restartRsyslog +removeS3FileMonitoring() { + FILES=$RSYSLOG_ETCDIR_CONF/*$LOGGLY_S3_ALIAS.conf + for f in $FILES; do + aliasName=${f##*/} + aliasName=${aliasName%.*} + aliasName=${aliasName#21-filemonitoring-} + + LOGGLY_FILE_TO_MONITOR_ALIAS=$aliasName + constructFileVariables + remove21ConfFile + done + echo "INFO: Removed all the modified files." + restartRsyslog } -deleteS3CronFromCrontab() -{ - logMsgToConfigSysLog "INFO" "INFO: Deleting sync Cron." - sudo crontab -l | grep -v "/tmp/s3monitoring/$LOGGLY_S3_ALIAS" | crontab - +deleteS3CronFromCrontab() { + logMsgToConfigSysLog "INFO" "INFO: Deleting sync Cron." + sudo crontab -l | grep -v "/tmp/s3monitoring/$LOGGLY_S3_ALIAS" | crontab - } #display usage syntax -usage() -{ -cat << EOF +usage() { + cat <= to 6.0.33." - TOMCAT_VERSION=6.0.33.0 - fi - fi - - #get the tomcat version number - if [ -f "$CATALINA_JAR_PATH" ]; then - TOMCAT_VERSION=$(sudo java -cp $CATALINA_JAR_PATH org.apache.catalina.util.ServerInfo | grep "Server number") - TOMCAT_VERSION=${TOMCAT_VERSION#*: } - TOMCAT_VERSION=$TOMCAT_VERSION | tr -d ' ' - APP_TAG="\"tomcat-version\":\"$TOMCAT_VERSION\"" - fi +getTomcatVersion() { + #check if the identified CATALINA_HOME has the catalina.jar + if [ ! -f "$CATALINA_JAR_PATH" ]; then + #if not, search it throughout the system. If we find no entries or more than + #1 entry, then we cannot determine the version of the tomcat + logMsgToConfigSysLog "INFO" "INFO: Could not find catalina.jar in $LOGGLY_CATALINA_HOME/lib. Searching at other locations, this may take some time." + if [ $(sudo find / -name catalina.jar | grep $SERVICE | wc -l) = 1 ]; then + CATALINA_JAR_PATH=$(sudo find / -name catalina.jar | grep $SERVICE) + logMsgToConfigSysLog "INFO" "INFO: Found catalina.jar at $CATALINA_JAR_PATH" + else + logMsgToConfigSysLog "WARNING" "WARNING: Unable to determine the correct version of tomcat 6. Assuming its >= to 6.0.33." + TOMCAT_VERSION=6.0.33.0 + fi + fi + + #get the tomcat version number + if [ -f "$CATALINA_JAR_PATH" ]; then + TOMCAT_VERSION=$(sudo java -cp $CATALINA_JAR_PATH org.apache.catalina.util.ServerInfo | grep "Server number") + TOMCAT_VERSION=${TOMCAT_VERSION#*: } + TOMCAT_VERSION=$TOMCAT_VERSION | tr -d ' ' + APP_TAG="\"tomcat-version\":\"$TOMCAT_VERSION\"" + fi } #checks if the tomcat version is supported by this script, currently the script #only supports tomcat 6 and tomcat 7 -checkIfSupportedTomcatVersion() -{ - tomcatMajorVersion=${TOMCAT_VERSION%%.*} - if [[ ($tomcatMajorVersion -ne 6 ) && ($tomcatMajorVersion -ne 7) && ($tomcatMajorVersion -ne 8) ]]; then - logMsgToConfigSysLog "ERROR" "ERROR: This script only supports Tomcat version 6, 7 or 8." - exit 1 - fi +checkIfSupportedTomcatVersion() { + tomcatMajorVersion=${TOMCAT_VERSION%%.*} + if [[ ($tomcatMajorVersion -ne 6) && ($tomcatMajorVersion -ne 7) && ($tomcatMajorVersion -ne 8) ]]; then + logMsgToConfigSysLog "ERROR" "ERROR: This script only supports Tomcat version 6, 7 or 8." + exit 1 + fi } #checks if the tomcat is already configured with log4j. If yes, then exit -checkIfTomcatConfiguredWithLog4J() -{ - echo "INFO: Checking if tomcat is configured with log4j logger." - #default path for log4j files - LOG4J_FILE_PATH=$LOGGLY_CATALINA_HOME/lib/log4j* - #check if the log4j files are present, if yes, then exit - if ls $LOG4J_FILE_PATH > /dev/null 2>&1; then - logMsgToConfigSysLog "ERROR" "ERROR: Script does not support log4j logger. Please see $LOGGLY_COM_URL/docs/java-log4j" - exit 1 - else - #if not found in the default path, check in the path where catalina.jar is found - libDirName=$(dirname ${CATALINA_JAR_PATH}) - LOG4J_FILE_PATH=$libDirName/log4j* - if ls $LOG4J_FILE_PATH > /dev/null 2>&1; then - logMsgToConfigSysLog "ERROR" "ERROR: Script does not support log4j logger. Please see $LOGGLY_COM_URL/docs/java-log4j" - exit 1 - fi - fi - logMsgToConfigSysLog "INFO" "INFO: Tomcat seems not to be configured with log4j logger." +checkIfTomcatConfiguredWithLog4J() { + echo "INFO: Checking if tomcat is configured with log4j logger." + #default path for log4j files + LOG4J_FILE_PATH=$LOGGLY_CATALINA_HOME/lib/log4j* + #check if the log4j files are present, if yes, then exit + if ls $LOG4J_FILE_PATH >/dev/null 2>&1; then + logMsgToConfigSysLog "ERROR" "ERROR: Script does not support log4j logger. Please see $LOGGLY_COM_URL/docs/java-log4j" + exit 1 + else + #if not found in the default path, check in the path where catalina.jar is found + libDirName=$(dirname ${CATALINA_JAR_PATH}) + LOG4J_FILE_PATH=$libDirName/log4j* + if ls $LOG4J_FILE_PATH >/dev/null 2>&1; then + logMsgToConfigSysLog "ERROR" "ERROR: Script does not support log4j logger. Please see $LOGGLY_COM_URL/docs/java-log4j" + exit 1 + fi + fi + logMsgToConfigSysLog "INFO" "INFO: Tomcat seems not to be configured with log4j logger." } -canTomcatBeRestarted() -{ - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; do - read -p "Tomcat needs to be restarted during configuration. Do you wish to continue? (yes/no)" yn - case $yn in - [Yy]* ) - break;; - [Nn]* ) - logMsgToConfigSysLog "WARN" "WARN: This script must restart Tomcat. Please run the script again when you are ready to restart it. No changes have been made to your system. Exiting." - exit 1 - break;; - * ) echo "Please answer yes or no.";; - esac - done - else - logMsgToConfigSysLog "WARN" "WARN:Tomcat needs to be restarted during configuration." - fi +canTomcatBeRestarted() { + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "Tomcat needs to be restarted during configuration. Do you wish to continue? (yes/no)" yn + case $yn in + [Yy]*) + break + ;; + [Nn]*) + logMsgToConfigSysLog "WARN" "WARN: This script must restart Tomcat. Please run the script again when you are ready to restart it. No changes have been made to your system. Exiting." + exit 1 + break + ;; + *) echo "Please answer yes or no." ;; + esac + done + else + logMsgToConfigSysLog "WARN" "WARN:Tomcat needs to be restarted during configuration." + fi } #backup the logging.properties file in the CATALINA_HOME folder -backupLoggingPropertiesFile() -{ - logMsgToConfigSysLog "INFO" "INFO: Tomcat logging properties file: $LOGGLY_CATALINA_PROPFILE" - # backup the logging properties file just in case it need to reverted. - echo "INFO: Going to back up the properties file: $LOGGLY_CATALINA_PROPFILE to $LOGGLY_CATALINA_BACKUP_PROPFILE" - if [ ! -f $LOGGLY_CATALINA_PROPFILE ]; then - logMsgToConfigSysLog "ERROR" "ERROR: logging.properties file not found!. Looked at location $LOGGLY_CATALINA_PROPFILE" - exit 1 - else - # dont take a backup of logging properties file if it is already there - if [ ! -f $LOGGLY_CATALINA_BACKUP_PROPFILE ]; then - sudo cp -f $LOGGLY_CATALINA_PROPFILE $LOGGLY_CATALINA_BACKUP_PROPFILE - fi - fi +backupLoggingPropertiesFile() { + logMsgToConfigSysLog "INFO" "INFO: Tomcat logging properties file: $LOGGLY_CATALINA_PROPFILE" + # backup the logging properties file just in case it need to reverted. + echo "INFO: Going to back up the properties file: $LOGGLY_CATALINA_PROPFILE to $LOGGLY_CATALINA_BACKUP_PROPFILE" + if [ ! -f $LOGGLY_CATALINA_PROPFILE ]; then + logMsgToConfigSysLog "ERROR" "ERROR: logging.properties file not found!. Looked at location $LOGGLY_CATALINA_PROPFILE" + exit 1 + else + # dont take a backup of logging properties file if it is already there + if [ ! -f $LOGGLY_CATALINA_BACKUP_PROPFILE ]; then + sudo cp -f $LOGGLY_CATALINA_PROPFILE $LOGGLY_CATALINA_BACKUP_PROPFILE + fi + fi } #update logging.properties file to enable log rotation. If the version of tomcat #is less than 6.0.33, then log rotation cannot be enabled -updateLoggingPropertiesFile() -{ - #check if tomcat version is less than 6.0.33.0, if yes, throw a warning - if [ $(compareVersions $TOMCAT_VERSION $MIN_TOMCAT_VERSION 4) -lt 0 ]; then - logMsgToConfigSysLog "WARNING" "WARNING: Tomcat version is less than 6.0.33. Log rotation cannot be disabled for version <6.0.33; only catalina.out log will be monitored." - fi - - #Log rotation is not supported on version below 6.0.33.0, logging.properties should not be modified - #in such case. If version is above 6.0.33.0, then do the following - if [ $(compareVersions $TOMCAT_VERSION $MIN_TOMCAT_VERSION 4) -ge 0 ]; then - #removing the end . from logging.properties variable 1catalina.org.apache.juli.FileHandler.prefix = catalina. - if grep -Fq "prefix = catalina." $LOGGLY_CATALINA_PROPFILE - then - sudo sed -i "s/prefix = catalina./prefix = catalina/g" $LOGGLY_CATALINA_PROPFILE - fi - if grep -Fq "prefix = localhost." $LOGGLY_CATALINA_PROPFILE - then - sudo sed -i "s/prefix = localhost./prefix = localhost/g" $LOGGLY_CATALINA_PROPFILE - fi - if grep -Fq "prefix = manager." $LOGGLY_CATALINA_PROPFILE - then - sudo sed -i "s/prefix = manager./prefix = manager/g" $LOGGLY_CATALINA_PROPFILE - fi - if grep -Fq "prefix = host-manager." $LOGGLY_CATALINA_PROPFILE - then - sudo sed -i "s/prefix = host-manager./prefix = host-manager/g" $LOGGLY_CATALINA_PROPFILE - fi - - #Check if the rotatable property is present in logging.properties - if grep -Fq "rotatable" $LOGGLY_CATALINA_PROPFILE - then - #If present, set all the values to false - sed -i -e 's/rotatable = true/rotatable = false/g' $LOGGLY_CATALINA_PROPFILE - fi - - if [ $(fgrep "rotatable = false" "$LOGGLY_CATALINA_PROPFILE" | wc -l) -lt 4 ]; then - #If rotatable property present or not, add the following lines to disable rotation in any case -sudo cat << EOIPFW >> $LOGGLY_CATALINA_PROPFILE +updateLoggingPropertiesFile() { + #check if tomcat version is less than 6.0.33.0, if yes, throw a warning + if [ $(compareVersions $TOMCAT_VERSION $MIN_TOMCAT_VERSION 4) -lt 0 ]; then + logMsgToConfigSysLog "WARNING" "WARNING: Tomcat version is less than 6.0.33. Log rotation cannot be disabled for version <6.0.33; only catalina.out log will be monitored." + fi + + #Log rotation is not supported on version below 6.0.33.0, logging.properties should not be modified + #in such case. If version is above 6.0.33.0, then do the following + if [ $(compareVersions $TOMCAT_VERSION $MIN_TOMCAT_VERSION 4) -ge 0 ]; then + #removing the end . from logging.properties variable 1catalina.org.apache.juli.FileHandler.prefix = catalina. + if grep -Fq "prefix = catalina." $LOGGLY_CATALINA_PROPFILE; then + sudo sed -i "s/prefix = catalina./prefix = catalina/g" $LOGGLY_CATALINA_PROPFILE + fi + if grep -Fq "prefix = localhost." $LOGGLY_CATALINA_PROPFILE; then + sudo sed -i "s/prefix = localhost./prefix = localhost/g" $LOGGLY_CATALINA_PROPFILE + fi + if grep -Fq "prefix = manager." $LOGGLY_CATALINA_PROPFILE; then + sudo sed -i "s/prefix = manager./prefix = manager/g" $LOGGLY_CATALINA_PROPFILE + fi + if grep -Fq "prefix = host-manager." $LOGGLY_CATALINA_PROPFILE; then + sudo sed -i "s/prefix = host-manager./prefix = host-manager/g" $LOGGLY_CATALINA_PROPFILE + fi + + #Check if the rotatable property is present in logging.properties + if grep -Fq "rotatable" $LOGGLY_CATALINA_PROPFILE; then + #If present, set all the values to false + sed -i -e 's/rotatable = true/rotatable = false/g' $LOGGLY_CATALINA_PROPFILE + fi + + if [ $(fgrep "rotatable = false" "$LOGGLY_CATALINA_PROPFILE" | wc -l) -lt 4 ]; then + #If rotatable property present or not, add the following lines to disable rotation in any case + sudo cat <>$LOGGLY_CATALINA_PROPFILE 1catalina.org.apache.juli.FileHandler.rotatable = false 2localhost.org.apache.juli.FileHandler.rotatable = false 3manager.org.apache.juli.FileHandler.rotatable = false 4host-manager.org.apache.juli.FileHandler.rotatable = false EOIPFW - fi - fi + fi + fi } - -#add renameOnRotate to true in the Valve element to stop access logs +#add renameOnRotate to true in the Valve element to stop access logs #log rotation -updateServerXML() -{ - - if ! grep -q 'renameOnRotate="true"' "$LOGGLY_CATALINA_HOME/conf/server.xml"; - then - - #Creating backup of server.xml to server.xml.bk - logMsgToConfigSysLog "INFO" "INFO: Creating backup of server.xml to server.xml.bk" - sudo cp $LOGGLY_CATALINA_HOME/conf/server.xml $LOGGLY_CATALINA_HOME/conf/server.xml.bk - if grep -q '"localhost_access_log."' "$LOGGLY_CATALINA_HOME/conf/server.xml"; - then - sed -i 's/"localhost_access_log."/"localhost_access_log"/g' $LOGGLY_CATALINA_HOME/conf/server.xml - fi - sed -i 's/"localhost_access_log"/"localhost_access_log"\ renameOnRotate="true"/g' $LOGGLY_CATALINA_HOME/conf/server.xml - logMsgToConfigSysLog "INFO" "INFO: Disabled log rotation for localhost_access_log file in server.xml" - fi +updateServerXML() { + + if ! grep -q 'renameOnRotate="true"' "$LOGGLY_CATALINA_HOME/conf/server.xml"; then + + #Creating backup of server.xml to server.xml.bk + logMsgToConfigSysLog "INFO" "INFO: Creating backup of server.xml to server.xml.bk" + sudo cp $LOGGLY_CATALINA_HOME/conf/server.xml $LOGGLY_CATALINA_HOME/conf/server.xml.bk + if grep -q '"localhost_access_log."' "$LOGGLY_CATALINA_HOME/conf/server.xml"; then + sed -i 's/"localhost_access_log."/"localhost_access_log"/g' $LOGGLY_CATALINA_HOME/conf/server.xml + fi + sed -i 's/"localhost_access_log"/"localhost_access_log"\ renameOnRotate="true"/g' $LOGGLY_CATALINA_HOME/conf/server.xml + logMsgToConfigSysLog "INFO" "INFO: Disabled log rotation for localhost_access_log file in server.xml" + fi } -addTagsInConfiguration() -{ - #split tags by comman(,) - IFS=, read -a array <<< "$LOGGLY_FILE_TAG" - for i in "${array[@]}" - do - TAG="$TAG tag=\\\"$i\\\" " - done +addTagsInConfiguration() { + #split tags by comman(,) + IFS=, read -a array <<<"$LOGGLY_FILE_TAG" + for i in "${array[@]}"; do + TAG="$TAG tag=\\\"$i\\\" " + done } -write21TomcatConfFile() -{ - #Create tomcat syslog config file if it doesn't exist - echo "INFO: Checking if tomcat sysconf file $TOMCAT_SYSLOG_CONFFILE exist." - if [ -f "$TOMCAT_SYSLOG_CONFFILE" ]; then - logMsgToConfigSysLog "WARN" "WARN: Tomcat syslog file $TOMCAT_SYSLOG_CONFFILE already exist." - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; do - read -p "Do you wish to override $TOMCAT_SYSLOG_CONFFILE? (yes/no)" yn - case $yn in - [Yy]* ) - logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $TOMCAT_SYSLOG_CONFFILE to $TOMCAT_SYSLOG_CONFFILE_BACKUP"; - sudo mv -f $TOMCAT_SYSLOG_CONFFILE $TOMCAT_SYSLOG_CONFFILE_BACKUP; - write21TomcatFileContents; - break;; - [Nn]* ) break;; - * ) echo "Please answer yes or no.";; - esac - done - else - logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $TOMCAT_SYSLOG_CONFFILE to $TOMCAT_SYSLOG_CONFFILE_BACKUP"; - sudo mv -f $TOMCAT_SYSLOG_CONFFILE $TOMCAT_SYSLOG_CONFFILE_BACKUP; - write21TomcatFileContents; - fi - else - write21TomcatFileContents - fi +write21TomcatConfFile() { + #Create tomcat syslog config file if it doesn't exist + echo "INFO: Checking if tomcat sysconf file $TOMCAT_SYSLOG_CONFFILE exist." + if [ -f "$TOMCAT_SYSLOG_CONFFILE" ]; then + logMsgToConfigSysLog "WARN" "WARN: Tomcat syslog file $TOMCAT_SYSLOG_CONFFILE already exist." + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "Do you wish to override $TOMCAT_SYSLOG_CONFFILE? (yes/no)" yn + case $yn in + [Yy]*) + logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $TOMCAT_SYSLOG_CONFFILE to $TOMCAT_SYSLOG_CONFFILE_BACKUP" + sudo mv -f $TOMCAT_SYSLOG_CONFFILE $TOMCAT_SYSLOG_CONFFILE_BACKUP + write21TomcatFileContents + break + ;; + [Nn]*) break ;; + *) echo "Please answer yes or no." ;; + esac + done + else + logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $TOMCAT_SYSLOG_CONFFILE to $TOMCAT_SYSLOG_CONFFILE_BACKUP" + sudo mv -f $TOMCAT_SYSLOG_CONFFILE $TOMCAT_SYSLOG_CONFFILE_BACKUP + write21TomcatFileContents + fi + else + write21TomcatFileContents + fi } #function to write the contents of tomcat syslog config file -write21TomcatFileContents() -{ - logMsgToConfigSysLog "INFO" "INFO: Creating file $TOMCAT_SYSLOG_CONFFILE" - sudo touch $TOMCAT_SYSLOG_CONFFILE - sudo chmod o+w $TOMCAT_SYSLOG_CONFFILE +write21TomcatFileContents() { + logMsgToConfigSysLog "INFO" "INFO: Creating file $TOMCAT_SYSLOG_CONFFILE" + sudo touch $TOMCAT_SYSLOG_CONFFILE + sudo chmod o+w $TOMCAT_SYSLOG_CONFFILE - imfileStr="\$ModLoad imfile + imfileStr="\$ModLoad imfile \$WorkDirectory $RSYSLOG_DIR " - if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then - imfileStr+="\$PrivDropToGroup adm + if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then + imfileStr+="\$PrivDropToGroup adm " - fi + fi - imfileStr+=" + imfileStr+=" #parameterized token here....... #Add a tag for tomcat events \$template LogglyFormatTomcat,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" @@ -558,10 +534,10 @@ if \$programname == 'initd' then @@logs-01.loggly.com:514;LogglyFormatTomcat if \$programname == 'initd' then ~ " - #if log rotation is enabled i.e. tomcat version is greater than or equal to - #6.0.33.0, then add the following lines to tomcat syslog conf file - if [ $(compareVersions $TOMCAT_VERSION $MIN_TOMCAT_VERSION 4) -ge 0 ]; then - imfileStr+=" + #if log rotation is enabled i.e. tomcat version is greater than or equal to + #6.0.33.0, then add the following lines to tomcat syslog conf file + if [ $(compareVersions $TOMCAT_VERSION $MIN_TOMCAT_VERSION 4) -ge 0 ]; then + imfileStr+=" # catalina.log \$InputFileName $LOGGLY_CATALINA_LOG_HOME/catalina.log \$InputFileTag catalina-log @@ -612,138 +588,131 @@ if \$programname == 'manager' then ~ if \$programname == 'tomcat-access' then @@logs-01.loggly.com:514;LogglyFormatTomcat if \$programname == 'tomcat-access' then ~ " - fi + fi - #change the tomcat-21 file to variable from above and also take the directory of the tomcat log file. -sudo cat << EOIPFW >> $TOMCAT_SYSLOG_CONFFILE + #change the tomcat-21 file to variable from above and also take the directory of the tomcat log file. + sudo cat <>$TOMCAT_SYSLOG_CONFFILE $imfileStr EOIPFW - #restart the syslog service. - restartRsyslog + #restart the syslog service. + restartRsyslog } #checks if the tomcat logs made to loggly -checkIfTomcatLogsMadeToLoggly() -{ - counter=1 - maxCounter=10 - - tomcatInitialLogCount=0 - tomcatLatestLogCount=0 - queryParam="tag%3Atomcat&from=-15m&until=now&size=1" - - queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" - logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" - - logMsgToConfigSysLog "INFO" "INFO: Getting initial tomcat log count." - #get the initial count of tomcat logs for past 15 minutes - searchAndFetch tomcatInitialLogCount "$queryUrl" - - logMsgToConfigSysLog "INFO" "INFO: Tomcat needs to be restarted to complete the configuration and verification." - # restart the tomcat service. - restartTomcat - - logMsgToConfigSysLog "INFO" "INFO: Verifying if the tomcat logs made it to Loggly." