Linux Log Server Setup

1. Introduction to log Server

The main purpose of the log server is to collect various hosts, servers, and switches in the network environment. A log of devices such as routers. For a large company, the network environment of the server, host and other devices will be scattered everywhere, and in order to maintain a good network, the administrator must promptly understand what equipment out of what kind of problem, and timely resolution, to ensure the overall operation of the network, Then the log server provides administrators with a management platform that collects log information that administrators need to know and makes it easy for administrators to manage various devices in a Web page manner.

2. Experimental environment:

1), operating system: centos-6.5-i386

2), Required packages:

Yum--disablerepo=\*--enablerepo=c6-media install httpd mysql mysql-server php php-mysql php-gd php-xml rsyslog rsyslog-m Ysql-y

3), the required source package: loganalyzer-3.6.5.tar.gz

3. Test topology

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/6F/FC/wKioL1WvPz2AkfqBAAFPcnK3dqo467.jpg "title=" 1.png " alt= "Wkiol1wvpz2akfqbaafpcnk3dqo467.jpg"/>

4. The case is implemented as follows:

Installing the server environment

[Email protected] ~]# yum--disablerepo=\*--enablerepo=c6-media install rsyslog httpd mysql mysql-serverphp php-mysql ph P-xml PHP-GD Rsyslog-mysql–y

Start httpd and the MySQL service, and add boot from

[[Email protected] ~] #netstat-tupln |grep httpd TCP 0 0::: +:::* LISTEN 1384/httpd[[email protected] ~] #chkconfig httpd on

[[Email protected] ~] #netstat-tupln |grep mysqldtcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1586/mysqld[[email protected] ~] #chkconfig mysqld on

to be MySQL Add authentication (default password is empty)

[[Email protected] ~] #mysqladmin-u root-p password ' 123 ' Enter password:

Import Rsyslog the default database

[[Email protected] ~] #mysql-u root-p </usr/share/doc/rsyslog-mysql-5.8.10/createdb.sql

View the imported databases and tables

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/6F/FF/wKiom1WvPb3CkUynAADwvW1_jYA223.jpg "title=" 2.png " alt= "Wkiom1wvpb3ckuynaadwvw1_jya223.jpg"/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/6F/FC/wKioL1WvP7DRgTcPAAHkgxldX7c353.jpg "title=" 3.png " alt= "Wkiol1wvp7drgtcpaahkgxldx7c353.jpg"/>

to be Syslog table creation Administrative user

Mysql> Grantall privileges on syslog.* to [e-mail protected] identified by ' 123456 '; Query OK, 0 rowsaffected (0.01 sec)

write a simple PHP web page to test whether the lamp environment is built successfully

[[email protected] HTML] #cat/var/www/html/index.php <?php$link=mysql_connect (' 127.0.0.1 ', ' root ', ' 123 '); Link) echo "Connection is successed", Elseecho "Connection is failed";? >

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/6F/FC/wKioL1WvP9ygxFcPAAE_eS3v41g077.jpg "title=" 4.png " alt= "Wkiol1wvp9ygxfcpaae_es3v41g077.jpg"/>

Unzip loganalyzer-3.6.5.tar.gz

[[Email protected] ~] #tar –ZXVF loganalyzer-3.6.5.tar.gz

Enter Loganalyzer folder, do the following :

[[Email protected]]# mv src//var/www/html/logserver

[Email protected]]# CP contrib/configure.sh/var/www/html/logserver/

Give configure.sh Add Execute Permissions

[Email protected]]# chmod a+x configure.sh [email protected]]# ll Con*-rwxr-xr-x. 1 Rootroot 04:56 configure.sh

Execution configure.sh

[Email protected]]#./configure.sh

Open from browser, start install log server

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/6F/FC/wKioL1WvQDOgoaVXAAGCroTC4VM379.jpg "title=" 5.png " alt= "Wkiol1wvqdogoavxaagcrotc4vm379.jpg"/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/6F/FF/wKiom1WvPmyxW-G2AAKmbFpCB5s614.jpg "title=" 6.png " alt= "Wkiom1wvpmyxw-g2aakmbfpcb5s614.jpg"/>

