Loganalyzer Construction Process

Loganalyzer Building Process

Test Preparation: Host A and Host B , IP the addresses were 192.168.131.130 and the 192.168.131.136 , the operating system is RHEL6.4 x86_64 , to minimize the installation, both servers shut down the firewall and SELINUX

1. Installing and setting the lamp environment
   2. Install lamp environment

      # yum-y install httpd mysql mysql-server php php-mysql mysql-devel

   4. Start the service and join the boot boot

      Launch Apache

      # service httpd Start

      # Chkconfig httpd on

      Start MySQL

      # service Mysqld Start

      # Chkconfig Mysqld on

   6. Set the MySQL root password

      # mysqladmin-uroot password ' 123456 '

   8. Test the PHP Runtime environment

      # vim/var/www/html/index.php

      <?php

      Phpinfo ()

      ?>

Open the browser to access http://192.168.131.130/, the following interface appears

1. Check and install server-side software

   1. Check if the rsyslog software is installed

# Rpm-qa | grep rsyslog //The software is installed on the default system

2. Install Rsyslog connection to MySQL database module

# yum-y Install Rsyslog-mysql

Note: Rsyslog-mysql is a module for Rsyslog to send logs to the MySQL database, which must be installed

1. Configure Server-side
   1. Import Rsyslog-mysql Database files

      # cd/usr/share/doc/rsyslog-mysql-5.8.10/

      # mysql-uroot-p123456 < Createdb.sql

See what's done

# mysql-uroot-p123456

mysql> show databases;

mysql> use Syslog;

Mysql> Show tables;

The import database operation created the Syslog library and created two empty tables systemevents and systemeventsproperties in the library.

2. Create Rsyslog user permissions under MySQL

   # mysql-uroot–p

   mysql> Grant all on syslog.* to ' Rsyslog ' @ ' localhost ' identified by ' 123456 ';

   mysql> flush privileges; #刷新权限表

   mysql> exit

4. Configure the server side to support the Rsyslog-mysql module and turn on the UDP service port to get other Linux system logs in the network

   # vim/etc/rsyslog.conf

   $ModLoad Ommysql

   *.*:ommysql:localhost,syslog,rsyslog,123456

   Note: localhost indicates the local host, Syslog is the database name, Rsyslog is the user of the database, 123456 is the user password

6. Turn on the relevant log module

   # vim/etc/rsyslog.conf

$ModLoad Immark??? #immark是模块名, log tagging is supported

$ModLoad IMUDP??? #imupd是模块名, UDP protocol support

$UDPServerRun 514??? #允许514端口接收使用UDP和TCP协议转发过来的日志

1. Restart Rsyslog Service

   # Service Rsyslog Restart

1. Configuring the Client
   1. Check if Rsyslog is installed

      # Rpm-qa | grep rsyslog

   2. Configure Rsyslog client send local log to server

      # vim/etc/rsyslog.conf

      *.* @192.168.131.130

      Note: Line end adds the above line, that is, the client sends the local log to the server

   3. restart Rsyslog service

      # service rsyslog restart

   4. edit/ETC/BASHRC, write all commands executed by the client to the system log/var/log/message

      add a line at the end of the file

Export prompt_command= ' {msg=$ (History 1 | {read x y; echo $y;}); Logger "[euid=$ (WhoAmI)]": $ (Who am I): [' pwd '] "$msg"; }‘

# . !$ #加载/ETC/BASHRC

V. Test whether Rsyslog server can properly accept client-side logs

Client Side Testing

Server-side detection

Note: The receipt is normal, including some logs you can restart the machine to see

2. Installing Loganalyzer

   # yum-y Install wget

   # wget?http://download.adiscon.com/loganalyzer/loganalyzer-3.6.5.tar.gz

   # Tar XF loganalyzer-3.6.5.tar.gz

   # CD loganalyzer-3.6.5

   # mkdir-p/var/www/html/loganalyzer

   # cp-a src/*/var/www/html/loganalyzer/

4. Installing Loganalyzer in the Browser Installation Wizard

   Open Browser Input: http://192.168.131.130/loganalyzer/

   Tip No configuration file, click here to use the wizard to generate

   1. Test system Environment

Click "Next" to proceed to the next step

Tip error: The config.php file is missing and the permissions are set to 666, which can be generated using configure.sh script under the contrib directory

# cd/root/loganalyzer-3.6.5/contrib/

# Cat Configure.sh

# bash configure.sh

# dir

# cp-a config.php/var/www/html/loganalyzer/

After doing the above operation, perform recheck operation, config.php file can be written, click Next to enter next step.

1. Basic Configuration

In the user Database Options, fill in the parameters set above and click "Next".

3. Create a table

Click Next to start creating a table

4. Check SQL results

?

1. Create an administrative user

2. Create the first system log Source

7. Complete

1. Test

   Loganalyzer Home Page

Click on the " Statistics "

Login Test

Click on the " Admin Center "in Admin Center can make some system settings

?

?

?

?

?

?

?

Loganalyzer Construction Process