#!/bin/sh
#
# Script to compress and move Helix Server structured audit logs
#
# (C) 2015 Perforce Software
#
# Implementation assumptions and suggestions:
# - Assumes the rotated log files are named audit-nnn.csv
# - Do NOT configure your log files to be placed in $P4ROOT
# - Set TARGETDIR below
#
export SDP_INSTANCE=${SDP_INSTANCE:-Undefined}
export SDP_INSTANCE=${1:-$SDP_INSTANCE}
if [[ $SDP_INSTANCE == Undefined ]]; then
echo "Instance parameter not supplied."
echo "You must supply the Perforce instance as a parameter to this script."
exit 1
fi
. /p4/common/bin/p4_vars $SDP_INSTANCE
HTDLOG=${P4LOGS}/htd_move.log
TARGETDIR=/data1/ingest
$P4BIN logrotate -l ${P4LOGS}/audit.csv
cd ${P4LOGS}
FILEID=${HOSTNAME}.${P4SERVER}.$(date +%Y-%m-%d-%H-%M-%S-%N)
numfiles=$(ls audit-*.csv 2> /dev/null | wc -l)
echo "$numfiles log files found" > $HTDLOG
if [ "$numfiles" -gt 0 ];then
for EACH in `ls audit-*.csv`
do
mv $EACH ${EACH}.${FILEID}
echo -n "${EACH}.${FILEID}: Compressing... " >> $HTDLOG
gzip -9 ${EACH}.${FILEID}
echo -n "Moving..." >> $HTDLOG
mv ${EACH}.${FILEID}.gz ${TARGETDIR}
done
fi
echo "Done!" >> $HTDLOG
#
# END
| # | Change | User | Description | Committed | |
|---|---|---|---|---|---|
| #2 | 20726 | Robert Cowham | Catch up from dev | ||
| #1 | 18586 | Robert Cowham | Branching using cowhamr.sdp.dev | ||
| //guest/perforce_software/sdp/dev/Server/Unix/p4/common/bin/htd_move_logs.sh | |||||
| #4 | 18523 | Russell C. Jackson (Rusty) |
Update from discussion with Charlie. Tested and reviewed with Charlies, so direct submit. |
||
| #3 | 18485 | Russell C. Jackson (Rusty) | Corrected -l name, it needs the full path/filename. | ||
| #2 | 18482 | Russell C. Jackson (Rusty) | Added -l audit to limit this to the audit log. | ||
| #1 | 18282 | Russell C. Jackson (Rusty) |
Script to move audit logs to a target location for ingestion by Helix Threat Detection #review-18275 |
||