{"id":1597,"date":"2012-02-25T11:24:11","date_gmt":"2012-02-25T04:24:11","guid":{"rendered":"http:\/\/www.implementer.co.th\/?p=1597"},"modified":"2012-02-25T11:24:11","modified_gmt":"2012-02-25T04:24:11","slug":"note-syslog-ngubuntu-server-11-10","status":"publish","type":"post","link":"https:\/\/implementer.co.th\/wordpress\/knowledge\/ubuntu\/note-syslog-ngubuntu-server-11-10\/","title":{"rendered":"note: \u0e27\u0e34\u0e18\u0e35\u0e15\u0e34\u0e14\u0e15\u0e31\u0e49\u0e07 syslog-ng \u0e1a\u0e19 Ubuntu Server 11.10"},"content":{"rendered":"<p>\u0e27\u0e34\u0e18\u0e35\u0e15\u0e34\u0e14\u0e15\u0e31\u0e49\u0e07 Syslog-ng \u0e41\u0e1a\u0e1a\u0e25\u0e1a\u0e04\u0e33\u0e2d\u0e18\u0e34\u0e1a\u0e32\u0e22\u0e17\u0e34\u0e49\u0e07\u0e17\u0e31\u0e49\u0e07\u0e2b\u0e21\u0e14 \u0e17\u0e14\u0e2a\u0e2d\u0e1a\u0e41\u0e25\u0e49\u0e27\u0e15\u0e34\u0e14\u0e15\u0e31\u0e49\u0e07\u0e44\u0e14\u0e49\u0e40\u0e23\u0e35\u0e22\u0e1a\u0e23\u0e49\u0e2d\u0e22 \u0e41\u0e15\u0e48\u0e15\u0e49\u0e2d\u0e07\u0e41\u0e01\u0e49\u0e0a\u0e37\u0e48\u0e2d\u0e40\u0e04\u0e23\u0e37\u0e48\u0e2d\u0e07, ip,password \u0e41\u0e25\u0e30\u0e04\u0e48\u0e32\u0e2d\u0e37\u0e48\u0e19\u0e46 \u0e40\u0e2d\u0e07<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>Ubuntu server 11.10 Syslog-ng<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>sudo su<\/p>\n<p>sudo passwd root<\/p>\n<p>apt-get install ssh openssh-server<!--more--><\/p>\n<p>nano \/etc\/network\/interfaces<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p># This file describes the network interfaces available on your system<\/p>\n<p># and how to activate them. For more information, see interfaces(5).<\/p>\n<p>&nbsp;<\/p>\n<p># The loopback network interface<\/p>\n<p>auto lo<\/p>\n<p>iface lo inet loopback<\/p>\n<p>&nbsp;<\/p>\n<p># The primary network interface<\/p>\n<p>auto eth0<\/p>\n<p>iface eth0 inet static<\/p>\n<p>address 192.168.0.100<\/p>\n<p>netmask 255.255.255.0<\/p>\n<p>network 192.168.0.0<\/p>\n<p>broadcast 192.168.0.255<\/p>\n<p>gateway 192.168.0.1<\/p>\n<p>#\u0e2a\u0e33\u0e2b\u0e23\u0e31\u0e1a 12.04 \u0e15\u0e49\u0e2d\u0e07\u0e40\u0e1e\u0e34\u0e48\u0e21\u00a0dns-nameservers 8.8.8.8 8.8.4.4<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>\/etc\/init.d\/networking restart<\/p>\n<p>#&lt;&#8212;12.04 \u0e44\u0e21\u0e48\u0e15\u0e49\u0e2d\u0e07\u0e17\u0e33<br \/>\nnano \/etc\/resolv.conf<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>nameserver 192.168.0.1<br \/>\nsearch\u00a0example.com<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>#12.04 \u0e44\u0e21\u0e48\u0e15\u0e49\u0e2d\u0e07\u0e17\u0e33&#8212;&gt;<\/p>\n<p>nano \/etc\/hosts<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>127.0.0.1\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 localhost.localdomain\u00a0\u00a0 localhost<\/p>\n<p>192.168.0.100\u00a0\u00a0 server1.example.com\u00a0\u00a0\u00a0\u00a0 server1<\/p>\n<p>&nbsp;<\/p>\n<p># The following lines are desirable for IPv6 capable hosts<\/p>\n<p>::1\u00a0\u00a0\u00a0\u00a0 ip6-localhost ip6-loopback<\/p>\n<p>fe00::0 ip6-localnet<\/p>\n<p>ff00::0 ip6-mcastprefix<\/p>\n<p>ff02::1 ip6-allnodes<\/p>\n<p>ff02::2 ip6-allrouters<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>echo server1.example.com &gt; \/etc\/hostname<\/p>\n<p>\/etc\/init.d\/hostname