zoukankan      html  css  js  c++  java

  • 配置rhel 6.4(64位)安装使用syslog-ng 3.5

    我基本的博客地址是:www.cppblog.com/zdhsoft
    相应的CentOS 6.x也就可能使用。
    下载地址:
    第一步:安装
    wget http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.5.4.1/source/syslog-ng_3.5.4.1.tar.gz
    wget http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.5.4.1/source/eventlog_0.2.12%2B20120504%2B1700.tar.gz
    tar xvf eventlog_0.2.12+20120504+1700.tar.gz 
    cd eventlog-0.2.12+20120504+1700
    ./configure --prefix=/usr/local/services/eventlog 
    make 
    make install 
    cd ..
    tar -xvf syslog-ng_3.5.4.1.tar.gz 
    cd syslog-ng-3.5.4.1/
    export PKG_CONFIG_PATH=/usr/local/services/eventlog/lib/pkgconfig 
    ./configure --prefix=/usr/local/services/syslog-ng
    #假设提示no package 'glib-2.0' found centos
    #那么就用yum install libgnomeui-devel
    make
    make install
    第二步:加入服务
    配置
    将syslog-ng加入为系统服务, 
    vim /etc/init.d/syslog-ng  #内容例如以下 
    ################################################################################
    #!/bin/bash 
    #  
    # chkconfig: -  60 27 
    # description: syslog-ng SysV script.  
    . /etc/rc.d/init.d/functions 
     
    syslog_ng=/usr/local/services/syslog-ng/sbin/syslog-ng 
    prog=syslog-ng 
    pidfile=/usr/local/services/syslog-ng/var/syslog-ng.pid 
    lockfile=/usr/local/services/syslog-ng/var/syslog-ng.lock 
    RETVAL=0 
    STOP_TIMEOUT=${STOP_TIMEOUT-10} 
     
    start() { 
            echo -n $"Starting $prog: " 
            daemon --pidfile=$pidfile $syslog_ng $OPTIONS 
            RETVAL=$? 
            echo 
            [ $RETVAL = 0 ] && touch ${lockfile} 
            return $RETVAL 
     
    stop() { 
        echo -n $"Stopping $prog: " 
        killproc -p $pidfile -d $STOP_TIMEOUT $syslog_ng 
        RETVAL=$? 
        echo 
        [ $RETVAL = 0 ] && rm -f $lockfile $pidfile 
     
    case "$1" in 
      start) 
        start 
        ;; 
      stop) 
        stop 
        ;; 
      status) 
            status -p $pidfile $syslog_ng 
        RETVAL=$? 
        ;; 
      restart) 
        stop 
        start 
        ;; 
      *) 
        echo $"Usage: $prog {start|stop|restart|status}" 
        RETVAL=2 
    esac 
    exit $RETVAL 
    ##################################################################################
    #启动服务
    chmod a+x /etc/init.d/syslog-ng 
    killall syslogd 
    chkconfig --add syslog-ng 
    chkconfig syslog-ng on 
    service syslog-ng start 
    第三步:实际配置
    命令 vi /usr/local/services/syslog-ng/etc/syslog-ng.conf
    #################################################################################################### 
    #############################################################################
    # Default syslog-ng.conf file which collects all local logs into a
    # single file called /var/log/messages.
    #
    @version: 3.5
    @include "scl.conf"
    options {
            create_dirs(yes);
            dir_perm(0755);
            use_dns(no);
            perm(0644);
            chain_hostnames(off);
            stats_freq(30);
    };
    source s_local {
            system();
            internal();
    };
    source s_network {
            udp(ip("0.0.0.0") port(514));
    };
    destination d_local {
            file("/var/log/messages");
    };
    log {
            source(s_local);
            # uncomment this line to open port 514 to receive messages
            source(s_network);
            destination(d_local);
    };
    template t_onlymsgip { template("$MSGONLY|$SOURCEIP "); };
    template t_onlymsg { template("$MSGONLY "); };
    filter f_cgioss { program("CGI") and level(crit); };
    destination d_cgioss { file("/usr/local/services/lzlog/cgioss/$YEAR$MONTH/$YEAR$MONTH$DAY-$HOUR.oss" template(t_onlymsg)); };
    log { source(s_network); filter(f_cgioss); destination(d_cgioss); flags(final);};
    ##### CGI ERR #####
    filter f_cgierr { program("CGI") and level(err); };
    destination d_cgierr { file("/usr/local/services/lzlog/cgierr/$YEAR$MONTH/$YEAR$MONTH$DAY-$HOUR.err" template(t_onlymsgip)); };
    log { source(s_network); filter(f_cgierr); destination(d_cgierr); };
    ##### CGI LOG #####
    filter f_cgilog { program("CGI") ; };
    destination d_cgilog { file("/usr/local/services/lzlog/cgilog/$YEAR$MONTH/$YEAR$MONTH$DAY-$HOUR.log" template(t_onlymsgip)); };
    destination d_minutecgilog { file("/usr/local/services/lzlog/cgilog/$YEAR$MONTH/$YEAR$MONTH$DAY-$HOUR-$MIN.log" template(t_onlymsgip)); };
    #log { source(s_network); filter(f_cgilog); destination(d_minutecgilog); };
    log { source(s_network); filter(f_cgilog); destination(d_cgilog); flags(final);};
    #### SVR BILL #####
    #如今量少,不用分10个文件
    filter f_svrbill { program("SVR") and level(info); };
    destination d_svrbill { file("/usr/local/services/lzlog/svrbill/$YEAR$MONTH/$YEAR$MONTH$DAY-$HOUR.oss" template(t_onlymsg)); };
    log { source(s_local); filter(f_svrbill); destination(d_svrbill); flags(final);};
    filter f_paybill { program("PAY"); };
    destination d_paybill { file("/usr/local/services/lzlog/paybill/$YEAR$MONTH/$YEAR$MONTH$DAY-$HOUR.oss" template(t_onlymsg)); };
    log { source(s_local); filter(f_paybill); destination(d_paybill); flags(final);};
    ###########################################################################################################
  • 相关阅读:
    file类型允许的文件格式设置问题,“选择文件”打开缓慢
    利用验证码登录豆瓣页面
    python利用scrapy框架爬取起点
    python爬取大众点评并写入mongodb数据库和redis数据库
    python爬虫——建立IP池,将可用IP存放到redis
    python爬虫爬取大众点评并导入redis
    用python爬整本小说写入txt文件
    简单的爬百度一个搜索页面
    Python爬虫——爬豆瓣登录页面
    mysql数据库出现2003-Can't connect to MySQL server on 'localhost' (10061)的解决方法
  • 原文地址:https://www.cnblogs.com/lcchuguo/p/5153473.html
Copyright © 2011-2022 走看看