2,187
edits
(→Syslog to MySQL Database: draft) |
(→Syslog to MySQL Database: Completed) |
||
Line 527: | Line 527: | ||
== Syslog to MySQL Database == | == Syslog to MySQL Database == | ||
This procedure achieves | This procedure achieves three things... | ||
# Allows remote hosts to use the local server as a syslog destination | # Allows remote hosts to use the local server as a syslog destination | ||
# Directs syslogs to MySQL database on the server | # Directs syslogs to MySQL database on the server | ||
...it is assumed that you already have a local MySQL server running! | # Allows viewing of syslogged events through [http://loganalyzer.adiscon.com/ LogAnalyser] web front end | ||
...it is assumed that you already have a local MySQL and Apache server running! | |||
# Set-up your server to send syslog messages to a MySQL database | # '''Set-up your server to send syslog messages to a MySQL database''' | ||
#* <code> apt-get install rsyslog-mysql </code> | #* <code> apt-get install rsyslog-mysql </code> | ||
#* Enter the root password to your MySQL instance when prompted | #* Enter the root password to your MySQL instance when prompted | ||
# Update the <code> rsyslog </code> config (<code>/etc/rsyslog.conf</code>) to | # '''Update the <code> rsyslog </code> config (<code>/etc/rsyslog.conf</code>) to receive syslog data, and to route messages through a queue''' | ||
## Uncoment the following.. | ## Uncoment the following.. | ||
##* <code>$ModLoad ommysql # load the output driver (use ompgsql for PostgreSQL)</code> | ##* <code>$ModLoad ommysql # load the output driver (use ompgsql for PostgreSQL)</code> | ||
Line 547: | Line 548: | ||
## Restart the service | ## Restart the service | ||
##* <code> service rsyslog restart </code> | ##* <code> service rsyslog restart </code> | ||
# Install | # '''Install LogAnalyser''' | ||
## Download latest build from http://loganalyzer.adiscon.com/downloads | ## Download latest build from http://loganalyzer.adiscon.com/downloads | ||
##* EG <code>wget http://download.adiscon.com/loganalyzer/loganalyzer-3.5.0.tar.gz</code> | ##* EG <code>wget http://download.adiscon.com/loganalyzer/loganalyzer-3.5.0.tar.gz</code> | ||
Line 559: | Line 560: | ||
## Make them both executable, | ## Make them both executable, | ||
##* EG <code> chmod +x /var/www/syslog/*.sh </code> | ##* EG <code> chmod +x /var/www/syslog/*.sh </code> | ||
## Run the config script | ## Run the config script in the directory | ||
##* EG <code> /var/www/syslog/configure.sh </code> | ##* EG <code> /var/www/syslog# ./configure.sh </code> | ||
## Browse to webpage | ## Browse to webpage | ||
##* EG http://your-www-svr/syslog/index.php | ##* EG http://your-www-svr/syslog/index.php | ||
## | ## Ignore the error, and follow the link to install (configure) | ||
## ''' | ## Accept defaults until step 7, where you change the following | ||
##* Name of the Source - ''your name for the local syslog db'' | |||
##* Source Type - MySQL Native | |||
##* Database Name - Syslog | |||
##* Database Tablename - SystemEvents | |||
##* Database User - rsyslog | |||
##* Database Password - rsyslog | |||
## Config completed! | |||
== Troubleshooting == | == Troubleshooting == |