anglemx / audit-bundle
Audit Bundle to produce automated reports for OS (Ubuntu) and DB (MySQL) privileged access
Installs: 31
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 0
Type:symfony-bundle
Requires
- php: >=8.1
- anglemx/php-utilities: ^1.0
- doctrine/doctrine-bundle: ^2.8
- doctrine/doctrine-migrations-bundle: ^3.2.4
- doctrine/orm: ^2.14
- symfony/dependency-injection: ^5.4
- symfony/framework-bundle: ^5.4
- symfony/swiftmailer-bundle: ^3.1
Requires (Dev)
- dms/phpunit-arraysubset-asserts: ^0.2.0
- php-coveralls/php-coveralls: ^2.2
- phpunit/phpunit: ^9.0
This package is auto-updated.
Last update: 2024-05-25 17:36:23 UTC
README
Audit Bundle for Symfony 5.4+ to produce automated reports for OS (Ubuntu) and DB (MySQL) privileged access
highly opinionated Angle deployment model, built on top of Symfony.
Installation
Install composer dependency:
composer require anglemx/audit-bundle
Make sure that the Bundle has been enabled and auto-wired in the bundles.php
file.
// config/bundles.php return [ // ... Angle\AuditBundle\AngleAuditBundle::class => ['all' => true], // ... ];
Usage
php bin/console angle:audit:____
Available commands:
angle:audit:application-updates
angle:audit:database-migrations
angle:audit:database-users
angle:audit:operating-system-access
angle:audit:operating-system-users
Requirements
Standard Angle symfony application setup
MySQL Database Ubuntu 18.04 - 22.04 Operating System SwiftMailer
server-update.sh script should write its updates to symfony-update.log
on the root dir
TO-DO
- Ubuntu Utility
- Check OS version compatibility
- Pull SSH Authorized Keys file
- Pull Auth.log file
Mailer Configuration
Uses SwiftMailer (which is now deprecated in Symfony).
An .env variable called MAILER_FROM
is required to be defined.
Auth (sshd
) Configurations
Verify sshd
log verbosity
Open the config file at /etc/ssh/sshd_config
:
...
LogLevel VERBOSE
...
That is the default for Ubuntu 22.04, but verify that is the case.
Configure rsyslog
to log sshd
to a special location
Create a file 60-sshd.conf
with the following line on it:
$template SshdFileFormat,"%TIMESTAMP:::date-rfc3339% %HOSTNAME% %syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n"
:programname, isequal, "sshd" /var/log/sshd.log;SshdFileFormat
Then copy it:
sudo cp sshd-rsyslog /etc/rsyslog.d/60-sshd.conf
Then test the configuration to make sure everything is OK:
rsyslogd -N1
Finally, restart the engine:
service rsyslog restart