详解rsyslog+loganalyzer+evtsys搭建集中式监控系统2013-11-19一、服务端的安装YUM源新建,如果有的话,可以省略
# cat >> /etc/yum.repos.d/sohu.repo <<EOF [sohu] name=sohu"s mirrors baseurl=http://mirrors.sohu.com/centos/5/os/x86_64/ enabled=1 gpgcheck=0 EOF
安装LAMP环境及rsyslog,如果有LAMP,只需要安装rsyslog rsyslog-mysql即可yum install rsyslog rsyslog-mysql mysql mysql-devel mysql-server php php-mysql php-pdo php-common php-gd httpd导入rsyslog数据库mysql -u root -p < $(rpm -ql rsyslog-mysql | grep sql$)创建数据库用户
mysql -u root -p mysql> grant all privileges on Syslog.* to logger@localhost identified by "logger"; mysql> flush privileges; mysql> exit;
修改rsyslog的配置文件
# vi /etc/rsyslog.conf //修改一下即可 # Use traditional timestamp format $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat# Provides kernel logging support (previously done by rklogd) # Provides support for local system logging (e.g. via logger command) $ModLoad immark $ModLoad imuxsock $ModLoad imklog$ModLoad ommysql *.* :ommysql:127.0.0.1,Syslog,logger,logger$ModLoad imudp.so $UDPServerRun 514# Log all kernel messages to the console. # Logging much else clutters up the screen. #kern.* /dev/console # Log anything (except mail) of level info or higher. # Don"t log private authentication messages! *.info;mail.none;authpriv.none;cron.none/var/log/messages # The authpriv file has restricted access. authpriv.*/var/log/secure # Log all the mail messages in one place. mail.*-/var/log/maillog # Log cron stuff cron.*/var/log/cron# Everybody gets emergency messages *.emerg * # Save news errors of level crit and higher in a special file. uucp,news.crit/var/log/spooler# Save boot messages also to boot.log local7.*/var/log/boot.log
红色部分是添加的,其它的对比一下,有的就略过,没的就添加一下吧。安装LogAnalyzer
# wget http://download.adiscon.com/loganalyzer/loganalyzer-3.6.3.tar.gz # tar xf loganalyzer-3.6.3.tar.gz # mkdir /var/www/html/loganalyzer # mv loganalyzer-3.6.3/src/* /var/www/html/loganalyze # touch /var/www/html/loganalyzer/config.php # chmod 666 /var/www/html/loganalyzer/config.php
通过浏览器安装即可
易网时代-编程资源站