diff --git a/Linux Script/README.md b/Linux Script/README.md new file mode 100644 index 0000000..68b91fd --- /dev/null +++ b/Linux Script/README.md @@ -0,0 +1,12 @@ +Linux Script +============ + +Configure your Linux system to send syslogs to Loggly using the following command + + chmod 755 configure-linux.sh + sudo ./configure-linux.sh -a SUBDOMAIN -u USERNAME + + +Stop sending your Linux System logs to Loggly + + sudo ./configure-linux.sh -a SUBDOMAIN -r diff --git a/Linux Script/configure-linux.sh b/Linux Script/configure-linux.sh index a36315f..30f5b34 100644 --- a/Linux Script/configure-linux.sh +++ b/Linux Script/configure-linux.sh @@ -8,14 +8,14 @@ trap ctrl_c INT function ctrl_c() { logMsgToConfigSysLog "INFO" "INFO: Aborting the script." exit 1 -} +} ########## Variable Declarations - Start ########## #name of the current script. This will get overwritten by the child script which calls this SCRIPT_NAME=configure-linux.sh #version of the current script. This will get overwritten by the child script which calls this -SCRIPT_VERSION=1.01 +SCRIPT_VERSION=1.5 #application tag. This will get overwritten by the child script which calls this APP_TAG= @@ -78,16 +78,18 @@ MANUAL_CONFIG_INSTRUCTION="Manual instructions to configure rsyslog on Linux are #this variable is set if the script is invoked via some other calling script IS_INVOKED= +#this variable will hold if the check env function for linux is invoked +LINUX_ENV_VALIDATED="false" + +#this variable will inform if verification needs to be performed +LINUX_DO_VERIFICATION="true" ########## Variable Declarations - End ########## -# executing the script for loggly to install and configure rsyslog. -installLogglyConf() +#check if the Linux environment is compatible with Loggly. +#Also set few variables after the check. +checkLinuxLogglyCompatibility() { - - #log message indicating starting of Loggly configuration - logMsgToConfigSysLog "INFO" "INFO: Initiating Configure Loggly for Linux." - #check if the user has root permission to run this script checkIfUserHasRootPrivileges @@ -103,7 +105,10 @@ installLogglyConf() #check if user credentials are valid. If no, then exit checkIfValidUserNamePassword - #check if authentication token is valid. If no, then exit + #get authentication token if not provided + getAuthToken + + #check if authentication token is valid. If no, then exit. checkIfValidAuthToken #check if rsyslog is configured as service. If no, then exit @@ -118,20 +123,33 @@ installLogglyConf() #check if selinux service is enforced. if yes, ask the user to manually disable and exit the script checkIfSelinuxServiceEnforced + LINUX_ENV_VALIDATED="true" +} + +# executing the script for loggly to install and configure rsyslog. +installLogglyConf() +{ + #log message indicating starting of Loggly configuration + logMsgToConfigSysLog "INFO" "INFO: Initiating Configure Loggly for Linux." + + if [ "$LINUX_ENV_VALIDATED" = "false" ]; then + checkLinuxLogglyCompatibility + fi + #if all the above check passes, write the 22-loggly.conf file write22LogglyConfFile - # Create rsyslog dir if it doesn't exist, Modify the permission on rsyslog directory if exist on Ubuntu + #create rsyslog dir if it doesn't exist, Modify the permission on rsyslog directory if exist on Ubuntu createRsyslogDir - #check if the logs are going to loggly fro linux system now - checkIfLogsMadeToLoggly - - #log success message - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Linux system successfully configured to send logs via Loggly." + if [ "$LINUX_DO_VERIFICATION" = "true" ]; then + #check if the logs are going to loggly fro linux system now + checkIfLogsMadeToLoggly + #log success message + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Linux system successfully configured to send logs via Loggly." + fi } -# End of configure rsyslog for linux #remove loggly configuration from Linux system removeLogglyConf() @@ -150,7 +168,7 @@ removeLogglyConf() #remove 22-loggly.conf file remove22LogglyConfFile - + #restart rsyslog service restartRsyslog @@ -171,34 +189,68 @@ checkIfUserHasRootPrivileges() #check if supported operating system checkIfSupportedOS() { - #set value for linux distribution name - LINUX_DIST=$(lsb_release -ds) - - if [ $? -ne 0 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: This operating system is not supported by the script." + getOs + + LINUX_DIST_IN_LOWER_CASE=$(echo $LINUX_DIST | tr "[:upper:]" "[:lower:]") + + case "$LINUX_DIST_IN_LOWER_CASE" in + *"ubuntu"* ) + echo "INFO: Operating system is Ubuntu." + ;; + *"redhat"* ) + echo "INFO: Operating system is Red Hat." + ;; + *"centos"* ) + echo "INFO: Operating system is CentOS." + ;; + *"amazon"* ) + echo "INFO: Operating system is Amazon AMI." + ;; + *"darwin"* ) + #if the OS is mac then exit + logMsgToConfigSysLog "ERROR" "ERROR: This script is for Linux systems, and Darwin or Mac OSX are not currently supported. You can find alternative options here: https://www.loggly.com/docs" exit 1 - else - #remove double quotes (if any) from the linux distribution name - LINUX_DIST="${LINUX_DIST%\"}" - LINUX_DIST="${LINUX_DIST#\"}" - case "$LINUX_DIST" in - *"Ubuntu"* ) - echo "INFO: Operating system is Ubuntu." - ;; - *"Red Hat"* ) - echo "INFO: Operating system is Red Hat." - ;; - *"CentOS"* ) - echo "INFO: Operating system is CentOS." - ;; - * ) - logMsgToConfigSysLog "ERROR" "ERROR: This operating system is not supported by the script." - exit 1 - ;; - esac - fi + ;; + * ) + logMsgToConfigSysLog "WARN" "WARN: The linux distribution '$LINUX_DIST' has not been previously tested with Loggly." + while true; do + read -p "Would you like to continue anyway? (yes/no)" yn + case $yn in + [Yy]* ) + break;; + [Nn]* ) + exit 1 + ;; + * ) echo "Please answer yes or no.";; + esac + done + ;; + esac } +getOs() +{ + # Determine OS platform + UNAME=$(uname | tr "[:upper:]" "[:lower:]") + # If Linux, try to determine specific distribution + if [ "$UNAME" == "linux" ]; then + # If available, use LSB to identify distribution + if [ -f /etc/lsb-release -o -d /etc/lsb-release.d ]; then + LINUX_DIST=$(lsb_release -i | cut -d: -f2 | sed s/'^\t'//) + # If system-release is available, then try to identify the name + elif [ -f /etc/system-release ]; then + LINUX_DIST=$(cat /etc/system-release | cut -f 1 -d " ") + # Otherwise, use release info file + else + LINUX_DIST=$(ls -d /etc/[A-Za-z]*[_-][rv]e[lr]* | grep -v "lsb" | cut -d'/' -f3 | cut -d'-' -f1 | cut -d'_' -f1) + fi + fi + + # For everything else (or if above failed), just use generic identifier + if [ "$LINUX_DIST" == "" ]; then + LINUX_DIST=$(uname) + fi +} #sets linux variables which will be used across various functions setLinuxVariables() @@ -213,25 +265,36 @@ setLinuxVariables() #checks if all the various endpoints used for configuring loggly are accessible checkIfLogglyServersAccessible() { - echo "INFO: Checking if $LOGGLY_ACCOUNT_URL is reachable." - if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/login | grep "200 OK" | wc -l) == 1 ]; then - echo "INFO: $LOGGLY_ACCOUNT_URL is reachable." - else - logMsgToConfigSysLog "WARNING" "WARNING: $LOGGLY_ACCOUNT_URL is not reachable. Please check your network and firewall settings. Continuing to configure Loggly on your system." - fi - echo "INFO: Checking if $LOGS_01_HOST is reachable." if [ $(ping -c 1 $LOGS_01_HOST | grep "1 packets transmitted, 1 received, 0% packet loss" | wc -l) == 1 ]; then echo "INFO: $LOGS_01_HOST is reachable." else - logMsgToConfigSysLog "WARNING" "WARNING: $LOGS_01_HOST is not reachable. Please check your network and firewall settings. Continuing to configure Loggly on your system." + logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable. Please check your network and firewall settings. Continuing to configure Loggly on your system." + exit 1 + fi + + echo "INFO: Checking if $LOGS_01_HOST is reachable via $LOGGLY_SYSLOG_PORT port. This may take some time." + if [ $(curl --connect-timeout 10 $LOGS_01_HOST:$LOGGLY_SYSLOG_PORT 2>&1 | grep "Empty reply from server" | wc -l) == 1 ]; then + echo "INFO: $LOGS_01_HOST is reachable via $LOGGLY_SYSLOG_PORT port." + else + logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable via $LOGGLY_SYSLOG_PORT port. Please check your network and firewall settings. Continuing to configure