一、配置网络  
cd /etc/sysconfig/network-scripts
ls 

image1.png
vi ifcfg-eth0                      (不一定eth0)
BOOTPROTO=static            (dhcp改成static)
IPADDR=***.***.***.***        ip地址
NETMASK=255.255.255.0   子网掩码(根据实际情况)
DNS=***.***.***.***             DNS服务器
GATEWAY=***.***.***.***    网关
ONBOOT=yes                     (no改成yes)开机自启动网卡

image2.png

systemctl restart network.service 重启网络
打开putty或者mobaxterm远程ip 


二、换源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo > Centos-7.repo
yum clean all 清除yum缓存
yum makecache 建立缓存


三、安装wget
yum -y install wget


四、安装LNMP环境
wget http://soft.vpser.net/lnmp/lnmp1.9.tar.gz -cO lnmp1.9.tar.gz && tar zxf lnmp1.9.tar.gz && cd lnmp1.9 && ./install.sh lnmp


在lnmp1.9下选择MYSQL5.7

image3.png

Using Gerneric Binaries : y

image4.png

设置MYSQL密码123456

image5.png

Enable the InnoDB Storage Engine

image6.png

选择php7.4.30版本

image7.png

Install memory allocator

image8.png
安装完成后生成hype-v检查点 (防止意外)


五、设置rsyslog
检查是否安装了rsyslog软件

rpm -qa|grep rsyslog    //默认系统都安装了该软件

image9.png
安装rsyslog 连接MySQL数据库的模块

yum install rsyslog-mysql –y

rsyslog-mysql 为rsyslog 将日志传送到MySQL 数据库的一个模块,这里必须安装。


导入rsyslog-mysql 数据库文件

cd /usr/share/doc/rsyslog-8.24.0/

mysql -uroot -p < mysql-createDB.sql
输入mysql密码


创建rsyslog 用户在mysql下的相关权限(可以在phpmyadmin下执行)

mysql -uroot -p

mysql> grant all on Syslog.* to rsyslog@localhost identified by '123456';

mysql> flush privileges;

mysql> exit


配置服务端支持rsyslog-mysql 模块,并开启UDP服务端口获取网内其他LINUX系统日志

vi /etc/rsyslog.conf

$ModLoad ommysql

*.* :ommysql:localhost,Syslog,rsyslog,123456


在 #### MODULES #### 下添加上面两行。

说明:localhost 表示本地主机,Syslog 为数据库名,rsyslog 为数据库的用户,123456为该用户密码。


$ModLoad immark    #immark是模块名,支持日志标记

$ModLoad imudp    #imupd是模块名,支持udp协议

$UDPServerRun 514    #允许514端口接收使用UDP和TCP协议转发过来的日志


重启rsyslog 服务

systemctl restart rsyslog(可能是/etc/init.d/rsyslog restart)


六、安装LogAnalyzer

wget http://download.adiscon.com/loganalyzer/loganalyzer-4.1.12.tar.gz

tar zxf loganalyzer-4.1.12.tar.gz

cd loganalyzer-4.1.12

mkdir -p /var/www/html/loganalyzer

rsync -a src/* /var/www/html/loganalyzer/


添加lnmp虚拟主机

lnmp vhost add


Please enter domain                                                     www.loganalyzer.com

image10.png

Allow rewrite rules                                                        y
Enable Pathinfo                                                             y
Disable access log                                                        n
Enable ipv6                                                                   n
Create database and MYSQL user with same name     y
Enter database name                                                    rsyslog
Enter password                                                             *******
Add SSL certificate                                                        n

image11.png

image12.png


编辑配置文件

cd /usr/local/nginx/conf/vhost


vi www.loganalyzer.com.conf


server
    {
        listen 8000;
        listen [::]:8000;
        server_name loganalyzer ;
        index index.html index.htm index.php default.html default.htm default.php;
        root  /var/www/html/loganalyzer;

        include rewrite/other.conf;
        #error_page   404   /404.html;

        # Deny access to PHP files in specific directory
        #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

        include enable-php.conf;

        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
        }
location ~ .*\.(js|css)?$
        {
            expires      12h;
        }

        location ~ /.well-known {
            allow all;
        }

        location ~ /\.
        {
            deny all;
        }

        access_log  /home/wwwlogs/loganalyzer.log.log;
}

重启nginx

/etc/init.d/nginx restart


打开防火墙

systemctl start firewalld.service

打开80(phpmyadmin),8000(loganalyzer),514(rsyslog)端口

firewall-cmd --zone=public --add-port=8000/tcp --permanent

firewall-cmd --zone=public --add-port=80/tcp --permanent

firewall-cmd --zone=public --add-port=514/udp –permanent


重启防火墙

firewall-cmd –reload


查看已开放的端口

firewall-cmd --list-ports

设置开机启动防火墙

systemctl enable firewalld

查看防火墙设置开机自启是否成功

systemctl is-enabled firewalld;echo $?


待定操作

firewall-cmd --zone=public --add-port=514/tcp --permanent


getenforce

setenforce 0

systemctl status firewalld.service

systemctl stop firewalld.service


访问ip:8000

image13.jpeg

提示错误:缺少config.php 文件,并且权限要设置为666,可以使用contrib目录下的configure.sh 脚本生成。cp ~/loganalyzer-4.1.12/contrib/configure.sh ./

(可能在cp /usr/local/src/loganalyzer-4.1.12/contrib/configure.sh ./)

chmod a+x configure.sh

./configure.sh


需要在/var/www/html/loganalyzer/ 下创建config.php 文件,并设置其权限为666。


cd /var/www/html/loganalyzer

touch config.php

chmod 666 config.php

image14.jpeg

修改Database Name:Syslog ,Database User:rsyslog,Database Password:*******

image15.jpeg

设置账号密码

image16.jpeg


参考文档:

https://www.cnblogs.com/linkenpark/p/8296274.html
https://lnmp.org/install.html
https://lnmp.org/faq/lnmp-vhost-add-howto.html
https://www.cnblogs.com/mchina/p/linux-centos-rsyslog-loganalyzer-mysql-log-server.html
https://blog.csdn.net/chanyong5639/article/details/100963258
https://www.jianshu.com/p/f4bcb808824d