diff options
| author | mboelen <michael@cisofy.com> | 2014-09-15 14:01:09 +0400 |
|---|---|---|
| committer | mboelen <michael@cisofy.com> | 2014-09-15 14:01:09 +0400 |
| commit | c9fde8c2d11744cc0875bc3e5dd0abf096211755 (patch) | |
| tree | 0997d08919db7ec4e2aa9065c3e9aaf1671c4d6f /include/tests_logging | |
| parent | 35d32fb5e40b86632677fd2256aebeddf926394a (diff) | |
Code cleanup and small enhancements
Diffstat (limited to 'include/tests_logging')
| -rw-r--r-- | include/tests_logging | 325 |
1 files changed, 162 insertions, 163 deletions
diff --git a/include/tests_logging b/include/tests_logging index 3080cc92..ff9a48f3 100644 --- a/include/tests_logging +++ b/include/tests_logging @@ -41,21 +41,21 @@ # Notes : Log which syslog daemon is found YYY Register --test-no LOGG-2130 --weight L --network NO --description "Check for running syslog daemon" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Searching for a logging daemon... " + logtext "Test: Searching for a logging daemon" FIND=`${PSBINARY} ax | egrep "syslogd|syslog-ng|metalog|systemd-journal" | grep -v "grep"` if [ "${FIND}" = "" ]; then - Display --indent 2 --text "- Checking for a running log daemon..." --result WARNING --color RED - logtext "Result: Could not find a syslog daemon like syslog, syslog-ng, rsyslog, metalog, systemd-journal" - ReportSuggestion ${TEST_NO} "Check if any syslog daemon is running and correctly configured." - ReportWarning ${TEST_NO} "H" "No syslog daemon found" - AddHP 0 3 - else - Display --indent 2 --text "- Checking for a running log daemon..." --result OK --color GREEN - logtext "Result: Found a logging daemon" - SYSLOG_DAEMON_PRESENT=1 - SYSLOG_DAEMON_RUNNING=1 - AddHP 3 3 - fi + Display --indent 2 --text "- Checking for a running log daemon" --result WARNING --color RED + logtext "Result: Could not find a syslog daemon like syslog, syslog-ng, rsyslog, metalog, systemd-journal" + ReportSuggestion ${TEST_NO} "Check if any syslog daemon is running and correctly configured." + ReportWarning ${TEST_NO} "H" "No syslog daemon found" + AddHP 0 3 + else + Display --indent 2 --text "- Checking for a running log daemon" --result OK --color GREEN + logtext "Result: Found a logging daemon" + SYSLOG_DAEMON_PRESENT=1 + SYSLOG_DAEMON_RUNNING=1 + AddHP 3 3 + fi fi # ################################################################################# @@ -64,18 +64,18 @@ # Description : Check for a running syslog-ng daemon Register --test-no LOGG-2132 --weight L --network NO --description "Check for running syslog-ng daemon" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Searching for syslog-ng daemon in process list... " + logtext "Test: Searching for syslog-ng daemon in process list" FIND=`${PSBINARY} ax | grep "/syslog-ng" | grep -v "grep"` if [ ! "${FIND}" = "" ]; then - logtext "Result: Found syslog-ng in process list" - Display --indent 4 --text "- Checking Syslog-NG status" --result FOUND --color GREEN - SYSLOG_DAEMON_PRESENT=1 - SYSLOG_NG_RUNNING=1 - else - logtext "Result: Syslog-ng NOT found in process list" - Display --indent 4 --text "- Checking Syslog-NG status" --result "NOT FOUND" --color WHITE - fi - fi + logtext "Result: Found syslog-ng in process list" + Display --indent 4 --text "- Checking Syslog-NG status" --result FOUND --color GREEN + SYSLOG_DAEMON_PRESENT=1 + SYSLOG_NG_RUNNING=1 + else + logtext "Result: Syslog-ng NOT found in process list" + Display --indent 4 --text "- Checking Syslog-NG status" --result "NOT FOUND" --color WHITE + fi + fi # ################################################################################# # @@ -84,16 +84,16 @@ if [ ! "${SYSLOGNGBINARY}" = "" -a ${SYSLOG_NG_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no LOGG-2134 --preqs-met ${PREQS_MET} --weight L --network NO --description "Checking Syslog-NG configuration file consistency" if [ ${SKIPTEST} -eq 0 ]; then - FIND=`${SYSLOGNGBINARY} -s; echo $?