centos 7.8 +mariadb+ Loganalyzer 4.1.6 搭建日记服务器（真实有效，测试通过）

Centos7.8+loganalyzer+mariadb 日记服务器搭建过程

一  安装好centos，配置好IP地址，yum代理设置，wget代理设置，全局代理配置

红色的带边需要更改或者添加的内容

1查看centos版本

[[email protected] ~]# cat /etc/centos-release

CentOS Linux release 7.8.2003 (Core)

[[email protected] ~]#

 

2 配置yum代理

[[email protected] ~]# vi /etc/yum.conf

[main]

cachedir=/var/cache/yum/$basearch/$releasever

keepcache=0

debuglevel=2

logfile=/var/log/yum.log

exactarch=1

obsoletes=1

gpgcheck=1

plugins=1

installonly_limit=5

bugtracker_url=http://bugs.centos.org/set_project.php?project_id=23&ref=http://bugs.centos.org/bug_report_page.php?category=yum

distroverpkg=centos-release

http_proxy=http://proxy.  代理加端口号

https_proxy=//https://proxy.代理加端口号

 

3 配置wget代理

[[email protected] ~]# vi /etc/wgetrc

# It is a good idea to make Wget send your email address in a `From:'

# header with your request (so that server administrators can contact

# you in case of errors).  Wget does *not* send `From:' by default.

#header = From: Your Name <[email protected]>

 

# You can set up other headers, like Accept-Language.  Accept-Language

# is *not* sent by default.

#header = Accept-Language: en

 

# You can set the default proxies for Wget to use for http, https, and ftp.

# They will override the value in the environment.

https_proxy = http://proxy.代理加端口号

http_proxy = http://proxy.代理加端口号

ftp_proxy = http://proxy.代理加端口号

 

 

4 配置全局代理

在最后一行添加

[[email protected] ~]# vi /etc/profile

http_proxy=http://proxy.代理加端口号

https_proxy=https://proxy.代理加端口号

ftp_proxy=ftp://proxy.代理加端口号0

export http_proxy

export https_proxy

export ftp_proxy

5 配置IP地址

[[email protected] ~]# vi /etc/sysconfig/network-scripts/ifcfg-ens160

 

TYPE=Ethernet

PROXY_METHOD=none

BROWSER_ONLY=no

BOOTPROTO=none

DEFROUTE=yes

IPV4_FAILURE_FATAL=no

IPV6INIT=yes

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_FAILURE_FATAL=no

IPV6_ADDR_GEN_MODE=stable-privacy

NAME=ens160

UUID=fb66f4f8-0c03-452d-a454-0cf670059a0c

DEVICE=ens160

ONBOOT=yes

IPADDR=设置好的IP地址

PREFIX=26

GATEWAY=网关

DNS1=DNSIP

 

6 关闭防火墙和selinux
systemctl stop firewalld.service
systemctl disable firewalld.service
systemctl status firewalld.service

关闭selinux

[[email protected] ~]# vi /etc/selinux/config

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

#     enforcing - SELinux security policy is enforced.

#     permissive - SELinux prints warnings instead of enforcing.

#     disabled - No SELinux policy is loaded.

SELINUX=disabled

# SELINUXTYPE= can take one of three values:

 

#     targeted - Targeted processes are protected,

#     minimum - Modification of targeted policy. Only selected processes are protected.

#     mls - Multi Level Security protection.

SELINUXTYPE=targeted

 

7 安装数据库

安装mariadb数据库。
yum -y install mariadb mariadb-serve

 

 

 

8 启动并初始化数据库

启动mariadb数据库服务器
systemctl start mariadb.service
systemctl enable mariadb.

