|
|
d6cf12d |
|
|
|
d6cf12d |
This file provides some basic information to phplogcon configuration.
|
|
|
d6cf12d |
---------------------------------------------------------------------
|
|
|
d6cf12d |
|
|
|
d6cf12d |
|
|
|
d6cf12d |
There might be two different sources of system messages for phplogcon.
|
|
|
d6cf12d |
* /var/log/messages
|
|
|
d6cf12d |
* MySQl
|
|
|
d6cf12d |
You can use any of them, but MySQL is highly recommended for security reasons.
|
|
|
d6cf12d |
Selinux policy doesn't need to be adjusted or set into permissive mode. Default
|
|
|
d6cf12d |
permissions on /var/log/messages are kept unchanged.
|
|
|
d6cf12d |
|
|
|
d6cf12d |
1. /var/log/messages
|
|
|
d6cf12d |
====================
|
|
|
d6cf12d |
Asssume that you have phplogcon installed. Then you need to set proper owner
|
|
|
d6cf12d |
and permissions on /var/log/messages, so http deamon can read it.
|
|
|
d6cf12d |
|
|
|
d6cf12d |
# chgrp apache /var/log/messages
|
|
|
d6cf12d |
# chmod g+r /var/log/messages
|
|
|
d6cf12d |
|
|
|
d6cf12d |
Start http deamon.
|
|
|
d6cf12d |
|
|
|
d6cf12d |
# service httpd start
|
|
|
d6cf12d |
|
|
|
d6cf12d |
You have to switch SELinux to permissive mode so httpd is able to modify the phplogcon configuration.
|
|
|
d6cf12d |
|
|
|
d6cf12d |
# setenforce 0
|
|
|
d6cf12d |
|
|
|
d6cf12d |
Run browser and point it to
|
|
|
d6cf12d |
http://127.0.0.1/phplogcon/install.php
|
|
|
d6cf12d |
You will be guided thru the rest of phplogcon configuration.
|
|
|
d6cf12d |
|
|
|
d6cf12d |
# setenforce 1
|
|
|
d6cf12d |
|
|
|
d6cf12d |
Note that SELinux will also prevent httpd from reading the /var/log/messages file so you would have to add a SELinux module with a 'allow httpd_t var_log_t:file read;' rule.
|
|
|
d6cf12d |
|
|
|
d6cf12d |
That's it. Open http://127.0.0.1/phplogcon/index.php and enjoy.
|
|
|
d6cf12d |
You might want to access phplogcon from other place than localhost, therefore
|
|
|
d6cf12d |
set your /etc/httpd/conf.d/phplogcon.conf up.
|
|
|
d6cf12d |
|
|
|
d6cf12d |
2.MySQL
|
|
|
d6cf12d |
=======
|
|
|
d6cf12d |
This variant is little more complicated, but gives you better sleep.
|
|
|
d6cf12d |
Requirements: rsyslog-mysql, mysql, mysql-server, php-mysql.
|
|
|
d6cf12d |
|
|
|
d6cf12d |
First of all, MySQL setup is needed, so connect to the server.
|
|
|
d6cf12d |
#mysql -p -u root -h localhost
|
|
|
d6cf12d |
|
|
|
d6cf12d |
Create database with tables:
|
|
|
d6cf12d |
mysql> source /usr/share/doc/rsyslog-mysql-3.16.0/createDB.sql
|
|
|
d6cf12d |
(location of createDB.sql may differs, depends on rsyslog release)
|
|
|
d6cf12d |
mysql> SHOW DATABASES;
|
|
|
d6cf12d |
|
|
|
d6cf12d |
Create database user and grant privileges:
|
|
|
d6cf12d |
mysql> CREATE USER 'syslogwriter'@'localhost' IDENTIFIED BY 'topsecret';
|
|
|
d6cf12d |
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE ON `Syslog`.* TO 'syslogwriter'@'localhost';
|
|
|
d6cf12d |
mysql> SHOW GRANTS FOR syslogwriter@localhost;
|
|
|
d6cf12d |
|
|
|
d6cf12d |
!!!Do not forget to change the name and password of MySQL user!!!
|
|
|
d6cf12d |
|
|
|
d6cf12d |
And now configure rsyslog. Edit /etc/rsyslog.conf.
|
|
|
d6cf12d |
|
|
|
d6cf12d |
Load mysql output module:
|
|
|
d6cf12d |
$ModLoad ommysql
|
|
|
d6cf12d |
|
|
|
d6cf12d |
Send logs to MySQL:
|
|
|
d6cf12d |
*.* :ommysql:127.0.0.1,Syslog,syslogwriter,topsecret
|
|
|
d6cf12d |
|
|
|
d6cf12d |
Remove read permissions from rsyslog.conf, since the MySQL password is written here.
|
|
|
d6cf12d |
#chmod o-r /etc/rsyslog.conf.
|
|
|
d6cf12d |
|
|
|
d6cf12d |
Mysql and rsyslog are set up correctly. Restart rsyslog.
|
|
|
d6cf12d |
# service rsyslog restart.
|
|
|
d6cf12d |
and check if it works:
|
|
|
d6cf12d |
$ mysql -p -h localhost -u syslogwriter
|
|
|
d6cf12d |
mysql> USE Syslog;
|
|
|
d6cf12d |
mysql> SELECT * From SystemEvents;
|
|
|
d6cf12d |
|
|
|
d6cf12d |
If you see that rsyslog started correctly, start the webserver, open the browser
|
|
|
d6cf12d |
and point it at http://127.0.0.1/phplogcon/install.php. Follow the steps.
|
|
|
d6cf12d |
You will have to switch SELinux to permissive mode temporarily so the configuration can be saved.
|
|
|
d6cf12d |
# setenforce 0
|
|
|
d6cf12d |
|
|
|
d6cf12d |
Do not forget to change it back to enforcing after that.
|
|
|
d6cf12d |
# setenforce 1
|
|
|
d6cf12d |
|
|
|
d6cf12d |
That's it. Open http://127.0.0.1/phplogcon/index.php and enjoy.
|
|
|
d6cf12d |
You might want to access phplogcon from other place than localhost, therefore
|
|
|
d6cf12d |
set your /etc/httpd/conf.d/phplogcon.conf up.
|
|
|
d6cf12d |
|
|
|
d6cf12d |
---------------------------------------------------------------------
|
|
|
d6cf12d |
Feel free to offer comments, suggestions, or complaints.
|
|
|
d6cf12d |
Peter Vrabec <pvrabec@redhat.com> - 05/15/2008
|
|
|
d6cf12d |
|
|
|
d6cf12d |
|