From eec8faedb2ef23a991d9e2faa505c40e6abe4466 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 1 Jul 2023 12:01:22 +0200 Subject: Removing changes outside of debian directory. Signed-off-by: Daniel Baumann --- yulerc | 338 ----------------------------------------------------------------- 1 file changed, 338 deletions(-) delete mode 100644 yulerc (limited to 'yulerc') diff --git a/yulerc b/yulerc deleted file mode 100644 index 88901a7..0000000 --- a/yulerc +++ /dev/null @@ -1,338 +0,0 @@ -##################################################################### -# -# Configuration file template for yule. -# -##################################################################### -# -# NOTE: This is a log server-only configuration file TEMPLATE. -# -# NOTE: The log server ('yule') will look for THAT configuration file -# that has been defined at compile time with the configure option -# ./configure --with-config-file=FILE -# The default is "/usr/local/etc/.samhainrc" (NOT "yulerc"). -# -##################################################################### -# -# -- empty lines and lines starting with '#', ';' or '//' are ignored -# -- you can PGP clearsign this file -- samhain will check (if compiled -# with support) or otherwise ignore the signature -# -- CHECK mail address -# -# To each log facility, you can assign a threshold severity. Only -# reports with at least the threshold severity will be logged -# to the respective facility (even further below). -# -##################################################################### - - -[Log] -## -## Switch on/OFF log facilities and set their threshold severity -## -## Values: debug, info, notice, warn, mark, err, crit, alert, none. -## 'mark' is used for timestamps. -## -## -## Use 'none' to SWITCH OFF a log facility -## -## By default, everything equal to and above the threshold is logged. -## The specifiers '*', '!', and '=' are interpreted as -## 'all', 'all but', and 'only', respectively (like syslogd(8) does, -## at least on Linux). Examples: -## MailSeverity=* -## MailSeverity=!warn -## MailSeverity==crit - -## E-mail -## -# MailSeverity=none -MailSeverity=crit - -## Console -## -# PrintSeverity=info - -## Logfile -## -# LogSeverity=none - -## Syslog -## -# SyslogSeverity=none - -## External script or program -## -# ExternalSeverity = none - -## Logging to a database -## -# DatabaseSeverity = none - - -# [Database] -## -## --- Logging to a relational database -## - -## Database name -# -# SetDBName = samhain - -## Database table -# -# SetDBTable = log - -## Database user -# -# SetDBUser = samhain - -## Database password -# -# SetDBPassword = (default: none) - -## Database host -# -# SetDBHost = localhost - -## Log the server timestamp for received messages -# -SetDBServerTstamp = True - -## Use a persistent connection -# -UsePersistent = True - - - -# [External] -## -## Interface to call external scripts/programs for logging -## - -## The absolute path to the command -## - Each invocation of this directive will end the definition of the -## preceding command, and start the definition of -## an additional, new command -# -# OpenCommand = (no default) - -## Type (log or rv) -## - log for log messages, srv for messages received by the server -# -# SetType = log - -## The command (full command line) to execute -# -# SetCommandLine = (no default) - -## The environment (KEY=value; repeat for more) -# -# SetEnviron = TZ=(your timezone) - -## The TIGER192 checksum (optional) -# -# SetChecksum = (no default) - -## User who runs the command -# -# SetCredentials = (default: samhain process uid) - -## Words not allowed in message -# -# SetFilterNot = (none) - -## Words required (ALL of them) -# -# SetFilterAnd = (none) - -## Words required (at least one) -# -# SetFilterOr = (none) - -## Deadtime between consecutive calls -# -# SetDeadtime = 0 - -## Add default environment (HOME, PATH, SHELL) -# -# SetDefault = no - - -##################################################### -# -# Miscellaneous configuration options -# -##################################################### - -[Misc] - -## whether to become a daemon process -## (this is not honoured on database initialisation) -# -# Daemon = no -Daemon = yes - - - -[Misc] -# whether to become a daemon process -Daemon=yes - -## Interval between time stamp messages -# -# SetLoopTime = 60 -SetLoopTime = 600 - -## The maximum time between client messages (seconds) -## This allows the server to flag clients that have exceeded -## the