diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2016-07-24 18:22:00 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2016-07-24 18:22:00 +0300 |
| commit | 2f4c854ba7790d1c8fb8c664daea6c971f18aa72 (patch) | |
| tree | c3eed34233a165d56df1173b3f08e047b47ae47e /include/tests_logging | |
| parent | 0b5af4ed387ea0582181e56a56609c4a633cb91f (diff) | |
Rename of categories, introduction of groups
Diffstat (limited to 'include/tests_logging')
| -rw-r--r-- | include/tests_logging | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/include/tests_logging b/include/tests_logging index 37f3eeb6..5104f827 100644 --- a/include/tests_logging +++ b/include/tests_logging @@ -40,7 +40,7 @@ # Test : LOGG-2130 # Description : Check for a running syslog daemon - Register --test-no LOGG-2130 --weight L --network NO --description "Check for running syslog daemon" + Register --test-no LOGG-2130 --weight L --network NO --category security --description "Check for running syslog daemon" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Searching for a logging daemon" FIND=`${PSBINARY} ax | egrep "syslogd|syslog-ng|metalog|systemd-journal" | grep -v "grep"` @@ -63,7 +63,7 @@ # # Test : LOGG-2132 # Description : Check for a running syslog-ng daemon - Register --test-no LOGG-2132 --weight L --network NO --description "Check for running syslog-ng daemon" + Register --test-no LOGG-2132 --weight L --network NO --category security --description "Check for running syslog-ng daemon" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Searching for syslog-ng daemon in process list" IsRunning syslog-ng @@ -83,7 +83,7 @@ # Test : LOGG-2134 # Description : Check for Syslog-NG configuration file consistency if [ ! "${SYSLOGNGBINARY}" = "" -a ${SYSLOG_NG_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no LOGG-2134 --preqs-met ${PREQS_MET} --weight L --network NO --description "Checking Syslog-NG configuration file consistency" + Register --test-no LOGG-2134 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking Syslog-NG configuration file consistency" if [ ${SKIPTEST} -eq 0 ]; then FIND=`${SYSLOGNGBINARY} -s; echo $?` if [ "${FIND}" = "0" ]; then @@ -101,7 +101,7 @@ # # Test : LOGG-2136 # Description : Check for a running systemd-journal daemon - Register --test-no LOGG-2136 --weight L --network NO --description "Check for running systemd journal daemon" + Register --test-no LOGG-2136 --weight L --network NO --category security --description "Check for running systemd journal daemon" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Searching for systemd journal daemon in process list" IsRunning systemd-journal @@ -117,7 +117,7 @@ # # Test : LOGG-2210 # Description : Check for a running metalog daemon - Register --test-no LOGG-2210 --weight L --network NO --description "Check for running metalog daemon" + Register --test-no LOGG-2210 --weight L --network NO --category security --description "Check for running metalog daemon" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Searching for metalog daemon in process list" IsRunning metalog @@ -136,7 +136,7 @@ # # Test : LOGG-2230 # Description : Check for a running rsyslog daemon - Register --test-no LOGG-2230 --weight L --network NO --description "Check for running RSyslog daemon" + Register --test-no LOGG-2230 --weight L --network NO --category security --description "Check for running RSyslog daemon" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Searching for RSyslog daemon in process list" IsRunning rsyslogd @@ -155,7 +155,7 @@ # # Test : LOGG-2240 # Description : Check for a running RFC 3195 compliant daemon (syslog via TCP) - Register --test-no LOGG-2240 --weight L --network NO --description "Check for running RFC 3195 compliant daemon" + Register --test-no LOGG-2240 --weight L --network NO --category security --description "Check for running RFC 3195 compliant daemon" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Searching for RFC 3195 daemon (alias syslog reliable) in process list" IsRunning rfc3195d @@ -178,7 +178,7 @@ # * In combination with syslog-ng, klogd is still an addition to it, since it # captures kernel related events and send them to syslog-ng. # * This test should be below all other logging daemons - Register --test-no LOGG-2138 --os Linux --weight L --network NO --description "Checking kernel logger daemon on Linux" + Register --test-no LOGG-2138 --os Linux --weight L --network NO --category security --description "Checking kernel logger daemon on Linux" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Searching kernel logger daemon (klogd)" if [ ${RSYSLOG_RUNNING} -eq 0 -a ${SYSTEMD_JOURNAL_RUNNING} -eq 0 ]; then @@ -202,7 +202,7 @@ # # Test : LOGG-2142 # Description : Check for minilogd presence on Linux systems - Register --test-no LOGG-2142 --os Linux --weight L --network NO --description "Checking minilog daemon" + Register --test-no LOGG-2142 --os Linux --weight L --network NO --category security --description "Checking minilog daemon" if [ ${SKIPTEST} -eq 0 ]; then LogText "Result: Checking for unkilled minilogd instances" # Search for minilogd. It shouldn't be running normally, if another syslog daemon is started @@ -222,7 +222,7 @@ # # Test : LOGG-2146 # Description : Check for logrotate (/etc/logrotate.conf and logrotate.d) - Register --test-no LOGG-2146 --weight L --os Linux --network NO --description "Checking logrotate.conf and logrotate.d" + Register --test-no LOGG-2146 --weight L --os Linux --network NO --category security --description "Checking logrotate.conf and logrotate.d" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking for /etc/logrotate.conf" if [ -f /etc/logrotate.conf ]; then @@ -255,7 +255,7 @@ # Test : LOGG-2148 # Description : Checking log files rotated with logrotate if [ ! "${LOGROTATEBINARY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no LOGG-2148 --weight L --preqs-met ${PREQS_MET} --network NO --description "Checking logrotated files" + Register --test-no LOGG-2148 --weight L --preqs-met ${PREQS_MET} --network NO --category security --description "Checking logrotated files" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking which files are rotated with logrotate and if they exist" FIND=`${LOGROTATEBINARY} -d -v /etc/logrotate.conf 2>&1 | egrep "considering log|skipping" | grep -v '*' | sort -u | awk '{ if ($2!