搭建rsyslog日志数据库
#环境:2台机器,一台日志服务器(37.7),一台数据库服务器(37.17)
#日志服务器
[root@Centos7 ~]#yum install rsyslog-mysql
[root@Centos7 ~]#vim /etc/rsyslog.conf
$ModLoad ommysql
*.info;mail.none;authpriv.none;cron.* :ommysql:192.168.37.17,Syslog,loguser,centos
[root@Centos7 ~]#systemctl restart rsyslog
[root@Centos7 ~]#scp /usr/share/doc/rsyslog-8.24.0/mysql-createDB.sql 192.168.37.17:/root
#数据库服务器
[root@Centos7 ~]$ yum install mariadb-server
[root@Centos7 ~]$ systemctl start mariadb
[root@Centos7 ~]$ mysql < /root/mysql-createDB.sql
[root@Centos7 ~]# mysql -e "grant all on Syslog.* to loguser@'192.168.37.%' identified by 'centos'"
[root@Centos7 ~]# mysql -e "flush privileges"
MariaDB [Syslog]> show tables;
+------------------------+
| Tables_in_Syslog |
+------------------------+
| SystemEvents |
| SystemEventsProperties |
+------------------------+
2 rows in set (0.00 sec)
MariaDB [Syslog]> select * from SystemEvents\G;
实现日志web展示通过loganalyzer展示数据库中的日志
#3台机器,一台日志服务器(37.7),一台数据库服务器(37.17),一台http+php-fpm
#前2台机器按上一个实验已配置好
#http+php-fpm
[root@localhost ~]# yum install httpd php-fpm php-mysql php-gd
[root@localhost ~]# wget http://download.adiscon.com/loganalyzer/loganalyzer-4.1.10.tar.gz
[root@localhost ~]# tar xf loganalyzer-4.1.10.tar.gz -C /var/www/html
[root@localhost ~]# cd /var/www/html
[root@localhost html]# cp -r loganalyzer-4.1.10/src/ logs
[root@localhost html]# touch logs/config.php
[root@localhost html]# chmod 666 logs/config.php
[root@localhost html]# vim /etc/httpd/conf/httpd.conf
#Options Indexes FollowSymLinks
DirectoryIndex index.php index.html
ProxyPassMatch ^/(.*\.php)$ "fcgi://127.0.0.1:9000/var/www/html"
[root@localhost html]# setfacl -Rm u:apache:rwx logs/
[root@localhost html]# systemctl restart httpd php-fpm
#客户端安装
http://192.168.37.27/logs/install.php
image.png
image.png
image.png
image.png
image.png
网友评论