mysql 搭建日志服务器_一、架构01-搭建日志服务器Rsyslog
搭建日志服務(wù)器
1、環(huán)境配置
環(huán)境:
node01? 192.168.32.132? rsyslog服務(wù)器
node02? 192.168.32.128? rsyslog客戶端
2、node01、node02安裝rsyslog軟件包
[root@node01 ~]# yum install -y rsyslog
[root@node02 ~]# yum install -y rsyslog
3、修改node01上rsyslog的配置文件
[root@node01 ~]# vim /etc/rsyslog.conf
將接受日志傳入的模塊的注釋去掉,包括TCP和UDP
# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
# Provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514
4、重啟rsyslog服務(wù)
[root@node01 ~]# systemctl restart rosyslog.service
查看端口是否開啟
[root@node01 ~]# ss -tunl
5、在node02上配置一下發(fā)送日志的主機(jī)
[root@node02 ~]# vim /etc/rsyslog.conf
比如
將*.info;mail.none;authpriv.none;cron.none????????????????/var/log/messages
修改為
#*.info;mail.none;authpriv.none;cron.none? ? ? ? ? ? ? ?@node01
6、修改完成,重啟一下node02的日志服務(wù)
[root@node02 ~]# systemctl restart rosyslog.service
7、驗(yàn)證
比如,在node02上安裝一個(gè)httpd服務(wù)
[root@node02 ~]# yum -y install httpd
然后在node01上面的日志輸出查詢是不是有記錄
[root@node01 ~]# tail -f /var/log/messages
查詢結(jié)果是有的,大功告成,基本配置就算完成了
附加:
(1、)將日志放進(jìn)mysql中并進(jìn)行展示
8、安裝mysql 以及rsyslog-mysql軟件包
[root@node01 ~]# yum install -y rsyslog-mysql
[root@node01 ~]# rpm -ql rsyslog-mysql
[root@node01 ~]# yum install -y mariadb mariadb-server
9、修改mariadb的配置文件,啟動(dòng)mariadb服務(wù)
[root@node01 ~]# vim /etc/my.cnf.d/server.cnf
[server]
# this is only for the mysqld standalone daemon
[mysqld]
skip_name_resolve=ON
innodb_file_per_table=ON
[root@node01 ~]# systemctl restart mariadb
10、將rsyslog的數(shù)據(jù)庫導(dǎo)入到mariadb中,并進(jìn)行賦權(quán)
[root@node01 ~]# mysql??< /usr/share/doc/rsyslog-8.24.0/mysql-createDB.sql
[root@node01 ~]# mysql
MariaDB [(none)]> show databases;
+--------------------+
| Database???????????|
+--------------------+
| information_schema |
| Syslog?????????????|
| mysql??????????????|
| performance_schema |
| test???????????????|
+--------------------+
5 rows in set (0.00 sec)
MariaDB [(none)]> use Syslog;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [Syslog]> show tables;
+------------------------+
| Tables_in_Syslog???????|
+------------------------+
| SystemEvents???????????|
| SystemEventsProperties |
MariaDB [Syslog]> desc SystemEvents;
+--------------------+------------------+------+-----+---------+----------------+
| Field??????????????| Type?????????????| Null | Key | Default | Extra??????????|
+--------------------+------------------+------+-----+---------+----------------+
| ID?????????????????| int(10) unsigned | NO???| PRI | NULL????| auto_increment |
| CustomerID?????????| bigint(20)???????| YES??|?????| NULL????|????????????????|
| ReceivedAt?????????| datetime?????????| YES??|?????| NULL????|????????????????|
| DeviceReportedTime | datetime?????????| YES??|?????| NULL????|????????????????|
| Facility???????????| smallint(6)??????| YES??|?????| NULL????|????????????????|
| Priority???????????| smallint(6)??????| YES??|?????| NULL????|????????????????|
| FromHost???????????| varchar(60)??????| YES??|?????| NULL????|????????????????|
| Message????????????| text?????????????| YES??|?????| NULL????|????????????????|
| NTSeverity?????????| int(11)??????????| YES??|?????| NULL????|????????????????|
| Importance?????????| int(11)??????????| YES??|?????| NULL????|????????????????|
| EventSource????????| varchar(60)??????| YES??|?????| NULL????|????????????????|
| EventUser??????????| varchar(60)??????| YES??|?????| NULL????|????????????????|
| EventCategory??????| int(11)??????????| YES??|?????| NULL????|????????????????|
| EventID????????????| int(11)??????????| YES??|?????| NULL????|????????????????|
| EventBinaryData????| text?????????????| YES??|?????| NULL????|????????????????|
| MaxAvailable???????| int(11)??????????| YES??|?????| NULL????|????????????????|
| CurrUsage??????????| int(11)??????????| YES??|?????| NULL????|????????????????|
| MinUsage???????????| int(11)??????????| YES??|?????| NULL????|????????????????|
| MaxUsage???????????| int(11)??????????| YES??|?????| NULL????|????????????????|
