fichiers de config Nagios

sio2/CYBER/Nagios/nagios4.conf

@@ -0,0 +1,50 @@
+# apache configuration for nagios 4.x
+
+ScriptAlias /cgi-bin/nagios4 /usr/lib/cgi-bin/nagios4
+ScriptAlias /nagios4/cgi-bin /usr/lib/cgi-bin/nagios4
+
+# Where the stylesheets (config files) reside
+Alias /nagios4/stylesheets /etc/nagios4/stylesheets
+
+# Where the HTML pages live
+Alias /nagios4 /usr/share/nagios4/htdocs
+
+<DirectoryMatch (/usr/share/nagios4/htdocs|/usr/lib/cgi-bin/nagios4|/etc/nagios4/stylesheets)>
+    Options FollowSymLinks
+    DirectoryIndex index.php index.html
+    AllowOverride AuthConfig
+    #
+    # The default Debian nagios4 install sets use_authentication=0 in
+    # /etc/nagios4/cgi.cfg, which turns off nagos's internal authentication.
+    # This is insecure.  As a compromise this default apache2 configuration
+    # only allows private IP addresses access.
+    #
+    # The <Files>...</Files> below shows how you can secure the nagios4
+    # web site so anybody can view it, but only authenticated users can issue
+    # commands (such as silence notifications).  To do that replace the
+    # "Require all granted" with "Require valid-user", and use htdigest
+    # program from the apache2-utils package to add users to
+    # /etc/nagios4/htdigest.users.
+    #
+    # A step up is to insist all users validate themselves by moving
+    # the stanza's in the <Files>..<Files> into the <DirectoryMatch>.
+    # Then by setting use_authentication=1 in /etc/nagios4/cgi.cfg you
+    # can configure which people get to see a particular service from
+    # within the nagios configuration.
+    # 
+    Require ip	::1/128 fc00::/7 fe80::/10 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 172.16.0.0/12 192.168.0.0/16
+    <Files "cmd.cgi">
+	AuthDigestDomain "Nagios4"
+	AuthDigestProvider file
+	AuthUserFile	"/etc/nagios4/htdigest.users"
+	AuthGroupFile	"/etc/group"
+	AuthName	"Nagios4"
+	AuthType	Digest
+	Require all	granted
+	#Require	valid-user
+    </Files>
+</DirectoryMatch>
+
+<Directory /usr/share/nagios4/htdocs>
+    Options	+ExecCGI	
+</Directory>

sio2/CYBER/Nagios/srv.cfg

@@ -0,0 +1,30 @@
+define host {
+    use linux-server            ; Name of host template to use
+    host_name               srv
+    alias                   srv
+    address                 172.20.10.11
+}
+  define service{
+        use                             generic-service
+        host_name                       srv
+        service_description             WWW
+        check_command                   check_http
+}
+  define service{
+        use                             generic-service
+        host_name                       srv
+        service_description            SSH
+        check_command                   check_ssh
+}
+
+
+
+
+
+
+
+
+
+
+
+

sio2/SISR/RSYSLOG/rsyslog.con.emeteur

@@ -0,0 +1,71 @@
+# /etc/rsyslog.conf configuration file for rsyslog
+#
+# For more information install rsyslog-doc and see
+# /usr/share/doc/rsyslog-doc/html/configuration/index.html
+
+
+#################
+#### MODULES ####
+#################
+
+module(load="imuxsock") # provides support for local system logging
+module(load="imklog")   # provides kernel logging support
+#module(load="immark")  # provides --MARK-- message capability
+
+# provides UDP syslog reception
+#module(load="imudp") MACHINE DE RECEPTION
+#input(type="imudp" port="514") MACHINE DE RECEPTION
+
+# provides TCP syslog reception
+#module(load="imtcp")
+#input(type="imtcp" port="514")
+
+
+###########################
+#### GLOBAL DIRECTIVES ####
+###########################
+
+#
+# Set the default permissions for all log files.
+#
+$FileOwner root
+$FileGroup adm
+$FileCreateMode 0640
+$DirCreateMode 0755
+$Umask 0022
+
+#
+# Where to place spool and state files
+#
+$WorkDirectory /var/spool/rsyslog
+
+#
+# Include all config files in /etc/rsyslog.d/
+#
+$IncludeConfig /etc/rsyslog.d/*.conf
+
+
+###############
+#### RULES ####
+###############
+
+#
+# Log anything besides private authentication messages to a single log file
+#
+*.*;auth,authpriv.none		-/var/log/syslog
+
+#
+# Log commonly used facilities to their own log file
+#
+auth,authpriv.*			/var/log/auth.log
+cron.*				-/var/log/cron.log
+kern.*				-/var/log/kern.log
+mail.*				-/var/log/mail.log
+user.*				-/var/log/user.log
+
+#
+# Emergencies are sent to everybody logged in.
+#
+*.emerg				:omusrmsg:*
+*.* @192.168.0.21:514 # exporte tous les logs de toute gravité et de toute origine vers l'adresse 192.168.100 port UDP 514
+*.* @192.168.0.32:514 # exporte tous les logs de toute gravité et de toute origine vers l'adresse 192.168.100 port UDP 514

sio2/VAGRANT/Vagrantfile

@@ -1,14 +1,32 @@
 # -*- mode: ruby -*-
 # vi: set ft=ruby :
+
 Vagrant.configure("2") do |config|
-  config.vm.provision "shell", inline: "apt-get update -y" # execute pour chacune des machines
- 
-  config.vm.define "IDS" do |ids|#VM No'1
-    ids.vm.box = "debian/bookworm64" #Setting machine type
-    ids.vm.hostname = "IDS" #Setting machine type
-    ids.vm.network "public_network"#Set DHCP
-    ids.vm.provision "shell", inline: <<-SHELL
-     apt-get install -y wget curl vim unzip chkrootkit rkhunter fail2ban
+  # The most common configuration options are documented and commented below.
+  # For a complete reference, please see the online documentation at
+  # https://docs.vagrantup.com.
+
+  # Every Vagrant development environment requires a box. You can search for
+  # boxes at https://vagrantcloud.com/search.
+  config.vm.box = "debian/bookworm64"
+  config.vm.hostname = "nagios4"
+
+  # Disable automatic box update checking. If you disable this, then
+  # boxes will only be checked for updates when the user runs
+  # `vagrant box outdated`. This is not recommended.
+  # config.vm.box_check_update = false
+
+  # Create a public network, which generally matched to bridged network.
+  # Bridged networks make the machine appear as another physical device on
+  # your network.
+  config.vm.network "public_network"
+
+   config.vm.provision "shell", inline: <<-SHELL
+      apt-get update
+      apt-get install -y vim curl wget apache2 php nagios4 nagios-plugins-contrib
+      cp /etc/nagios4/apache2.conf /etc/apache2/sites-available/nagios4.conf
+      a2ensite nagios4.conf
+      a2enmod rewrite cgi
+      systemctl reload apache2
    SHELL
-  end
-end
+end

sio2/VAGRANT/Vagrantfile2

@@ -0,0 +1,14 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+Vagrant.configure("2") do |config|
+  config.vm.provision "shell", inline: "apt-get update -y" # execute pour chacune des machines
+ 
+  config.vm.define "IDS" do |ids|#VM No'1
+    ids.vm.box = "debian/bookworm64" #Setting machine type
+    ids.vm.hostname = "IDS" #Setting machine type
+    ids.vm.network "public_network"#Set DHCP
+    ids.vm.provision "shell", inline: <<-SHELL
+     apt-get install -y wget curl vim unzip chkrootkit rkhunter fail2ban
+   SHELL
+  end
+end