码迷,mamicode.com
首页 > 其他好文 > 详细

yum安装syslog-ng3.6

时间:2015-11-29 19:49:27      阅读:650      评论:0      收藏:0      [点我收藏+]

标签:日志   syslog   syslog-ng   

  1. 下载yum源

    wget https://copr.fedoraproject.org/coprs/czanik/syslog-ng36epel6/repo/epel-6/czanik-syslog-ng36epel6-epel-6.repo

  2. yum -y install syslog-ng  syslog-ng-*

  3. yum -y install GeoIPGeoIP-devel libesmtp-devel libhiredis hiredis hiredis-devel json-c-devel flex flex-devel libjvm libdbi-devel libdbi-dbd-* glib byacc byacc-devel glib2  glib2-devel  libdbi  systemd  json-c  logrotate  libxslt 


  4. server端配置
@version:3.2
options {
	flush_lines (0);
	time_reopen (10);
	log_fifo_size (1000);
	chain_hostnames (off);
	use_dns (no);
	use_fqdn (no);
	create_dirs (no);
	keep_hostname (no);
};
source s_sys {
	file ("/proc/kmsg" program_override("kernel: "));
	unix-stream ("/dev/log");
	internal();
	 udp(ip(0.0.0.0) port(514));
};
source s_net { tcp(ip(0.0.0.0) port(514) max-connections(1000) ); udp ( ); };
destination d_cons { file("/dev/console"); };
destination d_mysql { file("/data/${HOST}/${FACILITY}/${PROGRAM}.log"   create_dirs(yes) ); };
destination d_mesg { file("/var/log/messages"); };
destination d_auth { file("/var/log/secure"); };
destination d_mail { file("/var/log/maillog" flush_lines(10)); };
destination d_spol { file("/var/log/spooler"); };
destination d_boot { file("/var/log/boot.log"); };
destination d_cron { file("/var/log/cron"); };
destination d_kern { file("/var/log/kern"); };
destination d_mlal { usertty("*"); };
destination d_redis {
    redis(
        host("localhost")
        port(6379)
	command("lpush", "${HOST}_${PROGRAM}", "${MESSAGE}")
    );
};
destination d_sql {
  sql(type(mysql)
  host("192.168.1.11") username("d") password("d")
  database("dd")
  table("messages")
  columns("datetime varchar(16)", "host varchar(32)", "program  varchar(20)", "pid varchar(8)", "message  varchar(200)")
  values("${R_DATE}", "${HOST}", "${PROGRAM}", "${PID}", "${MSGONLY}")
  indexes("datetime", "host", "program", "pid", "message"));
};
filter f_kernel     { facility(kern); };
filter f_user     { facility(user); };
filter f_match     { host("192.168.1.")};
filter f_default    { level(info..emerg) and
                        not (facility(mail)
                        or facility(authpriv) 
                        or facility(cron)); };
filter f_auth       { facility(authpriv); };
filter f_mail       { facility(mail); };
filter f_emergency  { level(emerg); };
filter f_news       { facility(uucp) or
                        (facility(news) 
                        and level(crit..emerg)); };
filter f_boot   { facility(local7); };
filter f_cron   { facility(cron); };
log { source(s_sys); filter(f_kernel); destination(d_kern); };
log { source(s_net); filter(f_match); destination(d_mysql); };
log { source(s_net); filter(f_match); destination(d_sql); };
log { source(s_net); filter(f_match); destination(d_redis); };
log { source(s_sys); filter(f_auth); destination(d_auth); };
log { source(s_sys); filter(f_mail); destination(d_mail); };
log { source(s_sys); filter(f_emergency); destination(d_mlal); };
log { source(s_sys); filter(f_news); destination(d_spol); };
log { source(s_sys); filter(f_boot); destination(d_boot); };
log { source(s_sys); filter(f_cron); destination(d_cron); };
5 客户端配置
@version:3.2
options {
	flush_lines (0);
	time_reopen (10);
	log_fifo_size (1000);
	long_hostnames (off);
	use_dns (no);
	use_fqdn (no);
	create_dirs (no);
	keep_hostname (yes);
};
source s_sys {
	file ("/proc/kmsg" program_override("kernel: "));
	unix-stream ("/dev/log");
	internal();
};
source s_test_udp {
	file ("/var/lib/mysql/logs/mysql_slow.log" program_override("mysql_slowlog: "));
};
source s_messages_udp {
	file ("/var/log/messages" program_override("sys_messages: "));
};
destination d_cons { file("/dev/console"); };
destination d_mesg { file("/var/log/messages"); };
destination d_auth { file("/var/log/secure"); };
destination d_mail { file("/var/log/maillog" flush_lines(10)); };
destination d_spol { file("/var/log/spooler"); };
destination d_boot { file("/var/log/boot.log"); };
destination d_cron { file("/var/log/cron"); };
destination d_kern { file("/var/log/kern"); };
destination d_mlal { usertty("*"); };
destination d_test_udp  { udp("192.168.1.12" port(514)); };
filter f_kernel     { facility(kern); };
filter f_Query_time     { level(info..emerg); };
filter f_default    { level(info..emerg) and
                        not (facility(mail)
                        or facility(authpriv) 
                        or facility(cron)); };
filter f_auth       { facility(authpriv); };
filter f_mail       { facility(mail); };
filter f_emergency  { level(emerg); };
filter f_news       { facility(uucp) or
                        (facility(news) 
                        and level(crit..emerg)); };
filter f_boot   { facility(local7); };
filter f_cron   { facility(cron); };
log { source(s_sys); filter(f_kernel); destination(d_kern); };
log { source(s_messages_udp); filter(f_Query_time); destination(d_test_udp); };
log { source(s_sys); filter(f_default); destination(d_mesg); };
log { source(s_sys); filter(f_auth); destination(d_auth); };
log { source(s_sys); filter(f_mail); destination(d_mail); };
log { source(s_sys); filter(f_emergency); destination(d_mlal); };
log { source(s_sys); filter(f_news); destination(d_spol); };
log { source(s_sys); filter(f_boot); destination(d_boot); };
log { source(s_sys); filter(f_cron); destination(d_cron); };


yum安装syslog-ng3.6

标签:日志   syslog   syslog-ng   

原文地址:http://kkkkkk.blog.51cto.com/468162/1717889

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!