From 970368c74e430371c8efb26cf8bf488be83a4deb Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Wed, 3 Jun 2020 09:42:44 -0400 Subject: [PATCH] Avoid logs leaking to stdout/stderr during cron jobs --- salt/curator/init.sls | 6 +++--- salt/idstools/init.sls | 2 +- salt/playbook/init.sls | 11 +++++++++-- salt/zeek/cron/packetloss.sh | 2 +- 4 files changed, 14 insertions(+), 7 deletions(-) diff --git a/salt/curator/init.sls b/salt/curator/init.sls index d064b9f20..37b4fac87 100644 --- a/salt/curator/init.sls +++ b/salt/curator/init.sls @@ -89,7 +89,7 @@ curdel: so-curatorcloseddeletecron: cron.present: - - name: /usr/sbin/so-curator-closed-delete + - name: /usr/sbin/so-curator-closed-delete > /opt/so/log/curator/cron-closed-delete.log 2>&1 - user: root - minute: '*' - hour: '*' @@ -99,7 +99,7 @@ so-curatorcloseddeletecron: so-curatorclosecron: cron.present: - - name: /usr/sbin/so-curator-close + - name: /usr/sbin/so-curator-close > /opt/so/log/curator/cron-close.log 2>&1 - user: root - minute: '*' - hour: '*' @@ -109,7 +109,7 @@ so-curatorclosecron: so-curatordeletecron: cron.present: - - name: /usr/sbin/so-curator-delete + - name: /usr/sbin/so-curator-delete > /opt/so/log/curator/cron-delete.log 2>&1 - user: root - minute: '*' - hour: '*' diff --git a/salt/idstools/init.sls b/salt/idstools/init.sls index 9bda4dd58..d145a4e15 100644 --- a/salt/idstools/init.sls +++ b/salt/idstools/init.sls @@ -39,7 +39,7 @@ idstoolsetcsync: so-ruleupdatecron: cron.present: - - name: /usr/sbin/so-rule-update.sh > /opt/so/log/idstools/download.log + - name: /usr/sbin/so-rule-update > /opt/so/log/idstools/download.log 2>&1 - user: root - minute: '1' - hour: '7' diff --git a/salt/playbook/init.sls b/salt/playbook/init.sls index a5242f561..fec93b71e 100644 --- a/salt/playbook/init.sls +++ b/salt/playbook/init.sls @@ -86,15 +86,22 @@ so-playbook: {% endif %} +playbooklogdir: + file.directory: + - name: /opt/so/log/playbook + - user: 939 + - group: 939 + - makedirs: True + so-playbooksynccron: cron.present: - - name: /usr/sbin/so-playbook-sync + - name: /usr/sbin/so-playbook-sync > /opt/so/log/playbook/sync.log 2>&1 - user: root - minute: '*/5' so-playbookruleupdatecron: cron.present: - - name: /usr/sbin/so-playbook-ruleupdate + - name: /usr/sbin/so-playbook-ruleupdate > /opt/so/log/playbook/update.log 2>&1 - user: root - minute: '1' - hour: '6' \ No newline at end of file diff --git a/salt/zeek/cron/packetloss.sh b/salt/zeek/cron/packetloss.sh index 51812edf5..c8750dd92 100755 --- a/salt/zeek/cron/packetloss.sh +++ b/salt/zeek/cron/packetloss.sh @@ -1,2 +1,2 @@ #!/bin/bash -/usr/bin/docker exec so-zeek /opt/zeek/bin/zeekctl netstats | awk '{print $(NF-2),$(NF-1),$NF}' | awk -F '[ =]' '{RCVD += $2;DRP += $4;TTL += $6} END { print "rcvd: " RCVD, "dropped: " DRP, "total: " TTL}' >> /nsm/zeek/logs/packetloss.log +/usr/bin/docker exec so-zeek /opt/zeek/bin/zeekctl netstats | awk '{print $(NF-2),$(NF-1),$NF}' | awk -F '[ =]' '{RCVD += $2;DRP += $4;TTL += $6} END { print "rcvd: " RCVD, "dropped: " DRP, "total: " TTL}' >> /nsm/zeek/logs/packetloss.log 2>&1