mirrors/crowdsec
1
0
Fork 0
mirror of https://github.com/crowdsecurity/crowdsec.git synced 2025-05-11 04:15:54 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Enable detection of httpd (#512)

Browse source 
* Enable detection of `httpd` on centos

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
This commit is contained in:
Shivam Sandbhor 2020-12-23 14:17:49 +05:30 committed by GitHub
parent 9a1babc365
commit a63b6729bf
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

9
wizard.sh
View file

@ -48,6 +48,7 @@ DEBUG_MODE="false"
FORCE_MODE="false" FORCE_MODE="false"
SUPPORTED_SERVICES='apache2 SUPPORTED_SERVICES='apache2
httpd
nginx nginx
sshd sshd
mysql mysql
@ -96,6 +97,12 @@ detect_services () {
for SRC in "${SYSTEMD_SERVICES}" "${PSAX}" ; do for SRC in "${SYSTEMD_SERVICES}" "${PSAX}" ; do
echo ${SRC} | grep ${SVC} >/dev/null echo ${SRC} | grep ${SVC} >/dev/null
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
#on centos, apache2 is named httpd
if [[ ${SVC} == "httpd" ]] ; then
SVC="apache2";
fi
DETECTED_SERVICES+=(${SVC}) DETECTED_SERVICES+=(${SVC})
HMENU+=(${SVC} "on") HMENU+=(${SVC} "on")
log_info "Found '${SVC}' running" log_info "Found '${SVC}' running"
@ -134,7 +141,7 @@ log_input_tags[smb]='type: smb'
log_input_tags[linux]="type: syslog" log_input_tags[linux]="type: syslog"
declare -A log_locations declare -A log_locations
log_locations[apache2]='/var/log/apache2/*.log,/var/log/*httpd*.log' log_locations[apache2]='/var/log/apache2/*.log,/var/log/*httpd*.log,/var/log/httpd/*log'
log_locations[nginx]='/var/log/nginx/*.log' log_locations[nginx]='/var/log/nginx/*.log'
log_locations[sshd]='/var/log/auth.log,/var/log/sshd.log,/var/log/secure' log_locations[sshd]='/var/log/auth.log,/var/log/sshd.log,/var/log/secure'
log_locations[rsyslog]='/var/log/syslog' log_locations[rsyslog]='/var/log/syslog'