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - #get the final count of tomcat logs for past 15 minutes - searchAndFetch tomcatLatestLogCount "$queryUrl" - let counter=$counter+1 - - while [ "$tomcatLatestLogCount" -le "$tomcatInitialLogCount" ]; do - echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." - sleep 30 - echo "INFO: Done waiting. Verifying again." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - searchAndFetch tomcatLatestLogCount "$queryUrl" - let counter=$counter+1 - if [ "$counter" -gt "$maxCounter" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Tomcat logs did not make to Loggly in time. Please check network and firewall settings and retry." - exit 1 - fi - done - - if [ "$tomcatLatestLogCount" -gt "$tomcatInitialLogCount" ]; then - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Tomcat logs successfully transferred to Loggly! You are now sending Tomcat logs to Loggly." - exit 0 - fi +checkIfTomcatLogsMadeToLoggly() { + counter=1 + maxCounter=10 + + tomcatInitialLogCount=0 + tomcatLatestLogCount=0 + queryParam="tag%3Atomcat&from=-15m&until=now&size=1" + + queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" + logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Getting initial tomcat log count." + #get the initial count of tomcat logs for past 15 minutes + searchAndFetch tomcatInitialLogCount "$queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Tomcat needs to be restarted to complete the configuration and verification." + # restart the tomcat service. + restartTomcat + + logMsgToConfigSysLog "INFO" "INFO: Verifying if the tomcat logs made it to Loggly." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + #get the final count of tomcat logs for past 15 minutes + searchAndFetch tomcatLatestLogCount "$queryUrl" + let counter=$counter+1 + + while [ "$tomcatLatestLogCount" -le "$tomcatInitialLogCount" ]; do + echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." + sleep 30 + echo "INFO: Done waiting. Verifying again." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch tomcatLatestLogCount "$queryUrl" + let counter=$counter+1 + if [ "$counter" -gt "$maxCounter" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Tomcat logs did not make to Loggly in time. Please check network and firewall settings and retry." + exit 1 + fi + done + + if [ "$tomcatLatestLogCount" -gt "$tomcatInitialLogCount" ]; then + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Tomcat logs successfully transferred to Loggly! You are now sending Tomcat logs to Loggly." + exit 0 + fi } #restore original loggly properties file from backup -restoreLogglyPropertiesFile() -{ - echo "INFO: Reverting the logging.properties file." - if [ -f "$LOGGLY_CATALINA_BACKUP_PROPFILE" ]; then - sudo rm -fr $LOGGLY_CATALINA_PROPFILE - sudo cp -f $LOGGLY_CATALINA_BACKUP_PROPFILE $LOGGLY_CATALINA_PROPFILE - sudo rm -fr $LOGGLY_CATALINA_BACKUP_PROPFILE - fi - - logMsgToConfigSysLog "INFO" "INFO: Tomcat needs to be restarted to rollback the configuration." - restartTomcat +restoreLogglyPropertiesFile() { + echo "INFO: Reverting the logging.properties file." + if [ -f "$LOGGLY_CATALINA_BACKUP_PROPFILE" ]; then + sudo rm -fr $LOGGLY_CATALINA_PROPFILE + sudo cp -f $LOGGLY_CATALINA_BACKUP_PROPFILE $LOGGLY_CATALINA_PROPFILE + sudo rm -fr $LOGGLY_CATALINA_BACKUP_PROPFILE + fi + + logMsgToConfigSysLog "INFO" "INFO: Tomcat needs to be restarted to rollback the configuration." + restartTomcat } -restoreServerXML() -{ - if [ -f "$LOGGLY_CATALINA_HOME/conf/server.xml.bk" ]; - then - logMsgToConfigSysLog "INFO" "INFO: Restoring server.xml file from backup" - sudo rm -rf $LOGGLY_CATALINA_HOME/conf/server.xml - sudo cp $LOGGLY_CATALINA_HOME/conf/server.xml.bk $LOGGLY_CATALINA_HOME/conf/server.xml - sudo rm -rf $LOGGLY_CATALINA_HOME/conf/server.xml.bk - fi +restoreServerXML() { + if [ -f "$LOGGLY_CATALINA_HOME/conf/server.xml.bk" ]; then + logMsgToConfigSysLog "INFO" "INFO: Restoring server.xml file from backup" + sudo rm -rf $LOGGLY_CATALINA_HOME/conf/server.xml + sudo cp $LOGGLY_CATALINA_HOME/conf/server.xml.bk $LOGGLY_CATALINA_HOME/conf/server.xml + sudo rm -rf $LOGGLY_CATALINA_HOME/conf/server.xml.bk + fi } #remove 21tomcat.conf file -remove21TomcatConfFile() -{ - echo "INFO: Deleting the loggly tomcat syslog conf file." - if [ -f "$TOMCAT_SYSLOG_CONFFILE" ]; then - sudo rm -rf "$TOMCAT_SYSLOG_CONFFILE" - fi - - #restart rsyslog - restartRsyslog +remove21TomcatConfFile() { + echo "INFO: Deleting the loggly tomcat syslog conf file." + if [ -f "$TOMCAT_SYSLOG_CONFFILE" ]; then + sudo rm -rf "$TOMCAT_SYSLOG_CONFFILE" + fi + + #restart rsyslog + restartRsyslog } #restart tomcat -restartTomcat() -{ - #sudo service tomcat restart or home/bin/start.sh - if [ $(ps -ef | grep -v grep | grep "$SERVICE" | wc -l) -gt 0 ]; then - logMsgToConfigSysLog "INFO" "INFO: $SERVICE is running." - if [ -f /etc/init.d/$SERVICE ]; then - logMsgToConfigSysLog "INFO" "INFO: $SERVICE is running as service." - logMsgToConfigSysLog "INFO" "INFO: Restarting the tomcat service." - sudo service $SERVICE restart - if [ $? -ne 0 ]; then - logMsgToConfigSysLog "WARNING" "WARNING: Tomcat did not restart gracefully. Log rotation may not be disabled. Please restart tomcat manually." - fi - else - logMsgToConfigSysLog "INFO" "INFO: $SERVICE is not running as service." - logMsgToConfigSysLog "INFO" "INFO: Shutting down tomcat." - sudo $LOGGLY_CATALINA_HOME/bin/shutdown.sh - if [ $? -ne 0 ]; then - logMsgToConfigSysLog "WARNING" "WARNING: Tomcat did not shut down gracefully." - else - logMsgToConfigSysLog "INFO" "INFO: Done shutting down tomcat." - fi - - logMsgToConfigSysLog "INFO" "INFO: Starting up tomcat." - sudo $LOGGLY_CATALINA_HOME/bin/startup.sh - if [ $? -ne 0 ]; then - logMsgToConfigSysLog "WARNING" "WARNING: Tomcat did not start up down gracefully." - else - logMsgToConfigSysLog "INFO" "INFO: Tomcat is up and running." - fi - fi - fi +restartTomcat() { + #sudo service tomcat restart or home/bin/start.sh + if [ $(ps -ef | grep -v grep | grep "$SERVICE" | wc -l) -gt 0 ]; then + logMsgToConfigSysLog "INFO" "INFO: $SERVICE is running." + if [ -f /etc/init.d/$SERVICE ]; then + logMsgToConfigSysLog "INFO" "INFO: $SERVICE is running as service." + logMsgToConfigSysLog "INFO" "INFO: Restarting the tomcat service." + sudo service $SERVICE restart + if [ $? -ne 0 ]; then + logMsgToConfigSysLog "WARNING" "WARNING: Tomcat did not restart gracefully. Log rotation may not be disabled. Please restart tomcat manually." + fi + else + logMsgToConfigSysLog "INFO" "INFO: $SERVICE is not running as service." + logMsgToConfigSysLog "INFO" "INFO: Shutting down tomcat." + sudo $LOGGLY_CATALINA_HOME/bin/shutdown.sh + if [ $? -ne 0 ]; then + logMsgToConfigSysLog "WARNING" "WARNING: Tomcat did not shut down gracefully." + else + logMsgToConfigSysLog "INFO" "INFO: Done shutting down tomcat." + fi + + logMsgToConfigSysLog "INFO" "INFO: Starting up tomcat." + sudo $LOGGLY_CATALINA_HOME/bin/startup.sh + if [ $? -ne 0 ]; then + logMsgToConfigSysLog "WARNING" "WARNING: Tomcat did not start up down gracefully." + else + logMsgToConfigSysLog "INFO" "INFO: Tomcat is up and running." + fi + fi + fi } #display usage syntax -usage() -{ -cat << EOF +usage() { + cat <= to 6.0.33." - fi -fi - -#get the tomcat version number -if [ -f "$CATALINA_JAR_PATH" ]; then - TOMCAT_VERSION=$(sudo java -cp $CATALINA_JAR_PATH org.apache.catalina.util.ServerInfo | grep "Server number") - TOMCAT_VERSION=${TOMCAT_VERSION#*: } - TOMCAT_VERSION=$TOMCAT_VERSION | tr -d ' ' - - tomcatMajorVersion=${TOMCAT_VERSION%%.