{"id":520,"date":"2009-01-03T23:59:53","date_gmt":"2009-01-03T15:59:53","guid":{"rendered":"https:\/\/blog.ychsiao.org\/?p=520"},"modified":"2018-03-21T20:24:52","modified_gmt":"2018-03-21T12:24:52","slug":"%e6%95%b4%e5%90%88syslog-server%e8%88%87web%e4%bb%8b%e9%9d%a2-part-ii","status":"publish","type":"post","link":"https:\/\/blog.ychsiao.org\/?p=520","title":{"rendered":"\u6574\u5408Syslog server\u8207Web\u4ecb\u9762-Part II"},"content":{"rendered":"<p>\u9996\u5148\u5148\u88dd\u597d<a href=\"http:\/\/www.balabit.com\/network-security\/syslog-ng\/\">Syslog-ng<\/a>\uff0c\u8207<a href=\"http:\/\/code.google.com\/p\/php-syslog-ng\/\">PHP-Syslog-NG<\/a>\u5fc5\u5099\u7684<a href=\"http:\/\/www.apache.org\/\">Apache Server<\/a>,<a href=\"http:\/\/www.php.net\">PHP<\/a>\u8207<a href=\"http:\/\/www.mysql.com\">MySQL<\/a>\u3002<br \/>\n<!--more--><br \/>\n\u9996\u5148\u5148\u628a<a href=\"http:\/\/code.google.com\/p\/php-syslog-ng\/\">PHP-Syslog-NG<\/a>\u5b89\u88dd\u5b8c\u6210\uff0c<a href=\"http:\/\/www.mysql.com\">MySQL<\/a>\u4e2d\u5c31\u6709\u4e00\u500b\u70basyslog\u7684\u8cc7\u6599\u5eab\u3002<\/p>\n<p><a href=\"http:\/\/code.google.com\/p\/php-syslog-ng\/\">PHP-Syslog-NG<\/a>\u7684\u53c3\u8003\u8a2d\u5b9a\u5982\u4e0b:<\/p>\n<blockquote><p>\n#\u628asyslogd udp port\u6539\u6210515<br \/>\nsource netsrc {<br \/>\n                udp(ip(&#8220;0.0.0.0&#8221;) port(515));<br \/>\n                tcp(ip(&#8220;0.0.0.0&#8221;) port(515));<br \/>\n};<br \/>\n#\u8a2d\u5b9a\u8f38\u51fa\u8cc7\u6599\u5230\u8cc7\u6599\u5eab, pipe\u7a0d\u5f8c\u5efa\u7acb\u3002<br \/>\ndestination netsql {<br \/>\n                program(&#8220;\/usr\/local\/bin\/mysql &#8211;user=user &#8211;password=password syslog < \/var\/log\/mysql.pipe\");\n                pipe (\"\/var\/log\/mysql.pipe\" template (\"INSERT INTO syslog.logs (host, facility, priority, level, tag, datetime, program, msg) VALUES ('$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$ISODATE', '$PROGRAM', '$MESSAGE' );\\n\") template_escape(yes));\n};\n#\u8a2d\u5b9afilter\nfilter f_cisco_info { level(info); };\nfilter f_cisco_notice { level(notice); };\nfilter f_cisco_warn { level(warn); };\nfilter f_cisco_crit { level(crit); };\nfilter f_cisco_err { level(err); };\n#\u628alog\u5beb\u5230\u786c\u789f\u8207\u8cc7\u6599\u5eab\nlog { source(netsrc); destination(netlog); };\nlog { source(netsrc); destination(netsql); };\n<\/p><\/blockquote>\n<p>\u63a5\u8457\u5efa\u7acbmysql.pipe\u3002<\/p>\n<blockquote><p>\nmkfifo \/var\/log\/mysql.pipe\n<\/p><\/blockquote>\n<p>\u4e0a\u8ff0\u8a2d\u5b9a\u5b8c\u6210\u5f8c\u555f\u52d5<a href=\"http:\/\/www.balabit.com\/network-security\/syslog-ng\/\">Syslog-ng<\/a>\u3002\u82e5\u662f\u5728<a href=\"http:\/\/www.freebsd.org\">FreeBSD<\/a>\u555f\u52d5<a href=\"http:\/\/www.balabit.com\/network-security\/syslog-ng\/\">Syslog-ng<\/a>\uff0c\u6703\u8ddf\u539f\u6709syslog\u7684pid\u6709\u885d\u7a81\uff0c\u9700\u8981\u5728rc.conf\u4e2d\u518d\u52a0\u4e00\u500bpid\u4f4d\u7f6e\u3002<\/p>\n<blockquote><p>\n#syslog-ng<br \/>\nsyslog_ng_enable=&#8221;YES&#8221;<br \/>\nsyslog_ng_pid=&#8221;\/var\/run\/syslog-ng.pid&#8221;\n<\/p><\/blockquote>\n<p>\u555f\u52d5\u5f8c\uff0c\u5373\u53ef\u5728Cisco Router\u628asyslog\u91cd\u5c0e\u5230\u65b0\u7684<a href=\"http:\/\/www.balabit.com\/network-security\/syslog-ng\/\">Syslog-ng<\/a> server\u3002<\/p>\n<blockquote><p>\nlogging host 192.168.1.1 transport udp port 515\n<\/p><\/blockquote>\n<p>\u63a5\u8457\u5c31\u6703\u5728\u525b\u525b\u8a2d\u5b9a<a href=\"http:\/\/www.balabit.com\/network-security\/syslog-ng\/\">Syslog-ng<\/a>\u7684\u76ee\u9304\u4e2d\u770b\u5230\u50cf\u4e0b\u9762\u7684log\u4e86\u3002\u7576\u7136<a href=\"http:\/\/code.google.com\/p\/php-syslog-ng\/\">PHP-Syslog-NG<\/a>\u4e5f\u6703\u770b\u5230\u5566\u3002<\/p>\n<blockquote><p>\nJan  3 18:00:47 192.168.1.2 6690: Jan  3 18:00:47 Taiwan: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1\/10, changed state to down\n<\/p><\/blockquote>\n<p><a href=\"http:\/\/www.flickr.com\/photos\/ychsiao\/3159249787\/\" class=\"tt-flickr tt-flickr-Medium\" title=\"php-syslog-ng\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone\" src=\"http:\/\/farm4.static.flickr.com\/3101\/3159249787_89c891b97a.jpg\" alt=\"php-syslog-ng\" width=\"500\" height=\"157\" \/><\/a><\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>\u9996\u5148\u5148\u88dd\u597dSyslog-ng\uff0c\u8207PHP-Syslog-NG\u5fc5\u5099\u7684Apache Server,PHP\u8207MySQL\u3002<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[49,54,3],"class_list":["post-520","post","type-post","status-publish","format-standard","hentry","category-general","tag-iso27001","tag-syslog","tag-unix"],"_links":{"self":[{"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/posts\/520","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=520"}],"version-history":[{"count":16,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/posts\/520\/revisions"}],"predecessor-version":[{"id":891,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/posts\/520\/revisions\/891"}],"wp:attachment":[{"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=520"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=520"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=520"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}