1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
| #!/bin/bash
#Install & Config the rsyslog
#Release 0.3
#date 2016.10.10
#set -x
#此脚本为log自动部署脚本
#版本较早系统自带syslog,较新版本自带rsyslog
#手动配置如下,
#在/etc/rsyslog中追加以下配置,然后重启/etc/init.d/rsyslog restart
# user.* @172.16.16.20
# authpriv.* @172.16.16.20
# *.warning @172.16.16.20
#或者user.*;authpriv.*;*.warning @172.16.16.20
#然后在/etc/bashrc中追加以下配置,然后运行 source /etc/bashrc即可
#export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
#
#PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
PATH=$PATH:~/bin
export PATH
#同步时间
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
function timecmd(){
ntpdate pool.ntp.org
}
if [ ! -e "/usr/sbin/ntpdate" ]; then
yum install -y ntpdate && timecmd
else
timecmd
echo -e "\n error"
fi
#导入配置信息
#cfg(){
#sed -i '$a #Send the log information to the server' $log
#sed -i '$a user.* @172.16.16.20' $log
#sed -i '$a authpriv.* @172.16.16.20' $log
#sed -i '$a *.warning @172.16.16.20' $log
#}
#cfgs(){
#sed -i '$a #Send the log information to the server' $logs
#sed -i '$a user.* @172.16.16.20' $logs
#sed -i '$a authpriv.* @172.16.16.20' $logs
#sed -i '$a *.warning @172.16.16.20' $logs
#}
logr=/etc/rsyslog.conf
logs=/etc/syslog.conf
cfg(){
sed -i '$a #Send the log information to the server' $logr
sed -i '$a *.warning;user.*;authpriv.* @172.16.16.20' $logr
}
cfgs(){
sed -i '$a #Send the log information to the server' $logs
sed -i '$a *.warning;user.*;authpriv.* @172.16.16.20' $logs
}
#启动服务并且设置为开机自动启动
autoboot(){
(/etc/init.d/rsyslog start && chkconfig rsyslog on)
}
autoboots(){
(/etc/init.d/syslog start && chkconfig syslog on)
}
#安装rsyslog服务
irsyslog(){
yum install -y rsyslog || echo "Install error" && exit 3
}
rsyscfg=$(cat /etc/rsyslog.conf | grep "@172.16.16.20" | grep -v '#' | awk '{print $2}')
ipadd='@172.16.16.20'
if [ -f $logs ]; then
cfgs
elif [ "$rsyscfg" == "$ipadd" ]; then
echo "172.16.16.20 in rsyslog.conf" && exit 4
elif [ -f $logr ]; then
cfg
else
irsyslog && cfgs
fi
#记录shell中所有输入的命令
usercmd=$(cat /etc/bashrc | grep '#Record-the-input-cmd')
cmdinfo=#Record-the-input-cmd
bashrcfile=/etc/bashrc
shrc(){
sed -i '$a #Record-the-input-cmd' $bashrcfile
echo export PROMPT_COMMAND=\''{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'\' >> $bashrcfile
}
if [ "$usercmd" == "$cmdinfo" ];then
echo "commandinfo is exist " && exit 5
elif [ -e /etc/bashrc ]; then
shrc
else
echo "error: not import to the /etc/bashrc "
fi
source /etc/bashrc
autoboot || autoboots
|