View the database tables created

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/6F/FC/wKioL1WvQGLTTtIaAAHUFXR5xQI019.jpg "title=" 7.png " alt= "Wkiol1wvqgltttiaaahufxr5xqi019.jpg"/>

Generate 11 tables to indicate that the creation process is correct

Create Log Background Administrator account

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/6F/FF/wKiom1WvPo2C13VLAACaUGOazzs585.jpg "title=" 8.png " alt= "Wkiom1wvpo2c13vlaacaugoazzs585.jpg"/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/6F/FF/wKiom1WvPpiCW-1XAAGrTg_gUSc879.jpg "title=" 9.png " alt= "Wkiom1wvppicw-1xaagrtg_gusc879.jpg"/>

Create complete and use background Account Admin Login

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/6F/FC/wKioL1WvQJbgCtGuAAMe1FQXMvU680.jpg "title=" 10.png "alt=" Wkiol1wvqjbgctguaame1fqxmvu680.jpg "/>

Edit the/etc/rsyslog.conf file to open the calling module and port for TCP and UDP

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/6F/FC/wKioL1WvQKWxrs4VAAD64mO9h2M095.jpg "title=" 11.png "alt=" Wkiol1wvqkwxrs4vaad64mo9h2m095.jpg "/>

Add read log source and log level (note the order with other log levels)

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/6F/FC/wKioL1WvQMrhn0ALAAB-6QLhXoo336.jpg "title=" 12.png "alt=" Wkiol1wvqmrhn0alaab-6qlhxoo336.jpg "/>

Restart the Rsyslog service and check the log for any error messages

[[Email protected] logserver]# service rsyslog restartshutting down system  logger:                                [  ok   ]Starting system logger:                                      [  OK  ][[email protected]  logserver]# tail /var/log/messages jul 21 04:23:08 fcy yum[1242]:  Installed:php-5.3.3-26.el6.i686jul 21 04:23:09 fcy yum[1242]: installed: Php-gd-5.3.3-26.el6.i686jul 21 04:23:16 fcy yum[1242]: installed: mysql-server-5.1.71-1.el6.i686jul 21 04:23:17 fcy YUM[1242]: INSTALLED:PHP-XML-5.3.3-26.EL6.I686JUL 21 04:23:17 FCY YUM[1242]:  installed:php-mysql-5.3.3-26.el6.i686jul 21 04:23:17 fcy yum[1242]: installed:  rsyslog-mysql-5.8.10-8.el6.i686jul 21 05:24:50 fcy kernel: kernel logging   (proc) stopped. Jul 21 05:24:50 fcy rsyslogd: [originsoftware= "Rsyslogd"  swVersion= "5.8.10" x-pid = "883"  x-info= "http://www.rsyslog.com"] exiting onsignal 15.jul 21 05:24:50  fcy kernel: imklog 5.8.10, log source =/proc/kmsg started. Jul 21 05:24:50 fcy rsyslogd: [originsoftware= "Rsyslogd"  swVersion= "5.8.10" x-pid = "7053"  x-info= "http://www.rsyslog.com"] start

Go to test host node1 and send all levels of logs to the log server with address 192.168.47.100

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/6F/FF/wKiom1WvPyGDp3mIAAEeUGfDIv8180.jpg "title=" 13.png "alt=" Wkiom1wvpygdp3miaaeeugfdiv8180.jpg "/>

Restart Rsyslog Service

[[Email protected] ~]# service Rsyslog restartshutting down system logger: [OK]starting System logger: [OK]

Go to the Log Server Administration page to view log information

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/70/01/wKiom1WvSUugrEKnAAG5rqJCcoA400.jpg "title=" 14.png "alt=" wkiom1wvsuugreknaag5rqjccoa400.jpg "/>

5. Summary

Log server is a very useful server, here is just a simple example.

This article is from the "but evil Water Heart Pan" blog, please be sure to keep this source http://shmilyfl.blog.51cto.com/8897986/1677128

Linux Log Server Setup