From 882b339c7e280db85829bb2588ea66d11a62dee5 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Wed, 13 May 2015 15:59:49 +0530 Subject: [PATCH 01/25] checking connectivity using telnet --- Linux Script/configure-linux.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Linux Script/configure-linux.sh b/Linux Script/configure-linux.sh index 846bbdc..25945ef 100644 --- a/Linux Script/configure-linux.sh +++ b/Linux Script/configure-linux.sh @@ -15,7 +15,7 @@ function ctrl_c() { #name of the current script. This will get overwritten by the child script which calls this SCRIPT_NAME=configure-linux.sh #version of the current script. This will get overwritten by the child script which calls this -SCRIPT_VERSION=1.13 +SCRIPT_VERSION=1.14 #application tag. This will get overwritten by the child script which calls this APP_TAG= @@ -281,7 +281,7 @@ setLinuxVariables() checkIfLogglyServersAccessible() { echo "INFO: Checking if $LOGS_01_HOST is reachable." - if [ $(ping -c 1 $LOGS_01_HOST | grep "1 packets transmitted, 1 received, 0% packet loss" | wc -l) == 1 ]; then + if [ $(ping -c 1 $LOGS_01_HOST | grep "1 packets transmitted, 1 received, 0% packet loss" | wc -l) == 1 ] || [ $(sleep 1 | telnet $LOGS_01_HOST $LOGGLY_SYSLOG_PORT | grep Connected | wc -l) == 1 ]; then echo "INFO: $LOGS_01_HOST is reachable." else logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable. Please check your network and firewall settings." From 8eb4f1a5373c3d081112ca8f33449ff817bd1b60 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Fri, 15 May 2015 22:32:26 +0530 Subject: [PATCH 02/25] Added check for xcode command line tools --- Mac Script/configure-mac.sh | 38 ++++++++++++++++++++++++++++--------- 1 file changed, 29 insertions(+), 9 deletions(-) diff --git a/Mac Script/configure-mac.sh b/Mac Script/configure-mac.sh index 65fe6a8..c18e236 100644 --- a/Mac Script/configure-mac.sh +++ b/Mac Script/configure-mac.sh @@ -15,7 +15,7 @@ function ctrl_c() { #name of the current script. This will get overwritten by the child script which calls this SCRIPT_NAME=configure-mac.sh #version of the current script. This will get overwritten by the child script which calls this -SCRIPT_VERSION=1.1 +SCRIPT_VERSION=1.2 #application tag. This will get overwritten by the child script which calls this APP_TAG= @@ -89,6 +89,8 @@ PROP_FILE= #manual instructions to be show in case of error MANUAL_CONFIG_INSTRUCTION="Manual instructions to configure Loggly on Mac are available at https://www.loggly.com/docs/send-mac-logs-to-loggly/." +MANUAL_XCODE_INSTALL_INSTRUCTION="Xcode command line tools are not installed on your system. Try running \"xcode-select --install\" to install xcode command line tools and run script again. You can download tools manually from https://developer.apple.com/" + checkMacLogglyCompatibility() { #check if the user has root permission to run this script @@ -115,7 +117,10 @@ checkMacLogglyCompatibility() #check if minimum version of ruby is installed checkIfMinRubyVersionInstalled - MAC_ENV_VALIDATED="true" + #check if xcode command line tools are installed + checkIfXCodeCommandlineToolsInstalled + + MAC_ENV_VALIDATED="true" } # executing the script for loggly to install and configure fluentd. @@ -191,9 +196,9 @@ checkIfUserHasRootPrivileges() #check if supported operating system checkIfSupportedOS() { - # Determine OS platform - UNAME=$(uname | tr "[:upper:]" "[:lower:]") - MAC_DIST=$UNAME + # Determine OS platform + UNAME=$(uname | tr "[:upper:]" "[:lower:]") + MAC_DIST=$UNAME if [ "$MAC_DIST" == "darwin" ]; then logMsgToConfigSysLog "INFO" "INFO: Operating system is Mac" else @@ -304,6 +309,18 @@ checkIfMinRubyVersionInstalled() fi } +checkIfXCodeCommandlineToolsInstalled() +{ + logMsgToConfigSysLog "INFO" "INFO: Checking if Xcode command line tools are installed." + + if [ $(xcode-select -p 2>/dev/null | wc -l ) == 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: $MANUAL_XCODE_INSTALL_INSTRUCTION" + exit 1 + else + logMsgToConfigSysLog "INFO" "INFO: Xcode command line tools are installed in your system." + fi +} + #this functions checks if the Fluentd gem is installed in the system checkIfFluentdInstalled() { @@ -333,8 +350,8 @@ installFluentd() #this function installs Loggly fluentd plugin installLogglyFluentdPlugin() { - logMsgToConfigSysLog "INFO" "INFO: Installing Loggly plugin for Fluentd" - sudo gem install fluent-plugin-loggly + logMsgToConfigSysLog "INFO" "INFO: Installing Loggly plugin for Fluentd" + sudo gem install fluent-plugin-loggly logMsgToConfigSysLog "INFO" "INFO: Loggly fluentd plugin installed successfully." } @@ -415,7 +432,7 @@ configureFluentdAsService() fi sudo touch $PROP_FILE - sudo chmod +x $PROP_FILE + sudo chmod +x $PROP_FILE propStr=" @@ -455,7 +472,10 @@ startFluentdService() #check if the logs made it to Loggly checkIfLogsMadeToLoggly() { - logMsgToConfigSysLog "INFO" "INFO: Sending test message to Loggly." + logMsgToConfigSysLog "INFO" "INFO: Sending test message to Loggly. Waiting for 30 secs." + + #sleeping for 30 secs so that fluentd service can start doing its work properly + sleep 30 uuid=$(cat /dev/urandom | env LC_CTYPE=C tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) queryParam="tag%3AMac%20$uuid" From b7c061fff6af51cb3dea1ab410d6ad129369b675 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Tue, 19 May 2015 16:06:54 +0530 Subject: [PATCH 03/25] fluent.conf now created in .loggly --- Mac Script/configure-mac.sh | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/Mac Script/configure-mac.sh b/Mac Script/configure-mac.sh index c18e236..94e9ff2 100644 --- a/Mac Script/configure-mac.sh +++ b/Mac Script/configure-mac.sh @@ -15,7 +15,7 @@ function ctrl_c() { #name of the current script. This will get overwritten by the child script which calls this SCRIPT_NAME=configure-mac.sh #version of the current script. This will get overwritten by the child script which calls this -SCRIPT_VERSION=1.2 +SCRIPT_VERSION=1.3 #application tag. This will get overwritten by the child script which calls this APP_TAG= @@ -47,6 +47,9 @@ LOGGLY_ACCOUNT_URL= #loggly.com URL LOGGLY_COM_URL=https://www.loggly.com +#installation directory +LOGGLY_HOME=$HOME/.loggly + ######Inputs provided by user###### #this variable will hold the loggly account name provided by user. #this is a mandatory input @@ -324,7 +327,7 @@ checkIfXCodeCommandlineToolsInstalled() #this functions checks if the Fluentd gem is installed in the system checkIfFluentdInstalled() { - if [ $(fluentd --setup ./fluent 2>/dev/null | grep "./fluent/fluent.conf" | wc -l ) == 1 ]; then + if [ $(sudo fluentd --setup $LOGGLY_HOME/fluent 2>/dev/null | grep ".loggly/fluent/fluent.conf" | wc -l ) == 1 ]; then logMsgToConfigSysLog "INFO" "INFO: Fluentd is already installed. Not installing." else logMsgToConfigSysLog "INFO" "INFO: Fluentd is not installed. Installing Fluentd. This may take a while." @@ -338,8 +341,12 @@ installFluentd() #install fluentd gem http://docs.fluentd.org/articles/install-by-gem sudo gem install fluentd --no-ri --no-rdoc + if [[ ! -d "$LOGGLY_HOME" ]]; then + mkdir $LOGGLY_HOME + fi + #to check fluentd installed successfully - if [ $(fluentd --setup ./fluent 2>/dev/null | grep "./fluent/fluent.conf" | wc -l ) == 1 ]; then + if [ $(sudo fluentd --setup $LOGGLY_HOME/fluent 2>/dev/null | grep ".loggly/fluent/fluent.conf" | wc -l ) == 1 ]; then logMsgToConfigSysLog "INFO" "INFO: Fluentd installed Successfully" else logMsgToConfigSysLog "ERROR" "ERROR: Unable to install fluentd" @@ -359,10 +366,6 @@ installLogglyFluentdPlugin() writeLogglyConfFile() { - if [[ ! -d "$HOME/.loggly" ]]; then - mkdir $HOME/.loggly - fi - FLUENTD_CONF="$HOME/.loggly/fluentd-loggly.conf" if [ -f "$FLUENTD_CONF" ]; then From f8d885fefa313df0ceff312b12df9ddaef89ccb9 Mon Sep 17 00:00:00 2001 From: Jayant Varshney Date: Thu, 9 Jul 2015 19:48:49 +0530 Subject: [PATCH 04/25] Added support to Tomcat 8 (package version) --- Modular Scripts/Tomcat/configure-tomcat.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Modular Scripts/Tomcat/configure-tomcat.sh b/Modular Scripts/Tomcat/configure-tomcat.sh index 6a93d0d..8f886be 100644 --- a/Modular Scripts/Tomcat/configure-tomcat.sh +++ b/Modular Scripts/Tomcat/configure-tomcat.sh @@ -9,7 +9,7 @@ source configure-linux.sh "being-invoked" #name of the current script SCRIPT_NAME=configure-tomcat.sh #version of the current script -SCRIPT_VERSION=1.3 +SCRIPT_VERSION=1.4 #minimum version of tomcat to enable log rotation MIN_TOMCAT_VERSION=6.0.33.0 @@ -109,7 +109,7 @@ installLogglyConfForTomcat() #log success message logMsgToConfigSysLog "SUCCESS" "SUCCESS: Tomcat successfully configured to send logs via Loggly." -} + } #executing script to remove loggly configuration for tomcat removeLogglyConfForTomcat() @@ -137,7 +137,7 @@ removeLogglyConfForTomcat() logMsgToConfigSysLog "INFO" "INFO: Rollback completed." } -#identify if tomcat6 or tomcat7 is installed on your system +#identify if tomcat6/ tomcat7/ tomcat8 is installed on your system deduceAndCheckTomcatHomeAndVersion() { @@ -313,8 +313,8 @@ getTomcatVersion() checkIfSupportedTomcatVersion() { tomcatMajorVersion=${TOMCAT_VERSION%%.*} - if [[ ($tomcatMajorVersion -ne 6 ) && ($tomcatMajorVersion -ne 7) ]]; then - logMsgToConfigSysLog "ERROR" "ERROR: This script only supports Tomcat version 6 or 7." + if [[ ($tomcatMajorVersion -ne 6 ) && ($tomcatMajorVersion -ne 7) && ($tomcatMajorVersion -ne 8) ]]; then + logMsgToConfigSysLog "ERROR" "ERROR: This script only supports Tomcat version 6, 7 or 8." exit 1 fi } From 8cca0cfda82262c1fdd5a6195d56848aab1745f4 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Mon, 11 Jan 2016 21:40:41 +0530 Subject: [PATCH 05/25] Added new syntax support For rsyslog version 7 or greater, new syntax will be used for configuration --- .../configure-file-monitoring.sh | 48 +++++++++++++------ 1 file changed, 33 insertions(+), 15 deletions(-) diff --git a/Modular Scripts/File Monitoring/configure-file-monitoring.sh b/Modular Scripts/File Monitoring/configure-file-monitoring.sh index c372785..e6678b9 100644 --- a/Modular Scripts/File Monitoring/configure-file-monitoring.sh +++ b/Modular Scripts/File Monitoring/configure-file-monitoring.sh @@ -9,7 +9,7 @@ source configure-linux.sh "being-invoked" #name of the current script SCRIPT_NAME=configure-file-monitoring.sh #version of the current script -SCRIPT_VERSION=1.12 +SCRIPT_VERSION=1.13 #file to monitor (contains complete path and file name) provided by user LOGGLY_FILE_TO_MONITOR= @@ -411,20 +411,38 @@ write21ConfFileContents() " fi - imfileStr+=" - # File access file: - \$InputFileName $FILE_TO_MONITOR - \$InputFileTag $LOGGLY_FILE_TO_MONITOR_ALIAS: - \$InputFileStateFile stat-$STATE_FILE_ALIAS - \$InputFileSeverity info - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - #Add a tag for file events - \$template $CONF_FILE_FORMAT_NAME,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" - if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then @@logs-01.loggly.com:514;$CONF_FILE_FORMAT_NAME - if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then ~ - " - + rsyslog_version="$(rsyslogd -v)" + r_ver=${rsyslog_version:9:1} + if [ $r_ver -le 6 ] + then + imfileStr+=" + # File access file: + \$InputFileName $FILE_TO_MONITOR + \$InputFileTag $LOGGLY_FILE_TO_MONITOR_ALIAS: + \$InputFileStateFile stat-$STATE_FILE_ALIAS + \$InputFileSeverity info + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + #Add a tag for file events + \$template $CONF_FILE_FORMAT_NAME,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" + if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then @@logs-01.loggly.com:514;$CONF_FILE_FORMAT_NAME + if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then ~ + " + else + imfileStr+=" + # File access file: + \$InputFileName $FILE_TO_MONITOR + \$InputFileTag $LOGGLY_FILE_TO_MONITOR_ALIAS + \$InputFileStateFile stat-$STATE_FILE_ALIAS + \$InputFileSeverity info + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + #Add a tag for file events + template (name=\"$CONF_FILE_FORMAT_NAME\" type=\"string\" string=\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\") + if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then action(type=\"omfwd\" protocol=\"tcp\" target=\"logs-01.loggly.com\" port=\"514\" template=\"$CONF_FILE_FORMAT_NAME\") + if \$programname == '$LOGGLY_FILE_TO_MONITOR_ALIAS' then ~ + " + fi #write to 21-.conf file sudo cat << EOIPFW >> $FILE_SYSLOG_CONFFILE $imfileStr From 3e409918741df90b0d69f2a2e6319ee858093a82 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Fri, 22 Jan 2016 18:12:50 +0530 Subject: [PATCH 06/25] Added support for Access logs 1. Added configuration to send access logs to Loggly 2. Added support for tomcat8 --- Modular Scripts/Tomcat/configure-tomcat.sh | 81 +++++++++++++++++++++- 1 file changed, 79 insertions(+), 2 deletions(-) diff --git a/Modular Scripts/Tomcat/configure-tomcat.sh b/Modular Scripts/Tomcat/configure-tomcat.sh index 8f886be..36449bb 100644 --- a/Modular Scripts/Tomcat/configure-tomcat.sh +++ b/Modular Scripts/Tomcat/configure-tomcat.sh @@ -9,7 +9,7 @@ source configure-linux.sh "being-invoked" #name of the current script SCRIPT_NAME=configure-tomcat.sh #version of the current script -SCRIPT_VERSION=1.4 +SCRIPT_VERSION=1.5 #minimum version of tomcat to enable log rotation MIN_TOMCAT_VERSION=6.0.33.0 @@ -53,6 +53,9 @@ TAG= #this is not a mandatory input LOGGLY_CATALINA_HOME= +#this variable will hold if the access-logs are invoked. +CONFIGURE_ACCESS_LOGS="false" + MANUAL_CONFIG_INSTRUCTION="Manual instructions to configure Tomcat is available at https://www.loggly.com/docs/tomcat-application-server/. Rsyslog troubleshooting instructions are available at https://www.loggly.com/docs/troubleshooting-rsyslog/" #this variable will hold if the check env function for linux is invoked @@ -98,6 +101,9 @@ installLogglyConfForTomcat() #update logging.properties file for log rotation updateLoggingPropertiesFile + #update server.xml to add renameOnRotate + updateServerXML + #multiple tags addTagsInConfiguration @@ -130,6 +136,9 @@ removeLogglyConfForTomcat() #remove 21tomcat.conf file remove21TomcatConfFile + + #restore original server.xml from backup + restoreServerXML #restore original loggly properties file from backup restoreLogglyPropertiesFile @@ -175,6 +184,25 @@ deduceAndCheckTomcatHomeAndVersion() #checks if the deduced tomcat7 home is correct or not checkIfValidTomcatHome validTomcatHome fi + + #if tomcat6 home is not valid one, move on to check for tomcat8 + if [ "$validTomcatHome" = "false" ]; then + + LOGGLY_CATALINA_HOME= + + #lets check if tomcat6 is installed on the system + SERVICE=tomcat8 + + #try to deduce tomcat home considering tomcat6 + assumeTomcatHome $SERVICE + + #initialize validTomcatHome variable with value true. This value will be toggled + #in the function checkIfValidTomcatHome fails + validTomcatHome="true" + + #checks if the deduced tomcat7 home is correct or not + checkIfValidTomcatHome validTomcatHome + fi if [ "$validTomcatHome" = "true" ]; then logMsgToConfigSysLog "INFO" "INFO: CATALINA HOME: $LOGGLY_CATALINA_HOME" @@ -218,7 +246,8 @@ deduceAndCheckTomcatHomeAndVersion() SERVICE=tomcat7 elif [ "$tomcatMajorVersion" = "6" ]; then SERVICE=tomcat6 - fi + elif [ "$tomcatMajorVersion" = "8" ]; then + SERVICE=tomcat8 else logMsgToConfigSysLog "ERROR" "ERROR: Provided Catalina Home is not correct. Please recheck." fi @@ -428,6 +457,26 @@ EOIPFW } +#add renameOnRotate to true in the Valve element to stop access logs +#log rotation +updateServerXML() +{ + + if ! grep -q 'renameOnRotate="true"' "$LOGGLY_CATALINA_HOME/conf/server.xml"; + then + CONFIGURE_ACCESS_LOGS="true" + + #Creating backup of server.xml to server.xml.bk + logMsgToConfigSysLog "INFO" "INFO: Creating backup of server.xml to server.xml.bk" + sudo cp $LOGGLY_CATALINA_HOME/conf/server.xml $LOGGLY_CATALINA_HOME/conf/server.xml.bk + if grep -q '"localhost_access_log."' "$LOGGLY_CATALINA_HOME/conf/server.xml"; + then + sed -i 's/"localhost_access_log."/"localhost_access_log"/g' $LOGGLY_CATALINA_HOME/conf/server.xml + fi + sed -i 's/"localhost_access_log"/"localhost_access_log"\ renameOnRotate="true"/g' $LOGGLY_CATALINA_HOME/conf/server.xml + logMsgToConfigSysLog "INFO" "INFO: Disabled log rotation for localhost_access_log file in server.xml" + fi +} addTagsInConfiguration() { #split tags by comman(,) @@ -554,6 +603,23 @@ write21TomcatFileContents() " fi + if [ $CONFIGURE_ACCESS_LOGS == "true" ]; + then + imfileStr+=" + + # localhost_access_log.txt + \$InputFileName $LOGGLY_CATALINA_LOG_HOME/localhost_access_log.txt + \$InputFileTag tomcat-access + \$InputFileStateFile stat-tomcat-access + \$InputFileSeverity info + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + if \$programname == 'tomcat-access' then @@logs-01.loggly.com:514;LogglyFormatTomcat + if \$programname == 'tomcat-access' then ~ + " + fi + + #change the tomcat-21 file to variable from above and also take the directory of the tomcat log file. sudo cat << EOIPFW >> $TOMCAT_SYSLOG_CONFFILE $imfileStr @@ -623,6 +689,17 @@ restoreLogglyPropertiesFile() restartTomcat } +restoreServerXML() +{ + if [ -f "$LOGGLY_CATALINA_HOME/conf/server.xml.bk" ]; + then + logMsgToConfigSysLog "INFO" "INFO: Restoring server.xml file from backup" + sudo rm -rf $LOGGLY_CATALINA_HOME/conf/server.xml + sudo cp $LOGGLY_CATALINA_HOME/conf/server.xml.bk $LOGGLY_CATALINA_HOME/conf/server.xml + sudo rm -rf $LOGGLY_CATALINA_HOME/conf/server.xml.bk + fi +} + #remove 21tomcat.conf file remove21TomcatConfFile() { From b87e36677467d9568bf0fdceb3dc629a63cbe610 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Fri, 22 Jan 2016 20:58:17 +0530 Subject: [PATCH 07/25] Added support for Access logs --- Modular Scripts/Tomcat/configure-tomcat.