 

 

9 启动并初始化数据库

启动mariadb数据库服务器
systemctl start mariadb.service
systemctl enable mariadb
 
初始化数据库
[[email protected] ~]# /bin/mysql_secure_installation
 
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we'll need the current
password for the root user. If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):<–初次运行直接回车
OK, successfully used password, moving on…
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
Set root password? [Y/n] <– 是否设置root用户密码，输入y并回车或直接回车
New password: <– 设置root用户的密码
Re-enter new password: <– 再输入一次你设置的密码
Password updated successfully!
Reloading privilege tables..
… Success!
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] <– 是否删除匿名用户,生产环境建议删除，所以直接回车
… Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] <–是否禁止root远程登录,根据自己的需求选择y并回车,建议禁止
… Success!
By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] <– 是否删除test数据库,直接回车
- Dropping test database…
… Success!
- Removing privileges on test database…
… Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] <– 是否重新加载权限表，直接回车
… Success!
Cleaning up…
All done! If you've completed all of the above steps, your MySQL
installation should now be secure.
Thanks for using MySQL!

 

10 添加数据库和用户

[[email protected] ~]# mysql -uroot -p

 

创建”rsyslog”的数据库，字符编码设置为utf 8
create database rsyslog character set utf8 collate utf8_bin;

 

对数据库“rsyslog”创建全权限的rsyslog,的本地用户，设置密码为“Nfkt2018!”

这里很重要，在后面配置数据库的时候需要用到的信息
grant all privileges on rsyslog.* to 'rsyslog'@'localhost' identified by 'Nfkt2018!';flush privileges;

 

11 安装 rsyslog 的 MySQL 扩展程序包 rsyslog-mysql

安装rsyslog

[[email protected] ~]# yum -y install rsyslog-mysql

 

 

 

12 将 rsyslog 的 MySQL 表导入创建的 rsyslog 数据库，并给予用户权限

将 rsyslog 的 MySQL 表导入创建的 rsyslog 数据库
 mysql -uroot -p < /usr/share/doc/rsyslog-8.24.0/mysql-createDB.sql

 

[[email protected] ~]# mysql -uroot -p < /usr/share/doc/rsyslog-8.24.0/mysql-createDB.sql

Enter password:

[[email protected] ~]#
 
13 创建数据库Syslog,设置本地用户rsyslog,密码rsyslog,全部权限
mysql -uroot -p
grant all privileges on Syslog.* to 'rsyslog'@'%' identified by 'Nfkt2018!';flush privileges;

 

 

 

14 修改 rsyslog 配置文件

vi /etc/rsyslog.conf
 
$ModLoad ommysql

*.* :ommysql:localhost,Syslog,rsyslog,Nfkt2018!    #日志 :ommysql:数据库地址,数据库名,数据库用户,数据库用户密码
 
# 使用UDP协议传输
$ModLoad imudp
$UDPServerRun 514
$UDPServerRun 38514
 
#使用TCP协议传输（两者可同时使用）
$ModLoad imtcp
$InputTCPServerRun 514
$InputTCPServerRun 38514     #华为交换机默认发送日志端口
 
 注意，在修改配置文件的时候，要使功能生效，需要将“#”删掉

 

15 重启rsyslog服务

systemctl restart rsyslog.service
systemctl enable rsyslog.service

 

16 准备web环境

安装所需软件
yum install httpd php php-mysql php-gd -y

 

 

17 下载 loganalyzer

yum install unzip wget -y

1. 在apache的默认documentRoot目录下创建loganalyzer目录:
   mkdir -p /var/www/html/loganalyzer
   创建loganalyzer日志目录:
   mkdir -p /var/log/httpd/loganalyzer

cd /usr/local/src

wget http://download.adiscon.com/loganalyzer/loganalyzer-4.1.6.tar.gz

tar -zxvf loganalyzer-4.1.6.tar.gz

cd loganalyzer-4.1.6

cp -r src/* /var/www/html/loganalyzer
cp -r contrib/* /var/www/html/loganalyzer

注意这里的步骤不能错误，尤其是红色部分

 

 

18 在/var/www/html/loganalyzer下创建config.php并设置权限:
touch config.php
chmod 666 config.php

重启服务器，不然还是报错

 

19 登录http://10.240.125.153/loganalyzer/

 

 

 

 

 

 

 

 

 

 

 

 

 

 

搭建完毕