Install Log Service (rsyslog + mysql + loganalyzer + evtsys) on RHEL6.X

Features provided by the software: 1. rsyslog is a log service of RHEL or CentOS 6. x, replacing the syslog service of the previous system. In this architecture, the rsyslog service is mainly used to collect logs, classify logs, and write them into the database. 2. mysql is a simple database. In this architecture, the main task is to store the collected log information so that it can be displayed to the loganalyzer software. 3. loganalyzer is a log analysis tool, which is relatively simple. In this architecture

Functions provided by the software:

1. rsyslog is a log service of RHEL or CentOS 6. x, replacing the syslog service of the previous system. In this architecture, the rsyslog service is mainly used to collect logs, classify logs, and write them into the database.

2. mysql is a simple database. In this architecture, the main task is to store the collected log information so that it can be displayed to the loganalyzer software.

3. loganalyzer is a log analysis tool, which is relatively simple. In this architecture, data is extracted from the mysql database and displayed visually Based on bars and graphs, providing functions such as filtering, searching, categorization, and statistics.

4. evtsys runs on the windows platform and sends the collected logs to mysql for saving.

Requirements for the entire environment:

In the Framework, rsyslog, mysql, http, and php use the rpm package that comes with the system. loganalyzer is the source package file downloaded from the Internet at http://download.adiscon.com/loganalyzer/loganalyzer-3.6.3.tar.gz.

The entire Log service is built on the LAMP architecture and requires some understanding of LAMP.

Two RHEL6.4 system hosts, one is server and the other is client. Disable selinux before and after fire prevention. In this example, test1 is server and test2 is client.

Procedure:
1. Verify the LAMP architecture on the server first. (The package to be installed should be installed using yum, which will not be listed here)
A. initialize the mysql service, enter the mysql database, and run mysql-u username-D database name-p password to verify whether mysql has any problems;
B. Enable the httpd service, open a browser, enter the local IP address, and verify the httpd service. Find the DirectoryIndex keyword and add index. php. For example, DirectoryIndexindex.htmlindex.phpindex.html. var;
C. Modify the httpd. conf configuration file and add test index. php on the/var/www/html/page. Complete LAMP Testing. The Code is as follows:

Vi/var/www/html/index. php
$ Link = mysql_connect (localhost, root, 123456); # (host name, user name, password)
If (! $ Link) echo "failed! ";
Else echo "successful! ";
Mysql_close ();
?>

Next we will start to build an rsyslog server.
2. rsyslog creation:
A. Install the rsyslog service package first. Note that an rsyslog-mysql rpm package must be installed. This package is a combination of logs and databases and must be installed.
B. Configure the/etc/rsyslog. conf file.

Rsyslog details: Click here
Rsyslog: Click here

Related reading:

RHEL5.4 deployment of central Log server rsyslog + Log Analyzer http://www.linuxidc.com/Linux/2012-01/51853.htm

Deploy the log server http://www.linuxidc.com/Linux/2013-07/86956.htm using Rsyslog + LogAnalyzer + MySQL in CentOS 6.3

RHEL5.4 deployment of central log server rsyslog + loganalyzer http://www.linuxidc.com/Linux/2010-12/30801.htm

Log Server http://www.linuxidc.com/Linux/2012-09/70717.htm using rsyslog mysql and logAnalyzer

Deploy the log server http://www.linuxidc.com/Linux/2013-07/86956.htm using Rsyslog + LogAnalyzer + MySQL in CentOS 6.3

For more information about RedHat, see RedHat topic page http://www.linuxidc.com/topicnews.aspx? Tid = 10