Syslog server installation / configuration – Debian

April 6th, 2010 | | Posted in Networking, Servers

Here is the step by step Installation procedure of a Syslog Server.  Here I Used Debian platform.  If you are in a different platform please check your file names and path.

php syslog

1, Install Debian lenny

Download link :  http://www.debian.org/releases/stable/

2, Install Following applications

openssh-server
openssh-client
apache2
libapache2-mod-php5
php5-cli
php5-common
php5-cgi
mysql-client
mysql-common
mysql-server
php5-mysql
php5-sqlite
php5-gd
Syslog-NG'

Root@server # apt-get install openssh-server openssh-client apache2 libapache2-mod-php5 php5-cli php5-common php5-cgi  mysql-client mysql-common mysql-server php5-mysql php5-sqlite php5-gd phpmyadmin

3, Configure /etc/default/syslog-ng

Root@server # vi  /etc/default/syslog-ng

CONSOLE_LOG_LEVEL=1
case "x$KERNEL_RINGBUF_SIZE" in
x[0-9]*)
dmesg -s $KERNEL_RINGBUF_SIZE
;;
x)
;;
*)
echo "KERNEL_RINGBUF_SIZE is of unaccepted value."
;;

4, Configure /etc/syslog-ng/syslog-ng.conf

Find following line  and remove the comment
Change  # udp();  to udp();
Change use_dns(no);    to  use_dns(yes);
add dns_cache(yes);

5,  Downloaded and extract PHP Syslog NG to /var/www

Source : http://sourceforge.net/projects/php-syslog-ng/

6, Move Log from /var/log/syslog to MySQL

Add following script to the file

Root@server # vi /etc/syslog-ng/syslog-ng.conf

destination d_mysql {
pipe("/var/log/mysql.pipe"
template("INSERT INTO logs
(host, facility, priority, level, tag, datetime, program, msg)
VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC',
'$PROGRAM', '$MSG' );\n") template-escape(yes));
};
log {
source(s_all);
destination(d_mysql);
};

7,  Create a  script to run in the start-up

root@Server # vi /etc/syslog-ng/syslog2mysql.sh

#!/bin/bash
if [ ! -e /var/log/mysql.pipe ]
then
mkfifo /var/log/mysql.pipe
fi
while [ -e /var/log/mysql.pipe ]
do
mysql -u root --password=YOUR_PASS syslog < /var/log/mysql.pipe >/dev/null
done

8, Give execute permission to /etc/syslog-ng/syslog2mysql.sh

root@Server# chmod +x  syslog2mysql.sh

9, Put this script to Startup

Create file /etc/rc2.d/S99syslog2mysql
And add following line in that file
/etc/syslog-ng/syslog2mysql.sh
Now run following command to make it as executable
root@Server# chmod +x /etc/rc2.d/S99syslog2mysql

10, Create a Database named SYSLOG

root@Server # mysql -uroot -p syslog /var/www/install/sql/dbsetup.sql
Give write access for file /var/www/config/config.php
root@Server # chmod 777 config/config.php

Now we have too configure the PHP syslog ng, for that access your server via web browser ( http://youripaddress/install/install.php ) and follow the steps. after the installation you can access your server via web ( http://youripaddress/ )

php syslog config install

Leave a Reply 22904 views, 4 today |

Author :

I am a Technology Blogger, I Blog about technology related articles, Active in online and offline tech communities

Leave a Reply

You must be logged in to post a comment.


More in Networking, Servers (36 of 44 articles)