centos7+rsyslog+loganalyzer+mysql 搭建rsyslog日誌伺服器
一、簡介
在centos7系統中,預設的日誌系統是rsyslog,它是一類unix系統上使用的開源工具,用於在ip網路中轉發日誌資訊,rsyslog採用模組化設計,是syslog的替代品。
1、rsyslog特點
實現了基本的syslog協議
直接相容syslogd的syslog.conf配置檔案
在同一臺機器上支援多個rsyslogd程序,支援多執行緒
豐富的過濾功能,可以實現過濾日誌資訊中的任何部分,可將訊息過濾後在轉發
靈活的配置選項,配置檔案中可以寫簡單的邏輯判斷,自定義輸出格式等
增加了重要的功能,如使用tcp進行訊息傳輸,支援UDP,TCP,SSL,TLS,RELP
有現成的前端web展示程式
可以使用MySQL,PGSQL,Oralce實現日誌儲存
預設安裝的rsyslog軟體包提供的守護程序是rsyslog,它是一項系統的基礎服務,應該設定開機執行
2、核心組成
facility(設施,收集管道),priority(級別),target(路徑)
facility:從功能或程式上對日誌進行分類
auth:認證相關
authpriv:認證許可權相關
cron:計劃任務相關
daemon:守護程序相關
kern:核心相關
lpr:列印相關
mail:郵件相關
news:新聞相關
security:安全相關
syslog:自身日誌
user:使用者相關
uucp:unix to unix copy,早期系統檔案共享服務
local0-local7:使用者自定義facility
priority:日誌級別也可以叫loglevel
debug:除錯
info:除去debug外的所有資訊
notice:注意
warn,warning:警告
err,error:錯誤資訊
crit:藍色警報
alert:橙色警報
emerg,panic:紅色警報
指定級別的方式:
*:所有級別
none:沒有級別
priority:比此級別高的(包含)所有級別的日誌資訊都會記錄
=priority:僅記錄指定級別
target:路徑
檔案路徑:將日誌記錄於指定的檔案中;在檔案路徑之前使用”-“,表示非同步寫入;
使用者:將日誌資訊通知給檔案
*:所有使用者
日誌伺服器:@SERVER
管道:| COMMAND
3、配置檔案明細
vim /etc/rsyslog.conf
1 # rsyslog configuration file 2 3 # For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html 4 # If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html 5 6 #### MODULES #### #模組部分 7 8 # The imjournal module bellow is now used as a message source instead of imuxsock. 9 $ModLoad imuxsock #支援本地系統 provides support for local system logging (e.g. via logger command) 10 $ModLoad imjournal # provides access to the systemd journal 11 #$ModLoad imklog # reads kernel messages (the same are read from journald) 12 #$ModLoad immark # provides --MARK-- message capability 13 14 # Provides UDP syslog reception 15 #$ModLoad imudp 16 #$UDPServerRun 514 17 18 # Provides TCP syslog reception 19 #$ModLoad imtcp 20 #$InputTCPServerRun 514 21 22 23 #### GLOBAL DIRECTIVES #### #全域性指定 24 25 # Where to place auxiliary files 26 $WorkDirectory /var/lib/rsyslog 27 28 # Use default timestamp format 29 $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat 30 31 # File syncing capability is disabled by default. This feature is usually not required, 32 # not useful and an extreme performance hit 33 #$ActionFileEnableSync on 34 35 # Include all config files in /etc/rsyslog.d/ 36 $IncludeConfig /etc/rsyslog.d/*.conf 37 38 # Turn off message reception via local log socket; 39 # local messages are retrieved through imjournal now. 40 $OmitLocalLogging on 41 42 # File to store the position in the journal 43 $IMJournalStateFile imjournal.state 44 45 46 #### RULES #### #規則部分 47 48 # Log all kernel messages to the console. 49 # Logging much else clutters up the screen. 50 # 本地物理終端,比如啟動引導的時候,列印在螢幕上的日誌,可以用dmesg看 51 #kern.* /dev/console 52 53 # Log anything (except mail) of level info or higher. 54 # Don't log private authentication messages! 55 #可以使用分號隔開,”*.info“所有的info,排除mail ,authpriv,cron 56 *.info;mail.none;authpriv.none;cron.none /var/log/messages 57 58 #如果想給發給日誌伺服器只需要指定伺服器 59 #*.info;mail.none;authpriv.none;cron.none @192.168.216.53 60 61 62 63 # The authpriv file has restricted access. 