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/Modular Scripts/Tomcat/configure-tomcat.sh b/Modular Scripts/Tomcat/configure-tomcat.sh index 36449bb..774438f 100644 --- a/Modular Scripts/Tomcat/configure-tomcat.sh +++ b/Modular Scripts/Tomcat/configure-tomcat.sh @@ -248,6 +248,7 @@ deduceAndCheckTomcatHomeAndVersion() SERVICE=tomcat6 elif [ "$tomcatMajorVersion" = "8" ]; then SERVICE=tomcat8 + fi else logMsgToConfigSysLog "ERROR" "ERROR: Provided Catalina Home is not correct. Please recheck." fi From 6961b2e538d5310d6fca70e6c02b840cd741cafc Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Wed, 27 Jan 2016 17:11:59 +0530 Subject: [PATCH 08/25] Added Mac script README link --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index ae135c5..7863b22 100644 --- a/README.md +++ b/README.md @@ -15,3 +15,4 @@ You can view the **READMEs** of the various installation scripts at the followin 4. Tomcat Configuration Script 5. S3 Bucket Configuration Script 6. Nginx Script +7. Mac Script From 7c8a5204e5491ffe67718b9d3e44a66160b5f4e0 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Fri, 26 Feb 2016 18:11:40 +0530 Subject: [PATCH 09/25] Create update-loggly-certificate.sh --- Linux Script/update-loggly-certificate.sh | 785 ++++++++++++++++++++++ 1 file changed, 785 insertions(+) create mode 100644 Linux Script/update-loggly-certificate.sh diff --git a/Linux Script/update-loggly-certificate.sh b/Linux Script/update-loggly-certificate.sh new file mode 100644 index 0000000..5777894 --- /dev/null +++ b/Linux Script/update-loggly-certificate.sh @@ -0,0 +1,785 @@ +#!/bin/bash + +#trapping Control + C +#these statements must be the first statements in the script to trap the CTRL C event + +########## Variable Declarations - Start ########## + +#name of the current script. This will get overwritten by the child script which calls this +SCRIPT_NAME=update-loggly-certificate.sh +#version of the current script. This will get overwritten by the child script which calls this +SCRIPT_VERSION=1.0 + +#application tag. This will get overwritten by the child script which calls this +APP_TAG= + +#directory location for syslog +RSYSLOG_ETCDIR_CONF=/etc/rsyslog.d +#name and location of loggly syslog file +LOGGLY_RSYSLOG_CONFFILE=$RSYSLOG_ETCDIR_CONF/22-loggly.conf +#name and location of loggly syslog backup file +LOGGLY_RSYSLOG_CONFFILE_BACKUP=$LOGGLY_RSYSLOG_CONFFILE.loggly.bk + +#syslog directory +RSYSLOG_DIR=/var/spool/rsyslog +#rsyslog service name +RSYSLOG_SERVICE=rsyslog +#syslog-ng +SYSLOG_NG_SERVICE=syslog-ng +#rsyslogd +RSYSLOGD=rsyslogd +#minimum version of rsyslog to enable logging to loggly +MIN_RSYSLOG_VERSION=5.8.0 +#this variable will hold the users syslog version +RSYSLOG_VERSION= + +#this variable will hold the host name +HOST_NAME= +#this variable will hold the name of the linux distribution +LINUX_DIST= + +#this variable will hold if the script is for test +TEST_MODE="true" + +#host name for logs-01.loggly.com +LOGS_01_HOST=logs-01.loggly.com +LOGS_01_URL=https://$LOGS_01_HOST +#this variable will contain loggly account url in the format https://$LOGGLY_ACCOUNT.loggly.com +LOGGLY_ACCOUNT_URL= +#loggly.com URL +LOGGLY_COM_URL=https://www.loggly.com + +######Inputs provided by user###### +#this variable will hold the loggly account name provided by user. +#this is a mandatory input +LOGGLY_ACCOUNT= +#this variable will hold the loggly authentication token provided by user. +#this is a mandatory input +LOGGLY_AUTH_TOKEN= +#this variable will identify if the user has selected to rollback settings +LOGGLY_ROLLBACK= +#this variable will hold the user name provided by user +#this is a mandatory input +LOGGLY_USERNAME= +#this variable will hold the password provided by user +#this is a mandatory input +LOGGLY_PASSWORD= + +#if this variable is set to true then suppress all prompts +SUPPRESS_PROMPT="false" + +#variables used in 22-loggly.conf file +LOGGLY_SYSLOG_PORT=6514 +LOGGLY_DISTRIBUTION_ID="41058" + +#Instruction link on how to configure loggly on linux manually. This will get overwritten by the child script which calls this +#on how to configure the child application +MANUAL_CONFIG_INSTRUCTION="Manual instructions to configure rsyslog TLS on Linux are available at https://www.loggly.com/docs/rsyslog-tls-configuration/." + +#this variable is set if the script is invoked via some other calling script +IS_INVOKED= + +#this variable will hold if the check env function for linux is invoked +LINUX_ENV_VALIDATED="false" + +#this variable will inform if verification needs to be performed +LINUX_DO_VERIFICATION="true" + +########## Variable Declarations - End ########## + + +#check if the Linux environment is compatible with Loggly. +#Also set few variables after the check. +checkLinuxLogglyCompatibility() +{ + #check if the user has root permission to run this script + checkIfUserHasRootPrivileges + + #check if the OS is supported by the script. If no, then exit + checkIfSupportedOS + + #set the basic variables needed by this script + setLinuxVariables + + if [ "$TEST_MODE" = "true" ]; then + + #check if the Loggly servers are accessible. If no, ask user to check network connectivity & exit + checkIfLogglyServersAccessible + + #check if user credentials are valid. If no, then exit + checkIfValidUserNamePassword + + #get authentication token if not provided + getAuthToken + + #check if authentication token is valid. If no, then exit. + checkIfValidAuthToken + fi + + #checking if syslog-ng is configured as a service + checkifSyslogNgConfiguredAsService + + #check if rsyslog is configured as service. If no, then exit + checkIfRsyslogConfiguredAsService + + #check if multiple rsyslog are present in the system. If yes, then exit + checkIfMultipleRsyslogConfigured + + #check for the minimum version of rsyslog i.e 5.8.0. If no, then exit + checkIfMinVersionOfRsyslog + + #check if selinux service is enforced. if yes, ask the user to manually disable and exit the script + checkIfSelinuxServiceEnforced + + LINUX_ENV_VALIDATED="true" +} + +# executing the script for loggly to install and configure rsyslog. +installLogglyConf() +{ + #log message indicating starting of Loggly configuration + logMsgToConfigSysLog "INFO" "INFO: Initiating Configure Loggly for Linux." + + if [ "$LINUX_ENV_VALIDATED" = "false" ]; then + checkLinuxLogglyCompatibility + fi + + #create rsyslog dir if it doesn't exist, Modify the permission on rsyslog directory if exist on Ubuntu + createRsyslogDir + + #write new sha2 certificate + updateCertificate + + if [ "$TEST_MODE" = "true" ]; then + + #if all the above check passes, write the 22-loggly.conf file + checkAuthTokenAndWriteContents + + #call changeHostFile to test collector + updateHostsFile + + #check if the logs are going to loggly fro linux system now + checkIfLogsMadeToLoggly + + fi + + if [ "$IS_INVOKED" = "" ]; then + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Linux system successfully configured to send logs via Loggly." + fi + +} + +#remove loggly configuration from Linux system +revertTLSchanges() +{ + #log message indicating starting of Loggly configuration + logMsgToConfigSysLog "INFO" "INFO: Initiating restore of rsyslog-tls" + + #check if the user has root permission to run this script + checkIfUserHasRootPrivileges + + #check if the OS is supported by the script. If no, then exit + checkIfSupportedOS + + #set the basic variables needed by this script + setLinuxVariables + + #remove 22-loggly.conf file + remove22LogglyTLSChange + + #restart rsyslog service + restartRsyslog + + #log success message + logMsgToConfigSysLog "SUCCESS" "SUCCESS: TLS Changes have been reverted." +} + +#checks if user has root privileges +checkIfUserHasRootPrivileges() +{ + #This script needs to be run as a sudo user + if [[ $EUID -ne 0 ]]; then + logMsgToConfigSysLog "ERROR" "ERROR: This script must be run as root." + exit 1 + fi +} + +#check if supported operating system +checkIfSupportedOS() +{ + getOs + + LINUX_DIST_IN_LOWER_CASE=$(echo $LINUX_DIST | tr "[:upper:]" "[:lower:]") + + case "$LINUX_DIST_IN_LOWER_CASE" in + *"ubuntu"* ) + echo "INFO: Operating system is Ubuntu." + ;; + *"redhat"* ) + echo "INFO: Operating system is Red Hat." + ;; + *"centos"* ) + echo "INFO: Operating system is CentOS." + ;; + *"debian"* ) + echo "INFO: Operating system is Debian." + ;; + *"amazon"* ) + echo "INFO: Operating system is Amazon AMI." + ;; + *"darwin"* ) + #if the OS is mac then exit + logMsgToConfigSysLog "ERROR" "ERROR: This script is for Linux systems, and Darwin or Mac OSX are not currently supported. You can find alternative options here: https://www.loggly.com/docs/send-mac-logs-to-loggly/" + exit 1 + ;; + * ) + logMsgToConfigSysLog "WARN" "WARN: The linux distribution '$LINUX_DIST' has not been previously tested with Loggly." + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "Would you like to continue anyway? (yes/no)" yn + case $yn in + [Yy]* ) + break;; + [Nn]* ) + exit 1 + ;; + * ) echo "Please answer yes or no.";; + esac + done + fi + ;; + esac +} + +getOs() +{ + # Determine OS platform + UNAME=$(uname | tr "[:upper:]" "[:lower:]") + # If Linux, try to determine specific distribution + if [ "$UNAME" == "linux" ]; then + # If available, use LSB to identify distribution + if [ -f /etc/lsb-release -o -d /etc/lsb-release.d ]; then + LINUX_DIST=$(lsb_release -i | cut -d: -f2 | sed s/'^\t'//) + # If system-release is available, then try to identify the name + elif [ -f /etc/system-release ]; then + LINUX_DIST=$(cat /etc/system-release | cut -f 1 -d " ") + # Otherwise, use release info file + else + LINUX_DIST=$(ls -d /etc/[A-Za-z]*[_-][rv]e[lr]* | grep -v "lsb" | cut -d'/' -f3 | cut -d'-' -f1 | cut -d'_' -f1) + fi + fi + + # For everything else (or if above failed), just use generic identifier + if [ "$LINUX_DIST" == "" ]; then + LINUX_DIST=$(uname) + fi +} + +#sets linux variables which will be used across various functions +setLinuxVariables() +{ + #set host name + HOST_NAME=$(hostname) + + #set loggly account url + LOGGLY_ACCOUNT_URL=https://$LOGGLY_ACCOUNT.loggly.com +} + +#checks if all the various endpoints used for configuring loggly are accessible +checkIfLogglyServersAccessible() +{ + echo "INFO: Checking if $LOGS_01_HOST is reachable." + if [ $(ping -c 1 $LOGS_01_HOST | grep "1 packets transmitted, 1 received, 0% packet loss" | wc -l) == 1 ] || [ $(sleep 1 | telnet $LOGS_01_HOST $LOGGLY_SYSLOG_PORT | grep Connected | wc -l) == 1 ]; then + echo "INFO: $LOGS_01_HOST is reachable." + else + logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable. Please check your network and firewall settings." + exit 1 + fi + + echo "INFO: Checking if $LOGS_01_HOST is reachable via $LOGGLY_SYSLOG_PORT port. This may take some time." + if [ $(curl --connect-timeout 10 $LOGS_01_HOST:$LOGGLY_SYSLOG_PORT 2>&1 | grep "Empty reply from server" | wc -l) == 1 ]; then + echo "INFO: $LOGS_01_HOST is reachable via $LOGGLY_SYSLOG_PORT port." + else + logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable via $LOGGLY_SYSLOG_PORT port. Please check your network and firewall settings." + exit 1 + fi + + echo "INFO: Checking if '$LOGGLY_ACCOUNT' subdomain is valid." + if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/login | grep "200 OK" | wc -l) == 1 ]; then + echo "INFO: $LOGGLY_ACCOUNT_URL is valid and reachable." + else + logMsgToConfigSysLog "ERROR" "ERROR: This is not a recognized subdomain. Please ask the account owner for the subdomain they signed up with." + exit 1 + fi + + echo "INFO: Checking if Gen2 account." + if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "404 NOT FOUND" | wc -l) == 1 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: This scripts need a Gen2 account. Please contact Loggly support." + exit 1 + else + echo "INFO: It is a Gen2 account." + fi +} + +#check if user name and password is valid +checkIfValidUserNamePassword() +{ + echo "INFO: Checking if provided username and password is correct." + if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "Unauthorized" | wc -l) == 1 ]; then + logMsgToConfigSysLog "INFO" "INFO: Please check your username or reset your password at $LOGGLY_ACCOUNT_URL/account/users/" + logMsgToConfigSysLog "ERROR" "ERROR: Invalid Loggly username or password. Your username is visible at the top right of the Loggly console before the @ symbol. You can reset your password at http://.loggly.com/login." + exit 1 + else + logMsgToConfigSysLog "INFO" "INFO: Username and password authorized successfully." + fi +} + +getAuthToken() +{ + if [ "$LOGGLY_AUTH_TOKEN" = "" ]; then + logMsgToConfigSysLog "INFO" "INFO: Authentication token not provided. Trying to retrieve it from $LOGGLY_ACCOUNT_URL account." + #get authentication token if user has not provided one + tokenstr=$(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep -v "token") + + #get the string from index 0 to first occurence of , + tokenstr=${tokenstr%%,*} + + #get the string from index 0 to last occurence of " + tokenstr=${tokenstr%\"*} + + #get the string from first occurence of " to the end + tokenstr=${tokenstr#*\"} + + LOGGLY_AUTH_TOKEN=$tokenstr + + logMsgToConfigSysLog "INFO" "INFO: Retrieved authentication token: $LOGGLY_AUTH_TOKEN" + fi +} + +#check if authentication token is valid +checkIfValidAuthToken() +{ + echo "INFO: Checking if provided auth token is correct." + if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep \"$LOGGLY_AUTH_TOKEN\" | wc -l) == 1 ]; then + logMsgToConfigSysLog "INFO" "INFO: Authentication token validated successfully." + else + logMsgToConfigSysLog "ERROR" "ERROR: Invalid authentication token $LOGGLY_AUTH_TOKEN. You can get valid authentication token by following instructions at https://www.loggly.com/docs/customer-token-authentication-token/." + exit 1 + fi +} + +#check if rsyslog is configured as service. If it is configured as service and not started, start the service +checkIfRsyslogConfiguredAsService() +{ + if [ -f /etc/init.d/$RSYSLOG_SERVICE ]; then + logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is present as service." + else + logMsgToConfigSysLog "ERROR" "ERROR: $RSYSLOG_SERVICE is not present as service." + exit 1 + fi + + #checking if syslog-ng is running as a service + checkifSyslogNgConfiguredAsService + + if [ $(ps -A | grep "$RSYSLOG_SERVICE" | wc -l) -eq 0 ]; then + logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is not running. Attempting to start service." + sudo service $RSYSLOG_SERVICE start + fi +} + +checkifSyslogNgConfiguredAsService() +{ + if [ $(ps -A | grep "$SYSLOG_NG_SERVICE" | wc -l) -gt 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: This script does not currently support syslog-ng. Please follow the instructions on this page https://www.loggly.com/docs/syslog-ng-manual-configuration" + exit 1 + fi +} + +#check if multiple versions of rsyslog is configured +checkIfMultipleRsyslogConfigured() +{ + if [ $(ps -A | grep "$RSYSLOG_SERVICE" | wc -l) -gt 1 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Multiple (more than 1) $RSYSLOG_SERVICE is running." + exit 1 + fi +} + +#check if minimum version of rsyslog required to configure loggly is met +checkIfMinVersionOfRsyslog() +{ + RSYSLOG_VERSION=$(sudo $RSYSLOGD -version | grep "$RSYSLOGD") + RSYSLOG_VERSION=${RSYSLOG_VERSION#* } + RSYSLOG_VERSION=${RSYSLOG_VERSION%,*} + RSYSLOG_VERSION=$RSYSLOG_VERSION | tr -d " " + if [ $(compareVersions $RSYSLOG_VERSION $MIN_RSYSLOG_VERSION 3) -lt 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Min rsyslog version required is 5.8.0." + exit 1 + fi +} + +#check if SeLinux service is enforced +checkIfSelinuxServiceEnforced() +{ + isSelinuxInstalled=$(getenforce -ds 2>/dev/null) + if [ $? -ne 0 ]; then + logMsgToConfigSysLog "INFO" "INFO: selinux status is not enforced." + elif [ $(sudo getenforce | grep "Enforcing" | wc -l) -gt 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: selinux status is 'Enforcing'. Please disable it and start the rsyslog daemon manually." + exit 1 + fi +} + +#check if authentication token is valid and then write contents to 22-loggly.conf file to /etc/rsyslog.d directory +checkAuthTokenAndWriteContents() +{ + if [ "$LOGGLY_AUTH_TOKEN" != "" ]; then + #writeContents $LOGGLY_ACCOUNT $LOGGLY_AUTH_TOKEN $LOGGLY_DISTRIBUTION_ID $LOGS_01_HOST $LOGGLY_SYSLOG_PORT + restartRsyslog + else + logMsgToConfigSysLog "ERROR" "ERROR: Loggly auth token is required to configure rsyslog. Please pass -a while running script." + exit 1 + fi +} + +#create /etc/rsyslog.d/keys/ca.d directory and installs the certificates +updateCertificate() +{ +CURRENT_CRT_CONF="$(grep '.crt' $LOGGLY_RSYSLOG_CONFFILE)" +CURRENT_CRT_COUNT="$(grep '.crt' $LOGGLY_RSYSLOG_CONFFILE | wc -l)" +if [ $CURRENT_CRT_COUNT -gt 0 ]; then + + DIRECTORY_K="/etc/rsyslog.d/keys"; + DIRECTORY_CA="/etc/rsyslog.d/keys/ca.d"; + + if [ ! -d "$DIRECTORY_K" ]; then + logMsgToConfigSysLog "INFO" "INFO: Making directories /etc/rsyslog.d/keys/ca.d" + sudo mkdir /etc/rsyslog.d/keys + sudo mkdir /etc/rsyslog.d/keys/ca.d + elif [ -d "$DIRECTORY_K" ]; then + if [ ! -d "$DIRECTORY_CA" ]; then + sudo mkdir /etc/rsyslog.d/keys/ca.d + fi + else + logMsgToConfigSysLog "INFO" "INFO: Directories /etc/rsyslog.d/keys/ca.d already exists" + fi + + cd /etc/rsyslog.d/keys/ca.d/ + logMsgToConfigSysLog "INFO" "INFO: Downloading required certificates" + sudo curl -O https://logdog.loggly.com/media/logs-01.loggly.com_sha12.crt + sudo cat logs-01.loggly.com_sha12.crt > loggly_full_sha12.crt + + #taking backup and changing path in 22-loggly.conf + sudo cp $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP + NEW_CRT_CONF="\$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/loggly_full_sha12.crt" + sed -i "s%$CURRENT_CRT_CONF%$NEW_CRT_CONF%g" $LOGGLY_RSYSLOG_CONFFILE + logMsgToConfigSysLog "INFO" "INFO: Certificate path changed in 22-loggly.conf" +else + logMsgToConfigSysLog "INFO" "INFO: Rsyslog TLS is not configured." + logMsgToConfigSysLog "INFO" "INFO: Please configure Rsyslog TLS first and then retry updating the certificate." + exit 1 +fi +} + +#Updates the /etc/hosts file with test collectorIP and creates backup of file +updateHostsFile() +{ + sudo sed -i '$ a\ '"52.1.106.130 logs-01.loggly.com" /etc/hosts + logMsgToConfigSysLog "INFO" "INFO: Hosts file Updated" +} + +#create /var/spool/rsyslog directory if not already present. Modify the permission of this directory for Ubuntu +createRsyslogDir() +{ + if [ -d "$RSYSLOG_DIR" ]; then + logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_DIR already exist, so not creating directory." + if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then + logMsgToConfigSysLog "INFO" "INFO: Changing the permission on the rsyslog in /var/spool" + sudo chown -R syslog:adm $RSYSLOG_DIR + fi + else + logMsgToConfigSysLog "INFO" "INFO: Creating directory $SYSLOGDIR" + sudo mkdir -v $RSYSLOG_DIR + if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then + sudo chown -R syslog:adm $RSYSLOG_DIR + fi + fi +} + +#check if the logs made it to Loggly +checkIfLogsMadeToLoggly() +{ + logMsgToConfigSysLog "INFO" "INFO: Sending test message to Loggly." + uuid=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) + + queryParam="syslog.appName%3ALOGGLYVERIFY%20$uuid" + logger -t "LOGGLYVERIFY" "LOGGLYVERIFY-Test message for verification with UUID $uuid" + + + #restores hosts file to its earlier state + restoreHostFile + + counter=1 + maxCounter=10 + finalCount=0 + + queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" + logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Verifying if the log made it to Loggly." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch finalCount "$queryUrl" + let counter=$counter+1 + + while [ "$finalCount" -eq 0 ]; do + echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 50 secs." + sleep 50 + echo "INFO: Done waiting. Verifying again." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch finalCount "$queryUrl" + let counter=$counter+1 + if [ "$counter" -gt "$maxCounter" ]; then + + logMsgToConfigSysLog "ERROR" "ERROR: Logs did not make to Loggly in time. Please check network and firewall settings and retry." + exit 1 + fi + done + + if [ "$finalCount" -eq 1 ]; then + if [ "$IS_INVOKED" = "" ]; then + + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Linux system logs to Loggly." + exit 0 + else + logMsgToConfigSysLog "INFO" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Linux system logs to Loggly." + fi + fi + +} + +#restores host file to its original state +restoreHostFile() +{ + if grep -q '52.1.106.130 logs-01.loggly.com' "/etc/hosts";then + sed -i -e '/52.1.106.130 logs-01.loggly.com/d' /etc/hosts + fi + logMsgToConfigSysLog "INFO" "INFO: Hosts file Restored" +} + +#delete 22-loggly.conf file +remove22LogglyTLSChange() +{ +CURRENT_CRT_COUNT="$(grep '.crt' $LOGGLY_RSYSLOG_CONFFILE | wc -l)" +if [ $CURRENT_CRT_COUNT -gt 0 ]; then + if [ -f $LOGGLY_RSYSLOG_CONFFILE ]; then + sudo rm -rf $LOGGLY_RSYSLOG_CONFFILE + sudo cp $LOGGLY_RSYSLOG_CONFFILE_BACKUP $LOGGLY_RSYSLOG_CONFFILE + fi +else + logMsgToConfigSysLog "INFO" "INFO: Rsyslog TLS is not configured." + exit 1 +fi +} + +#compares two version numbers, used for comparing versions of various softwares +compareVersions () +{ + typeset IFS='.' + typeset -a v1=( $1 ) + typeset -a v2=( $2 ) + typeset n diff + + for (( n=0; n<$3; n+=1 )); do + diff=$((v1[n]-v2[n])) + if [ $diff -ne 0 ] ; then + [ $diff -le 0 ] && echo '-1' || echo '1' + return + fi + done + echo '0' +} + +#restart rsyslog +restartRsyslog() +{ + logMsgToConfigSysLog "INFO" "INFO: Restarting the $RSYSLOG_SERVICE service." + sudo service $RSYSLOG_SERVICE restart + if [ $? -ne 0 ]; then + logMsgToConfigSysLog "WARNING" "WARNING: $RSYSLOG_SERVICE did not restart gracefully. Please restart $RSYSLOG_SERVICE manually." + fi +} + +#logs message to config syslog +logMsgToConfigSysLog() +{ + #$1 variable will be SUCCESS or ERROR or INFO or WARNING + #$2 variable will be the message + cslStatus=$1 + cslMessage=$2 + echo "$cslMessage" + currentTime=$(date) + + #for Linux system, we need to use -d switch to decode base64 whereas + #for Mac system, we need to use -D switch to decode + varUname=$(uname) + if [[ $varUname == 'Linux' ]]; then + enabler=$(echo -n MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -d) + elif [[ $varUname == 'Darwin' ]]; then + enabler=$(echo MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -D) + fi + + if [ $? -ne 0 ]; then + echo "ERROR: Base64 decode is not supported on your Operating System. Please update your system to support Base64." + exit 1 + fi + + sendPayloadToConfigSysLog "$cslStatus" "$cslMessage" "$enabler" + + #if it is an error, then log message "Script Failed" to config syslog and exit the script + if [[ $cslStatus == "ERROR" ]]; then + sendPayloadToConfigSysLog "ERROR" "Script Failed" "$enabler" + if [ "$varUname" != "Darwin" ]; then + echo $MANUAL_CONFIG_INSTRUCTION + fi + exit 1 + fi + + #if it is a success, then log message "Script Succeeded" to config syslog and exit the script + if [[ $cslStatus == "SUCCESS" ]]; then + sendPayloadToConfigSysLog "SUCCESS" "Script Succeeded" "$enabler" + exit 0 + fi +} + +#payload construction to send log to config syslog +sendPayloadToConfigSysLog() +{ + if [ "$APP_TAG" = "" ]; then + var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", \"messages\":\"$2\",\"rsyslog-version\":\"$RSYSLOG_VERSION\"}" + else + var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", $APP_TAG, \"messages\":\"$2\",\"rsyslog-version\":\"$RSYSLOG_VERSION\"}" + fi + curl -s -H "content-type:application/json" -d "$var" $LOGS_01_URL/inputs/$3 > /dev/null 2>&1 +} + +#$1 return the count of records in loggly, $2 is the query param to search in loggly +searchAndFetch() +{ + url=$2 + + result=$(wget -qO- /dev/null --user "$LOGGLY_USERNAME" --password "$LOGGLY_PASSWORD" "$url") + + if [ -z "$result" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Please check your network/firewall settings & ensure Loggly subdomain, username and password is specified correctly." + exit 1 + fi + id=$(echo "$result" | grep -v "{" | grep id | awk '{print $2}') + # strip last double quote from id + id="${id%\"}" + # strip first double quote from id + id="${id#\"}" + url="$LOGGLY_ACCOUNT_URL/apiv2/events?rsid=$id" + + # retrieve the data + result=$(wget -qO- /dev/null --user "$LOGGLY_USERNAME" --password "$LOGGLY_PASSWORD" "$url") + count=$(echo "$result" | grep total_events | awk '{print $2}') + count="${count%\,}" + eval $1="'$count'" + if [ "$count" -gt 0 ]; then + timestamp=$(echo "$result" | grep timestamp) + fi +} + +#get password in the form of asterisk +getPassword() +{ + unset LOGGLY_PASSWORD + prompt="Please enter Loggly Password:" + while IFS= read -p "$prompt" -r -s -n 1 char + do + if [[ $char == $'\0' ]] + then + break + fi + prompt='*' + LOGGLY_PASSWORD+="$char" + done + echo +} + +#display usage syntax +usage() +{ +cat << EOF +usage: update-loggly-certificate [-a loggly auth account or subdomain] [-u username] [-t loggly token (optional)] [-p password (optional)] [ -notest to disable test mode (optional)] [-s suppress prompts {optional)] +usage: update-loggly-certificate [-a loggly auth account or subdomain] [-r to remove] +usage: update-loggly-certificate [-h for help] +EOF +} + +########## Get Inputs from User - Start ########## +if [ "$1" != "being-invoked" ]; then + if [ $# -eq 0 ]; then + usage + exit + else + while [ "$1" != "" ]; do + case $1 in + -t | --token ) shift + LOGGLY_AUTH_TOKEN=$1 + echo "AUTH TOKEN $LOGGLY_AUTH_TOKEN" + ;; + -a | --account ) shift + LOGGLY_ACCOUNT=$1 + echo "Loggly account or subdomain: $LOGGLY_ACCOUNT" + ;; + -notest | --notest ) shift + TEST_MODE="false" + echo "Test mode disabled" + ;; + -u | --username ) shift + LOGGLY_USERNAME=$1 + echo "Username is set" + ;; + -p | --password ) shift + LOGGLY_PASSWORD=$1 + ;; + -r | --remove ) + TLS_RESET="true" + ;; + -s | --suppress ) + SUPPRESS_PROMPT="true" + ;; + -h | --help) + usage + exit + ;; + *) usage + exit + ;; + esac + shift + done + fi + + if [ "$TLS_RESET" != "" -a "$LOGGLY_ACCOUNT" != "" ]; then + revertTLSchanges + elif [ "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" ]; then + if [ "$LOGGLY_PASSWORD" = "" ]; then + getPassword + fi + installLogglyConf + elif [ "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" -a "$TEST_MODE" == "false" ]; then + if [ "$LOGGLY_PASSWORD" = "" ]; then + getPassword + fi + installLogglyConf + else + usage + fi +else + IS_INVOKED="true" +fi + +########## Get Inputs from User - End ########## ------------------------------------------------------- +# End of Syslog Logging Directives for Loggly +# From 94c641b2295caaf32a197c4c8aaed6f20e6e11e5 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Mon, 29 Feb 2016 17:43:36 +0530 Subject: [PATCH 10/25] Default Test Mode and Bug Fixes --- Linux Script/update-loggly-certificate.sh | 264 +++++++++------------- 1 file changed, 103 insertions(+), 161 deletions(-) diff --git a/Linux Script/update-loggly-certificate.sh b/Linux Script/update-loggly-certificate.sh index 5777894..b920e5c 100644 --- a/Linux Script/update-loggly-certificate.sh +++ b/Linux Script/update-loggly-certificate.sh @@ -72,7 +72,7 @@ SUPPRESS_PROMPT="false" LOGGLY_SYSLOG_PORT=6514 LOGGLY_DISTRIBUTION_ID="41058" -#Instruction link on how to configure loggly on linux manually. This will get overwritten by the child script which calls this +#Instruction link on how to configure rsyslog TLS on linux manually. This will get overwritten by the child script which calls this #on how to configure the child application MANUAL_CONFIG_INSTRUCTION="Manual instructions to configure rsyslog TLS on Linux are available at https://www.loggly.com/docs/rsyslog-tls-configuration/." @@ -101,21 +101,18 @@ checkLinuxLogglyCompatibility() #set the basic variables needed by this script setLinuxVariables - if [ "$TEST_MODE" = "true" ]; then + #check if the Loggly servers are accessible. If no, ask user to check network connectivity & exit + checkIfLogglyServersAccessible + + #check if user credentials are valid. If no, then exit + checkIfValidUserNamePassword - #check if the Loggly servers are accessible. If no, ask user to check network connectivity & exit - checkIfLogglyServersAccessible - - #check if user credentials are valid. If no, then exit - checkIfValidUserNamePassword + #get authentication token if not provided + getAuthToken - #get authentication token if not provided - getAuthToken + #check if authentication token is valid. If no, then exit. + checkIfValidAuthToken - #check if authentication token is valid. If no, then exit. - checkIfValidAuthToken - fi - #checking if syslog-ng is configured as a service checkifSyslogNgConfiguredAsService @@ -138,38 +135,29 @@ checkLinuxLogglyCompatibility() installLogglyConf() { #log message indicating starting of Loggly configuration - logMsgToConfigSysLog "INFO" "INFO: Initiating Configure Loggly for Linux." + logMsgToConfigSysLog "INFO" "INFO: Initiating TLS Certificate upgrade in Loggly Configuration." if [ "$LINUX_ENV_VALIDATED" = "false" ]; then checkLinuxLogglyCompatibility fi - #create rsyslog dir if it doesn't exist, Modify the permission on rsyslog directory if exist on Ubuntu - createRsyslogDir - #write new sha2 certificate updateCertificate - + if [ "$TEST_MODE" = "true" ]; then - #if all the above check passes, write the 22-loggly.conf file - checkAuthTokenAndWriteContents - #call changeHostFile to test collector updateHostsFile #check if the logs are going to loggly fro linux system now checkIfLogsMadeToLoggly - fi - - if [ "$IS_INVOKED" = "" ]; then - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Linux system successfully configured to send logs via Loggly." - fi - + else + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Successfully upgraded TLS Certificate for Loggly configuration" + fi } -#remove loggly configuration from Linux system +#revert loggly TLS Certificate upgrade from Linux system revertTLSchanges() { #log message indicating starting of Loggly configuration @@ -429,55 +417,43 @@ checkIfSelinuxServiceEnforced() fi } -#check if authentication token is valid and then write contents to 22-loggly.conf file to /etc/rsyslog.d directory -checkAuthTokenAndWriteContents() -{ - if [ "$LOGGLY_AUTH_TOKEN" != "" ]; then - #writeContents $LOGGLY_ACCOUNT $LOGGLY_AUTH_TOKEN $LOGGLY_DISTRIBUTION_ID $LOGS_01_HOST $LOGGLY_SYSLOG_PORT - restartRsyslog - else - logMsgToConfigSysLog "ERROR" "ERROR: Loggly auth token is required to configure rsyslog. Please pass -a while running script." - exit 1 - fi -} - #create /etc/rsyslog.d/keys/ca.d directory and installs the certificates updateCertificate() { -CURRENT_CRT_CONF="$(grep '.crt' $LOGGLY_RSYSLOG_CONFFILE)" -CURRENT_CRT_COUNT="$(grep '.crt' $LOGGLY_RSYSLOG_CONFFILE | wc -l)" -if [ $CURRENT_CRT_COUNT -gt 0 ]; then + CURRENT_CRT_CONF="$(grep '.crt' $LOGGLY_RSYSLOG_CONFFILE)" + CURRENT_CRT_COUNT="$(grep '.crt' $LOGGLY_RSYSLOG_CONFFILE | wc -l)" + if [ $CURRENT_CRT_COUNT -gt 0 ]; then - DIRECTORY_K="/etc/rsyslog.d/keys"; - DIRECTORY_CA="/etc/rsyslog.d/keys/ca.d"; + DIRECTORY_K="/etc/rsyslog.d/keys"; + DIRECTORY_CA="/etc/rsyslog.d/keys/ca.d"; - if [ ! -d "$DIRECTORY_K" ]; then - logMsgToConfigSysLog "INFO" "INFO: Making directories /etc/rsyslog.d/keys/ca.d" - sudo mkdir /etc/rsyslog.d/keys - sudo mkdir /etc/rsyslog.d/keys/ca.d - elif [ -d "$DIRECTORY_K" ]; then - if [ ! -d "$DIRECTORY_CA" ]; then + if [ ! -d "$DIRECTORY_K" ]; then + logMsgToConfigSysLog "INFO" "INFO: Making directories /etc/rsyslog.d/keys/ca.d" + sudo mkdir /etc/rsyslog.d/keys sudo mkdir /etc/rsyslog.d/keys/ca.d + elif [ -d "$DIRECTORY_K" ]; then + if [ ! -d "$DIRECTORY_CA" ]; then + sudo mkdir /etc/rsyslog.d/keys/ca.d + fi + else + logMsgToConfigSysLog "INFO" "INFO: Directories /etc/rsyslog.d/keys/ca.d already exists" fi + + cd /etc/rsyslog.d/keys/ca.d/ + + logMsgToConfigSysLog "INFO" "INFO: Downloading required certificates" + sudo curl -O https://logdog.loggly.com/media/logs-01.loggly.com_sha12.crt + sudo cat logs-01.loggly.com_sha12 > loggly_full_sha12.crt + + #taking backup and changing path in 22-loggly.conf + sudo cp $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP + NEW_CRT_CONF="\$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/loggly_full_sha12.crt" + sed -i "s%$CURRENT_CRT_CONF%$NEW_CRT_CONF%g" $LOGGLY_RSYSLOG_CONFFILE + logMsgToConfigSysLog "INFO" "INFO: Upgraded TLS Certificate for Loggly configuration" else - logMsgToConfigSysLog "INFO" "INFO: Directories /etc/rsyslog.d/keys/ca.d already exists" + logMsgToConfigSysLog "INFO" "INFO: Rsyslog TLS is not configured." + logMsgToConfigSysLog "ERROR" "INFO: Please configure Rsyslog TLS first and then retry updating the certificate." fi - - cd /etc/rsyslog.d/keys/ca.d/ - logMsgToConfigSysLog "INFO" "INFO: Downloading required certificates" - sudo curl -O https://logdog.loggly.com/media/logs-01.loggly.com_sha12.crt - sudo cat logs-01.loggly.com_sha12.crt > loggly_full_sha12.crt - - #taking backup and changing path in 22-loggly.conf - sudo cp $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP - NEW_CRT_CONF="\$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/loggly_full_sha12.crt" - sed -i "s%$CURRENT_CRT_CONF%$NEW_CRT_CONF%g" $LOGGLY_RSYSLOG_CONFFILE - logMsgToConfigSysLog "INFO" "INFO: Certificate path changed in 22-loggly.conf" -else - logMsgToConfigSysLog "INFO" "INFO: Rsyslog TLS is not configured." - logMsgToConfigSysLog "INFO" "INFO: Please configure Rsyslog TLS first and then retry updating the certificate." - exit 1 -fi } #Updates the /etc/hosts file with test collectorIP and creates backup of file @@ -487,23 +463,6 @@ updateHostsFile() logMsgToConfigSysLog "INFO" "INFO: Hosts file Updated" } -#create /var/spool/rsyslog directory if not already present. Modify the permission of this directory for Ubuntu -createRsyslogDir() -{ - if [ -d "$RSYSLOG_DIR" ]; then - logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_DIR already exist, so not creating directory." - if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then - logMsgToConfigSysLog "INFO" "INFO: Changing the permission on the rsyslog in /var/spool" - sudo chown -R syslog:adm $RSYSLOG_DIR - fi - else - logMsgToConfigSysLog "INFO" "INFO: Creating directory $SYSLOGDIR" - sudo mkdir -v $RSYSLOG_DIR - if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then - sudo chown -R syslog:adm $RSYSLOG_DIR - fi - fi -} #check if the logs made it to Loggly checkIfLogsMadeToLoggly() @@ -545,13 +504,7 @@ checkIfLogsMadeToLoggly() done if [ "$finalCount" -eq 1 ]; then - if [ "$IS_INVOKED" = "" ]; then - - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Linux system logs to Loggly." - exit 0 - else - logMsgToConfigSysLog "INFO" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Linux system logs to Loggly." - fi + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Verification