centos 7 配置 loganalyzer
0. 準備工作
操作系統:Centos 7.x
loganalyzer 服務端:192.168.10.74
loganalyzer 客戶端:192.168.10.71
systemctl stop firewalld.service
systemctl disable firewalld.service
setenforce 0
sed -i ‘/SELINUX/s/enforcing/disabled/‘ /etc/selinux/config
1. 安裝lamp環境並測試
yum -y install httpd php php-gd php-mcrypt php-mysql mariadb-devel mariadb-server
systemctl start httpd.service
systemctl enable httpd.service
#創建測試頁面
echo -e "<?php\nphpinfo();\n?>" >/var/www/html/index.php
#進瀏覽器輸入http://192.168.10.74
#如果不能顯示測試頁面,請返回重新檢查以前步驟
#如果能顯示測試頁面,刪除index.php繼續向下走
rm -f /var/www/html/index.php
2. 數據庫的安全初始化
systemctl start mariadb.service
systemctl enable mariadb.service
mysql_secure_installation
#Enter current password for root (enter for none):
#Change the root password? [Y/n]
#以下2步是讓你輸入密碼,其它地方回車就可以了
#New password:
#Re-enter new password:
#Remove anonymous users? [Y/n]
#Disallow root login remotely? [Y/n]
#Remove test database and access to it? [Y/n]
#Reload privilege tables now? [Y/n]
3. 創建數據庫用戶並授權
yum -y install rsyslog-mysql
mysql -uroot -p < /usr/share/doc/rsyslog-7.4.7/mysql-createDB.sql
mysql -uroot -p
grant all on Syslog.* to [email protected] identified by ‘rsyslogpwd‘;
grant all on Syslog.* to [email protected] identified by ‘rsyslogpwd‘;
flush privileges;
quit
4. 服務端配置
vi /etc/rsyslog.conf
#去掉註釋
$ModLoad immark # immark是模塊名,支持日誌標記
$ModLoad imudp # imupd是模塊名,支持udp協議
$UDPServerRun 514 #允許514端口接收使用UDP和TCP協議轉發過來的日誌
#添加以下信息
$ModLoad ommysql
*.* :ommysql:localhost,Syslog,rsysloguser,rsyslogpwd
#重啟服務
systemctl restart rsyslog.service
6. 客戶端配置
vi /etc/rsyslog.conf
#在文件結尾處增加此內容
*.* @192.168.10.74:514
#重啟服務
systemctl restart rsyslog.service
7. loganalyzer準備工作
wget http://download.adiscon.com/loganalyzer/loganalyzer-4.1.5.tar.gz
tar xf loganalyzer-4.1.5.tar.gz
cp -a loganalyzer-4.1.5/src/ /var/www/html/log
cp -a loganalyzer-4.1.5/contrib/*.sh /var/www/html/log/
cd /var/www/html/log
chmod +x configure.sh secure.sh
./configure.sh
./secure.sh
chmod 666 config.php
chown -R apache.apache *
8. 進瀏覽器輸入http://192.168.10.74/log/ 進行安裝
在客戶端安裝一個程序包測試一下吧!!!!!!
我的天“涯”,貌似,可能,好像,也許,大概是成功了……
centos 7 配置 loganalyzer