實驗1:更換存放檔案
[root@localhost ~]# vim /etc/ssh/sshd_config
#SyslogFacility AUTHPRIV
SyslogFacility local0
[root@localhost ~]# vim /etc/rsyslog.conf
local0.* /var/log/sshd.log
[root@localhost ~]# systemctl restart sshd rsyslog
[root@localhost ~]# tail -f /var/log/sshd.log
實驗2:日志存放在192.168.2.6的主機上test.log中
本機
[root@localhost ~]# vim /etc/rsyslog.conf
local0.* @@192.168.2.6
[root@localhost ~]# systemctl restart sshd rsyslog
網絡主機
[root@localhost ~]# vim /etc/rsyslog.conf
$ModLoad imtcp
$InputTCPServerRun 514
local0.* /var/log/test.log
[root@localhost ~]# systemctl restart sshd rsyslog
[root@localhost ~]# tail -f /var/log/test.log 1、準備MySQL server(192.168.2.16)
[root@localhost ~]#yum -y install mariadb-server
[root@localhost ~]#systemctl start mariadb
2、在MySQL server 上授權rsyslog能連接配接過來
MariaDB [(none)]> grant all on Syslog.* to loguser@'192.168.2.%' identified by '123456';
Query OK, 0 rows affected (0.16 sec)
3、在rsyslog伺服器上安裝MySQL子產品相關的程式包 (192.168.2.6)
[root@localhost ~]#yum -y install rsyslog-mysql
[root@localhost ~]#rpm -ql rsyslog-mysql
/usr/lib64/rsyslog/ommysql.so #子產品
/usr/share/doc/rsyslog-8.24.0/mysql-createDB.sql
[root@localhost ~]#scp /usr/share/doc/rsyslog-8.24.0/mysql-createDB.sql 192.168.2.16:/data/ #将此庫傳到資料庫伺服器
4、在MySQL server 伺服器上為rsyslog建立資料庫及表
[root@localhost ~]#mysql -uroot -p < /data/mysql-createDB.sql
Enter password:
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| Syslog |
5、配置rsyslog将日志儲存到MySQL中
[root@localhost ~]#vim /etc/rsyslog.conf
$ModLoad ommysql #添加此行,加載ommysql.so
*.info;mail.none;authpriv.none;cron.none /var/log/messages
*.info;mail.none;authpriv.none;cron.none :ommysql:192.168.2.16,Syslog,loguser,123456 #定義規則
[root@localhost ~]#systemctl restart rsyslog
1、準備一台主機amp組合 (192.168.2.26)
[root@localhost ~]#yum -y install httpd php php-mysql php-gd
[root@localhost ~]#systemctl start httpd #啟動服務
2、測試lamp環境搭建是否成功
3、安裝LogAnalyser開源軟體
[root@localhost ~]#wget http://download.adiscon.com/loganalyzer/loganalyzer-4.1.7.tar.gz
[root@localhost ~]#tar xvf loganalyzer-4.1.7.tar.gz -C /var/www/html/ #解壓到主站目錄
[root@localhost ~]#mv loganalyzer-4.1.7/src log
[root@localhost ~]#cd log
[root@localhost log]#touch config.php
[root@localhost log]#chmod 666 config.php
4、浏覽器安裝
http://192.168.2.6
填寫資訊主機大小寫
5、安裝完成後
[root@localhost log]#chmod 644 config.php #修改權限 ![.NetCore 使用log4net日志[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)