Loggly on your system." + exit 1 + fi + + echo "INFO: Checking if '$LOGGLY_ACCOUNT' subdomain is valid." + if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/login | grep "200 OK" | wc -l) == 1 ]; then + echo "INFO: $LOGGLY_ACCOUNT_URL is valid and reachable." + else + logMsgToConfigSysLog "ERROR" "ERROR: This is not a recognized subdomain. Please ask the account owner for the subdomain they signed up with." + exit 1 fi - echo "INFO: Checking if Gen2 account" + echo "INFO: Checking if Gen2 account." if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "404 NOT FOUND" | wc -l) == 1 ]; then logMsgToConfigSysLog "ERROR" "ERROR: This scripts need a Gen2 account. Please contact Loggly support." + exit 1 else - echo "INFO: It is a Gen2 account" + echo "INFO: It is a Gen2 account." fi } @@ -240,13 +303,36 @@ checkIfValidUserNamePassword() { echo "INFO: Checking if provided username and password is correct." if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "Unauthorized" | wc -l) == 1 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Invalid Loggly username or password." - exit 1 + logMsgToConfigSysLog "INFO" "INFO: Please check your username or reset your password at $LOGGLY_ACCOUNT_URL/account/users/" + logMsgToConfigSysLog "ERROR" "ERROR: Invalid Loggly username or password." + exit 1 else logMsgToConfigSysLog "INFO" "INFO: Username and password authorized successfully." fi } +getAuthToken() +{ + if [ "$LOGGLY_AUTH_TOKEN" = "" ]; then + logMsgToConfigSysLog "INFO" "INFO: Authentication token not provided. Trying to retrieve it from $LOGGLY_ACCOUNT_URL account." + #get authentication token if user has not provided one + tokenstr=$(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep -v "token") + + #get the string from index 0 to first occurence of , + tokenstr=${tokenstr%%,*} + + #get the string from index 0 to last occurence of " + tokenstr=${tokenstr%\"*} + + #get the string from first occurence of " to the end + tokenstr=${tokenstr#*\"} + + LOGGLY_AUTH_TOKEN=$tokenstr + + logMsgToConfigSysLog "INFO" "INFO: Retrieved authentication token: $LOGGLY_AUTH_TOKEN" + fi +} + #check if authentication token is valid checkIfValidAuthToken() { @@ -281,6 +367,7 @@ checkIfMultipleRsyslogConfigured() { if [ $(ps -ef | grep -v grep | grep "$RSYSLOG_SERVICE" | wc -l) -gt 1 ]; then logMsgToConfigSysLog "ERROR" "ERROR: Multiple (more than 1) $RSYSLOG_SERVICE is running." + exit 1 fi } @@ -305,6 +392,7 @@ checkIfSelinuxServiceEnforced() logMsgToConfigSysLog "INFO" "INFO: selinux status is not enforced." elif [ $(sudo getenforce | grep "Enforcing" | wc -l) -gt 0 ]; then logMsgToConfigSysLog "ERROR" "ERROR: selinux status is 'Enforcing'. Please disable it and start the rsyslog daemon manually." + exit 1 fi } @@ -315,14 +403,17 @@ write22LogglyConfFile() if [ -f "$LOGGLY_RSYSLOG_CONFFILE" ]; then logMsgToConfigSysLog "WARN" "WARN: Loggly rsyslog file $LOGGLY_RSYSLOG_CONFFILE already exist." while true; do - read -p "Do you wish to override $LOGGLY_RSYSLOG_CONFFILE? (yes/no)" yn + read -p "Do you wish to override $LOGGLY_RSYSLOG_CONFFILE and re-verify configuration? (yes/no)" yn case $yn in [Yy]* ) logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $LOGGLY_RSYSLOG_CONFFILE to $LOGGLY_RSYSLOG_CONFFILE_BACKUP"; sudo mv -f $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP; checkAuthTokenAndWriteContents; break;; - [Nn]* ) break;; + [Nn]* ) + LINUX_DO_VERIFICATION="false" + logMsgToConfigSysLog "INFO" "INFO: Skipping Linux verification." + break;; * ) echo "Please answer yes or no.";; esac done @@ -479,7 +570,7 @@ logMsgToConfigSysLog() #for Mac system, we need to use -D switch to decode varUname=$(uname) if [[ $varUname == 'Linux' ]]; then - enabler=$(echo MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -d) + enabler=$(echo -n MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -d) elif [[ $varUname == 'Darwin' ]]; then enabler=$(echo MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -D) fi @@ -494,7 +585,9 @@ logMsgToConfigSysLog() #if it is an error, then log message "Script Failed" to config syslog and exit the script if [[ $cslStatus == "ERROR" ]]; then sendPayloadToConfigSysLog "ERROR" "Script Failed" "$enabler" - echo $MANUAL_CONFIG_INSTRUCTION + if [ "$varUname" != "Darwin" ]; then + echo $MANUAL_CONFIG_INSTRUCTION + fi exit 1 fi @@ -508,9 +601,9 @@ logMsgToConfigSysLog() sendPayloadToConfigSysLog() { if [ "$APP_TAG" = "" ]; then - var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", \"messages\":\"$2\"}" + var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", \"messages\":\"$2\"}" else - var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", $APP_TAG, \"messages\":\"$2\"}" + var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", $APP_TAG, \"messages\":\"$2\"}" fi curl -s -H "content-type:application/json" -d "$var" $LOGS_01_URL/inputs/$3 > /dev/null 2>&1 } @@ -519,7 +612,9 @@ sendPayloadToConfigSysLog() searchAndFetch() { url=$2 + result=$(wget -qO- /dev/null --user "$LOGGLY_USERNAME" --password "$LOGGLY_PASSWORD" "$url") + if [ -z "$result" ]; then logMsgToConfigSysLog "ERROR" "ERROR: Please check your network/firewall settings & ensure Loggly subdomain, username and password is specified correctly." exit 1 @@ -538,7 +633,7 @@ searchAndFetch() eval $1="'$count'" if [ "$count" -gt 0 ]; then timestamp=$(echo "$result" | grep timestamp) - fi + fi } #get password in the form of asterisk @@ -562,7 +657,7 @@ getPassword() usage() { cat << EOF -usage: configure-linux [-a loggly auth account or subdomain] [-t loggly token] [-u username] [-p password (optional)] +usage: configure-linux [-a loggly auth account or subdomain] [-t loggly token (optional)] [-u username] [-p password (optional)] usage: configure-linux [-a loggly auth account or subdomain] [-r to remove] usage: configure-linux [-h for help] EOF @@ -607,8 +702,8 @@ if [ "$1" != "being-invoked" ]; then fi if [ "$LOGGLY_REMOVE" != "" -a "$LOGGLY_ACCOUNT" != "" ]; then - removeLogglyConf - elif [ "$LOGGLY_AUTH_TOKEN" != "" -a "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" ]; then + removeLogglyConf + elif [ "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" ]; then if [ "$LOGGLY_PASSWORD" = "" ]; then getPassword fi diff --git a/Modular Scripts/Apache2/README.md b/Modular Scripts/Apache2/README.md new file mode 100644 index 0000000..621f31e --- /dev/null +++ b/Modular Scripts/Apache2/README.md @@ -0,0 +1,11 @@ +Apache Script +============= + +Configure your Apache server to send logs from access file and error file to Loggly + + chmod 755 configure-apache.sh + sudo ./configure-apache -a SUBDOMAIN -u USERNAME + +Stop sending your Apache logs to Loggly + + sudo ./configure-apache.sh -a SUBDOMAIN -r diff --git a/Modular Scripts/Apache2/configure-apache.sh b/Modular Scripts/Apache2/configure-apache.sh new file mode 100644 index 0000000..48bc27f --- /dev/null +++ b/Modular Scripts/Apache2/configure-apache.sh @@ -0,0 +1,378 @@ +#!/bin/bash + +#downloads configure-linux.sh +echo "INFO: Downloading dependencies - configure-linux.sh" +curl -s -o configure-linux.sh https://raw.githubusercontent.com/psquickitjayant/install-script/master/Linux%20Script/configure-linux.sh +source configure-linux.sh "being-invoked" + +########## Variable Declarations - Start ########## +#name of the current script +SCRIPT_NAME=configure-apache.sh +#version of the current script +SCRIPT_VERSION=1.2 + +#we have not found the apache version yet at this point in the script +APP_TAG="\"apache-version\":\"\"" + +#name of the service, in this case apache2 +SERVICE= +#name of apache access log file +APACHE_ACCESS_LOG_FILE= +#name of apache error log file +APACHE_ERROR_LOG_FILE= +#name and location of apache syslog file +APACHE_SYSLOG_CONFFILE=$RSYSLOG_ETCDIR_CONF/21-apache.conf +#name and location of apache syslog backup file +APACHE_SYSLOG_CONFFILE_BACKUP=$RSYSLOG_ETCDIR_CONF/21-apache.conf.loggly.bk + +#this variable will hold the path to the apache home +LOGGLY_APACHE_HOME= +#this variable will hold the value of the apache log folder +LOGGLY_APACHE_LOG_HOME= +#this variable will hold the users apache version +APACHE_VERSION= + +MANUAL_CONFIG_INSTRUCTION="Manual instructions to configure Apache2 is available at https://www.loggly.com/docs/sending-apache-logs/" + +#this variable