logs successfully transferred to Loggly! You have now upgraded TLS Certificate for Loggly configuration" fi } @@ -568,16 +521,16 @@ restoreHostFile() #delete 22-loggly.conf file remove22LogglyTLSChange() { -CURRENT_CRT_COUNT="$(grep '.crt' $LOGGLY_RSYSLOG_CONFFILE | wc -l)" -if [ $CURRENT_CRT_COUNT -gt 0 ]; then - if [ -f $LOGGLY_RSYSLOG_CONFFILE ]; then - sudo rm -rf $LOGGLY_RSYSLOG_CONFFILE - sudo cp $LOGGLY_RSYSLOG_CONFFILE_BACKUP $LOGGLY_RSYSLOG_CONFFILE + CURRENT_CRT_COUNT="$(grep '.crt' $LOGGLY_RSYSLOG_CONFFILE | wc -l)" + if [ $CURRENT_CRT_COUNT -gt 0 ]; then + if [ -f $LOGGLY_RSYSLOG_CONFFILE ]; then + sudo rm -rf $LOGGLY_RSYSLOG_CONFFILE + sudo cp $LOGGLY_RSYSLOG_CONFFILE_BACKUP $LOGGLY_RSYSLOG_CONFFILE + fi + else + logMsgToConfigSysLog "INFO" "INFO: Rsyslog TLS is not configured." + exit 1 fi -else - logMsgToConfigSysLog "INFO" "INFO: Rsyslog TLS is not configured." - exit 1 -fi } #compares two version numbers, used for comparing versions of various softwares @@ -710,76 +663,65 @@ getPassword() usage() { cat << EOF -usage: update-loggly-certificate [-a loggly auth account or subdomain] [-u username] [-t loggly token (optional)] [-p password (optional)] [ -notest to disable test mode (optional)] [-s suppress prompts {optional)] +usage: update-loggly-certificate [-a loggly auth account or subdomain] [-u loggly username] [-t loggly token (optional)] [-p password (optional)] [ -notest to disable test mode (optional)] [-s suppress prompts {optional)] usage: update-loggly-certificate [-a loggly auth account or subdomain] [-r to remove] usage: update-loggly-certificate [-h for help] EOF } ########## Get Inputs from User - Start ########## -if [ "$1" != "being-invoked" ]; then - if [ $# -eq 0 ]; then - usage - exit - else - while [ "$1" != "" ]; do - case $1 in - -t | --token ) shift - LOGGLY_AUTH_TOKEN=$1 - echo "AUTH TOKEN $LOGGLY_AUTH_TOKEN" - ;; - -a | --account ) shift - LOGGLY_ACCOUNT=$1 - echo "Loggly account or subdomain: $LOGGLY_ACCOUNT" - ;; - -notest | --notest ) shift - TEST_MODE="false" - echo "Test mode disabled" - ;; - -u | --username ) shift - LOGGLY_USERNAME=$1 - echo "Username is set" - ;; - -p | --password ) shift - LOGGLY_PASSWORD=$1 - ;; - -r | --remove ) - TLS_RESET="true" - ;; - -s | --suppress ) - SUPPRESS_PROMPT="true" - ;; - -h | --help) - usage - exit - ;; - *) usage +if [ $# -eq 0 ]; then + usage + exit +else + while [ "$1" != "" ]; do + case $1 in + -t | --token ) shift + LOGGLY_AUTH_TOKEN=$1 + echo "AUTH TOKEN $LOGGLY_AUTH_TOKEN" + ;; + -a | --account ) shift + LOGGLY_ACCOUNT=$1 + echo "Loggly account or subdomain: $LOGGLY_ACCOUNT" + ;; + -notest | --notest ) shift + TEST_MODE="false" + logMsgToConfigSysLog "INFO" "INFO: Test mode disabled" + ;; + -u | --username ) shift + LOGGLY_USERNAME=$1 + echo "Username is set" + ;; + -p | --password ) shift + LOGGLY_PASSWORD=$1 + ;; + -r | --remove ) + TLS_RESET="true" + ;; + -s | --suppress ) + SUPPRESS_PROMPT="true" + ;; + -h | --help) + usage exit ;; - esac - shift - done - fi + *) usage + exit + ;; + esac + shift + done +fi - if [ "$TLS_RESET" != "" -a "$LOGGLY_ACCOUNT" != "" ]; then - revertTLSchanges - elif [ "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" ]; then - if [ "$LOGGLY_PASSWORD" = "" ]; then - getPassword - fi - installLogglyConf - elif [ "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" -a "$TEST_MODE" == "false" ]; then - if [ "$LOGGLY_PASSWORD" = "" ]; then - getPassword - fi - installLogglyConf - else - usage - fi +if [ "$TLS_RESET" != "" -a "$LOGGLY_ACCOUNT" != "" ]; then + revertTLSchanges +elif [ "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" ]; then + if [ "$LOGGLY_PASSWORD" = "" ]; then + getPassword + fi + installLogglyConf else - IS_INVOKED="true" + usage fi - ########## Get Inputs from User - End ########## ------------------------------------------------------- # End of Syslog Logging Directives for Loggly -# From 9620d007bba7d7296ee8b56db72670d380776088 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Tue, 1 Mar 2016 10:04:20 +0530 Subject: [PATCH 11/25] Updated Certificate Path --- Linux Script/update-loggly-certificate.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Linux Script/update-loggly-certificate.sh b/Linux Script/update-loggly-certificate.sh index b920e5c..26588d9 100644 --- a/Linux Script/update-loggly-certificate.sh +++ b/Linux Script/update-loggly-certificate.sh @@ -443,7 +443,7 @@ updateCertificate() logMsgToConfigSysLog "INFO" "INFO: Downloading required certificates" sudo curl -O https://logdog.loggly.com/media/logs-01.loggly.com_sha12.crt - sudo cat logs-01.loggly.com_sha12 > loggly_full_sha12.crt + sudo cat logs-01.loggly.com_sha12.crt > loggly_full_sha12.crt #taking backup and changing path in 22-loggly.conf sudo cp $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP From e03a420fb3dc8d96f31827bda52bbca32cfad135 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Wed, 2 Mar 2016 14:42:59 +0530 Subject: [PATCH 12/25] Updated Certificate Path --- Linux Script/update-loggly-certificate.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Linux Script/update-loggly-certificate.sh b/Linux Script/update-loggly-certificate.sh index 26588d9..76029a9 100644 --- a/Linux Script/update-loggly-certificate.sh +++ b/Linux Script/update-loggly-certificate.sh @@ -443,11 +443,10 @@ updateCertificate() logMsgToConfigSysLog "INFO" "INFO: Downloading required certificates" sudo curl -O https://logdog.loggly.com/media/logs-01.loggly.com_sha12.crt - sudo cat logs-01.loggly.com_sha12.crt > loggly_full_sha12.crt #taking backup and changing path in 22-loggly.conf sudo cp $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP - NEW_CRT_CONF="\$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/loggly_full_sha12.crt" + NEW_CRT_CONF="\$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt" sed -i "s%$CURRENT_CRT_CONF%$NEW_CRT_CONF%g" $LOGGLY_RSYSLOG_CONFFILE logMsgToConfigSysLog "INFO" "INFO: Upgraded TLS Certificate for Loggly configuration" else From e4be7a716bde9a831bdbca42c09ae6c8ef499561 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Thu, 3 Mar 2016 17:23:13 +0530 Subject: [PATCH 13/25] Added Trapping Control + C --- Linux Script/update-loggly-certificate.sh | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/Linux Script/update-loggly-certificate.sh b/Linux Script/update-loggly-certificate.sh index 76029a9..05d015a 100644 --- a/Linux Script/update-loggly-certificate.sh +++ b/Linux Script/update-loggly-certificate.sh @@ -3,6 +3,13 @@ #trapping Control + C #these statements must be the first statements in the script to trap the CTRL C event +trap ctrl_c INT + +function ctrl_c() { + logMsgToConfigSysLog "INFO" "INFO: Aborting the script." + exit 1 +} + ########## Variable Declarations - Start ########## #name of the current script. This will get overwritten by the child script which calls this @@ -143,6 +150,9 @@ installLogglyConf() #write new sha2 certificate updateCertificate + + #restart rsyslog service + restartRsyslog if [ "$TEST_MODE" = "true" ]; then @@ -443,10 +453,11 @@ updateCertificate() logMsgToConfigSysLog "INFO" "INFO: Downloading required certificates" sudo curl -O https://logdog.loggly.com/media/logs-01.loggly.com_sha12.crt + sudo cat logs-01.loggly.com_sha12.crt > loggly_full_sha12.crt #taking backup and changing path in 22-loggly.conf sudo cp $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP - NEW_CRT_CONF="\$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt" + NEW_CRT_CONF="\$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/loggly_full_sha12.crt" sed -i "s%$CURRENT_CRT_CONF%$NEW_CRT_CONF%g" $LOGGLY_RSYSLOG_CONFFILE logMsgToConfigSysLog "INFO" "INFO: Upgraded TLS Certificate for Loggly configuration" else From b3ae0af1e0146974f1f0ccc29d0d12b5ecba5ee8 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Fri, 4 Mar 2016 17:44:19 +0530 Subject: [PATCH 14/25] Added Sleep after updating Hosts file --- Linux Script/update-loggly-certificate.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Linux Script/update-loggly-certificate.sh b/Linux Script/update-loggly-certificate.sh index 05d015a..a7a6ead 100644 --- a/Linux Script/update-loggly-certificate.sh +++ b/Linux Script/update-loggly-certificate.sh @@ -471,6 +471,7 @@ updateHostsFile() { sudo sed -i '$ a\ '"52.1.106.130 logs-01.loggly.com" /etc/hosts logMsgToConfigSysLog "INFO" "INFO: Hosts file Updated" + sleep 15 } @@ -483,7 +484,9 @@ checkIfLogsMadeToLoggly() queryParam="syslog.appName%3ALOGGLYVERIFY%20$uuid" logger -t "LOGGLYVERIFY" "LOGGLYVERIFY-Test message for verification with UUID $uuid" - + #sleeps for 2 seconds before restoring hosts file + sleep 2 + #restores hosts file to its earlier state restoreHostFile From 15dc9f7ce422fac58312ad97f44e2833b07e3d80 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Wed, 9 Mar 2016 16:46:08 +0530 Subject: [PATCH 15/25] Added MaxMessageSize --- Linux Script/configure-linux.sh | 80 +++++++++++++++++++-------------- 1 file changed, 47 insertions(+), 33 deletions(-) diff --git a/Linux Script/configure-linux.sh b/Linux Script/configure-linux.sh index 25945ef..4258599 100644 --- a/Linux Script/configure-linux.sh +++ b/Linux Script/configure-linux.sh @@ -15,7 +15,7 @@ function ctrl_c() { #name of the current script. This will get overwritten by the child script which calls this SCRIPT_NAME=configure-linux.sh #version of the current script. This will get overwritten by the child script which calls this -SCRIPT_VERSION=1.14 +SCRIPT_VERSION=1.15 #application tag. This will get overwritten by the child script which calls this APP_TAG= @@ -118,7 +118,7 @@ checkLinuxLogglyCompatibility() #checking if syslog-ng is configured as a service checkifSyslogNgConfiguredAsService - + #check if rsyslog is configured as service. If no, then exit checkIfRsyslogConfiguredAsService @@ -130,6 +130,9 @@ checkLinuxLogglyCompatibility() #check if selinux service is enforced. if yes, ask the user to manually disable and exit the script checkIfSelinuxServiceEnforced + + #update rsyslog.conf and adds $MaxMessageSize in it + modifyMaxMessageSize LINUX_ENV_VALIDATED="true" } @@ -158,7 +161,7 @@ installLogglyConf() if [ "$IS_INVOKED" = "" ]; then logMsgToConfigSysLog "SUCCESS" "SUCCESS: Linux system successfully configured to send logs via Loggly." fi - + } #remove loggly configuration from Linux system @@ -189,7 +192,7 @@ removeLogglyConf() #checks if user has root privileges checkIfUserHasRootPrivileges() { - #This script needs to be run as a sudo user + #This script needs to be run as root if [[ $EUID -ne 0 ]]; then logMsgToConfigSysLog "ERROR" "ERROR: This script must be run as root." exit 1 @@ -200,9 +203,9 @@ checkIfUserHasRootPrivileges() checkIfSupportedOS() { getOs - + LINUX_DIST_IN_LOWER_CASE=$(echo $LINUX_DIST | tr "[:upper:]" "[:lower:]") - + case "$LINUX_DIST_IN_LOWER_CASE" in *"ubuntu"* ) echo "INFO: Operating system is Ubuntu." @@ -233,7 +236,7 @@ checkIfSupportedOS() [Yy]* ) break;; [Nn]* ) - exit 1 + exit 1 ;; * ) echo "Please answer yes or no.";; esac @@ -303,7 +306,7 @@ checkIfLogglyServersAccessible() logMsgToConfigSysLog "ERROR" "ERROR: This is not a recognized subdomain. Please ask the account owner for the subdomain they signed up with." exit 1 fi - + echo "INFO: Checking if Gen2 account." if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "404 NOT FOUND" | wc -l) == 1 ]; then logMsgToConfigSysLog "ERROR" "ERROR: This scripts need a Gen2 account. Please contact Loggly support." @@ -343,7 +346,7 @@ getAuthToken() tokenstr=${tokenstr#*\"} LOGGLY_AUTH_TOKEN=$tokenstr - + logMsgToConfigSysLog "INFO" "INFO: Retrieved authentication token: $LOGGLY_AUTH_TOKEN" fi } @@ -369,13 +372,13 @@ checkIfRsyslogConfiguredAsService() logMsgToConfigSysLog "ERROR" "ERROR: $RSYSLOG_SERVICE is not present as service." exit 1 fi - + #checking if syslog-ng is running as a service checkifSyslogNgConfiguredAsService - + if [ $(ps -A | grep "$RSYSLOG_SERVICE" | wc -l) -eq 0 ]; then logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is not running. Attempting to start service." - sudo service $RSYSLOG_SERVICE start + service $RSYSLOG_SERVICE start fi } @@ -399,7 +402,7 @@ checkIfMultipleRsyslogConfigured() #check if minimum version of rsyslog required to configure loggly is met checkIfMinVersionOfRsyslog() { - RSYSLOG_VERSION=$(sudo $RSYSLOGD -version | grep "$RSYSLOGD") + RSYSLOG_VERSION=$($RSYSLOGD -version | grep "$RSYSLOGD") RSYSLOG_VERSION=${RSYSLOG_VERSION#* } RSYSLOG_VERSION=${RSYSLOG_VERSION%,*} RSYSLOG_VERSION=$RSYSLOG_VERSION | tr -d " " @@ -415,12 +418,23 @@ checkIfSelinuxServiceEnforced() isSelinuxInstalled=$(getenforce -ds 2>/dev/null) if [ $? -ne 0 ]; then logMsgToConfigSysLog "INFO" "INFO: selinux status is not enforced." - elif [ $(sudo getenforce | grep "Enforcing" | wc -l) -gt 0 ]; then + elif [ $(getenforce | grep "Enforcing" | wc -l) -gt 0 ]; then logMsgToConfigSysLog "ERROR" "ERROR: selinux status is 'Enforcing'. Please disable it and start the rsyslog daemon manually." exit 1 fi } +#update rsyslog.conf and adds $MaxMessageSize in it +modifyMaxMessageSize() +{ + if grep -q '$MaxMessageSize' "/etc/rsyslog.conf"; then + sed -i 's/.*$MaxMessageSize.*/$MaxMessageSize 64k/g' /etc/rsyslog.conf + else + sed -i '1 a $MaxMessageSize 64k' /etc/rsyslog.conf + fi + logMsgToConfigSysLog "INFO" "INFO: Modified \$MaxMessageSize to 64k in rsyslog.conf" +} + #check if authentication token is valid and then write contents to 22-loggly.conf file to /etc/rsyslog.d directory checkAuthTokenAndWriteContents() { @@ -461,24 +475,24 @@ inputStr=" " if [ -f "$LOGGLY_RSYSLOG_CONFFILE" ]; then logMsgToConfigSysLog "INFO" "INFO: Loggly rsyslog file $LOGGLY_RSYSLOG_CONFFILE already exist." - + STR_SIZE=${#inputStr} SIZE_FILE=$(stat -c%s "$LOGGLY_RSYSLOG_CONFFILE") - + #actual file size and variable size with same contents always differ in size with one byte STR_SIZE=$(( STR_SIZE + 1 )) - + if [ "$STR_SIZE" -ne "$SIZE_FILE" ]; then - + logMsgToConfigSysLog "WARN" "WARN: Loggly rsyslog file /etc/rsyslog.d/22-loggly.conf content has changed." if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; + while true; do read -p "Do you wish to override $LOGGLY_RSYSLOG_CONFFILE and re-verify configuration? (yes/no)" yn case $yn in [Yy]* ) logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $LOGGLY_RSYSLOG_CONFFILE to $LOGGLY_RSYSLOG_CONFFILE_BACKUP"; - sudo mv -f $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP; + mv -f $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP; WRITE_SCRIPT_CONTENTS="true" break;; [Nn]* ) @@ -490,7 +504,7 @@ inputStr=" done else logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $LOGGLY_RSYSLOG_CONFFILE to $LOGGLY_RSYSLOG_CONFFILE_BACKUP"; - sudo mv -f $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP; + mv -f $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP; WRITE_SCRIPT_CONTENTS="true" fi else @@ -499,13 +513,13 @@ inputStr=" else WRITE_SCRIPT_CONTENTS="true" fi - + if [ "$WRITE_SCRIPT_CONTENTS" == "true" ]; then -sudo cat << EOIPFW >> $LOGGLY_RSYSLOG_CONFFILE +cat << EOIPFW >> $LOGGLY_RSYSLOG_CONFFILE $inputStr EOIPFW - + fi } @@ -517,13 +531,13 @@ createRsyslogDir() logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_DIR already exist, so not creating directory." if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then logMsgToConfigSysLog "INFO" "INFO: Changing the permission on the rsyslog in /var/spool" - sudo chown -R syslog:adm $RSYSLOG_DIR + chown -R syslog:adm $RSYSLOG_DIR fi else logMsgToConfigSysLog "INFO" "INFO: Creating directory $SYSLOGDIR" - sudo mkdir -v $RSYSLOG_DIR + mkdir -v $RSYSLOG_DIR if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then - sudo chown -R syslog:adm $RSYSLOG_DIR + chown -R syslog:adm $RSYSLOG_DIR fi fi } @@ -577,7 +591,7 @@ checkIfLogsMadeToLoggly() remove22LogglyConfFile() { if [ -f "$LOGGLY_RSYSLOG_CONFFILE" ]; then - sudo rm -rf "$LOGGLY_RSYSLOG_CONFFILE" + rm -rf "$LOGGLY_RSYSLOG_CONFFILE" fi } @@ -603,7 +617,7 @@ compareVersions () restartRsyslog() { logMsgToConfigSysLog "INFO" "INFO: Restarting the $RSYSLOG_SERVICE service." - sudo service $RSYSLOG_SERVICE restart + service $RSYSLOG_SERVICE restart if [ $? -ne 0 ]; then logMsgToConfigSysLog "WARNING" "WARNING: $RSYSLOG_SERVICE did not restart gracefully. Please restart $RSYSLOG_SERVICE manually." fi @@ -666,9 +680,9 @@ sendPayloadToConfigSysLog() searchAndFetch() { url=$2 - + result=$(wget -qO- /dev/null --user "$LOGGLY_USERNAME" --password "$LOGGLY_PASSWORD" "$url") - + if [ -z "$result" ]; then logMsgToConfigSysLog "ERROR" "ERROR: Please check your network/firewall settings & ensure Loggly subdomain, username and password is specified correctly." exit 1 @@ -687,7 +701,7 @@ searchAndFetch() eval $1="'$count'" if [ "$count" -gt 0 ]; then timestamp=$(echo "$result" | grep timestamp) - fi + fi } #get password in the form of asterisk @@ -774,4 +788,4 @@ fi ########## Get Inputs from User - End ########## ------------------------------------------------------- # End of Syslog Logging Directives for Loggly -# +# From 69b90da7249b17b9f938c67421387ed02875bf14 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Wed, 9 Mar 2016 17:30:49 +0530 Subject: [PATCH 16/25] Configure Tomcat Access Logs --- Modular Scripts/Tomcat/configure-tomcat.sh | 165 ++++++++++----------- 1 file changed, 77 insertions(+), 88 deletions(-) diff --git a/Modular Scripts/Tomcat/configure-tomcat.sh b/Modular Scripts/Tomcat/configure-tomcat.sh index 774438f..c4b10e2 100644 --- a/Modular Scripts/Tomcat/configure-tomcat.sh +++ b/Modular Scripts/Tomcat/configure-tomcat.sh @@ -53,9 +53,6 @@ TAG= #this is not a mandatory input LOGGLY_CATALINA_HOME= -#this variable will hold if the access-logs are invoked. -CONFIGURE_ACCESS_LOGS="false" - MANUAL_CONFIG_INSTRUCTION="Manual instructions to configure Tomcat is available at https://www.loggly.com/docs/tomcat-application-server/. Rsyslog troubleshooting instructions are available at https://www.loggly.com/docs/troubleshooting-rsyslog/" #this variable will hold if the check env function for linux is invoked @@ -465,7 +462,6 @@ updateServerXML() if ! grep -q 'renameOnRotate="true"' "$LOGGLY_CATALINA_HOME/conf/server.xml"; then - CONFIGURE_ACCESS_LOGS="true" #Creating backup of server.xml to server.xml.bk logMsgToConfigSysLog "INFO" "INFO: Creating backup of server.xml to server.xml.bk" @@ -525,102 +521,95 @@ write21TomcatFileContents() sudo chmod o+w $TOMCAT_SYSLOG_CONFFILE imfileStr="\$ModLoad imfile - \$WorkDirectory $RSYSLOG_DIR - " +\$WorkDirectory $RSYSLOG_DIR +" if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then imfileStr+="\$PrivDropToGroup adm - " +" fi imfileStr+=" - #parameterized token here....... - #Add a tag for tomcat events - \$template LogglyFormatTomcat,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" - - # catalina.out - \$InputFileName $LOGGLY_CATALINA_LOG_HOME/catalina.out - \$InputFileTag catalina-out - \$InputFileStateFile stat-catalina-out - \$InputFileSeverity info - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - if \$programname == 'catalina-out' then @@logs-01.loggly.com:514;LogglyFormatTomcat - if \$programname == 'catalina-out' then ~ - - # initd.log - \$InputFileName $LOGGLY_CATALINA_LOG_HOME/initd.log - \$InputFileTag initd - \$InputFileStateFile stat-initd - \$InputFileSeverity info - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - if \$programname == 'initd' then @@logs-01.loggly.com:514;LogglyFormatTomcat - if \$programname == 'initd' then ~ - " +#parameterized token here....... +#Add a tag for tomcat events +\$template LogglyFormatTomcat,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" + +# catalina.out +\$InputFileName $LOGGLY_CATALINA_LOG_HOME/catalina.out +\$InputFileTag catalina-out +\$InputFileStateFile stat-catalina-out +\$InputFileSeverity info +\$InputFilePersistStateInterval 20000 +\$InputRunFileMonitor +if \$programname == 'catalina-out' then @@logs-01.loggly.com:514;LogglyFormatTomcat +if \$programname == 'catalina-out' then ~ + +# initd.log +\$InputFileName $LOGGLY_CATALINA_LOG_HOME/initd.log +\$InputFileTag initd +\$InputFileStateFile stat-initd +\$InputFileSeverity info +\$InputFilePersistStateInterval 20000 +\$InputRunFileMonitor +if \$programname == 'initd' then @@logs-01.loggly.com:514;LogglyFormatTomcat +if \$programname == 'initd' then ~ +" #if log rotation is enabled i.e. tomcat version is greater than or equal to #6.0.33.0, then add the following lines to tomcat syslog conf file if [ $(compareVersions $TOMCAT_VERSION $MIN_TOMCAT_VERSION 4) -ge 0 ]; then imfileStr+=" - # catalina.log - \$InputFileName $LOGGLY_CATALINA_LOG_HOME/catalina.log - \$InputFileTag catalina-log - \$InputFileStateFile stat-catalina-log - \$InputFileSeverity info - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - if \$programname == 'catalina-log' then @@logs-01.loggly.com:514;LogglyFormatTomcat - if \$programname == 'catalina-log' then ~ - - # host-manager.log - \$InputFileName $LOGGLY_CATALINA_LOG_HOME/host-manager.log - \$InputFileTag host-manager - \$InputFileStateFile stat-host-manager - \$InputFileSeverity info - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - if \$programname == 'host-manager' then @@logs-01.loggly.com:514;LogglyFormatTomcat - if \$programname == 'host-manager' then ~ - - # localhost.log - \$InputFileName $LOGGLY_CATALINA_LOG_HOME/localhost.log - \$InputFileTag localhost-log - \$InputFileStateFile stat-localhost-log - \$InputFileSeverity info - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - if \$programname == 'localhost-log' then @@logs-01.loggly.com:514;LogglyFormatTomcat - if \$programname == 'localhost-log' then ~ - - # manager.log - \$InputFileName $LOGGLY_CATALINA_LOG_HOME/manager.log - \$InputFileTag manager - \$InputFileStateFile stat-manager - \$InputFileSeverity info - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - if \$programname == 'manager' then @@logs-01.loggly.com:514;LogglyFormatTomcat - if \$programname == 'manager' then ~ - " +# catalina.log +\$InputFileName $LOGGLY_CATALINA_LOG_HOME/catalina.log +\$InputFileTag catalina-log +\$InputFileStateFile stat-catalina-log +\$InputFileSeverity info +\$InputFilePersistStateInterval 20000 +\$InputRunFileMonitor +if \$programname == 'catalina-log' then @@logs-01.loggly.com:514;LogglyFormatTomcat +if \$programname == 'catalina-log' then ~ + +# host-manager.log +\$InputFileName $LOGGLY_CATALINA_LOG_HOME/host-manager.log +\$InputFileTag host-manager +\$InputFileStateFile stat-host-manager +\$InputFileSeverity info +\$InputFilePersistStateInterval 20000 +\$InputRunFileMonitor +if \$programname == 'host-manager' then @@logs-01.loggly.com:514;LogglyFormatTomcat +if \$programname == 'host-manager' then ~ + +# localhost.log +\$InputFileName $LOGGLY_CATALINA_LOG_HOME/localhost.log +\$InputFileTag localhost-log +\$InputFileStateFile stat-localhost-log +\$InputFileSeverity info +\$InputFilePersistStateInterval 20000 +\$InputRunFileMonitor +if \$programname == 'localhost-log' then @@logs-01.loggly.com:514;LogglyFormatTomcat +if \$programname == 'localhost-log' then ~ + +# manager.log +\$InputFileName $LOGGLY_CATALINA_LOG_HOME/manager.log +\$InputFileTag manager +\$InputFileStateFile stat-manager +\$InputFileSeverity info +\$InputFilePersistStateInterval 20000 +\$InputRunFileMonitor +if \$programname == 'manager' then @@logs-01.loggly.com:514;LogglyFormatTomcat +if \$programname == 'manager' then ~ + +# localhost_access_log.txt +\$InputFileName $LOGGLY_CATALINA_LOG_HOME/localhost_access_log.txt +\$InputFileTag tomcat-access +\$InputFileStateFile stat-tomcat-access +\$InputFileSeverity info +\$InputFilePersistStateInterval 20000 +\$InputRunFileMonitor +if \$programname == 'tomcat-access' then @@logs-01.loggly.com:514;LogglyFormatTomcat +if \$programname == 'tomcat-access' then ~ +" fi - if [ $CONFIGURE_ACCESS_LOGS == "true" ]; - then - imfileStr+=" - - # localhost_access_log.txt - \$InputFileName $LOGGLY_CATALINA_LOG_HOME/localhost_access_log.txt - \$InputFileTag tomcat-access - \$InputFileStateFile stat-tomcat-access - \$InputFileSeverity info - \$InputFilePersistStateInterval 20000 - \$InputRunFileMonitor - if \$programname == 'tomcat-access' then @@logs-01.loggly.com:514;LogglyFormatTomcat - if \$programname == 'tomcat-access' then ~ - " - fi - - #change the tomcat-21 file to variable from above and also take the directory of the tomcat log file. sudo cat << EOIPFW >> $TOMCAT_SYSLOG_CONFFILE $imfileStr From 97afefe983fb93bec7e6ab72d7d5774607fa0baf Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Mon, 14 Mar 2016 17:48:45 +0530 Subject: [PATCH 17/25] Added support for Systemd --- Linux Script/configure-linux-systemd.sh | 821 ++++++++++++++++++++++++ 1 file changed, 821 insertions(+) create mode 100644 Linux Script/configure-linux-systemd.sh diff --git a/Linux Script/configure-linux-systemd.sh b/Linux Script/configure-linux-systemd.sh new file mode 100644 index 0000000..6a590a2 --- /dev/null +++ b/Linux Script/configure-linux-systemd.sh @@ -0,0 +1,821 @@ +#!/bin/bash + +#trapping Control + C +#these statements must be the first statements in the script to trap the CTRL C event + +trap ctrl_c INT + +function ctrl_c() { + logMsgToConfigSysLog "INFO" "INFO: Aborting the script." + exit 1 +} + +########## Variable Declarations - Start ########## + +#name of the current script. This will get overwritten by the child script which calls this +SCRIPT_NAME=configure-linux.sh +#version of the current script. This will get overwritten by the child script which calls this +SCRIPT_VERSION=1.15 + +#application tag. This will get overwritten by the child script which calls this +APP_TAG= + +#directory location for syslog +RSYSLOG_ETCDIR_CONF=/etc/rsyslog.d +#name and location of loggly syslog file +LOGGLY_RSYSLOG_CONFFILE=$RSYSLOG_ETCDIR_CONF/22-loggly.conf +#name and location of loggly syslog backup file +LOGGLY_RSYSLOG_CONFFILE_BACKUP=$LOGGLY_RSYSLOG_CONFFILE.loggly.bk + +#syslog directory +RSYSLOG_DIR=/var/spool/rsyslog +#rsyslog service name +RSYSLOG_SERVICE=rsyslog +#syslog-ng +SYSLOG_NG_SERVICE=syslog-ng +#rsyslogd +RSYSLOGD=rsyslogd +#minimum version of rsyslog to enable logging to loggly +MIN_RSYSLOG_VERSION=5.8.0 +#this variable will hold the users syslog version +RSYSLOG_VERSION= + +#this variable will hold the host name +HOST_NAME= +#this variable will hold the name of the linux distribution +LINUX_DIST= + +#host name for logs-01.loggly.com +LOGS_01_HOST=logs-01.loggly.com +LOGS_01_URL=https://$LOGS_01_HOST +#this variable will contain loggly account url in the format https://$LOGGLY_ACCOUNT.loggly.com +LOGGLY_ACCOUNT_URL= +#loggly.com URL +LOGGLY_COM_URL=https://www.loggly.com + +######Inputs provided by user###### +#this variable will hold the loggly account name provided by user. +#this is a mandatory input +LOGGLY_ACCOUNT= +#this variable will hold the loggly authentication token provided by user. +#this is a mandatory input +LOGGLY_AUTH_TOKEN= +#this variable will identify if the user has selected to rollback settings +LOGGLY_ROLLBACK= +#this variable will hold the user name provided by user +#this is a mandatory input +LOGGLY_USERNAME= +#this variable will hold the password provided by user +#this is a mandatory input +LOGGLY_PASSWORD= + +#if this variable is set to true then suppress all prompts +SUPPRESS_PROMPT="false" + +#variables used in 22-loggly.conf file +LOGGLY_SYSLOG_PORT=514 +LOGGLY_DISTRIBUTION_ID="41058" + +#Instruction link on how to configure loggly on linux manually. This will get overwritten by the child script which calls this +#on how to configure the child application +MANUAL_CONFIG_INSTRUCTION="Manual instructions to configure rsyslog on Linux are available at https://www.loggly.com/docs/rsyslog-manual-configuration/. Rsyslog troubleshooting instructions are available at https://www.loggly.com/docs/troubleshooting-rsyslog/" + +#this variable is set if the script is invoked via some other calling script +IS_INVOKED= + +#this variable will hold if the check env function for linux is invoked +LINUX_ENV_VALIDATED="false" + +#this variable will inform if verification needs to be performed +LINUX_DO_VERIFICATION="true" + +########## Variable Declarations - End ########## + +#check if the Linux environment is compatible with Loggly. +#Also set few variables after the check. +checkLinuxLogglyCompatibility() +{ + #check if the user has root permission to run this script + checkIfUserHasRootPrivileges + + #check if the OS is supported by the script. If no, then exit + checkIfSupportedOS + + #set the basic variables needed by this script + setLinuxVariables + + #check if the Loggly servers are accessible. If no, ask user to check network connectivity & exit + checkIfLogglyServersAccessible + + #check if user credentials are valid. If no, then exit + checkIfValidUserNamePassword + + #get authentication token if not provided + getAuthToken + + #check if authentication token is valid. If no, then exit. + checkIfValidAuthToken + + #checking if syslog-ng is configured as a service + checkifSyslogNgConfiguredAsService + + #check if systemd is present in machine. + checkIfSystemdConfigured + + #check if rsyslog is configured as service. If no, then exit + checkIfRsyslogConfiguredAsService + + #check if multiple rsyslog are present in the system. If yes, then exit + checkIfMultipleRsyslogConfigured + + #check for the minimum version of rsyslog i.e 5.8.0. If no, then exit + checkIfMinVersionOfRsyslog + + #check if selinux service is enforced. if yes, ask the user to manually disable and exit the script + checkIfSelinuxServiceEnforced + + #update rsyslog.conf and adds $MaxMessageSize in it + modifyMaxMessageSize + + LINUX_ENV_VALIDATED="true" +} + +# executing the script for loggly to install and configure rsyslog. +installLogglyConf() +{ + #log message indicating starting of Loggly configuration + logMsgToConfigSysLog "INFO" "INFO: Initiating Configure Loggly for Linux." + + if [ "$LINUX_ENV_VALIDATED" = "false" ]; then + checkLinuxLogglyCompatibility + fi + + #if all the above check passes, write the 22-loggly.conf file + checkAuthTokenAndWriteContents + + #create rsyslog dir if it doesn't exist, Modify the permission on rsyslog directory if exist on Ubuntu + createRsyslogDir + + if [ "$LINUX_DO_VERIFICATION" = "true" ]; then + #check if the logs are going to loggly fro linux system now + checkIfLogsMadeToLoggly + fi + + if [ "$IS_INVOKED" = "" ]; then + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Linux system successfully configured to send logs via Loggly." + fi + +} + +#remove loggly configuration from Linux system +removeLogglyConf() +{ + #log message indicating starting of Loggly configuration + logMsgToConfigSysLog "INFO" "INFO: Initiating uninstall Loggly for Linux." + + #check if the user has root permission to run this script + checkIfUserHasRootPrivileges + + #check if the OS is supported by the script. If no, then exit + checkIfSupportedOS + + #set the basic variables needed by this script + setLinuxVariables + + #remove systemd-rsyslog configuration + revertSystemdChanges + + #remove 22-loggly.conf file + remove22LogglyConfFile + + #restart rsyslog service + restartRsyslog + + #log success message + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Uninstalled Loggly configuration from Linux system." +} + +#checks if user has root privileges +checkIfUserHasRootPrivileges() +{ + #This script needs to be run as root + if [[ $EUID -ne 0 ]]; then + logMsgToConfigSysLog "ERROR" "ERROR: This script must be run as root." + exit 1 + fi +} + +#check if supported operating system +checkIfSupportedOS() +{ + getOs + + LINUX_DIST_IN_LOWER_CASE=$(echo $LINUX_DIST | tr "[:upper:]" "[:lower:]") + + case "$LINUX_DIST_IN_LOWER_CASE" in + *"ubuntu"* ) + echo "INFO: Operating system is Ubuntu." + ;; + *"redhat"* ) + echo "INFO: Operating system is Red Hat." + ;; + *"centos"* ) + echo "INFO: Operating system is CentOS." + ;; + *"debian"* ) + echo "INFO: Operating system is Debian." + ;; + *"amazon"* ) + echo "INFO: Operating system is Amazon AMI." + ;; + *"darwin"* ) + #if the OS is mac then exit + logMsgToConfigSysLog "ERROR" "ERROR: This script is for Linux systems, and Darwin or Mac OSX are not currently supported. You can find alternative options here: https://www.loggly.com/docs/send-mac-logs-to-loggly/" + exit 1 + ;; + * ) + logMsgToConfigSysLog "WARN" "WARN: The linux distribution '$LINUX_DIST' has not been previously tested with Loggly." + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; do + read -p "Would you like to continue anyway? (yes/no)" yn + case $yn in + [Yy]* ) + break;; + [Nn]* ) + exit 1 + ;; + * ) echo "Please answer yes or no.";; + esac + done + fi + ;; + esac +} + +getOs() +{ + # Determine OS platform + UNAME=$(uname | tr "[:upper:]" "[:lower:]") + # If Linux, try to determine specific distribution + if [ "$UNAME" == "linux" ]; then + # If available, use LSB to identify distribution + if [ -f /etc/lsb-release -o -d /etc/lsb-release.d ]; then + LINUX_DIST=$(lsb_release -i | cut -d: -f2 | sed s/'^\t'//) + # If system-release is available, then try to identify the name + elif [ -f /etc/system-release ]; then + LINUX_DIST=$(cat /etc/system-release | cut -f 1 -d " ") + # Otherwise, use release info file + else + LINUX_DIST=$(ls -d /etc/[A-Za-z]*[_-][rv]e[lr]* | grep -v "lsb" | cut -d'/' -f3 | cut -d'-' -f1 | cut -d'_' -f1) + fi + fi + + # For everything else (or if above failed), just use generic identifier + if [ "$LINUX_DIST" == "" ]; then + LINUX_DIST=$(uname) + fi +} + +#sets linux variables which will be used across various functions +setLinuxVariables() +{ + #set host name + HOST_NAME=$(hostname) + + #set loggly account url + LOGGLY_ACCOUNT_URL=https://$LOGGLY_ACCOUNT.loggly.com +} + +#checks if all the various endpoints used for configuring loggly are accessible +checkIfLogglyServersAccessible() +{ + echo "INFO: Checking if $LOGS_01_HOST is reachable." + if [ $(ping -c 1 $LOGS_01_HOST | grep "1 packets transmitted, 1 received, 0% packet loss" | wc -l) == 1 ] || [ $(sleep 1 | telnet $LOGS_01_HOST $LOGGLY_SYSLOG_PORT | grep Connected | wc -l) == 1 ]; then + echo "INFO: $LOGS_01_HOST is reachable." + else + logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable. Please check your network and firewall settings." + exit 1 + fi + + echo "INFO: Checking if $LOGS_01_HOST is reachable via $LOGGLY_SYSLOG_PORT port. This may take some time." + if [ $(curl --connect-timeout 10 $LOGS_01_HOST:$LOGGLY_SYSLOG_PORT 2>&1 | grep "Empty reply from server" | wc -l) == 1 ]; then + echo "INFO: $LOGS_01_HOST is reachable via $LOGGLY_SYSLOG_PORT port." + else + logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable via $LOGGLY_SYSLOG_PORT port. Please check your network and firewall settings." + exit 1 + fi + + echo "INFO: Checking if '$LOGGLY_ACCOUNT' subdomain is valid." + if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/login | grep "200 OK" | wc -l) == 1 ]; then + echo "INFO: $LOGGLY_ACCOUNT_URL is valid and reachable." + else + logMsgToConfigSysLog "ERROR" "ERROR: This is not a recognized subdomain. Please ask the account owner for the subdomain they signed