# # Script to compress and move Helix Server structured audit logs # # (C) 2015 Perforce Software # # Implementation assumptions and suggestions: # - Assumes the rotated log files are named audit-nnn.csv # - Do NOT configure your log files to be placed in $P4ROOT # - Set TARGETDIR below # export SDP_INSTANCE=${SDP_INSTANCE:-Undefined} export SDP_INSTANCE=${1:-$SDP_INSTANCE} if [[ $SDP_INSTANCE == Undefined ]]; then echo "Instance parameter not supplied." echo "You must supply the Perforce instance as a parameter to this script." exit 1 fi . /p4/common/bin/p4_vars $SDP_INSTANCE HTDLOG=${P4LOGS}/htd_move.log TARGETDIR=/data1/ingest $P4BIN logrotate -l audit numfiles=$(ls ${P4LOGS}/audit-*.csv 2> /dev/null | wc -l) echo "$numfiles log files found" > $HTDLOG if [ "$numfiles" -gt 0 ];then for EACH in `ls ${P4LOGS}/audit-*.csv` do echo -n "${EACH}: Compressing... " >> $HTDLOG gzip -9 ${EACH} echo -n "Moving..." >> $HTDLOG mv ${EACH}.gz ${TARGETDIR} done fi echo "Done!" >> $HTDLOG
# | Change | User | Description | Committed | |
---|---|---|---|---|---|
#6 | 26652 | Robert Cowham |
This is Tom's change: Introduced new 'Unsupported' directory to clarify that some files in the SDP are not officially supported. These files are samples for illustration, to provide examples, or are deprecated but not yet ready for removal from the package. The Maintenance and many SDP triggers have been moved under here, along with other SDP scripts and triggers. Added comments to p4_vars indicating that it should not be edited directly. Added reference to an optional site_global_vars file that, if it exists, will be sourced to provide global user settings without needing to edit p4_vars. As an exception to the refactoring, the totalusers.py Maintenance script will be moved to indicate that it is supported. Removed settings to support long-sunset P4Web from supported structure. Structure under new .../Unsupported folder is: Samples/bin Sample scripts. Samples/triggers Sample trigger scripts. Samples/triggers/tests Sample trigger script tests. Samples/broker Sample broker filter scripts. Deprecated/triggers Deprecated triggers. To Do in a subsequent change: Make corresponding doc changes. |
||
#5 | 18799 | C. Thomas Tyler |
chmod +x htd_move_logs.sh Bypassing pre-commit review since it's just a 'chmod +x'; no content change. #review-18800 @russell_jackson |
||
#4 | 18523 | Russell C. Jackson (Rusty) |
Update from discussion with Charlie. Tested and reviewed with Charlies, so direct submit. |
||
#3 | 18485 | Russell C. Jackson (Rusty) | Corrected -l name, it needs the full path/filename. | ||
#2 | 18482 | Russell C. Jackson (Rusty) | Added -l audit to limit this to the audit log. | ||
#1 | 18282 | Russell C. Jackson (Rusty) |
Script to move audit logs to a target location for ingestion by Helix Threat Detection #review-18275 |