Ecco un piccolo script in bash per automatizzare l’archiviazione dei log di Apache server.
Eseguito nella directory dei logs li prende e li archivia in una sottodirectory per data ed ora. Riavvia apache in modalità graceful per non chiudere connessioni. Crea poi un file .tar contentente tutti i logs prelevati e ne verifica l’integrità, elimina la directory sorgente e crea la firma md5 del .tar. Invia inoltre una mail di notifica all’amministratore di sistema.
Utile se si vuole automatizzare la gestione dei log, magari attraverso una regola crontab.
Lo script è facilmente modificabile per la gestione dei log di altri software
Rilasciato in GPL 3.
Download [apache_log_archiver.sh.tar]
#!/bin/bash
#
# Name: Apache logs archiver (with email notify)
# Description: A simple script that archive logs into an arbitrary directory
# divided by date and time.
# After that it can tar the subdir (and verify it), delete the
# .log files, sign the .tar by md5sum and finally send a mail
# with the urls to download files.
# You can automate the execution of that script using a
# cron rule (monthly, weekly, daily).
#
# Usage: Place this script into your apache’s logdir
# (ex. /var/log/apache2) and run it.
# Set your options in the “configuration” section here.
# Remind: give me +x! (chmod +x apache_log_archiver.sh)
#
# Requires: sendmail, apache*-server, uname, tar, md5sum, whoami, date
#
# Author: Mora Fabio
# Version: 0.1
# Contact: fabio.mm@gmail.com – http://www.tech-effe.net
#
# This code is relased under GNU GPL v3 license
# (http://gplv3.fsf.org/)
#
# “Use Linux! It will save the world!”
# # # # # # # # # # # # # # # # # # # # # # # # ## >>>>CONFIGURATION
#Archive dir
ARCHIVEDIR=archived_logs/
#Archive name prefix
ARCHIVEPREFIX=`uname -n`’[apache2]logs-’#Apache init daemon path
APACHEINIT=/etc/init.d/apache2
#Apache control bin
APACHECTL=apache2ctl#Send email? [1/0]
SENDEMAIL=1
#Wich email? [1/0]
TOEMAIL=’your@email.com’
#Wich subject? [1/0]
SUBJECTEMAIL=’There are new archived logs from ‘
#Path of MTA
SENDMAILMTA=sendmail
#Download URL
URLMAIL=’https://logs.myhostname.com/secreturl/’
#Email buffer
EMAILTMP=/tmp/logsarchivemail.txt#Time to wait between apache reload and archiving?
# You shuld leave 600 seconds in a production server running by crontab
# You can override this using 0 seconds for test prupose
DELAY=600#Remove *.log* files after tar? [1/0]
RMAFTERTAR=0
#Verify tar file (requires more time)? [1/0]
VERIFYTAR=1
#Generate signature (useful if you want an md5sum)? [1/0]
SIGNTAR=1
#Tarfile permissions (it is NOT a good idea use 777…)?
PERMSTAR=775#Other settings
DATETIME=`date +%Y%m%d_%k%M%S`
NOTICE=’NOTICE: ‘
WARNING=’WARNING: ‘
ERROR=’ERROR: ‘# >>>>Beginning…
#I check if you are root
if [ ! `whoami` == 'root' ]
then
echo $ERROR ‘Go away, you are not the root user.’
exit -1
fi#I check if the archive dir exists, if no I try to make it
if [ ! -d $ARCHIVEDIR ]
then
if mkdir $ARCHIVEDIR
then
echo $NOTICE $ARCHIVEDIR “created successfully.”
else
echo $ERROR $ARCHIVEDIR “could not be created. This is your FS?”
exit -1
fi
fi#Creating the log subdir
if mkdir $ARCHIVEDIR$DATETIME
then
echo $NOTICE $ARCHIVEDIR$DATETIME “created successfully.”
else
echo $ERROR $ARCHIVEDIR$DATETIME “could not be created. This is your FS?”
exit -1
fi#Moving logs into the log subdir
if mv *.log* $ARCHIVEDIR$DATETIME
then
echo $NOTICE “logs successfully moved into” $ARCHIVEDIR$DATETIME”.”
else
echo $WARNING “unable to move logs into” $ARCHIVEDIR$DATETIME”. No logs?”
fi#Restarts apache gracefully
if $APACHECTL graceful
then
echo $NOTICE “Apache gracefully restarted.”
else
echo $WARNING “I can’t restart Apache gracefully. Trying hard mode.”if [ $APACHEINIT restart ]
then
echo $NOTICE “Apache hard-restarted.”
else
echo $ERROR “I can’t restart Apache.”
exit -1
fi
fi#…wait until the last visitor comes out of apache
sleep $DELAY#Add to an archive the moved logs
if [ $VERIFYTAR == 1 ]; then TAROPTIONS=’-cWf’; else TAROPTIONS=’-cf’; fiif tar $TAROPTIONS $ARCHIVEDIR$ARCHIVEPREFIX$DATETIME.tar $ARCHIVEDIR$DATETIME
then
chmod $PERMSTAR $ARCHIVEDIR$ARCHIVEPREFIX$DATETIME.tar
echo $NOTICE $ARCHIVEDIR$ARCHIVEPREFIX$DATETIME.tar” is ready for you.”
if [ $RMAFTERTAR == 1 ]
then
echo $NOTICE $ARCHIVEDIR” clean from logs.”
rm -R $ARCHIVEDIR$DATETIME
fi
else
echo $ERROR “failed to tar files.”
exit -1
fi#Generating .tar signature
if [ $SIGNTAR == 1 ]
then
touch $ARCHIVEDIR$ARCHIVEPREFIX$DATETIME.md5
md5sum $ARCHIVEDIR$ARCHIVEPREFIX$DATETIME.tar > $ARCHIVEDIR$ARCHIVEPREFIX$DATETIME.md5
chmod $PERMSTAR $ARCHIVEDIR$ARCHIVEPREFIX$DATETIME.md5
echo $NOTICE”signed “$ARCHIVEPREFIX$DATETIME”.tar into “$ARCHIVEPREFIX$DATETIME”.md5.”
fiif [ $SENDEMAIL == 1 ]
then
echo “Subject:” $SUBJECTEMAIL `uname -n` > $EMAILTMP
echo ‘Hi’ $TOEMAIL ‘,’ >> $EMAILTMP
echo ‘ there are new logs from’ `uname -n` “.” >> $EMAILTMP
echo ‘They are:’ >> $EMAILTMP
echo ‘ – (TAR) ‘$URLMAIL$ARCHIVEPREFIX$DATETIME.tar >> $EMAILTMP
if [ $SIGNTAR == 1 ]; then echo ‘ – (MD5) ‘$URLMAIL$ARCHIVEDIR$ARCHIVEPREFIX$DATETIME.md5 >> $EMAILTMP; fi;
echo ‘ Goodbye!’ >> $EMAILTMPif $SENDMAILMTA “$TOEMAIL” < $EMAILTMP
then
echo $NOTICE “email for” $TOEMAIL “queued.”
else
echo $ERROR “I can’t send email.”
exit -1
fi
fi#Exiting succefully
exit 0
