วิธีติดตั้ง Syslog-ng แบบลบคำอธิบายทิ้งทั้งหมด ทดสอบแล้วติดตั้งได้เรียบร้อย แต่ต้องแก้ชื่อเครื่อง, ip,password และค่าอื่นๆ เอง
—————————————–
Ubuntu server 11.10 Syslog-ng
—————————————–
sudo su
sudo passwd root
apt-get install ssh openssh-server
nano /etc/network/interfaces
—————————————–
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.0.100
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
#สำหรับ 12.04 ต้องเพิ่ม dns-nameservers 8.8.8.8 8.8.4.4
—————————————–
/etc/init.d/networking restart
#<—12.04 ไม่ต้องทำ
nano /etc/resolv.conf
—————————————–
nameserver 192.168.0.1
search example.com
—————————————–
#12.04 ไม่ต้องทำ—>
nano /etc/hosts
—————————————–
127.0.0.1 localhost.localdomain localhost
192.168.0.100 server1.example.com server1
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
—————————————–
echo server1.example.com > /etc/hostname
/etc/init.d/hostname restart
apt-get update
apt-get upgrade
reboot
apt-get install ntp ntpdate
dpkg-reconfigure tzdata
—————————————–
Syslog
—————————————–
apt-get install syslog-ng
mkdir ~/Downloads
cd ~/Downloads
wget http://downloads.sourceforge.net/phpsyslogviewer/phpsyslogviewer-7.2.1.tar.bz2
apt-get install bzip2
tar xjvf phpsyslogviewer-7.2.1.tar.bz2
wget http://jaist.dl.sourceforge.net/sourceforge/phpsyslogviewer/speedupd-7.3.2.tar.bz2
cd phpsyslogviewer-7.2.1
mysql -u root -p
mysql>create database syslogng;
mysql>exit;
mysql -u root -p syslogng < install/phpsyslogviewer.sql
nano install/newuser.sql.php
—————————————–
$user = “myuser”; // Your Username
$pass = “mypassword”; // Your Password
—————————————–
apt-get install php5-cli
php install/newuser.sql.php
php install/newuser.sql.php | mysql -u root -p syslogng
cp -R htdocs /var/www/syslog
nano /var/www/syslog/config.php
—————————————–
$db_user = “root”; // Database Username
$db_pass = “rootpass”; // Database Password
$db_host = “localhost”; // Database Hostname
$db_name = “syslogng”; // Database Name
—————————————–
chown root:www-data /var/www/syslog/config.php
chmod 440 /var/www/syslog/config.php
cd ..
tar xjvf speedupd-7.3.2.tar.bz2
cd speedupd-7.3.2
apt-get install debhelper cmake libdaemon-dev libconfuse-dev fakeroot libmysqlclient15-dev
dpkg-buildpackage -rfakeroot
cd ..
dpkg -i speedupd_7.3.0_i386.deb
nano /etc/speedupd.conf
/etc/init.d/speedupd start
Nano /etc/syslog-ng/syslog-ng.conf
—————————————–
#เพิ่มบรรทัดเหล่านี้ลงไปล่างสุด และตรวจสอบเครื่องหมาย ” และ ‘ ด้วย vi อีกครั้งว่าถูกต้อง
# Log from Endian Server
source gateway {
tcp(ip(“0.0.0.0”)port(514)keep-alive(yes)max-connections(300));
udp(ip(“0.0.0.0”) port(514));
};
destination d_logserver {
file(“/var/log/$HOST/$R_YEAR/$R_MONTH/squid-$R_YEAR-$R_MONTH-$DAY.log”
owner(root) group(adm) perm(665)
create_dirs(yes) dir_perm(0775));
};
log {
source(gateway);
destination(d_logserver);
};
destination d_mysql {
pipe(“/var/log/mysql.pipe” template(“INSERT INTO logs (host, facility, priority, level, tag, datetime, program, msg) VALUES ( ‘$HOST’, ‘$FACILITY’, ‘$PRIORITY’, ‘$LEVEL’, ‘$TAG’, ‘$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC’, ‘$PROGRAM’, ‘$MSG’ );n”) template-escape(yes));
};
log {
source(gateway);
destination(d_mysql);
};
—————————————–
cd ~/Downloads/phpsyslogviewer-7.2.1/usr/sbin && ./syslog2mysql.sh &
service syslog-ng restart
—————————————–
url
http://ipaddress/syslog
ที่มา http://www.itmanage.info/technology/linux/ubuntu/syslog-ng/install_syslog_ng_ubuntu.html, http://forum.ubuntuclub.com/forum?topic=21865.0