#!/bin/sh # # Script to compress and move Helix Server structured audit logs # # (C) 2015 Perforce Software # # Implementation assumptions and suggestions: # - Assumes the rotated log files are named audit-nnn.csv # - Do NOT configure your log files to be placed in $P4ROOT # - Set TARGETDIR below # export SDP_INSTANCE=${SDP_INSTANCE:-Undefined} export SDP_INSTANCE=${1:-$SDP_INSTANCE} if [[ $SDP_INSTANCE == Undefined ]]; then echo "Instance parameter not supplied." echo "You must supply the Perforce instance as a parameter to this script." exit 1 fi . /p4/common/bin/p4_vars $SDP_INSTANCE HTDLOG=${P4LOGS}/htd_move.log TARGETDIR=/data1/ingest $P4BIN logrotate -l ${P4LOGS}/audit.csv cd ${P4LOGS} FILEID=${HOSTNAME}.${P4SERVER}.$(date +%Y-%m-%d-%H-%M-%S-%N) numfiles=$(ls audit-*.csv 2> /dev/null | wc -l) echo "$numfiles log files found" > $HTDLOG if [ "$numfiles" -gt 0 ];then for EACH in `ls audit-*.csv` do mv $EACH ${EACH}.${FILEID} echo -n "${EACH}.${FILEID}: Compressing... " >> $HTDLOG gzip -9 ${EACH}.${FILEID} echo -n "Moving..." >> $HTDLOG mv ${EACH}.${FILEID}.gz ${TARGETDIR} done fi echo "Done!" >> $HTDLOG # # END
# | Change | User | Description | Committed | |
---|---|---|---|---|---|
#1 | 19278 | trina | "Forking branch Main of perforce-software-sdp to trina-sdp." | ||
//guest/perforce_software/sdp/main/Server/Unix/p4/common/bin/htd_move_logs.sh | |||||
#2 | 18961 | C. Thomas Tyler | Released: SDP/MultiArch/2016.1/18958 (2016/04/08). | ||
#1 | 18530 | Russell C. Jackson (Rusty) | Update main from dev. | ||
//guest/perforce_software/sdp/dev/Server/Unix/p4/common/bin/htd_move_logs.sh | |||||
#4 | 18523 | Russell C. Jackson (Rusty) |
Update from discussion with Charlie. Tested and reviewed with Charlies, so direct submit. |
||
#3 | 18485 | Russell C. Jackson (Rusty) | Corrected -l name, it needs the full path/filename. | ||
#2 | 18482 | Russell C. Jackson (Rusty) | Added -l audit to limit this to the audit log. | ||
#1 | 18282 | Russell C. Jackson (Rusty) |
Script to move audit logs to a target location for ingestion by Helix Threat Detection #review-18275 |