wizard: auto-detect ssh.service correctly on deb distros when auth.log is missing (fix #2175) (#2176)
This commit is contained in:
parent
3041023ed8
commit
0d1adfc7db
2 changed files with 13 additions and 6 deletions
2
debian/control
vendored
2
debian/control
vendored
|
@ -1,6 +1,6 @@
|
||||||
Source: crowdsec
|
Source: crowdsec
|
||||||
Maintainer: Crowdsec Team <debian@crowdsec.net>
|
Maintainer: Crowdsec Team <debian@crowdsec.net>
|
||||||
Build-Depends: debhelper, jq, bash, git
|
Build-Depends: debhelper, bash, git
|
||||||
|
|
||||||
Package: crowdsec
|
Package: crowdsec
|
||||||
Architecture: any
|
Architecture: any
|
||||||
|
|
17
wizard.sh
17
wizard.sh
|
@ -60,14 +60,21 @@ ACTION=""
|
||||||
DEBUG_MODE="false"
|
DEBUG_MODE="false"
|
||||||
FORCE_MODE="false"
|
FORCE_MODE="false"
|
||||||
|
|
||||||
SUPPORTED_SERVICES='apache2
|
# the ssh service has different names on deb vs rpm-based distros
|
||||||
|
if [[ -f "/etc/debian_version" ]]; then
|
||||||
|
SSH_NAME="ssh"
|
||||||
|
else
|
||||||
|
SSH_NAME="sshd"
|
||||||
|
fi
|
||||||
|
|
||||||
|
SUPPORTED_SERVICES="apache2
|
||||||
httpd
|
httpd
|
||||||
nginx
|
nginx
|
||||||
sshd
|
$SSH_NAME
|
||||||
mysql
|
mysql
|
||||||
telnet
|
telnet
|
||||||
smb
|
smb
|
||||||
'
|
"
|
||||||
|
|
||||||
|
|
||||||
HTTP_PLUGIN_BINARY="./plugins/notifications/http/notification-http"
|
HTTP_PLUGIN_BINARY="./plugins/notifications/http/notification-http"
|
||||||
|
@ -162,7 +169,7 @@ detect_services () {
|
||||||
declare -A log_input_tags
|
declare -A log_input_tags
|
||||||
log_input_tags[apache2]='type: apache2'
|
log_input_tags[apache2]='type: apache2'
|
||||||
log_input_tags[nginx]='type: nginx'
|
log_input_tags[nginx]='type: nginx'
|
||||||
log_input_tags[sshd]='type: syslog'
|
log_input_tags[$SSH_NAME]='type: syslog'
|
||||||
log_input_tags[rsyslog]='type: syslog'
|
log_input_tags[rsyslog]='type: syslog'
|
||||||
log_input_tags[telnet]='type: telnet'
|
log_input_tags[telnet]='type: telnet'
|
||||||
log_input_tags[mysql]='type: mysql'
|
log_input_tags[mysql]='type: mysql'
|
||||||
|
@ -172,7 +179,7 @@ log_input_tags[linux]="type: syslog"
|
||||||
declare -A log_locations
|
declare -A log_locations
|
||||||
log_locations[apache2]='/var/log/apache2/*.log,/var/log/*httpd*.log,/var/log/httpd/*log'
|
log_locations[apache2]='/var/log/apache2/*.log,/var/log/*httpd*.log,/var/log/httpd/*log'
|
||||||
log_locations[nginx]='/var/log/nginx/*.log,/usr/local/openresty/nginx/logs/*.log'
|
log_locations[nginx]='/var/log/nginx/*.log,/usr/local/openresty/nginx/logs/*.log'
|
||||||
log_locations[sshd]='/var/log/auth.log,/var/log/sshd.log,/var/log/secure'
|
log_locations[$SSH_NAME]='/var/log/auth.log,/var/log/sshd.log,/var/log/secure'
|
||||||
log_locations[rsyslog]='/var/log/syslog'
|
log_locations[rsyslog]='/var/log/syslog'
|
||||||
log_locations[telnet]='/var/log/telnetd*.log'
|
log_locations[telnet]='/var/log/telnetd*.log'
|
||||||
log_locations[mysql]='/var/log/mysql/error.log'
|
log_locations[mysql]='/var/log/mysql/error.log'
|
||||||
|
|
Loading…
Reference in a new issue