Build a log server with the Rsyslog service that comes with the centos6.5 system
First, the preparation of the pre-construction work
Install LNMP (optional)
Configuring network Services (DNS and NTP) helps improve the accuracy of logging efforts.
Yum Install-y NTP
Service NTPD Start
/usr/sbin/ntpdate asia.pool.ntp.org
Hwclock–systohc
Second, log server installation
# yum-y Install Rsyslog Rsyslog-mysql
Configuration
# Vi/etc/rsyslog
Add the following lines
$ModLoad Immark # provides--mark--message capability
$ModLoad Ommysql
*. *: Ommysql:localhost,syslog,root,pass
$ModLoad imudp.so # provides UDP syslog reception
$UDPServerRun 514 # Start a UDP syslog server at standard Port 514
NOTE: *. *: Ommysql:localhost,syslog,rsyslog,password
localhost for MySQL host address
Syslog for MySQL Database
Rsyslog for MySQL user name
Password for MySQL user root password
$UDPServerRun 514 UDP port, accept client logs
Import Database
# Mysql-u Root-p < /usr/share/doc/rsyslog-mysql-5.8.10/createdb.sql
# mysql-u Root-p Enter password
GRANT all privileges The syslog.* to [e-mail protected] identified by ' password ';
FLUSH privileges;
Exit
Note: The Createdb.sql file has the automatic creation of a syslog database that contains two tables systemevents and systemeventsproperties.
Third, start the Rsyslog log server
#/etc/init.d/syslog Stop syslog Log
#/etc/init.d/rsyslog Start Rsyslog Log
Service Rsyslog Start/stop/restart is OK
Start the Rsyslog Setup boot
# chkconfig--level 3 rsyslog on enable Rsyslog boot up
Iv. installation of Loganalyzer server
wget/HTTP
# tar ZXVF loganalyzer-3.2.1.tar.gz
# mkdir-p/usr/local/nginx/html/loganalyzer
# cp-rf/root/loganalyzer-3.2.1/src/*/usr/local/nginx/html/loganalyzer
Note:/usr/local/nginx/html is a Web server directory
# Cd/usr/local/nginx/html/loganalyzer
Create a config.php configuration file
# Touch config.php
# chmod 666 config.php
Start Nginx
# Service Nginx Restart
Enter Http://YOUR SERVER Ip/loganalyzer for loganalyzer configuration in IE
Follow the prompts next. Next Steps
Note: Note that the database table is case-sensitive. should be written as SystemEvents
V. Log Server Client Installation
# RPM-QA |grep NTP is typically installed with a drip
Add a line after/etc/ntp.conf
Server Yourserverip
# service NTPD Start
# ntpq-p
# yum Install Rsyslog
# vi/etc/rsyslog.conf
Add the following content
*. * @YOUR SERVER IP
Note: YOUR server IP is the log server-side IP address
centos6.5 x86_64 under construction rsyslog service