up with." + exit 1 + fi + + echo "INFO: Checking if Gen2 account." + if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "404 NOT FOUND" | wc -l) == 1 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: This scripts need a Gen2 account. Please contact Loggly support." + exit 1 + else + echo "INFO: It is a Gen2 account." + fi +} + +#check if user name and password is valid +checkIfValidUserNamePassword() +{ + echo "INFO: Checking if provided username and password is correct." + if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "Unauthorized" | wc -l) == 1 ]; then + logMsgToConfigSysLog "INFO" "INFO: Please check your username or reset your password at $LOGGLY_ACCOUNT_URL/account/users/" + logMsgToConfigSysLog "ERROR" "ERROR: Invalid Loggly username or password. Your username is visible at the top right of the Loggly console before the @ symbol. You can reset your password at http://.loggly.com/login." + exit 1 + else + logMsgToConfigSysLog "INFO" "INFO: Username and password authorized successfully." + fi +} + +getAuthToken() +{ + if [ "$LOGGLY_AUTH_TOKEN" = "" ]; then + logMsgToConfigSysLog "INFO" "INFO: Authentication token not provided. Trying to retrieve it from $LOGGLY_ACCOUNT_URL account." + #get authentication token if user has not provided one + tokenstr=$(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep -v "token") + + #get the string from index 0 to first occurence of , + tokenstr=${tokenstr%%,*} + + #get the string from index 0 to last occurence of " + tokenstr=${tokenstr%\"*} + + #get the string from first occurence of " to the end + tokenstr=${tokenstr#*\"} + + LOGGLY_AUTH_TOKEN=$tokenstr + + logMsgToConfigSysLog "INFO" "INFO: Retrieved authentication token: $LOGGLY_AUTH_TOKEN" + fi +} + +#check if authentication token is valid +checkIfValidAuthToken() +{ + echo "INFO: Checking if provided auth token is correct." + if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep \"$LOGGLY_AUTH_TOKEN\" | wc -l) == 1 ]; then + logMsgToConfigSysLog "INFO" "INFO: Authentication token validated successfully." + else + logMsgToConfigSysLog "ERROR" "ERROR: Invalid authentication token $LOGGLY_AUTH_TOKEN. You can get valid authentication token by following instructions at https://www.loggly.com/docs/customer-token-authentication-token/." + exit 1 + fi +} + +#check if rsyslog is configured as service. If it is configured as service and not started, start the service +checkIfRsyslogConfiguredAsService() +{ + if [ -f /etc/init.d/$RSYSLOG_SERVICE ]; then + logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is present as service." + else + logMsgToConfigSysLog "ERROR" "ERROR: $RSYSLOG_SERVICE is not present as service." + exit 1 + fi + + #checking if syslog-ng is running as a service + checkifSyslogNgConfiguredAsService + + if [ $(ps -A | grep "$RSYSLOG_SERVICE" | wc -l) -eq 0 ]; then + logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is not running. Attempting to start service." + service $RSYSLOG_SERVICE start + fi +} + +checkifSyslogNgConfiguredAsService() +{ + if [ $(ps -A | grep "$SYSLOG_NG_SERVICE" | wc -l) -gt 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: This script does not currently support syslog-ng. Please follow the instructions on this page https://www.loggly.com/docs/syslog-ng-manual-configuration" + exit 1 + fi +} + +#check if systemd is present in machine. +checkIfSystemdConfigured() +{ + FILE="/etc/systemd/journald.conf"; + if [ -f "$FILE" ]; then + logMsgToConfigSysLog "INFO" "INFO: Systemd is present. Configuring logs from Systemd to rsyslog." + cp /etc/systemd/journald.conf /etc/systemd/journald.conf.loggly.bk + sed -i 's/.*ForwardToSyslog.*/ForwardToSyslog=Yes/g' /etc/systemd/journald.conf + logMsgToConfigSysLog "INFO" "INFO: Restarting Systemd-journald" + systemctl restart systemd-journald + fi +} + +#check if multiple versions of rsyslog is configured +checkIfMultipleRsyslogConfigured() +{ + if [ $(ps -A | grep "$RSYSLOG_SERVICE" | wc -l) -gt 1 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Multiple (more than 1) $RSYSLOG_SERVICE is running." + exit 1 + fi +} + +#check if minimum version of rsyslog required to configure loggly is met +checkIfMinVersionOfRsyslog() +{ + RSYSLOG_VERSION=$($RSYSLOGD -version | grep "$RSYSLOGD") + RSYSLOG_VERSION=${RSYSLOG_VERSION#* } + RSYSLOG_VERSION=${RSYSLOG_VERSION%,*} + RSYSLOG_VERSION=$RSYSLOG_VERSION | tr -d " " + if [ $(compareVersions $RSYSLOG_VERSION $MIN_RSYSLOG_VERSION 3) -lt 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Min rsyslog version required is 5.8.0." + exit 1 + fi +} + +#check if SeLinux service is enforced +checkIfSelinuxServiceEnforced() +{ + isSelinuxInstalled=$(getenforce -ds 2>/dev/null) + if [ $? -ne 0 ]; then + logMsgToConfigSysLog "INFO" "INFO: selinux status is not enforced." + elif [ $(getenforce | grep "Enforcing" | wc -l) -gt 0 ]; then + logMsgToConfigSysLog "ERROR" "ERROR: selinux status is 'Enforcing'. Please disable it and start the rsyslog daemon manually." + exit 1 + fi +} + +#update rsyslog.conf and adds $MaxMessageSize in it +modifyMaxMessageSize() +{ + if grep -q '$MaxMessageSize' "/etc/rsyslog.conf"; then + sed -i 's/.*$MaxMessageSize.*/$MaxMessageSize 64k/g' /etc/rsyslog.conf + else + sed -i '1 a $MaxMessageSize 64k' /etc/rsyslog.conf + fi + logMsgToConfigSysLog "INFO" "INFO: Modified \$MaxMessageSize to 64k in rsyslog.conf" +} + +#check if authentication token is valid and then write contents to 22-loggly.conf file to /etc/rsyslog.d directory +checkAuthTokenAndWriteContents() +{ + if [ "$LOGGLY_AUTH_TOKEN" != "" ]; then + writeContents $LOGGLY_ACCOUNT $LOGGLY_AUTH_TOKEN $LOGGLY_DISTRIBUTION_ID $LOGS_01_HOST $LOGGLY_SYSLOG_PORT + restartRsyslog + else + logMsgToConfigSysLog "ERROR" "ERROR: Loggly auth token is required to configure rsyslog. Please pass -a while running script." + exit 1 + fi +} + + +#write the contents to 22-loggly.conf file +writeContents() +{ + +WRITE_SCRIPT_CONTENTS="false" +inputStr=" +# ------------------------------------------------------- +# Syslog Logging Directives for Loggly ($1.loggly.com) +# ------------------------------------------------------- + +# Define the template used for sending logs to Loggly. Do not change this format. +\$template LogglyFormat,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$2@$3] %msg%\n\" + +\$WorkDirectory /var/spool/rsyslog # where to place spool files +\$ActionQueueFileName fwdRule1 # unique name prefix for spool files +\$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) +\$ActionQueueSaveOnShutdown on # save messages to disk on shutdown +\$ActionQueueType LinkedList # run asynchronously +\$ActionResumeRetryCount -1 # infinite retries if host is down + +# Send messages to Loggly over TCP using the template. +*.* @@$4:$5;LogglyFormat + +# ------------------------------------------------------- +" + if [ -f "$LOGGLY_RSYSLOG_CONFFILE" ]; then + logMsgToConfigSysLog "INFO" "INFO: Loggly rsyslog file $LOGGLY_RSYSLOG_CONFFILE already exist." + + STR_SIZE=${#inputStr} + SIZE_FILE=$(stat -c%s "$LOGGLY_RSYSLOG_CONFFILE") + + #actual file size and variable size with same contents always differ in size with one byte + STR_SIZE=$(( STR_SIZE + 1 )) + + if [ "$STR_SIZE" -ne "$SIZE_FILE" ]; then + + logMsgToConfigSysLog "WARN" "WARN: Loggly rsyslog file /etc/rsyslog.d/22-loggly.conf content has changed." + if [ "$SUPPRESS_PROMPT" == "false" ]; then + while true; + do + read -p "Do you wish to override $LOGGLY_RSYSLOG_CONFFILE and re-verify configuration? (yes/no)" yn + case $yn in + [Yy]* ) + logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $LOGGLY_RSYSLOG_CONFFILE to $LOGGLY_RSYSLOG_CONFFILE_BACKUP"; + mv -f $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP; + WRITE_SCRIPT_CONTENTS="true" + break;; + [Nn]* ) + LINUX_DO_VERIFICATION="false" + logMsgToConfigSysLog "INFO" "INFO: Skipping Linux verification." + break;; + * ) echo "Please answer yes or no.";; + esac + done + else + logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $LOGGLY_RSYSLOG_CONFFILE to $LOGGLY_RSYSLOG_CONFFILE_BACKUP"; + mv -f $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP; + WRITE_SCRIPT_CONTENTS="true" + fi + else + LINUX_DO_VERIFICATION="false" + fi + else + WRITE_SCRIPT_CONTENTS="true" + fi + + if [ "$WRITE_SCRIPT_CONTENTS" == "true" ]; then + +cat << EOIPFW >> $LOGGLY_RSYSLOG_CONFFILE +$inputStr +EOIPFW + + fi + +} + +#create /var/spool/rsyslog directory if not already present. Modify the permission of this directory for Ubuntu +createRsyslogDir() +{ + if [ -d "$RSYSLOG_DIR" ]; then + logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_DIR already exist, so not creating directory." + if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then + logMsgToConfigSysLog "INFO" "INFO: Changing the permission on the rsyslog in /var/spool" + chown -R syslog:adm $RSYSLOG_DIR + fi + else + logMsgToConfigSysLog "INFO" "INFO: Creating directory $SYSLOGDIR" + mkdir -v $RSYSLOG_DIR + if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then + chown -R syslog:adm $RSYSLOG_DIR + fi + fi +} + +#check if the logs made it to Loggly +checkIfLogsMadeToLoggly() +{ + logMsgToConfigSysLog "INFO" "INFO: Sending test message to Loggly." + uuid=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) + + queryParam="syslog.appName%3ALOGGLYVERIFY%20$uuid" + logger -t "LOGGLYVERIFY" "LOGGLYVERIFY-Test message for verification with UUID $uuid" + + counter=1 + maxCounter=10 + finalCount=0 + + queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" + logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" + + logMsgToConfigSysLog "INFO" "INFO: Verifying if the log made it to Loggly." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch finalCount "$queryUrl" + let counter=$counter+1 + + while [ "$finalCount" -eq 0 ]; do + echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." + sleep 30 + echo "INFO: Done waiting. Verifying again." + logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." + searchAndFetch finalCount "$queryUrl" + let counter=$counter+1 + if [ "$counter" -gt "$maxCounter" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Logs did not make to Loggly in time. Please check network and firewall settings and retry." + exit 1 + fi + done + + if [ "$finalCount" -eq 1 ]; then + if [ "$IS_INVOKED" = "" ]; then + logMsgToConfigSysLog "SUCCESS" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Linux system logs to Loggly." + exit 0 + else + logMsgToConfigSysLog "INFO" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Linux system logs to Loggly." + fi + fi + +} + +#delete 22-loggly.conf file +remove22LogglyConfFile() +{ + if [ -f "$LOGGLY_RSYSLOG_CONFFILE" ]; then + rm -rf "$LOGGLY_RSYSLOG_CONFFILE" + fi +} + +revertSystemdChanges() +{ + FILE="/etc/systemd/journald.conf.loggly.bk"; + if [ -f "$FILE" ]; then + cp /etc/systemd/journald.conf.loggly.bk /etc/systemd/journald.conf + rm /etc/systemd/journald.conf.loggly.bk + logMsgToConfigSysLog "INFO" "INFO: Reverted Systemd-rsyslog configuration" + systemctl restart systemd-journald + fi +} + +#compares two version numbers, used for comparing versions of various softwares +compareVersions () +{ + typeset IFS='.' + typeset -a v1=( $1 ) + typeset -a v2=( $2 ) + typeset n diff + + for (( n=0; n<$3; n+=1 )); do + diff=$((v1[n]-v2[n])) + if [ $diff -ne 0 ] ; then + [ $diff -le 0 ] && echo '-1' || echo '1' + return + fi + done + echo '0' +} + +#restart rsyslog +restartRsyslog() +{ + logMsgToConfigSysLog "INFO" "INFO: Restarting the $RSYSLOG_SERVICE service." + service $RSYSLOG_SERVICE restart + if [ $? -ne 0 ]; then + logMsgToConfigSysLog "WARNING" "WARNING: $RSYSLOG_SERVICE did not restart gracefully. Please restart $RSYSLOG_SERVICE manually." + fi +} + +#logs message to config syslog +logMsgToConfigSysLog() +{ + #$1 variable will be SUCCESS or ERROR or INFO or WARNING + #$2 variable will be the message + cslStatus=$1 + cslMessage=$2 + echo "$cslMessage" + currentTime=$(date) + + #for Linux system, we need to use -d switch to decode base64 whereas + #for Mac system, we need to use -D switch to decode + varUname=$(uname) + if [[ $varUname == 'Linux' ]]; then + enabler=$(echo -n MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -d) + elif [[ $varUname == 'Darwin' ]]; then + enabler=$(echo MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -D) + fi + + if [ $? -ne 0 ]; then + echo "ERROR: Base64 decode is not supported on your Operating System. Please update your system to support Base64." + exit 1 + fi + + sendPayloadToConfigSysLog "$cslStatus" "$cslMessage" "$enabler" + + #if it is an error, then log message "Script Failed" to config syslog and exit the script + if [[ $cslStatus == "ERROR" ]]; then + sendPayloadToConfigSysLog "ERROR" "Script Failed" "$enabler" + if [ "$varUname" != "Darwin" ]; then + echo $MANUAL_CONFIG_INSTRUCTION + fi + exit 1 + fi + + #if it is a success, then log message "Script Succeeded" to config syslog and exit the script + if [[ $cslStatus == "SUCCESS" ]]; then + sendPayloadToConfigSysLog "SUCCESS" "Script Succeeded" "$enabler" + exit 0 + fi +} + +#payload construction to send log to config syslog +sendPayloadToConfigSysLog() +{ + if [ "$APP_TAG" = "" ]; then + var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", \"messages\":\"$2\",\"rsyslog-version\":\"$RSYSLOG_VERSION\"}" + else + var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", $APP_TAG, \"messages\":\"$2\",\"rsyslog-version\":\"$RSYSLOG_VERSION\"}" + fi + curl -s -H "content-type:application/json" -d "$var" $LOGS_01_URL/inputs/$3 > /dev/null 2>&1 +} + +#$1 return the count of records in loggly, $2 is the query param to search in loggly +searchAndFetch() +{ + url=$2 + + result=$(wget -qO- /dev/null --user "$LOGGLY_USERNAME" --password "$LOGGLY_PASSWORD" "$url") + + if [ -z "$result" ]; then + logMsgToConfigSysLog "ERROR" "ERROR: Please check your network/firewall settings & ensure Loggly subdomain, username and password is specified correctly." + exit 1 + fi + id=$(echo "$result" | grep -v "{" | grep id | awk '{print $2}') + # strip last double quote from id + id="${id%\"}" + # strip first double quote from id + id="${id#\"}" + url="$LOGGLY_ACCOUNT_URL/apiv2/events?rsid=$id" + + # retrieve the data + result=$(wget -qO- /dev/null --user "$LOGGLY_USERNAME" --password "$LOGGLY_PASSWORD" "$url") + count=$(echo "$result" | grep total_events | awk '{print $2}') + count="${count%\,}" + eval $1="'$count'" + if [ "$count" -gt 0 ]; then + timestamp=$(echo "$result" | grep timestamp) + fi +} + +#get password in the form of asterisk +getPassword() +{ + unset LOGGLY_PASSWORD + prompt="Please enter Loggly Password:" + while IFS= read -p "$prompt" -r -s -n 1 char + do + if [[ $char == $'\0' ]] + then + break + fi + prompt='*' + LOGGLY_PASSWORD+="$char" + done + echo +} + +#display usage syntax +usage() +{ +cat << EOF +usage: configure-linux [-a loggly auth account or subdomain] [-t loggly token (optional)] [-u username] [-p password (optional)] [-s suppress prompts {optional)] +usage: configure-linux [-a loggly auth account or subdomain] [-r to remove] +usage: configure-linux [-h for help] +EOF +} + +########## Get Inputs from User - Start ########## +if [ "$1" != "being-invoked" ]; then + if [ $# -eq 0 ]; then + usage + exit + else + while [ "$1" != "" ]; do + case $1 in + -t | --token ) shift + LOGGLY_AUTH_TOKEN=$1 + echo "AUTH TOKEN $LOGGLY_AUTH_TOKEN" + ;; + -a | --account ) shift + LOGGLY_ACCOUNT=$1 + echo "Loggly account or subdomain: $LOGGLY_ACCOUNT" + ;; + -u | --username ) shift + LOGGLY_USERNAME=$1 + echo "Username is set" + ;; + -p | --password ) shift + LOGGLY_PASSWORD=$1 + ;; + -r | --remove ) + LOGGLY_REMOVE="true" + ;; + -s | --suppress ) + SUPPRESS_PROMPT="true" + ;; + -h | --help) + usage + exit + ;; + *) usage + exit + ;; + esac + shift + done + fi + + if [ "$LOGGLY_REMOVE" != "" -a "$LOGGLY_ACCOUNT" != "" ]; then + removeLogglyConf + elif [ "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" ]; then + if [ "$LOGGLY_PASSWORD" = "" ]; then + getPassword + fi + installLogglyConf + else + usage + fi +else + IS_INVOKED="true" +fi + +########## Get Inputs from User - End ########## ------------------------------------------------------- +# End of Syslog Logging Directives for Loggly +# From 1c5ff65debdd2d0e67733cfbc05a433a2858f972 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Mon, 14 Mar 2016 18:04:40 +0530 Subject: [PATCH 18/25] Added support for Systemd --- Linux Script/configure-linux-systemd.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Linux Script/configure-linux-systemd.sh b/Linux Script/configure-linux-systemd.sh index 6a590a2..a67fe9c 100644 --- a/Linux Script/configure-linux-systemd.sh +++ b/Linux Script/configure-linux-systemd.sh @@ -15,7 +15,7 @@ function ctrl_c() { #name of the current script. This will get overwritten by the child script which calls this SCRIPT_NAME=configure-linux.sh #version of the current script. This will get overwritten by the child script which calls this -SCRIPT_VERSION=1.15 +SCRIPT_VERSION=1.16 #application tag. This will get overwritten by the child script which calls this APP_TAG= From 09c09c3b56d9b0f95f631e4c79d67155919ab588 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Wed, 23 Mar 2016 17:15:32 +0530 Subject: [PATCH 19/25] Added support for Rsyslog Systemd service --- Linux Script/configure-linux-systemd.