Rsyslog日誌服務器部署-LogAnalyzer+MySQL
搭建lnmp見
http://liang-yao.cnblogs.com/p/8448362.html
yum install -y rsyslog-mysql
導入數據庫
mysql -u root -p < /usr/share/doc/rsyslog-7.4.7/mysql-createDB.sql
可以通過 rpm -ql rsyslog-mysql | grep createDB查詢位置
/usr/share/doc/rsyslog-7.4.7/mysql-createDB.sql
創建用戶並授予權限
grant all on Syslog.* to rsyslogs@localhost identified by ‘123456‘;
刷新權限
flush privileges;
vim /etc/rsyslog.conf
#### MODULES ####
$ModLoad ommysql
*.*:ommysql:localhost,Syslog,rsyslogs,123456
Syslog為數據庫名,rsyslogs為數據庫的用戶,123456為該用戶密碼
$ModLoad immark #immark是模塊名,支持日誌標記
$ModLoad imtcp #支持TCP協議
$InputTCPServerRun 514 #打開514端口以接收日誌
systemctl restart rsyslog
log-client配置
vim /etc/rsyslog.conf
*.* @@192.168.200.101:514
systemctl restart rsyslog
在log-server上查看日誌
cat /var/log/messages
02為log-client主機名(主機名不要相同)
安裝loganalyzer
wget http://download.adiscon.com/loganalyzer/loganalyzer-4.1.5.tar.gz
tar xzvf loganalyzer-4.1.5.tar.gz
cd loganalyzer-4.1.5/src/
mkdir /usr/share/nginx/html/loganalyzer
mv * /usr/share/nginx/html/loganalyzer
chown -R nginx:nginx /usr/share/nginx/html/loganalyzer/*
訪問http://192.168.200.101/loganalyzer/
touch /usr/share/nginx/html/loganalyzer/config.php
chmod 666 /usr/share/nginx/html/loganalyzer/config.php
Rsyslog日誌服務器部署-LogAnalyzer+MySQL