Rsyslog+loganalyzer+mysql Deploying a log server

Rsyslog logging in MySQL:

Prerequisite: Prepare mSQL server or MARIADB server;

(1) Install the Rsyslog driver module connected to MySQL server;

# yum Install Rsyslog-mysql

(2) Prepare Rsyslog dedicated user account in MySQL server;

GRANT all on syslog.* to ' rsyslog ' @ ' 127.0.0.1 ' identified by ' rsyslogpass ';

GRANT all on syslog.* to ' rsyslog ' @ ' local ' identified by ' rsyslogpass ';

(3) Generate the required databases and tables;

Mysql-ursyslog-h127.0.0.1-prsyslogpass </usr/share/doc/rsyslog-7.4.7/mysql-createdb.sql

(4) Configuring Rsyslog using Ommysql Module

# # # # MODULES # #

......

$ModLoad Ommysql

(5) Configure the rules to record the expected log information in MySQL;

Facility.priority : Ommysql:dbhost,db,dbuser,dbuserpass

(6) Restart the Rsyslog service;

(7) Loganalyzer

WebGUI, run AMP environment;

(a) Preparing the AMP environment

# yum Install httpd php php-mysql PHP-GD

# Systemctl Start Httpd.service

(b) Installation of Loganalyzer

# Tar XF loganalyzer-version.tar.gz

# CD Loganalyzer-version

# cp-a Src/var/www/html/loganalyzer-version

# cd/var/www/html

# LN-SV Loganalyzer-version Log

# CD Log

# Touch config.php

# chmod 666 config.php

Open Browser, configure;

MySQL Native, Syslog Field

Table Type: "Monitorware"

# chmod 644 config.php

Experiment: Rsyslog+loganalyzer+mysql Deploying the log server

Environment CentOS 7 ip:10.1.23.101

1. Install the Package

# yum Install Rsyslog-mysql-y

2. Start the configuration database

# GRANT all on syslog.* to ' rsyslog ' @ ' 127.0.0.1 ' identified by ' 123 ';

# GRANT all on syslog.* to ' rsyslog ' @ ' local ' identified by ' 123 ';

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/89/33/wKiom1gLZuHw48XIAABmguh-Iew108.png "title=" 1.PNG " alt= "Wkiom1glzuhw48xiaabmguh-iew108.png"/>

3. Generate the required databases and tables

#rpm-QL Ryslog-mysql

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/89/31/wKioL1gLZu-je_scAAATRF3N9rk349.png "title=" 2.PNG " alt= "Wkiol1glzu-je_scaaatrf3n9rk349.png"/>

# Mysql-ursyslog-h127.0.0.1-prsyslogpass </usr/share/doc/rsyslog-7.4.7/mysql-createdb.sql

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/89/31/wKioL1gLZvni0roMAAAcCUQMzx4387.png "title=" 3.PNG " alt= "Wkiol1glzvni0romaaaccuqmzx4387.png"/>

4. Configuring the Rsyslog service and connecting the MARIADB database

(1) Enable the database output module

$ModLoad Ommysql

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/89/33/wKiom1gLZw3yvBA6AABHqciKRsA425.png "title=" 4.PNG " alt= "Wkiom1glzw3yvba6aabhqcikrsa425.png"/>

(2) Configure the Ruels to record the expected log information in MySQL

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/89/31/wKioL1gLZyTSLvSjAAAgLUfbVQ8799.png "title=" 5.PNG " alt= "Wkiol1glzytslvsjaaaglufbvq8799.png"/>

(3) Restart Rsyslog

5. Prepare Loganalyzer

(1) Preparing the AMP environment

# yum Install httpd php php-mysql PHP-GD

# Systemctl Start Httpd.service

(2) Installation Loganalyzer

# Tar XF loganalyzer-version.tar.gz

# CD Loganalyzer-version

# cp-a Src/var/www/html/loganalyzer-version

# cd/var/www/html

# LN-SV Loganalyzer-version Log

# CD Log

# Touch config.php

# chmod 666 config.php

(3) Browser configuration

http://http://10.1.23.101/log/650) this.width=650; "Src=" http://s4.51cto.com/wyfs02/M00/89/33/ Wkiom1glzzebf-geaaafz4iflhq293.png "title=" 6.PNG "alt=" Wkiom1glzzebf-geaaafz4iflhq293.png "/>

Click Next until step 7, configure the following interface

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/89/33/wKiom1gLZ0ThTWRIAAB3yJ0-UAM838.png "title=" 7. PNG "alt=" Wkiom1glz0thtwriaab3yj0-uam838.png "/>

Enter the interface

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/89/33/wKiom1gLZ1jByzbNAAF3cvQEZqA748.png "title=" 8. PNG "alt=" Wkiom1glz1jbyzbnaaf3cvqezqa748.png "/>

This article from "zhang1003995416" blog, declined reprint!

Rsyslog+loganalyzer+mysql Deploying a log server