rsyslog客户端自动部署脚本，经测试使用正常

07008

自动写的rsyslog客户端自动配置脚本，经测试正常使用

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92

#!/bin/bash #Install & Config the rsyslog #Release 0.3 #date 2016.10.10 #set -x #此脚本为log自动部署脚本 #版本较早系统自带syslog,较新版本自带rsyslog #手动配置如下， #在/etc/rsyslog中追加以下配置，然后重启/etc/init.d/rsyslog restart #  user.* @172.16.16.20 #  authpriv.* @172.16.16.20 #  *.warning @172.16.16.20 #或者user.*;authpriv.*;*.warning @172.16.16.20 #然后在/etc/bashrc中追加以下配置，然后运行 source /etc/bashrc即可 #export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }' # #PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin PATH=$PATH:~/bin export PATH #同步时间 cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime function timecmd(){ ntpdate pool.ntp.org } if [ ! -e "/usr/sbin/ntpdate" ]; then     yum install -y ntpdate && timecmd else     timecmd     echo -e "\n error" fi #导入配置信息 #cfg(){ #sed -i '$a #Send the log information to the server' $log #sed -i '$a user.* @172.16.16.20' $log #sed -i '$a authpriv.* @172.16.16.20' $log #sed -i '$a *.warning @172.16.16.20' $log #} #cfgs(){ #sed -i '$a #Send the log information to the server' $logs #sed -i '$a user.* @172.16.16.20' $logs #sed -i '$a authpriv.* @172.16.16.20' $logs #sed -i '$a *.warning @172.16.16.20' $logs #} logr=/etc/rsyslog.conf logs=/etc/syslog.conf cfg(){ sed -i '$a #Send the log information to the server' $logr sed -i '$a *.warning;user.*;authpriv.* @172.16.16.20' $logr } cfgs(){ sed -i '$a #Send the log information to the server' $logs sed -i '$a *.warning;user.*;authpriv.* @172.16.16.20' $logs } #启动服务并且设置为开机自动启动 autoboot(){ (/etc/init.d/rsyslog start && chkconfig rsyslog on) } autoboots(){ (/etc/init.d/syslog start && chkconfig syslog on) } #安装rsyslog服务 irsyslog(){ yum install -y rsyslog || echo "Install error" && exit 3 } rsyscfg=$(cat /etc/rsyslog.conf | grep "@172.16.16.20" | grep -v '#' | awk '{print $2}') ipadd='@172.16.16.20' if [ -f $logs ]; then     cfgs elif [ "$rsyscfg" == "$ipadd" ]; then     echo "172.16.16.20 in rsyslog.conf" && exit 4 elif [ -f $logr ]; then     cfg else     irsyslog && cfgs fi #记录shell中所有输入的命令 usercmd=$(cat /etc/bashrc | grep '#Record-the-input-cmd') cmdinfo=#Record-the-input-cmd bashrcfile=/etc/bashrc shrc(){ sed -i '$a #Record-the-input-cmd' $bashrcfile echo export PROMPT_COMMAND=\''{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'\' >> $bashrcfile } if [ "$usercmd" == "$cmdinfo" ];then     echo "commandinfo is exist " && exit 5 elif [ -e /etc/bashrc ]; then         shrc else         echo "error: not import to the /etc/bashrc " fi source /etc/bashrc autoboot || autoboots

Rsyslog+Anazyler使用正常