will hold if the check env function for linux is invoked +APACHE_ENV_VALIDATED="false" +########## Variable Declarations - End ########## + +#check if apache environment is compatible for Loggly +checkApacheLogglyCompatibility() +{ + #check if the linux environment is compatible for Loggly + checkLinuxLogglyCompatibility + + #check if apache2 is installed on unix system + checkApacheDetails + + APACHE_ENV_VALIDATED="true" +} + + +# executing the script for loggly to install and configure syslog. +installLogglyConfForApache() +{ + #log message indicating starting of Loggly configuration + logMsgToConfigSysLog "INFO" "INFO: Initiating Configure Loggly for Apache." + + #check if apache environment is compatible with Loggly + if [ "$APACHE_ENV_VALIDATED" = "false" ]; then + checkApacheLogglyCompatibility + fi + + #configure loggly for Linux + installLogglyConf + + #create 21apache.conf file + write21ApacheConfFile + + #check for the apache log file size + checkLogFileSize $LOGGLY_APACHE_LOG_HOME/$APACHE_ACCESS_LOG_FILE $LOGGLY_APACHE_LOG_HOME/$APACHE_ERROR_LOG_FILE + + #verify if the apache logs made it to loggly + checkIfApacheLogsMadeToLoggly + + #log success message + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Apache successfully configured to send logs via Loggly." +} + +#executing script to remove loggly configuration for Apache +removeLogglyConfForApache() +{ + logMsgToConfigSysLog "INFO" "INFO: Initiating rollback." + + #check if the user has root permission to run this script + checkIfUserHasRootPrivileges + + #check if the OS is supported by the script. If no, then exit + checkIfSupportedOS + + #check if apache2 is installed on unix system + checkApacheDetails + + #remove 21apache.conf file + remove21ApacheConfFile + + logMsgToConfigSysLog "INFO" "INFO: Rollback completed." +} + +#identify if apache2 is installed on your system and is available as a service +checkApacheDetails() +{ + getApacheServiceName + + #verify if apache is installed as service + if [ ! -f /etc/init.d/$SERVICE ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Apache is not configured as a service" + exit 1 + fi + + #get the version of apache installed + getApacheVersion + + #check if apache is supported + checkIfSupportedApacheVersion + + #set all the required apache variables by this script + setApacheVariables +} + +#Get the apache service name on various linux flavors +getApacheServiceName() +{ + #checking if the Linux is yum based or apt-get based + YUM_BASED=$(command -v yum) + APT_GET_BASED=$(command -v apt-get) + + if [ "$YUM_BASED" != "" ]; then + SERVICE="httpd" + APACHE_ACCESS_LOG_FILE="access_log" + APACHE_ERROR_LOG_FILE="error_log" + + elif [ "$APT_GET_BASED" != "" ]; then + SERVICE="apache2" + APACHE_ACCESS_LOG_FILE="access.log" + APACHE_ERROR_LOG_FILE="error.log" + fi +} + +#sets apache variables which will be used across various functions +setApacheVariables() +{ + LOGGLY_APACHE_LOG_HOME=/var/log/$SERVICE +} + +#gets the version of apache installed on the unix box +getApacheVersion() +{ + APACHE_VERSION=$($SERVICE -v | grep "Server version: Apache") + APACHE_VERSION=${APACHE_VERSION#*/} + APACHE_VERSION=${APACHE_VERSION% *} + APACHE_VERSION=$APACHE_VERSION | tr -d ' ' + APP_TAG="\"apache-version\":\"$APACHE_VERSION\"" + logMsgToConfigSysLog "INFO" "INFO: Apache version: $APACHE_VERSION" +} + +#checks if the apache version is supported by this script, currently the script +#only supports apache2 +checkIfSupportedApacheVersion() +{ + apacheMajorVersion=${APACHE_VERSION%%.*} + if [[ ($apacheMajorVersion -ne 2 ) ]]; then + logMsgToConfigSysLog "ERROR" "ERROR: This script only supports Apache version 2." + exit 1 + fi +} + +checkLogFileSize() +{ + accessFileSize=$(wc -c "$1" | cut -f 1 -d ' ') + errorFileSize=$(wc -c "$2" | cut -f 1 -d ' ') + fileSize=$((accessFileSize+errorFileSize)) + if [ $fileSize -ge 102400000 ]; then + logMsgToConfigSysLog "INFO" "INFO: " + while true; do + read -p "WARN: There are currently large log files which may use up your allowed volume. Please rotate your logs before continuing. Would you like to continue now anyway? (yes/no)" yn + case $yn in + [Yy]* ) + logMsgToConfigSysLog "INFO" "INFO: Current apache logs size is $fileSize bytes. Continuing with Apache Loggly configuration."; + break;; + [Nn]* ) + logMsgToConfigSysLog "INFO" "INFO: Current apache logs size is $fileSize bytes. Discontinuing with Apache Loggly configuration." + exit 1 + break;; + * ) echo "Please answer yes or no.";; + esac + done + elif [ $fileSize -eq 0 ]; then + logMsgToConfigSysLog "WARN" "WARN: There are no recent logs from Apache there so won't be any sent to Loggly. You can generate some logs by visiting a page on your web server." + exit 1 + fi +} + +write21ApacheConfFile() +{ + #Create apache syslog config file if it doesn't exist + echo "INFO: Checking if apache sysconf file $APACHE_SYSLOG_CONFFILE exist." + if [ -f "$APACHE_SYSLOG_CONFFILE" ]; then + logMsgToConfigSysLog "WARN" "WARN: Apache syslog file $APACHE_SYSLOG_CONFFILE already exist." + while true; do + read -p "Do you wish to override $APACHE_SYSLOG_CONFFILE? (yes/no)" yn + case $yn in + [Yy]* ) + logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $APACHE_SYSLOG_CONFFILE to $APACHE_SYSLOG_CONFFILE_BACKUP"; + sudo mv -f $APACHE_SYSLOG_CONFFILE $APACHE_SYSLOG_CONFFILE_BACKUP; + write21ApacheFileContents; + break;; + [Nn]* ) break;; + * ) echo "Please answer yes or no.";; + esac + done + else + write21ApacheFileContents + fi +} + +#function to write the contents of apache syslog config file +write21ApacheFileContents() +{ + logMsgToConfigSysLog "INFO" "INFO: Creating file $APACHE_SYSLOG_CONFFILE" + sudo touch $APACHE_SYSLOG_CONFFILE + sudo chmod o+w $APACHE_SYSLOG_CONFFILE + + imfileStr="\$ModLoad imfile + \$InputFilePollInterval 10 + \$WorkDirectory $RSYSLOG_DIR + " + if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then + imfileStr+="\$PrivDropToGroup adm + " + fi + + imfileStr+=" + # Apache access file: + \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ACCESS_LOG_FILE + \$InputFileTag apache-access: + \$InputFileStateFile stat-apache-access + \$InputFileSeverity info + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #Apache Error file: + \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ERROR_LOG_FILE + \$InputFileTag apache-error: + \$InputFileStateFile stat-apache-error + \$InputFileSeverity error + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #Add a tag for apache events + \$template LogglyFormatApache,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 tag=\\\"apache\\\"] %msg%\n\" + + if \$programname == 'apache-access' then @@logs-01.loggly.com:514;LogglyFormatApache + if \$programname == 'apache-access' then ~ + if \$programname == 'apache-error' then @@logs-01.loggly.com:514;LogglyFormatApache + if \$programname == 'apache-error' then ~ + " + + #change the apache-21 file to variable from above and also take the directory of the apache log file. +sudo cat << EOIPFW >> $APACHE_SYSLOG_CONFFILE +$imfileStr +EOIPFW + + restartRsyslog +} + + +#checks if the apache logs made to loggly +checkIfApacheLogsMadeToLoggly() +{ + counter=1 + maxCounter=10 + + apacheInitialLogCount=0 + apacheLatestLogCount=0 + queryParam="tag%3Aapache&from=-15m&until=now&size=1" + + queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" + logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Getting initial apache log count." + #get the initial count of apache logs for past 15 minutes + searchAndFetch apacheInitialLogCount "$queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Verifying if the apache logs made it to Loggly." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + #get the final count of apache logs for past 15 minutes + searchAndFetch apacheLatestLogCount "$queryUrl" + let counter=$counter+1 + + while [ "$apacheLatestLogCount" -le "$apacheInitialLogCount" ]; do + echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." + sleep 30 + echo "INFO: Done waiting. Verifying again." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch apacheLatestLogCount "$queryUrl" + let counter=$counter+1 + if [ "$counter" -gt "$maxCounter" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Apache logs did not make to Loggly in time. Please check your token & network/firewall settings and retry." + exit 1 + fi + done + + if [ "$apacheLatestLogCount" -gt "$apacheInitialLogCount" ]; then + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Apache logs successfully transferred to Loggly! You are now sending Apache logs to Loggly." + exit 0 + fi +} + +#remove 21apache.conf file +remove21ApacheConfFile() +{ + echo "INFO: Deleting the loggly apache syslog conf file." + if [ -f "$APACHE_SYSLOG_CONFFILE" ]; then + sudo rm -rf "$APACHE_SYSLOG_CONFFILE" + fi + echo "INFO: Removed all the modified files." + restartRsyslog +} + +#display usage syntax +usage() +{ +cat << EOF +usage: configure-apache [-a loggly auth account or subdomain] [-t loggly token (optional)] [-u username] [-p password (optional)] +usage: configure-apache [-a loggly auth account or subdomain] [-r to rollback] +usage: configure-apache [-h for help] +EOF +} + +########## Get Inputs from User - Start ########## + +if [ $# -eq 0 ]; then + usage + exit +else +while [ "$1" != "" ]; do + case $1 in + -t | --token ) shift + LOGGLY_AUTH_TOKEN=$1 + echo "AUTH TOKEN $LOGGLY_AUTH_TOKEN" + ;; + -a | --account ) shift + LOGGLY_ACCOUNT=$1 + echo "Loggly account or subdomain: $LOGGLY_ACCOUNT" + ;; + -u | --username ) shift + LOGGLY_USERNAME=$1 + echo "Username is set" + ;; + -p | --password ) shift + LOGGLY_PASSWORD=$1 + ;; + -r | --rollback ) + LOGGLY_ROLLBACK="true" + ;; + -h | --help) + usage + exit + ;; + esac + shift +done +fi + +if [ "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" ]; then + if [ "$LOGGLY_PASSWORD" = "" ]; then + getPassword + fi + installLogglyConfForApache +elif [ "$LOGGLY_ROLLBACK" != "" -a "$LOGGLY_ACCOUNT" != "" ]; then + removeLogglyConfForApache +else + usage +fi + +########## Get Inputs from User - End ########## \ No newline at end of file diff --git a/Modular Scripts/File Monitoring/README.md b/Modular Scripts/File Monitoring/README.md new file mode 100644 index 0000000..21d1797 --- /dev/null +++ b/Modular Scripts/File Monitoring/README.md @@ -0,0 +1,15 @@ +File Monitoring Script +====================== + +Configure your any text file to send it contents to Loggly + + chmod 755 configure-file-monitoring.sh + sudo ./configure-file-monitoring.sh -a SUBDOMAIN -u USERNAME -f FILENAME -l FILE_ALIAS + +**Note:** File Alias should be unique for each file. + + + +Stop sending your file contents to Loggly + + sudo ./configure-file-monitoring.sh -a SUBDOMAIN -l FILE_ALIAS -r diff --git a/Modular Scripts/File Monitoring/configure-file-monitoring.sh b/Modular Scripts/File Monitoring/configure-file-monitoring.sh new file mode 100644 index 0000000..b019edc --- /dev/null +++ b/Modular Scripts/File Monitoring/configure-file-monitoring.sh @@ -0,0 +1,365 @@ +#!/bin/bash + +#downloads configure-linux.sh +echo "INFO: Downloading dependencies - configure-linux.sh" +curl -s -o configure-linux.sh https://raw.githubusercontent.com/psquickitjayant/install-script/master/Linux%20Script/configure-linux.sh +source configure-linux.sh "being-invoked" + +########## Variable Declarations - Start ########## +#name of the current script +SCRIPT_NAME=configure-file-monitoring.sh +#version of the current script +SCRIPT_VERSION=1.3 + +#file to monitor (contains complete path and file name) provided by user +LOGGLY_FILE_TO_MONITOR= + +#alias name, will be used as tag & state file name etc. provided by user +LOGGLY_FILE_TO_MONITOR_ALIAS= + +#file alias provided by the user +APP_TAG="\"file-alias\":\"\"" + +#name and location of syslog file +FILE_SYSLOG_CONFFILE= + +#name and location of syslog backup file +FILE_SYSLOG_CONFFILE_BACKUP= + +MANUAL_CONFIG_INSTRUCTION="Manual instructions to configure a file is available at https://www.loggly.com/docs/file-monitoring/" + +#this variable is set if the script is invoked via some other calling script +IS_FILE_MONITOR_SCRIPT_INVOKED="false" + +#file as tag sent with the logs +LOGGLY_FILE_TAG="file" + +#format name for the conf file. Can be set by calling script +CONF_FILE_FORMAT_NAME="LogglyFormatFile" + +########## Variable Declarations - End ########## + +# executing the script for loggly to install and configure syslog +installLogglyConfForFile() +{ + #log message indicating starting of Loggly configuration + logMsgToConfigSysLog "INFO" "INFO: Initiating configure Loggly for file monitoring." + + #check if the linux environment is compatible for Loggly + checkLinuxLogglyCompatibility + + #checks if the file name contain spaces, if yes, the exit + checkIfFileLocationContainSpaces + + #construct variables using filename and filealias + constructFileVariables + + #check if file to monitor exists + checkIfFileExist + + #check if the alias is already taken + checkIfFileAliasExist + + #configure loggly for Linux + installLogglyConf + + #create 21.conf file + write21ConfFileContents + + #restart rsyslog + restartRsyslog + + #check for the log file size + checkLogFileSize $LOGGLY_FILE_TO_MONITOR + + #verify if the file logs made it to loggly + checkIfFileLogsMadeToLoggly + + #log success message + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Successfully configured to send $LOGGLY_FILE_TO_MONITOR logs via Loggly." +} + +#executing script to remove loggly configuration for File +removeLogglyConfForFile() +{ + logMsgToConfigSysLog "INFO" "INFO: Initiating rollback." + + #check if the user has root permission to run this script + checkIfUserHasRootPrivileges + + #check if the OS is supported by the script. If no, then exit + checkIfSupportedOS + + #construct variables using filename and filealias + constructFileVariables + + #checks if the conf file exists. if not, then exit. + checkIfConfFileExist + + #remove 21.conf file + remove21ConfFile + + #restart rsyslog + restartRsyslog + + #log success message + logMsgToConfigSysLog "INFO" "INFO: Rollback completed." +} + +checkIfFileLocationContainSpaces() +{ + case "$LOGGLY_FILE_TO_MONITOR" in + *\ * ) + logMsgToConfigSysLog "ERROR" "ERROR: File location cannot contain spaces." + exit 1;; + *) ;; + esac +} + +constructFileVariables() +{ + #conf file name + FILE_SYSLOG_CONFFILE="$RSYSLOG_ETCDIR_CONF/21-filemonitoring-$LOGGLY_FILE_TO_MONITOR_ALIAS.conf" + + #conf file backup name + FILE_SYSLOG_CONFFILE_BACKUP="$FILE_SYSLOG_CONFFILE.loggly.bk" + + #application tag + APP_TAG="\"file-alias\":\"$LOGGLY_FILE_TO_MONITOR_ALIAS\"" +} + +#checks if the file to be monitored exist +checkIfFileExist() +{ + if [ -f "$LOGGLY_FILE_TO_MONITOR" ]; then + logMsgToConfigSysLog "INFO" "INFO: File $LOGGLY_FILE_TO_MONITOR exists." + else + logMsgToConfigSysLog "ERROR" "ERROR: File $LOGGLY_FILE_TO_MONITOR does not exist. Kindly recheck." + exit 1 + fi +} + +#check if the file alias is already taken +checkIfFileAliasExist() +{ + if [ -f "$FILE_SYSLOG_CONFFILE" ]; then + logMsgToConfigSysLog "WARN" "WARN: This file alias is already taken. You must choose a unique file alias for each file." + while true; do + read -p "Would you like to overwrite the configuration for this file alias (yes/no)?" yn + case $yn in + [Yy]* ) + logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $FILE_SYSLOG_CONFFILE to $FILE_SYSLOG_CONFFILE_BACKUP"; + sudo mv -f $FILE_SYSLOG_CONFFILE $FILE_SYSLOG_CONFFILE_BACKUP; + break;; + [Nn]* ) + logMsgToConfigSysLog "INFO" "INFO: Not overwriting the existing configuration. Exiting" + exit 1 + break;; + * ) echo "Please answer yes or no.";; + esac + done + fi +} + +#check the size of the log file. If the size is greater than 100MB give a warning to the user. If the file size is 0 +#then exit +checkLogFileSize() +{ + monitorFileSize=$(wc -c "$1" | cut -f 1 -d ' ') + if [ $monitorFileSize -ge 102400000 ]; then + logMsgToConfigSysLog "INFO" "INFO: " + while true; do + read -p "WARN: There are currently large log files which may use up your allowed volume. Please rotate your logs before continuing. Would you like to continue now anyway? (yes/no)" yn + case $yn in + [Yy]* ) + logMsgToConfigSysLog "INFO" "INFO: Current size of $LOGGLY_FILE_TO_MONITOR is $monitorFileSize bytes. Continuing with File Loggly configuration."; + break;; + [Nn]* ) + logMsgToConfigSysLog "INFO" "INFO: Current size of $LOGGLY_FILE_TO_MONITOR is $monitorFileSize bytes. Discontinuing with File Loggly configuration." + exit 1 + break;; + * ) echo "Please answer yes or no.";; + esac + done + elif [ $monitorFileSize -eq 0 ]; then + logMsgToConfigSysLog "WARN" "WARN: There are no recent logs from $LOGGLY_FILE_TO_MONITOR so there won't be any data sent to Loggly. You can generate some logs by writing to this file." + exit 1 + else + logMsgToConfigSysLog "INFO" "INFO: File size of $LOGGLY_FILE_TO_MONITOR is $monitorFileSize bytes." + fi +} + +#function to write the contents of syslog config file +write21ConfFileContents() +{ + logMsgToConfigSysLog "INFO" "INFO: Creating file $FILE_SYSLOG_CONFFILE" + sudo touch $FILE_SYSLOG_CONFFILE + sudo chmod o+w $FILE_SYSLOG_CONFFILE + + imfileStr="\$ModLoad imfile + \$InputFilePollInterval 10 + \$WorkDirectory $RSYSLOG_DIR + " + if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then + imfileStr+="\$PrivDropToGroup adm + " + fi + + imfileStr+=" + # File access file: + \$InputFileName $LOGGLY_FILE_TO_MONITOR + \$InputFileTag $LOGGLY_FILE_TO_MONITOR_ALIAS: + \$InputFileStateFile stat-$LOGGLY_FILE_TO_MONITOR_ALIAS + \$InputFileSeverity info + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #Add a tag for file events + \$template $CONF_FILE_FORMAT_NAME,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 tag=\\\"$LOGGLY_FILE_TAG\\\"] %msg%\n\" + + if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then @@logs-01.loggly.com:514;$CONF_FILE_FORMAT_NAME + if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then ~ + " + + #write to 21-.conf file +sudo cat << EOIPFW >> $FILE_SYSLOG_CONFFILE +$imfileStr +EOIPFW + +} + +#checks if the apache logs made to loggly +checkIfFileLogsMadeToLoggly() +{ + counter=1 + maxCounter=10 + + fileInitialLogCount=0 + fileLatestLogCount=0 + queryParam="syslog.appName%3A$LOGGLY_FILE_TO_MONITOR_ALIAS&from=-15m&until=now&size=1" + + queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" + logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Getting initial log count." + #get the initial count of file logs for past 15 minutes + searchAndFetch fileInitialLogCount "$queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Verifying if the logs made it to Loggly." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + #get the final count of file logs for past 15 minutes + searchAndFetch fileLatestLogCount "$queryUrl" + let counter=$counter+1 + + while [ "$fileLatestLogCount" -le "$fileInitialLogCount" ]; do + echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." + sleep 30 + echo "INFO: Done waiting. Verifying again." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch fileLatestLogCount "$queryUrl" + let counter=$counter+1 + if [ "$counter" -gt "$maxCounter" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Logs did not make to Loggly in time. Please check your token & network/firewall settings and retry." + exit 1 + fi + done + + if [ "$fileLatestLogCount" -gt "$fileInitialLogCount" ]; then + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Logs successfully transferred to Loggly! You are now sending $LOGGLY_FILE_TO_MONITOR logs to Loggly." + if [ "$IS_FILE_MONITOR_SCRIPT_INVOKED" = "false" ]; then + exit 0 + fi + fi +} + +#checks if the conf file exist. Name of conf file is constructed using the file alias name provided +checkIfConfFileExist() +{ + if [ ! -f "$FILE_SYSLOG_CONFFILE" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Invalid File Alias provided." + exit 1 + fi +} + +#remove 21.conf file +remove21ConfFile() +{ + echo "INFO: Deleting the loggly syslog conf file $FILE_SYSLOG_CONFFILE." + if [ -f "$FILE_SYSLOG_CONFFILE" ]; then + sudo rm -rf "$FILE_SYSLOG_CONFFILE" + if [ "$IS_FILE_MONITOR_SCRIPT_INVOKED" = "false" ]; then + echo "INFO: Removed all the modified files." + fi + else + logMsgToConfigSysLog "WARN" "WARN: $FILE_SYSLOG_CONFFILE file was not found." + fi +} + +#display usage syntax +usage() +{ +cat << EOF +usage: configure-file-monitoring [-a loggly auth account or subdomain] [-t loggly token (optional)] [-u username] [-p password (optional)] [-f filename] [-l filealias] +usage: configure-file-monitoring [-a loggly auth account or subdomain] [-r to rollback] [-l filealias] +usage: configure-file-monitoring [-h for help] +EOF +} + +########## Get Inputs from User - Start ########## +if [ "$1" != "being-invoked" ]; then + if [ $# -eq 0 ]; then + usage + exit + else + while [ "$1" != "" ]; do + case $1 in + -t | --token ) shift + LOGGLY_AUTH_TOKEN=$1 + echo "AUTH TOKEN $LOGGLY_AUTH_TOKEN" + ;; + -a | --account ) shift + LOGGLY_ACCOUNT=$1 + echo "Loggly account or subdomain: $LOGGLY_ACCOUNT" + ;; + -u | --username ) shift + LOGGLY_USERNAME=$1 + echo "Username is set" + ;; + -p | --password ) shift + LOGGLY_PASSWORD=$1 + ;; + -r | --rollback ) + LOGGLY_ROLLBACK="true" + ;; + -f | --filename ) shift + #LOGGLY_FILE_TO_MONITOR=$1 + LOGGLY_FILE_TO_MONITOR=$(readlink -f "$1") + echo "File to monitor: $LOGGLY_FILE_TO_MONITOR" + ;; + -l | --filealias ) shift + LOGGLY_FILE_TO_MONITOR_ALIAS=$1 + echo "File alias: $LOGGLY_FILE_TO_MONITOR_ALIAS" + ;; + -h | --help) + usage + exit + ;; + esac + shift + done + fi + + if [ "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" -a "$LOGGLY_FILE_TO_MONITOR" != "" -a "$LOGGLY_FILE_TO_MONITOR_ALIAS" != "" ]; then + if [ "$LOGGLY_PASSWORD" = "" ]; then + getPassword + fi + installLogglyConfForFile + elif [ "$LOGGLY_ROLLBACK" != "" -a "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_FILE_TO_MONITOR_ALIAS" != "" ]; then + removeLogglyConfForFile + else + usage + fi +else + IS_FILE_MONITOR_SCRIPT_INVOKED="true" +fi +########## Get Inputs from User - End ########## \ No newline at end of file diff --git a/Modular Scripts/S3Logs Monitoring/configure-s3-file-monitoring.sh b/Modular Scripts/S3Logs Monitoring/configure-s3-file-monitoring.sh new file mode 100644 index 0000000..986f5a2 --- /dev/null +++ b/Modular Scripts/S3Logs Monitoring/configure-s3-file-monitoring.sh @@ -0,0 +1,414 @@ +#!/bin/bash + +echo "INFO: Downloading dependencies - configure-file-monitoring.sh" +curl -s -o configure-file-monitoring.sh https://raw.githubusercontent.com/psquickitjayant/install-script/master/Modular%20Scripts/File%20Monitoring/configure-file-monitoring.sh +source configure-file-monitoring.sh "being-invoked" + +########## Variable Declarations - Start ########## +#name of the current script +SCRIPT_NAME=configure-s3-file-monitoring.sh +#version of the current script +SCRIPT_VERSION=1.1 + +#s3 bucket name to configure +LOGGLY_S3_BUCKET_NAME= + +#alias name, will be used as tag & state file name etc. provided by user +LOGGLY_S3_ALIAS= + +#file alias provided by the user +APP_TAG="\"s3file-alias\":\"\"" + +#name and location of syslog file +FILE_SYSLOG_CONFFILE= + +#name and location of syslog backup file +FILE_SYSLOG_CONFFILE_BACKUP= + +#holds variable if any of the file is configured +IS_ANY_FILE_CONFIGURED="false" + +#value for temp directory +TEMP_DIR= + +IS_S3CMD_CONFIGURED_BY_SCRIPT="false" + +MANUAL_CONFIG_INSTRUCTION="Manual instructions to configure a file is available at https://www.loggly.com/docs/file-monitoring/" + +########## Variable Declarations - End ########## + +# executing the script for loggly to install and configure syslog +installLogglyConfForS3() +{ + #log message indicating starting of Loggly configuration + logMsgToConfigSysLog "INFO" "INFO: Initiating configure Loggly for file monitoring." + + #check if the provided alias is correct or not + checkIfS3AliasAlreadyTaken + + #check if the linux environment is compatible for Loggly + checkLinuxLogglyCompatibility + + #check if s3cmd utility is installed and configured + checkIfS3cmdInstalledAndConfigured + + #check if s3bucket is valid + checkIfValidS3Bucket + + #configure loggly for Linux + installLogglyConf + + #create temporary directory + createTempDir + + #download S3 files from bucket to temp directory + downloadS3Bucket + + #invoke file monitoring on each file after checking if it is a text file or not + invokeS3FileMonitoring + + if [ "$IS_ANY_FILE_CONFIGURED" != "false" ]; then + #check if s3 logs made it to loggly + checkIfS3LogsMadeToLoggly + else + logMsgToConfigSysLog "WARN" "WARN: Did not find any files to configure. Nothing to do." + fi + + #delete temporary directory + #deleteTempDir +} + + +#executing script to remove loggly configuration for S3 files +removeLogglyConfForS3() +{ + logMsgToConfigSysLog "INFO" "INFO: Initiating rollback." + + #check