CENTOS6 on Rsyslog application (Rsyslog+mysql+loganalyzer)

1, configure the log server,
(1) Enable the function of the log server: (UDP and TCP open one can)

# provides UDP syslog reception
$ModLoad imudp--------turn on the UDP to start recording other machines
$UDPServerRun 514-------Monitor on port 514.

# provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514
After modifying, restart the following configuration file, service Rsyslog restart
(2) Turn on the server log on the client computer
#vim/etc/rsyslog.conf
Change the *.info;mail.none;authpriv.none;cron.none/var/log/messages into
*.info;mail.none;authpriv.none;cron.none @172.16.3.1
After modifying, restart the following configuration file, service Rsyslog restart

2. Display log information through WebGui
Rsyslog+mysql+loganalyzer Configuration steps
Database configuration:
1. Installation: MySQL database ip:172.16.3.2
#yum Install Rsyslog-mysql Mysql-server
2. Import the database
# RPM-QL Rsyslog-mysql
/lib64/rsyslog/ommysql.so
/usr/share/doc/rsyslog-mysql-5.8.10
/USR/SHARE/DOC/RSYSLOG-MYSQL-5.8.10/CREATEDB.SQL------The format of this database (import it into the database)
(View database How to create Cat/usr/share/doc/rsyslog-mysql-5.8.10/createdb.sql)
#mysql </usr/share/doc/rsyslog-mysql-5.8.10/createdb.sql
3, authorized database remote login user
>grant all on syslog.* to [e-mail protected] ' 172.16.3.% ' identified by ' Ning ';
Client configuration file:
4, modify the client's configuration file ip:172.16.3.1
#vim/etc/rsyslog.conf
$ModLoad ommysql---------------------------------Add enable modules
*.info;mail.none;authpriv.none;cron.none:ommysql:172.16.3.2,syslog,ning,ning (Specifies the database name and data IP, remote login name and password)
#service rsyslog Restart----Restart Service
5. View log information (view Log on client)
Mysql-u ning-h 172.16.3.2-p
#mysql
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| Information_schema |
| Syslog----------------------automatically generated tables in the Import database
| Test |
+--------------------+
3 Rows in Set (0.00 sec)
Mysql>use Syslog
Mysql> Show tables;
+------------------------+
| Tables_in_syslog |
+------------------------+
| SystemEvents |--------------The table where the log is stored
| systemeventsproperties |
+------------------------+
2 rows in Set (0.01 sec)
Mysql>select * from SystemEvents;-------------View Log results
6, Configuration Loganalyzer

# yum-y Install httpd php php-mysql PHP-GD
# Tar XF loganalyzer-3.6.5.tar.gz
# Mkdir/var/www/html/log
# CP loganalyzer-3.6.5/src/*/var/www/html/log
# CP loganalyzer-3.6.5/contrib/*/var/www/html/log
# Cd/var/www/html/log
# chmod +x configure.sh secure.sh
#./configure.sh
#./secure.sh
# chmod 666 config.php
# chown-r Apache.apache./*

7. Test:
Http://172.16.3.2/log
There's a picture of the truth

650) this.width=650; "Style=" border-bottom:0px; border-left:0px; border-top:0px; border-right:0px "title=" Rsyslog "border=" 0 "alt=" rsyslog "src=" http://img1.51cto.com/attachment/201408/20/1384120 _1408551839ahjc.jpg "" 1032 "height=" 381 "/>

650) this.width=650; "Style=" border-bottom:0px; border-left:0px; border-top:0px; border-right:0px "title=" "border=" 0 "alt=" src= "http://img1.51cto.com/attachment/201408/20/1384120_" 1408551841adxi.jpg "" 1002 "height=" 665 "/>