From 5afa8b2504dac3b03ddac100d1ce68998657883b Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Fri, 21 Apr 2017 08:52:12 +0000 Subject: [PATCH 1/4] Add TLS Support to Apache Script --- Modular Scripts/Apache2/configure-apache.sh | 64 ++++++++++++++++++--- 1 file changed, 57 insertions(+), 7 deletions(-) diff --git a/Modular Scripts/Apache2/configure-apache.sh b/Modular Scripts/Apache2/configure-apache.sh index 48f30c9..260991f 100644 --- a/Modular Scripts/Apache2/configure-apache.sh +++ b/Modular Scripts/Apache2/configure-apache.sh @@ -2,14 +2,14 @@ #downloads configure-linux.sh echo "INFO: Downloading dependencies - configure-linux.sh" -curl -s -o configure-linux.sh https://www.loggly.com/install/configure-linux.sh +curl -s -o configure-linux.sh https://raw.githubusercontent.com/Shwetajain148/install-script/tls-support-filemonitoring/Linux%20Script/configure-linux.sh source configure-linux.sh "being-invoked" ########## Variable Declarations - Start ########## #name of the current script SCRIPT_NAME=configure-apache.sh #version of the current script -SCRIPT_VERSION=1.5 +SCRIPT_VERSION=1.6 #we have not found the apache version yet at this point in the script APP_TAG="\"apache-version\":\"\"" @@ -42,6 +42,9 @@ LOGGLY_FILE_TAG="apache" #add tags to the logs TAG= + +TLS_SENDING="true" + ########## Variable Declarations - End ########## #check if apache environment is compatible for Loggly @@ -250,17 +253,27 @@ write21ApacheFileContents() logMsgToConfigSysLog "INFO" "INFO: Creating file $APACHE_SYSLOG_CONFFILE" sudo touch $APACHE_SYSLOG_CONFFILE sudo chmod o+w $APACHE_SYSLOG_CONFFILE - - imfileStr="\$ModLoad imfile + commonContent=" + \$ModLoad imfile \$InputFilePollInterval 10 \$WorkDirectory $RSYSLOG_DIR " + if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then - imfileStr+="\$PrivDropToGroup adm + commonContent+="\$PrivDropToGroup adm " fi - imfileStr+=" + imfileStr=$commonContent" + + \$ActionSendStreamDriver gtls + \$ActionSendStreamDriverMode 1 + \$ActionSendStreamDriverAuthMode x509/name + \$ActionSendStreamDriverPermittedPeer *.loggly.com + + #RsyslogGnuTLS + \$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt + # Apache access file: \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ACCESS_LOG_FILE \$InputFileTag apache-access: @@ -279,12 +292,43 @@ write21ApacheFileContents() #Add a tag for apache events \$template LogglyFormatApache,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" - + + if \$programname == 'apache-access' then @@logs-01.loggly.com:6514;LogglyFormatApache + if \$programname == 'apache-access' then ~ + if \$programname == 'apache-error' then @@logs-01.loggly.com:6514;LogglyFormatApache + if \$programname == 'apache-error' then ~ + " + imfileStrNonTls=$commonContent" + + # Apache access file: + \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ACCESS_LOG_FILE + \$InputFileTag apache-access: + \$InputFileStateFile stat-apache-access + \$InputFileSeverity info + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + + #Apache Error file: + \$InputFileName $LOGGLY_APACHE_LOG_HOME/$APACHE_ERROR_LOG_FILE + \$InputFileTag apache-error: + \$InputFileStateFile stat-apache-error + \$InputFileSeverity error + \$InputFilePersistStateInterval 20000 + \$InputRunFileMonitor + #Add a tag for apache events + #Add a tag for apache events + \$template LogglyFormatApache,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\" + if \$programname == 'apache-access' then @@logs-01.loggly.com:514;LogglyFormatApache