README.fedora
This file provides some basic information to phplogcon configuration. --------------------------------------------------------------------- There might be two different sources of system messages for phplogcon. * /var/log/messages * MySQl You can use any of them, but MySQL is highly recommended for security reasons. Selinux policy doesn't need to be adjusted or set into permissive mode. Default permissions on /var/log/messages are kept unchanged. 1. /var/log/messages ==================== Asssume that you have phplogcon installed. Then you need to set proper owner and permissions on /var/log/messages, so http deamon can read it. # chgrp apache /var/log/messages # chmod g+r /var/log/messages Start http deamon. # service httpd start You have to switch SELinux to permissive mode so httpd is able to modify the phplogcon configuration. # setenforce 0 Run browser and point it to http://127.0.0.1/phplogcon/install.php You will be guided thru the rest of phplogcon configuration. # setenforce 1 Note that SELinux will also prevent httpd from reading the /var/log/messages file so you would have to add a SELinux module with a 'allow httpd_t var_log_t:file read;' rule. That's it. Open http://127.0.0.1/phplogcon/index.php and enjoy. You might want to access phplogcon from other place than localhost, therefore set your /etc/httpd/conf.d/phplogcon.conf up. 2.MySQL ======= This variant is little more complicated, but gives you better sleep. Requirements: rsyslog-mysql, mysql, mysql-server, php-mysql. First of all, MySQL setup is needed, so connect to the server. #mysql -p -u root -h localhost Create database with tables: mysql> source /usr/share/doc/rsyslog-mysql-3.16.0/createDB.sql (location of createDB.sql may differs, depends on rsyslog release) mysql> SHOW DATABASES; Create database user and grant privileges: mysql> CREATE USER 'syslogwriter'@'localhost' IDENTIFIED BY 'topsecret'; mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE ON `Syslog`.* TO 'syslogwriter'@'localhost'; mysql> SHOW GRANTS FOR syslogwriter@localhost; !!!Do not forget to change the name and password of MySQL user!!! And now configure rsyslog. Edit /etc/rsyslog.conf. Load mysql output module: $ModLoad ommysql Send logs to MySQL: *.* :ommysql:127.0.0.1,Syslog,syslogwriter,topsecret Remove read permissions from rsyslog.conf, since the MySQL password is written here. #chmod o-r /etc/rsyslog.conf. Mysql and rsyslog are set up correctly. Restart rsyslog. # service rsyslog restart. and check if it works: $ mysql -p -h localhost -u syslogwriter mysql> USE Syslog; mysql> SELECT * From SystemEvents; If you see that rsyslog started correctly, start the webserver, open the browser and point it at http://127.0.0.1/phplogcon/install.php. Follow the steps. You will have to switch SELinux to permissive mode temporarily so the configuration can be saved. # setenforce 0 Do not forget to change it back to enforcing after that. # setenforce 1 That's it. Open http://127.0.0.1/phplogcon/index.php and enjoy. You might want to access phplogcon from other place than localhost, therefore set your /etc/httpd/conf.d/phplogcon.conf up. --------------------------------------------------------------------- Feel free to offer comments, suggestions, or complaints. Peter Vrabec <pvrabec@redhat.com> - 05/15/2008