INFN wiki

User Tools

Site Tools

Trace:
cn:ccr:formazione:centos7:2018-11:logging-soluzioni

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
cn:ccr:formazione:centos7:2018-11:logging-soluzioni [2018/11/28 09:16] – DESTINAZIO dmaselli@infn.itcn:ccr:formazione:centos7:2018-11:logging-soluzioni [2018/11/28 10:24] (current) – [Esercizio 3] dmaselli@infn.it
Line 1: Line 1:
 +====== Rsyslog (Soluzioni) ======
 +
 +
 +===== Esercizio 1 =====
 +
 +
 +<code bash>
 +
 +cat > /etc/rsyslog.d/esercizio-1.conf <<'EOT'
 +
 +$template tpl01,"/var/log/%timestamp:::date-year%/%programname%/%timestamp:::date-year%-%timestamp:::date-month%-%timestamp:::date-day%.log"
 +*.*       ?tpl01
 +
 +EOT
 +
 +systemctl restart rsyslog
 +
 +</code>
 +
 +
 +===== Esercizio 2 =====
 +
 +<code bash>
 +
 +cat > /etc/rsyslog.d/esercizio-2.conf <<'EOT'
 +
 +:msg, contains, "importante" /var/log/all-errors
 +
 +*.err /var/log/all-errors
 +
 +EOT
 +
 +systemctl restart rsyslog
 +
 +
 +logger -p info questo_log
 +
 +logger -p crit questo_log
 +
 +logger -p crit importante_questo_log
 +
 +tail /var/log/all-errors
 +
 +</code>
 +
 +
 +===== Esercizio 3 =====
 +
 +Sul server:
 +<code bash>
 +
 +cat > /etc/rsyslog.d/esercizio-3.conf <<'EOT'
 +
 +# Provides UDP syslog reception
 +$ModLoad imudp
 +$UDPServerRun 514
 +
 +# Provides TCP syslog reception
 +$ModLoad imtcp
 +$InputTCPServerRun 514
 +
 +$template tplremote,"/var/log/%timestamp:::date-year%/%HOSTNAME%/%programname%/%timestamp:::date-year%-%timestamp:::date-month%-%timestamp:::date-day%.log"
 +*.*       ?tplremote
 +
 +EOT
 +
 +systemctl restart rsyslog
 +
 +
 +ss -lntup | grep rsyslog
 +
 +udp    UNCONN          0         *:514                   *:                  users:(("rsyslogd",pid=1139,fd=3))
 +udp    UNCONN          0        :::514                  :::*                   users:(("rsyslogd",pid=1139,fd=4))
 +tcp    LISTEN          25        *:514                   *:                  users:(("rsyslogd",pid=1139,fd=5))
 +tcp    LISTEN          25       :::514                  :::*                   users:(("rsyslogd",pid=1139,fd=6))
 +
 +</code>
 +
 +
 +Sul client:
 +<code bash>
 +
 +cat > /etc/rsyslog.d/esercizio-3.conf <<'EOT'
 +*.* @@DESTINAZIONE
 +EOT
 +systemctl restart rsyslog
 +
 +</code>
 +
 +
 +
 +===== Esercizio 4 =====
 +
 +Su server e client:
 +  yum install rsyslog-relp
 +
 +Su server:
 +<code bash>
 +cat > /etc/rsyslog.d/esercizio-4.conf <<'EOT'
 +$ModLoad imrelp              # Load the input module
 +$InputRELPServerRun 20514    # Set the port to 20514
 +EOT
 +
 +systemctl restart rsyslog
 +</code>
 +
 +
 +Su client:
 +<code bash>
 +/bin/rm /etc/rsyslog.d/esercizio-3.conf
 +
 +cat > /etc/rsyslog.d/esercizio-4.conf <<'EOT'
 +$ModLoad omrelp
 +*.* :omrelp:DESTINAZIONE:20514;RSYSLOG_ForwardFormat
 +EOT
 +
 +systemctl restart rsyslog
 +
 +logger -p info prova
 +
 +</code>
 +
 +
 +su server:
 +  systemctl stop rsyslog
 +
 +su client:
 +  logger -p info prova_server_spento
 +
 +
 +su server:
 +  tail -f /var/log/remote &
 +  systemctl start rsyslog
 +
 +
 +
 +su client
 +  logger -p info prova_server_acceso
 +
 +
 +
 +
 +
 +===== Esercizio 5 =====
 +
 +<code bash>
 +
 +cat > /tmp/wall-line.sh <<'EOT'
 +#!/bin/bash
 +while read line; do
 +  wall "$line"
 +done
 +EOT
 +chmod +x /tmp/wall-line.sh
 +
 +cat > /etc/rsyslog.d/esercizio-5.conf <<'EOT'
 + 
 +module(load="omprog")
 + 
 +if ($msg contains "mondo") then {
 +  action(type="omprog" binary="/tmp/wall-line.sh")
 +}
 + 
 +EOT
 +
 +</code>
  
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki