as im still in the testing / playing with freenas phase for the next month or so, im often looking back at my CLI command history (ie # history | grep xyz ) to find commands ive used.
i wanted to have this history be somewhat persistent through reboots/FN os changes/other, and thought a good way would be to send it to my remote syslog server.
this is the rough solution i cam up with, and it works (my remote syslog server is splunk, but any should be fine).
via the webgui -> cron , add a new cront entry (via web gui so it will persist through reboots). with this command (in my case i have to set user to root) - ive set this to run every hour, which is a bit much, but i have a massive splunk syslog server, so its no big deal in my case.
grep -vwE "#+" /root/.history | sed 's/^/[FNcliLOG] /' | nc -w5 -u 10.242.244.4 8011
OR you could use logger at the end, and it will output to your local , on machine syslog (which if u have that set to relay to remote syslog, will also send to remote as well).
grep -vwE "#+" /root/.history | sed 's/^/[prefix1] /' | logger
the grep -vwE "#+" /root/.history
is just pulling out the #+ timestamps that are in every command from history (if you run cat /root/.history you will see them)
sed 's/^/[prefix1] /'
is just adding a prefix to each entry/line before sending to remote syslog (so i can easily search this stuff on the syslog, ie i used "FNcliLOG" as my prefix/keyword)
and im finally using netcat at the end to send to my splunk syslog machine via UDP, and on port 8011 . logger has the ability to send directly to a syslog, but i couldn't get that option to work (and lots on internet had same issue w logger sending out remotely, directly). so netcat does the same thing in this case. the -w5 tells netcat to wait 5 seconds for a reply, before timing out (in my case, bc of FW rules and use of UDP, nc will never get a "success" reply or "ack" so 5s timeout works great)
if anyone can tell me where on the usb boot stick to save a script on freenas (that will persist through reboots but NOT on a pool device, as pool devices are constantly changing for me during this testing), ill do a better version of this as a script called by cron, that will only send NEW History commands to the syslog (vs this rough solution which sends your ENTIRE history file/contents to remote syslog each time).
hope someone needs this.
tks!
i wanted to have this history be somewhat persistent through reboots/FN os changes/other, and thought a good way would be to send it to my remote syslog server.
this is the rough solution i cam up with, and it works (my remote syslog server is splunk, but any should be fine).
via the webgui -> cron , add a new cront entry (via web gui so it will persist through reboots). with this command (in my case i have to set user to root) - ive set this to run every hour, which is a bit much, but i have a massive splunk syslog server, so its no big deal in my case.
grep -vwE "#+" /root/.history | sed 's/^/[FNcliLOG] /' | nc -w5 -u 10.242.244.4 8011
OR you could use logger at the end, and it will output to your local , on machine syslog (which if u have that set to relay to remote syslog, will also send to remote as well).
grep -vwE "#+" /root/.history | sed 's/^/[prefix1] /' | logger
the grep -vwE "#+" /root/.history
is just pulling out the #+ timestamps that are in every command from history (if you run cat /root/.history you will see them)
sed 's/^/[prefix1] /'
is just adding a prefix to each entry/line before sending to remote syslog (so i can easily search this stuff on the syslog, ie i used "FNcliLOG" as my prefix/keyword)
and im finally using netcat at the end to send to my splunk syslog machine via UDP, and on port 8011 . logger has the ability to send directly to a syslog, but i couldn't get that option to work (and lots on internet had same issue w logger sending out remotely, directly). so netcat does the same thing in this case. the -w5 tells netcat to wait 5 seconds for a reply, before timing out (in my case, bc of FW rules and use of UDP, nc will never get a "success" reply or "ack" so 5s timeout works great)
if anyone can tell me where on the usb boot stick to save a script on freenas (that will persist through reboots but NOT on a pool device, as pool devices are constantly changing for me during this testing), ill do a better version of this as a script called by cron, that will only send NEW History commands to the syslog (vs this rough solution which sends your ENTIRE history file/contents to remote syslog each time).
hope someone needs this.
tks!
