Syslog server installation / configuration

Syslog server installation / configuration – Debian

April 6th, 2010 | | Posted in Networking, Servers

Hello there! If you are new here, you might want to subscribe to the RSS feed for updates on this topic.

Here is the step by step Installation procedure of a Syslog Server. Here I Used Debian platform. If you are in a different platform please check your file names and path.

1, Install Debian lenny

Download link : http://www.debian.org/releases/stable/

2, Install Following applications

openssh-server
openssh-client
apache2
libapache2-mod-php5
php5-cli
php5-common
php5-cgi
mysql-client
mysql-common
mysql-server
php5-mysql
php5-sqlite
php5-gd
Syslog-NG'

Root@server # apt-get install openssh-server openssh-client apache2 libapache2-mod-php5 php5-cli php5-common php5-cgi mysql-client mysql-common mysql-server php5-mysql php5-sqlite php5-gd phpmyadmin

3, Configure /etc/default/syslog-ng

Root@server # vi /etc/default/syslog-ng

CONSOLE_LOG_LEVEL=1
case "x$KERNEL_RINGBUF_SIZE" in
x[0-9]*)
dmesg -s $KERNEL_RINGBUF_SIZE
;;
x)
;;
*)
echo "KERNEL_RINGBUF_SIZE is of unaccepted value."
;;

4, Configure /etc/syslog-ng/syslog-ng.conf

Find following line  and remove the comment

Change  # udp();  to udp();
Change use_dns(no);    to  use_dns(yes);
add dns_cache(yes);

5, Downloaded and extract PHP Syslog NG to /var/www

Source : http://sourceforge.net/projects/php-syslog-ng/

6, Move Log from /var/log/syslog to MySQL

Add following script to the file

Root@server # vi /etc/syslog-ng/syslog-ng.conf

destination d_mysql {
pipe("/var/log/mysql.pipe"
template("INSERT INTO logs
(host, facility, priority, level, tag, datetime, program, msg)
VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC',
'$PROGRAM', '$MSG' );\n") template-escape(yes));
};

log {
source(s_all);
destination(d_mysql);
};

7, Create a script to run in the start-up

root@Server # vi /etc/syslog-ng/syslog2mysql.sh

#!/bin/bash
if [ ! -e /var/log/mysql.pipe ]
then
mkfifo /var/log/mysql.pipe
fi
while [ -e /var/log/mysql.pipe ]
do
mysql -u root --password=YOUR_PASS syslog < /var/log/mysql.pipe >/dev/null
done

8, Give execute permission to /etc/syslog-ng/syslog2mysql.sh

root@Server# chmod +x syslog2mysql.sh

9, Put this script to Startup

Create file /etc/rc2.d/S99syslog2mysql

And add following line in that file

/etc/syslog-ng/syslog2mysql.sh

Now run following command to make it as executable

root@Server# chmod +x /etc/rc2.d/S99syslog2mysql

10, Create a Database named SYSLOG

root@Server # mysql -uroot -p syslog /var/www/install/sql/dbsetup.sql
Give write access for file /var/www/config/config.php
root@Server # chmod 777 config/config.php

Now we have too configure the PHP syslog ng, for that access your server via web browser ( http://youripaddress/install/install.php ) and follow the steps. after the installation you can access your server via web ( http://youripaddress/ )

Author : Albin Sebastian

I am a Technology Blogger, I Blog about technology related articles, Active in online and offline tech communities

You must be logged in to post a comment.

Our online presence

Syslog server installation / configuration – Debian

Author : Albin Sebastian

Leave a Reply

Recent Post

Popular Post

Updated Post

Tag Cloud

Categories

Archives

Questions

Categories

Friends Blogs

Recent Post

Most Popular

Popular Today

More in Networking, Servers (36 of 44 articles)