64 #authpriv.* ,authpriv的任何級別 65 authpriv.* /var/log/secure 66 67 # Log all the mail messages in one place. 68 #任意的mail,-/var/log/maillog 減號是非同步的意思,因為不是特別關鍵,所以非同步,節省效率 69 mail.* -/var/log/maillog 70 71 72 # Log cron stuff 73 cron.* /var/log/cron 74 75 # Everybody gets emergency messages 76 #所有登陸到系統上的使用者的資訊 77 *.emerg :omusrmsg:* 78 79 # Save news errors of level crit and higher in a special file. 80 #”,“代表uucp和news都使用一個級別crit警告 81 uucp,news.crit /var/log/spooler 82 83 # Save boot messages also to boot.log 84 #自定義日誌,比如說新增一個local2,對應修改sshd配置檔案 85 local7.* /var/log/boot.log 86 #local2.* /var/log/sshd.log 87 # ### begin forwarding rule ### 88 # The statement between the begin ... end define a SINGLE forwarding 89 # rule. They belong together, do NOT split them. If you create multiple 90 # forwarding rules, duplicate the whole block! 91 # Remote Logging (we use TCP for reliable delivery) 92 # 93 # An on-disk queue is created for this action. If the remote host is 94 # down, messages are spooled to disk and sent when it is up again. 95 #$ActionQueueFileName fwdRule1 # unique name prefix for spool files 96 #$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) 97 #$ActionQueueSaveOnShutdown on # save messages to disk on shutdown 98 #$ActionQueueType LinkedList # run asynchronously 99 #$ActionResumeRetryCount -1 # infinite retries if host is down 100 # remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional 101 #*.* @@remote-host:514 102 # ### end of the forwarding rule ###
2、loganalyzer是一款syslog日誌和其他網路時間資料的web前端,它提供了對日誌的簡單瀏覽、搜尋、基本分析和一些圖表報告的功能。資料可以從資料庫或一般syslog文字檔案中獲取,所有loganalyzer不需要改變現有的記錄架構。基於當前的日誌資料,它可以處理syslog日誌訊息windows事件日誌記錄,支援故障排除,使使用者能快速查詢日誌資料中看出問題的解決方案
3、loganalyzer獲取客戶端日誌會有兩種儲存模式,一種是直接讀取客戶端/var/log目錄下的日誌並儲存到服務端該目錄下,一種是讀取後儲存日誌伺服器資料庫中,這裡測試的是mariadb資料庫
4、loganalyzer採用php開發,所以服務需要php的執行環境,這裡用的lnmp
5、程式環境
192.168.216.51 web
192.168.216.52 mysql
192.168.216.53 rsyslog-mysql
所有軟體版本
1 [root@web1 loganalyzer]# cat /etc/centos-release 2 CentOS Linux release 7.6.1810 (Core) 3 [root@web1 loganalyzer]# rpm -qa |grep nginx 4 nginx-filesystem-1.12.2-2.el7.noarch 5 nginx-1.12.2-2.el7.x86_64 6 nginx-mod-http-xslt-filter-1.12.2-2.el7.x86_64 7 nginx-mod-http-geoip-1.12.2-2.el7.x86_64 8 nginx-mod-http-perl-1.12.2-2.el7.x86_64 9 nginx-all-modules-1.12.2-2.el7.noarch 10 nginx-mod-mail-1.12.2-2.el7.x86_64 11 nginx-mod-http-image-filter-1.12.2-2.el7.x86_64 12 nginx-mod-stream-1.12.2-2.el7.x86_64 13 [root@web1 loganalyzer]# rpm -qa |grep php-fpm 14 php-fpm-5.4.16-46.el7.x86_64 15 [root@web1 loganalyzer]# rpm -qa |grep rsyslog 16 rsyslog-8.24.0-34.el7.x86_64 17 rsyslog-mysql-8.24.0-34.el7.x86_64
loganalyzer-4.1.5
1 [root@web3 ~]# rpm -qa |grep mariadb 2 mariadb-5.5.60-1.el7_5.x86_64 3 mariadb-server-5.5.60-1.el7_5.x86_64 4 mariadb-libs-5.5.60-1.el7_5.x86_64 5 [root@web3 ~]# rpm -qa |grep rsyslog 6 rsyslog-8.24.0-34.el7.x86_64 7 [root@web3 ~]#
二、部署
1、環境
lnmp環境用的Centos7+lnmp+zabbix4+分離mysql實驗,這篇一樣的環境
2、實驗1:部署web的rsyslog-client,messages日誌傳送到rsyslog伺服器
