rsyslog+loganalyzer+evtsys搭建集中式监控系统
2014-08-29 09:31
567 查看
一、服务端的安装
YUM源新建,如果有的话,可以省略
安装LogAnalyzer
以上就完成了loganalyzer的安装,登陆查看
转载来自:http://gm100861.blog.51cto.com/1930562/1191164
YUM源新建,如果有的话,可以省略
# cat >> /etc/yum.repos.d/sohu.repo <<EOF [sohu] name=sohu's mirrors baseurl=http://mirrors.sohu.com/centos/5/os/x86_64/ enabled=1 gpgcheck=0 EOF安装LAMP环境及rsyslog,如果有LAMP,只需要安装rsyslog rsyslog-mysql即可
yum install rsyslog rsyslog-mysql mysql mysql-devel mysql-server php php-mysql php-pdo php-common php-gd httpd导入rsyslog数据库
mysql -u root -p < $(rpm -ql rsyslog-mysql | grep sql$)创建数据库用户
mysql -u root -p mysql> grant all privileges on Syslog.* to logger@localhost identified by 'logger'; mysql> flush privileges; mysql> exit;修改rsyslog的配置文件
# vi /etc/rsyslog.conf //修改一下即可 # Use traditional timestamp format $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat # Provides kernel logging support (previously done by rklogd) # Provides support for local system logging (e.g. via logger command) $ModLoad immark $ModLoad imuxsock $ModLoad imklog $ModLoad ommysql *.* :ommysql:127.0.0.1,Syslog,logger,logger $ModLoad imudp.so $UDPServerRun 514 # Log all kernel messages to the console. # Logging much else clutters up the screen. #kern.* /dev/console # Log anything (except mail) of level info or higher. # Don't log private authentication messages! *.info;mail.none;authpriv.none;cron.none /var/log/messages # The authpriv file has restricted access. authpriv.* /var/log/secure # Log all the mail messages in one place. mail.* -/var/log/maillog # Log cron stuff cron.* /var/log/cron # Everybody gets emergency messages *.emerg * # Save news errors of level crit and higher in a special file. uucp,news.crit /var/log/spooler # Save boot messages also to boot.log local7.* /var/log/boot.log红色部分是添加的,其它的对比一下,有的就略过,没的就添加一下吧。
安装LogAnalyzer
# wget http://download.adiscon.com/loganalyzer/loganalyzer-3.6.3.tar.gz # tar xf loganalyzer-3.6.3.tar.gz # mkdir /var/www/html/loganalyzer # mv loganalyzer-3.6.3/src/* /var/www/html/loganalyze # touch /var/www/html/loganalyzer/config.php # chmod 666 /var/www/html/loganalyzer/config.php通过浏览器安装即可
以上就完成了loganalyzer的安装,登陆查看
二、Windows客户端安装
下载evtsys http://code.google.com/p/eventlog-to-syslog/解压缩放到 C:\Windows\System32 evtsys -i -s 10 -h log-server-ip -p 514 net start evtsys在安装的时候,会报一个错误,是配置文件的问题,可以忽略不用管,只要看到最后的安装成功即可。以下附上详细的参数
Version: 4.4 (32-bit) Usage: evtsys.exe -i|-u|-d [-h host] [-b host] [-f facility] [-p port] [-s minutes] [-l level] [-n] -i Install service -u Uninstall service -d Debug: run as console program -h host Name of log host -b host Name of secondary log host (optional) -f facility Facility level of syslog message -l level Minimum level to send to syslog.\n", stderr); 0=All/Verbose, 1=Critical, 2=Error, 3=Warning, 4=Info -n Include only those events specified in the config file. -p port Port number of syslogd -q bool Query the Dhcp server to obtain the syslog/port to log to (0/1 = disable/enable) -s minutes Optional interval between status messages. 0 = Disabled Default port: 514 Default facility: daemon Default status interval: 0 Host (-h) required if installing.以下是在Loganalyzer上看到的Windows的日志,很明显的windows日志。监控Linux日志就很简单了,直接修改配置文件,把日志发送一份到日志服务器即可,这里不再详细的说明。
转载来自:http://gm100861.blog.51cto.com/1930562/1191164
相关文章推荐
- rsyslog+loganalyzer+evtsys搭建集中式监控系统
- rsyslog+loganalyzer+evtsys搭建集中式监控系统
- rsyslog+loganalyzer+evtsys搭建集中式监控系统
- rsyslog+loganalyzer+evtsys搭建集中式监控系统 推荐
- RPM方式搭建的LAMP+rsyslog+loganalyzer以实现集中式日志管理系统
- 整合LAMP+loganalyzer+rsyslog搭建企业级集中式日志管理系统
- 日志系统搭建(nginx+php+mysql+rsyslog+LogAnalyzer)
- 【服务器集群日志监控管理】RHEL.x搭建rsyslog日志服务器和loganalyzer日志分析工具
- rsyslog+loganalyzer远程日志系统搭建教程(CentOS6.8)
- Linux 日志服务器搭建(rsyslog+loganalyzer)
- RHEL 6.x 搭建rsyslog日志服务器和loganalyzer 日志分析工具
- rsyslog+mysql+loganalyzer 环境搭建日志服务器
- Centos6.7mini搭建rsyslog+loganalyzer(未完待续)
- RHEL 6.x 搭建rsyslog日志服务器和loganalyzer 日志分析工具 推荐
- 搭建rsyslog日志服务器和loganalyzer日志分析工具
- rsyslog+loganalyzer 非常强大的日志系统
- RHEL 6.x 搭建rsyslog日志服务器和loganalyzer 日志分析工具
- centos6.4搭建rsyslog日志服务器和loganalyzer 日志分析工具
- rsyslog+loganalyzer搭建日志服务器
- 基于Centos 6.5+MariaDB+loganalyzer+syslog搭建远程系统日志收集和分析环境