Tag Archives: server

Central Rsyslog server with TLS encrytion. | rsyslog log central splunk

Certificate setup.

Server Certificate.

Create the following directory

Install the following package to enable encryption on rsyslog.

Execute the following command which create the certificates.

Client Certificate.

 

Copy the following three certificates to the client machine to the following location /etc/ssl/rsyslog/.

 

 

Server Setup.

Create the following configuration file.

Restart the server.

This will allow the changes to take effect.

Running netstat will show you that its listen on encrypted and un-encrypted ports for logging traffic.

Client Setup.

Replace the SERVER with the IP address of your rsyslog server.

Restart rsyslog on the client so that changes can take effect.

Now to test the logs are transmitted execute.

To verify that the logs are received on the encrypted port, connect to the server and run the following.

This will listen for traffic on the encrypted port. Successful results should look like this.

 

Setup a central rsyslog server Howto | Setup a central log server

This document has the instructions required to setup a centralized log server. This should be a minimum requirement for all organizations. A must have tool for intrusion prevention and detection.

Server Setup

Install rsyslog and vim text editor.

Edit the configuration file.

Ensure the configuration file has the following enabled.

Restart the service to allow the change of configuration to take effect.

The following command “netstat” will check to see which ports are open on the system and listening. Port 514 should be open and listening, waiting for logs to be shipped from the client.

If the above ports appear open, then the server configuration is operating correctly.

 

Client Setup

Let install rsyslog and vim text editor

Edit config file.

Appending the following line to the end of the configuration file. Ensure you change the IP address of the forward to the IP address of the rsyslog server configured earlier.

Restart rsyslog to allow the changes to take effect.

To test, issue the following command and tail the logs of the rsyslog server.

You should see the above quoted line appear on the servers logs.

 

 

How to determine what your DHCP server is on Linux | how to determine your dhcp server ip address

I encountered a problem yesterday where my IP was not changing, I should have gotten a new lease from the DHCP server.

I needed to find which server was giving me my leases, I didn’t know where this information was stored.

Anyway, its here!

It should give you information like this, look around because different flavors of Linux will store the lease in a different location.

 

How to mount NFS in a Docker Ubuntu container | mounting nfs shares in docker containers

I had problems mounting NFS shares in my docker container, error would appear with permissions denied. This is the fix which worked for me.

Inside the container execute the following.

on the host execute the following to mount the share.

 

Docker crash course with Ubuntu – for beginners | docker ubunter 16.04 beginners guide howto

A quick crash course on how to get a docker container up and going on a Ubuntu 16.04 server.

01. This first section will essentially install the docker repos onto the Ubuntu box.

02. This will actually install docker.

03. Check that its running.

04. This will test that docker is properly installed and able to execute docker containers.

05. This will download the ubuntu image from the repo.

06. The will need to list the images which are available to us, taking note of the image ID

07. Then we cut-n-paste the ID into the command below.

08. You will now notice your running a full blown Ubuntu OS which is actually in a container, this is tested by checking what procs are running by typing “ps waux”, there should only be a few procs running.

09. Exit out of the container, this will end the container

10. The following command will show you the available containers

11.  Determine which container you worked on, cut and paste the ID into the command below to start it in the background.

12. The container is now running, can may connect to it on the terminal by typing the following command and pasting the ID at the end.

 

All you need to know to get you going!

 

 

 

 

 

 

 

 

 

 

 

 

Executing SFTP transfers in BASH scripts | linux centos ssh rcp sftp ftp bash script batch file automation

I need to write a script which fetched files off a ftp server and put it into a specify folder for processing.

I was used to using SSH for these job and now I was forced to connect to an SFTP server, this was my first time and everything is a little different.

I have attached the commands I used in my bash script to get the project over the line.

 

This command allows you get a listing of what is currently on the server.

This will fetch all the CSV files on the SFTP server and copy them locally.

This was partially tricky, don’t know why. They may be an easier way which I overlooked but this worked for me. For some reason to send file you need to specify the instructions in a batch file which is execute once connected.