Project

General

Profile

sw-collector

Synopsis

sw-collector [--debug level] [--quiet] [--count event-count]

sw-collector [--debug level] [--quiet] [--installed|--removed] --list|--unregistered

sw-collector [--debug level] [--quiet] [--installed|--removed] [--full] --generate

sw-collector [--debug level] [--quiet] --migrate

sw-collector -h | --help

Description

sw-collector extracts information about software package installation, update or removal events from the apt history log and stores the software events in an SQLite database. The retrieved history information is then merged and made consistent with the actual list of installed software packages obtained with dpkg-query.

Options

-h, --help
      Prints usage information and a short summary of the available commands.

-v, --debug level
      Set debug level, default: 2.

-q, --quiet
      Disable debug output to stderr.

-i, --installed
      Apply command to installed software packages, only.

-r, --removed
      Apply command to removed software packages, only.

-f, --full
      Generate ISO 19770-2:2015 SWID tags with full file information (possible for installed software packages, only).

-l, --list
      Lists all software packages stored in the collector database showing their installation status.

-u, --unregistered
      Lists all software packages residing in the local collector database but for which no SWID tags
      exist yet in a central collector database reachable via a REST interface.

-g, --generate
      Generates ISO 19770-2:2015 SWID tags for all software packages residing in the local collector database but for
      which no SWID tags exist in a central collector database reachable via a REST interface.

-m, --migrate
      Can be used to migrate collector database versions. Currently all architecture suffixes are removed
      from dpkg package names.

Configuration

The following parameters can be configured in the sw-collector section of strongswan.conf:

sw-collector {
    database = sqlite:///etc/pts/collector.db
    history = /var/log/apt/history.log
    first_file = /var/log/bootstrap.log
    first_time = 2016-04-22T20:55:14Z
    rest_api {
        uri = https://admin-user:ietf99hackathon@tnc.strongswan.org/api/
        timeout = 120
    }
}

  • The database URI is mandatory because otherwise the collector database is not found. You can create an empty collector database with the command
    sudo -s; cat /usr/share/strongswan/templates/database/sw-collector/sw_collector_tables.sql | sqlite3 /etc/pts/collector.db
    
  • If the logrotate command has split the /var/log/apt/history.log file into multiple chunks then you have to manually unzip, concatenate and store the multiple chunks in the correct order in a reconstructed history.log file and point the history parameter to this file for the initial run of sw-collector. For all subsequent runs you must set back the history setting to the default value.
  • The default value /var/log/bootstrap.log of the first_file parameter points to a file which is usually present on Debian and Ubuntu systems and which gives a good estimate of the date when the OS was initially installed. You can point first_file to another file of your choice or use first_time to explicitly define the system creation date.
  • The rest_api.uri parameter is needed for the --unregistered and --generate commands where sw-collector contacts an on-line strongTNC server and queries already registered SWID tags via a REST API.

The parameters of the swid_generator used with the --generate command can be changed in the libimcv section of strongswan.conf:

libimcv {
    swid_gen {
        command = /usr/local/bin/swid_generator
        tag_creator {
            name = strongSwan Project
            regid = strongswan.org
        }
    }
}

Files

/usr/share/strongswan/templates/database/sw-collector/sw_collector_tables.sql