Tag: linux

Posted on

Watching log files

Multitail is a nice utility to watch multiple log files at once. It also can color the output.

I usually use the command like this:

multitail -s 2 /var/log/apache2/site01_access.log /var/log/apache2/site02_access.log

http://www.vanheusden.com/multitail/index.php

Posted on

Deployment Script WIP

This is a work in progress…

#!/bin/sh
SOURCEPATH=’/var/git/working_copies/website/webroot/’
DESTPATH=’/var/www/website/webroot’
DESTUSER=’deploy’
LOGFILE=’/var/log/website_rsync.log’
SUBJECT=”website.com  Prod Updated:from MANAGE01SRV”
EMAIL=”me@me.com
EMAILCC=”me@me.com
echo “Job started at: `/bin/date`” > $LOGFILE
for SERVER in web01 web02 web03 web04
if $SERVER = “web01” then NSSRV = “wb01”
else NSSRV = “wb02”
do
ssh nsroot@netscaler ‘disable server site01_$NSSRV’
ssh $DESTUSER@$SERVER service apache2 stop >> $LOGFILE
rsync -avc –delete –exclude=”.git” –exclude=”var/” –exclude=”.gitignore” –rsh=ssh $SOURCEPATH $DESTUSER@$SERVER:$DESTPATH 2>&1 >> $LOGFILE
ssh $DESTUSER@$SERVER rm -rf $DESTPATH/var/cache/*
ssh $DESTUSER@$SERVER /var/scripts/fixperms.sh >> $LOGFILE
ssh $DESTUSER@$SERVER service apache2 start >> $LOGFILE
ssh nsroot@netscaler ‘enable server site01_$NSSRV’
done
echo “Job completed at: `/bin/date`” >> $LOGFILE
/usr/bin/mail -s “$SUBJECT” “$EMAIL” < $LOGFILE
Posted on

Installing mod_security

sudo aptitude install libapache2-modsecurity

sudo mkdir /etc/apache2/modsecurity

sudo vi /etc/apache2/conf.d/modsecurity.conf

## /etc/init.d/apache2/conf.d/modsecurity.conf
Include modsecurity/*.conf

cd /etc/apache2/modsecurity/

sudo cp -R /usr/share/modsecurity-crs/base_rules/* .

sudo vi /etc/apache2/modsecurity/modsecurity_crs_20_protocol_violations.conf

Replace this line:

SecRule REQBODY_ERROR “!@eq 0” \


with this one:

SecRule REQBODY_PROCESSOR_ERROR “!@eq 0” \ 

sudo service apache2 restart

cat /var/log/apache2/error.log | grep modsecurity

Posted on

Check Disk IO – Nagios

Quick steps to start checking disk i/o with nagios.

  1. wget  –no-check-certificate https://trac.id.ethz.ch/projects/nagios_plugins/downloads/check_diskio-3.2.3.tar.gz
  2. tar -xzvf check_diskio-3.2.3.tar.gz
  3. cd check_diskio-3.2.3
  4. vi check_diskio
    1. change line 1 to #!/usr/bin/perl, save and exit.
  5. apt-get install libnagios-plugin-perl libarray-unique-perl libfile-slurp-perl liblist-moreutils-perl libnumber-format-perl libreadonly-perl
  6. cp check_diskio /usr/local/icinga/libexec/check_diskio.pl
  7. vi /usr/local/icinga/etc/nrpe.cfg
    1. add the following line: command[check_diskio]=/usr/local/icinga/libexec/check_diskio.pl -d /dev/dm-0 -w 200 -c 300
    2. killall nrpe
    3. /usr/local/icinga/bin/nrpe -n -c /usr/local/icinga/etc/nrpe.cfg -d to restart nrpe daemon.
  8. modify config accordingly on the server and restart icinga.

Test:

./check_diskio -d / -w 200 -c 300

Posted on

SNMP Configuration for linux hosts

Configuration

Move existing /etc/snmp/snmpd.conf configuration file to /etc/snmp/snmpd.conf.orig then
mv /etc/snmp/snmpd.conf  /etc/snmp/snmpd.conf.org
Create a new /etc/snmp/snmpd.conf file:
rocommunity  public
syslocation  “Ashburn colo”
syscontact  ops@company.com
Make snmpd use the newly created file and make it listen to all interfaces:
Edit /etc/default/snmpd
Change from:
# snmpd options (use syslog, close stdin/out/err).
SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1′
To:
# snmpd options (use syslog, close stdin/out/err).
#SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1′
SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf’
and restart snmpd
/etc/init.d/snmpd restart