Syslog collection: eventlog + syslog-ng + mongodb

Syslog collection: eventlog + syslog-ng + mongodb system: Redhat5 64bit Server www.2cto.com Java code 1. install eventlog $ tar xvfz eventlog_0.2.12.tar.gz // decompress $ export PKG_CONFIG_PATH =/usr/local/lib/pkgconfig: $ PKG_CONFIG_PATH // configure the compilation path $. /configure // configure the compiling environment and pre-compile $ make // compile $ make install // install 2. install syslog-ng $ tar xvfz syslog-ng_3.3.7.tar.gz // unzip $. /configure // configure the compiling environment, pre-compile $ make // compile $ make install // install # configure syslog-ng to start as a service # enter the contrib directory $ cd contrib # copy the service startup script to init. d directory $ cp init. d. redHat-7.3/etc/init. d/syslog-ng $ chmod 755/etc/init. d/syslog-ng $ chown root: root/etc/init. d/syslog-ng $ chkconfig-add syslog-ng $ chkconfig -- level 345 syslog-ng on $ service syslog-ng start www.2cto.com 3. configure syslog-ng, mainly configure two files // receive syslog messages in UDP mode, and send to the mongodb syslog-ng.conf: 127.0.0.1 is the IP address of mongodb, the default port is 27017, the database is syslog, the table is the messages module. conf: # enable mongodb receiving @ module afmongodb 4. install mongodb # unzip, install, service $ tar zxvf mongodb-linux-x86_64-2.0.8.tgz $ mv mongodb-linux-x86_64-2.0.8/usr/local/mongodb $ mkdir/data/db $ mkdir/data/logs $ cp mongodb.txt/etc/init. d/mongodb $ chmod 755/etc/init. d/mongodb $ chown root: root/etc/init. d/mongodb $ chkconfig-add mongodb $ chkconfig -- level 345 mongodb on $ service mongodb start # create an index $ cd/usr/local/mongodb/bin $. /mongo $ show dbs $ use syslog $ db. messages. find () $ db. messages. ensureIndex ({"DATE":-1, "HOST":-1, "SOURCEIP":-1, "PRIORITY":-1, "FACILITY":-1 })