-
-
#!/bin/sh
-
append=“”;
-
tail -F /opt/log/audit/audit.log | sed -u -e ‘s/^M//g’ -e ‘/^$/d’ -e ‘s/ *$//g’ -e ‘s/^ *//g’ -e ‘s/ +/ /g’ | while read line; do
-
if [ “$line” == “___” ]
-
then
-
logger -p local0.info -t tag $append
-
append=“”;
-
else
-
append=“$append#$line”;
-
fi
-
done
-
-
-
export PROMPT_COMMAND=“${PROMPT_COMMAND:+$PROMPT_COMMAND ; }”‘echo $$ $USER “$(history 1)”|logger -p user.alert -t bash_history’
-
readonly PROMPT_COMMAND
-
-
<150> represents facility and severity following RC3164 Syslog header use the current timestamp and a random hostname
-
echo “<150>`env LANG=us_US.UTF-8 date “+%b %d %H:%M:%S“` host`date +%s` service: my special message goes here” | nc 192.168.0.1 -u 514 –w 1
-
-
-
# For IOS devices you might use the following to generate syslog entries for logins: login block-for 120 attempts 4 within 120 login on-failure log login on-success log # to generate syslog entries for the executed commands: archive log config logging enable notify syslog hidekeys
-
-
# Dans /etc/syslog.conf
-
facility.priority @IP ou nom
-
-
-
syslogd -m 0 -r
-
-
-
logger -p facility.priority “your message”
“syslog” related tags
spirit’s tags
access apache apache2 apt arguments auditd auth awk backup backups bandwidth bash bridge cache cd charset cisco commands conversion cron css date debian debug default diff directories directory distance dns dom du eth ethernet excel exclude files find firefox flash forms function hacks headers history hosts htaccess html http https ie ifconfig images input ip javascript jobs kill latitude linux log logging longitude mac mail maps merge monitoring mysql network nginx openssl packages performance performances perl php red hat regex restore root route rpm script security server shell ssh ssl svn switch syslog tail trunk unix virtualhost vlan vmware windows yum
-