1. Server Installation
YUM source is created. If yes, it can be omitted.
- # cat >> /etc/yum.repos.d/sohu.repo <<EOF
- [sohu]
- name=sohu's mirrors
- baseurl=http://mirrors.sohu.com/centos/5/os/x86_64/
- enabled=1
- gpgcheck=0
- EOF
Install the LAMP environment and rsyslog. If LAMP is available, you only need to install rsyslog-mysql.
- yum install rsyslog rsyslog-mysql mysql mysql-devel mysql-server php php-mysql php-pdo php-common php-gd httpd
Import rsyslog Database
- mysql -u root -p < $(rpm -ql rsyslog-mysql | grep sql$)
Create a database user
- mysql -u root -p
- mysql> grant all privileges on Syslog.* to logger@localhost identified by 'logger';
- mysql> flush privileges;
- mysql> exit;
Modify the rsyslog configuration file
- # Vi/etc/rsyslog. conf // modify it.
- # Use traditional timestamp format
- $ Actionfiledefatemplate template RSYSLOG_TraditionalFileFormat
-
- # Provides kernel logging support (previously done by rklogd)
- # Provides support for local system logging (e.g. via logger command)
- $ ModLoad immark
- $ ModLoad imuxsock
- $ ModLoad imklog
-
- $ ModLoad ommysql
- *. *: Ommysql: 127.0.0.1, Syslog, logger, logger
-
- $ ModLoad imudp. so
- $ UDPServerRun 514
-
- # Log all kernel messages to the console.
- # Logging much else clutters up the screen.
- # Kern. */dev/console
- # Log anything (could t mail) of level info or higher.
- # Don't log private authentication messages!
- *. Info; mail. none; authpriv. none; cron. none/var/log/messages
- # The authpriv file has restricted access.
- Authpriv. */var/log/secure
- # Log all the mail messages in one place.
- Mail. *-/var/log/maillog
- # Log cron stuff
- Cron. */var/log/cron
-
- # Everybody gets emergency messages
- *. Emerg *
- # Save news errors of level crit and higher in a special file.
- Uucp, news. crit/var/log/spooler
-
- # Save boot messages also to boot. log
- Local7. */var/log/boot. log
The red part is added. For other comparisons, some are skipped. If not, add it.
Install LogAnalyzer
- # wget http://download.adiscon.com/loganalyzer/loganalyzer-3.6.3.tar.gz
- # tar xf loganalyzer-3.6.3.tar.gz
- # mkdir /var/www/html/loganalyzer
- # mv loganalyzer-3.6.3/src/* /var/www/html/loganalyze
- # touch /var/www/html/loganalyzer/config.php
- # chmod 666 /var/www/html/loganalyzer/config.php
Install it in a browser.
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131227/1T32553J-0.jpg "border =" 0 "alt =" "/>
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131227/1T32534W-1.jpg "border =" 0 "alt =" "/>
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131227/1T32514Q-2.jpg "border =" 0 "alt =" "/>
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131227/1T32564Z-3.jpg "border =" 0 "alt =" "/>
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131227/1T3254004-4.jpg "border =" 0 "alt =" "/>
The above completes the installation of loganalyzer, login to view
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131227/1T3253510-5.jpg "border =" 0 "alt =" "/>
Ii. Windows Client installation
Download evtsys http://code.google.com/p/eventlog-to-syslog/
- Decompress the package to C: \ Windows \ System32
- Evtsys-I-s 10-h log-server-ip-p 514
- Net start evtsys
During installation, an error is reported, which is caused by the configuration file. You can ignore this issue as long as the installation is successful. Detailed parameters are attached below
- Version: 4.4 (32-bit)
- Usage: evtsys.exe -i|-u|-d [-h host] [-b host] [-f facility] [-p port]
- [-s minutes] [-l level] [-n]
- -i Install service
- -u Uninstall service
- -d Debug: run as console program
- -h host Name of log host
- -b host Name of secondary log host (optional)
- -f facility Facility level of syslog message
- -l level Minimum level to send to syslog.\n", stderr);
- 0=All/Verbose, 1=Critical, 2=Error, 3=Warning, 4=Info
- -n Include only those events specified in the config file.
- -p port Port number of syslogd
- -q bool Query the Dhcp server to obtain the syslog/port to log to
- (0/1 = disable/enable)
- -s minutes Optional interval between status messages. 0 = Disabled
-
- Default port: 514
- Default facility: daemon
- Default status interval: 0
- Host (-h) required if installing.
The following are Windows logs displayed on Loganalyzer, which are obvious windows logs. It is easy to monitor Linux logs. You can directly modify the configuration file and send the logs to the log server.
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131227/1T325A25-6.jpg "border =" 0 "alt =" "/>
This article is from the blog, please be sure to keep this source http://gm100861.blog.51cto.com/1930562/1191164