Merge branch 'ent-13163-modificar-opciones-por-defecto-linux-de-parseo-de-logs' into 'develop'

Modify grep_log_module See merge request artica/pandorafms!7066
2024-04-10 13:09:43 +00:00 · 2024-04-10 13:09:43 +00:00 · 2749881d30
parent 0a6c05a686 e64b03f476
commit 2749881d30
7 changed files with 30 additions and 67 deletions
--- a/pandora_agents/pc/Linux/pandora_agent.conf
+++ b/pandora_agents/pc/Linux/pandora_agent.conf
@ -234,16 +234,6 @@ module_description Number of cron task files
 module_unit files
 module_end

-# This module /var/log/syslog file, under the module name "syslog"
-# And search for "ssh" string into it, sending only that information.
-module_begin                    
-module_name Syslog   
-module_description Search for ssh string into /var/log/syslog file          
-module_type log                
-module_regexp /var/log/syslog
-module_pattern ssh
-module_end
-
 #Hardening plugin for security compliance analysis. Enable to use it.
 #module_begin
 #module_plugin /usr/share/pandora_agent/plugins/pandora_hardening -t 150
@ -310,11 +300,15 @@ module_plugin pandora_df
 #module_description Postcondition test module
 #module_end

+# This plugin runs several security checks in a Linux system
+
+#module_plugin pandora_security_check
+
 # Extraction module example
 #module_begin                    
-#module_name Collector   
-#module_description Logs extraction module           
+#module_name Syslog   
+#module_description Gets all logs from system messages
 #module_type log                
-#module_regexp /var/log/logfile.log
+#module_regexp /var/log/messages
 #module_pattern .*
 #module_end
--- a/pandora_agents/pc/Win32/pandora_agent.conf
+++ b/pandora_agents/pc/Win32/pandora_agent.conf
@ -1,6 +1,6 @@
 # Base config file for Pandora FMS Windows Agent
 # (c) 2006-2023 Pandora FMS 
-# Version 7.0NG.776
+# Version 7.0NG.776
 # This program is Free Software, you can redistribute it and/or modify it
 # under the terms of the GNU General Public Licence as published by the Free Software
 # Foundation; either version 2 of the Licence or any later version
@ -354,11 +354,11 @@ module_plugin cscript.exe //B "%ProgramFiles%\Pandora_Agent\util\df.vbs"
 #module_description Postcondition test module
 #module_end

-# Example of collector module 
+# Logs extraction 
 #module_begin                    
-#module_name Collector   
-#module_description Logs extraction module           
+#module_name Syslog
+#module_description Gets all logs from system messages
 #module_type log                
-#module_regexp /var/log/logfile.log
+#module_regexp C:\server\logs\messages
 #module_pattern .*
 #module_end
--- a/pandora_agents/shellscript/linux/pandora_agent.conf
+++ b/pandora_agents/shellscript/linux/pandora_agent.conf
@ -163,26 +163,16 @@ module_end
 #module_absoluteinterval 7d
 #module_end

-# This module parses /var/log/syslog file, under the module name "syslog"
-# And search for "ssh" string into it, sending only that information.
-module_begin                    
-module_name Syslog   
-module_description Search for ssh string into /var/log/syslog file          
-module_type log                
-module_regexp /var/log/syslog
-module_pattern ssh
-module_end
-
 # Plugin example

 # Plugin for inventory on the agent.
 # module_plugin inventory 1 cpu ram video nic hd cdrom software

-# Extraction module example
+# Logs extraction
 #module_begin                    
-#module_name Collector   
-#module_description Logs extraction module           
+#module_name Syslog   
+#module_description Gets all logs from system messages
 #module_type log                
-#module_regexp /var/log/logfile.log
+#module_regexp /var/log/messages
 #module_pattern .*
 #module_end
--- a/pandora_agents/shellscript/mac_osx/pandora_agent.conf
+++ b/pandora_agents/shellscript/mac_osx/pandora_agent.conf
@ -378,26 +378,16 @@ module_end
 #module_absoluteinterval 7d
 #module_end

-# This module parses /var/log/syslog file, under the module name "syslog"
-# And search for "ssh" string into it, sending only that information.
-module_begin                    
-module_name Syslog   
-module_description Log collection modules         
-module_type log                
-module_regexp /var/log/syslog
-module_pattern ssh
-module_end
-
 # Plugin example

 # Plugin for inventory on the agent.
 # module_plugin inventory 1 cpu ram video nic hd cdrom software

-# Extraction module example
+# Logs extraction
 #module_begin                    
-#module_name Collector   
-#module_description Logs extraction module           
+#module_name Syslog   
+#module_description Gets all logs from system messages
 #module_type log                
-#module_regexp /var/log/logfile.log
+#module_regexp /var/log/messages
 #module_pattern .*
 #module_end
--- a/pandora_agents/unix/FreeBSD/pandora_agent.conf
+++ b/pandora_agents/unix/FreeBSD/pandora_agent.conf
@ -277,4 +277,10 @@ module_plugin grep_log /var/log/auth.log Syslog sshd

 # Log collection modules. Only for enterprise version, this will collect log files for forensic analysis.
 # This is for LOG monitoring, only on enterprise version
-#module_plugin grep_log_module /var/log/messages Syslog \.\*
+#module_begin                    
+#module_name Syslog
+#module_description Gets all logs from system messages 
+#module_type log                
+#module_regexp /var/log/messages
+#module_pattern .*
+#module_end
--- a/pandora_agents/unix/Linux/pandora_agent.conf
+++ b/pandora_agents/unix/Linux/pandora_agent.conf
@ -325,12 +325,3 @@ module_end
 #module_plugin /usr/share/pandora_agent/plugins/pandora_hardening -t 150
 #module_absoluteinterval 7d
 #module_end
-
-# Extraction module example
-#module_begin                    
-#module_name Collector   
-#module_description Logs extraction module           
-#module_type log                
-#module_regexp /var/log/logfile.log
-#module_pattern .*
-#module_end
--- a/pandora_agents/win32/bin/pandora_agent.conf
+++ b/pandora_agents/win32/bin/pandora_agent.conf
@ -289,14 +289,6 @@ module_plugin "%PROGRAMFILES%\Pandora_Agent\util\autodiscover.exe" --default
 #module_type generic_data_string
 #module_end

-# Get logs from Application source. Need enterprise version.
-#module_begin
-#module_name Eventlog_Application
-#module_type log
-#module_logevent
-#module_source Application
-#module_end
-
 # Example: get Network information using Agent plugin
 #module_plugin cscript //B "%ProgramFiles%\Pandora_Agent\util\nettraffic.vbs"

@ -533,10 +525,10 @@ module_plugin "%PROGRAMFILES%\Pandora_Agent\util\autodiscover.exe" --default

 # Logs extraction 
 #module_begin                    
-#module_name X_Server_log   
-#module_description Logs extraction module           
+#module_name Syslog
+#module_description Gets all logs from system messages
 #module_type log                
-#module_regexp C:\server\logs\xserver.log
+#module_regexp C:\server\logs\messages
 #module_pattern .*
 #module_end