*} - if [ $tomcatMajorVersion -ne 6 ]; then - echo "ERROR" "ERROR: This script only supports Tomcat version 6." - exit 1 - fi -fi +setVariables() { + #set host name + HOST_NAME=$(hostname) + + #set value for linux distribution name + LINUX_DIST=$(lsb_release -ds) + + if [ $? -ne 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: This operating system is not supported by the script." + exit 1 + else + #remove double quotes (if any) from the linux distribution name + LINUX_DIST="${LINUX_DIST%\"}" + LINUX_DIST="${LINUX_DIST#\"}" + case "$LINUX_DIST" in + *"Ubuntu"*) + echo "INFO: Operating system is Ubuntu." + ;; + *"Red Hat"*) + echo "INFO: Operating system is Red Hat." + ;; + *"CentOS"*) + echo "INFO: Operating system is CentOS." + ;; + *) + logMsgToConfigSysLog "ERROR" "ERROR: This operating system is not supported by the script." + exit 1 + ;; + esac + fi + + #get CATALINA_HOME, this sets the value for LOGGLY_CATALINA_HOME variable + getCatalinaHome $SERVICE + + #set value for catalina conf home path, logging.properties path and + #logging.properties.loggly.bk path + LOGGLY_CATALINA_CONF_HOME=$LOGGLY_CATALINA_HOME/conf + LOGGLY_CATALINA_PROPFILE=$LOGGLY_CATALINA_CONF_HOME/logging.properties + LOGGLY_CATALINA_BACKUP_PROPFILE=$LOGGLY_CATALINA_PROPFILE.loggly.bk + + LOGGLY_CATALINA_LOG_HOME=/var/log/$SERVICE + + #default path for catalina.jar + CATALINA_JAR_PATH=$LOGGLY_CATALINA_HOME/lib/catalina.jar + + #check if the identified CATALINA_HOME has the catalina.jar + if [ ! -f "$CATALINA_JAR_PATH" ]; then + #if not, search it throughout the system. If we find no entries or more than + #1 entry, then we cannot determine the version of the tomcat + logMsgToConfigSysLog "INFO" "INFO: Could not find catalina.jar in $LOGGLY_CATALINA_HOME/lib. Searching at other locations, this may take some time." + if [ $(sudo find / -name catalina.jar | grep tomcat6 | wc -l) = 1 ]; then + CATALINA_JAR_PATH=$(sudo find / -name catalina.jar | grep tomcat6) + logMsgToConfigSysLog "INFO" "INFO: Found catalina.jar at $CATALINA_JAR_PATH." + else + logMsgToConfigSysLog "WARNING" "WARNING: Unable to determine the correct version of tomcat 6. Assuming its >= to 6.0.33." + fi + fi + + #get the tomcat version number + if [ -f "$CATALINA_JAR_PATH" ]; then + TOMCAT_VERSION=$(sudo java -cp $CATALINA_JAR_PATH org.apache.catalina.util.ServerInfo | grep "Server number") + TOMCAT_VERSION=${TOMCAT_VERSION#*: } + TOMCAT_VERSION=$TOMCAT_VERSION | tr -d ' ' + + tomcatMajorVersion=${TOMCAT_VERSION%%.*} + if [ $tomcatMajorVersion -ne 6 ]; then + echo "ERROR" "ERROR: This script only supports Tomcat version 6." + exit 1 + fi + fi -#set loggly account url -LOGGLY_ACCOUNT_URL=https://$LOGGLY_ACCOUNT.loggly.com + #set loggly account url + LOGGLY_ACCOUNT_URL=https://$LOGGLY_ACCOUNT.loggly.com } #try to deduce tomcat home if user has not provided one -getCatalinaHome() -{ - #if user has not provided the catalina home - if [ "$LOGGLY_CATALINA_HOME" = "" ]; then - case "$LINUX_DIST" in - *"Ubuntu"* ) - checkIfValidCatalinaHome "/var/lib/$1" - ;; - *"Red Hat"* ) - checkIfValidCatalinaHome "/usr/share/$1" - ;; - *"CentOS"* ) - checkIfValidCatalinaHome "/usr/share/$1" - ;; - esac - else - checkIfValidCatalinaHome "$LOGGLY_CATALINA_HOME" - fi - logMsgToConfigSysLog "INFO" "INFO: CATALINA HOME: $LOGGLY_CATALINA_HOME" +getCatalinaHome() { + #if user has not provided the catalina home + if [ "$LOGGLY_CATALINA_HOME" = "" ]; then + case "$LINUX_DIST" in + *"Ubuntu"*) + checkIfValidCatalinaHome "/var/lib/$1" + ;; + *"Red Hat"*) + checkIfValidCatalinaHome "/usr/share/$1" + ;; + *"CentOS"*) + checkIfValidCatalinaHome "/usr/share/$1" + ;; + esac + else + checkIfValidCatalinaHome "$LOGGLY_CATALINA_HOME" + fi + logMsgToConfigSysLog "INFO" "INFO: CATALINA HOME: $LOGGLY_CATALINA_HOME" } #checks if the catalina home is a valid one by searching for logging.properties and #checks for startup.sh if tomcat is not configured as service -checkIfValidCatalinaHome() -{ - LOGGLY_CATALINA_HOME=$1 - #check if logging.properties files is present - if [ ! -f "$LOGGLY_CATALINA_HOME/conf/logging.properties" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Unable to find conf/logging.properties file within $LOGGLY_CATALINA_HOME. Please provide correct Catalina Home using -ch option." - exit 1 - #check if tomcat is configured as a service. If no, then check if we have access to startup.sh file - elif [ ! -f /etc/init.d/$SERVICE ]; then - logMsgToConfigSysLog "INFO" "INFO: Tomcat 6 is not configured as a service" - if [ ! -f "$LOGGLY_CATALINA_HOME/bin/startup.sh" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Unable to find bin/startup.sh file within $LOGGLY_CATALINA_HOME. Please provide correct Catalina Home using -ch option." - exit 1 - fi - fi +checkIfValidCatalinaHome() { + LOGGLY_CATALINA_HOME=$1 + #check if logging.properties files is present + if [ ! -f "$LOGGLY_CATALINA_HOME/conf/logging.properties" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Unable to find conf/logging.properties file within $LOGGLY_CATALINA_HOME. Please provide correct Catalina Home using -ch option." + exit 1 + #check if tomcat is configured as a service. If no, then check if we have access to startup.sh file + elif [ ! -f /etc/init.d/$SERVICE ]; then + logMsgToConfigSysLog "INFO" "INFO: Tomcat 6 is not configured as a service" + if [ ! -f "$LOGGLY_CATALINA_HOME/bin/startup.sh" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Unable to find bin/startup.sh file within $LOGGLY_CATALINA_HOME. Please provide correct Catalina Home using -ch option." + exit 1 + fi + fi } #compares two version numbers, used for comparing tomcat version and rsyslog version -compareVersions () -{ - typeset IFS='.' - typeset -a v1=( $1 ) - typeset -a v2=( $2 ) - typeset n diff - - for (( n=0; n<$3; n+=1 )); do - diff=$((v1[n]-v2[n])) - if [ $diff -ne 0 ] ; then +compareVersions() { + typeset IFS='.' + typeset -a v1=($1) + typeset -a v2=($2) + typeset n diff + + for ((n = 0; n < $3; n += 1)); do + diff=$((v1[n] - v2[n])) + if [ $diff -ne 0 ]; then [ $diff -le 0 ] && echo '-1' || echo '1' return fi done - echo '0' + echo '0' } - #checks if all the various endpoints used for configuring loggly are accessible -checkLogglyServersAccessiblilty() -{ -echo "INFO: Checking if $LOGGLY_ACCOUNT_URL is reachable" -if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/login | grep "200 OK" | wc -l) == 1 ]; then - echo "INFO: $LOGGLY_ACCOUNT_URL is reachable" -else - logMsgToConfigSysLog "WARNING" "WARNING: $LOGGLY_ACCOUNT_URL is not reachable. Please check your network and firewall settings. Continuing to configure Loggly on your system." -fi - -echo "INFO: Checking if $LOGS_01_HOST is reachable" -if [ $(ping -c 1 $LOGS_01_HOST | grep "1 packets transmitted, 1 received, 0% packet loss" | wc -l) == 1 ]; then - echo "INFO: $LOGS_01_HOST is reachable" -else - logMsgToConfigSysLog "WARNING" "WARNING: $LOGS_01_HOST is not reachable. Please check your network and firewall settings. Continuing to configure Loggly on your system." -fi - -echo "INFO: Checking if provided username and password is correct" -if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "Unauthorized" | wc -l) == 1 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Invalid Loggly username or password" - exit 1 -else - logMsgToConfigSysLog "INFO" "INFO: Username and password authorized successfully." -fi +checkLogglyServersAccessiblilty() { + echo "INFO: Checking if $LOGGLY_ACCOUNT_URL is reachable" + if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/login | grep "200 OK" | wc -l) == 1 ]; then + echo "INFO: $LOGGLY_ACCOUNT_URL is reachable" + else + logMsgToConfigSysLog "WARNING" "WARNING: $LOGGLY_ACCOUNT_URL is not reachable. Please check your network and firewall settings. Continuing to configure Loggly on your system." + fi + + echo "INFO: Checking if $LOGS_01_HOST is reachable" + if [ $(ping -c 1 $LOGS_01_HOST | grep "1 packets transmitted, 1 received, 0% packet loss" | wc -l) == 1 ]; then + echo "INFO: $LOGS_01_HOST is reachable" + else + logMsgToConfigSysLog "WARNING" "WARNING: $LOGS_01_HOST is not reachable. Please check your network and firewall settings. Continuing to configure Loggly on your system." + fi + + echo "INFO: Checking if provided username and password is correct" + if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "Unauthorized" | wc -l) == 1 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Invalid Loggly username or password" + exit 1 + else + logMsgToConfigSysLog "INFO" "INFO: Username and password authorized successfully." + fi } #checks if the tomcat is already configured