《2022年搭建syslog服务器流程》由会员分享,可在线阅读,更多相关《2022年搭建syslog服务器流程(10页珍藏版)》请在金锄头文库上搜索。
1、1.安装系统a)安装要求i.PC配置:CPU:Intel P E2160( 1.8GHz)以上内存: 1G以上硬盘: 80G 以上虚拟机要求:Kernel:linux 2.6 内存: 512 以上硬盘: 40G 以上b)安装系统i.Linux syslog server 要求用 centos 5.5 下载地址:ed2k:/|file|CentOS.5.5.32bit 光盘镜像 . CentOS-5.5-i386-bin-DVD.iso|4185118720|a1ce64b6d36d945f562cb1250d8d665f|h=fnfai2pqdbdxmz5i5wshkaj22ttscbkg|/
2、 c)配置网络i.点击桌面上方的系统管理网络,配置eth0 和 DNS ii.Network Abapter修改为桥接模式2.安装工具a)安装 GCC和 make rootFDWIN # yum install gcc make b)安装 LAMP 平台rootFDWIN # yum install php-mysql mysql mysql-server php-snmp php-pdo perl-DBDMySQL httpd php y rootFDWIN # service mysqld start rootFDWIN # chkconfig mysqld on rootFDWIN #s
3、ervice httpd start rootFDWIN #chkconfig httpd on rootFDWIN # mysqladmin -uroot password 000000 rootFDWIN #vim /var/www/html/index.php 添加: 然后网页访问下出现OK说明没问题了。进入 centos 的 DVD盘然后安装rpm -vih php-gd-5.1.6-15.el5.i386.rpm 进入 centos 的 DVD盘然后安装rpm -ivh freetype-2.2.1-19.el5.i386.rpm 名师资料总结 - - -精品资料欢迎下载 - - -
4、 - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 1 页,共 10 页 - - - - - - - - - c)安装 NET-SNMP 1. 下载 net-snmp 源码,并解压rootFDWIN proc# wget http:/ 5.6/net-snmp-5.6.tar.gz rootFDWIN proc#tar -xvzf net-snmp-5.6.tar.gz 2. Configure a) 进入源文件目录rootFDWIN proc#cd net-snmp-5.6 b) Configure rootFDWIN proc# ./
5、configure -prefix=/usr/local/net-snmp enable-mfd-rewrites -with-default-snmp- version=” 2” -with-persistent- directory=” /var/net-snmp”3. 编译、安装rootFDWIN proc#make & make install 4. 配置 snmpd.conf a) 将 EXAMPLE.conf文件复制到/usr/local/net-snmp/share/snmp/snmpd.conf rootFDWIN proc# cp EXAMPLE.conf /usr/loca
6、l/net-snmp/share/snmp/snmpd.conf b) 修改 snmpd.conf 1.查找以下字段:# sec.name source community com2sec notConfigUser default public 将comunity 字段改为你要设置的密码.比如 bizcnpublic. 将“ default”改为你想哪台机器可以看到你的snmp 信息 ,如 10.10.10.10。授权服务器IP 2.查找以下字段:# # Finally, grant the group read-only access to the systemview view. # g
7、roup context sec.model sec.level prefix read write notif access notConfigGroup any noauth exact systemview none none 将read 字段改为all. 代码 : #access notConfigGroup any noauth exact all none none 3.查找以下字段:# incl/excl subtree mask #view all included .1 80 将该行前面的 # 去掉 . 4.查找以下字段:#name incl/excl subtree mas
8、k(optional) 添加一行 view all included .1 变成#name incl/excl subtree mask(optional) 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 2 页,共 10 页 - - - - - - - - - view all included .1 5.查找以下字段:#view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc 将该行前面的 # 去掉 . 保存、关闭c) 设置 n
9、et-snmp 自启动rootFDWIN proc#chkconfig -level 35 snmpd on rootFDWIN proc#chkconfig -add snmpd d) SNMP测试(本机)rootFDWIN proc#snmpwalk -v -2c -c public FDWIN 若有大量数据返回,说明SNMP 配置正确e) 防火墙打开 udp 161 端口f) 检查 SNMP服务是否运行rootFDWIN proc#netstat -ln |grep 161 udp 0 0 127.0.0.1:161 0.0.0.0:* 表示 SNMP已运行正常3.CACTI安装a) R
10、RDtool的安装1.cgilib wget http:/www.scriptroute.org/source/cgilib-0.5.tar.gz tar -zxvf cgilib-0.5.tar.gz cd cgilib-0.5 make cp libcgi.a /usr/local/lib cp cgi.h /usr/include 2.fontconfig wget http:/www.fontconfig.org/release/fontconfig-2.8.0.tar.gz cd fontconfig-2.8.0 ./configure make & make install 3.p
11、ixman wget http:/cairographics.org/releases/pixman-0.21.2.tar.gz cd pixman-0.21.2 ./configure make;make install 4.cairo wget http:/cairographics.org/releases/cairo-1.10.0.tar.gz tar -zxvf cairo-1.10.0.tar.gz cd cairo-1.10.0 export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH # 这里很重要./co
12、nfigure make;make install 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 3 页,共 10 页 - - - - - - - - - 5.pango wget http:/ftp.se.debian.org/pub/gnome/sources/pango/1.17/pango- 1.17.5.tar.gz tar -zxvf pango-1.17.5.tar.gz cd pango-1.17.5 ./configure make & make install
13、6.rrdtool wget http:/www.mrtg.org/rrdtool/pub/rrdtool-1.4.4.tar.gz tar -xvzf rrdtool-1.4.4.tar.gz cd rrdtool-1.4.4 ./configure prefix=/usr/local/rrdtool make;make isntall b) Cacti 的安装1.下载 Cacti 软件包,并安装到/var/www/html/cacti wget http:/ tar -xvzf cacti-0.8.7g.tar.gz mv cacti-0.8.7g /var/www/html/cacti
14、2.配置数据库mysql -u root -p 123456 mysql create database cacti; mysql grant all privileges on cacti.* to cactiFDWIN identified by cacti with grant option; mysql grant all privileges on cacti.* to cacti127.0.0.1 identified by cacti with grant option; mysqlflush privileges; mysql use cacti; mysql source /
15、var/www/html/cacti/cacti.sql; 3.配置 Cacti 以连接数据库vi /var/www/html/cacti/include/config.php 依照如下修改:/* make sure these values refect your actual database/host/user/password */ $database_type = mysql; $database_default = cacti; $database_hostname = FDWIN; $database_username = cacti; $database_password =
16、cacti; $database_port = 3306; vi /var/www/html/cacti/include/global.php 依照如下修改:/* Default database settings*/ $database_type = mysql; $database_default = cacti; $database_hostname = FDWIN; $database_username = cacti; $database_password = cacti; 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - -
17、- 名师精心整理 - - - - - - - 第 4 页,共 10 页 - - - - - - - - - $database_port = 3306; $configurl_path = /cacti/; 4.添加 cacti 用户rootFDWIN proc#useradd -s nologin cacti rootFDWIN proc#passwd cacti 5.修改 cacti 目录属主rootFDWIN proc#chown -R cacti:cacti /var/www/html/cacti/ 6.编辑 crontab rootFDWIN proc#crontab -e */5
18、* * * * /usr/bin/php /var/www/html/cacti/poller.php /dev/null 2&1 7.关闭 SELinux rootFDWIN proc#setenforce 0 8.用浏览器访问http:/FDWIN/cacti/ 9.配置 Cacti 首先点开settings 的 path 页,正确设置相应的路径,然后finish 保存10.安装补丁按照 C 上的步骤,打上补丁程序必须在 Cacti的安装目录下,即/var/www/html/cacti/ rootFDWIN proc# wget http:/ rootFDWIN proc# wget ht
19、tp:/ rootFDWIN proc# wget http:/ rootFDWIN proc# wget http:/ rootFDWIN proc# wget http:/ rootFDWIN proc# wget http:/ rootFDWIN proc# wget http:/ rootFDWIN proc# patch -p1 -N data_source_deactivate.patch patch -p1 -N graph_list_view.patch patch -p1 -N html_output.patch patch -p1 -N ldap_group_autheni
20、cation.patch patch -p1 -N script_server_command_line_parse.patch patch -p1 -N ping.patch patch -p1 -N poller_interval.patch 4.CACTI的配置和插件名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 5 页,共 10 页 - - - - - - - - - 必须现安装好插件扩展PIA 2.8,才能安装、使用其他插件wget http:/mirror.cactius
21、ers.org/downloads/plugins/cacti-plugin-0.8.7g-PA-v2.8.tar.gz tar -xvzf cacti-plugin-0.8.7g-PA-v2.8.tar.gz mv cacti-plugin-arch /var/www/html/cacti/ cd /var/www/html/cacti/ mysql -u root -p 123456 cacti cacti-plugin-arch/pa.sql patch -p1 -N admin or other user - Realm Permissions - Plugin Management
22、- 打勾并保存3. 安装插件a)下载插件wget http:/cactiusers.org/downloads/settings.tar.gz wget http:/cactiusers.org/downloads/monitor.tar.gz wget http:/cactiusers.org/downloads/realtime.tar.gz wget http:/cactiusers.org/downloads/syslog.tar.gz wget http:/cactiusers.org/downloads/thold.tar.gz wget http:/cactiusers.org/
23、downloads/tools.tar.gz wget http:/cactiusers.org/downloads/update.tar.gz wget http:/ reportit_v061/reportit_v061.tar.gz wget http:/ b)解压插件tar -xvzf settings.tar.gz tar -xvzf monitor.tar.gz tar -xvzf realtime.tar.gz tar -xvzf syslog.tar.gz tar -xvzf thold.tar.gz tar -xvzf tools.tar.gz 名师资料总结 - - -精品资
24、料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 6 页,共 10 页 - - - - - - - - - tar -xvzf update.tar.gz tar -xvzf reportit_v06.tar.gz tar -xvzf npc-2.0.4.tar.gz c)修改 global.php ,增加插件说明vi /var/www/html/cacti/include/global.php $plugins = settings; $plugins = thold; $plugins = npc; $plug
25、ins = syslog; $plugins = aggregate; $plugins = reportit; $plugins = update; $plugins = tools; d)下载安装json(NPC插件需要json 支持)wget http:/ tar -xvzf json-1.2.1.tgz /usr/bin/phpize # 如果 phpize 没有此指令,请yum 安装 php-devel 包./configure make & make install e) 修改权限将所有插件mv 到/var/www/html/cacti/plugins目录下, 然后 User Ma
26、nagement - admin or other user - Realm Permissions - Plugin Management - 打勾并保存f) 启用插件点击 configuration 下的 plugins management, 将各个插件install/enable 。4. 插件安装排错a)realtime 插件安装问题realtim 插件安装好后,点击web 界面的 graphs页,选一个图,可发现在其右下角已经出现了一个realtime 的 logo,但当点此 logo 进行 realtime 查看时, 会发现弹出的窗口中显示:“The image cache dir
27、ectory doesnt exist.Please create it and set permissions and then attempt to open an other realtime graph.”提示没有Cache目录以及权限等。解决方案:rootlocalhost proc#makedir /var/www/html/cacti/cache rootlocalhost proc#chmod 777 -R /var/www/html/cacti/cache 之后,还要进入console-configuration-settings-misc, 设置”Cache Directo
28、ry”为/var/www/html/cacti/cache/ b) Syslog插件安装问题在 cacti 中访问 syslog栏目是会出现以下提示:1 Warning: include(./include/html/inc_timespan_settings.php) function.include: failed to open stream: No such file or directory in 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 7 页,共 10 页 - -