timeout limits; i.e. might have died for some reason. -# -# SetClientTimeLimit = 86400 - -## Use client address as known to the communication layer (might be -## incorrect if the client is behind NAT). The default is to use -## the client name as claimed by the client, and verify it against -## the former (might be incorrect if the client has several -## interfaces, and its hostname resolves to the wrong interface). -# -# SetClientFromAccept = False - -## If SetClientFromAccept is False (default), severity of a -## failure to resolve the hostname claimed by the client -## to the IP address of the socket peer. -# -# SeverityLookup = crit - -## The console device (can also be a file or named pipe) -## - There are two console devices. Accordingly, you can use -## this directive a second time to set the second console device. -## If you have not defined the second device at compile time, -## and you don't want to use it, then: -## setting it to /dev/null is less effective than just leaving -## it alone (setting to /dev/null will waste time by opening -## /dev/null and writing to it) -# -# SetConsole = /dev/console - -## Use separate logfiles for individual clients -# -# UseSeparateLogs = False - -## Enable listening on port 514/udp for logging of remote syslog -## messages (if optionally compiled with support for this) -# -# SetUDPActive = False - - -## Activate the SysV IPC message queue -# -# MessageQueueActive = False - - -## If false, skip reverse lookup when connecting to a host known -## by name rather than IP address (i.e. trust the DNS) -# -# SetReverseLookup = True - -## If true, open a Unix domain socket to listen for commands that should -## be passed to clients upon next connection. Only works on systems -## that support passing of peer credentials (for authentication) via sockets. -## Use yulectl to access the socket. -# -# SetUseSocket = False - -## The UID of the user that is allowed to pass commands to the server -## via the Unix domain socket. -# -# SetSocketAllowUid = 0 - -## --- E-Mail --- - -# Only highest-level (alert) reports will be mailed immediately, -# others will be queued. Here you can define, when the queue will -# be flushed (Note: the queue is automatically flushed after -# completing a file check). -# -# SetMailTime = 86400 - -## Maximum number of mails to queue -# -# SetMailNum = 10 - -## Recipient (max. 8) -# -# SetMailAddress=root@localhost - -## Mail relay (IP address) -# -# SetMailRelay = NULL - -## Custom subject format -# -# MailSubject = NULL - -## --- end E-Mail --- - -# The binary. Setting the path will allow -# samhain to check for modifications between -# startup and exit. -# -# SamhainPath=/usr/local/bin/yule - -## The IP address of the time server -# -# SetTimeServer = (default: compiled-in) - -## Trusted Users (comma delimited list of user names) -# -# TrustedUser = (no default; this adds to the compiled-in list) - -## Custom format for message header. -## CAREFUL if you use XML logfile format. -## -## %S severity -## %T timestamp -## %C class -## -## %F source file -## %L source line -# -# MessageHeader="%S %T " - - -## Don't log path to config/database file on startup -# -# HideSetup = False - -## The syslog facility, if you log to syslog -# -# SyslogFacility = LOG_AUTHPRIV - - -## The message authentication method -## - If you change this, you *must* change it -## on client *and* server -# -# MACType = HMAC-TIGER - - -[Clients] -## -## This is a sample registry entry for a client at host 'HOSTNAME'. This entry -## is valid for the default password. -## You are STRONGLY ADVISED to reset te password (see the README) and -## compute your own entries using 'samhain -P ' -## -## Usually, HOSTNAME should be a fully qualified hostname, -## no numerical address. -## -- exception: if the client (samhain) cannot determine the -## fully qualified hostname of its host, -## the numerical address may be required. -## You will know if you get a message like: -## 'Invalid connection attempt: Not in -## client list what.ever.it.is' -## -## First entry is for challenge/response, second one for SRP authentication. -# -# Client=HOSTNAME@00000000@C39F0EEFBC64E4A8BBF72349637CC07577F714B420B62882 -# Client=HOSTNAME@8F81BA58956F8F42@8932D08C49CA76BD843C51EDD1D6640510FA032A7A2403E572BBDA2E5C6B753991CF7E091141D20A2499C5CD3E14C1639D17482E14E1548E5246ACF4E7193D524CDDAC9C9D6A9A36C596B4ECC68BEB0C5BB7082224946FC98E3ADE214EA1343E2DA8DF4229D4D8572AD8679228928A787B6E5390D3A713102FFCC9D0B2188C92 -- cgit v1.2.3