Rsyslog+analyzer+mysql Implementing Log Collection Display

Why->what->where->when->who->how

1. Why log Collection? Why do you use the Rsyslog?

Logs are fundamental to the health analysis of systems and applications, and some logs have special functions, such as MySQL's binary logs and transaction logs. Therefore, to log collection, in order to avoid duplication of the implementation of the log system, so in the Linux distribution has provided the System log collection-RSYSLOGD

2. What is Rsyslog?

Rsyslog, formerly known as Syslog, is a log collector for application log collection and kernel log collection.

Rsyslog compared to syslog improvements:

(1) Support for collecting logs for remote host, working in multi-thread, listening to 514 ports in TCP/UDP

(2) Powerful filter to filter any part of log information

(3) The transfer process supports SSL encryption

(4) Support to store logs in a relational database such as Mysql,pgsql

3. Where will the Rsyslog be used?

Logs can be logged by Rsyslog when the application does not implement a log collection system.

When a log on a network device needs to be centrally managed, it is collected uniformly through the Rsyslog server.

4. When will the Rsyslog be used?

For an application to start running it requires logging, if it does not have the ability to implement logging, you can use the Rsyslog

At the time of the centralized collection of logs

5. How do I use Rsyslog?

Rsyslog uses the concepts involved:

facility: Can be understood as a facility for classifying logs on a function or program

The logs generated by multiple programs can be set to a facility, which is collected by Rsyslog Unified from facility to these logs

Facility are: AUTH,AUTHPRVI,CRON,MAIL,KERN,MARK,USER,UUCP

LOCAL0-LOCAL7 (user-defined use)

Priority: Precedence of log information

Priority list of logs: Debug,info,warn,notice,error,alert,emerg

The Rsyslog package system is automatically installed and automatically run as a daemon, and its master profile is/etc/rsyslog.conf

The configuration file consists of three segments:

# # #MODULES # #

which modules to load

# # #GLOBAL directory###

# # #RULES # #

Define Log Collection rules

Facility:priority Target

Target can be: file (/var/log)

@host (log server)

: Mysql:ip,db,user,pass

Rsyslog+mysql+loganalyzer implement log Display collection?

1. Get ready for MySQL

Yum-y Install Mysql-server

2. Configure Rsyslog

(1) Install Rsyslog-mysql//rsyslog connected to MySQL module

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/7E/A1/wKioL1cGBL6BwLAlAAAdvikc4Oc477.png "title=" 8lts6@2@@ ' V~v_kwcu3i]jc.png "alt=" Wkiol1cgbl6bwlalaaadvikc4oc477.png "/>

(2) rsyslog.conf # # #MODULE # # #段中:

$ModLoad Ommysql

# # #RULE # # #段中

Facility:priority:ommysql:localhost:Syslog:username:password

(3) Restart Rsyslog service

(4) Initialize the record database, install rsyslog-mysql generate a SQL file, import into MySQL, and do the authorization

MYSQL-UUSERNAME-HLOCALHOST-PPASSWD </usr/share/doc/rsyslog-mysql-5.3.10-creatdb.sql

3. Installing Loganalyzer

Loganalyzer is a PHP application, so you need to prepare the running environment first

(1) Installing Apache

(2) Installing PHP

(3) test whether PHP can connect to MySQL properly

<?php

$conn =mysql_connect (' localhost ', ' user ', ' pass ');

If $conn echo "ok!";

else echo "fail!";

Mysql_close ()

?>

(4) Unzip the Loganlyzer to the document directory

Tar XF loganalyzer-3.6.4.tar.gz-c/var/www/html/

Cd/var/www/html

LN-SV loganalyzer-3.6.4 Log

CD Log

MV contrib/* SRC

After moving the two scripts, other files are not available except the SRC directory and can be removed

CD src

chmod 777./*.sh

./configure.sh//Generate config.php file

./secure.sh

Access http://localhost/log/src/install.php in the browser to install

This article is from the "Zxcvbnm Xuan ye" blog, please be sure to keep this source http://10764546.blog.51cto.com/10754546/1761312

Rsyslog+analyzer+mysql Implementing Log Collection Display