`
haoningabc
  • 浏览: 1438588 次
  • 性别: Icon_minigender_1
  • 来自: 北京
社区版块
存档分类
最新评论

rsyslog 重新整理

阅读更多
几年前用的rsyslog今天重新整理一下
参考原来的http://haoningabc.iteye.com/blog/1130914
部分参考http://www.gaizaoren.org/archives/408
环境centos6.5

yum install rsyslog
yum install mysql-server
yum install rsyslog-mysql
yum install httpd php php-mysyql php-gd


cd /usr/share/doc/rsyslog-mysql-5.8.10
mysql <createDB.sql

会在mysql中建立两个表
SystemEvents
SystemEventsProperties
下面配置正确,SystemEvents中会有数据

mysql的支持
需要在
/etc/rsyslog.conf
中添加
$ModLoad imudp
$ModLoad ommysql
$UDPServerRun 514
12.*    /opt/log/meedo.log
12.*     :ommysql:127.0.0.1,Syslog,root,密码;

Syslog是createDB.sql建的库名
root是mysql用户
密码是mysql的密码

注意这里为12 ,后面客户端用到,开始设置local0---local6,php的接口获取不到,所以设置为12,貌似php只能支持到14, local0是16,local1是17,顺次往上

log4j指定12和 php的udp头里面指定12
完整的rsyslog.conf为
[root@host-10-6-6-4 rsyslog-mysql-5.8.10]# cat /etc/rsyslog.conf
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imklog   # provides kernel logging support (previously done by rklogd)
#$ModLoad immark  # provides --MARK-- message capability
$ModLoad imudp
$ModLoad ommysql
$UDPServerRun 514
12.*    /opt/log/meedo.log
12.*     :ommysql:127.0.0.1,Syslog,root,haoning;  
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$IncludeConfig /etc/rsyslog.d/*.conf
*.info;mail.none;authpriv.none;cron.none                /var/log/messages
authpriv.*                                              /var/log/secure
mail.*                                                  -/var/log/maillog
cron.*                                                  /var/log/cron
*.emerg                                                 *
uucp,news.crit                                          /var/log/spooler
local7.*                                                /var/log/boot.log
[root@host-10-6-6-4 rsyslog-mysql-5.8.10]#



修改/etc/sysconfig/rsyslog
# Options for rsyslogd
# Syslogd options are deprecated since rsyslog v3.
# If you want to use them, switch to compatibility mode 2 by "-c 2"
# See rsyslogd(8) for more details
#SYSLOGD_OPTIONS="-c 5"
SYSLOGD_OPTIONS=" -m 0 -r"

service rsyslog restart


java客户端
import org.slf4j.Logger;  
import org.slf4j.LoggerFactory;  
  
public class TestLog {  
  
    private static final Logger logger = LoggerFactory.getLogger(TestLog.class);  
    public static void main(String[] args) {  
        logger.info("test haoning haha this is 123");  
  
    }  
  
} 

log4j配置
log4j.rootLogger=INFO,CONSOLE,SYSLOG  
#log4j.rootLogger=INFO,SYSLOG,CONSOLE,DAILY_ROLLING_FILE  
log4j.addivity.org.apache=true  
log4j.debug=false  
  
###################  
# Console Appender  
###################  
log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender  
log4j.appender.CONSOLE.Target=System.out  
log4j.appender.CONSOLE.Threshold=DEBUG  
log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout  
log4j.appender.CONSOLE.layout.ConversionPattern=[%-5p] %d{yyyy-MM-dd HH:mm:ss} %l %m%n  
  
  
  
########################  
# RSYSLOG  
########################  
app.name=haohao 
log4j.appender.SYSLOG=org.apache.log4j.net.SyslogAppender  
log4j.appender.SYSLOG.SyslogHost= 103.227.81.149  
log4j.appender.SYSLOG.Facility=12  
log4j.appender.SYSLOG.Threshold=INFO  
log4j.appender.SYSLOG.layout=org.apache.log4j.PatternLayout  
log4j.appender.SYSLOG.layout.ConversionPattern=${app.name} %d{yyyy-MM-dd HH:mm:ss} %c:%L %m%n


java需要三个jar
log4j-1.2.17.jar
slf4j-api-1.7.5.jar
slf4j-log4j12-1.7.5.jar
注意这里Facility用的12,跟rsyslog配置的一样
运行就写入这台机器了

php的客户端
private static function mgsyslog($level,$msg)
	{
		$server="103.227.81.149";
		$port=514;
		$facility=1;
		$pid=posix_getpid();
		$process="PHP[${pid}]";
		$actualtime = time();
		$month      = date("M", $actualtime);
		$day        = substr("  ".date("j", $actualtime), -2);
		$hhmmss     = date("H:i:s", $actualtime);
		$timestamp  = $month." ".$day." ".$hhmmss;
		$hostname=gethostname();
		$pri    = "<".($facility*8 + $level).">";
		$header = $timestamp." ".$hostname;
		$message = substr($pri.$header." ".$process.": ".$msg, 0, 1024);
		$fp = fsockopen("udp://".$server, $port, $errno, $errstr);
		if ($fp)
		{
			fwrite($fp, $message);
			fclose($fp);
			return true;
		}
		return false;
	}

注意这里$pri 计算生成的是12

调用
self::mgsyslog(4,"haha ok from php -this is 12-----");
分享到:
评论

相关推荐

Global site tag (gtag.js) - Google Analytics