This file provides some basic information to phplogcon configuration. --------------------------------------------------------------------- There might be two different sources of system messages for phplogcon. * /var/log/messages * MySQl You can use any of them, but MySQL is highly recommended for security reasons. Selinux policy doesn't need to be adjusted or set into permissive mode. Default permissions on /var/log/messages are kept unchanged. 1. /var/log/messages ==================== Asssume that you have phplogcon installed. Then you need to set proper owner and permissions on /var/log/messages, so http deamon can read it. # chgrp apache /var/log/messages # chmod g+r /var/log/messages Start http deamon. # service httpd start You have to switch SELinux to permissive mode so httpd is able to modify the phplogcon configuration. # setenforce 0 Run browser and point it to You will be guided thru the rest of phplogcon configuration. # setenforce 1 Note that SELinux will also prevent httpd from reading the /var/log/messages file so you would have to add a SELinux module with a 'allow httpd_t var_log_t:file read;' rule. That's it. Open and enjoy. You might want to access phplogcon from other place than localhost, therefore set your /etc/httpd/conf.d/phplogcon.conf up. 2.MySQL ======= This variant is little more complicated, but gives you better sleep. Requirements: rsyslog-mysql, mysql, mysql-server, php-mysql. First of all, MySQL setup is needed, so connect to the server. #mysql -p -u root -h localhost Create database with tables: mysql> source /usr/share/doc/rsyslog-mysql-3.16.0/createDB.sql (location of createDB.sql may differs, depends on rsyslog release) mysql> SHOW DATABASES; Create database user and grant privileges: mysql> CREATE USER 'syslogwriter'@'localhost' IDENTIFIED BY 'topsecret'; mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE ON `Syslog`.* TO 'syslogwriter'@'localhost'; mysql> SHOW GRANTS FOR syslogwriter@localhost; !!!Do not forget to change the name and password of MySQL user!!! And now configure rsyslog. Edit /etc/rsyslog.conf. Load mysql output module: $ModLoad ommysql Send logs to MySQL: *.* :ommysql:,Syslog,syslogwriter,topsecret Remove read permissions from rsyslog.conf, since the MySQL password is written here. #chmod o-r /etc/rsyslog.conf. Mysql and rsyslog are set up correctly. Restart rsyslog. # service rsyslog restart. and check if it works: $ mysql -p -h localhost -u syslogwriter mysql> USE Syslog; mysql> SELECT * From SystemEvents; If you see that rsyslog started correctly, start the webserver, open the browser and point it at Follow the steps. You will have to switch SELinux to permissive mode temporarily so the configuration can be saved. # setenforce 0 Do not forget to change it back to enforcing after that. # setenforce 1 That's it. Open and enjoy. You might want to access phplogcon from other place than localhost, therefore set your /etc/httpd/conf.d/phplogcon.conf up. --------------------------------------------------------------------- Feel free to offer comments, suggestions, or complaints. Peter Vrabec <> - 05/15/2008