if the user has root permission to run this script + checkIfUserHasRootPrivileges + + #check if the OS is supported by the script. If no, then exit + checkIfSupportedOS + + #check if alias provided is the correct one + checkIfS3AliasExist + + #remove file monitoring + removeS3FileMonitoring + + #delete temporary directory if exists + TEMP_DIR=/tmp/$LOGGLY_S3_ALIAS + deleteTempDir + + #log success message + logMsgToConfigSysLog "INFO" "INFO: Rollback completed." +} + +checkIfS3AliasAlreadyTaken() +{ + if ls $RSYSLOG_ETCDIR_CONF/*$LOGGLY_S3_ALIAS.conf &> /dev/null; then + logMsgToConfigSysLog "ERROR" "ERROR: $LOGGLY_S3_ALIAS is already taken. Please try with another one." + exit 1 + fi +} + +#check if s3cmd utility is installed and configured +checkIfS3cmdInstalledAndConfigured() +{ + if hash s3cmd 2>/dev/null; then + checkIfS3cmdConfigured + else + logMsgToConfigSysLog "INFO" "INFO: s3cmd is not present on your system. Setting it up on your system" + downloadS3cmd + configureS3cmd + fi +} + +#check if s3cmd utility is configured +checkIfS3cmdConfigured() +{ + var=$(sudo s3cmd ls 2>/dev/null) + if [ "$var" != "" ]; then + if [ "$IS_S3CMD_CONFIGURED_BY_SCRIPT" == "false" ]; then + logMsgToConfigSysLog "INFO" "INFO: s3cmd is already configured on your system" + else + logMsgToConfigSysLog "INFO" "INFO: s3cmd configured successfully" + fi + else + if [ "$IS_S3CMD_CONFIGURED_BY_SCRIPT" == "false" ]; then + logMsgToConfigSysLog "INFO" "INFO: s3cmd is not configured on your system. Trying to configure." + configureS3cmd + else + logMsgToConfigSysLog "ERROR" "ERROR: s3cmd is not configured correctly. Please configure s3cmd using command s3cmd --configure" + exit 1 + fi + fi +} + +#download and install s3cmd +downloadS3cmd() +{ + #checking if the Linux is yum based or apt-get based + YUM_BASED=$(command -v yum) + APT_GET_BASED=$(command -v apt-get) + + if [ "$YUM_BASED" != "" ]; then + sudo yum install s3cmd || { logMsgToConfigSysLog "ERROR" "ERROR: s3cmd installation failed on $LINUX_DIST. Please ensure you have EPEL installed." ; exit 1; } + elif [ "$APT_GET_BASED" != "" ]; then + sudo apt-get install s3cmd || { logMsgToConfigSysLog "ERROR" "ERROR: s3cmd installation failed on $LINUX_DIST." ; exit 1; } + else + logMsgToConfigSysLog "ERROR" "ERROR: s3cmd installation failed on $LINUX_DIST." + exit 1 + fi +} + +#configure s3cmd +configureS3cmd() +{ + s3cmd --configure + IS_S3CMD_CONFIGURED_BY_SCRIPT="true" + #check if s3cmd configured successfully now + checkIfS3cmdConfigured +} + +#check if s3bucket is valid +checkIfValidS3Bucket() +{ + #check if valid Bucket name + if [[ $LOGGLY_S3_BUCKET_NAME != s3://* ]]; then + logMsgToConfigSysLog "Error" "Error: Invalid s3 Bucket name. Bucket name should start with 's3://'" + exit 1 + fi + + if [ "$LOGGLY_S3_BUCKET_NAME" != "" ]; then + logMsgToConfigSysLog "INFO" "INFO: Check if valid S3 Bucket name." + BUCKET_INFO=$(sudo s3cmd ls -r $LOGGLY_S3_BUCKET_NAME 2>&1) + case $BUCKET_INFO in + ERROR*) + #logging actual error message returned by s3cmd + logMsgToConfigSysLog "ERROR" "$BUCKET_INFO" + exit 1 + ;; + "") + logMsgToConfigSysLog "ERROR" "ERROR: No files found in the S3 Bucket $LOGGLY_S3_BUCKET_NAME." + exit 1 + ;; + *) + logMsgToConfigSysLog "INFO" "INFO: '$LOGGLY_S3_BUCKET_NAME' is a valid Bucket and accessible." + ;; + esac + fi +} + + +createTempDir() +{ + TEMP_DIR=/tmp/$LOGGLY_S3_ALIAS + if [ -d "$TEMP_DIR" ]; then + if [ "$(ls -A $TEMP_DIR)" ]; then + logMsgToConfigSysLog "WARN" "WARN: There are some files/folders already present in $TEMP_DIR. If you continue, the files currently inside the $TEMP_DIR will also be configured to send logs to loggly." + while true; do + read -p "Would you like to continue now anyway? (yes/no)" yn + case $yn in + [Yy]* ) + break;; + [Nn]* ) + logMsgToConfigSysLog "INFO" "INFO: Discontinuing with s3 file monitoring configuration." + exit 1 + break;; + * ) echo "Please answer yes or no.";; + esac + done + fi + else + mkdir /tmp/$LOGGLY_S3_ALIAS + fi +} + +downloadS3Bucket() +{ + if [ "$LOGGLY_S3_BUCKET_NAME" != "" ]; then + #Files are downloaded in nested directory + cd $TEMP_DIR + echo "Downloading files, may take some time..." + s3cmd get -r -f $LOGGLY_S3_BUCKET_NAME > /dev/null 2>&1 + if [ $? -ne 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Error downloading files recursively from $LOGGLY_S3_BUCKET_NAME" + exit 1 + fi + fi +} + + +invokeS3FileMonitoring() +{ + dir=/tmp/$LOGGLY_S3_ALIAS + #TODO: Not supporting multiple files with same name in different directories + #only supporting file with naming convention *.* + for f in $(find $dir -name '*') + do + fileNameWithExt=${f##*/} + uniqueFileName=$(echo "$fileNameWithExt" | tr . _) + var=$(file $f) + + #it may be possible that the "text" may contain some uppercase letters like "Text" + var=$(echo $var | tr "[:upper:]" "[:lower:]") + + if [[ $var == *text* ]]; then + LOGGLY_FILE_TO_MONITOR_ALIAS=$uniqueFileName-$LOGGLY_S3_ALIAS + LOGGLY_FILE_TO_MONITOR=$f + LOGGLY_FILE_TAG="s3file" + CONF_FILE_FORMAT_NAME="LogglyFormatS3" + constructFileVariables + checkLogFileSize $LOGGLY_FILE_TO_MONITOR + write21ConfFileContents + IS_ANY_FILE_CONFIGURED="true" + #ignoring directory + elif [[ $var != *directory* ]]; then + logMsgToConfigSysLog "WARN" "WARN: File $fileNameWithExt is not a text file. Ignoring." + fi + done + + if [ "$IS_ANY_FILE_CONFIGURED" != "false" ]; then + restartRsyslog + fi +} + +deleteTempDir() +{ + if [ -d "$TEMP_DIR" ]; then + sudo rm -fr $TEMP_DIR + fi +} + +checkIfS3LogsMadeToLoggly() +{ + counter=1 + maxCounter=10 + + fileInitialLogCount=0 + fileLatestLogCount=0 + queryParam="syslog.appName%3A%2A$LOGGLY_S3_ALIAS&from=-5m&until=now&size=1" + + queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" + logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Verifying if the logs made it to Loggly." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + #get the final count of file logs for past 5 minutes + searchAndFetch fileLatestLogCount "$queryUrl" + let counter=$counter+1 + + while [ "$fileLatestLogCount" -le "$fileInitialLogCount" ]; do + echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." + sleep 30 + echo "INFO: Done waiting. Verifying again." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch fileLatestLogCount "$queryUrl" + let counter=$counter+1 + if [ "$counter" -gt "$maxCounter" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Logs did not make to Loggly in time. Please check your token & network/firewall settings and retry." + exit 1 + fi + done + + if [ "$fileLatestLogCount" -gt "$fileInitialLogCount" ]; then + if [ "$LOGGLY_S3_BUCKET_NAME" != "" ]; then + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Logs successfully transferred to Loggly! You are now sending $LOGGLY_S3_BUCKET_NAME logs to Loggly." + + fi + fi +} + +checkIfS3AliasExist() +{ + if ! ls $RSYSLOG_ETCDIR_CONF/*$LOGGLY_S3_ALIAS.conf &> /dev/null; then + #logMsgToConfigSysLog "INFO" "INFO: $LOGGLY_S3_ALIAS found." + #else + logMsgToConfigSysLog "ERROR" "ERROR: $LOGGLY_S3_ALIAS does not exist. Please provide the correct s3 alias." + exit 1 + fi +} + +removeS3FileMonitoring() +{ + FILES=$RSYSLOG_ETCDIR_CONF/*$LOGGLY_S3_ALIAS.conf + for f in $FILES + do + aliasName=${f##*/} + aliasName=${aliasName%.