` - if [ "${FIND}" = "0" ]; then - logtext "Result: Syslog-NG configuration file seems to be consistent" - Display --indent 6 --text "- Checking Syslog-NG consistency" --result OK --color GREEN - else - logtext "Result: Syslog-NG configuration file seems NOT to be consistent" - Display --indent 6 --text "- Checking Syslog-NG consistency" --result WARNING --color RED - ReportWarning ${TEST_NO} "L" "Found one or more problems in Syslog-NG configuration file" - ReportSuggestion ${TEST_NO} "Check the Syslog-NG configuration file and/or run a manual consistency check with: syslog-ng -s" - fi + FIND=`${SYSLOGNGBINARY} -s; echo $?` + if [ "${FIND}" = "0" ]; then + logtext "Result: Syslog-NG configuration file seems to be consistent" + Display --indent 6 --text "- Checking Syslog-NG consistency" --result OK --color GREEN + else + logtext "Result: Syslog-NG configuration file seems NOT to be consistent" + Display --indent 6 --text "- Checking Syslog-NG consistency" --result WARNING --color RED + ReportWarning ${TEST_NO} "L" "Found one or more problems in Syslog-NG configuration file" + ReportSuggestion ${TEST_NO} "Check the Syslog-NG configuration file and/or run a manual consistency check with: syslog-ng -s" + fi fi # ################################################################################# @@ -102,17 +102,17 @@ # Description : Check for a running metalog daemon Register --test-no LOGG-2210 --weight L --network NO --description "Check for running metalog daemon" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Searching for metalog daemon in process list... " + logtext "Test: Searching for metalog daemon in process list" FIND=`${PSBINARY} ax | grep "metalog" | grep -v "grep"` if [ ! "${FIND}" = "" ]; then - logtext "Result: Found metalog in process list" - Display --indent 4 --text "- Checking Metalog status" --result FOUND --color GREEN - SYSLOG_DAEMON_PRESENT=1 - METALOG_RUNNING=1 - else - logtext "Result: metalog NOT found in process list" - Display --indent 4 --text "- Checking Metalog status" --result "NOT FOUND" --color WHITE - fi + logtext "Result: Found metalog in process list" + Display --indent 4 --text "- Checking Metalog status" --result FOUND --color GREEN + SYSLOG_DAEMON_PRESENT=1 + METALOG_RUNNING=1 + else + logtext "Result: metalog NOT found in process list" + Display --indent 4 --text "- Checking Metalog status" --result "NOT FOUND" --color WHITE + fi fi # ################################################################################# @@ -121,17 +121,17 @@ # Description : Check for a running rsyslog daemon Register --test-no LOGG-2230 --weight L --network NO --description "Check for running RSyslog daemon" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Searching for RSyslog daemon in process list... " + logtext "Test: Searching for RSyslog daemon in process list" FIND=`${PSBINARY} ax | grep "rsyslogd" | grep -v "grep"` if [ ! "${FIND}" = "" ]; then - logtext "Result: Found rsyslogd in process list" - Display --indent 4 --text "- Checking RSyslog status" --result FOUND --color GREEN - SYSLOG_DAEMON_PRESENT=1 - RSYSLOG_RUNNING=1 - else - logtext "Result: rsyslogd NOT found in process list" - Display --indent 4 --text "- Checking RSyslog status" --result "NOT FOUND" --color WHITE - fi + logtext "Result: Found rsyslogd in process list" + Display --indent 4 --text "- Checking RSyslog status" --result FOUND --color GREEN + SYSLOG_DAEMON_PRESENT=1 + RSYSLOG_RUNNING=1 + else + logtext "Result: rsyslogd NOT found in process list" + Display --indent 4 --text "- Checking RSyslog status" --result "NOT FOUND" --color WHITE + fi fi # ################################################################################# @@ -140,17 +140,17 @@ # Description : Check for a running RFC 3195 compliant daemon (syslog via TCP) Register --test-no LOGG-2240 --weight L --network NO --description "Check for running RFC 3195 compliant daemon" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Searching for RFC 3195 daemon (alias syslog reliable) in process list... " + logtext "Test: Searching for RFC 3195 daemon (alias syslog reliable) in process list" FIND=`${PSBINARY} ax | grep "rfc3195d" | grep -v "grep"` if [ ! "${FIND}" = "" ]; then - logtext "Result: Found rfc3195d in process list" - Display --indent 4 --text "- Checking RFC 3195 daemon status" --result FOUND --color GREEN - SYSLOG_DAEMON_PRESENT=1 - RFC3195D_RUNNING=1 - else - logtext "Result: rfc3195d NOT found in process list" - Display --indent 4 --text "- Checking RFC 3195 daemon status" --result "NOT FOUND" --color WHITE - fi + logtext "Result: Found rfc3195d in process list" + Display --indent 4 --text "- Checking RFC 3195 daemon status" --result FOUND --color GREEN + SYSLOG_DAEMON_PRESENT=1 + RFC3195D_RUNNING=1 + else + logtext "Result: rfc3195d NOT found in process list" + Display --indent 4 --text "- Checking RFC 3195 daemon status" --result "NOT FOUND" --color WHITE + fi fi # ################################################################################# @@ -163,22 +163,22 @@ # This test should be below all other logging daemons Register --test-no LOGG-2138 --os Linux --weight L --network NO --description "Checking kernel logger daemon on Linux" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Searching kernel logger daemon (klogd)" - if [ ${RSYSLOG_RUNNING} -eq 0 ]; then - # Search for klogd, but ignore other lines related to klogd (like dd with input/output file) + logtext "Test: Searching kernel logger daemon (klogd)" + if [ ${RSYSLOG_RUNNING} -eq 0 ]; then + # Search for klogd, but ignore other lines related to klogd (like dd with input/output file) FIND=`${PSBINARY} ax | grep "klogd" | grep -v "dd" | grep -v "grep"` if [ ! "${FIND}" = "" ]; then - logtext "Result: klogd running" - Display --indent 4 --text "- Checking klogd" --result FOUND --color GREEN - else - logtext "Result: No klogd found" - Display --indent 4 --text "- Checking klogd" --result "NOT FOUND" --color RED - ReportWarning ${TEST_NO} "L" "klogd is not running, which could lead to missing kernel messages in log files" - ReportSuggestion ${TEST_NO} "Check why klogd is not running" - fi - else - logtext "Result: test skipped, because rsyslogd is being used" - fi + logtext "Result: klogd running" + Display --indent 4 --text "- Checking klogd" --result FOUND --color GREEN + else + logtext "Result: No klogd found" + Display --indent 4 --text "- Checking klogd" --result "NOT FOUND" --color RED + ReportWarning ${TEST_NO} "L" "klogd is not running, which could lead to missing kernel messages in log files" + ReportSuggestion ${TEST_NO} "Check why klogd is not running" + fi + else + logtext "Result: test skipped, because rsyslogd is being used" + fi fi # ################################################################################# @@ -187,19 +187,18 @@ # Description : Check for minilogd presence on Linux systems Register --test-no LOGG-2142 --os Linux --weight L --network NO --description "Checking minilog daemon" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Result: Checking for unkilled minilogd instances.." + logtext "Result: Checking for unkilled minilogd instances" # Search for minilogd. It shouldn't be running normally, if another syslog daemon is started - FIND=`${PSBINARY} ax | grep "minilogd" | grep -v "grep"` - if [ "${FIND}" = "" ]; then - Display --indent 4 --text "- Checking minilogd instances" --result "NOT FOUND" --color WHITE - logtext "Result: No minilogd is running.." - else - Display --indent 4 --text "- Checking minilogd instances" --result WARNING --color RED - logtext "Result: minilogd found in process list" - # minilogd daemon seems to be running.. - ReportWarning ${TEST_NO} "L" "minilogd is running, which should normally not be running" - ReportSuggestion ${TEST_NO} "Check minilogd is active and if other syslog daemons are started up properly" - fi + FIND=`${PSBINARY} ax | grep "minilogd" | grep -v "grep"` + if [ "${FIND}" = "" ]; then + Display --indent 4 --text "- Checking minilogd instances" --result "NOT FOUND" --color WHITE + logtext "Result: No minilogd is running" + else + Display --indent 4 --text "- Checking minilogd instances" --result WARNING --color RED + logtext "Result: minilogd