The Syslog+loganalyzer of Linux

Log, it is well-known that the log is to record some historical events, in a sense, our primary school is written diary is also a log. However, there are also logs for computers. The computer's logging is also a historical event, except that it records events that occur on a time series basis.

Log content: Event occurrence, event content

On the computer log or log level, according to the criticality of the event is divided into debug,info,notice,warn, Warning,err, error,crit,alert, Emerg, Panic

First, CentOS6 System log Introduction

Syslog Features: multithreading, transferring files based on TCP,SSL,TLS

Support MYSQL,pgsql,Oracle and other relational databases

Powerful packet filter to implement any part of the filtering system information

Custom output formats

Applies to enterprise-level logging requirements

Facility: Classify logs from a feature or program, and have a dedicated tool to record their logs

Wildcard characters can be used when specifying a facility:

* All

F1,f2,f3 .... List

！ Take counter

Second, System log related configuration

Rsyslog master configuration file:/etc/rsyslog.conf, which defines the format

facility.priority Target

Mail.info /var/log/maillog

# All levels higher than the specified level, including the specified level itself;

Mail.=info /var/log/maillog

# Specify the level explicitly;

mail.! Info *

# In addition to specifying levels

*.info | COMMAND

# Info level for all facility

Mail.*:

# All levels of mail

Mail,news.info:

# info of mail and above level news and above

Target:

File path: For example /var/log/messages

User : *

Log server:@SERVER_IP

Pipeline:| COMMAND

Log Information Format:

Time Host process (PID): Event

Third, enabling the Logging Server feature

To enable logging Server functionality:

vim/etc/syslog.conf# provides UDP syslog reception$modload imudp$udpserverrun 514 # provides TCP syslog reception$modload Imtcp$inputtcpserverrun 514

Four, storing system logs in a mysql database

First we need to start the Log server feature

Rsyslog supports storing logs on MySQL server:

1) Install and configure mysql database service;

2) Install rsyslog-mysql package;

3) Create a rsyslog dependent database:

# MySQL </usr/share/doc/rsyslog-5.8.10/createdb.sql

4) Configure rsyslog Enable module

In # # # Modules ##### Enable module:

$ModLoad Ommysql

define the logging information in the database in # # # #rules # # # # #

Facility.priority:ommysql:server_ip,database,username,password

5) Create a database

Mysql

Grant all on database.* to [email protected] host idenitified by 'PASSWORD'

Flush privileges;

Five, displaying log information through WebGUI

First we need to prepare the installation environment.

Yum-y Install httpd php mysql-devel rsyslog rsyslog-mysql php-mysql php-gd

Then the operation is to do the log server, the log to the MySQL database to save the same steps

Then we need to install Loganalyzer

Note:loganalyzer is a Web front-end tool for syslog and other network event data , providing easy-to-use log browsing, Search and basic analysis as well as chart display.

Tar XF LOGANALYZER-3.6.5.TAR.GZMKDIR/VAR/WWW/HTML/LOGANALYZERCP loganalyzer-3.6.5/src/*/var/www/html/loganalyzer/ CP loganalyzer-3.6.5/contrib/*/var/www/html/loganalyzer/cd/var/www/html/loganalyzer/chmod +x configure.sh Secure.sh./configure.sh./secure.shchmod 666 config.phpchown-r apache.apache./*

Then start the service rsyslog restart Restart Log Services

Enter the URL in the browser to enter the installation Wizard

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/46/D2/wKiom1P0yXbjpqPDAABy_Q7UK04132.jpg "title=" Picture 1.png "alt=" Wkiom1p0yxbjpqpdaaby_q7uk04132.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/46/D2/wKiom1P0yZnAk7JzAAGSCJKArQc634.jpg "title=" Picture 2.png "alt=" Wkiom1p0yznak7jzaagscjkarqc634.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/46/D4/wKioL1P0ytGCffziAAHWolGF6lU800.jpg "title=" Picture 3.png "alt=" Wkiol1p0ytgcffziaahwolgf6lu800.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/46/D4/wKioL1P0y4bgTtP8AAK9wZZZuuw035.jpg "title=" Picture 4.png "alt=" Wkiol1p0y4bgttp8aak9wzzzuuw035.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/46/D3/wKiom1P0youQdi-rAALBXWCA0s0137.jpg "title=" Picture 5.png "alt=" Wkiom1p0youqdi-raalbxwca0s0137.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/46/D3/wKiom1P0yt_QQHChAAkOY4J9ui8449.jpg "title=" Picture 6.png "alt=" Wkiom1p0yt_qqhchaakoy4j9ui8449.jpg "/>