Log Analysis -2. send The Windows logs to a remote rsyslog serverto add a The Windows client's log messages are forwarded to our Rsyslog server, which requires a Windows Syslog Agent to be installed . 1.SyslogAgentHttp://download.cnet.com/Datagram-SyslogAgent/3000-2085_4-10370938.html2. Installing syslogagentThe installation steps are omitted here3. the corresponding settingsyou need to configure it to run
Objectiversyslog System Log, called the syslog on the CentOS5, and on the CentOS6 called Rsyslog, called the enhanced version of the SYSLOG,CENTOS5 on the configuration file under/etc/syslog.conf, and CentOS6 under/etc/rsyslog.conf.The syslog default is to put our logs into files, users, log servers, pipelines.Rsyslog has one more avenue on the syslog basis, allowing logs to be placed in MySQL data.Where is rsyslo
Log type
Log device/Type
Description
Auth
Logs generated by Pam
Authpriv
Verification information for login information such as Ssh,ftp
Cron
Time Task related
Kern
Kernel
Lpr
Print
Mail
Mail
Mark (syslog)
Rsyslog information inside the service, time identification
News
News Group
The server sends a command to the client, telling the client that the curl is complete and the client is the rsyslog server.
#! /Usr/bin/Python
Import pycurl
Import socket
Import time
Def work_socket ():
S = socket. socket (socket. af_inet, socket. sock_stream)
S. setsockopt (socket. sol_socket, socket. so_reuseaddr, 1)
S. BIND ('10. 67.15.96 ', 9999 ))
S. Listen (10)
S. setblocking (0)
S. setTimeout (10)
Conn, ADDR = S. Accept ()
Conn. Send ('10. 67
The previous section describes how to store logs in a database, you might think this is not superfluous, not also, since can be placed in the database is not able to implement lamp combination to build a web interface to manage the log, there is just a software to help us achieve this function "Loganalyzer "。 This feature is implemented below.The first is to implement the log storage to the database, reference: http://blog.51cto.com/13598893/2072463On the
1st Zhi
1st log is a plain text file that the system uses to record some relevant information about the system at run time
The purpose of the 2nd log is to save the running status, error messages, etc. of the related programs. In order to analyze the system, save the history and find the parse error using when the error occurs
3 Linux typically saves the following types of logs
Kernel information
Service Information
Application information
2 Rsyslog
Problem Description:Server B receives message gateway logs from Server A from the remote side, and according to the configuration requirements, these logs need to be written in different files according to the message label classification.For example, there is a log:Sep 08:00:03 192.100.6.3 monster-cmpp20mo[37518]: 20180912080002sms0000999l00100000000cc515275,0,00,,, 09120800018510260295,,,, xxxxxxxxxxx,,, 1,xxxxxxxxxx,,,,,,,,,,,, 0,6,dm302j,We want to be able to write to the Monster-cmppmo.log
Environment:
*********************
Adiscon LogAnalyzer Version 3.4.3
[Root @ cento100 ~] # Cat/etc/issue
CentOS release 5.6 (Final)
*********************
Some people may despise the title. The answer is nothing more than creating a view and creating DBMappings. I am very responsible to tell you, no. Here is how to modify the PHP source code. Let's talk a little bit about it.
Recently, rsyslog + loganalyzer has been used to implement centralized log
Before I was in BASHRC added a sentence, let the system operation log to Rsyslog send a copy of the content, now as long as the sending, and then get the current remote login IP add in it, like this/etc/bashrc1 sshclientip= ' W | Tail-n +3'BEGIN {ip= "local"}{if ($5== "0.00s" | | $! = "-") ip=$3 fi} END {print IP}' c6> '2 prompt_command='history-a > (tee-a ~/.bash_history | logger-p local1.debug-t "$SSH clientip[$USER] ")'Linux implementation
When I was half-a-little, I looked for information. Finally, find him in an official document ...Http://www.rsyslog.com/doc/ommysql.htmlSample:The following sample writes all syslog messages to the database "syslog_db" on mysqlsever.example.com. The server is being accessed under the account of "user" with password "pwd".$ModLoad Ommysql* * Action (type= "Ommysql" server= "mysqlserver.example.com" serverport= "1234"db= "syslog_db" uid= "user" pwd= "pwd")Legacy Sample:The same as above, but in Le
As a system operation and maintenance engineer, normal view analysis Linux system log I think we must do the homework every day, but a long time will find that every time we look at the site logs have to go into the background, several servers can also deal with, but if the management of hundreds of online servers, this approach is stretched.
