2,187
edits
(→Syslog to MySQL Database: draft) |
|||
(7 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
{{Depreciated|category=Ubuntu}} | |||
== Initial Setup == | == Initial Setup == | ||
Much of this section is ''borrowed'' from http://www.howtoforge.com/perfect-server-ubuntu8.04-lts and http://www.howtoforge.com/how-to-install-ubuntu8.04-with-software-raid1, they are well worth a read! | Much of this section is ''borrowed'' from http://www.howtoforge.com/perfect-server-ubuntu8.04-lts and http://www.howtoforge.com/how-to-install-ubuntu8.04-with-software-raid1, they are well worth a read! | ||
Line 161: | Line 163: | ||
#* <code> server 2.europe.pool.ntp.org </code> | #* <code> server 2.europe.pool.ntp.org </code> | ||
#* <code> server 3.europe.pool.ntp.org </code> | #* <code> server 3.europe.pool.ntp.org </code> | ||
# Restart the NTP service | # Restart the NTP service | ||
#* <code> service ntp restart </code> | #* <code> service ntp restart </code> | ||
Line 231: | Line 232: | ||
== Packages == | == Packages == | ||
=== Commands === | === Commands === | ||
{| | {|class="vwikitable" | ||
|- | |- | ||
! Command !! Purpose | ! Command !! Purpose | ||
|- | |- | ||
Line 261: | Line 262: | ||
Changes are applied immediately. Once you've added your first rule there's an implied deny all. | Changes are applied immediately. Once you've added your first rule there's an implied deny all. | ||
{| | {|class="vwikitable" | ||
|- | |- | ||
! Command !! Purpose | ! Command !! Purpose | ||
|- | |- | ||
Line 447: | Line 448: | ||
# Get the module's package name (eg for Net::XWhois) | # Get the module's package name (eg for Net::XWhois) | ||
# * <code> sudo apt-cache search perl net::xwhois </code> | #* <code> sudo apt-cache search perl net::xwhois </code> | ||
# Then install the package | # Then install the package | ||
# * <code> sudo apt-get install libnet-xwhois-perl </code> | #* <code> sudo apt-get install libnet-xwhois-perl </code> | ||
=== Check Module(s) Installed === | |||
To check for a specific module use (checking for <code>Net::XWhois</code>) | |||
perl -MNet::XWhois -e "print \"Module installed.\\n\";" | |||
To list all installed modules | |||
perl -MFile::Find=find -MFile::Spec::Functions -Tlwe \ | |||
'find { wanted => sub { print canonpath $_ if /\.pm\z/ }, no_chdir => 1 }, @INC' | |||
Source: http://www.linuxquestions.org/questions/linux-general-1/how-to-list-all-installed-perl-modules-216603/ | |||
== Python == | == Python == | ||
Line 527: | Line 538: | ||
== Syslog to MySQL Database == | == Syslog to MySQL Database == | ||
This procedure achieves | This procedure achieves three things... | ||
# Allows remote hosts to use the local server as a syslog destination | # Allows remote hosts to use the local server as a syslog destination | ||
# Directs syslogs to MySQL database on the server | # Directs syslogs to MySQL database on the server | ||
...it is assumed that you already have a local MySQL server running! | # Allows viewing of syslogged events through [http://loganalyzer.adiscon.com/ LogAnalyser] web front end | ||
...it is assumed that you already have a local MySQL and Apache server running! | |||
# Set-up your server to send syslog messages to a MySQL database | # '''Set-up your server to send syslog messages to a MySQL database''' | ||
#* <code> apt-get install rsyslog-mysql </code> | #* <code> apt-get install rsyslog-mysql </code> | ||
#* Enter the root password to your MySQL instance when prompted | #* Enter the root password to your MySQL instance when prompted | ||
# Update the <code> rsyslog </code> config (<code>/etc/rsyslog.conf</code>) to | # '''Update the <code> rsyslog </code> config (<code>/etc/rsyslog.conf</code>) to receive syslog data, and to route messages through a queue''' | ||
## Uncoment the following.. | ## Uncoment the following.. | ||
##* <code>$ModLoad ommysql # load the output driver (use ompgsql for PostgreSQL)</code> | ##* <code>$ModLoad ommysql # load the output driver (use ompgsql for PostgreSQL)</code> | ||
Line 547: | Line 559: | ||
## Restart the service | ## Restart the service | ||
##* <code> service rsyslog restart </code> | ##* <code> service rsyslog restart </code> | ||
# Install | # '''Install LogAnalyser''' | ||
## Download latest build from http://loganalyzer.adiscon.com/downloads | ## Download latest build from http://loganalyzer.adiscon.com/downloads | ||
##* EG <code>wget http://download.adiscon.com/loganalyzer/loganalyzer-3.5.0.tar.gz</code> | ##* EG <code>wget http://download.adiscon.com/loganalyzer/loganalyzer-3.5.0.tar.gz</code> | ||
Line 559: | Line 571: | ||
## Make them both executable, | ## Make them both executable, | ||
##* EG <code> chmod +x /var/www/syslog/*.sh </code> | ##* EG <code> chmod +x /var/www/syslog/*.sh </code> | ||
## Run the config script | ## Run the config script in the directory | ||
##* EG <code> /var/www/syslog/configure.sh </code> | ##* EG <code> /var/www/syslog# ./configure.sh </code> | ||
## Browse to webpage | ## Browse to webpage | ||
##* EG http://your-www-svr/syslog/index.php | ##* EG http://your-www-svr/syslog/index.php | ||
## | ## Ignore the error, and follow the link to install (configure) | ||
## ''' | ## Accept defaults until step 7, where you change the following | ||
##* Name of the Source - ''your name for the local syslog db'' | |||
##* Source Type - MySQL Native | |||
##* Database Name - Syslog | |||
##* Database Tablename - SystemEvents | |||
##* Database User - rsyslog | |||
##* Database Password - rsyslog | |||
## Config completed! | |||
== Troubleshooting == | == Troubleshooting == | ||
Line 605: | Line 624: | ||
To see which packages caused this to be set, inspect the contents of... | To see which packages caused this to be set, inspect the contents of... | ||
/var/run/reboot-required.pkgs | /var/run/reboot-required.pkgs | ||