References #211 (comment)
Issue to track change proposal. @ostefano which config file is best to use to store the default settings (item 3 & 4)?
- In Dockerfile: Add COPY rsyslog file /etc/rsyslog.d/40-misp.conf
# Enable slash in program names
global(parser.PermitSlashInProgramname="on")
if ($programname == '/var/www/MISP/app/tmp/logs/' or $programname == 'mispsyslog') then {
action(type="omfile" file="/var/www/MISP/app/tmp/logs/mispsyslog.log" fileOwner="root" fileGroup="root" fileCreateMode="0644")
& stop
}
- In Dockerfile: Add COPY logrotate file /etc/logrotate.d/misp
/var/www/MISP/app/tmp/logs/mispsyslog.log
{
su root root
rotate 8
dateext
missingok
notifempty
compress
weekly
size 50M
maxsize 500M
copytruncate
}
- Set MISP syslog identifier (
Security.syslog_ident=mispsyslog)
- In
core/files/etc/misp-docker/critical.defaults.json or core/files/etc/misp-docker/minimum_config.envars.json?
- Enable MISP syslog (
Security.syslog_ident=true)
- In
core/files/etc/misp-docker/critical.defaults.json or core/files/etc/misp-docker/minimum_config.envars.json?
- Add a paragraph in README.md
References #211 (comment)
Issue to track change proposal. @ostefano which config file is best to use to store the default settings (item 3 & 4)?
Security.syslog_ident=mispsyslog)core/files/etc/misp-docker/critical.defaults.jsonorcore/files/etc/misp-docker/minimum_config.envars.json?Security.syslog_ident=true)core/files/etc/misp-docker/critical.defaults.jsonorcore/files/etc/misp-docker/minimum_config.envars.json?