Feed on
Posts
Comments

首先先裝好Syslog-ng,與PHP-Syslog-NG必備的Apache Server,PHPMySQL

首先先把PHP-Syslog-NG安裝完成,MySQL中就有一個為syslog的資料庫。

PHP-Syslog-NG的參考設定如下:

#把syslogd udp port改成515
source netsrc {
udp(ip(“0.0.0.0”) port(515));
tcp(ip(“0.0.0.0”) port(515));
};
#設定輸出資料到資料庫, pipe稍後建立。
destination netsql {
program(“/usr/local/bin/mysql –user=user –password=password syslog < /var/log/mysql.pipe"); pipe ("/var/log/mysql.pipe" template ("INSERT INTO syslog.logs (host, facility, priority, level, tag, datetime, program, msg) VALUES ('$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$ISODATE', '$PROGRAM', '$MESSAGE' );\n") template_escape(yes)); }; #設定filter filter f_cisco_info { level(info); }; filter f_cisco_notice { level(notice); }; filter f_cisco_warn { level(warn); }; filter f_cisco_crit { level(crit); }; filter f_cisco_err { level(err); }; #把log寫到硬碟與資料庫 log { source(netsrc); destination(netlog); }; log { source(netsrc); destination(netsql); };

接著建立mysql.pipe。

mkfifo /var/log/mysql.pipe

上述設定完成後啟動Syslog-ng。若是在FreeBSD啟動Syslog-ng,會跟原有syslog的pid有衝突,需要在rc.conf中再加一個pid位置。

#syslog-ng
syslog_ng_enable=”YES”
syslog_ng_pid=”/var/run/syslog-ng.pid”

啟動後,即可在Cisco Router把syslog重導到新的Syslog-ng server。

logging host 192.168.1.1 transport udp port 515

接著就會在剛剛設定Syslog-ng的目錄中看到像下面的log了。當然PHP-Syslog-NG也會看到啦。

Jan 3 18:00:47 192.168.1.2 6690: Jan 3 18:00:47 Taiwan: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/10, changed state to down

php-syslog-ng

One Response to “整合Syslog server與Web介面-Part II”

  1. zla says:

    看起來 PHP-Syslog-NG 的介面很不錯耶..

Leave a Reply