1)、51-web1伺服器
vim /etc/rsyslog.conf
1 #*.info;mail.none;authpriv.none;cron.none /var/log/messages 2 *.info;mail.none;authpriv.none;cron.none @192.168.216.53 #指定rsyslog伺服器,很簡單
3 $ModLoad imudp
4 $UDPServerRun 514 #可以指定一個udp埠,預設也是udp的,看需求安排
重啟服務
systemctl restart rsyslog
systemctl enable rsyslog
2)、53-web3伺服器,rsyslog伺服器
vim /etc/rsyslog.conf
指定埠
$ModLoad imudp
$UDPServerRun 514
systemctl restart rsyslog
systemctl enable rsyslog
3)、測試效果
51
1 [root@web1 web]# !system 2 systemctl restart nginx
53
1 [root@web3 ~]# tail /var/log/messages 2 Mar 6 12:13:51 web3 avahi-daemon[6119]: Registering new address record for fe80::3409:e73d:1ef:2e1 on ens33.*. 3 Mar 6 12:13:51 web3 avahi-daemon[6119]: Registering new address record for fe80::39cb:d8d1:a78b:9be1 on ens33.*. 4 Mar 6 12:13:51 web3 avahi-daemon[6119]: Registering new address record for 192.168.216.53 on ens33.IPv4. 5 Mar 6 12:13:51 web3 avahi-daemon[6119]: Registering HINFO record with values 'X86_64'/'LINUX'. 6 Mar 6 12:14:15 web1 systemd: Stopping The nginx HTTP and reverse proxy server... 7 Mar 6 12:14:15 web1 systemd: Stopped The nginx HTTP and reverse proxy server. 8 Mar 6 12:14:15 web1 systemd: Starting The nginx HTTP and reverse proxy server... 9 Mar 6 12:14:15 web1 nginx: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok 10 Mar 6 12:14:15 web1 nginx: nginx: configuration file /etc/nginx/nginx.conf test is successful 11 Mar 6 12:14:15 web1 systemd: Started The nginx HTTP and reverse proxy server. 12 [root@web3 ~]#
3、實驗2:配置基於mysql儲存日誌資訊
1 )、51上安裝資料庫外掛
yum install rsyslog-mysql
1 [root@web1 web]# rpm -ql rsyslog-mysql 2 /usr/lib64/rsyslog/ommysql.so 3 /usr/share/doc/rsyslog-8.24.0/mysql-createDB.sql
2)、 53上安裝mysql資料庫,並配置
yum install mariadb-server mariadb
systemctl start mariadb
systemctl enable mariadb
1 [root@web3 ~]# mysql #進入mysql 2 Welcome to the MariaDB monitor. Commands end with ; or \g. 3 Your MariaDB connection id is 2 4 Server version: 5.5.60-MariaDB MariaDB Server 5 6 Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. 7 8 Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. 9 10 11 1213 to your MariaDB server version for the right syntax to use near 'usem mysql' at line 1 14 MariaDB [(none)]> use mysql; #修改root密碼1 15 Reading table information for completion of table and column names 16 You can turn off this feature to get a quicker startup with -A 17 18 Database changed 19 MariaDB [mysql]> update user set password=password('admin123') where user='root'; #改root密碼2 20 Query OK, 4 rows affected (0.00 sec) 21 Rows matched: 4 Changed: 4 Warnings: 0 22 23 MariaDB [mysql]> GRANT ALL ON Syslog.* TO 'Syslog'@'192.168.%.%'IDENTIFIED BY 'admin123'; #授權syslog 24 Query OK, 0 rows affected (0.00 sec) 25 26 27 28 MariaDB [mysql]> FLUSH PRIVILEGES; #重新整理 29 Query OK, 0 rows affected (0.01 sec) 30 31 MariaDB [mysql]>
上面的資料庫名稱和syslog資料庫使用者,可以通過51上的/usr/share/doc/rsyslog-8.24.0/mysql-createDB.sql檔案檢視
1 [root@web1 web]# less /usr/share/doc/rsyslog-8.24.0/mysql-createDB.sql 2 CREATE DATABASE Syslog; 3 USE Syslog; 4 CREATE TABLE SystemEvents