="log") { print "File:"$2":does_not_exist" } else { print "File:"$3":exists" } }'` @@ -274,7 +274,7 @@ # Test : LOGG-2150 # Description : Checking log directories rotated with logrotate if [ ! "${LOGROTATEBINARY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no LOGG-2150 --weight L --preqs-met ${PREQS_MET} --network NO --description "Checking directories in logrotate configuration" + Register --test-no LOGG-2150 --weight L --preqs-met ${PREQS_MET} --network NO --category security --description "Checking directories in logrotate configuration" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking which directories can be found in logrotate configuration" FIND=`${LOGROTATEBINARY} -d -v /etc/logrotate.conf 2>&1 | egrep "considering log|skipping" | grep -v '*' | sort -u | awk '{ if ($2=="log") { print $3 } }' | sed 's@/[^/]*$@@g' | sort -u` @@ -298,7 +298,7 @@ # Test : LOGG-2152 # Description : Check for Solaris 'loghost' entry in /etc/inet/hosts, or # succesful resolving via DNS or any other name service. - Register --test-no LOGG-2152 --weight L --os Solaris --network NO --description "Checking loghost" + Register --test-no LOGG-2152 --weight L --os Solaris --network NO --category security --description "Checking loghost" if [ ${SKIPTEST} -eq 0 ]; then # Try local hosts file LogText "Result: Checking for loghost in /etc/inet/hosts" @@ -338,7 +338,7 @@ # Description : Check to see if remote logging is enabled # Notes : prevent lines showing up with commands in it (like |mail) if [ ${SYSLOG_DAEMON_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no LOGG-2154 --preqs-met ${PREQS_MET} --weight L --network NO --description "Checking syslog configuration file" + Register --test-no LOGG-2154 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking syslog configuration file" if [ ${SKIPTEST} -eq 0 ]; then if [ ${SYSLOG_NG_RUNNING} -eq 1 ]; then SYSLOGD_CONF="/etc/syslog-ng/syslog-ng.conf" @@ -381,7 +381,7 @@ # Test : LOGG-2160 # Description : Check for /etc/newsyslog.conf (FreeBSD/OpenBSD) if [ -f /etc/newsyslog.conf ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no LOGG-2160 --preqs-met ${PREQS_MET} --weight L --network NO --description "Checking /etc/newsyslog.conf" + Register --test-no LOGG-2160 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking /etc/newsyslog.conf" if [ ${SKIPTEST} -eq 0 ]; then LogText "Result: /etc/newsyslog.conf found" Display --indent 2 --text "- Checking /etc/newsyslog.conf" --result "${STATUS_FOUND}" --color GREEN @@ -394,7 +394,7 @@ # Test : LOGG-2162 # Description : Check for directories in /etc/newsyslog.conf if [ -f /etc/newsyslog.conf ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no LOGG-2162 --preqs-met ${PREQS_MET} --weight L --network NO --description "Checking directories in /etc/newsyslog.conf" + Register --test-no LOGG-2162 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking directories in /etc/newsyslog.conf" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: parsing directories from /etc/newsyslog.conf file" FIND=`awk '/^\// { print $1 }' /etc/newsyslog.conf | sed 's/\/*[a-zA-Z_.-]*$//g' | sort -u` @@ -414,7 +414,7 @@ # Test : LOGG-2164 # Description : Check for files in /etc/newsyslog.conf if [ -f /etc/newsyslog.conf ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no LOGG-2164 --preqs-met ${PREQS_MET} --weight L --network NO --description "Checking files specified /etc/newsyslog.conf" + Register --test-no LOGG-2164 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking files specified /etc/newsyslog.conf" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: parsing files from /etc/newsyslog.conf file" FIND=`awk '/^\// { print $1 }' /etc/newsyslog.conf | sort -u` @@ -432,7 +432,7 @@ # # Test : LOGG-2170 # Description : Search available log paths - Register --test-no LOGG-2170 --weight L --network NO --description "Checking log paths" + Register --test-no LOGG-2170 --weight L --network NO --category security --description "Checking log paths" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Searching log paths" for I in ${LOG_FILES_LOCS}; do @@ -450,7 +450,7 @@ # # Test : LOGG-2180 # Description : Search open log file - Register --test-no LOGG-2180 --weight L --network NO --description "Checking open log files" + Register --test-no LOGG-2180 --weight L --network NO --category security --description "Checking open log files" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: checking open log files with lsof" if [ ! "${LSOFBINARY}" = "" ]; then @@ -472,7 +472,7 @@ # Test : LOGG-2190 # Description : Checking deleted files if [ ! "${LSOFBINARY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no LOGG-2190 --preqs-met ${PREQS_MET} --weight L --network NO --description "Checking for deleted files in use" + Register --test-no LOGG-2190 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking for deleted files in use" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: checking deleted files that are still in use" |