with log4j. If yes, then exit -checkIfTomcatConfiguredWithLog4J() -{ -echo "INFO: Checking if Tomcat is configured with log4j logger" -#default path for log4j files -LOG4J_FILE_PATH=$LOGGLY_CATALINA_HOME/lib/log4j* -#check if the log4j files are present, if yes, then exit -if ls $LOG4J_FILE_PATH > /dev/null 2>&1; then - logMsgToConfigSysLog "ERROR" "ERROR: Script does not support log4j logger. Please see $LOGGLY_COM_URL/docs/java-log4j" - exit 1 -else - #if not found in the default path, check in the path where catalina.jar is found - libDirName=$(dirname ${CATALINA_JAR_PATH}) - LOG4J_FILE_PATH=$libDirName/log4j* - if ls $LOG4J_FILE_PATH > /dev/null 2>&1; then - logMsgToConfigSysLog "ERROR" "ERROR: Script does not support log4j logger. Please see $LOGGLY_COM_URL/docs/java-log4j" - exit 1 - fi -fi -logMsgToConfigSysLog "INFO" "INFO: Tomcat seems not to be configured with log4j logger." +checkIfTomcatConfiguredWithLog4J() { + echo "INFO: Checking if Tomcat is configured with log4j logger" + #default path for log4j files + LOG4J_FILE_PATH=$LOGGLY_CATALINA_HOME/lib/log4j* + #check if the log4j files are present, if yes, then exit + if ls $LOG4J_FILE_PATH >/dev/null 2>&1; then + logMsgToConfigSysLog "ERROR" "ERROR: Script does not support log4j logger. Please see $LOGGLY_COM_URL/docs/java-log4j" + exit 1 + else + #if not found in the default path, check in the path where catalina.jar is found + libDirName=$(dirname ${CATALINA_JAR_PATH}) + LOG4J_FILE_PATH=$libDirName/log4j* + if ls $LOG4J_FILE_PATH >/dev/null 2>&1; then + logMsgToConfigSysLog "ERROR" "ERROR: Script does not support log4j logger. Please see $LOGGLY_COM_URL/docs/java-log4j" + exit 1 + fi + fi + logMsgToConfigSysLog "INFO" "INFO: Tomcat seems not to be configured with log4j logger." } # executing the script for loggly to install and configure syslog. -configureLoggly() -{ -checkIfUserHasRootPrivileges -setVariables -logMsgToConfigSysLog "INFO" "INFO: Initiating Configure Loggly" -checkLogglyServersAccessiblilty -checkIfTomcatConfiguredWithLog4J - -logMsgToConfigSysLog "INFO" "INFO: Tomcat logging properties file: $LOGGLY_CATALINA_PROPFILE" - -sudo service rsyslog start -SYSLOG_VERSION=$(sudo rsyslogd -version | grep "rsyslogd") -SYSLOG_VERSION=${SYSLOG_VERSION#* } -SYSLOG_VERSION=${SYSLOG_VERSION%,*} -SYSLOG_VERSION=$SYSLOG_VERSION | tr -d " " -if [ $(compareVersions $SYSLOG_VERSION $MIN_SYSLOG_VERSION 3) -lt 0 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Min syslog version required is 5.8.0." - exit 1 -fi - -echo "INFO: Checking if loggly sysconf file $LOGGLY_SYSLOG_CONFFILE exist." -# if the loggly configuration file exist, then don't create it. -if [ -f "$LOGGLY_SYSLOG_CONFFILE" ]; then +configureLoggly() { + checkIfUserHasRootPrivileges + setVariables + logMsgToConfigSysLog "INFO" "INFO: Initiating Configure Loggly" + checkLogglyServersAccessiblilty + checkIfTomcatConfiguredWithLog4J + + logMsgToConfigSysLog "INFO" "INFO: Tomcat logging properties file: $LOGGLY_CATALINA_PROPFILE" + + sudo service rsyslog start + SYSLOG_VERSION=$(sudo rsyslogd -version | grep "rsyslogd") + SYSLOG_VERSION=${SYSLOG_VERSION#* } + SYSLOG_VERSION=${SYSLOG_VERSION%,*} + SYSLOG_VERSION=$SYSLOG_VERSION | tr -d " " + if [ $(compareVersions $SYSLOG_VERSION $MIN_SYSLOG_VERSION 3) -lt 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Min syslog version required is 5.8.0." + exit 1 + fi + + echo "INFO: Checking if loggly sysconf file $LOGGLY_SYSLOG_CONFFILE exist." + # if the loggly configuration file exist, then don't create it. + if [ -f "$LOGGLY_SYSLOG_CONFFILE" ]; then logMsgToConfigSysLog "INFO" "INFO: Loggly syslog file $LOGGLY_SYSLOG_CONFFILE exist, not creating file." -else - logMsgToConfigSysLog "INFO" "INFO: Creating file $LOGGLY_SYSLOG_CONFFILE." + else + logMsgToConfigSysLog "INFO" "INFO: Creating file $LOGGLY_SYSLOG_CONFFILE." if [ "$LOGGLY_ACCOUNT" != "" ]; then - wget -q -O - $LOGGLY_COM_URL/install/configure-syslog.py | sudo python - setup --auth $LOGGLY_AUTH_TOKEN --account $LOGGLY_ACCOUNT + wget -q -O - $LOGGLY_COM_URL/install/configure-syslog.py | sudo python - setup --auth $LOGGLY_AUTH_TOKEN --account $LOGGLY_ACCOUNT else - logMsgToConfigSysLog "ERROR" "ERROR: Loggly auth token is required to configure rsyslog. Please pass -a while running script." - exit 1 + logMsgToConfigSysLog "ERROR" "ERROR: Loggly auth token is required to configure rsyslog. Please pass -a while running script." + exit 1 + fi + fi + + # backup the logging properties file just in case it need to reverted. + echo "INFO: Going to back up the properties file: $LOGGLY_CATALINA_PROPFILE to $LOGGLY_CATALINA_BACKUP_PROPFILE." + if [ ! -f $LOGGLY_CATALINA_PROPFILE ]; then + logMsgToConfigSysLog "ERROR" "ERROR: logging.properties file not found!. Looked at location $LOGGLY_CATALINA_PROPFILE." + exit 1 + else + # dont take a backup of logging properties file if it is already there + if [ ! -f $LOGGLY_CATALINA_BACKUP_PROPFILE ]; then + sudo cp -f $LOGGLY_CATALINA_PROPFILE $LOGGLY_CATALINA_BACKUP_PROPFILE + fi + fi + + #check if tomcat version is less than 6.0.33.0, if yes, throw a warning + if [ $(compareVersions $TOMCAT_VERSION $MIN_TOMCAT_VERSION 4) -lt 0 ]; then + logMsgToConfigSysLog "WARNING" "WARNING: Tomcat version is less than 6.0.33. Log rotation cannot be disabled for version <6.0.33; only catalina.out log will be monitored." + fi + + #Log rotation is not supported on version below 6.0.33.0, logging.properties should not be modified + #in such case. If version is above 6.0.33.0, then do the following + if [ $(compareVersions $TOMCAT_VERSION $MIN_TOMCAT_VERSION 4) -ge 0 ]; then + #removing the end . from logging.properties variable 1catalina.org.apache.juli.FileHandler.prefix = catalina. + if grep -Fq "prefix = catalina." $LOGGLY_CATALINA_PROPFILE; then + sudo sed -i "s/prefix = catalina./prefix = catalina/g" $LOGGLY_CATALINA_PROPFILE + fi + if grep -Fq "prefix = localhost." $LOGGLY_CATALINA_PROPFILE; then + sudo sed -i "s/prefix = localhost./prefix = localhost/g" $LOGGLY_CATALINA_PROPFILE + fi + if grep -Fq "prefix = manager." $LOGGLY_CATALINA_PROPFILE; then + sudo sed -i "s/prefix = manager./prefix = manager/g" $LOGGLY_CATALINA_PROPFILE + fi + if grep -Fq "prefix = host-manager." $LOGGLY_CATALINA_PROPFILE; then + sudo sed -i "s/prefix = host-manager./prefix = host-manager/g" $LOGGLY_CATALINA_PROPFILE fi -fi - -# backup the logging properties file just in case it need to reverted. -echo "INFO: Going to back up the properties file: $LOGGLY_CATALINA_PROPFILE to $LOGGLY_CATALINA_BACKUP_PROPFILE." -if [ ! -f $LOGGLY_CATALINA_PROPFILE ]; then - logMsgToConfigSysLog "ERROR" "ERROR: logging.properties file not found!. Looked at location $LOGGLY_CATALINA_PROPFILE." - exit 1 -else - # dont take a backup of logging properties file if it is already there - if [ ! -f $LOGGLY_CATALINA_BACKUP_PROPFILE ]; then - sudo cp -f $LOGGLY_CATALINA_PROPFILE $LOGGLY_CATALINA_BACKUP_PROPFILE - fi -fi -#check if tomcat version is less than 6.0.33.0, if yes, throw a warning -if [ $(compareVersions $TOMCAT_VERSION $MIN_TOMCAT_VERSION 4) -lt 0 ]; then - logMsgToConfigSysLog "WARNING" "WARNING: Tomcat version is less than 6.0.33. Log rotation cannot be disabled for version <6.0.33; only catalina.out log will be monitored." -fi + #Check if the rotatable property is present in logging.properties + if grep -Fq "rotatable" $LOGGLY_CATALINA_PROPFILE; then + #If present, set all the values to false + sed -i -e 's/rotatable = true/rotatable = false/g' $LOGGLY_CATALINA_PROPFILE + fi -#Log rotation is not supported on version below 6.0.33.0, logging.properties should not be modified -#in such case. If version is above 6.0.33.0, then do the following -if [ $(compareVersions $TOMCAT_VERSION $MIN_TOMCAT_VERSION 4) -ge 0 ]; then - #removing the end . from logging.properties variable 1catalina.org.apache.juli.FileHandler.prefix = catalina. - if grep -Fq "prefix = catalina." $LOGGLY_CATALINA_PROPFILE - then - sudo sed -i "s/prefix = catalina./prefix = catalina/g" $LOGGLY_CATALINA_PROPFILE - fi - if grep -Fq "prefix = localhost." $LOGGLY_CATALINA_PROPFILE - then - sudo sed -i "s/prefix = localhost./prefix = localhost/g" $LOGGLY_CATALINA_PROPFILE - fi - if grep -Fq "prefix = manager." $LOGGLY_CATALINA_PROPFILE - then - sudo sed -i "s/prefix = manager./prefix = manager/g" $LOGGLY_CATALINA_PROPFILE - fi - if grep -Fq "prefix = host-manager." $LOGGLY_CATALINA_PROPFILE - then - sudo sed -i "s/prefix = host-manager./prefix = host-manager/g" $LOGGLY_CATALINA_PROPFILE - fi - - #Check if the rotatable property is present in logging.properties - if grep -Fq "rotatable" $LOGGLY_CATALINA_PROPFILE - then - #If present, set all the values to false - sed -i -e 's/rotatable = true/rotatable = false/g' $LOGGLY_CATALINA_PROPFILE - fi - - if [ $(fgrep "rotatable = false" "$LOGGLY_CATALINA_PROPFILE" | wc -l) -lt 4 ]; then -#If rotatable property present or not, add the following lines to disable rotation in any case -sudo cat << EOIPFW >> $LOGGLY_CATALINA_PROPFILE + if [ $(fgrep "rotatable = false" "$LOGGLY_CATALINA_PROPFILE" | wc -l) -lt 4 ]; then + #If rotatable property present or not, add the following lines to disable rotation in any case + sudo cat <>$LOGGLY_CATALINA_PROPFILE 1catalina.org.apache.juli.FileHandler.rotatable = false 2localhost.org.apache.juli.FileHandler.rotatable = false 3manager.org.apache.juli.FileHandler.rotatable = false 4host-manager.org.apache.juli.FileHandler.rotatable = false EOIPFW - fi -fi + fi + fi -# Create rsyslog dir if it doesn't exist, Modify the rsyslog directory if exist -if [ -d "$SYSLOG_DIR" ]; then + # Create rsyslog dir if it doesn't exist, Modify the rsyslog directory if exist + if [ -d "$SYSLOG_DIR" ]; then logMsgToConfigSysLog "INFO" "INFO: $SYSLOG_DIR exist, not creating dir." if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then - logMsgToConfigSysLog "INFO" "INFO: Changing the permission on the rsyslog in /var/spool." - sudo chown -R syslog:adm $SYSLOG_DIR - fi -else + logMsgToConfigSysLog "INFO" "INFO: Changing the permission on the rsyslog in /var/spool." + sudo chown -R syslog:adm $SYSLOG_DIR + fi + else logMsgToConfigSysLog "INFO" "INFO: Creating directory $SYSLOGDIR." sudo mkdir -v $SYSLOG_DIR - if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then - sudo chown -R syslog:adm $SYSLOG_DIR - fi -fi - -#Create tomcat syslog config file if it doesn't exist -echo "INFO: Checking if tomcat sysconf file $TOMCAT_SYSLOG_CONFFILE exist." -if [ -f "$TOMCAT_SYSLOG_CONFFILE" ]; then - logMsgToConfigSysLog "INFO" "INFO: Tomcat syslog file $TOMCAT_SYSLOG_CONFFILE exist, not creating file." -else - logMsgToConfigSysLog "INFO" "INFO: Creating file $TOMCAT_SYSLOG_CONFFILE." - sudo touch $TOMCAT_SYSLOG_CONFFILE - sudo chmod o+w $TOMCAT_SYSLOG_CONFFILE - generateTomcat21File -fi + if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then + sudo chown -R syslog:adm $SYSLOG_DIR + fi + fi + + #Create tomcat syslog config file if it doesn't exist + echo "INFO: Checking if tomcat sysconf file $TOMCAT_SYSLOG_CONFFILE exist." + if [ -f "$TOMCAT_SYSLOG_CONFFILE" ]; then + logMsgToConfigSysLog "INFO" "INFO: Tomcat syslog file $TOMCAT_SYSLOG_CONFFILE exist, not creating file." + else + logMsgToConfigSysLog "INFO" "INFO: Creating file $TOMCAT_SYSLOG_CONFFILE." + sudo touch $TOMCAT_SYSLOG_CONFFILE + sudo chmod o+w $TOMCAT_SYSLOG_CONFFILE + generateTomcat21File + fi + + tomcatInitialLogCount=0 + tomcatLatestLogCount=0 + queryParam="tag%3Atomcat&from=-15m&until=now&size=1" + searchAndFetch tomcatInitialLogCount "$queryParam" + + logMsgToConfigSysLog "INFO" "INFO: Restarting rsyslog and tomcat to generate logs for verification." + # restart the syslog service. + restartsyslog + # restart the tomcat service. + restartTomcat + searchAndFetch tomcatLatestLogCount "$queryParam" + + counter=1 + maxCounter=10 + #echo "latest tomcat log count: $tomcatLatestLogCount and before query count: $tomcatInitialLogCount" + while [ "$tomcatLatestLogCount" -le "$tomcatInitialLogCount" ]; do + echo "######### waiting for 30 secs while loggly processes the test events." + sleep 30 + echo "######## Done waiting. verifying again..." + logMsgToConfigSysLog "INFO" "INFO: Try # $counter of total $maxCounter." + searchAndFetch tomcatLatestLogCount "$queryParam" + #echo "Again Fetch: initial count $tomcatInitialLogCount : latest count : $tomcatLatestLogCount counter: $counter max counter: $maxCounter" + let counter=$counter+1 + if [ "$counter" -gt "$maxCounter" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Tomcat logs did not make to Loggly in stipulated time. Please check your token & network/firewall settings and retry." + exit 1 + fi + done -tomcatInitialLogCount=0 -tomcatLatestLogCount=0 -queryParam="tag%3Atomcat&from=-15m&until=now&size=1" -searchAndFetch tomcatInitialLogCount "$queryParam" - -logMsgToConfigSysLog "INFO" "INFO: Restarting rsyslog and tomcat to generate logs for verification." -# restart the syslog service. -restartsyslog -# restart the tomcat service. -restartTomcat -searchAndFetch tomcatLatestLogCount "$queryParam" - -counter=1 -maxCounter=10 -#echo "latest tomcat log count: $tomcatLatestLogCount and before query count: $tomcatInitialLogCount" -while [ "$tomcatLatestLogCount" -le "$tomcatInitialLogCount" ]; do - echo "######### waiting for 30 secs while loggly processes the test events." - sleep 30 - echo "######## Done waiting. verifying again..." - logMsgToConfigSysLog "INFO" "INFO: Try # $counter of total $maxCounter." - searchAndFetch tomcatLatestLogCount "$queryParam" - #echo "Again Fetch: initial count $tomcatInitialLogCount : latest count : $tomcatLatestLogCount counter: $counter max counter: $maxCounter" - let counter=$counter+1 - if [ "$counter" -gt "$maxCounter" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Tomcat logs did not make to Loggly in stipulated time. Please check your token & network/firewall settings and retry." - exit 1 - fi -done - -if [ "$tomcatLatestLogCount" -gt "$tomcatInitialLogCount" ]; then - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Tomcat logs successfully transferred to Loggly." - exit 0 -fi + if [ "$tomcatLatestLogCount" -gt "$tomcatInitialLogCount" ]; then + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Tomcat logs successfully transferred to Loggly." + exit 0 + fi } # End of configure rsyslog for tomcat #function to generate tomcat syslog config file -generateTomcat21File() -{ +generateTomcat21File() { -imfileStr="\$ModLoad imfile + imfileStr="\$ModLoad imfile \$WorkDirectory $SYSLOG_DIR " -if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then -imfileStr+="\$PrivDropToGroup adm + if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then + imfileStr+="\$PrivDropToGroup adm " -fi + fi -imfileStr+=" + imfileStr+=" #parameterized token here....... #Add a tag for tomcat events \$template LogglyFormatTomcat,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 tag=\\\"tomcat\\\"] %msg%\n\" @@ -457,10 +443,10 @@ if \$programname == 'initd' then @@logs-01.loggly.com:514;LogglyFormatTomcat if \$programname == 'initd' then ~ " -#if log rotation is enabled i.e. tomcat version is greater than or equal to -#6.0.33.0, then add the following lines to tomcat syslog conf file -if [ $(compareVersions $TOMCAT_VERSION $MIN_TOMCAT_VERSION 4) -ge 0 ]; then -imfileStr+=" + #if log rotation is enabled i.e. tomcat version is greater than or equal to + #6.0.33.0, then add the following lines to tomcat syslog conf file + if [ $(compareVersions $TOMCAT_VERSION $MIN_TOMCAT_VERSION 4) -ge 0 ]; then + imfileStr+=" # catalina.log \$InputFileName $LOGGLY_CATALINA_LOG_HOME/catalina.log \$InputFileTag catalina-log @@ -501,137 +487,131 @@ if \$programname == 'localhost-log' then ~ if \$programname == 'manager' then @@logs-01.loggly.com:514;LogglyFormatTomcat if \$programname == 'manager' then ~ " -fi + fi -#change the tomcat-21 file to variable from above and also take the directory of the tomcat log file. -sudo cat << EOIPFW >> $TOMCAT_SYSLOG_CONFFILE + #change the tomcat-21 file to variable from above and also take the directory of the tomcat log file. + sudo cat <>$TOMCAT_SYSLOG_CONFFILE $imfileStr EOIPFW } #rollback tomcat loggly configuration -rollback() -{ - checkIfUserHasRootPrivileges - setVariables - logMsgToConfigSysLog "INFO" "INFO: Initiating rollback." - echo "INFO: Reverting the catalina file." - if [ -f "$LOGGLY_CATALINA_BACKUP_PROPFILE" ]; then - sudo rm -fr $LOGGLY_CATALINA_PROPFILE - sudo cp -f $LOGGLY_CATALINA_BACKUP_PROPFILE $LOGGLY_CATALINA_PROPFILE - sudo rm -fr $LOGGLY_CATALINA_BACKUP_PROPFILE - fi - echo "INFO: Deleting the loggly tomcat syslog conf file." - if [ -f "$TOMCAT_SYSLOG_CONFFILE" ]; then - sudo rm -rf "$TOMCAT_SYSLOG_CONFFILE" - fi - echo "INFO: Removed all the modified files." - restartTomcat - logMsgToConfigSysLog "INFO" "INFO: Rollback completed." +rollback() { + checkIfUserHasRootPrivileges + setVariables + logMsgToConfigSysLog "INFO" "INFO: Initiating rollback." + echo "INFO: Reverting the catalina file." + if [ -f "$LOGGLY_CATALINA_BACKUP_PROPFILE" ]; then + sudo rm -fr $LOGGLY_CATALINA_PROPFILE + sudo cp -f $LOGGLY_CATALINA_BACKUP_PROPFILE $LOGGLY_CATALINA_PROPFILE + sudo rm -fr $LOGGLY_CATALINA_BACKUP_PROPFILE + fi + echo "INFO: Deleting the loggly tomcat syslog conf file." + if [ -f "$TOMCAT_SYSLOG_CONFFILE" ]; then + sudo rm -rf "$TOMCAT_SYSLOG_CONFFILE" + fi + echo "INFO: Removed all the modified files." + restartTomcat + logMsgToConfigSysLog "INFO" "INFO: Rollback completed." } -debug() -{ - setVariables - logMsgToConfigSysLog "INFO" "INFO: Initiating debug." - checkLogglyServersAccessiblilty - - #if [ -f loggly_tcpdump.log ]; then - # sudo rm -rf loggly_tcpdump.log - #fi - - # Get the inital count for the msg. - queryParam="syslog.appName:LOGGLYVERIFY&from=-15m&until=now&size=1" - #set -x - searchAndFetch initialCount "$queryParam" - #set +x - echo "Count of the msg before logging: $initialCount" - - #sudo sh -c "tcpdump -i eth0 -A \"tcp and port 514\" -s 0 -w loggly_tcpdump.log" & - - - logger -t "LOGGLYVERIFY" "LOGGLYDEBUG- Test msg for verification from script" - #msg="<14>0 test test [$LOGGLY_AUTH_TOKEN@41058 tag=\"Test\"] test from Loggly verify script" - #echo "test msg: $msg" - #echo "$msg" | nc -vv -q2 logs-01.loggly.com 514 - - #sleep 1 - #sudo killall tcpdump - #echo "Reading the capture packets!!" - #TODO not sure why -r doesn't work. - # sudo tcpdump -r loggly_tcpdump.log - #Hack using grep and strings - # result="$(strings loggly_tcpdump.log | grep "LOGGLYDEBUG" | wc -l)" - #echo "result is $result" - #if [ "$result" -eq 0 ]; then - # echo "Failed to send data to logs-01.loggly.com on 514. Please check your rsyslog config or tomcat config file" - # else - # echo "Succefully send data to loggly!!!" - #fi - - # schedule the search - searchAndFetch finalCount $queryParam - counter=1 - maxCounter=10 +debug() { + setVariables + logMsgToConfigSysLog "INFO" "INFO: Initiating debug." + checkLogglyServersAccessiblilty + + #if [ -f loggly_tcpdump.log ]; then + # sudo rm -rf loggly_tcpdump.log + #fi + + # Get the inital count for the msg. + queryParam="syslog.appName:LOGGLYVERIFY&from=-15m&until=now&size=1" + #set -x + searchAndFetch initialCount "$queryParam" + #set +x + echo "Count of the msg before logging: $initialCount" + + #sudo sh -c "tcpdump -i eth0 -A \"tcp and port 514\" -s 0 -w loggly_tcpdump.log" & + + logger -t "LOGGLYVERIFY" "LOGGLYDEBUG- Test msg for verification from script" + #msg="<14>0 test test [$LOGGLY_AUTH_TOKEN@41058 tag=\"Test\"] test from Loggly verify script" + #echo "test msg: $msg" + #echo "$msg" | nc -vv -q2 logs-01.loggly.com 514 + + #sleep 1 + #sudo killall tcpdump + #echo "Reading the capture packets!!" + #TODO not sure why -r doesn't work. + # sudo tcpdump -r loggly_tcpdump.log + #Hack using grep and strings + # result="$(strings loggly_tcpdump.log | grep "LOGGLYDEBUG" | wc -l)" + #echo "result is $result" + #if [ "$result" -eq 0 ]; then + # echo "Failed to send data to logs-01.loggly.com on 514. Please check your rsyslog config or tomcat config file" + # else + # echo "Succefully send data to loggly!!!" + #fi + + # schedule the search + searchAndFetch finalCount $queryParam + counter=1 + maxCounter=10 + echo "initial count $initialCount : final count : $finalCount counter: $counter max counter: $maxCounter" + while [ "$finalCount" -le "$initialCount" ]; do echo "initial count $initialCount : final count : $finalCount counter: $counter max counter: $maxCounter" - while [ "$finalCount" -le "$initialCount" ]; do - echo "initial count $initialCount : final count : $finalCount counter: $counter max counter: $maxCounter" - echo "######### waiting for 30 secs......" - sleep 30 - echo "######## Done waiting. verifying again..." - echo "Try # $counter of total 10" - searchAndFetch finalCount "$queryParam" - echo "Again Fetch: initial count $initialCount : final count : $finalCount counter: $counter max counter: $maxCounter" - let counter=$counter+1 - if [ "$counter" -gt "$maxCounter" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Debug logs did not make to Loggly in stipulated time. Please check your token & network/firewall settings and retry OR" - exit 1 - fi - done - if [ "$finalCount" -gt "$initialCount" ]; then - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Debug logs successfully transferred to Loggly" - exit 0 + echo "######### waiting for 30 secs......" + sleep 30 + echo "######## Done waiting. verifying again..." + echo "Try # $counter of total 10" + searchAndFetch finalCount "$queryParam" + echo "Again Fetch: initial count $initialCount : final count : $finalCount counter: $counter max counter: $maxCounter" + let counter=$counter+1 + if [ "$counter" -gt "$maxCounter" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Debug logs did not make to Loggly in stipulated time. Please check your token & network/firewall settings and retry OR" + exit 1 fi + done + if [ "$finalCount" -gt "$initialCount" ]; then + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Debug logs successfully transferred to Loggly" + exit 0 + fi } - #$1 return the count of records in loggly, $2 is the query param to search in loggly -searchAndFetch() -{ - searchquery="$2" - url="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$searchquery" - logMsgToConfigSysLog "INFO" "INFO: Search URL: $url" - result=$(wget -qO- /dev/stdout --user "$LOGGLY_USERNAME" --password "$LOGGLY_PASSWORD" "$url") - if [ -z "$result" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Please check your network/firewall settings & ensure Loggly subdomain, username and password is specified correctly." - exit 1 - fi - id=$(echo "$result" | grep -v "{" | grep id | awk '{print $2}') - # strip last double quote from id - id="${id%\"}" - # strip first double quote from id - id="${id#\"}" - #echo "rsid for the search is: $id" - url="$LOGGLY_ACCOUNT_URL/apiv2/events?rsid=$id" - - # retrieve the data - result=$(wget -qO- /dev/stdout --user "$LOGGLY_USERNAME" --password "$LOGGLY_PASSWORD" "$url") - #echo "actual result based on rsid: $result" - count=$(echo "$result" | grep total_events | awk '{print $2}') - count="${count%\,}" - eval $1="'$count'" - echo "Count of events from loggly: "$count"" - if [ "$count" > 0 ]; then - timestamp=$(echo "$result" | grep timestamp) - #echo "timestamp: "$timestamp"" - #echo "Data made successfully to loggly!!!" - fi +searchAndFetch() { + searchquery="$2" + url="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$searchquery" + logMsgToConfigSysLog "INFO" "INFO: Search URL: $url" + result=$(wget -qO- /dev/stdout --user "$LOGGLY_USERNAME" --password "$LOGGLY_PASSWORD" "$url") + if [ -z "$result" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Please check your network/firewall settings & ensure Loggly subdomain, username and password is specified correctly." + exit 1 + fi + id=$(echo "$result" | grep -v "{" | grep id | awk '{print $2}') + # strip last double quote from id + id="${id%\"}" + # strip first double quote from id + id="${id#\"}" + #echo "rsid for the search is: $id" + url="$LOGGLY_ACCOUNT_URL/apiv2/events?rsid=$id" + + # retrieve the data + result=$(wget -qO- /dev/stdout --user "$LOGGLY_USERNAME" --password "$LOGGLY_PASSWORD" "$url") + #echo "actual result based on rsid: $result" + count=$(echo "$result" | grep total_events | awk '{print $2}') + count="${count%\,}" + eval $1="'$count'" + echo "Count of events from loggly: "$count"" + if [ "$count" ] >0; then + timestamp=$(echo "$result" | grep timestamp) + #echo "timestamp: "$timestamp"" + #echo "Data made successfully to loggly!!!" + fi } #display usage syntax -usage() -{ -cat << EOF +usage() { + cat < 0 ]; then - logMsgToConfigSysLog "INFO" "INFO: $SERVICE is running." - if [ -f /etc/init.d/$SERVICE ]; then - logMsgToConfigSysLog "INFO" "INFO: $SERVICE is running as service." - logMsgToConfigSysLog "INFO" "INFO: Restarting the tomcat service." - sudo service $SERVICE restart - if [ $? -ne 0 ]; then - logMsgToConfigSysLog "WARNING" "WARNING: Tomcat did not restart gracefully. Log rotation may not be disabled. Please restart tomcat manually." - fi - else - logMsgToConfigSysLog "INFO" "INFO: $SERVICE is not running as service." - # To be commented only for test - logMsgToConfigSysLog "INFO" "INFO: Shutting down tomcat..." - sudo $LOGGLY_CATALINA_HOME/bin/shutdown.sh - if [ $? -ne 0 ]; then - logMsgToConfigSysLog "WARNING" "WARNING: Tomcat did not shut down gracefully." - else - logMsgToConfigSysLog "INFO" "INFO: Done shutting down tomcat." - fi - - logMsgToConfigSysLog "INFO" "INFO: Starting up tomcat." - sudo $LOGGLY_CATALINA_HOME/bin/startup.sh - if [ $? -ne 0 ]; then - logMsgToConfigSysLog "WARNING" "WARNING: Tomcat did not start up down gracefully." - else - logMsgToConfigSysLog "INFO" "INFO: Tomcat is up and running." - fi - fi - fi +restartTomcat() { + #sudo service tomcat restart or home/bin/start.sh + if [ $(ps -ef | grep -v grep | grep "$SERVICE" | wc -l) ] >0; then + logMsgToConfigSysLog "INFO" "INFO: $SERVICE is running." + if [ -f /etc/init.d/$SERVICE ]; then + logMsgToConfigSysLog "INFO" "INFO: $SERVICE is running as service." + logMsgToConfigSysLog "INFO" "INFO: Restarting the tomcat service." + sudo service $SERVICE restart + if [ $? -ne 0 ]; then + logMsgToConfigSysLog "WARNING" "WARNING: Tomcat did not restart gracefully. Log rotation may not be disabled. Please restart tomcat manually." + fi + else + logMsgToConfigSysLog "INFO" "INFO: $SERVICE is not running as service." + # To be commented only for test + logMsgToConfigSysLog "INFO" "INFO: Shutting down tomcat..." + sudo $LOGGLY_CATALINA_HOME/bin/shutdown.sh + if [ $? -ne 0 ]; then + logMsgToConfigSysLog "WARNING" "WARNING: Tomcat did not shut down gracefully." + else + logMsgToConfigSysLog "INFO" "INFO: Done shutting down tomcat." + fi + + logMsgToConfigSysLog "INFO" "INFO: Starting up tomcat." + sudo $LOGGLY_CATALINA_HOME/bin/startup.sh + if [ $? -ne 0 ]; then + logMsgToConfigSysLog "WARNING" "WARNING: Tomcat did not start up down gracefully." + else + logMsgToConfigSysLog "INFO" "INFO: Tomcat is up and running." + fi + fi + fi } #logs message to config syslog -logMsgToConfigSysLog() -{ - #$1 variable will be SUCCESS or ERROR or INFO or WARNING - #$2 variable will be the message - cslStatus=$1 - cslMessage=$2 - echo "$cslMessage" - currentTime=$(date) - - #for Linux system, we need to use -d switch to decode base64 whereas - #for Mac system, we need to use -D switch to decode - varUname=$(uname) - if [[ $varUname == 'Linux' ]]; then - enabler=$(echo MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -d) - elif [[ $varUname == 'Darwin' ]]; then - enabler=$(echo MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -D) - fi - - if [ $? -ne 0 ]; then - echo "ERROR: Base64 decode is not supported on your Operating System. Please update your system to support Base64." - exit 1 - fi - - sendPayloadToConfigSysLog "$cslStatus" "$cslMessage" "$enabler" - - #if it is an error, then log message "Script Failed" to config syslog and exit the script - if [[ $cslStatus == "ERROR" ]]; then - sendPayloadToConfigSysLog "ERROR" "Script Failed" "$enabler" - echo "Please follow the manual instructions to configure tomcat at https://www.loggly.com/docs/tomcat-application-server" - exit 1 - fi - - #if it is a success, then log message "Script Succeeded" to config syslog and exit the script - if [[ $cslStatus == "SUCCESS" ]]; then - sendPayloadToConfigSysLog "SUCCESS" "Script Succeeded" "$enabler" - exit 0 - fi +logMsgToConfigSysLog() { + #$1 variable will be SUCCESS or ERROR or INFO or WARNING + #$2 variable will be the message + cslStatus=$1 + cslMessage=$2 + echo "$cslMessage" + currentTime=$(date) + + #for Linux system, we need to use -d switch to decode base64 whereas + #for Mac system, we need to use -D switch to decode + varUname=$(uname) + if [[ $varUname == 'Linux' ]]; then + enabler=$(echo MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -d) + elif [[ $varUname == 'Darwin' ]]; then + enabler=$(echo MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -D) + fi + + if [ $? -ne 0 ]; then + echo "ERROR: Base64 decode is not supported on your Operating System. Please update your system to support Base64." + exit 1 + fi + + sendPayloadToConfigSysLog "$cslStatus" "$cslMessage" "$enabler" + + #if it is an error, then log message "Script Failed" to config syslog and exit the script + if [[ $cslStatus == "ERROR" ]]; then + sendPayloadToConfigSysLog "ERROR" "Script Failed" "$enabler" + echo "Please follow the manual instructions to configure tomcat at https://www.loggly.com/docs/tomcat-application-server" + exit 1 + fi + + #if it is a success, then log message "Script Succeeded" to config syslog and exit the script + if [[ $cslStatus == "SUCCESS" ]]; then + sendPayloadToConfigSysLog "SUCCESS" "Script Succeeded" "$enabler" + exit 0 + fi } -sendPayloadToConfigSysLog() -{ -var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", \"tomcat-version\":\"$TOMCAT_VERSION\", \"messages\":\"$2\"}" -curl -s -H "content-type:application/json" -d "$var" $LOGS_01_URL/inputs/$3 > /dev/null 2>&1 +sendPayloadToConfigSysLog() { + var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", \"tomcat-version\":\"$TOMCAT_VERSION\", \"messages\":\"$2\"}" + curl -s -H "content-type:application/json" -d "$var" $LOGS_01_URL/inputs/$3 >/dev/null 2>&1 } #get password in the form of asterisk -getPassword() -{ - unset LOGGLY_PASSWORD - prompt="Please enter Loggly Password:" - while IFS= read -p "$prompt" -r -s -n 1 char - do - if [[ $char == $'\0' ]] - then - break - fi - prompt='*' - LOGGLY_PASSWORD+="$char" - done - echo +getPassword() { + unset LOGGLY_PASSWORD + prompt="Please enter Loggly Password:" + while IFS= read -p "$prompt" -r -s -n 1 char; do + if [[ $char == $'\0' ]]; then + break + fi + prompt='*' + LOGGLY_PASSWORD+="$char" + done + echo } #checks if user has root privileges -checkIfUserHasRootPrivileges() -{ - #This script needs to be run as a sudo user - if [[ $EUID -ne 0 ]]; then - logMsgToConfigSysLog "ERROR" "ERROR: This script must be run as root." - exit 1 - fi +checkIfUserHasRootPrivileges() { + #This script needs to be run as a sudo user + if [[ $EUID -ne 0 ]]; then + logMsgToConfigSysLog "ERROR" "ERROR: This script must be run as root." + exit 1 + fi } ########## Get Inputs from User - Start ########## if [ $# -eq 0 ]; then - usage - exit + usage + exit else -while [ "$1" != "" ]; do + while [ "$1" != "" ]; do case $1 in - -ch | --catalinahome ) shift - LOGGLY_CATALINA_HOME=$1 - echo "CATALINA HOME from input: $LOGGLY_CATALINA_HOME" - ;; - -t | --token ) shift - LOGGLY_AUTH_TOKEN=$1 - echo "AUTH TOKEN $LOGGLY_AUTH_TOKEN" - ;; - -a | --account ) shift - LOGGLY_ACCOUNT=$1 - echo "Loggly account or subdomain: $LOGGLY_ACCOUNT" - ;; - -u | --username ) shift - LOGGLY_USERNAME=$1 - echo "Username is set" - ;; - -p | --password ) shift - LOGGLY_PASSWORD=$1 - ;; - #-d | --debug ) - # LOGGLY_DEBUG="true" - # ;; - -r | --rollback ) - LOGGLY_ROLLBACK="true" - ;; - -h | --help) - usage - exit - ;; + -ch | --catalinahome) + shift + LOGGLY_CATALINA_HOME=$1 + echo "CATALINA HOME from input: $LOGGLY_CATALINA_HOME" + ;; + -t | --token) + shift + LOGGLY_AUTH_TOKEN=$1 + echo "AUTH TOKEN $LOGGLY_AUTH_TOKEN" + ;; + -a | --account) + shift + LOGGLY_ACCOUNT=$1 + echo "Loggly account or subdomain: $LOGGLY_ACCOUNT" + ;; + -u | --username) + shift + LOGGLY_USERNAME=$1 + echo "Username is set" + ;; + -p | --password) + shift + LOGGLY_PASSWORD=$1 + ;; + #-d | --debug ) + # LOGGLY_DEBUG="true" + # ;; + -r | --rollback) + LOGGLY_ROLLBACK="true" + ;; + -h | --help) + usage + exit + ;; esac shift -done + done fi -if [ "$LOGGLY_DEBUG" != "" -a "$LOGGLY_AUTH_TOKEN" != "" -a "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" ]; then - if [ "$LOGGLY_PASSWORD" = "" ]; then - getPassword - fi - debug +if [ "$LOGGLY_DEBUG" != "" -a "$LOGGLY_AUTH_TOKEN" != "" -a "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" ]; then + if [ "$LOGGLY_PASSWORD" = "" ]; then + getPassword + fi + debug elif [ "$LOGGLY_AUTH_TOKEN" != "" -a "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" ]; then - if [ "$LOGGLY_PASSWORD" = "" ]; then - getPassword - fi - configureLoggly + if [ "$LOGGLY_PASSWORD" = "" ]; then + getPassword + fi + configureLoggly elif [ "$LOGGLY_ROLLBACK" != "" ]; then - rollback + rollback else - usage + usage fi -########## Get Inputs from User - End ########## \ No newline at end of file +########## Get Inputs from User - End ########## From 80b404c7e5b7d09f8b8ab910417dab202d05cee8 Mon Sep 17 00:00:00 2001 From: Shwetajain148 Date: Fri, 20 Oct 2017 15:24:10 +0530 Subject: [PATCH 2/2] Update error message --- Linux Script/configure-linux.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Linux Script/configure-linux.sh b/Linux Script/configure-linux.sh index 9dae97e..ecb5b60 100644 --- a/Linux Script/configure-linux.sh +++ b/Linux Script/configure-linux.sh @@ -371,7 +371,7 @@ checkIfValidUserNamePassword() { echo "INFO: Checking if provided username and password is correct." if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "Unauthorized" | wc -l) == 1 ]; then logMsgToConfigSysLog "INFO" "INFO: Please check your username or reset your password at $LOGGLY_ACCOUNT_URL/account/users/" - logMsgToConfigSysLog "ERROR" "ERROR: Invalid Loggly username or password. Your username is visible at the top right of the Loggly console before the @ symbol. You can reset your password at http://.loggly.com/login." + logMsgToConfigSysLog "ERROR" "ERROR: Invalid Loggly username or password. Your username is visible at the top right of the Loggly console. You can reset your password at http://.loggly.com/login." exit 1 else logMsgToConfigSysLog "INFO" "INFO: Username and password authorized successfully."