文章目录
环境规划
| mariadb rsyslog 服务器 | rsyslog 客户端 | loganalyzer 服务器 |
|---|---|---|
| 192.168.43.7 | 192.168.43.17 | 192.168.43.27 |
| mariadb rsyslog | rsyslog rsyslog-mysql | loganalyzer php httpd php-mysql php-gd |
解决的问题
能够在 192.168.43.27 这台机器上通过 web界面的方式监控 192.168.43.17机器上产生的日志,日志级别为 info以上的级别,日志信息存放在 192.168.43.7 这台机器的数据库中
配置 mariadb rsyslog 服务器
[192.168.43.7]#
yum install mariadb-server rsyslog -y
systemctl start mariadb
mysql -e "grant all on Syslog.* to loguser@'192.168.43.%' identified by 'centos';flush privileges;"
vim /etc/rsyslog.conf
$ModLoad imudp
$UDPServerRun 514
$ModLoad imtcp
$InputTCPServerRun 514
systemctl restart rsyslog
配置 rsyslog 客户端
[192.168.43.17]#
systemctl status rsyslog
yum install rsyslog-mysql mariadb
vim /etc/rsyslog.conf
$ModLoad ommysql
*.info;mail.none;authpriv.none;cron.none :ommysql:192.168.43.7,Syslog,loguser,centos
systemctl restart rsyslog
mysql -uloguser -pcentos -h 192.168.43.7 < /usr/share/doc/rsyslog-8.24.0/mysql-createDB.sql
查看 rsyslog 服务器的数据库日志
[192.168.43.7]#
mysql -e "select * from Syslog.SystemEvents\G"
*************************** 1. row ***************************
ID: 1
CustomerID: NULL
ReceivedAt: 2020-02-03 14:58:21
DeviceReportedTime: 2020-02-03 14:58:21
Facility: 3
Priority: 6
FromHost: Centos7-43-17
Message: Stopping System Logging Service...
NTSeverity: NULL
Importance: NULL
EventSource: NULL
EventUser: NULL
EventCategory: NULL
EventID: NULL
EventBinaryData: NULL
MaxAvailable: NULL
CurrUsage: NULL
MinUsage: NULL
MaxUsage: NULL
InfoUnitID: 1
SysLogTag: systemd:
EventLogType: NULL
GenericFileName: NULL
SystemID: NULL
*************************** 2. row ***************************
...................以下省略..................................
loganalyzer 服务器的配置
[192.168.43.27]#
yum install php php-mysql php-gd -y
systemctl start httpd
cd /var/www/html/
cd /var/www/html/
rz // 上传 loganalyzer-4.1.8.tar.gz
tar xvf loganalyzer-4.1.8.tar.gz
windows 浏览器访问
http://192.168.43.27/loganalyzer-4.1.8/src/
[192.168.43.27]#
cd /var/www/html/loganalyzer-4.1.8/src/
touch config.php
chmod 666 config.php
[192.168.43.27]#
chmod 644 /var/www/html/loganalyzer-4.1.8/src/config.php
