#wget http://www.silfreed.net/download/repo/packages/syslog-ng/syslog-ng-2.1.1-4.el5.x86_64.rpm
** สำหรับ Centos 6.0 ต้อมเพิ่มคำสั่ง นี้ **
#yum install eventlog*#rpm -Uvh syslog-ng-2.1.1-4.el5.x86_64.rpm
#chkconfig syslog-ng on
#vim /etc/httpd/conf/httpd.conf
Line - 486 ErrorLog syslog-ng
Line - 493 LogLevel notice
Line - 529 CustomLog "|/root/script/apache_syslog" combined
#mkdir /root/script
#vim /root/script/apache_syslog
#!/usr/bin/perl#vim /etc/syslog-ng/syslog-ng.conf
use Sys::Syslog qw(:DEFAULT setlogsock);
setlogsock('unix');
openlog('apache','cons,pid','local3');
while($log = < STDIN >) #เขียนให้ติดกัน
{
syslog('notice',$log);
}
Closelog
destination d_mysql {
program("/usr/bin/mysql -usyslogadmin -psyslogadmin -h172.17.3.32 syslog"
template("CREATE TABLE IF NOT EXISTS log$YEAR$MONTH$DAY (server varchar(15) NOT NULL,host varchar(128) DEFAULT NULL,facility varchar(10) DEFAULT NULL,priority varchar(10) DEFAULT NULL,level varchar(10) DEFAULT NULL,tag varchar(10) DEFAULT NULL,logtime datetime DEFAULT NULL,program varchar(15) DEFAULT NULL,msg text,seq bigint(20) unsigned NOT NULL AUTO_INCREMENT,counter int(11) NOT NULL DEFAULT '1',fo datetime DEFAULT NULL,lo datetime DEFAULT NULL,PRIMARY KEY (seq)) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;\n INSERT INTO log$YEAR$MONTH$DAY (server,host, facility, priority, level, tag, logtime, program, msg)
VALUES ( '172.17.3.15','$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG',
'$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n")
template-escape(yes));};
filter f_weblog { facility(local3); };#/etc/init.d/httpd restart
log { source(s_sys); filter(f_weblog); destination(d_mysql); };
#/etc/init.d/syslog-ng restart
ไม่มีความคิดเห็น:
แสดงความคิดเห็น