ng+LogZilla搭建中央日志服务器(2)

#vi /etc/init.d/syslog-ng
 
开头添加
 
#!/bin/bash
 
#chkconfig: 2345 12 88
 
#Description: syslog-ng
 
修改PATH INIT_PROGINIT_OPTS
 
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/etc/syslogng/bin:/etc/syslogng/sbin
 
INIT_PROG="/etc/syslogng/sbin/syslog-ng"                # Full path to daemon       

INIT_OPTS="-f /etc/syslogng/etc/syslog-ng.conf"          # options passed to daemon
 
赋权限，添加服务
 
#chmod +x /etc/init.d/syslog-ng
 
#chkconfig --add syslog-ng
 
#service syslog-ng start
 
 
 
Starting syslog-ng: /usr/local/syslog-ng/sbin/syslog-ng: error while loading shared libraries: libevtlog.so.0: cannot open shared object file: No such file or directory 

Starting Kernel Logger: 出现此错误是因为共享库链接没做好 

#ln -s /etc/eventlog/lib/* /lib/

#ln -s /etc/eventlog/lib/* /lib64/

防火墙开放服务端口
 
#service iptables start
 
/sbin/iptables -I INPUT -p tcp --dport 514 -j ACCEPT
 
/sbin/iptables -I INPUT -p udp --dport 514 -j ACCEPT
 
 
 
#/etc/init.d/iptables save
 
#/etc/init.d/iptables status
 
 
 

LOLZILLA配置

用root用户登录
 
配置前先关闭iptables和SELINUX，避免安装过程中报错。
 
# service iptables stop
 
# setenforce 0
 
# vi /etc/sysconfig/selinux
 
---------------
 
SELINUX=disabled
 
上传安装文件至apache目录下
 
# cd /var/www/html
 
# tar zxvf logzilla_v2.9.9o.tgz
 
#chown -R root.root php-syslog-ng
 
#service mysqld restart
 
#service httpd restart
 
 修改php环境
 
为配合php-syslog-ng对php环境的要求，请修改/etc/php.ini中的内容为：
 
display_errors = On
 magic_quotes_gpc = On
 memory_limit =256M
 max_execution_time = 90
 
 创建日志目录
 
# mkdir -p /var/log/httpd/php-syslog-ng
 # mkdir -p /var/log/php-syslog-ng
 
配置虚拟机(配置apache安全)
 
这部分，请根据apache实际情况操作。以默认系统为例，虚拟主机配置文件都放在/etc/httpd/conf/httpd.conf，加入下面内容。
 
# PHP-SYSLOG-NG
 
<VirtualHost *:80>
 
  ServerName zbserver
 
  ServerAdmin zhjixi1234@163.com
 
  DocumentRoot /var/www/html/php-syslog-ng/html
 
  <Directory />
 
      Options FollowSymLinks
 
      AllowOverride All
 
  </Directory>
 
  <Directory /var/www/html/php-syslog-ng/html>
 
      # pcw No directory listings
 
      # Options Indexes FollowSymLinks MultiViews
 
      Options -Indexes FollowSymLinks MultiViews
 
      AllowOverride All
 
      Order allow,deny
 
      allow from all
 
  </Directory>
 
  <Directory /var/www/html/php-syslog-ng/html/config>
 
      Deny from all
 
  </Directory>
 
  ErrorLog /var/log/httpd/php-syslog-ng/error.log
 
  # Possible values include: debug, info, notice, warn, error, crit,
 
  # alert, emerg.
 
  LogLevel warn
 
  CustomLog /var/log/httpd/php-syslog-ng/access.log combined
 
  ServerSignature On
 
</VirtualHost>