33e19b4f52
Major features: - One-to-many correlation mode (Keep-Alive) for HTTP connections - Dynamic TTL for network events with reset on each correlation - Separate configurable buffer sizes for HTTP and network events - SIGHUP signal handling for log rotation without service restart - FileSink.Reopen() method for log file rotation - logrotate configuration included in RPM - ExecReload added to systemd service Configuration changes: - New YAML structure with nested sections (time_window, orphan_policy, matching, buffers, ttl) - Backward compatibility maintained for deprecated fields Packaging: - RPM version 1.1.0 with logrotate config - Updated spec file and changelog - All distributions: el8, el9, el10 Tests: - New tests for Keep-Alive mode and TTL reset - Updated mocks with Reopen() interface method Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
57 lines
1.6 KiB
Bash
57 lines
1.6 KiB
Bash
#!/bin/bash
|
|
# post script for logcorrelator RPM package
|
|
# Compatible with CentOS 7, Rocky Linux 8, 9, 10
|
|
|
|
set -e
|
|
|
|
# Create logcorrelator user and group
|
|
if ! getent group logcorrelator >/dev/null 2>&1; then
|
|
groupadd --system logcorrelator
|
|
fi
|
|
|
|
if ! getent passwd logcorrelator >/dev/null 2>&1; then
|
|
useradd --system \
|
|
--gid logcorrelator \
|
|
--home-dir /var/lib/logcorrelator \
|
|
--no-create-home \
|
|
--shell /usr/sbin/nologin \
|
|
logcorrelator
|
|
fi
|
|
|
|
# Create directories
|
|
mkdir -p /var/lib/logcorrelator
|
|
mkdir -p /var/log/logcorrelator
|
|
mkdir -p /var/run/logcorrelator
|
|
|
|
# Set ownership
|
|
chown -R logcorrelator:logcorrelator /var/lib/logcorrelator
|
|
chown -R logcorrelator:logcorrelator /var/log/logcorrelator
|
|
chown -R logcorrelator:logcorrelator /var/run/logcorrelator
|
|
chown -R logcorrelator:logcorrelator /etc/logcorrelator
|
|
|
|
# Set permissions
|
|
chmod 750 /var/lib/logcorrelator
|
|
chmod 750 /var/log/logcorrelator
|
|
chmod 750 /etc/logcorrelator
|
|
|
|
# Copy default config if not exists
|
|
if [ ! -f /etc/logcorrelator/logcorrelator.yml ]; then
|
|
cp /usr/share/logcorrelator/logcorrelator.yml.example /etc/logcorrelator/logcorrelator.yml
|
|
chown logcorrelator:logcorrelator /etc/logcorrelator/logcorrelator.yml
|
|
chmod 640 /etc/logcorrelator/logcorrelator.yml
|
|
fi
|
|
|
|
# Set permissions for logrotate config
|
|
if [ -f /etc/logrotate.d/logcorrelator ]; then
|
|
chmod 644 /etc/logrotate.d/logcorrelator
|
|
fi
|
|
|
|
# Reload systemd
|
|
if [ -x /bin/systemctl ]; then
|
|
systemctl daemon-reload
|
|
systemctl enable logcorrelator.service
|
|
systemctl start logcorrelator.service
|
|
fi
|
|
|
|
exit 0
|