3)、測試,51上測試
1 [root@web1 web]# mysql -usyslog -h192.168.216.53 -p 2 Enter password: 3 Welcome to the MariaDB monitor. Commands end with ; or \g. 4 Your MariaDB connection id is 3 5 Server version: 5.5.60-MariaDB MariaDB Server 6 7 Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. 8 9 Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. 10 11 MariaDB [(none)]> 12 MariaDB [(none)]>
4)、資料庫優化
vim /etc/my.cnf
skip_name_resolve=on #這個引數是禁止域名解析
innodb_file_per_table=on #共享表空間轉化為獨立表空間
#需要重啟mariadb
systemctl restart mariasdb
5)、重定向匯入資料庫
51-web1
mysql -uSyslog -h192.168.216.53 -p < /usr/share/doc/rsyslog-8.24.0/mysql-createDB.sql
6)、資料庫有了,修改配置檔案
51-web1
vim /etc/rsyslog.conf
1 #### MODULES #### 2 3 $ModLoad ommysql
#### RULES ####
#*.info;mail.none;authpriv.none;cron.none /var/log/messages
#*.info;mail.none;authpriv.none;cron.none @192.168.216.53
*.info;mail.none;authpriv.none;cron.none :ommysql:192.168.216.53,Syslog,Syslog,admin123
systemctl restart rsyslog
7)、測試看看
51上
systemctl restart nginx
53上資料庫看一下有沒有寫入
1 mysql -uroo -p 2 MariaDB [(none)]> show databases; 3 +--------------------+ 4 | Database | 5 +--------------------+ 6 | information_schema | 7 | Syslog | 8 | mysql | 9 | performance_schema | 10 | syslog | 11 | test | 12 +--------------------+ 13 6 rows in set (0.01 sec) 14 15 MariaDB [(none)]> use Syslog; 16 Reading table information for completion of table and column names 17 You can turn off this feature to get a quicker startup with -A 18 19 Database changed 20 MariaDB [Syslog]> show tables; 21 +------------------------+ 22 | Tables_in_Syslog | 23 +------------------------+ 24 | SystemEvents | 25 | SystemEventsProperties | 26 +------------------------+ 27 2 rows in set (0.00 sec) 28 MariaDB [Syslog]> select count(*) from SystemEvents; 29 +----------+ 30 | count(*) | 31 +----------+ 32 | 12 | 33 +----------+ 34 1 row in set (0.01 sec) 35 MariaDB [Syslog]> select *from SystemEvents; 36 +----+------------+---------------------+---------------------+----------+----------+----------+------------------------------------------------------------------------------------------------------------------------------+------------+------------+-------------+-----------+---------------+---------+-----------------+--------------+-----------+----------+----------+------------+-----------+--------------+-----------------+----------+ 37 | ID | CustomerID | ReceivedAt | DeviceReportedTime | Facility | Priority | FromHost | Message | NTSeverity | Importance | EventSource | EventUser | EventCategory | EventID | EventBinaryData | MaxAvailable | CurrUsage | MinUsage | MaxUsage | InfoUnitID | SysLogTag | EventLogType | GenericFileName | SystemID | 38 +----+------------+---------------------+---------------------+----------+----------+----------+------------------------------------------------------------------------------------------------------------------------------+------------+------------+-------------+-----------+---------------+---------+-----------------+--------------+-----------+----------+----------+------------+-----------+--------------+-----------------+----------+ 