Tue May 7 08:49:28 2013 UTC ()
Import logrider-0.2 as sysutils/logrider, packaged for wip by Franck Lesage.

LogRider is my attempt to improve a popular LogCheck/LogSentry utility.
LogCheck uses egrep for periodically scanning system logs for specific
alert/hacking signatures based on set of static filters. LogRider is
rewritten from scratch with lot of important features added:
1. Strings caught by any filter are excluded from processing by next filters.
2. Actual filters are composed from the set of small sub-filters located
   in directories that name is given as filter name. Each subfilter
   contains messages generated by one service. You can easily put additional
   filters for checking additional services without modification of
   already existing program and configuration.
3. Configuration is separated from program and moved to standalone file.
   This means that LogRider may be easily adopted to new platform without
   modification of program core, and may be easily used for checking multiple
   logfiles by different filters.


(wiz)
diff -r0 -r1.1 pkgsrc/sysutils/logrider/DESCR
diff -r0 -r1.1 pkgsrc/sysutils/logrider/MESSAGE
diff -r0 -r1.1 pkgsrc/sysutils/logrider/Makefile
diff -r0 -r1.1 pkgsrc/sysutils/logrider/PLIST
diff -r0 -r1.1 pkgsrc/sysutils/logrider/distinfo
diff -r0 -r1.1 pkgsrc/sysutils/logrider/patches/patch-logtail.sh
File Added: pkgsrc/sysutils/logrider/DESCR
LogRider is my attempt to improve a popular LogCheck/LogSentry utility.
LogCheck uses egrep for periodically scanning system logs for specific
alert/hacking signatures based on set of static filters. LogRider is
rewritten from scratch with lot of important features added:
1. Strings caught by any filter are excluded from processing by next filters.
2. Actual filters are composed from the set of small sub-filters located
   in directories that name is given as filter name. Each subfilter
   contains messages generated by one service. You can easily put additional
   filters for checking additional services without modification of
   already existing program and configuration.
3. Configuration is separated from program and moved to standalone file.
   This means that LogRider may be easily adopted to new platform without
   modification of program core, and may be easily used for checking multiple
   logfiles by different filters.
File Added: pkgsrc/sysutils/logrider/MESSAGE
===========================================================================
$NetBSD: MESSAGE,v 1.1 2013/05/07 08:49:28 wiz Exp $

Don't forget to add a crontab line to run logrider.sh.
===========================================================================
File Added: pkgsrc/sysutils/logrider/Makefile
# $NetBSD: Makefile,v 1.1 2013/05/07 08:49:28 wiz Exp $
#

DISTNAME=	logrider-0.2
CATEGORIES=	sysutils
MASTER_SITES=	http://ilya-evseev.narod.ru/posix/logrider/
EXTRACT_SUFX=	.zip

MAINTAINER=     francksys@free.fr
HOMEPAGE=	http://ilya-evseev.narod.ru/posix/logrider/
COMMENT=	Monitor system logs for alerts
LICENSE=	gnu-gpl-v2

NO_CHECKSUM=yes
EXTRACT_DIR=	${WRKDIR}/${DISTNAME}
USE_LANGUAGES=	# none

NO_BUILD=	YES
USE_TOOLS+=	bash
REPLACE_BASH=	logrider.sh logtail.sh
PATCH_STRIP=    -p1

SUBST_CLASSES+=               config_dir
SUBST_STAGE.config_dir=      post-extract
SUBST_MESSAGE.config_dir=    Replacing directories
SUBST_FILES.config_dir=      logrider.conf logrider.sh
SUBST_SED.config_dir=        -E -e 's|CONF_DIR(:?)=/etc|CONF_DIR\1=${PKG_SYSCONFDIR}|'

SUBST_CLASSES+=                 conf_bin_tail
SUBST_STAGE.conf_bin_tail=      post-extract
SUBST_MESSAGE.conf_bin_tail=    Replacing directories
SUBST_FILES.conf_bin_tail=      logrider.conf logrider.sh
SUBST_SED.conf_bin_tail=        -E -e 's|LOGTAIL(:?)=/usr|LOGTAIL\1=${PREFIX}|'


BUILD_DEFS+=		VARBASE
EGDIR=			${PREFIX}/share/examples/logrider
INSTALLATION_DIRS=	bin ${EGDIR} ${EGDIR}/violations_ignore
OWN_DIRS=		${PKG_SYSCONFDIR}/logrider ${PKG_SYSCONFDIR}/logrider/violations_ignore ${VARBASE}/lib/logrider

