Generates rsyslog server and client configs for TLS-secured centralized syslog collection with GnuTLS/x509, per-host log isolation, custom templates, log rotation, and reliable disk queues for HA infrastructure.
npx claudepluginhub killvxk/cybersecurity-skills-zhThis skill uses the workspace's default tool permissions.
1. 安装依赖:`pip install jinja2 paramiko`
Generates rsyslog configs for TLS-secured centralized log collection with GnuTLS drivers, x509 auth, per-host segregation, JSON templates, rotation, and disk queues. Deploys via Python/SSH.
Generates rsyslog server and client configs for centralized syslog collection with TLS encryption, GnuTLS drivers, x509 cert auth, per-host segregation, log rotation, and reliable queues. Deploys via Python script.
Generates Fluentd and Fluent Bit configurations for centralized log aggregation, routing, filtering, and enrichment in distributed infrastructure. Outputs to Elasticsearch, S3, Splunk; includes validation and testing.
Share bugs, ideas, or general feedback.
pip install jinja2 paramikopython scripts/agent.py --server-ip 10.0.0.1 --clients 10.0.0.10,10.0.0.11 --ca-cert ca.pem --output syslog_report.json
module(load="imtcp" StreamDriver.Name="gtls" StreamDriver.Mode="1"
StreamDriver.Authmode="x509/name")
input(type="imtcp" port="6514")
template(name="PerHostLog" type="string" string="/var/log/remote/%HOSTNAME%/%PROGRAMNAME%.log")
*.* ?PerHostLog
action(type="omfwd" target="10.0.0.1" port="6514" protocol="tcp"
StreamDriver="gtls" StreamDriverMode="1"
StreamDriverAuthMode="x509/name"
queue.type="LinkedList" queue.filename="fwdRule1"
queue.maxdiskspace="1g" queue.saveonshutdown="on"
action.resumeRetryCount="-1")