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Linux Script/configure-linux-systemd.sh b/Linux Script/configure-linux-systemd.sh index a67fe9c..4fcac16 100644 --- a/Linux Script/configure-linux-systemd.sh +++ b/Linux Script/configure-linux-systemd.sh @@ -15,7 +15,7 @@ function ctrl_c() { #name of the current script. This will get overwritten by the child script which calls this SCRIPT_NAME=configure-linux.sh #version of the current script. This will get overwritten by the child script which calls this -SCRIPT_VERSION=1.16 +SCRIPT_VERSION=1.15 #application tag. This will get overwritten by the child script which calls this APP_TAG= @@ -374,6 +374,8 @@ checkIfRsyslogConfiguredAsService() { if [ -f /etc/init.d/$RSYSLOG_SERVICE ]; then logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is present as service." + elif [ -f /usr/lib/systemd/system/$RSYSLOG_SERVICE.service ]; then + logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is present as service." else logMsgToConfigSysLog "ERROR" "ERROR: $RSYSLOG_SERVICE is not present as service." exit 1 From 2f8d2521fd86fcd28424718fd22d4ca3dfaa09ec Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Thu, 31 Mar 2016 14:28:48 +0530 Subject: [PATCH 20/25] Added support for Systemd --- Linux Script/configure-linux.sh | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/Linux Script/configure-linux.sh b/Linux Script/configure-linux.sh index 4258599..4fcac16 100644 --- a/Linux Script/configure-linux.sh +++ b/Linux Script/configure-linux.sh @@ -119,6 +119,9 @@ checkLinuxLogglyCompatibility() #checking if syslog-ng is configured as a service checkifSyslogNgConfiguredAsService + #check if systemd is present in machine. + checkIfSystemdConfigured + #check if rsyslog is configured as service. If no, then exit checkIfRsyslogConfiguredAsService @@ -179,6 +182,9 @@ removeLogglyConf() #set the basic variables needed by this script setLinuxVariables + #remove systemd-rsyslog configuration + revertSystemdChanges + #remove 22-loggly.conf file remove22LogglyConfFile @@ -368,6 +374,8 @@ checkIfRsyslogConfiguredAsService() { if [ -f /etc/init.d/$RSYSLOG_SERVICE ]; then logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is present as service." + elif [ -f /usr/lib/systemd/system/$RSYSLOG_SERVICE.service ]; then + logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is present as service." else logMsgToConfigSysLog "ERROR" "ERROR: $RSYSLOG_SERVICE is not present as service." exit 1 @@ -390,6 +398,19 @@ checkifSyslogNgConfiguredAsService() fi } +#check if systemd is present in machine. +checkIfSystemdConfigured() +{ + FILE="/etc/systemd/journald.conf"; + if [ -f "$FILE" ]; then + logMsgToConfigSysLog "INFO" "INFO: Systemd is present. Configuring logs from Systemd to rsyslog." + cp /etc/systemd/journald.conf /etc/systemd/journald.conf.loggly.bk + sed -i 's/.*ForwardToSyslog.*/ForwardToSyslog=Yes/g' /etc/systemd/journald.conf + logMsgToConfigSysLog "INFO" "INFO: Restarting Systemd-journald" + systemctl restart systemd-journald + fi +} + #check if multiple versions of rsyslog is configured checkIfMultipleRsyslogConfigured() { @@ -595,6 +616,17 @@ remove22LogglyConfFile() fi } +revertSystemdChanges() +{ + FILE="/etc/systemd/journald.conf.loggly.bk"; + if [ -f "$FILE" ]; then + cp /etc/systemd/journald.conf.loggly.bk /etc/systemd/journald.conf + rm /etc/systemd/journald.conf.loggly.bk + logMsgToConfigSysLog "INFO" "INFO: Reverted Systemd-rsyslog configuration" + systemctl restart systemd-journald + fi +} + #compares two version numbers, used for comparing versions of various softwares compareVersions () { From ee9768ee5ca1b55aba64fd6b7cfccd908a01b79f Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Thu, 31 Mar 2016 14:30:00 +0530 Subject: [PATCH 21/25] Delete configure-linux-systemd.sh --- Linux Script/configure-linux-systemd.sh | 823 ------------------------ 1 file changed, 823 deletions(-) delete mode 100644 Linux Script/configure-linux-systemd.sh diff --git a/Linux Script/configure-linux-systemd.sh b/Linux Script/configure-linux-systemd.sh deleted file mode 100644 index 4fcac16..0000000 --- a/Linux Script/configure-linux-systemd.sh +++ /dev/null @@ -1,823 +0,0 @@ -#!/bin/bash - -#trapping Control + C -#these statements must be the first statements in the script to trap the CTRL C event - -trap ctrl_c INT - -function ctrl_c() { - logMsgToConfigSysLog "INFO" "INFO: Aborting the script." - exit 1 -} - -########## Variable Declarations - Start ########## - -#name of the current script. This will get overwritten by the child script which calls this -SCRIPT_NAME=configure-linux.sh -#version of the current script. This will get overwritten by the child script which calls this -SCRIPT_VERSION=1.15 - -#application tag. This will get overwritten by the child script which calls this -APP_TAG= - -#directory location for syslog -RSYSLOG_ETCDIR_CONF=/etc/rsyslog.d -#name and location of loggly syslog file -LOGGLY_RSYSLOG_CONFFILE=$RSYSLOG_ETCDIR_CONF/22-loggly.conf -#name and location of loggly syslog backup file -LOGGLY_RSYSLOG_CONFFILE_BACKUP=$LOGGLY_RSYSLOG_CONFFILE.loggly.bk - -#syslog directory -RSYSLOG_DIR=/var/spool/rsyslog -#rsyslog service name -RSYSLOG_SERVICE=rsyslog -#syslog-ng -SYSLOG_NG_SERVICE=syslog-ng -#rsyslogd -RSYSLOGD=rsyslogd -#minimum version of rsyslog to enable logging to loggly -MIN_RSYSLOG_VERSION=5.8.0 -#this variable will hold the users syslog version -RSYSLOG_VERSION= - -#this variable will hold the host name -HOST_NAME= -#this variable will hold the name of the linux distribution -LINUX_DIST= - -#host name for logs-01.loggly.com -LOGS_01_HOST=logs-01.loggly.com -LOGS_01_URL=https://$LOGS_01_HOST -#this variable will contain loggly account url in the format https://$LOGGLY_ACCOUNT.loggly.com -LOGGLY_ACCOUNT_URL= -#loggly.com URL -LOGGLY_COM_URL=https://www.loggly.com - -######Inputs provided by user###### -#this variable will hold the loggly account name provided by user. -#this is a mandatory input -LOGGLY_ACCOUNT= -#this variable will hold the loggly authentication token provided by user. -#this is a mandatory input -LOGGLY_AUTH_TOKEN= -#this variable will identify if the user has selected to rollback settings -LOGGLY_ROLLBACK= -#this variable will hold the user name provided by user -#this is a mandatory input -LOGGLY_USERNAME= -#this variable will hold the password provided by user -#this is a mandatory input -LOGGLY_PASSWORD= - -#if this variable is set to true then suppress all prompts -SUPPRESS_PROMPT="false" - -#variables used in 22-loggly.conf file -LOGGLY_SYSLOG_PORT=514 -LOGGLY_DISTRIBUTION_ID="41058" - -#Instruction link on how to configure loggly on linux manually. This will get overwritten by the child script which calls this -#on how to configure the child application -MANUAL_CONFIG_INSTRUCTION="Manual instructions to configure rsyslog on Linux are available at https://www.loggly.com/docs/rsyslog-manual-configuration/. Rsyslog troubleshooting instructions are available at https://www.loggly.com/docs/troubleshooting-rsyslog/" - -#this variable is set if the script is invoked via some other calling script -IS_INVOKED= - -#this variable will hold if the check env function for linux is invoked -LINUX_ENV_VALIDATED="false" - -#this variable will inform if verification needs to be performed -LINUX_DO_VERIFICATION="true" - -########## Variable Declarations - End ########## - -#check if the Linux environment is compatible with Loggly. -#Also set few variables after the check. -checkLinuxLogglyCompatibility() -{ - #check if the user has root permission to run this script - checkIfUserHasRootPrivileges - - #check if the OS is supported by the script. If no, then exit - checkIfSupportedOS - - #set the basic variables needed by this script - setLinuxVariables - - #check if the Loggly servers are accessible. If no, ask user to check network connectivity & exit - checkIfLogglyServersAccessible - - #check if user credentials are valid. If no, then exit - checkIfValidUserNamePassword - - #get authentication token if not provided - getAuthToken - - #check if authentication token is valid. If no, then exit. - checkIfValidAuthToken - - #checking if syslog-ng is configured as a service - checkifSyslogNgConfiguredAsService - - #check if systemd is present in machine. - checkIfSystemdConfigured - - #check if rsyslog is configured as service. If no, then exit - checkIfRsyslogConfiguredAsService - - #check if multiple rsyslog are present in the system. If yes, then exit - checkIfMultipleRsyslogConfigured - - #check for the minimum version of rsyslog i.e 5.8.0. If no, then exit - checkIfMinVersionOfRsyslog - - #check if selinux service is enforced. if yes, ask the user to manually disable and exit the script - checkIfSelinuxServiceEnforced - - #update rsyslog.conf and adds $MaxMessageSize in it - modifyMaxMessageSize - - LINUX_ENV_VALIDATED="true" -} - -# executing the script for loggly to install and configure rsyslog. -installLogglyConf() -{ - #log message indicating starting of Loggly configuration - logMsgToConfigSysLog "INFO" "INFO: Initiating Configure Loggly for Linux." - - if [ "$LINUX_ENV_VALIDATED" = "false" ]; then - checkLinuxLogglyCompatibility - fi - - #if all the above check passes, write the 22-loggly.conf file - checkAuthTokenAndWriteContents - - #create rsyslog dir if it doesn't exist, Modify the permission on rsyslog directory if exist on Ubuntu - createRsyslogDir - - if [ "$LINUX_DO_VERIFICATION" = "true" ]; then - #check if the logs are going to loggly fro linux system now - checkIfLogsMadeToLoggly - fi - - if [ "$IS_INVOKED" = "" ]; then - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Linux system successfully configured to send logs via Loggly." - fi - -} - -#remove loggly configuration from Linux system -removeLogglyConf() -{ - #log message indicating starting of Loggly configuration - logMsgToConfigSysLog "INFO" "INFO: Initiating uninstall Loggly for Linux." - - #check if the user has root permission to run this script - checkIfUserHasRootPrivileges - - #check if the OS is supported by the script. If no, then exit - checkIfSupportedOS - - #set the basic variables needed by this script - setLinuxVariables - - #remove systemd-rsyslog configuration - revertSystemdChanges - - #remove 22-loggly.conf file - remove22LogglyConfFile - - #restart rsyslog service - restartRsyslog - - #log success message - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Uninstalled Loggly configuration from Linux system." -} - -#checks if user has root privileges -checkIfUserHasRootPrivileges() -{ - #This script needs to be run as root - if [[ $EUID -ne 0 ]]; then - logMsgToConfigSysLog "ERROR" "ERROR: This script must be run as root." - exit 1 - fi -} - -#check if supported operating system -checkIfSupportedOS() -{ - getOs - - LINUX_DIST_IN_LOWER_CASE=$(echo $LINUX_DIST | tr "[:upper:]" "[:lower:]") - - case "$LINUX_DIST_IN_LOWER_CASE" in - *"ubuntu"* ) - echo "INFO: Operating system is Ubuntu." - ;; - *"redhat"* ) - echo "INFO: Operating system is Red Hat." - ;; - *"centos"* ) - echo "INFO: Operating system is CentOS." - ;; - *"debian"* ) - echo "INFO: Operating system is Debian." - ;; - *"amazon"* ) - echo "INFO: Operating system is Amazon AMI." - ;; - *"darwin"* ) - #if the OS is mac then exit - logMsgToConfigSysLog "ERROR" "ERROR: This script is for Linux systems, and Darwin or Mac OSX are not currently supported. You can find alternative options here: https://www.loggly.com/docs/send-mac-logs-to-loggly/" - exit 1 - ;; - * ) - logMsgToConfigSysLog "WARN" "WARN: The linux distribution '$LINUX_DIST' has not been previously tested with Loggly." - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; do - read -p "Would you like to continue anyway? (yes/no)" yn - case $yn in - [Yy]* ) - break;; - [Nn]* ) - exit 1 - ;; - * ) echo "Please answer yes or no.";; - esac - done - fi - ;; - esac -} - -getOs() -{ - # Determine OS platform - UNAME=$(uname | tr "[:upper:]" "[:lower:]") - # If Linux, try to determine specific distribution - if [ "$UNAME" == "linux" ]; then - # If available, use LSB to identify distribution - if [ -f /etc/lsb-release -o -d /etc/lsb-release.d ]; then - LINUX_DIST=$(lsb_release -i | cut -d: -f2 | sed s/'^\t'//) - # If system-release is available, then try to identify the name - elif [ -f /etc/system-release ]; then - LINUX_DIST=$(cat /etc/system-release | cut -f 1 -d " ") - # Otherwise, use release info file - else - LINUX_DIST=$(ls -d /etc/[A-Za-z]*[_-][rv]e[lr]* | grep -v "lsb" | cut -d'/' -f3 | cut -d'-' -f1 | cut -d'_' -f1) - fi - fi - - # For everything else (or if above failed), just use generic identifier - if [ "$LINUX_DIST" == "" ]; then - LINUX_DIST=$(uname) - fi -} - -#sets linux variables which will be used across various functions -setLinuxVariables() -{ - #set host name - HOST_NAME=$(hostname) - - #set loggly account url - LOGGLY_ACCOUNT_URL=https://$LOGGLY_ACCOUNT.loggly.com -} - -#checks if all the various endpoints used for configuring loggly are accessible -checkIfLogglyServersAccessible() -{ - echo "INFO: Checking if $LOGS_01_HOST is reachable." - if [ $(ping -c 1 $LOGS_01_HOST | grep "1 packets transmitted, 1 received, 0% packet loss" | wc -l) == 1 ] || [ $(sleep 1 | telnet $LOGS_01_HOST $LOGGLY_SYSLOG_PORT | grep Connected | wc -l) == 1 ]; then - echo "INFO: $LOGS_01_HOST is reachable." - else - logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable. Please check your network and firewall settings." - exit 1 - fi - - echo "INFO: Checking if $LOGS_01_HOST is reachable via $LOGGLY_SYSLOG_PORT port. This may take some time." - if [ $(curl --connect-timeout 10 $LOGS_01_HOST:$LOGGLY_SYSLOG_PORT 2>&1 | grep "Empty reply from server" | wc -l) == 1 ]; then - echo "INFO: $LOGS_01_HOST is reachable via $LOGGLY_SYSLOG_PORT port." - else - logMsgToConfigSysLog "ERROR" "ERROR: $LOGS_01_HOST is not reachable via $LOGGLY_SYSLOG_PORT port. Please check your network and firewall settings." - exit 1 - fi - - echo "INFO: Checking if '$LOGGLY_ACCOUNT' subdomain is valid." - if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/login | grep "200 OK" | wc -l) == 1 ]; then - echo "INFO: $LOGGLY_ACCOUNT_URL is valid and reachable." - else - logMsgToConfigSysLog "ERROR" "ERROR: This is not a recognized subdomain. Please ask the account owner for the subdomain they signed up with." - exit 1 - fi - - echo "INFO: Checking if Gen2 account." - if [ $(curl -s --head --request GET $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "404 NOT FOUND" | wc -l) == 1 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: This scripts need a Gen2 account. Please contact Loggly support." - exit 1 - else - echo "INFO: It is a Gen2 account." - fi -} - -#check if user name and password is valid -checkIfValidUserNamePassword() -{ - echo "INFO: Checking if provided username and password is correct." - if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep "Unauthorized" | wc -l) == 1 ]; then - logMsgToConfigSysLog "INFO" "INFO: Please check your username or reset your password at $LOGGLY_ACCOUNT_URL/account/users/" - logMsgToConfigSysLog "ERROR" "ERROR: Invalid Loggly username or password. Your username is visible at the top right of the Loggly console before the @ symbol. You can reset your password at http://.loggly.com/login." - exit 1 - else - logMsgToConfigSysLog "INFO" "INFO: Username and password authorized successfully." - fi -} - -getAuthToken() -{ - if [ "$LOGGLY_AUTH_TOKEN" = "" ]; then - logMsgToConfigSysLog "INFO" "INFO: Authentication token not provided. Trying to retrieve it from $LOGGLY_ACCOUNT_URL account." - #get authentication token if user has not provided one - tokenstr=$(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep -v "token") - - #get the string from index 0 to first occurence of , - tokenstr=${tokenstr%%,*} - - #get the string from index 0 to last occurence of " - tokenstr=${tokenstr%\"*} - - #get the string from first occurence of " to the end - tokenstr=${tokenstr#*\"} - - LOGGLY_AUTH_TOKEN=$tokenstr - - logMsgToConfigSysLog "INFO" "INFO: Retrieved authentication token: $LOGGLY_AUTH_TOKEN" - fi -} - -#check if authentication token is valid -checkIfValidAuthToken() -{ - echo "INFO: Checking if provided auth token is correct." - if [ $(curl -s -u $LOGGLY_USERNAME:$LOGGLY_PASSWORD $LOGGLY_ACCOUNT_URL/apiv2/customer | grep \"$LOGGLY_AUTH_TOKEN\" | wc -l) == 1 ]; then - logMsgToConfigSysLog "INFO" "INFO: Authentication token validated successfully." - else - logMsgToConfigSysLog "ERROR" "ERROR: Invalid authentication token $LOGGLY_AUTH_TOKEN. You can get valid authentication token by following instructions at https://www.loggly.com/docs/customer-token-authentication-token/." - exit 1 - fi -} - -#check if rsyslog is configured as service. If it is configured as service and not started, start the service -checkIfRsyslogConfiguredAsService() -{ - if [ -f /etc/init.d/$RSYSLOG_SERVICE ]; then - logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is present as service." - elif [ -f /usr/lib/systemd/system/$RSYSLOG_SERVICE.service ]; then - logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is present as service." - else - logMsgToConfigSysLog "ERROR" "ERROR: $RSYSLOG_SERVICE is not present as service." - exit 1 - fi - - #checking if syslog-ng is running as a service - checkifSyslogNgConfiguredAsService - - if [ $(ps -A | grep "$RSYSLOG_SERVICE" | wc -l) -eq 0 ]; then - logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_SERVICE is not running. Attempting to start service." - service $RSYSLOG_SERVICE start - fi -} - -checkifSyslogNgConfiguredAsService() -{ - if [ $(ps -A | grep "$SYSLOG_NG_SERVICE" | wc -l) -gt 0 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: This script does not currently support syslog-ng. Please follow the instructions on this page https://www.loggly.com/docs/syslog-ng-manual-configuration" - exit 1 - fi -} - -#check if systemd is present in machine. -checkIfSystemdConfigured() -{ - FILE="/etc/systemd/journald.conf"; - if [ -f "$FILE" ]; then - logMsgToConfigSysLog "INFO" "INFO: Systemd is present. Configuring logs from Systemd to rsyslog." - cp /etc/systemd/journald.conf /etc/systemd/journald.conf.loggly.bk - sed -i 's/.