diff --git a/Modular Scripts/Apache2/configure-apache.sh b/Modular Scripts/Apache2/configure-apache.sh index 48f30c9..ec0fd1d 100644 --- a/Modular Scripts/Apache2/configure-apache.sh +++ b/Modular Scripts/Apache2/configure-apache.sh @@ -9,7 +9,7 @@ source configure-linux.sh "being-invoked" #name of the current script SCRIPT_NAME=configure-apache.sh #version of the current script -SCRIPT_VERSION=1.5 +SCRIPT_VERSION=1.6 #we have not found the apache version yet at this point in the script APP_TAG="\"apache-version\":\"\"" @@ -42,6 +42,9 @@ LOGGLY_FILE_TAG="apache" #add tags to the logs TAG= + +TLS_SENDING="true" + ########## Variable Declarations - End ########## #check if apache environment is compatible for Loggly @@ -250,17 +253,27 @@ write21ApacheFileContents() logMsgToConfigSysLog "INFO" "INFO: Creating file $APACHE_SYSLOG_CONFFILE" sudo touch $APACHE_SYSLOG_CONFFILE sudo chmod o+w $APACHE_SYSLOG_CONFFILE - - imfileStr="\$ModLoad imfile + commonContent=" + \$ModLoad imfile \$InputFilePollInterval 10 \$WorkDirectory $RSYSLOG_DIR " + if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then - imfileStr+="\$PrivDropToGroup adm + commonContent+="\$PrivDropToGroup adm " fi - imfileStr+=" + imfileStr=$commonContent" + + \$ActionSendStreamDriver gtls + \$ActionSendStreamDriverMode 1 + \$ActionSendStreamDriverAuthMode x509/name + \$ActionSendStreamDriverPermittedPeer *.loggly.com + + #RsyslogGnuTLS + \$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt + # Apache access file: \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ACCESS_LOG_FILE \$InputFileTag apache-access: @@ -279,12 +292,43 @@ write21ApacheFileContents() #Add a tag for apache events \$template LogglyFormatApache,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" - + + if \$programname == 'apache-access' then @@logs-01.loggly.com:6514;LogglyFormatApache + if \$programname == 'apache-access' then ~ + if \$programname == 'apache-error' then @@logs-01.loggly.com:6514;LogglyFormatApache + if \$programname == 'apache-error' then ~ + " + imfileStrNonTls=$commonContent" + + # Apache access file: + \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ACCESS_LOG_FILE + \$InputFileTag apache-access: + \$InputFileStateFile stat-apache-access + \$InputFileSeverity info + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #Apache Error file: + \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ERROR_LOG_FILE + \$InputFileTag apache-error: + \$InputFileStateFile stat-apache-error + \$InputFileSeverity error + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #Add a tag for apache events + \$template LogglyFormatApache,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" + if \$programname == 'apache-access' then @@logs-01.loggly.com:514;LogglyFormatApache if \$programname == 'apache-access' then ~ if \$programname == 'apache-error' then @@logs-01.loggly.com:514;LogglyFormatApache if \$programname == 'apache-error' then ~ " + + if [ $TLS_SENDING == "false" ]; + then + imfileStr=$imfileStrNonTls + fi #change the apache-21 file to variable from above and also take the directory of the apache log file. sudo cat << EOIPFW >> $APACHE_SYSLOG_CONFFILE @@ -384,7 +428,7 @@ remove21ApacheConfFile() usage() { cat << EOF -usage: configure-apache [-a loggly auth account or subdomain] [-t loggly token (optional)] [-u username] [-p password (optional)] [-tag filetag1,filetag2 (optional)] [-s suppress prompts {optional)] +usage: configure-apache [-a loggly auth account or subdomain] [-t loggly token (optional)] [-u username] [-p password (optional)] [-tag filetag1,filetag2 (optional)] [-s suppress prompts {optional)] [--insecure {to send logs without TLS} (optional)] usage: configure-apache [-a loggly auth account or subdomain] [-r to rollback] usage: configure-apache [-h for help] EOF @@ -427,6 +471,11 @@ while [ "$1" != "" ]; do usage exit ;; + --insecure ) + LOGGLY_TLS_SENDING="false" + TLS_SENDING="false" + LOGGLY_SYSLOG_PORT=514 + ;; esac shift done @@ -444,3 +493,4 @@ else fi ########## Get Inputs from User - End ########## +