Blob Blame History Raw

This file provides some basic information to phplogcon configuration.

There might be two different sources of system  messages for phplogcon.
* /var/log/messages
* MySQl
You can use any of them, but MySQL is highly recommended for security reasons.
Selinux policy doesn't need to be adjusted or set into permissive mode. Default 
permissions on /var/log/messages are kept unchanged.

1. /var/log/messages
Asssume that you have phplogcon installed. Then you need to set proper owner 
and permissions on /var/log/messages, so http deamon can read it.

# chgrp apache /var/log/messages
# chmod g+r /var/log/messages

Start http deamon.

# service httpd start

You have to switch SELinux to permissive mode so httpd is able to modify the phplogcon configuration.

# setenforce 0

Run browser and point it to
You will be guided thru the rest of phplogcon configuration.

# setenforce 1

Note that SELinux will also prevent httpd from reading the /var/log/messages file so you would have to add a SELinux module with a 'allow httpd_t var_log_t:file read;' rule.

That's it. Open and enjoy.
You might want to access phplogcon from other place than localhost, therefore
set your /etc/httpd/conf.d/phplogcon.conf up.

This variant is little more complicated, but gives you better sleep. 
Requirements: rsyslog-mysql, mysql, mysql-server, php-mysql.

First of all, MySQL setup is needed, so connect to the server.
#mysql -p -u root -h localhost

Create database with tables:
mysql> source /usr/share/doc/rsyslog-mysql-3.16.0/createDB.sql
(location of createDB.sql may differs, depends on rsyslog release)

Create database user and grant privileges:
mysql> CREATE USER 'syslogwriter'@'localhost' IDENTIFIED BY 'topsecret';
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE ON `Syslog`.* TO 'syslogwriter'@'localhost';
mysql> SHOW GRANTS FOR syslogwriter@localhost;

!!!Do not forget to change the name and password of MySQL user!!!

And now configure rsyslog. Edit /etc/rsyslog.conf.

Load mysql output module:
$ModLoad ommysql

Send logs to MySQL:
*.*       :ommysql:,Syslog,syslogwriter,topsecret

Remove read permissions from rsyslog.conf, since the MySQL password is written here.
#chmod o-r /etc/rsyslog.conf.

Mysql and rsyslog are set up correctly. Restart rsyslog.
# service rsyslog restart.
and check if it works:
$ mysql -p -h localhost -u syslogwriter
mysql> USE Syslog;
mysql> SELECT * From SystemEvents;

If you see that rsyslog started correctly, start the webserver, open the browser
and point it at Follow the steps.
You will have to switch SELinux to permissive mode temporarily so the configuration can be saved.
# setenforce 0

Do not forget to change it back to enforcing after that.
# setenforce 1

That's it. Open and enjoy.
You might want to access phplogcon from other place than localhost, therefore
set your /etc/httpd/conf.d/phplogcon.conf up.

Feel free to offer comments, suggestions, or complaints.
Peter Vrabec <> - 05/15/2008