CONF_FILES= ${EGDIR}/logrider.conf ${PKG_SYSCONFDIR}/logrider/logrider.conf
CONF_FILES+= ${EGDIR}/hacking ${PKG_SYSCONFDIR}/logrider/hacking
CONF_FILES+= ${EGDIR}/ignore ${PKG_SYSCONFDIR}/logrider/ignore
CONF_FILES+= ${EGDIR}/violations ${PKG_SYSCONFDIR}/logrider/violations
CONF_FILES+= ${EGDIR}/violations_ignore/cvspserver ${PKG_SYSCONFDIR}/logrider/violations_ignore/cvspserver
CONF_FILES+= ${EGDIR}/violations_ignore/ftp ${PKG_SYSCONFDIR}/logrider/violations_ignore/ftp
CONF_FILES+= ${EGDIR}/violations_ignore/misc ${PKG_SYSCONFDIR}/logrider/violations_ignore/misc
CONF_FILES+= ${EGDIR}/violations_ignore/nsfbackup ${PKG_SYSCONFDIR}/logrider/violations_ignore/nsfbackup
CONF_FILES+= ${EGDIR}/violations_ignore/postfix ${PKG_SYSCONFDIR}/logrider/violations_ignore/postfix
CONF_FILES+= ${EGDIR}/violations_ignore/drweb-postfix ${PKG_SYSCONFDIR}/logrider/violations_ignore/drweb-postfix
CONF_FILES+= ${EGDIR}/violations_ignore/microbackup ${PKG_SYSCONFDIR}/logrider/violations_ignore/microbackup
CONF_FILES+= ${EGDIR}/violations_ignore/named ${PKG_SYSCONFDIR}/logrider/violations_ignore/named
CONF_FILES+= ${EGDIR}/violations_ignore/pam ${PKG_SYSCONFDIR}/logrider/violations_ignore/pam
CONF_FILES+= ${EGDIR}/violations_ignore/sshd ${PKG_SYSCONFDIR}/logrider/violations_ignore/sshd

V_IGNORE=		${WRKSRC}/violations_ignore

do-install:
	${INSTALL_SCRIPT} ${WRKSRC}/logtail.sh ${DESTDIR}${PREFIX}/bin
	${INSTALL_SCRIPT} ${WRKSRC}/logrider.sh ${DESTDIR}${PREFIX}/bin

	${INSTALL_DATA} ${WRKSRC}/ignore ${DESTDIR}${EGDIR}
	${INSTALL_DATA} ${WRKSRC}/logrider.conf ${DESTDIR}${EGDIR}
	${INSTALL_DATA} ${WRKSRC}/hacking ${DESTDIR}${EGDIR}
	${INSTALL_DATA} ${WRKSRC}/violations ${DESTDIR}${EGDIR}

	cd ${V_IGNORE} && for example in *; do \
			${INSTALL_DATA} "$${example}" ${DESTDIR}${EGDIR}/violations_ignore; \
			done

.include "../../mk/bsd.pkg.mk"
File Added: pkgsrc/sysutils/logrider/PLIST
@comment $NetBSD: PLIST,v 1.1 2013/05/07 08:49:28 wiz Exp $
bin/logrider.sh
bin/logtail.sh
share/examples/logrider/ignore
share/examples/logrider/hacking
share/examples/logrider/violations
share/examples/logrider/logrider.conf
share/examples/logrider/violations_ignore/cvspserver
share/examples/logrider/violations_ignore/drweb-postfix
share/examples/logrider/violations_ignore/ftp
share/examples/logrider/violations_ignore/microbackup
share/examples/logrider/violations_ignore/misc
share/examples/logrider/violations_ignore/named
share/examples/logrider/violations_ignore/nsfbackup
share/examples/logrider/violations_ignore/pam
share/examples/logrider/violations_ignore/postfix
share/examples/logrider/violations_ignore/sshd
File Added: pkgsrc/sysutils/logrider/distinfo
$NetBSD: distinfo,v 1.1 2013/05/07 08:49:28 wiz Exp $

SHA1 (logrider-0.2.zip) = d23c030d29f5776a8897a393cb4f61f37cde128d
RMD160 (logrider-0.2.zip) = 5f63fea34cf322b28f30eb291f6409178f489f4a
Size (logrider-0.2.zip) = 12242 bytes
SHA1 (patch-logtail.sh) = cdf37c97607654124b8bdd341606e25e47444e0e
File Added: pkgsrc/sysutils/logrider/patches/patch-logtail.sh
$NetBSD: patch-logtail.sh,v 1.1 2013/05/07 08:49:28 wiz Exp $

# Replace stat arguments with NetBSD ones
--- work/logtail.sh.orig	2003-04-14 00:56:00.000000000 +0000
+++ work/logtail.sh	2013-05-05 07:23:46.000000000 +0000
@@ -29,9 +29,9 @@
 	[ -z "$SAVED_INODE" ] && SAVED_INODE=0
 	[ -z "$SAVED_POS"   ] && SAVED_POS=0
 
-	set abc `stat -lt $LOGFILE`
-	ACTUAL_LOGSIZE=$3
-	ACTUAL_INODE=$9
+	set abc `stat -f "%z %i" $LOGFILE`
+	ACTUAL_LOGSIZE=$2
+	ACTUAL_INODE=$3
 	$doit : $2, logsize=$ACTUAL_LOGSIZE, inode=$ACTUAL_INODE
 
 	[ -z "$ACTUAL_LOGSIZE" ] && ACTUAL_LOGSIZE=0