*ForwardToSyslog.*/ForwardToSyslog=Yes/g' /etc/systemd/journald.conf - logMsgToConfigSysLog "INFO" "INFO: Restarting Systemd-journald" - systemctl restart systemd-journald - fi -} - -#check if multiple versions of rsyslog is configured -checkIfMultipleRsyslogConfigured() -{ - if [ $(ps -A | grep "$RSYSLOG_SERVICE" | wc -l) -gt 1 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Multiple (more than 1) $RSYSLOG_SERVICE is running." - exit 1 - fi -} - -#check if minimum version of rsyslog required to configure loggly is met -checkIfMinVersionOfRsyslog() -{ - RSYSLOG_VERSION=$($RSYSLOGD -version | grep "$RSYSLOGD") - RSYSLOG_VERSION=${RSYSLOG_VERSION#* } - RSYSLOG_VERSION=${RSYSLOG_VERSION%,*} - RSYSLOG_VERSION=$RSYSLOG_VERSION | tr -d " " - if [ $(compareVersions $RSYSLOG_VERSION $MIN_RSYSLOG_VERSION 3) -lt 0 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Min rsyslog version required is 5.8.0." - exit 1 - fi -} - -#check if SeLinux service is enforced -checkIfSelinuxServiceEnforced() -{ - isSelinuxInstalled=$(getenforce -ds 2>/dev/null) - if [ $? -ne 0 ]; then - logMsgToConfigSysLog "INFO" "INFO: selinux status is not enforced." - elif [ $(getenforce | grep "Enforcing" | wc -l) -gt 0 ]; then - logMsgToConfigSysLog "ERROR" "ERROR: selinux status is 'Enforcing'. Please disable it and start the rsyslog daemon manually." - exit 1 - fi -} - -#update rsyslog.conf and adds $MaxMessageSize in it -modifyMaxMessageSize() -{ - if grep -q '$MaxMessageSize' "/etc/rsyslog.conf"; then - sed -i 's/.*$MaxMessageSize.*/$MaxMessageSize 64k/g' /etc/rsyslog.conf - else - sed -i '1 a $MaxMessageSize 64k' /etc/rsyslog.conf - fi - logMsgToConfigSysLog "INFO" "INFO: Modified \$MaxMessageSize to 64k in rsyslog.conf" -} - -#check if authentication token is valid and then write contents to 22-loggly.conf file to /etc/rsyslog.d directory -checkAuthTokenAndWriteContents() -{ - if [ "$LOGGLY_AUTH_TOKEN" != "" ]; then - writeContents $LOGGLY_ACCOUNT $LOGGLY_AUTH_TOKEN $LOGGLY_DISTRIBUTION_ID $LOGS_01_HOST $LOGGLY_SYSLOG_PORT - restartRsyslog - else - logMsgToConfigSysLog "ERROR" "ERROR: Loggly auth token is required to configure rsyslog. Please pass -a while running script." - exit 1 - fi -} - - -#write the contents to 22-loggly.conf file -writeContents() -{ - -WRITE_SCRIPT_CONTENTS="false" -inputStr=" -# ------------------------------------------------------- -# Syslog Logging Directives for Loggly ($1.loggly.com) -# ------------------------------------------------------- - -# Define the template used for sending logs to Loggly. Do not change this format. -\$template LogglyFormat,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$2@$3] %msg%\n\" - -\$WorkDirectory /var/spool/rsyslog # where to place spool files -\$ActionQueueFileName fwdRule1 # unique name prefix for spool files -\$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) -\$ActionQueueSaveOnShutdown on # save messages to disk on shutdown -\$ActionQueueType LinkedList # run asynchronously -\$ActionResumeRetryCount -1 # infinite retries if host is down - -# Send messages to Loggly over TCP using the template. -*.* @@$4:$5;LogglyFormat - -# ------------------------------------------------------- -" - if [ -f "$LOGGLY_RSYSLOG_CONFFILE" ]; then - logMsgToConfigSysLog "INFO" "INFO: Loggly rsyslog file $LOGGLY_RSYSLOG_CONFFILE already exist." - - STR_SIZE=${#inputStr} - SIZE_FILE=$(stat -c%s "$LOGGLY_RSYSLOG_CONFFILE") - - #actual file size and variable size with same contents always differ in size with one byte - STR_SIZE=$(( STR_SIZE + 1 )) - - if [ "$STR_SIZE" -ne "$SIZE_FILE" ]; then - - logMsgToConfigSysLog "WARN" "WARN: Loggly rsyslog file /etc/rsyslog.d/22-loggly.conf content has changed." - if [ "$SUPPRESS_PROMPT" == "false" ]; then - while true; - do - read -p "Do you wish to override $LOGGLY_RSYSLOG_CONFFILE and re-verify configuration? (yes/no)" yn - case $yn in - [Yy]* ) - logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $LOGGLY_RSYSLOG_CONFFILE to $LOGGLY_RSYSLOG_CONFFILE_BACKUP"; - mv -f $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP; - WRITE_SCRIPT_CONTENTS="true" - break;; - [Nn]* ) - LINUX_DO_VERIFICATION="false" - logMsgToConfigSysLog "INFO" "INFO: Skipping Linux verification." - break;; - * ) echo "Please answer yes or no.";; - esac - done - else - logMsgToConfigSysLog "INFO" "INFO: Going to back up the conf file: $LOGGLY_RSYSLOG_CONFFILE to $LOGGLY_RSYSLOG_CONFFILE_BACKUP"; - mv -f $LOGGLY_RSYSLOG_CONFFILE $LOGGLY_RSYSLOG_CONFFILE_BACKUP; - WRITE_SCRIPT_CONTENTS="true" - fi - else - LINUX_DO_VERIFICATION="false" - fi - else - WRITE_SCRIPT_CONTENTS="true" - fi - - if [ "$WRITE_SCRIPT_CONTENTS" == "true" ]; then - -cat << EOIPFW >> $LOGGLY_RSYSLOG_CONFFILE -$inputStr -EOIPFW - - fi - -} - -#create /var/spool/rsyslog directory if not already present. Modify the permission of this directory for Ubuntu -createRsyslogDir() -{ - if [ -d "$RSYSLOG_DIR" ]; then - logMsgToConfigSysLog "INFO" "INFO: $RSYSLOG_DIR already exist, so not creating directory." - if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then - logMsgToConfigSysLog "INFO" "INFO: Changing the permission on the rsyslog in /var/spool" - chown -R syslog:adm $RSYSLOG_DIR - fi - else - logMsgToConfigSysLog "INFO" "INFO: Creating directory $SYSLOGDIR" - mkdir -v $RSYSLOG_DIR - if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then - chown -R syslog:adm $RSYSLOG_DIR - fi - fi -} - -#check if the logs made it to Loggly -checkIfLogsMadeToLoggly() -{ - logMsgToConfigSysLog "INFO" "INFO: Sending test message to Loggly." - uuid=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) - - queryParam="syslog.appName%3ALOGGLYVERIFY%20$uuid" - logger -t "LOGGLYVERIFY" "LOGGLYVERIFY-Test message for verification with UUID $uuid" - - counter=1 - maxCounter=10 - finalCount=0 - - queryUrl="$LOGGLY_ACCOUNT_URL/apiv2/search?q=$queryParam" - logMsgToConfigSysLog "INFO" "INFO: Search URL: $queryUrl" - - logMsgToConfigSysLog "INFO" "INFO: Verifying if the log made it to Loggly." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - searchAndFetch finalCount "$queryUrl" - let counter=$counter+1 - - while [ "$finalCount" -eq 0 ]; do - echo "INFO: Did not find the test log message in Loggly's search yet. Waiting for 30 secs." - sleep 30 - echo "INFO: Done waiting. Verifying again." - logMsgToConfigSysLog "INFO" "INFO: Verification # $counter of total $maxCounter." - searchAndFetch finalCount "$queryUrl" - let counter=$counter+1 - if [ "$counter" -gt "$maxCounter" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Logs did not make to Loggly in time. Please check network and firewall settings and retry." - exit 1 - fi - done - - if [ "$finalCount" -eq 1 ]; then - if [ "$IS_INVOKED" = "" ]; then - logMsgToConfigSysLog "SUCCESS" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Linux system logs to Loggly." - exit 0 - else - logMsgToConfigSysLog "INFO" "SUCCESS: Verification logs successfully transferred to Loggly! You are now sending Linux system logs to Loggly." - fi - fi - -} - -#delete 22-loggly.conf file -remove22LogglyConfFile() -{ - if [ -f "$LOGGLY_RSYSLOG_CONFFILE" ]; then - rm -rf "$LOGGLY_RSYSLOG_CONFFILE" - fi -} - -revertSystemdChanges() -{ - FILE="/etc/systemd/journald.conf.loggly.bk"; - if [ -f "$FILE" ]; then - cp /etc/systemd/journald.conf.loggly.bk /etc/systemd/journald.conf - rm /etc/systemd/journald.conf.loggly.bk - logMsgToConfigSysLog "INFO" "INFO: Reverted Systemd-rsyslog configuration" - systemctl restart systemd-journald - fi -} - -#compares two version numbers, used for comparing versions of various softwares -compareVersions () -{ - typeset IFS='.' - typeset -a v1=( $1 ) - typeset -a v2=( $2 ) - typeset n diff - - for (( n=0; n<$3; n+=1 )); do - diff=$((v1[n]-v2[n])) - if [ $diff -ne 0 ] ; then - [ $diff -le 0 ] && echo '-1' || echo '1' - return - fi - done - echo '0' -} - -#restart rsyslog -restartRsyslog() -{ - logMsgToConfigSysLog "INFO" "INFO: Restarting the $RSYSLOG_SERVICE service." - service $RSYSLOG_SERVICE restart - if [ $? -ne 0 ]; then - logMsgToConfigSysLog "WARNING" "WARNING: $RSYSLOG_SERVICE did not restart gracefully. Please restart $RSYSLOG_SERVICE manually." - fi -} - -#logs message to config syslog -logMsgToConfigSysLog() -{ - #$1 variable will be SUCCESS or ERROR or INFO or WARNING - #$2 variable will be the message - cslStatus=$1 - cslMessage=$2 - echo "$cslMessage" - currentTime=$(date) - - #for Linux system, we need to use -d switch to decode base64 whereas - #for Mac system, we need to use -D switch to decode - varUname=$(uname) - if [[ $varUname == 'Linux' ]]; then - enabler=$(echo -n MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -d) - elif [[ $varUname == 'Darwin' ]]; then - enabler=$(echo MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -D) - fi - - if [ $? -ne 0 ]; then - echo "ERROR: Base64 decode is not supported on your Operating System. Please update your system to support Base64." - exit 1 - fi - - sendPayloadToConfigSysLog "$cslStatus" "$cslMessage" "$enabler" - - #if it is an error, then log message "Script Failed" to config syslog and exit the script - if [[ $cslStatus == "ERROR" ]]; then - sendPayloadToConfigSysLog "ERROR" "Script Failed" "$enabler" - if [ "$varUname" != "Darwin" ]; then - echo $MANUAL_CONFIG_INSTRUCTION - fi - exit 1 - fi - - #if it is a success, then log message "Script Succeeded" to config syslog and exit the script - if [[ $cslStatus == "SUCCESS" ]]; then - sendPayloadToConfigSysLog "SUCCESS" "Script Succeeded" "$enabler" - exit 0 - fi -} - -#payload construction to send log to config syslog -sendPayloadToConfigSysLog() -{ - if [ "$APP_TAG" = "" ]; then - var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", \"messages\":\"$2\",\"rsyslog-version\":\"$RSYSLOG_VERSION\"}" - else - var="{\"sub-domain\":\"$LOGGLY_ACCOUNT\", \"user-name\":\"$LOGGLY_USERNAME\", \"customer-token\":\"$LOGGLY_AUTH_TOKEN\", \"host-name\":\"$HOST_NAME\", \"script-name\":\"$SCRIPT_NAME\", \"script-version\":\"$SCRIPT_VERSION\", \"status\":\"$1\", \"time-stamp\":\"$currentTime\", \"linux-distribution\":\"$LINUX_DIST\", $APP_TAG, \"messages\":\"$2\",\"rsyslog-version\":\"$RSYSLOG_VERSION\"}" - fi - curl -s -H "content-type:application/json" -d "$var" $LOGS_01_URL/inputs/$3 > /dev/null 2>&1 -} - -#$1 return the count of records in loggly, $2 is the query param to search in loggly -searchAndFetch() -{ - url=$2 - - result=$(wget -qO- /dev/null --user "$LOGGLY_USERNAME" --password "$LOGGLY_PASSWORD" "$url") - - if [ -z "$result" ]; then - logMsgToConfigSysLog "ERROR" "ERROR: Please check your network/firewall settings & ensure Loggly subdomain, username and password is specified correctly." - exit 1 - fi - id=$(echo "$result" | grep -v "{" | grep id | awk '{print $2}') - # strip last double quote from id - id="${id%\"}" - # strip first double quote from id - id="${id#\"}" - url="$LOGGLY_ACCOUNT_URL/apiv2/events?rsid=$id" - - # retrieve the data - result=$(wget -qO- /dev/null --user "$LOGGLY_USERNAME" --password "$LOGGLY_PASSWORD" "$url") - count=$(echo "$result" | grep total_events | awk '{print $2}') - count="${count%\,}" - eval $1="'$count'" - if [ "$count" -gt 0 ]; then - timestamp=$(echo "$result" | grep timestamp) - fi -} - -#get password in the form of asterisk -getPassword() -{ - unset LOGGLY_PASSWORD - prompt="Please enter Loggly Password:" - while IFS= read -p "$prompt" -r -s -n 1 char - do - if [[ $char == $'\0' ]] - then - break - fi - prompt='*' - LOGGLY_PASSWORD+="$char" - done - echo -} - -#display usage syntax -usage() -{ -cat << EOF -usage: configure-linux [-a loggly auth account or subdomain] [-t loggly token (optional)] [-u username] [-p password (optional)] [-s suppress prompts {optional)] -usage: configure-linux [-a loggly auth account or subdomain] [-r to remove] -usage: configure-linux [-h for help] -EOF -} - -########## Get Inputs from User - Start ########## -if [ "$1" != "being-invoked" ]; then - if [ $# -eq 0 ]; then - usage - exit - else - while [ "$1" != "" ]; do - case $1 in - -t | --token ) shift - LOGGLY_AUTH_TOKEN=$1 - echo "AUTH TOKEN $LOGGLY_AUTH_TOKEN" - ;; - -a | --account ) shift - LOGGLY_ACCOUNT=$1 - echo "Loggly account or subdomain: $LOGGLY_ACCOUNT" - ;; - -u | --username ) shift - LOGGLY_USERNAME=$1 - echo "Username is set" - ;; - -p | --password ) shift - LOGGLY_PASSWORD=$1 - ;; - -r | --remove ) - LOGGLY_REMOVE="true" - ;; - -s | --suppress ) - SUPPRESS_PROMPT="true" - ;; - -h | --help) - usage - exit - ;; - *) usage - exit - ;; - esac - shift - done - fi - - if [ "$LOGGLY_REMOVE" != "" -a "$LOGGLY_ACCOUNT" != "" ]; then - removeLogglyConf - elif [ "$LOGGLY_ACCOUNT" != "" -a "$LOGGLY_USERNAME" != "" ]; then - if [ "$LOGGLY_PASSWORD" = "" ]; then - getPassword - fi - installLogglyConf - else - usage - fi -else - IS_INVOKED="true" -fi - -########## Get Inputs from User - End ########## ------------------------------------------------------- -# End of Syslog Logging Directives for Loggly -# From a3200f0004fd0ff4b90ee588515a318b463f24f0 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Thu, 31 Mar 2016 15:03:19 +0530 Subject: [PATCH 22/25] Updated Script Version --- Linux Script/configure-linux.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Linux Script/configure-linux.sh b/Linux Script/configure-linux.sh index 4fcac16..da80ebc 100644 --- a/Linux Script/configure-linux.sh +++ b/Linux Script/configure-linux.sh @@ -15,7 +15,7 @@ function ctrl_c() { #name of the current script. This will get overwritten by the child script which calls this SCRIPT_NAME=configure-linux.sh #version of the current script. This will get overwritten by the child script which calls this -SCRIPT_VERSION=1.15 +SCRIPT_VERSION=1.16 #application tag. This will get overwritten by the child script which calls this APP_TAG= From b78ff00db379afc21115aa821178997aac95b217 Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Wed, 6 Apr 2016 15:42:44 +0530 Subject: [PATCH 23/25] Changed Fluentd's install directory --- Mac Script/configure-mac.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Mac Script/configure-mac.sh b/Mac Script/configure-mac.sh index 94e9ff2..2a895be 100644 --- a/Mac Script/configure-mac.sh +++ b/Mac Script/configure-mac.sh @@ -339,7 +339,7 @@ checkIfFluentdInstalled() installFluentd() { #install fluentd gem http://docs.fluentd.org/articles/install-by-gem - sudo gem install fluentd --no-ri --no-rdoc + sudo gem install fluentd --no-ri --no-rdoc -n/usr/local/bin if [[ ! -d "$LOGGLY_HOME" ]]; then mkdir $LOGGLY_HOME From bae0b60149db4630207eb0ede2c16976eb8af88f Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Wed, 6 Apr 2016 21:39:39 +0530 Subject: [PATCH 24/25] Fixed Base64 decode issue --- Mac Script/configure-mac.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Mac Script/configure-mac.sh b/Mac Script/configure-mac.sh index 2a895be..6ed7c3e 100644 --- a/Mac Script/configure-mac.sh +++ b/Mac Script/configure-mac.sh @@ -15,7 +15,7 @@ function ctrl_c() { #name of the current script. This will get overwritten by the child script which calls this SCRIPT_NAME=configure-mac.sh #version of the current script. This will get overwritten by the child script which calls this -SCRIPT_VERSION=1.3 +SCRIPT_VERSION=1.4 #application tag. This will get overwritten by the child script which calls this APP_TAG= @@ -552,9 +552,9 @@ logMsgToConfigSysLog() #for Mac system, we need to use -D switch to decode varUname=$(uname) if [[ $varUname == 'Linux' ]]; then - enabler=$(echo -n MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -d) + enabler=$(echo -n MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 --decode) elif [[ $varUname == 'Darwin' ]]; then - enabler=$(echo MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 -D) + enabler=$(echo MWVjNGU4ZTEtZmJiMi00N2U3LTkyOWItNzVhMWJmZjVmZmUw | base64 --decode) fi if [ $? -ne 0 ]; then From 40f1b4eb277b1b4441588b8e3e75f8236e6ee4af Mon Sep 17 00:00:00 2001 From: psquickitjayant Date: Thu, 21 Apr 2016 13:07:41 +0530 Subject: [PATCH 25/25] Added support for amazon ami --- Modular Scripts/Tomcat/configure-tomcat.sh | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/Modular Scripts/Tomcat/configure-tomcat.sh b/Modular Scripts/Tomcat/configure-tomcat.sh index c4b10e2..de18de7 100644 --- a/Modular Scripts/Tomcat/configure-tomcat.sh +++ b/Modular Scripts/Tomcat/configure-tomcat.sh @@ -9,7 +9,7 @@ source configure-linux.sh "being-invoked" #name of the current script SCRIPT_NAME=configure-tomcat.sh #version of the current script -SCRIPT_VERSION=1.5 +SCRIPT_VERSION=1.6 #minimum version of tomcat to enable log rotation MIN_TOMCAT_VERSION=6.0.33.0 @@ -257,14 +257,18 @@ assumeTomcatHome() { #if user has not provided the catalina home if [ "$LOGGLY_CATALINA_HOME" = "" ]; then - case "$LINUX_DIST" in - *"Ubuntu"* ) + LINUX_DIST_IN_LOWER_CASE=$(echo $LINUX_DIST | tr "[:upper:]" "[:lower:]") + case "$LINUX_DIST_IN_LOWER_CASE" in + *"ubuntu"* ) LOGGLY_CATALINA_HOME="/var/lib/$1" ;; - *"RedHat"* ) + *"redhat"* ) LOGGLY_CATALINA_HOME="/usr/share/$1" ;; - *"CentOS"* ) + *"centos"* ) + LOGGLY_CATALINA_HOME="/usr/share/$1" + ;; + *"amazon"* ) LOGGLY_CATALINA_HOME="/usr/share/$1" ;; esac