Install Rsyslog and LogAnalyzer on Centos 6
2015-04-28 22:26
801 查看
Rsyslog and LogAnalyzerare tools that help administrators to collect the systems
log in a centralized place and facilitates the data analysis.
In large networks the number of devices installed provides tons of logs that make impossible to have a good
overview of the overall network status without having a centralized log collector system.
Centos 6.x minimal
A working LAMP environment
Rsyslog and LogAnalyzer packages
First install LAMP environment and Rsyslog packages using the yum command.
# yum install httpd php mysql php-mysql
mysql-server rsyslog rsyslog-mysql wget
Prior importing the db schema into MySQL you can customize the database name (Syslog
by default) by editing the createDB.sql file.
# vi /usr/share/doc/rsyslog-mysql-5.8.10/createDB.sql
Once editing has been completed, import the db schema into MySQL. In the
example, the procedure creates a new database called rsyslogdb.
# mysql -u root -p < /usr/share/doc/rsyslog-mysql-5.8.10/createDB.sql
Grant the privileges to the account rsyslog.
# mysql -u root -p
Edit the configuration file /etc/rsyslog.conf and enable the listed parameters.$ModLoad imuxsock
# vi /etc/rsyslog.conf
Add also the following lines:
Enable the service to start at system boot and start the service.# chkconfig rsyslog on
# service rsyslog restart
If you have a firewall, you need to open ports TCP 514 and UDP 514 to work with Rsyslog.
If you see an empty set means it’s working.
Using the command wget download the LogAnalyzer
package.
# wget http://download.adiscon.com/loganalyzer/loganalyzer-3.6.3.tar.gz
Unpack the downloaded file and move the content to the Apache document root.
# tar -vxzf loganalyzer-3.6.3.tar.gz
# mv loganalyzer-3.6.3/src/ /var/www/html/loganalyzer
# mv loganalyzer-3.6.3/contrib/* /var/www/html/loganalyzer
Enter the created directory and assign the correct permissions to execute
the scripts.
# cd /var/www/html/loganalyzer/
# chmod 744 configure.sh secure.sh
# ./configure.sh
Access the web interface typing from your browser the following address:
http://IP_address/loganalyzer
At first access you receive an error message because the application hasn’t been configured yet. Click on word here to
go ahead with the configuration.
Click Next to start the installation.
Click Next to continue.
Enable Enable User Database option and enter
the parameters set during the database creation.
Click Next.
If no errors are shown click Next to continue.
Create the Admin user typing the username and password then click Next.
Choose as Source Type the MYSQL
Native value and enter the parameter of the database previously created. Click Next.
Pay attention to the field Database Tablename where the value must be:
SystemEvents
Click Finish to complete the installation.
To login to LogAnalyzer you need to enter your credential then click Login.
The Rsyslog server shows the so far collected data. You need to set the
network devices to send syslog messages to the Rsyslog server just configured
to populate the Events.
After login you may receive the error message:
could not find the configured table, maybe misspelled or the table names are case sensitive
This error is often due to wrong syntax in the DBTableName field. To fix
it you need to edit the /var/www/html/loganalyzer/config.php file and check if the DBTableName value
is written with the correct capital letters.
SystemEvents
# vi /var/www/html/loganalyzer/config.php
Amended the DBTableName value, the system should work properly.
来源:http://nolabnoparty.com/en/install-rsyslog-loganalyzer/
log in a centralized place and facilitates the data analysis.
In large networks the number of devices installed provides tons of logs that make impossible to have a good
overview of the overall network status without having a centralized log collector system.
Prerequisites
Centos 6.x minimalA working LAMP environment
Rsyslog and LogAnalyzer packages
Install Rsyslog
First install LAMP environment and Rsyslog packages using the yum command.# yum install httpd php mysql php-mysql
mysql-server rsyslog rsyslog-mysql wget
Prior importing the db schema into MySQL you can customize the database name (Syslog
by default) by editing the createDB.sql file.
# vi /usr/share/doc/rsyslog-mysql-5.8.10/createDB.sql
Once editing has been completed, import the db schema into MySQL. In the
example, the procedure creates a new database called rsyslogdb.
# mysql -u root -p < /usr/share/doc/rsyslog-mysql-5.8.10/createDB.sql
Grant the privileges to the account rsyslog.