*} + aliasName=${aliasName#21-filemonitoring-} + + LOGGLY_FILE_TO_MONITOR_ALIAS=$aliasName + constructFileVariables + remove21ConfFile + done + echo "INFO: Removed all the modified files." + restartRsyslog +} + +#display usage syntax +usage() +{ +cat << EOF +usage: configure-s3-file-monitoring [-a loggly auth account or subdomain] [-t loggly token (optional)] [-u username] [-p password (optional)] [-s3url s3bucketname ] [-s3l s3alias] +usage: configure-s3-file-monitoring [-a loggly auth account or subdomain] [-r to rollback] [-s3l s3alias] +usage: configure-s3-file-monitoring [-h for help] +EOF +} + +########## Get Inputs from User - Start ########## + +if [ $# -eq 0 ]; then + usage + exit +else +while [ "$1" != "" ]; do + case $1 in + -t | --token ) shift + LOGGLY_AUTH_TOKEN=$1 + echo "AUTH TOKEN $LOGGLY_AUTH_TOKEN" + ;; + -a | --account ) shift + LOGGLY_ACCOUNT=$1 + echo "Loggly account or subdomain: $LOGGLY_ACCOUNT" + ;; + -u | --username ) shift + LOGGLY_USERNAME=$1 + echo "Username is set" + ;; + -p | --password ) shift + LOGGLY_PASSWORD=$1 + ;; + -r | --rollback ) + LOGGLY_ROLLBACK="true" + ;; + -s3url | --s3bucketname ) shift + LOGGLY_S3_BUCKET_NAME=$1 + echo "S3 Bucket Name: $LOGGLY_S3_BUCKET_NAME" + ;; + + -s3l | --s3alias ) shift + LOGGLY_S3_ALIAS=$1 + echo "File alias: $LOGGLY_S3_ALIAS" + ;; + -h | --help) + usage + exit + ;; + esac + shift +done +fi + +if [ "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" -a "$LOGGLY_S3_ALIAS" != "" -a \( "$LOGGLY_S3_BUCKET_NAME" != "" \) ]; then + if [ "$LOGGLY_PASSWORD" = "" ]; then + getPassword + fi + installLogglyConfForS3 +elif [ "$LOGGLY_ROLLBACK" != "" -a "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_S3_ALIAS" != "" ]; then + removeLogglyConfForS3 +else + usage +fi +########## Get Inputs from User - End ########## diff --git a/Modular Scripts/Tomcat/README.md b/Modular Scripts/Tomcat/README.md new file mode 100644 index 0000000..e06c5e7 --- /dev/null +++ b/Modular Scripts/Tomcat/README.md @@ -0,0 +1,11 @@ +Tomcat Script +============= + +Send your Tomcat logs to Loggly + + chmod 755 configure-tomcat.sh + sudo ./configure-tomcat.sh -a SUBDOMAIN -u USERNAME + +Stop sending your Tomcat logs to Loggly + + sudo ./configure-tomcat.sh -a SUBDOMAIN -r diff --git a/Modular Scripts/Tomcat/configure-tomcat.sh b/Modular Scripts/Tomcat/configure-tomcat.sh index c1a927a..af2a1b3 100644 --- a/Modular Scripts/Tomcat/configure-tomcat.sh +++ b/Modular Scripts/Tomcat/configure-tomcat.sh @@ -1,12 +1,15 @@ #!/bin/bash +#downloads configure-linux.sh +echo "INFO: Downloading dependencies - configure-linux.sh" +curl -s -o configure-linux.sh https://raw.githubusercontent.com/psquickitjayant/install-script/master/Linux%20Script/configure-linux.sh source configure-linux.sh "being-invoked" ########## Variable Declarations - Start ########## #name of the current script SCRIPT_NAME=configure-tomcat.sh #version of the current script -SCRIPT_VERSION=1.0 +SCRIPT_VERSION=1.1 #minimum version of tomcat to enable log rotation MIN_TOMCAT_VERSION=6.0.33.0 @@ -16,19 +19,10 @@ APP_TAG="\"tomcat-version\":\"\"" #name of the service, in this case tomcat6 SERVICE=tomcat6 -#directory location for syslog -SYSLOG_ETCDIR_CONF=/etc/rsyslog.d #name and location of tomcat syslog file -TOMCAT_SYSLOG_CONFFILE=$SYSLOG_ETCDIR_CONF/21-tomcat.conf +TOMCAT_SYSLOG_CONFFILE=$RSYSLOG_ETCDIR_CONF/21-tomcat.conf #name and location of tomcat syslog backup file -TOMCAT_SYSLOG_CONFFILE_BACKUP=$SYSLOG_ETCDIR_CONF/21-tomcat.conf.loggly.bk -#syslog directory -SYSLOG_DIR=/var/spool/rsyslog - -#this variable will hold the host name -HOST_NAME= -#this variable will hold the name of the linux distribution -LINUX_DIST= +TOMCAT_SYSLOG_CONFFILE_BACKUP=$RSYSLOG_ETCDIR_CONF/21-tomcat.conf.loggly.bk #this variable will hold the path to the catalina home LOGGLY_CATALINA_HOME= @@ -54,30 +48,43 @@ LOG4J_FILE_PATH= LOGGLY_CATALINA_HOME= MANUAL_CONFIG_INSTRUCTION="Manual instructions to configure Tomcat is available at https://www.loggly.com/docs/tomcat-application-server" + +#this variable will hold if the check env function for linux is invoked +TOMCAT_ENV_VALIDATED= ########## Variable Declarations - End ########## +#check if Tomcat environment is compatible for Loggly +checkTomcatLogglyCompatibility() +{ + #check if the linux environment is compatible for Loggly + checkLinuxLogglyCompatibility + + #deduce CATALINA_HOME, this sets the value for LOGGLY_CATALINA_HOME variable + deduceAndCheckTomcatHomeAndVersion + + #check if tomcat is configured with log4j. If yes, then exit + checkIfTomcatConfiguredWithLog4J + + TOMCAT_ENV_VALIDATED="true" +} + + # executing the script for loggly to install and configure syslog. installLogglyConfForTomcat() { - installLogglyConf - #log message indicating starting of Loggly configuration logMsgToConfigSysLog "INFO" "INFO: Initiating Configure Loggly for Tomcat." - #get CATALINA_HOME, this sets the value for LOGGLY_CATALINA_HOME variable - getTomcatHome $SERVICE - - #check if the provided or deduced tomcat home is correct or not - checkIfValidTomcatHome - - #set all the required tomcat variables by this script - setTomcatVariables + #check if tomcat environment is compatible with Loggly + if [ "$TOMCAT_ENV_VALIDATED" = "" ]; then + checkTomcatLogglyCompatibility + fi - #check if tomcat version is supported by the script. The script only support tomcat 6 and 7 - checkIfSupportedTomcatVersion + #ask user if tomcat can be restarted + canTomcatBeRestarted - #check if tomcat is configured with log4j. If yes, then exit - checkIfTomcatConfiguredWithLog4J + #configure loggly for Linux + installLogglyConf #backing up the logging.properties file backupLoggingPropertiesFile @@ -94,39 +101,123 @@ installLogglyConfForTomcat() #log success message logMsgToConfigSysLog "SUCCESS" "SUCCESS: Tomcat successfully configured to send logs via Loggly." } -# End of configure rsyslog for tomcat - +#executing script to remove loggly configuration for tomcat removeLogglyConfForTomcat() { logMsgToConfigSysLog "INFO" "INFO: Initiating rollback." #check if the user has root permission to run this script checkIfUserHasRootPrivileges - + #check if the OS is supported by the script. If no, then exit checkIfSupportedOS - #get CATALINA_HOME, this sets the value for LOGGLY_CATALINA_HOME variable - getTomcatHome $SERVICE - - #check if the provided or deduced tomcat home is correct or not - checkIfValidTomcatHome + #deduce CATALINA_HOME, this sets the value for LOGGLY_CATALINA_HOME variable + deduceAndCheckTomcatHomeAndVersion - #set all the required tomcat variables by this script - setTomcatVariables - - #restore original loggly properties file from backup - restoreLogglyPropertiesFile + #ask user if tomcat can be restarted + canTomcatBeRestarted #remove 21tomcat.conf file remove21TomcatConfFile + + #restore original loggly properties file from backup + restoreLogglyPropertiesFile logMsgToConfigSysLog "INFO" "INFO: Rollback completed." } +#identify if tomcat6 or tomcat7 is installed on your system +deduceAndCheckTomcatHomeAndVersion() +{ + + if [ "$LOGGLY_CATALINA_HOME" = "" ]; then + LOGGLY_CATALINA_HOME= + + #lets check if tomcat7 is installed on the system + SERVICE=tomcat7 + + #try to deduce tomcat home considering tomcat7 + assumeTomcatHome $SERVICE + + #initialize validTomcatHome variable with value true. This value will be toggled + #in the function checkIfValidTomcatHome fails + validTomcatHome="true" + + #checks if the deduced tomcat7 home is correct or not + checkIfValidTomcatHome validTomcatHome + + #if tomcat7 home is not valid one, move on to check for tomcat6 + if [ "$validTomcatHome" = "false" ]; then + + LOGGLY_CATALINA_HOME= + + #lets check if tomcat6 is installed on the system + SERVICE=tomcat6 + + #try to deduce tomcat home considering tomcat6 + assumeTomcatHome $SERVICE + + #initialize validTomcatHome variable with value true. This value will be toggled + #in the function checkIfValidTomcatHome fails + validTomcatHome="true" + + #checks if the deduced tomcat7 home is correct or not + checkIfValidTomcatHome validTomcatHome + fi + + if [ "$validTomcatHome" = "true" ]; then + logMsgToConfigSysLog "INFO" "INFO: CATALINA HOME: $LOGGLY_CATALINA_HOME" + + #set all the required tomcat variables by this script + setTomcatVariables + + #find tomcat version + getTomcatVersion + + #check if tomcat version is supported by the script. The script only support tomcat 6 and 7 + checkIfSupportedTomcatVersion + else + logMsgToConfigSysLog "ERROR" "ERROR: Unable to determine correct CATALINA_HOME. Please provide correct Catalina Home using -ch option." + fi + else + #if the user has provided catalina_home, then we need to check if it is a valid catalina home and what is the correct version of the tomcat. + #Let us assume service name is tomcat for now, which will be updated later. + SERVICE=tomcat + + #set the flag to true + validTomcatHome="true" + + #check if the tomcat home provided by user is valid + checkIfValidTomcatHome validTomcatHome + + if [ "$validTomcatHome" = "true" ]; then + logMsgToConfigSysLog "INFO" "INFO: CATALINA HOME: $LOGGLY_CATALINA_HOME" + + #set tomcat variables + setTomcatVariables + + #find tomcat version + getTomcatVersion + + #check if tomcat version is supported by the script. The script only support tomcat 6 and 7 + checkIfSupportedTomcatVersion + + #update the service name + if [ "$tomcatMajorVersion" = "7" ]; then + SERVICE=tomcat7 + elif [ "$tomcatMajorVersion" = "6" ]; then + SERVICE=tomcat6 + fi + else + logMsgToConfigSysLog "ERROR" "ERROR: Provided Catalina Home is not correct. Please recheck." + fi + fi +} + #Get default location of tomcat home on various supported OS if user has not provided one -getTomcatHome() +assumeTomcatHome() { #if user has not provided the catalina home if [ "$LOGGLY_CATALINA_HOME" = "" ]; then @@ -134,7 +225,7 @@ getTomcatHome() *"Ubuntu"* ) LOGGLY_CATALINA_HOME="/var/lib/$1" ;; - *"Red Hat"* ) + *"RedHat"* ) LOGGLY_CATALINA_HOME="/usr/share/$1" ;; *"CentOS"* ) @@ -142,7 +233,6 @@ getTomcatHome() ;; esac fi - logMsgToConfigSysLog "INFO" "INFO: CATALINA HOME: $LOGGLY_CATALINA_HOME" } #checks if the catalina home is a valid one by searching for logging.properties and @@ -151,14 +241,14 @@ checkIfValidTomcatHome() { #check if logging.properties files is present if [ ! -f "$LOGGLY_CATALINA_HOME/conf/logging.properties" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Unable to find conf/logging.properties file within $LOGGLY_CATALINA_HOME. Please provide correct Catalina Home using -ch option." - exit 1 + logMsgToConfigSysLog "WARN" "WARN: Unable to find conf/logging.properties file within $LOGGLY_CATALINA_HOME." + eval $1="false" #check if tomcat is configured as a service. If no, then check if we have access to startup.sh file elif [ ! -f /etc/init.d/$SERVICE ]; then logMsgToConfigSysLog "INFO" "INFO: Tomcat is not configured as a service" if [ ! -f "$LOGGLY_CATALINA_HOME/bin/startup.sh" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Unable to find bin/startup.sh file within $LOGGLY_CATALINA_HOME. Please provide correct Catalina Home using -ch option." - exit 1 + logMsgToConfigSysLog "WARN" "WARN: Unable to find bin/startup.sh file within $LOGGLY_CATALINA_HOME." + eval $1="false" fi fi } @@ -174,13 +264,17 @@ setTomcatVariables() LOGGLY_CATALINA_LOG_HOME=/var/log/$SERVICE + #if tomcat is not installed as service, then tomcat logs will be created at would be $CATALINA_HOME/log + if [ ! -f "$LOGGLY_CATALINA_LOG_HOME" ]; then + LOGGLY_CATALINA_LOG_HOME=$LOGGLY_CATALINA_HOME/logs + fi + #default path for catalina.jar CATALINA_JAR_PATH=$LOGGLY_CATALINA_HOME/lib/catalina.jar } -#checks if the tomcat version is supported by this script, currently the script -#only supports tomcat 6 and tomcat 7 -checkIfSupportedTomcatVersion() +#get the version of tomcat +getTomcatVersion() { #check if the identified CATALINA_HOME has the catalina.jar if [ ! -f "$CATALINA_JAR_PATH" ]; then @@ -202,12 +296,17 @@ checkIfSupportedTomcatVersion() TOMCAT_VERSION=${TOMCAT_VERSION#*: } TOMCAT_VERSION=$TOMCAT_VERSION | tr -d ' ' APP_TAG="\"tomcat-version\":\"$TOMCAT_VERSION\"" + fi +} - tomcatMajorVersion=${TOMCAT_VERSION%%.*} - if [[ ($tomcatMajorVersion -ne 6 ) && ($tomcatMajorVersion -ne 7) ]]; then - echo "ERROR" "ERROR: This script only supports Tomcat version 6 or 7." - exit 1 - fi +#checks if the tomcat version is supported by this script, currently the script +#only supports tomcat 6 and tomcat 7 +checkIfSupportedTomcatVersion() +{ + tomcatMajorVersion=${TOMCAT_VERSION%%.*} + if [[ ($tomcatMajorVersion -ne 6 ) && ($tomcatMajorVersion -ne 7) ]]; then + logMsgToConfigSysLog "ERROR" "ERROR: This script only supports Tomcat version 6 or 7." + exit 1 fi } @@ -233,6 +332,21 @@ checkIfTomcatConfiguredWithLog4J() logMsgToConfigSysLog "INFO" "INFO: Tomcat seems not to be configured with log4j logger." } +canTomcatBeRestarted() +{ + while true; do + read -p "Tomcat needs to be restarted during configuration. Do you wish to continue? (yes/no)" yn + case $yn in + [Yy]* ) + break;; + [Nn]* ) + logMsgToConfigSysLog "WARN" "WARN: This script must restart Tomcat. Please run the script again when you are ready to restart it. No changes have been made to your system. Exiting." + exit 1 + break;; + * ) echo "Please answer yes or no.";; + esac + done +} #backup the logging.properties file in the CATALINA_HOME folder backupLoggingPropertiesFile() { @@ -326,13 +440,12 @@ write21TomcatConfFile() #function to write the contents of tomcat syslog config file write21TomcatFileContents() { - logMsgToConfigSysLog "INFO" "INFO: Creating file $TOMCAT_SYSLOG_CONFFILE" sudo touch $TOMCAT_SYSLOG_CONFFILE sudo chmod o+w $TOMCAT_SYSLOG_CONFFILE - + imfileStr="\$ModLoad imfile - \$WorkDirectory $SYSLOG_DIR + \$WorkDirectory $RSYSLOG_DIR " if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then imfileStr+="\$PrivDropToGroup adm @@ -415,6 +528,9 @@ write21TomcatFileContents() sudo cat << EOIPFW >> $TOMCAT_SYSLOG_CONFFILE $imfileStr EOIPFW + + #restart the syslog service. + restartRsyslog } #checks if the tomcat logs made to loggly @@ -434,9 +550,7 @@ checkIfTomcatLogsMadeToLoggly() #get the initial count of tomcat logs for past 15 minutes searchAndFetch tomcatInitialLogCount "$queryUrl" - logMsgToConfigSysLog "INFO" "INFO: Restarting rsyslog and tomcat to generate logs for verification." - # restart the syslog service. - restartRsyslog + logMsgToConfigSysLog "INFO" "INFO: Tomcat needs to be restarted to complete the configuration and verification." # restart the tomcat service. restartTomcat @@ -474,6 +588,9 @@ restoreLogglyPropertiesFile() sudo cp -f $LOGGLY_CATALINA_BACKUP_PROPFILE $LOGGLY_CATALINA_PROPFILE sudo rm -fr $LOGGLY_CATALINA_BACKUP_PROPFILE fi + + logMsgToConfigSysLog "INFO" "INFO: Tomcat needs to be restarted to rollback the configuration." + restartTomcat } #remove 21tomcat.conf file @@ -483,8 +600,9 @@ remove21TomcatConfFile() if [ -f "$TOMCAT_SYSLOG_CONFFILE" ]; then sudo rm -rf "$TOMCAT_SYSLOG_CONFFILE" fi - echo "INFO: Removed all the modified files." - restartTomcat + + #restart rsyslog + restartRsyslog } #restart tomcat @@ -502,7 +620,6 @@ restartTomcat() fi else logMsgToConfigSysLog "INFO" "INFO: $SERVICE is not running as service." - # To be commented only for test logMsgToConfigSysLog "INFO" "INFO: Shutting down tomcat." sudo $LOGGLY_CATALINA_HOME/bin/shutdown.sh if [ $? -ne 0 ]; then @@ -526,9 +643,9 @@ restartTomcat() usage() { cat << EOF -usage: ltomcatsetup [-a loggly auth account or subdomain] [-t loggly token] [-u username] [-p password (optional)] [-ch catalina home (optional)] -usage: ltomcatsetup [-r to rollback] [-ch catalina home (optional)] -usage: ltomcatsetup [-h for help] +usage: configure-tomcat [-a loggly auth account or subdomain] [-t loggly token (optional)] [-u username] [-p password (optional)] [-ch catalina home (optional)] +usage: configure-tomcat [-r to rollback] [-a loggly auth account or subdomain] [-ch catalina home (optional)] +usage: configure-tomcat [-h for help] EOF } @@ -571,20 +688,20 @@ while [ "$1" != "" ]; do done fi -if [ "$LOGGLY_DEBUG" != "" -a "$LOGGLY_AUTH_TOKEN" != "" -a "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" ]; then +if [ "$LOGGLY_DEBUG" != "" -a "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" ]; then if [ "$LOGGLY_PASSWORD" = "" ]; then getPassword fi debug -elif [ "$LOGGLY_AUTH_TOKEN" != "" -a "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" ]; then +elif [ "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" ]; then if [ "$LOGGLY_PASSWORD" = "" ]; then getPassword fi installLogglyConfForTomcat -elif [ "$LOGGLY_ROLLBACK" != "" ]; then +elif [ "$LOGGLY_ROLLBACK" != "" -a "$LOGGLY_ACCOUNT" != "" ]; then removeLogglyConfForTomcat else usage fi -########## Get Inputs from User - End ########## \ No newline at end of file +########## Get Inputs from User - End ########## diff --git a/README.md b/README.md index 4a9b276..96b84fa 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,15 @@ install-script ============== -Loggly Sender Installation Script. +Loggly Sender Installation Script. Sends Linux, Tomcat, Apache and Text file logs/ contents to Loggly. -Versions are tagged with the date they are pushed to the S3 bucket. Tag format is: +***Note:*** These scripts support only Loggly **Gen2** account. -yyyy-mm-dd-n -where n is a number, increasing if the same date is re-used. +You can view the **READMEs** of the various installation scripts at the following paths + + +1. Linux Configuration Script +2. Apache Installation Script +3. File Monitoring Configuration Script +4. Tomcat Configuration Script