Tag Archives: fedora

Central Rsyslog server with TLS encrytion. | rsyslog log central splunk

Certificate setup.

Server Certificate.

Create the following directory

Install the following package to enable encryption on rsyslog.

Execute the following command which create the certificates.

Client Certificate.

 

Copy the following three certificates to the client machine to the following location /etc/ssl/rsyslog/.

 

 

Server Setup.

Create the following configuration file.

Restart the server.

This will allow the changes to take effect.

Running netstat will show you that its listen on encrypted and un-encrypted ports for logging traffic.

Client Setup.

Replace the SERVER with the IP address of your rsyslog server.

Restart rsyslog on the client so that changes can take effect.

Now to test the logs are transmitted execute.

To verify that the logs are received on the encrypted port, connect to the server and run the following.

This will listen for traffic on the encrypted port. Successful results should look like this.

 

How to disable root access to RHEL Redhat systems. | disable root access linux

For security reasons, root access to Linux systems should be disabled as  standard theses days. Some distributions still allow it but other have blocked it by default. We should be taking advantage of sudo, which allows you to log in with your standard unprivileged account but execute root commands with the sudo app.

Here are some quick and easy steps to stop root access to your system and improve your security footprint.

This command will lock the root account

This will replace the hashed password with “!”, which is another way to stop logons

To add another level of security you should also disable root logons from the ssh server too. Here is how to do so,

Ensure the following entry is set, if it currently does not exist in the config file, add it anywhere.

 

Syslog permissions blocking Splunk Access | syslog splunk permissions /var/log/messages

Had a problem splunk having access permissions to /var/log/messages, syslog would change the permissions to read only by root and no one else. The fix is in the syslog config file. See below.

Should have an entry like this 

Pay particular attentions to,

Then restart syslog

 

Error when installing VLC on Fedora Core 27 | Error when installing VLC on Fedora Core 27

Got the following error when installing VLC on Fedora Core 27.

The correct way to install VLC on any FC new then 22 is,

This will work.

How to determine what your DHCP server is on Linux | how to determine your dhcp server ip address

I encountered a problem yesterday where my IP was not changing, I should have gotten a new lease from the DHCP server.

I needed to find which server was giving me my leases, I didn’t know where this information was stored.

Anyway, its here!

It should give you information like this, look around because different flavors of Linux will store the lease in a different location.

 

Top 6 common uses for grep | top six uses for grep linux systems administration centos redhat

Grep is the number one tool used by linux systems administrators. I rely on this tool everyday, but its used in many different ways. I decided to list my top six uses.

 

Top use is grep with the recursive switch (grep -r). This is used for searching a particular filesystem path for a particular word. One common reason why I use this switch is when Im searching in a nagios configuration directory for mentions of a hostname. This allows me to find all the locations where a hostname has been mentioned and I can then alter it if needed.

 

This straightforward search allows you to look in a text file and find all the locations where the expression or search word can be found. The results will include the entire line where the expression has been matched.

 

The will do the opposite from he previous command, this will exclude all mentions of the search criteria. This will remove the entire line from the search results.

 

This will match the line but also include a certain number of subsequent lines, the number indicates how many lines after the match you would like included.

 

Again this the opposite of the previous command, this will include a certain number of lines before the match line.

 

This also proves to be very useful, this will remove case sensitivity from your search string.