標籤:windows 伺服器 應用程式 資料庫 規劃圖
一、LogAnalyzer介紹
LogAnalyzer工具提供了一個便於使用,功能強大的前端,用於搜尋,查看和分析網路活動資料,包括系統日誌,事件記錄和其他許多日誌源。由於它只是將資料展示到我們使用者的面前,所以資料本身需要由另一個程式收集,比如syslogd,rsyslog(現在是發行版的預設的syslogd),WinSyslog或MonitorWare代理。LogAnalyzer同樣適用於Linux和Windows。它主要是用PHP編寫的自由軟體,基於GPL的開源應用程式。資料可以從資料庫,也可以從純文字檔案而獲得。
本案例規劃圖:
650) this.width=650;" src="http://images2015.cnblogs.com/blog/790056/201605/790056-20160510191501530-2031567118.jpg" style="border:0px;" />
二、在rsyslog伺服器上部署 LAMP環境。
1.安裝httpd
[[email protected] ~]# yum install httpd -y[[email protected] ~]# systemctl start httpd[[email protected] ~]# systemctl enable httpd
2.安裝mysql
[[email protected] ~]# yum install mysql mysql-server -y[[email protected] ~]# systemctl start mariadb[[email protected] ~]# systemctl enable mariadbCreated symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.[[email protected] ~]# mysqladmin -u root password ‘rsyslog.ppp‘
測試下登陸,無問題後,安裝php
3.安裝php
[[email protected] ~]# yum install php php-mysql php-gd -y[[email protected] ~]# cat /var/www/html/test.php <?phpphpinfo();?>
開啟用戶端瀏覽器,進行訪問測試http://192.168.30.67/test.php
4.安裝rsyslog,並加入開機啟動
[[email protected] ~]# wget -O /etc/yum.repos.d/rsyslog.repo http://rpms.adiscon.com/v8-stable/rsyslog.repoc[[email protected] ~]# yum install rsyslog-* --skip-broken -y[[email protected] ~]# systemctl enable rsyslog
5.rsyslog建庫指令碼,路徑在/usr/share/doc/rsyslog-mysql-8.18.0/createDB.sql,現在我們登陸資料庫建立個rsyslogdb庫,並匯入建庫指令碼
[[email protected] ~]# more /usr/share/doc/rsyslog-mysql-8.18.0/createDB.sql CREATE DATABASE rsyslogdb;USE rsyslogdb;[[email protected] ~]# mysql -uroot -p < /usr/share/doc/rsyslog-mysql-8.18.0/createDB.sql Enter password:
登陸測試一下庫建好了沒
650) this.width=650;" src="/img/fz.gif" alt="複製代碼" style="border:0px;" />
[[email protected] ~]# mysql -uroot -p rsyslogdbEnter password: ....MariaDB [rsyslogdb]> show databases;+--------------------+| Database |+--------------------+| information_schema || mysql || performance_schema || rsyslogdb |+--------------------+4 rows in set (0.00 sec)建立使用者並授權MariaDB [rsyslogdb]> GRANT ALL ON rsyslogdb.* TO [email protected] IDENTIFIED BY ‘rsyslog.ppp‘;Query OK, 0 rows affected (0.00 sec)MariaDB [rsyslogdb]> flush privileges;Query OK, 0 rows affected (0.00 sec)MariaDB [rsyslogdb]> exit最後測試下該使用者的登陸[[email protected] ~]# mysql -ursyslogdbadmin -p rsyslogdb
650) this.width=650;" src="/img/fz.gif" alt="複製代碼" style="border:0px;" />
6.修改rsyslog.conf檔案,修改後如下:
650) this.width=650;" src="/img/jia.gif" style="border:0px;" /> View Code
重啟rsyslog 服務,現在登陸mysql 進行驗證。
650) this.width=650;" src="/img/fz.gif" alt="複製代碼" style="border:0px;" />
MariaDB [rsyslogdb]> use rsyslogdbDatabase changedMariaDB [rsyslogdb]> select count(*) from SystemEvents;+----------+| count(*) |+----------+| 44 |+----------+1 row in set (0.00 sec)MariaDB [rsyslogdb]> select * from SystemEvents where ID=1\G;*************************** 1. row *************************** ID: 1 CustomerID: NULL ReceivedAt: 2016-05-10 15:11:19DeviceReportedTime: 2016-05-10 15:11:19 Facility: 5 Priority: 6 FromHost: rsyslog Message: [origin software="rsyslogd" swVersion="8.18.0" x-pid="3902" x-info="http://www.rsyslog.com"] start NTSeverity: NULL Importance: NULL EventSource: NULL EventUser: NULL EventCategory: NULL EventID: NULL EventBinaryData: NULL MaxAvailable: NULL CurrUsage: NULL MinUsage: NULL MaxUsage: NULL InfoUnitID: 1 SysLogTag: rsyslogd: EventLogType: NULL GenericFileName: NULL SystemID: NULL1 row in set (0.00 sec)ERROR: No query specified
