This file provides some basic information to phplogcon configuration.
---------------------------------------------------------------------
There might be two different sources of system messages for phplogcon.
* /var/log/messages
* MySQl
You can use any of them, but MySQL is highly recommended for security reasons.
Selinux policy doesn't need to be adjusted or set into permissive mode. Default
permissions on /var/log/messages are kept unchanged.
1. /var/log/messages
====================
Asssume that you have phplogcon installed. Then you need to set proper owner
and permissions on /var/log/messages, so http deamon can read it.
# chgrp apache /var/log/messages
# chmod g+r /var/log/messages
Start http deamon.
# service httpd start
You have to switch SELinux to permissive mode so httpd is able to modify the phplogcon configuration.
# setenforce 0
Run browser and point it to
http://127.0.0.1/phplogcon/install.php
You will be guided thru the rest of phplogcon configuration.
# setenforce 1
Note that SELinux will also prevent httpd from reading the /var/log/messages file so you would have to add a SELinux module with a 'allow httpd_t var_log_t:file read;' rule.
That's it. Open http://127.0.0.1/phplogcon/index.php and enjoy.
You might want to access phplogcon from other place than localhost, therefore
set your /etc/httpd/conf.d/phplogcon.conf up.
2.MySQL
=======
This variant is little more complicated, but gives you better sleep.
Requirements: rsyslog-mysql, mysql, mysql-server, php-mysql.
First of all, MySQL setup is needed, so connect to the server.
#mysql -p -u root -h localhost
Create database with tables:
mysql> source /usr/share/doc/rsyslog-mysql-3.16.0/createDB.sql
(location of createDB.sql may differs, depends on rsyslog release)
mysql> SHOW DATABASES;
Create database user and grant privileges:
mysql> CREATE USER 'syslogwriter'@'localhost' IDENTIFIED BY 'topsecret';
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE ON `Syslog`.* TO 'syslogwriter'@'localhost';
mysql> SHOW GRANTS FOR syslogwriter@localhost;
!!!Do not forget to change the name and password of MySQL user!!!
And now configure rsyslog. Edit /etc/rsyslog.conf.
Load mysql output module:
$ModLoad ommysql
Send logs to MySQL:
*.* :ommysql:127.0.0.1,Syslog,syslogwriter,topsecret
Remove read permissions from rsyslog.conf, since the MySQL password is written here.
#chmod o-r /etc/rsyslog.conf.
Mysql and rsyslog are set up correctly. Restart rsyslog.
# service rsyslog restart.
and check if it works:
$ mysql -p -h localhost -u syslogwriter
mysql> USE Syslog;
mysql> SELECT * From SystemEvents;
If you see that rsyslog started correctly, start the webserver, open the browser
and point it at http://127.0.0.1/phplogcon/install.php. Follow the steps.
You will have to switch SELinux to permissive mode temporarily so the configuration can be saved.
# setenforce 0
Do not forget to change it back to enforcing after that.
# setenforce 1
That's it. Open http://127.0.0.1/phplogcon/index.php and enjoy.
You might want to access phplogcon from other place than localhost, therefore
set your /etc/httpd/conf.d/phplogcon.conf up.
---------------------------------------------------------------------
Feel free to offer comments, suggestions, or complaints.
Peter Vrabec <pvrabec@redhat.com> - 05/15/2008