| InfoUnitID?????????| int(11)??????????| YES??|?????| NULL????|????????????????|
| SysLogTag??????????| varchar(60)??????| YES??|?????| NULL????|????????????????|
| EventLogType???????| varchar(60)??????| YES??|?????| NULL????|????????????????|
| GenericFileName????| varchar(60)??????| YES??|?????| NULL????|????????????????|
| SystemID???????????| int(11)??????????| YES??|?????| NULL????|????????????????|
+--------------------+------------------+------+-----+---------+----------------+
24 rows in set (0.00 sec)
MariaDB [Syslog]> desc SystemEventsProperties;
+---------------+------------------+------+-----+---------+----------------+
| Field?????????| Type?????????????| Null | Key | Default | Extra??????????|
+---------------+------------------+------+-----+---------+----------------+
| ID????????????| int(10) unsigned | NO???| PRI | NULL????| auto_increment |
| SystemEventID | int(11)??????????| YES??|?????| NULL????|????????????????|
| ParamName?????| varchar(255)?????| YES??|?????| NULL????|????????????????|
| ParamValue????| text?????????????| YES??|?????| NULL????|????????????????|
+---------------+------------------+------+-----+---------+----------------+
4 rows in set (0.00 sec)
MariaDB [Syslog]> grant all on Syslog.* to 'rsyslog'@'192.168.32.%' identified by 'rsyslog';
Query OK, 0 rows affected (0.00 sec)
MariaDB [Syslog]> grant all on Syslog.* to 'rsyslog'@'192.168.32.%' identified by 'rsyslog';
Query OK, 0 rows affected (0.00 sec)
MariaDB [Syslog]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
MariaDB [Syslog]> exit
Bye
11、修改rsyslog的配置文件,并重啟rsyslog服務(wù)
[root@node01 ~]# vim /etc/rsyslog.conf
比如:
將#*.info;mail.none;authpriv.none;cron.none????????????????/var/log/messages
換成
*.info;mail.none;authpriv.none;cron.none????????????????:ommysql:192.168.32.132,Syslog,rsyslog,rsyslog
[root@node01 ~]# systemctl restart rsyslog.service
12、在node02安裝個(gè)軟件包vstpd,進(jìn)入數(shù)據(jù)庫,驗(yàn)證
[root@node02 ~]# yum install -y vsftpd
[root@node01 ~]# mysql
Welcome to the MariaDB monitor.??Commands end with ; or \g.
Your MariaDB connection id is 5
Server version: 5.5.60-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
MariaDB [(none)]>
MariaDB [(none)]>
MariaDB [(none)]> use Syslog;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [Syslog]> show tables;
+------------------------+
| Tables_in_Syslog???????|
+------------------------+
| SystemEvents???????????|
| SystemEventsProperties |
+------------------------+
2 rows in set (0.00 sec)
MariaDB [Syslog]> select * from SystemEvents \G;
*************************** 1. row ***************************
ID: 1
CustomerID: NULL
ReceivedAt: 2019-01-23 18:16:53
DeviceReportedTime: 2019-01-23 18:16:53
Facility: 3
Priority: 6
FromHost: node01
Message: Stopping System Logging Service...
NTSeverity: NULL
Importance: NULL
EventSource: NULL
EventUser: NULL
EventCategory: NULL
EventID: NULL
EventBinaryData: NULL
MaxAvailable: NULL
CurrUsage: NULL
MinUsage: NULL
MaxUsage: NULL
InfoUnitID: 1
SysLogTag: systemd:
EventLogType: NULL
GenericFileName: NULL
SystemID: NULL
*************************** 2. row ***************************
ID: 2
CustomerID: NULL
ReceivedAt: 2019-01-23 18:16:53
DeviceReportedTime: 2019-01-23 18:16:53
Facility: 5
Priority: 6
FromHost: node01
Message:??[origin software="rsyslogd" swVersion="8.24.0-34.el7" x-pid="1812" x-info="http://www.rsyslog.com"] exiting on signal 15.
NTSeverity: NULL
Importance: NULL
EventSource: NULL
EventUser: NULL
EventCategory: NULL
EventID: NULL
EventBinaryData: NULL
MaxAvailable: NULL
CurrUsage: NULL
MinUsage: NULL
MaxUsage: NULL
InfoUnitID: 1
SysLogTag: rsyslogd:
EventLogType: NULL
GenericFileName: NULL
SystemID: NULL
*************************** 3. row ***************************
ID: 3
CustomerID: NULL
ReceivedAt: 2019-01-23 18:16:53
DeviceReportedTime: 2019-01-23 18:16:53
Facility: 3
Priority: 6
FromHost: node01
Message: Starting System Logging Service...