39 | 1 | NULL | 2019-03-06 16:36:20 | 2019-03-06 16:36:20 | 3 | 6 | web1 | Stopping System Logging Service... | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | 1 | systemd: | NULL | NULL | NULL | 40 | 2 | NULL | 2019-03-06 16:36:20 | 2019-03-06 16:36:20 | 5 | 6 | web1 | [origin software="rsyslogd" swVersion="8.24.0-34.el7" x-pid="129667" x-info="http://www.rsyslog.com"] exiting on signal 15. | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | 1 | rsyslogd: | NULL | NULL | NULL | 41 | 3 | NULL | 2019-03-06 16:36:20 | 2019-03-06 16:36:20 | 3 | 6 | web1 | Stopped System Logging Service. | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | 1 | systemd: | NULL | NULL | NULL | 42 | 4 | NULL | 2019-03-06 16:36:20 | 2019-03-06 16:36:20 | 3 | 6 | web1 | Starting System Logging Service... | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | 1 | systemd: | NULL | NULL | NULL | 43 | 5 | NULL | 2019-03-06 16:36:20 | 2019-03-06 16:36:20 | 5 | 6 | web1 | [origin software="rsyslogd" swVersion="8.24.0-34.el7" x-pid="129711" x-info="http://www.rsyslog.com"] start | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | 1 | rsyslogd: | NULL | NULL | NULL | 44 | 6 | NULL | 2019-03-06 16:36:20 | 2019-03-06 16:36:20 | 3 | 6 | web1 | Started System Logging Service. | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | 1 | systemd: | NULL | NULL | NULL | 45 | 7 | NULL | 2019-03-06 16:36:22 | 2019-03-06 16:36:22 | 3 | 6 | web1 | Stopping The nginx HTTP and reverse proxy server... | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | 1 | systemd: | NULL | NULL | NULL | 46 | 8 | NULL | 2019-03-06 16:36:22 | 2019-03-06 16:36:22 | 3 | 6 | web1 | Stopped The nginx HTTP and reverse proxy server. | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | 1 | systemd: | NULL | NULL | NULL | 47 | 9 | NULL | 2019-03-06 16:36:22 | 2019-03-06 16:36:22 | 3 | 6 | web1 | Starting The nginx HTTP and reverse proxy server... | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | 1 | systemd: | NULL | NULL | NULL | 48 | 10 | NULL | 2019-03-06 16:36:22 | 2019-03-06 16:36:22 | 3 | 6 | web1 | nginx: the configuration file /etc/nginx/nginx.conf syntax is ok | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | 1 | nginx: | NULL | NULL | NULL | 49 | 11 | NULL | 2019-03-06 16:36:22 | 2019-03-06 16:36:22 | 3 | 6 | web1 | nginx: configuration file /etc/nginx/nginx.conf test is successful | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | 1 | nginx: | NULL | NULL | NULL | 50 | 12 | NULL | 2019-03-06 16:36:22 | 2019-03-06 16:36:22 | 3 | 6 | web1 | Started The nginx HTTP and reverse proxy server. | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | NULL | 1 | systemd: | NULL | NULL | NULL | 51 +----+------------+---------------------+---------------------+----------+----------+----------+------------------------------------------------------------------------------------------------------------------------------+------------+------------+-------------+-----------+---------------+---------+-----------------+--------------+-----------+----------+----------+------------+-----------+--------------+-----------------+----------+ 52 12 rows in set (0.00 sec) 53 54 MariaDB [Syslog]> select *from SystemEvents\G #豎排顯示
