安装syslogs
1、下载及解压及安装syslogs
[root@localhost home]# wget http://cactiusers.org/downloads/syslog.tar.gz
[root@localhost home]# tar xvf syslog-0.5.2.tar.gz
[root@localhost home]# mv syslog/ /var/www/html/plugins/
[root@localhost home]# cd /var/www/html/plugins/syslog/
[root@localhost syslog]# ls
compatibility.php html LICENSE syslog_alert.php syslog_process.php syslog.sql config.php p_w_picpaths README syslog_counter.php syslog_remove.php template
functions.php index.php setup.php syslog.php syslog_reports.php
[root@localhost syslog]#
创建syslog数据库
mysql> create database syslog;
mysql> grant all privileges on syslog.* to sysloguser@localhost identified by 'cacti' with grant option;
mysql>flush privileges;
导入数据库文件
[root@localhost syslog]# mysql -h localhost -u sysloguser -p syslog < /var/www/html/plugins/syslog/syslog.sql
Enter password:
[root@localhost syslog]#
修改数据库连接文件,修改前先备份
[root@localhost syslog]# cp config.php config.php.old
[root@localhost syslog]# vi config.php
$syslogdb_type = 'mysql';
$syslogdb_default = 'syslog';
$syslogdb_hostname = 'localhost';
$syslogdb_username = 'sysloguser';
$syslogdb_password = ' cacti ';
2、安装syslog-ng传送日志到数据库中
yum安装syslog-ng
[root@localhost syslog]# yum install syslog-ng
停用原syslog,启用syslog-ng
[root@localhost syslog]# /etc/init.d/rsyslog stop
Shutting down system logger: [ OK ]
[root@localhost syslog]# /etc/init.d/syslog-ng restart
Stopping syslog-ng: [ OK ]
Starting syslog-ng: [ OK ]
[root@localhost syslog]#
将syslog-ng加入自启动项并且停用rsyslog
[root@localhost syslog]# chkconfig rsyslog off
[root@localhost syslog]# chkconfig --level 35 syslog-ng on
配置syslog-ng配置文件,在syslog-ng.conf末端加入如下代码
source net {
udp ();
};
destination d_mysql {
pipe("/tmp/mysql.pipe"
template("INSERT INTO syslog_incoming(host,facility,priority,date,time,message) VALUES ('$HOST','$FACILITY', '$PRIORITY', '$YEAR-$MONTH-$DAY', '$HOUR:$MIN:$SEC', '$MSG' );\n")
template-escape(yes)
);
};
log { source(net); destination(d_mysql);};
log { source(s_sys); destination(d_mysql);};
重启相关服务
[root@localhost tmp]# /etc/init.d/syslog-ng restart
Stopping syslog-ng: [ OK ]
Starting syslog-ng: [ OK ]
[root@localhost tmp]# /etc/init.d/mysqld restart
Stopping mysqld: [ OK ]
Starting mysqld: [ OK ]
[root@localhost tmp]#
建立shell脚本
#!/bin/bash
if [ ! -e /tmp/mysql.pipe ]
then
mkfifo /tmp/mysql.pipe
fi
while [ -e /tmp/mysql.pipe ]
do mysql -u sysloguser --password= cacti syslog < /tmp/mysql.pipe >/dev/null 2>&1
done
让脚本启动自动执行
赋予cacituser控制权
[root@localhost syslog]# chown -R cactiuser syslogstart.sh
赋予运行权限
[cactiuser@localhost syslog]$ chmod 755 syslogstart.sh
赋予syslog_process.php以运行权限
[cactiuser@localhost syslog]$ chmod 775 syslog_process.php
赋予mysql.pipe以运行权限
[root@localhost tmp]# chown -R cactiuser mysql.pipe
[cactiuser@localhost tmp]$ chmod 777 mysql.pipe
以cactiuser用户添加任务
[cactiuser@localhost syslog] #crontab –e
@reboot /var/www/html/plugins/syslog/syslog.sh
*/1 * * * * php /var/www/html/plugins/syslog/syslog_process.php
重启crond服务,刷新几次网页数据就出来
转载于:https://blog.51cto.com/coolner/692376
492
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