found in process list" + # minilogd daemon seems to be running + ReportWarning ${TEST_NO} "L" "minilogd is running, which should normally not be running" + fi fi # ################################################################################# @@ -242,17 +241,17 @@ if [ ! "${LOGROTATEBINARY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no LOGG-2148 --weight L --preqs-met ${PREQS_MET} --network NO --description "Checking logrotated files" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Checking which files are rotated with logrotate and if they exist" - FIND=`${LOGROTATEBINARY} -d -v /etc/logrotate.conf 2>&1 | egrep "considering log|skipping" | grep -v '*' | sort | uniq | awk '{ if ($2!="log") { print "File:"$2":does_not_exist" } else { print "File:"$3":exists" } }'` - if [ "${FIND}" = "" ]; then - logtext "Result: nothing found" - else - logtext "Result: found one or more files which are rotated via logrotate" - for I in ${FIND}; do - logtext "Output: ${I}" - done - fi - fi + logtext "Test: Checking which files are rotated with logrotate and if they exist" + FIND=`${LOGROTATEBINARY} -d -v /etc/logrotate.conf 2>&1 | egrep "considering log|skipping" | grep -v '*' | sort | uniq | awk '{ if ($2!="log") { print "File:"$2":does_not_exist" } else { print "File:"$3":exists" } }'` + if [ "${FIND}" = "" ]; then + logtext "Result: nothing found" + else + logtext "Result: found one or more files which are rotated via logrotate" + for I in ${FIND}; do + logtext "Output: ${I}" + done + fi + fi # ################################################################################# # @@ -261,23 +260,23 @@ if [ ! "${LOGROTATEBINARY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no LOGG-2150 --weight L --preqs-met ${PREQS_MET} --network NO --description "Checking directories in logrotate configuration" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Checking which directories can be found in logrotate configuration" - FIND=`${LOGROTATEBINARY} -d -v /etc/logrotate.conf 2>&1 | egrep "considering log|skipping" | grep -v '*' | sort | uniq | awk '{ if ($2=="log") { print $3 } }' | sed 's/\/*[a-zA-Z_.-]*$//g' | sort | uniq` - if [ "${FIND}" = "" ]; then - logtext "Result: nothing found" - else - logtext "Result: found one or more directories (via logrotate configuration)" - for I in ${FIND}; do - if [ -d ${I} ]; then - logtext "Directory found: ${I}" - report "log_directory[]=${I}" - else - logtext "Directory could not be found: ${I}" - # YYY strip more parts of the name, until it can be found (and stop at /) - fi - done - fi - fi + logtext "Test: Checking which directories can be found in logrotate configuration" + FIND=`${LOGROTATEBINARY} -d -v /etc/logrotate.conf 2>&1 | egrep "considering log|skipping" | grep -v '*' | sort | uniq | awk '{ if ($2=="log") { print $3 } }' | sed 's/\/*[a-zA-Z_.-]*$//g' | sort | uniq` + if [ "${FIND}" = "" ]; then + logtext "Result: nothing found" + else + logtext "Result: found one or more directories (via logrotate configuration)" + for I in ${FIND}; do + if [ -d ${I} ]; then + logtext "Directory found: ${I}" + report "log_directory[]=${I}" + else + logtext "Directory could not be found: ${I}" + # YYY strip more parts of the name, until it can be found (and stop at /) + fi + done + fi + fi # ################################################################################# # @@ -286,36 +285,36 @@ # succesful resolving via DNS or any other name service. Register --test-no LOGG-2152 --weight L --os Solaris --network NO --description "Checking loghost" if [ ${SKIPTEST} -eq 0 ]; then - # Try local hosts file - logtext "Result: Checking for loghost in /etc/inet/hosts" - FIND=`grep loghost /etc/inet/hosts | grep -v "^#"` - if [ ! "${FIND}" = "" ]; then - SOLARIS_LOGHOST_FOUND=1 - logtext "Result: Found loghost entry in /etc/inet/hosts" - else - logtext "Result: No loghost entry found in /etc/inet/hosts" + # Try local hosts file + logtext "Result: Checking for loghost in /etc/inet/hosts" + FIND=`grep loghost /etc/inet/hosts | grep -v "^#"` + if [ ! "${FIND}" = "" ]; then + SOLARIS_LOGHOST_FOUND=1 + logtext "Result: Found loghost entry in /etc/inet/hosts" + else + logtext "Result: No loghost entry found in /etc/inet/hosts" + + # Try name resolving if no entry is present in local host file + logtext "Result: Checking for loghost via name resolving" + FIND=`getent hosts loghost | grep loghost` + if [ ! "${FIND}" = "" ]; then + SOLARIS_LOGHOST_FOUND=1 + logtext "Result: name resolving was succesful" + logtext "Output: ${FIND}" + else + logtext "Result: name resolving didn't find results" + fi + fi - # Try name resolving if no entry is present in local host file - logtext "Result: Checking for loghost via name resolving" - FIND=`getent hosts loghost | grep loghost` - if [ ! "${FIND}" = "" ]; then - SOLARIS_LOGHOST_FOUND=1 - logtext "Result: name resolving was succesful" - logtext "Output: ${FIND}" - else - logtext "Result: name resolving didn't find results" - fi - fi - if [ ${SOLARIS_LOGHOST_FOUND} -eq 1 ]; then - logtext "Result: loghost entry found and most likely used to send syslog messages" - Display --indent 2 --text "- Checking loghost entry" --result OK --color GREEN - else - Display --indent 2 --text "- Checking loghost entry" --result WARNING --color RED - logtext "Result: No loghost entry found" - ReportWarning ${TEST_NO} "L" "No loghost entry found" - ReportSuggestion ${TEST_NO} "Add a loghost entry to /etc/inet/hosts or other name services" - fi + logtext "Result: loghost entry found and most likely used to send syslog messages" + Display --indent 2 --text "- Checking loghost entry" --result OK --color GREEN + else + Display --indent 2 --text "- Checking loghost entry" --result WARNING --color RED + logtext "Result: No loghost entry found" + ReportWarning ${TEST_NO} "L" "No loghost entry found" + ReportSuggestion ${TEST_NO} "Add a loghost entry to /etc/inet/hosts or other name services" + fi fi # ################################################################################# @@ -326,27 +325,27 @@ if [ ${SYSLOG_DAEMON_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no LOGG-2154 --preqs-met ${PREQS_MET} --weight L --network NO --description "Checking syslog configuration file" if [ ${SKIPTEST} -eq 0 ]; then - if [ ${SYSLOG_NG_RUNNING} -eq 1 ]; then - SYSLOGD_CONF="/etc/syslog-ng/syslog-ng.conf" - else - SYSLOGD_CONF="/etc/syslog.conf" - fi - if [ -f ${SYSLOGD_CONF} ]; then - logtext "Test: check if logs are also logged to a remote logging host" - FIND=`egrep "@[a-zA-Z0-9]" ${SYSLOGD_CONF} | grep -v "^#" | grep -v "[a-zA-Z0-9]@"` - if [ ! "${FIND}" = "" ]; then - logtext "Result: remote logging enabled" - AddHP 5 5 - Display --indent 2 --text "- Checking remote logging" --result ENABLED --color GREEN - else - logtext "Result: no remote logging found" - ReportSuggestion ${TEST_NO} "Enable logging to an external logging host for archiving purposes and additional protection" - AddHP 1 3 - Display --indent 2 --text "- Checking remote logging" --result "NOT ENABLED" --color YELLOW - fi - else - logtext "Result: test skipped, file ${SYSLOGD_CONF} not found" - fi + if [ ${SYSLOG_NG_RUNNING} -eq 1 ]; then + SYSLOGD_CONF="/etc/syslog-ng/syslog-ng.conf" + else + SYSLOGD_CONF="/etc/syslog.conf" + fi + if [ -f ${SYSLOGD_CONF} ]; then + logtext "Test: check if logs are also logged to a remote logging host" + FIND=`egrep "@[a-zA-Z0-9]" ${SYSLOGD_CONF} | grep -v "^#" | grep -v "[a-zA-Z0-9]@"` + if [ ! "${FIND}" = "" ]; then + logtext "Result: remote logging enabled" + AddHP 5 5 + Display --indent 2 --text "- Checking remote logging" --result ENABLED --color GREEN + else + logtext "Result: no remote logging found" + ReportSuggestion ${TEST_NO} "Enable logging to an external logging host for archiving purposes and additional protection" + AddHP 1 3 + Display --indent 2 --text "- Checking remote logging" --result "NOT ENABLED" --color YELLOW + fi + else + logtext "Result: test skipped, file ${SYSLOGD_CONF} not found" + fi fi # ################################################################################# |