forked from nhanhoadocs/ghichep-cmdlog
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathcmdlog.sh
88 lines (78 loc) · 2.48 KB
/
cmdlog.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
#!/bin/bash
# CMD log version 3 2022-06-10
# CanhDX Giaohangtietkiem
# Variable
set -e
# Require permisio
if [[ "$EUID" -ne 0 ]]; then
echo "Please run as root or sudo"
exit 1;
fi
# Check OS
echo "Check Your OS"
if cat /etc/*release | grep CentOS > /dev/null 2>&1; then
OS="CentOS"
elif cat /etc/*release | grep ^NAME | grep Ubuntu > /dev/null 2>&1; then
OS="Ubuntu"
else
echo "Script doesn't support or verify this OS type/version"
exit 1;
fi
# Check install rsyslog,logrotate
echo "Check Rsyslog, logrotate installed"
if [[ $OS == "CentOS" ]]; then
if ! rpm -qa | grep 'rsyslog\|logrotate' > /dev/null 2>&1; then
yum install -y install rsyslog logrotate
fi
elif [[ $OS == "Ubuntu" ]]; then
if ! dpkg --get-selections | grep 'rsyslog\|logrotate' > /dev/null 2>&1; then
apt-get -y install rsyslog logrotate
fi
fi
# Check old deploy
echo "Check old cmdlog config"
if [[ -f "/var/log/cmdlog.log" ]]; then
echo "Server have been config CMD log before, Please check your config"
exit 1;
fi
# Config cmdlog
echo "Config cmdlog"
if [[ $OS == "CentOS" ]]; then
echo """
# Command log
export PROMPT_COMMAND='RETRN_VAL=$?;logger -p local6.debug \"[\$(echo \$SSH_CLIENT | cut -d\" \" -f1)] # \$(history 1 | sed \"s/^[ ]*[0-9]\+[ ]*//\" )\"'
export HISTTIMEFORMAT='%d/%m/%y %T '""" >> /etc/bashrc
elif [[ $OS == "Ubuntu" ]]; then
echo """
# Command log
export PROMPT_COMMAND='RETRN_VAL=$?;logger -p local6.debug \"[\$(echo \$SSH_CLIENT | cut -d\" \" -f1)] # \$(history 1 | sed \"s/^[ ]*[0-9]\+[ ]*//\" )\"'
export HISTTIMEFORMAT='%d/%m/%y %T '""" >> /etc/bash.bashrc
fi
# Config rsyslog
echo "Config rsyslog"
touch /var/log/cmdlog.log
chmod 600 /var/log/cmdlog.log
if [[ $OS == "CentOS" ]]; then
chown -R root:root /var/log/cmdlog.log
echo """
$RepeatedMsgReduction on
local6.* /var/log/cmdlog.log""" >> /etc/rsyslog.conf
elif [[ $OS == "Ubuntu" ]]; then
chown -R syslog:syslog /var/log/cmdlog.log
echo """
local6.* /var/log/cmdlog.log""" >> /etc/rsyslog.conf
fi
# Config logrotate
echo "Config logrotate"
if [[ $OS == "CentOS" ]]; then
cp config/cmdlog_centos /etc/logrotate.d/cmdlog
elif [[ $OS == "Ubuntu" ]]; then
cp config/cmdlog_ubuntu /etc/logrotate.d/cmdlog
fi
# Restart
echo "Restart services"
systemctl restart logrotate
systemctl restart rsyslog
echo "DONE - This task need be LOGOUT & LOGIN again to start logging cmd"
exit