650) this.width=650;" src="/img/fz.gif" alt="複製代碼" style="border:0px;" />
三、部署LogAnalyzer
1.下載
650) this.width=650;" src="/img/fz.gif" alt="複製代碼" style="border:0px;" />
[[email protected] ~]# wget -c http://download.adiscon.com/loganalyzer/loganalyzer-3.6.6.tar.gz解壓[[email protected] ~]# tar zxvf loganalyzer-3.6.6.tar.gz 複製檔案到[[email protected] ~]# cp -r loganalyzer-3.6.6/src/ /var/www/html/loganalyzer[[email protected] ~]# cp -r loganalyzer-3.6.6/contrib/* /var/www/html/loganalyzer/進入到loganalyzer 程式中,將以下指令碼賦予執行許可權[[email protected] ~]# cd /var/www/html/loganalyzer/[[email protected] loganalyzer]# chmod +x configure.sh secure.sh 運行configure.sh,將建立一個空白的config.php設定檔[[email protected]syslog loganalyzer]# ./configure.sh
650) this.width=650;" src="/img/fz.gif" alt="複製代碼" style="border:0px;" />
2.開啟瀏覽器訪問 http://192.168.30.67/loganalyzer 安裝介面,如下,會有一個error,選擇here650) this.width=650;" src="http://images2015.cnblogs.com/blog/790056/201605/790056-20160510180012687-851553154.jpg" style="border:0px;" />
選擇here進行安裝
650) this.width=650;" src="http://images2015.cnblogs.com/blog/790056/201605/790056-20160510180036171-412359808.jpg" style="border:0px;" />
選擇next650) this.width=650;" src="http://images2015.cnblogs.com/blog/790056/201605/790056-20160510180122046-1540203281.jpg" style="border:0px;" />
驗證config檔案,就是我們上一不運行configure.sh 產生的檔案
650) this.width=650;" src="http://images2015.cnblogs.com/blog/790056/201605/790056-20160510180616921-966086604.jpg" style="border:0px;" />
基本配置裡,填寫資料庫連接資訊
650) this.width=650;" src="http://images2015.cnblogs.com/blog/790056/201605/790056-20160510180134234-1667966909.jpg" style="border:0px;" />
建立表,直接選擇next
650) this.width=650;" src="http://images2015.cnblogs.com/blog/790056/201605/790056-20160510180249827-779111975.jpg" style="border:0px;" />
檢查沒有失敗的狀態。繼續下一步
650) this.width=650;" src="http://images2015.cnblogs.com/blog/790056/201605/790056-20160510180514655-510106669.jpg" style="border:0px;" />
建立一個rsyslog的web系統管理使用者,名字叫rsyslog
650) this.width=650;" src="http://images2015.cnblogs.com/blog/790056/201605/790056-20160510181515218-153865777.jpg" style="border:0px;" />
檢查詳細資料
650) this.width=650;" src="http://images2015.cnblogs.com/blog/790056/201605/790056-20160510181555874-1677892938.jpg" style="border:0px;" />
此處,source type 需要修改成mysql native 源,隨後填寫mysql相關資訊,注意(Database Tablename 處我寫填寫錯誤,正確應該是SystemEvents)
650) this.width=650;" src="http://images2015.cnblogs.com/blog/790056/201605/790056-20160510181651343-988891395.jpg" style="border:0px;" />
完成後,下一步就是登陸loganalyzer了。
650) this.width=650;" src="http://images2015.cnblogs.com/blog/790056/201605/790056-20160510181918921-1178509656.jpg" style="border:0px;" />
輸入rsyslog,及設定的密碼。
650) this.width=650;" src="http://images2015.cnblogs.com/blog/790056/201605/790056-20160510181939780-1618777681.jpg" style="border:0px;" />
在這裡,可以看到最後rsyslog server 收集到的日誌,已經展示在首頁了。
650) this.width=650;" src="http://images2015.cnblogs.com/blog/790056/201605/790056-20160510182006109-491882187.jpg" style="border:0px;" />
Linux 之rsyslog+LogAnalyzer 日誌收集系統
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
