yum install -y rsyslog-mysql
scp /usr/share/doc/rsyslog/mysql-createDB.sql 192.168.31.48:/root/
yum install -y mariadb-server
systemctl enable --now mariadb
mysql < mysql-createDB.sql mysql -e "show databases;"
mysql -e "create user rsyslog@'192.168.31.%' identified by 'Pana#123';" mysql -e "grant all on Syslog.* to rsyslog@'192.168.31.%';" mysql -e "select user,host from mysql.user;"
在#### MODULES ####中加入
module(load="ommysql")
在#### RULES ####中加入
*.info;mail.none;authpriv.none;cron.none :ommysql:192.168.31.48,Syslog,rsyslog,Pana#123
systemctl restart rsyslog
rsyslog服务器上执行
logger "this is a test log"
数据库服务器上执行
mysql -e "SELECT COUNT(*) FROM Syslog.SystemEvents;" mysql -e "SELECT * FROM Syslog.SystemEvents;"
可以看到数据已经存到Mysql的Syslog库中.
mysql -e "SELECT * FROM Syslog.SystemEvents\G"
yum install -y httpd php-fpm php-mysqlnd php-gd systemctl enable --now httpd php-fpm
apache通过套接字连接php-fpm,这样就不需要另外启动9000端口了
如果想要启动9000端口,修改/etc/php-fpm.d/www.conf
listen = 127.0.0.1:9000即可
tar xf loganalyzer-4.1.12.tar.gz mv loganalyzer-4.1.12/src/ /var/www/html/log touch /var/www/html/log/config.php chmod 666 /var/www/html/log/config.php
填入Mysql服务器IP,库名,表名,用户,密码等信息
再去rsyslog上发个信息
logger "this is a test log"
防止配置被覆盖,需要再加固一下
chmod 644 /var/www/html/log/config.php
好像每次配置服务都会有点意外~~~~不出点意外文档写的就不完美
报错信息如下:
Could not find the configured table, maybe misspelled or the tablenames are case sensitive
vi /var/www/html/log/config.php
查看DBTableName 这一系列名字的值时,发现DBTableName多了个空格.去掉后保存退出.
此时就可以正常访问了.也不用重启服务.