[root@localhost ~]# service mysqld start
[root@localhost ~]# mysql -uroot </usr/share/doc/rsyslog-mysql-5.8.10/createDB.sql
[root@localhost loganalyzer]# mysql
mysql> GRANT ALL ON Syslog.* TO 'loganauser'@'localhost' IDENTIFIED BY 'redhat';
mysql> GRANT ALL ON Syslog.* TO 'loganauser'@'127.0.0.1' IDENTIFIED BY 'redhat';
4.配置rsyslog加载ommysql模块(写入mysql数据库的模块):
[root@localhost ~]# vim /etc/rsyslog.conf
在MODULES区域添加:
$ModLoad ommysql
并启用以下两项:
$ModLoad imudp
$UDPServerRun 514
[root@localhost loganalyzer]# service rsyslog restart
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
[root@localhost loganalyzer]#
[root@localhost loganalyzer]# vim /etc/httpd/conf/httpd.conf
DirectoryIndex index.php
[root@localhost loganalyzer]# service httpd start
Starting httpd: [ OK ]
[root@localhost loganalyzer]#
7.打开http://hostname/loganalyzer/install.php安装之:
8.配置syslog将日志写入到mysql数据库:
[root@localhost loganalyzer]# vim /etc/rsyslog.conf
*.info :ommysql:127.0.0.1,Syslog,loganauser,redhat
[root@localhost loganalyzer]# service rsyslog restart
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
[root@localhost loganalyzer]#