if \$programname == 'apache-access' then ~ if \$programname == 'apache-error' then @@logs-01.loggly.com:514;LogglyFormatApache if \$programname == 'apache-error' then ~ " + + if [ $TLS_SENDING == "false" ]; + then + imfileStr=$imfileStrNonTls + fi #change the apache-21 file to variable from above and also take the directory of the apache log file. sudo cat << EOIPFW >> $APACHE_SYSLOG_CONFFILE @@ -427,6 +471,11 @@ while [ "$1" != "" ]; do usage exit ;; + --insecure ) + LOGGLY_TLS_SENDING="false" + TLS_SENDING="false" + LOGGLY_SYSLOG_PORT=514 + ;; esac shift done @@ -444,3 +493,4 @@ else fi ########## Get Inputs from User - End ########## + From 997afbb7c191fe03b2d42e0e007382c22f97b63b Mon Sep 17 00:00:00 2001 From: Shwetajain148 Date: Fri, 21 Apr 2017 14:30:20 +0530 Subject: [PATCH 2/4] Update configure-apache.sh --- Modular Scripts/Apache2/configure-apache.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modular Scripts/Apache2/configure-apache.sh b/Modular Scripts/Apache2/configure-apache.sh index 260991f..051d95d 100644 --- a/Modular Scripts/Apache2/configure-apache.sh +++ b/Modular Scripts/Apache2/configure-apache.sh @@ -2,7 +2,7 @@ #downloads configure-linux.sh echo "INFO: Downloading dependencies - configure-linux.sh" -curl -s -o configure-linux.sh https://raw.githubusercontent.com/Shwetajain148/install-script/tls-support-filemonitoring/Linux%20Script/configure-linux.sh +curl -s -o configure-linux.sh https://www.loggly.com/install/configure-linux.sh source configure-linux.sh "being-invoked" ########## Variable Declarations - Start ########## From 696b1b735ba3c34af16674f7c5cde31d6ee2878e Mon Sep 17 00:00:00 2001 From: Shwetajain148 Date: Fri, 21 Apr 2017 16:08:40 +0530 Subject: [PATCH 3/4] Update Syntax line --- Modular Scripts/Apache2/configure-apache.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modular Scripts/Apache2/configure-apache.sh b/Modular Scripts/Apache2/configure-apache.sh index 051d95d..36062d4 100644 --- a/Modular Scripts/Apache2/configure-apache.sh +++ b/Modular Scripts/Apache2/configure-apache.sh @@ -428,7 +428,7 @@ remove21ApacheConfFile() usage() { cat << EOF -usage: configure-apache [-a loggly auth account or subdomain] [-t loggly token (optional)] [-u username] [-p password (optional)] [-tag filetag1,filetag2 (optional)] [-s suppress prompts {optional)] +usage: configure-apache [-a loggly auth account or subdomain] [-t loggly token (optional)] [-u username] [-p password (optional)] [-tag filetag1,filetag2 (optional)] [-s suppress prompts {optional)] [--insecure {to send logs without TLS} (optional)] usage: configure-apache [-a loggly auth account or subdomain] [-r to rollback] usage: configure-apache [-h for help] EOF From 4824c841608966382552b6e135398dd42e69da5f Mon Sep 17 00:00:00 2001 From: Shwetajain148 Date: Wed, 17 May 2017 17:11:05 +0530 Subject: [PATCH 4/4] Add line breaks in the script's configuration --- Modular Scripts/Apache2/configure-apache.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modular Scripts/Apache2/configure-apache.sh b/Modular Scripts/Apache2/configure-apache.sh index 36062d4..ec0fd1d 100644 --- a/Modular Scripts/Apache2/configure-apache.sh +++ b/Modular Scripts/Apache2/configure-apache.sh @@ -315,7 +315,7 @@ write21ApacheFileContents() \$InputFileSeverity error \$InputFilePersistStateInterval 20000 \$InputRunFileMonitor - #Add a tag for apache events + #Add a tag for apache events \$template LogglyFormatApache,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\"