Experimental Summary:
This experiment hosts the system as CentOS 6.9 by default.
HOST1 host as Remote log client Installation: Rsyslog (default installation), Rsyslog-mysql
Host2 host as Log server installation: MySQL (default installation, can also install MARIADB 5 version)
HOST3 Host graphical Management installation:httpd php php-mysql php-gd loganalyzer
Rsyslog logging in MySQL
1, host1 installation Rsyslog-mysql
Yum install rsyslog-mysql-yrpm-ql rsyslog-mysql #查看生成的文件/lib64/rsyslog/ommysql.so #日志文件转数据库文件模块, log configuration files are used/usr/shar E/doc/rsyslog-mysql-5.8.10/usr/share/doc/rsyslog-mysql-5.8.10/createdb.sql #生成数据库脚本scp/usr/share/doc/ Rsyslog-mysql-5.8.10/createdb.sql Host2 #将数据库脚本发送给日志服务器
2. Host2 Database Configuration
Mysql_secure_installation #安全初始化mysql-uusername-hhost-ppassword < Createdb.sql #执行创建数据库脚本, a syslog database is generated mysql> GRANT all on syslog.* to ' USER ' @ ' HOST ' identified by ' PASSWORD '; #创建用户并授权例: GRANT all on syslog.* to ' loguser ' @ ' 172.18.%.% ' identified by ' magedu ';
3. host1 Modify Log configuration file rsyslog.conf
Vim/etc/rsyslog.conf$modload ommysql #新增加, enabling module file Facility.priority:ommysql:dbhost,dbname,dbuser, PASSWORD # Send the logs you want to log to the database server, as in the following example *.info:ommysql:172.18.22.77,syslog,loguser, Mageduservice rsyslog restart #重启服务
Second, through the Loganalyzer display the log in the database
1, host3 installation httpd php php-mysql PHP-GD
Yum install httpd php php-mysql php-gd-y
2. Test Database Connectivity
Close the Host2, Host3 Firewall, and selinuxvim /var/www/html/index.php #编辑测试文件if (Mysqli_connect_errno ()) {echo "Connection database failed!"; $mysqli =null;exit;} echo "Connection database succeeded!"; $mysqli->close ();p hpinfo (); ?>service httpd start visit ip
650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M00/08/7C/wKiom1njDiSAgL1eAAC-cqzSinI825.png "title=" 1.png "alt=" wkiom1njdisagl1eaac-cqzsini825.png "/> Connection succeeded.
3, Configuration Loganalyzer
#访问改地址进行配置
Click Next in the first few steps to proceed directly to step 7, which requires your own hand-filled configuration
650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M00/A7/31/wKioL1njDj2jk9d0AADkGx5fZhQ699.png "title=" 2.png "alt=" Wkiol1njdj2jk9d0aadkgx5fzhq699.png "/>
Finally click Finish to access the admin page.
4. Security strengthening
Cd/var/www/html/loganalyzerchmod 644 config.php
This article is from the Linux OPS blog, so be sure to keep this source http://arm2012.blog.51cto.com/2418467/1972488
Implementing Rsyslog logs based on MySQL management