https://loganalyzer.adiscon.com/
感谢网友temptation的投稿
本文参考其文章完成:原文章链接https://www.cnblogs.com/iflytek/p/14403664.html
详细步骤如下
1、环境准备CentOS7.6的做事器一台
IP:192.168.198.132 可以访问互联网,并关闭SELINUX
(图片可放大查看)
(图片可放大查看)
2、脚本办法完成HTTP+PHP+MySQL+LogAnalyzer的支配上传脚本及干系文件至/opt目录下
cd/opttar-zxvfrsyslog_and_loganalyzer.tar.gzshloganalyzer.sh
(图片可放大查看)
个中loganalyzer.sh脚本内容如下
[root@localhostopt]#catloganalyzer.sh#!/bin/bashwget-O/etc/yum.repos.d/CentOS-Base.repohttps://mirrors.aliyun.com/repo/Centos-7.reposed-i-e'/mirrors.cloud.aliyuncs.com/d'-e'/mirrors.aliyuncs.com/d'/etc/yum.repos.d/CentOS-Base.repowget-O/etc/yum.repos.d/epel.repohttp://mirrors.aliyun.com/repo/epel-7.repocat>/etc/yum.repos.d/mysql-community.repo<<"EOF"[mysql-connectors-community]name=MySQLConnectorsCommunitybaseurl=https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql-connectors-community-el7-$basearch/enabled=1gpgcheck=1gpgkey=https://repo.mysql.com/RPM-GPG-KEY-mysql[mysql-tools-community]name=MySQLToolsCommunitybaseurl=https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql-tools-community-el7-$basearch/enabled=1gpgcheck=1gpgkey=https://repo.mysql.com/RPM-GPG-KEY-mysql[mysql-5.7-community]name=MySQL5.7CommunityServerbaseurl=https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql-5.7-community-el7-$basearch/enabled=1gpgcheck=1gpgkey=https://repo.mysql.com/RPM-GPG-KEY-mysqlEOFyumcleanallyummakecacheyuminstallmysql-community-server.x86_64-ysystemctlstartmysqldsystemctlenablemysqldnetstat-anp|grep3306ps-ef|grepmysqlecho"----------获取MySQL的root用户初始密码----------------"grep"temporarypassword"/var/log/mysqld.logecho"----------设置MySQL的root设置新密码----------------"echo"----------请设置新密码为MySQL@2021----------------"mysql_secure_installationecho"----------安装rsyslog-mysql并更换rsyslog.conf----------------"yum-yinstallrsyslog-mysqlmv/etc/rsyslog.conf/etc/rsyslog.conf_bakcp/opt/rsyslog.conf_template/etc/rsyslog.confsystemctlrestartrsyslog.servicemysql-uroot-pMySQL@2021</usr/share/doc/rsyslog-8.24.0/mysql-createDB.sqlecho"----------登录MySQL创建rsyslog库----------------"echo"createdatabasersyslogcharactersetutf8collateutf8_bin;"|mysql-uroot-pMySQL@2021echo"grantallprivilegesonSyslog.to'rsyslog'@'%'identifiedby'Rsyslog@2021';"|mysql-uroot-pMySQL@2021echo"grantallprivilegesonrsyslog.to'rsyslog'@'localhost'identifiedby'Rsyslog@2021';"|mysql-uroot-pMySQL@2021echo"flushprivileges;"|mysql-uroot-pMySQL@2021yum-yinstallhttpdphpphp-mysqlphp-gdcd/opt/tar-zxvfloganalyzer-4.1.11.tar.gzecho"----------解压并配置loganalyzer----------------"mkdir-p/var/log/httpd/logmkdir-p/var/www/html/logcp-rf/opt/loganalyzer-4.1.11/src//var/www/html/logcp-rf/opt/loganalyzer-4.1.11/contrib//var/www/html/logcd/var/www/html/logchmod+xconfigure.shsecure.shshconfigure.shchmod666config.phpchown-Rapache.apachesystemctlstarthttpdsystemctlenablehttpdsystemctlstatushttpdecho"----------请登录web初始化loganalyzer:http://IP:/log----------------"
脚本并非全自动化,须要在实行过程中须要重新设置MySQL的root密码
(图片可放大查看)
个中rsyslog.conf_template 做了如下修正
(图片可放大查看)
3、登录web初始化loganalyzer(图片可放大查看)
(图片可放大查看)
(图片可放大查看)
(图片可放大查看)
用户数据库连接配置 DatabaseName:Syslog
#把稳我这里利用的是Syslog,当然你也可以用之前脚本中创建的rsyslog库
Database User:rsyslog
Database Password:Rsyslog@2021
(图片可放大查看)
(图片可放大查看)
(图片可放大查看)
(图片可放大查看)
日志数据库
Database Name:Syslog
Database Tablename:SystemEvents (把稳大小写)
Database User:rsyslog
Database Password:Rsyslog@2021
(图片可放大查看)
4、测试主机debian配置ryslog转发(图片可放大查看)
5、loganalyzer利用截图主界面
(图片可放大查看)
数据统计
(图片可放大查看)
日志关键字搜索
(图片可放大查看)
"大众号后台回答LogAnalyzer获取LogAnalyzer安装脚本及干系文件