NTSeverity: NULL
Importance: NULL
EventSource: NULL
EventUser: NULL
EventCategory: NULL
EventID: NULL
EventBinaryData: NULL
MaxAvailable: NULL
CurrUsage: NULL
MinUsage: NULL
MaxUsage: NULL
InfoUnitID: 1
SysLogTag: systemd:
EventLogType: NULL
GenericFileName: NULL
SystemID: NULL
*************************** 4. row ***************************
ID: 4
CustomerID: NULL
ReceivedAt: 2019-01-23 18:16:53
DeviceReportedTime: 2019-01-23 18:16:53
Facility: 5
Priority: 6
FromHost: node01
Message:??[origin software="rsyslogd" swVersion="8.24.0-34.el7" x-pid="2396" x-info="http://www.rsyslog.com"] start
NTSeverity: NULL
Importance: NULL
EventSource: NULL
EventUser: NULL
EventCategory: NULL
EventID: NULL
EventBinaryData: NULL
MaxAvailable: NULL
CurrUsage: NULL
MinUsage: NULL
MaxUsage: NULL
InfoUnitID: 1
SysLogTag: rsyslogd:
EventLogType: NULL
GenericFileName: NULL
SystemID: NULL
*************************** 5. row ***************************
ID: 5
CustomerID: NULL
ReceivedAt: 2019-01-23 18:16:53
DeviceReportedTime: 2019-01-23 18:16:53
Facility: 3
Priority: 6
FromHost: node01
Message: Started System Logging Service.
NTSeverity: NULL
Importance: NULL
EventSource: NULL
EventUser: NULL
EventCategory: NULL
EventID: NULL
EventBinaryData: NULL
MaxAvailable: NULL
CurrUsage: NULL
MinUsage: NULL
MaxUsage: NULL
InfoUnitID: 1
SysLogTag: systemd:
EventLogType: NULL
GenericFileName: NULL
SystemID: NULL
*************************** 6. row ***************************
ID: 6
CustomerID: NULL
ReceivedAt: 2019-01-23 18:17:14
DeviceReportedTime: 2019-01-23 18:17:14
Facility: 3
Priority: 6
FromHost: node02
Message:??Reloading.
NTSeverity: NULL
Importance: NULL
EventSource: NULL
EventUser: NULL
EventCategory: NULL
EventID: NULL
EventBinaryData: NULL
MaxAvailable: NULL
CurrUsage: NULL
MinUsage: NULL
MaxUsage: NULL
InfoUnitID: 1
SysLogTag: systemd:
EventLogType: NULL
GenericFileName: NULL
SystemID: NULL
*************************** 7. row ***************************
ID: 7
CustomerID: NULL
ReceivedAt: 2019-01-23 18:17:14
DeviceReportedTime: 2019-01-23 18:17:14
Facility: 1
Priority: 6
FromHost: node02
Message:Installed: vsftpd-3.0.2-25.el7.x86_64
NTSeverity: NULL
Importance: NULL
EventSource: NULL
EventUser: NULL
EventCategory: NULL
EventID: NULL
EventBinaryData: NULL
MaxAvailable: NULL
CurrUsage: NULL
MinUsage: NULL
MaxUsage: NULL
InfoUnitID: 1
SysLogTag: yum[1929]:
EventLogType: NULL
GenericFileName: NULL
SystemID: NULL
7 rows in set (0.00 sec)
ERROR: No query specified
MariaDB [Syslog]> exit
Bye
驗(yàn)證成功!!
13、安裝httpd、php軟件包,配置http
[root@node01 ~]# yum install -y httpd php php-mysql php-gd
[root@node01 ~]# cd /var/www/html/
[root@node01 html]# tar zxvf loganalyzer-3.6.5.tar.gz
[root@node01 html]# cd loganalyzer-3.6.5/
[root@node01 loganalyzer-3.6.5]# cd ..
[root@node01 html]# mv * /root/
[root@node01 ~]# cp -r loganalyzer-3.6.5/src/???/var/www/html/loganalyzer-3.6.5
[root@node01 ~]# cd /var/www/html/loganalyzer-3.6.5
[root@node01 html]# ln -sv loganalyzer-3.6.5??log
[root@node01 loganalyzer-3.6.5]# cd /var/www/html/
[root@node01 html]# cd log
[root@node01 log]# touch config.php
[root@node01 log]# chmod 666 config.php
[root@node01 log]# systemctl restart httpd
[root@node01 log]# systemctl enable httpd
然后登陸http://192.168.32.132/log
進(jìn)行配置
配置完成后成功展示,如圖:
展示成功,最后修改
chmod 644?/var/www/html/log/config.php
大功告成!O(∩_∩)O
總結(jié)
以上是生活随笔為你收集整理的mysql 搭建日志服务器_一、架构01-搭建日志服务器Rsyslog的全部內(nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: VS2005混合编译ARM汇编代码
- 下一篇: 数据库杂谈(九)——事务管理