CIT 470: Advanced Network & System Administration Syslog Configuration

 

CIT 470: Advanced Network & System Administration

Syslog Configuration

Introduction:

In this lab, you will configure syslog on two VMs, with one (the server) being configured to accept remote logs and the other (the client) to send them to the server. You will write two scripts to configure many of these settings. While you are permitted to use any programming language, bash is strongly recommended; it will make performing the tasks below easier.

Requirements:

Part 1: Server Configuration

On one of your VMs, configure it to accept remote logs from TCP port 514 (do not configure the firewall yet). In root’s home directory, create a file named remotelog.conf and copy the content from the documentation below into it (make sure you replace the given port with 514).

After you create the file, please create a script that performs the following:

Verify that the root user is signed in. If it is not, terminate the script.

Disable SELinux on the VM. Use text transformation to do this.

Ensure the rsyslog service is running.

oCreate a verification check to do this. If the service is found to not be running, start and enable it. If it is running, just enable it.

Open TCP port 514 on the firewall. Restart it after doing so.

Move the remotelog.conf file from root’s home directory to the appropriate location (check the documentation).

Restart the rsyslog service after making your configurations.

Part 2: Client Configuration

On a different VM, configure it to send its syslog messages to the syslog server. In root’s home directory, create a file named 10-remotelog.conf and copy the content from the documentation below into it (make sure you replace the given port with 514 and provide the server’s IP address in place of the given domain name).

After you create the file, please create a script that does the following:

Verify that the root user is signed in. If it is not, terminate the script.

Install the ipcalc utility on the VM (use the -y option to ensure the install happens automatically).

After this, have the script give the user the option to either perform the configuration steps below or send a test syslog message to the server.

oFor the user response, ask him or her to provide words such as “configure” and “test”, or letters such as “c” and “t”.

§You may support both words and letters if you wish, but it is not required.

oMake sure that the option the user selects is the only one performed. For example, if the user selects “test”, the configuration steps below should not be run.

If the user selects the test option, the script should do the following:

oRequest your syslog server’s IP address from the user and store it as a variable.

oVerify the IP address with ipcalc -c to ensure only valid ones are used. If the address is valid, have the script continue. If it is not, terminate the script.

oSend a test message using the logger command. This message should include your client’s IP address.

If the user selects the configuration option, the script should do the following:

oDisable SELinux on the VM. Use text transformation to do this.

oEnsure the rsyslog service is running.

§Create a verification check to do this. If the service is found to not be running, start and enable it. If it is running, just enable it.

oCopy the 10-remotelog.conf file from root’s home directory to the appropriate location mentioned in the documentation.

oRestart the rsyslog service after making your configurations.

If the user provides an invalid option, tell him or her and exit the script.

Documentation & Tips:

We strongly recommend the following documentation to complete this lab. Note that other guides contain configuration methods that no longer work, so we recommend this one:

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_basic_system_settings/configuring-logging_configuring-basic-system-settings

oUse the steps that configure the server and client to use TCP. Skip the optional steps to use a custom port, as well as the others for TLS and UDP.

Here are some tips to keep in mind as you work on this lab:

To edit the SELinux files with your scripts, consider using Python’s replace() function or the sed command if writing with bash.

To check if the rsyslog service is running, consider using the exit status or the output of a command that can check it. The systemctl command has specific options that make the former easy to do.

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.

Related Posts

All Rights Reserved Terms and Conditions
College pals.com Privacy Policy 2010-2018