Then I thought about whether I can have a log server centralized management of the log, and the Web to display the log to the front desk for easy viewing,
Reference: http://blog.csdn.net/nowayings/article/details/38926501Https://www.cnblogs.com/bonelee/p/6234647.htmlPrint to the log:The code is as follows#include int main () { FILE*F; = fopen ("ABC","R"); if (! f) { syslog (log_err| Log_user,"test-%m/n");} }The configuration is as follows: Add the 2nd line section.[Email protected]:~/workspace/log$ vim/etc/rsyslog.d/30-debug.conf*.debug /var/log/mydebug.loguser. * -/var/log/"logger" ~T
Environment:
*********************
Adiscon Loganalyzer Version 3.4.3
[Root@centos100 ~]# Cat/etc/issue
CentOS Release 5.6 (Final)
*********************
See the title, may be some people will disdain, the answer is nothing but a new view, the establishment of dbmappings. I'm very responsible to tell you, No. I am here to modify the PHP source code method, to achieve. Crap don't say much, just open it
Recently engaged in Rsyslog+loganalyzer to ac
Objective:Whenever we encounter a problem scratching, a face of what, perhaps look at the log immediately suddenly enlightened, so, an easy-to-use log server is still very important. Let's not introduce elk, the log analysis system for the boom-and-blast day. Today we'll build a small log server. Elk we'll say it again ~Body:When we configure a service, start an error, it feels like what to eat, not to mention how uncomfortable, unless the service program itself has a detection configuration fil
-level logs) log server @172.16.100.1 (Rsyslog server) pipeline | Command (handled with a different command)Log Information Format:Time Master Process (PID): Event[[email protected] ~]# tail/var/log/messagesoct 00:11:17 centos6 dhclient[5518]: bound to 192.168.2.4--renewal in 75 6 seconds. Oct 00:23:53 CENTOS6 dhclient[5518]: DHCPACK from 192.168.2.254 (XID=0X745700CD) Oct to 00:53:02 CENTOS6 dhclient[5518]: DHCPACK from 192.168.2.254 (XID=0X745700CD)
Environment: Both the client and the server need to install the Rsyslog serviceRsyslog Server SideCd/etc/rsyslog.d/cat server.conf$modload imtcp$inputtcpserverrun 514 vim /etc/rsyslog.conflocal4.* / Var/log/history.log Rsyslog Client Sidecat/etc/rsyslog.d/client.conflocal4.* @ @server End ip:514 Cat/etc/profi
; mysql> ALTER TABLE SystemEvents ADD fromip VARCHAR () DEFAULT NULL after Fromhost;It is important to look at the mapping relationship of database mapping databases. If the mapping is not correct, the IP column will not appear. Rsyslog configuration has been modified, so do remember to restart the Rsyslog service. In this case, the IP problem can be solved basically. R
Document directory
1. Visual Editor
2. SWT-Designer
3. jigloo
1. Visual Editor
2. SWT-Designer
3. jigloo
From http://www.cnblogs.com/NationWoo/archive/2011/05/31/2065176.html
Eclipse does not provide GUI visual development tools. If you want to implement visual GUI development in Eclipse, You need to rely on third-party plug-ins.1. Visual Editor
Eclipse officially provides an open-source
Last Post we analyzed the basic knowledge and configuration of Rsyslog, following we continue to improve the next blog post, the final use of Rsyslog+loganalyzer+mysql deployment log server, to achieve the WebGui display of log information. "Experimental Environment and Topology"System: CentOS 6.5RSYSLOG:RSYSLOGD 5.8.10loganalyzer:loganalyzer-3.6.5lamp:httpd-2.4.4,mysql-5.6.10,php-5.4.13650) this.width=650;
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.