rsyslog記錄日誌於mysql:
前提:準備好msql server或mariadb server;
(1) 安裝rsyslog連接至mysql server的驅動模塊;
# yum install rsyslog-mysql
(2) 在mysql server準備rsyslog專用的用戶賬號;
GRANT ALL ON Syslog.* TO 'rsyslog'@'127.0.0.1' IDENTIFIED BY 'rsyslogpass';
GRANT ALL ON Syslog.* TO 'rsyslog'@'local' IDENTIFIED BY 'rsyslogpass';
(3) 生成所需要的數據庫和表;
mysql -ursyslog -h127.0.0.1 -prsyslogpass < /usr/share/doc/rsyslog-7.4.7/mysql-createDB.sql
(4) 配置rsyslog使用ommysql模塊
#### MODULES ####
......
$ModLoad ommysql
(5) 配置RULES,將所期望的日誌信息記錄於mysql中;
facility.priority :ommysql:DBHOST,DB,DBUSER,DBUSERPASS
(6) 重啓rsyslog服務;
(7) loganalyzer
WebGUI, 運行amp環境中;
(a) 準備amp環境
# yum install httpd php php-mysql php-gd
# systemctl start httpd.service
(b) 安裝loganalyzer
# tar xf loganalyzer-VERSION.tar.gz
# cd loganalyzer-VERSION
# cp -a src /var/www/html/loganalyzer-VERSION
# cd /var/www/html
# ln -sv loganalyzer-VERSION log
# cd log
# touch config.php
# chmod 666 config.php
打開瀏覽器,配置;
MySQL Native, Syslog Field
Table Type:"Monitorware“
# chmod 644 config.php
實驗:Rsyslog+LogAnalyzer+MySQL部署日誌服務器
環境centos 7 ip:10.1.23.101
1.安裝程序包
# yum install rsyslog-mysql -y
2.啓動配置數據庫
# GRANT ALL ON Syslog.* TO 'rsyslog'@'127.0.0.1' IDENTIFIED BY '123';
# GRANT ALL ON Syslog.* TO 'rsyslog'@'local' IDENTIFIED BY '123';
3.生成需要的數據庫和表
#rpm -ql ryslog-mysql
# mysql -ursyslog -h127.0.0.1 -prsyslogpass < /usr/share/doc/rsyslog-7.4.7/mysql-createDB.sql
4.配置rsyslog服務和連接mariadb數據庫
(1)啓用數據庫輸出模塊
$ModLoad ommysql
(2)配置RUELS,將期望的日誌信息記錄於mysql
(3)重啓rsyslog
5. 準備loganalyzer
(1)準備amp環境
# yum install httpd php php-mysql php-gd
# systemctl start httpd.service
(2)安裝loganalyzer
# tar xf loganalyzer-VERSION.tar.gz
# cd loganalyzer-VERSION
# cp -a src /var/www/html/loganalyzer-VERSION
# cd /var/www/html
# ln -sv loganalyzer-VERSION log
# cd log
# touch config.php
# chmod 666 config.php
(3)瀏覽器配置
http://http://10.1.23.101/log/ 
點擊NEXT,直到Step 7,配置如下界面
進入界面
