anti/DECNET
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: SSH log relay emits proper DECNET syslog for sshd events

Browse Source 
New log_relay.py replaces raw 'cat' on the rsyslog pipe. Intercepts
sshd and bash lines and re-emits them as structured RFC 5424 events:
login_success, session_opened, disconnect, connection_closed, command.
Parsers updated to accept non-nil PROCID (sshd uses PID).
This commit is contained in:
anti
2026-04-14 02:07:35 -04:00
parent a6c7cfdf66
commit 7ff5703250
8 changed files with 240 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
templates/ssh/Dockerfile
View File

@@ -65,6 +65,8 @@ RUN mkdir -p /root/projects /root/backups /var/www/html && \
printf 'DB_HOST=10.0.0.5\nDB_USER=admin\nDB_PASS=changeme123\nDB_NAME=prod_db\n' > /root/projects/.env && \
printf '[Unit]\nDescription=App Server\n[Service]\nExecStart=/usr/bin/python3 /opt/app/server.py\n' > /root/projects/app.service
COPY decnet_logging.py /opt/decnet_logging.py
COPY log_relay.py /opt/log_relay.py
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh