TXT

rsyslog+mysql+juniper

By Jamie Rose,2014-08-27 21:56
8 views 0
yum -y install rsyslog yum -y install rsyslog-mysql sed -i 's/SYSLOGD_OPTIONS="-m 0"/SYSLOGD_OPTIONS="-m 0 -r"/g' /etc/sysconfig/rsyslog echo "UDP Syslog Server:">> /etc/rsyslog.conf echo "\$ModLoad imudp.so">> /etc/rsyslog.conf echo "\$UDPServerRun 514">> /etc/rsyslog.conf echo "\$ModLoad ommysql.so">> /etc/rsyslog.conf echo "local1.* :ommysql:..

yum -y install rsyslog

    yum -y install rsyslog-mysql

    sed -i 's/SYSLOGD_OPTIONS="-m 0"/SYSLOGD_OPTIONS="-m 0 -r"/g' /etc/sysconfig/rsyslog

    echo "UDP Syslog Server:">> /etc/rsyslog.conf echo "\$ModLoad imudp.so">> /etc/rsyslog.conf echo "\$UDPServerRun 514">> /etc/rsyslog.conf echo "\$ModLoad ommysql.so">> /etc/rsyslog.conf echo

    "local1.* :ommysql:123.123.123.1,Syslog,Sysloguser,123456">>/etc/

    rsyslog.conf

    #echo

    "*.* :ommysql:123.123.123.1,Syslog,Sysloguser,123456"">>/etc/rsys

    log.conf

1.ÐÞ?Ä/etc/sysconfig/rsyslog

    ?ÑSYSLOGD_OPTIONS="-m 0" ?ÄΪ SYSLOGD_OPTIONS="-m 0 -r" 2.ÔÚ/etc/rsyslog.confÖÐÌí?ÓÏÂÁÐÐÐ

UDP Syslog Server:

    $ModLoad imudp.so

    $UDPServerRun 514

    $ModLoad ommysql.so

    #local1.* :ommysql:123.123.123.1,Syslog,Sysloguser,123456 *.* :ommysql:123.123.123.1,Syslog,Sysloguser,123456" //local1.*ÊÇ?ÓÆäËûÉè????

3.?À?ðÇ?

    iptables -I INPUT -p udp --dport 514 -j ACCEPT

4.?Í???Ë

     juniper?Í???Ë

unset syslog config "172.0.0.5"

    set syslog config "172.0.0.5" "local1" "local1" set syslog enable

    set syslog traffic

    save

5.

    ???â ///gz?üÖÐÓÐSyslog.sqlµ?Èë???É

    mysql

    CREATE DATABASE Syslog;

USE Syslog;

    CREATE TABLE SystemEvents

    (

     ID int unsigned not null auto_increment primary key,

     CustomerID bigint,

     ReceivedAt datetime NULL,

     DeviceReportedTime datetime NULL,

     Facility smallint NULL,

     Priority smallint NULL,

     FromHost varchar(60) NULL,

     Message text,

     NTSeverity int NULL,

     Importance int NULL,

     EventSource varchar(60),

     EventUser varchar(60) NULL,

     EventCategory int NULL,

     EventID int NULL,

     EventBinaryData text NULL,

     MaxAvailable int NULL,

     CurrUsage int NULL,

     MinUsage int NULL,

     MaxUsage int NULL,

     InfoUnitID int NULL ,

     SysLogTag varchar(60),

     EventLogType varchar(60),

     GenericFileName VarChar(60),

     SystemID int NULL

    );

    CREATE TABLE SystemEventsProperties (

     ID int unsigned not null auto_increment primary key,

     SystemEventID int NULL ,

     ParamName varchar(255) NULL ,

     ParamValue text NULL

    );

grant all on Syslog.* to Sysloguser@'%' identified by "123456";

    mysql -uSysloguser -p123456

Report this document

For any questions or suggestions please email
cust-service@docsford.com