# mysql -u root -p
123 | mysql> GRANT ALL PRIVILEGES ON rsyslogdb.* TO rsyslog@localhost IDENTIFIED BY 'passwd00';mysql> flush privileges;mysql> exit |
Edit the configuration file /etc/rsyslog.conf and enable the listed parameters.$ModLoad imuxsock
1 2 3 4 5 6 7 | $ModLoad imklog #$ModLoad immark $ModLoad imudp $UDPServerRun 514 $ModLoad imtcp $InputTCPServerRun 514 $ModLoad ommysql |
Add also the following lines:
123 | $AllowedSender UDP, 127.0.0.1, 192.168.10.0/24$AllowedSender TCP, 127.0.0.1, 192.168.10.0/24*.* : ommysql:127.0.0.1,rsyslogdb,rsyslog,passwd00 |
Enable the service to start at system boot and start the service.# chkconfig rsyslog on
# service rsyslog restart
If you have a firewall, you need to open ports TCP 514 and UDP 514 to work with Rsyslog.
Test Rsyslog
To test if everything is working, check if messages are arriving at the syslog server.# tail -f /var/log/messagesIn addition you can check if messages are being stored in MySQL database.# mysql -u root -p1 2 | mysql> use rsyslogdb; mysql> select * from SystemEvents; |
If you see an empty set means it’s working.
Install LogAnalyzer
Using the command wget download the LogAnalyzerpackage.
# wget http://download.adiscon.com/loganalyzer/loganalyzer-3.6.3.tar.gz
Unpack the downloaded file and move the content to the Apache document root.
# tar -vxzf loganalyzer-3.6.3.tar.gz
# mv loganalyzer-3.6.3/src/ /var/www/html/loganalyzer
# mv loganalyzer-3.6.3/contrib/* /var/www/html/loganalyzer
Enter the created directory and assign the correct permissions to execute
the scripts.
# cd /var/www/html/loganalyzer/
# chmod 744 configure.sh secure.sh
# ./configure.sh
Configure LogAnalyzer
Access the web interface typing from your browser the following address:http://IP_address/loganalyzer
At first access you receive an error message because the application hasn’t been configured yet. Click on word here to
go ahead with the configuration.
Click Next to start the installation.
Click Next to continue.
Enable Enable User Database option and enter
the parameters set during the database creation.
Click Next.
If no errors are shown click Next to continue.
Create the Admin user typing the username and password then click Next.
Choose as Source Type the MYSQL
Native value and enter the parameter of the database previously created. Click Next.
Pay attention to the field Database Tablename where the value must be:
SystemEvents
Click Finish to complete the installation.
To login to LogAnalyzer you need to enter your credential then click Login.
The Rsyslog server shows the so far collected data. You need to set the
network devices to send syslog messages to the Rsyslog server just configured
to populate the Events.
Troubleshooting
After login you may receive the error message:could not find the configured table, maybe misspelled or the table names are case sensitive
This error is often due to wrong syntax in the DBTableName field. To fix
it you need to edit the /var/www/html/loganalyzer/config.php file and check if the DBTableName value
is written with the correct capital letters.
SystemEvents
# vi /var/www/html/loganalyzer/config.php
Amended the DBTableName value, the system should work properly.
来源:http://nolabnoparty.com/en/install-rsyslog-loganalyzer/
相关文章推荐
- How to Install RSyslog+MySQL with LogAnalyzer on CentOS
- CentOS6 在VirtualBox中实现全屏和根据窗口大小自动调整分辨率 | Install Guest additions and run fullscreen mode on VirtualB
- Google Chrome 55 Released – Install on RHEL/CentOS 7/6 and Fedora 25-20
- install Python 2.7 and Python 3.3 on CentOS 6
- How to install Apache, PHP 7.1 and MySQL on CentOS 7.3 (LAMP)
- CentOS 6.7下利用Rsyslog+LogAnalyzer+MySQL部署日志服务器
- How to Install and Configure Nginx from Source on centos--转
- (Alex note) CentOS install and Oracle9204 install on CentOS
- Google Chrome 35 Released – Install on RHEL/CentOS 6 and Fedora 20-15
- [转载]How To Install Nginx And PHP-FPM On CentOS 6 Via Yum
- Centos6.4下利用rsyslog+loganalyzer+mysql部署日志服务器
- Git install and config on CentOS
- How to Install Cerb Collaboration and Email Automation on CentOS 7
- Install And Configure Openstack Mitaka RDO On CentOS 7 [For POC]
- CentOS 6.5下的lamp环境rsyslog+MySQL+loganalyzer实现日志集中分析管理
- howto install Oracle VirtualBox Guest Additions on Fedora, CentOS and Red Hat (RHEL).
- CentOS 6.5下利用Rsyslog+LogAnalyzer+MySQL部署日志服务器
- CentOS 6.5下利用Rsyslog+LogAnalyzer+MySQL部署日志服务器
- CentOS 6.5下利用Rsyslog+LogAnalyzer+MySQL部署日志服务器
- Install ImageMagick (Image Manipulation) Tool on RHEL/CentOS and Fedora 【转】