creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 13:44:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
0fbcbdf8ddfc4342277f03b2ddb60be33ca6dcb1
Anthropic-Cybersecurity-Skills/skills/implementing-syslog-centralization-with-rsyslog/references/api-reference.md
T
mukul975 27c6414ca5 Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills 
Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders
2026-03-10 21:02:12 +01:00

1.9 KiB
Raw Blame History

API Reference: Rsyslog Centralization with TLS

Rsyslog Server Configuration Directives

TLS Module Loading

module(load="imtcp"
    StreamDriver.Name="gtls"
    StreamDriver.Mode="1"
    StreamDriver.Authmode="x509/name"
    PermittedPeer=["client1.local","client2.local"])

Global TLS Settings

global(
    DefaultNetstreamDriver="gtls"
    DefaultNetstreamDriverCAFile="/path/to/ca.pem"
    DefaultNetstreamDriverCertFile="/path/to/cert.pem"
    DefaultNetstreamDriverKeyFile="/path/to/key.pem")

Template Syntax

template(name="PerHostDir" type="string"
    string="/var/log/remote/%HOSTNAME%/%PROGRAMNAME%.log")
template(name="JSONFormat" type="string"
    string='{"host":"%HOSTNAME%","msg":"%msg:::json%"}\n')

Rsyslog Client Forwarding

action(type="omfwd" target="<server>" port="6514" protocol="tcp"
    StreamDriver="gtls" StreamDriverMode="1"
    StreamDriverAuthMode="x509/name"
    queue.type="LinkedList" queue.filename="fwdRule1"
    queue.maxdiskspace="1g" queue.saveonshutdown="on"
    action.resumeRetryCount="-1")

Jinja2 Template Engine

from jinja2 import Template
tmpl = Template("target={{ server_ip }} port={{ port }}")
output = tmpl.render(server_ip="10.0.0.1", port=6514)

Paramiko SSH Deployment

import paramiko
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, username=user, key_filename=key)
sftp = client.open_sftp()
sftp.file(remote_path, "w").write(content)
client.exec_command("systemctl restart rsyslog")
client.close()

OpenSSL Certificate Generation

openssl req -x509 -newkey rsa:4096 -keyout ca-key.pem -out ca.pem -days 3650 -nodes
openssl req -newkey rsa:2048 -keyout server-key.pem -out server.csr -nodes
openssl x509 -req -in server.csr -CA ca.pem -CAkey ca-key.pem -out server-cert.pem
Reference in New Issue View Git Blame Copy Permalink