4、前端顯示logAnalyzer
51上配置
這裡測試的為4.1.5,請自行下載loganalyzer-4.1.5.tar.gz,這裡lnmp已經配置好,只需要修改nginx配置檔案新增埠方式的虛擬主機
1)、環境
2)、配置loganalyzer
mkdir /loganalyzer
cp -r /loganalyzer-4.1.5/src/* /loganalyzer
cploganalyzer-4.1.5/contri/* /loganalyzer
cd /loganalyzer
chmod +x *.sh
./configure.sh
./secure.sh
chmod 666 config.php
3)、修改nginx配置檔案,新增虛擬主機
1 [root@web1 loganalyzer]# cat /etc/nginx/conf.d/default.conf 2 server { 3 listen 80; 4 server_name 192.168.216.51; 5 index index.html index.htm index.php; 6 charset utf-8; 7 root /loganalyzer; 8 location / { 9 #max_fails=6; 10 #fail_timeout=60; 11 root /loganalyzer; 12 } 13 14 location ~.*\.php$ { 15 fastcgi_connect_timeout 300; 16 root /loganalyzer; 17 fastcgi_send_timeout 300; 18 fastcgi_read_timeout 300; 19 #max_fails=6; 20 #fail_timeout=60; 21 fastcgi_buffers 8 16k; 22 fastcgi_buffer_size 32k; 23 #fastcgi_pass unix:/dev/shm/php-fpm.sock; 24 fastcgi_pass 127.0.0.1:9000; 25 fastcgi_index index.php; 26 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 27 include fastcgi_params; 28 try_files $uri = 404; 29 } 30 31 location ~.*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp3|wma)$ { 32 expires 30d; 33 } 34 location ~.*\.(js|css)$ { 35 expires 12h; 36 } 37 } 38 39 server { 40 listen 81; 41 server_name 192.168.216.51; 42 index index.html index.htm index.php; 43 charset utf-8; 44 root /usr/share/zabbix; 45 location / { 46 #max_fails=6; 47 #fail_timeout=60; 48 root /usr/share/zabbix; 49 } 50 51 location ~.*\.php$ { 52 fastcgi_connect_timeout 300; 53 root /usr/share/zabbix; 54 fastcgi_send_timeout 300; 55 fastcgi_read_timeout 300; 56 #max_fails=6; 57 #fail_timeout=60; 58 fastcgi_buffers 8 16k; 59 fastcgi_buffer_size 32k; 60 #fastcgi_pass unix:/dev/shm/php-fpm.sock; 61 fastcgi_pass 127.0.0.1:9000; 62 fastcgi_index index.php; 63 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 64 include fastcgi_params; 65 try_files $uri = 404; 66 } 67 68 location ~.*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp3|wma)$ { 69 expires 30d; 70 } 71 location ~.*\.(js|css)$ { 72 expires 12h; 73 } 74 } 75 [root@web1 loganalyzer]#
systemctl restart nginx
systemctl restart php-fpm
5、正式開始web端配置
1)開始訪問,預設訪問的是index.php,安裝需要install.php,直接點here即可
2)、安裝需求,點選下一步即可
3)檢查配置,config.php沒有加執行許可權就會包如下錯誤,修改許可權後請看下一步
添加了許可權後,點選下一步
4)、一些基礎配置,下一步即可
5)、建立第一個源,填寫資料庫資訊後,下一步
6)、點選finish,完成
7)、展示頁面
6、安全加固
config.php檔案保持了資料庫賬號密碼ip等資訊,安裝的時候需要加666許可權,現在不在需要讀許可權了,改為644即可
chmod 644 /loganalyzer/config.php
7、中文語言包
1)、解壓後將整個目錄方至/loganalyzer/lang目錄下
2)、chmod 655 -R /loganalyzer/lang/zh
3)、再次訪問右上角就可以選中文了
本文參考了https://www.linuxidc.com/Linux/2017-10/147693.htm,有需要下載loganalyzer程式的還有中文語言包的可以去看看