restart<\/p>\n<p>apt-get update<\/p>\n<p>apt-get upgrade<\/p>\n<p>reboot<\/p>\n<p>apt-get install ntp ntpdate<\/p>\n<p>dpkg-reconfigure tzdata<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>Syslog<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>apt-get install syslog-ng<\/p>\n<p>mkdir\u00a0~\/Downloads<\/p>\n<p>cd\u00a0~\/Downloads<\/p>\n<p>wget http:\/\/downloads.sourceforge.net\/phpsyslogviewer\/phpsyslogviewer-7.2.1.tar.bz2<\/p>\n<p>apt-get install bzip2<\/p>\n<p>tar xjvf phpsyslogviewer-7.2.1.tar.bz2<\/p>\n<p>wget http:\/\/jaist.dl.sourceforge.net\/sourceforge\/phpsyslogviewer\/speedupd-7.3.2.tar.bz2<\/p>\n<p>cd phpsyslogviewer-7.2.1<\/p>\n<p>mysql -u root -p<\/p>\n<p>mysql&gt;create database syslogng;<\/p>\n<p>mysql&gt;exit;<\/p>\n<p>mysql -u root -p syslogng &lt; install\/phpsyslogviewer.sql<\/p>\n<p>nano install\/newuser.sql.php<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>$user = &#8220;myuser&#8221;;\u00a0\/\/ Your Username<br \/>\n$pass = &#8220;mypassword&#8221;;\u00a0\/\/ Your Password<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>apt-get install php5-cli<\/p>\n<p>php install\/newuser.sql.php<\/p>\n<p>php install\/newuser.sql.php | mysql -u root -p syslogng<\/p>\n<p>cp -R htdocs \/var\/www\/syslog<\/p>\n<p>nano\u00a0 \/var\/www\/syslog\/config.php<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>$db_user = &#8220;root&#8221;; \/\/ Database Username<\/p>\n<p>$db_pass = &#8220;rootpass&#8221;; \/\/ Database Password<\/p>\n<p>$db_host = &#8220;localhost&#8221;; \/\/ Database Hostname<\/p>\n<p>$db_name = &#8220;syslogng&#8221;; \/\/ Database Name<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>chown root:www-data \/var\/www\/syslog\/config.php<\/p>\n<p>chmod 440 \/var\/www\/syslog\/config.php<\/p>\n<p>cd ..<\/p>\n<p>tar xjvf speedupd-7.3.2.tar.bz2<\/p>\n<p>cd speedupd-7.3.2<\/p>\n<p>apt-get install debhelper cmake libdaemon-dev libconfuse-dev fakeroot libmysqlclient15-dev<\/p>\n<p>dpkg-buildpackage -rfakeroot<\/p>\n<p>cd ..<\/p>\n<p>dpkg -i speedupd_7.3.0_i386.deb<\/p>\n<p>nano \/etc\/speedupd.conf<\/p>\n<p>\/etc\/init.d\/speedupd start<\/p>\n<p>Nano \/etc\/syslog-ng\/syslog-ng.conf<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>#\u0e40\u0e1e\u0e34\u0e48\u0e21\u0e1a\u0e23\u0e23\u0e17\u0e31\u0e14\u0e40\u0e2b\u0e25\u0e48\u0e32\u0e19\u0e35\u0e49\u0e25\u0e07\u0e44\u0e1b\u0e25\u0e48\u0e32\u0e07\u0e2a\u0e38\u0e14 \u0e41\u0e25\u0e30\u0e15\u0e23\u0e27\u0e08\u0e2a\u0e2d\u0e1a\u0e40\u0e04\u0e23\u0e37\u0e48\u0e2d\u0e07\u0e2b\u0e21\u0e32\u0e22 &#8221; \u0e41\u0e25\u0e30 &#8216; \u0e14\u0e49\u0e27\u0e22 vi \u0e2d\u0e35\u0e01\u0e04\u0e23\u0e31\u0e49\u0e07\u0e27\u0e48\u0e32\u0e16\u0e39\u0e01\u0e15\u0e49\u0e2d\u0e07<\/p>\n<p># Log from Endian Server<\/p>\n<p>source gateway {<\/p>\n<p>tcp(ip(&#8220;0.0.0.0&#8221;)port(514)keep-alive(yes)max-connections(300));<\/p>\n<p>udp(ip(&#8220;0.0.0.0&#8221;) port(514));<\/p>\n<p>};<\/p>\n<p>&nbsp;<\/p>\n<p>destination d_logserver {<\/p>\n<p>file(&#8220;\/var\/log\/$HOST\/$R_YEAR\/$R_MONTH\/squid-$R_YEAR-$R_MONTH-$DAY.log&#8221;<\/p>\n<p>owner(root) group(adm) perm(665)<\/p>\n<p>create_dirs(yes) dir_perm(0775));<\/p>\n<p>};<\/p>\n<p>&nbsp;<\/p>\n<p>log {<\/p>\n<p>source(gateway);<\/p>\n<p>destination(d_logserver);<\/p>\n<p>};<\/p>\n<p>&nbsp;<\/p>\n<p>destination