29、 - - - - - - - /var/www/html/plugins/syslog/syslog.php on line 126 2 Warning: include() function.include: Failed opening ./include/html/inc_timespan_settings.php for inclusion (include_path=.:/usr/share/pear) in /var/www/html/plugins/syslog/syslog.php on line 126 只需将 /plugins/syslog/syslog.php 的第 12
30、6 行#include($syslog_configgraphtime ? ./include/html/inc_timespan_settings.php : plugins/syslog/html/syslog_timespan_settings.php); 修改为:#include($syslog_configgraphtime ? ./lib/timespan_settings.phpplugins/syslog/html/syslog_timespan_setti ngs.php); 即可5.搭建 SYSLOG 日常的 Linux 服务器都会安装syslogd 或者 rsyslog
31、等日志监控服务。不过,由于日志文件都已文本形式放到服务器上,一个一个的去查找还是比较麻烦的。不过使用cacti 可以为我们找到一条捷径。1. 安装 syslog-ng服务Syslog-ng,下一代syslog服务。 Cacti 的 syslog监控插件只支持这一种日志服务。rootFDWIN proc#yum install syslog-ng 2. 配置 syslog插件rootFDWIN proc#cd /var/www/html/cacti/plugins/syslog/ rootFDWIN proc#vi config.php $syslogdb_type = mysql; $sysl
32、ogdb_default = syslog; $syslogdb_hostname = FDWIN; $syslogdb_username = ; $syslogdb_password = ; 3. 配置数据库rootFDWIN proc#mysql -u root -p 123456 mysqlcreate database syslog; mysqlgrant all on syslog.* to cactiloaclhost; mysqlflush privileges; mysqlexit; mysql ucacti p syslog syslog.sql 4. 配置 syslog-n
33、g.conf vi /etc/syslog-ng/syslog-ng.conf version: 3.0 options keep_hostname(yes); long_hostnames(off); 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 8 页,共 10 页 - - - - - - - - - flush_lines(1); log_fifo_size(1024); create_dirs(yes); # if a dir does not exist create i
34、t owner(root); # owner of created files group(root); # group of created files perm(0600); # permissions of created files dir_perm(0700); # permissions of created dirs ; source net udp(); ; destination d_mysql pipe(/tmp/mysql.pipe template(INSERT INTO cacti.syslog_incoming (host, facility, priority,
35、date, time, message) VALUES ( $HOST, $FACILITY, $PRIORITY, $YEAR-$MONTH-$DAY, $HOUR:$MIN:$SEC, $MSG );n) template-escape(yes) ); ; log source(net); destination(d_mysql); ; log source(s_all);destination(d_mysql); source s_all internal(); unix-stream(/dev/log); file(/proc/kmsg program_override(kernel:
36、 ); ; destination single-file file(/var/log/syslog-ng/all-messages); ; rootFDWIN proc#service syslog-ng restart # 重启 syslog-ng 5. 数据收集rootFDWIN proc#vi /var/www/html/cacti/plugins/syslog/log2sql.sh #!/bin/bash if ! -e /tmp/mysql.pipe ; then mkfifo /tmp/mysql.pipe fi while -e /tmp/mysql.pipe do mysql
37、 -u cacti -password=cacti cacti /tmp/mysql.pipe done rootFDWIN proc#chmod a+x log2sql.sh rootFDWIN proc#vi /etc/rc.local /var/www/html/cacti/plugins/syslog/log2sql.sh & rootFDWIN proc#crontab -e -u cacti 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 9 页,共 10 页 - - - - - - - - - */1 * * * * /usr/bin/php /usr/share/cacti/plugins/syslog/syslog_process.php 6. Syslog Screenshot 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 10 页,共 10 页 - - - - - - - - -
