Shulou(Shulou.com)06/01 Report--

Centos 6.5-Log system Rsyslog

Related concepts of log

Explanation of the log: record the historical events according to the time series

Logging: the time when the event occurred, the content of the event, etc.

Level of log: how critical the event occurs

The Framework of Log system in Linux system

Processes that cause changes in system state in Linux need to be logged.

In the early centos5, syslog was used as a logging system, which contained two service processes

Syslogd-record information about the process of the system

Klogd-record information related to kernel events

Centos6 is replaced by rsyslog because of the following disadvantages

1, cannot support parallel data storage

2, the work efficiency is very low

3, the log file cannot be put into the database file managed by the data manager

The advantages of rsyslog in Centos6 are as follows

1. Supports multi-threaded data storage with high efficiency

2. Support storing logs to remote log servers based on tcp,ssl,tls,relp protocol, while early syslog only supports simple text transfer mode, which is not secure.

3. Support multiple relational databases such as mysql,pgsql,oracle

4. Support filter support to filter any part of the system information

5. Support a complete output format or configure a fully customizable output format

6, suitable for enterprise logging

Linux Syslog has the concept of facility. The simple explanation is that the rsyslog process service sends multiple agents to help receive various log requests. [when the process needs to log, it makes it clear which agent to hire to log]

These agents: auth authpriv cron daemon kern ipr mail uucp mark syslog user news security local [0-7]

The designated agent can use wildcards

* represents all

F1. . Fn lists are separated by commas

! Denote inversion

Priority priority concept for Syslog:

Priority: debug info notice warn err crit alert emerg

Wildcards can also be used in priority

* indicates all

None means not to record

The example is as follows

Where facility and priority are separated by a period

To be used between different priorities; separate.

Here is how to store the log file in the mysql database of the remote host and use loganalyzer to view the topology diagram as follows:

First yum installs the lamp platform

Yum install-y httpd php php-mysql php-gd

Test whether it is normal or not

Vim / var/www/html/index.php

Install the mysql server on 172.16.101.100

Yum install-y mysql-server

Set a password for root users

Mysqladmin-uroot password 'hzm132'

Log in to mysql

Create a database

Create database Syslog

Create users and authorize

Grant all on Syslog.* to 'sysmessage'@172.16.101.34

Refresh permissions

Flush privileges

Test to see if it is normal:

Install rsyslog-mysql

Mysql-uroot-p < / usr/share/doc/rsyslog-mysql-5.8.10/createDB.sql

Modify / etc/rsyslog.conf

Decompress loganalyzer-3.6.5.tar.gz

Enter the decompressed directory

Enter / var/www/html/logweb

Execute the following file

Enter the address in the client browser for installation

It's over.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.