aazam Why are we classifying logs? Organize in a clear and efficient manner the records (logs) received from all client machines, so that consultation, analysis and follow-up of incidents are fast and intuitive. Classification criteria It has been decided to classify the logs primarily by machine and, within each machine, separate them by service or application … Read more
Create an archive:nano /etc/logrotate.d/logs-remots nano /etc/logrotate.d/logs-remots /var/log/remote/dns/*.log/var/log/remote/dhcp/*.log/var/log/remote/db/*.log/var/log/remote/web/*.log { daily rotate 60 compress delaycompress I’m missing notifempty create 0640 syslog adm sharedscripts postrotate systemctl reload rsyslog > /dev/null 2>&1 || true endscript} CTRL + X i Save parameter meaning rotate 60 Keeps the last 60 files (60 days if daily). compress Compress with .gz after rotating. … Read more
What is log rotation? Define the retention period of the records (logs) generated by the systems and establish an automated mechanism to manage their rotation, compression and elimination, with the aim of guaranteeing efficient management of storage space and facilitating the consultation of recent events. Conservation time Records will be kept for a maximum period … Read more
Installing rsyslog First, make sure the rsyslog service is installed: sudo dnf install rsyslog -y Once installed, activate and start the service: sudo systemctl enable rsyslog sudo systemctl start rsyslog rsyslog server configuration Enable reception of remote logs Let’s edit the main rsyslog configuration file: sudo nano /etc/rsyslog.conf Make sure to uncomment or add the … Read more
First, make sure the rsyslog service is installed: sudo dnf install rsyslog -y Once installed, activate and start the service: sudo systemctl enable rsyslog sudo systemctl start rsyslog Let’s edit the main rsyslog configuration file: sudo nano /etc/rsyslog.conf And then we add these lines same configuration on all machines
This is the machine where logs arrive Then this is one of the machines that will ping. VIDEO
The tool chosen to manage system logs will be Syslog. What is Syslog? Syslog is a standard protocol that allows you to send and centralize log messages from different devices or applications. Thanks to Syslog, we can separate the components that generate messages from those that store or process them for analysis. Each message incorporates … Read more
sudo smbpasswd -a vagrantIn order to share files between project teams, we have installed and configured the service Samba on the server. This service allows us to share local folders so that other computers on the network can access them with the corresponding permissions. Installing the Samba package First, we installed the package using the … Read more
Samba In our project we have decided to use Samba as a resource sharing service between the different teams. Although in our case we only use computers with Linux, we have chosen Samba because it offers us more possibilities in the field of compatibility, management and security, thinking not only of the present but also … Read more
1. Checking services turned on Command used: sudo systemctl status smb sudo systemctl status nmb 2. Checking open ports Command used: sudo ss -tuln | grep -E ‘139|445’ 3. List of shares Command used: smbclient -L localhost -U brayan Result: All shared folders are successfully listed 4. Connecting to a share Command used: smbclient //localhost/DocumentsEmpresa … Read more