d_mysql {<\/p>\n<p>pipe(&#8220;\/var\/log\/mysql.pipe&#8221; template(&#8220;INSERT INTO logs (host, facility, priority, level, tag, datetime, program, msg) VALUES ( &#8216;$HOST&#8217;, &#8216;$FACILITY&#8217;, &#8216;$PRIORITY&#8217;, &#8216;$LEVEL&#8217;, &#8216;$TAG&#8217;, &#8216;$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC&#8217;, &#8216;$PROGRAM&#8217;, &#8216;$MSG&#8217; );n&#8221;) template-escape(yes));<\/p>\n<p>};<\/p>\n<p>&nbsp;<\/p>\n<p>log {<\/p>\n<p>source(gateway);<\/p>\n<p>destination(d_mysql);<\/p>\n<p>};<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>&nbsp;<\/p>\n<p>cd ~\/Downloads\/phpsyslogviewer-7.2.1\/usr\/sbin &amp;&amp; .\/syslog2mysql.sh &amp;<\/p>\n<p>service syslog-ng restart<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p>url<\/p>\n<p>http:\/\/ipaddress\/syslog<\/p>\n<p>\u0e17\u0e35\u0e48\u0e21\u0e32 <a href=\"http:\/\/www.itmanage.info\/technology\/linux\/ubuntu\/syslog-ng\/install_syslog_ng_ubuntu.html\">http:\/\/www.itmanage.info\/technology\/linux\/ubuntu\/syslog-ng\/install_syslog_ng_ubuntu.html<\/a>,\u00a0\u00a0<a href=\"http:\/\/forum.ubuntuclub.com\/forum?topic=21865.0\">http:\/\/forum.ubuntuclub.com\/forum?topic=21865.0<\/a><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u0e27\u0e34\u0e18\u0e35\u0e15\u0e34\u0e14\u0e15\u0e31\u0e49\u0e07 Syslog-ng \u0e41\u0e1a\u0e1a\u0e25\u0e1a\u0e04\u0e33\u0e2d\u0e18\u0e34\u0e1a\u0e32\u0e22\u0e17\u0e34\u0e49\u0e07\u0e17\u0e31\u0e49\u0e07\u0e2b\u0e21\u0e14 \u0e17\u0e14\u0e2a\u0e2d\u0e1a\u0e41\u0e25\u0e49\u0e27\u0e15\u0e34\u0e14\u0e15\u0e31\u0e49\u0e07\u0e44\u0e14\u0e49\u0e40\u0e23\u0e35\u0e22\u0e1a\u0e23\u0e49\u0e2d\u0e22 \u0e41\u0e15\u0e48\u0e15\u0e49\u0e2d\u0e07\u0e41\u0e01\u0e49\u0e0a\u0e37\u0e48\u0e2d\u0e40\u0e04\u0e23\u0e37\u0e48\u0e2d\u0e07, ip,password \u0e41\u0e25\u0e30\u0e04\u0e48\u0e32\u0e2d\u0e37\u0e48\u0e19\u0e46 \u0e40\u0e2d\u0e07 &#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211; Ubuntu server 11.10 Syslog-ng &#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211; sudo su sudo passwd root apt-get install ssh openssh-server<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[7],"tags":[186,187,203],"class_list":["post-1597","post","type-post","status-publish","format-standard","hentry","category-ubuntu","tag-syslog","tag-syslog-ng","tag-ubuntu"],"_links":{"self":[{"href":"https:\/\/implementer.co.th\/wordpress\/wp-json\/wp\/v2\/posts\/1597"}],"collection":[{"href":"https:\/\/implementer.co.th\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/implementer.co.th\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/implementer.co.th\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/implementer.co.th\/wordpress\/wp-json\/wp\/v2\/comments?post=1597"}],"version-history":[{"count":0,"href":"https:\/\/implementer.co.th\/wordpress\/wp-json\/wp\/v2\/posts\/1597\/revisions"}],"wp:attachment":[{"href":"https:\/\/implementer.co.th\/wordpress\/wp-json\/wp\/v2\/media?parent=1597"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/implementer.co.th\/wordpress\/wp-json\/wp\/v2\/categories?post=1597"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/implementer.co.th\/wordpress\/wp-json\/wp\/v2\/tags?post=1597"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}