Install Centralized Syslog Server with Web Interface 
Introduction
This document applies to Ubuntu 7.10 Server. It may work on other version, but I didn’t tested them.
The PHP-Syslog-NG version used is 2.9.3l, but it may also work on feature versions.
You will need to install a syslog-ng © daemon. (will be installed from Ubuntu repositories).
You will need to get latest version of PHP-Syslog-NG, it is a log monitor designed to let the user quickly and easily manage logs from many hosts.
Initial Configuration of Ubuntu Server
Make sure you have updated Ubuntu repository, and upgraded to latest packages.
# sudo apt-get update
# sudo apt-get upgrade
Installing & configuring syslog-ng daemon
syslog-ng© is the world's most flexible and scalable audit trail processing tool for organizations of any size. It provides a centralized, securely stored log of all devices on your network, whatever platform they run on. And syslog-ng also incorporates a host of powerful features, including filtering based on message content, as well as customizable data mining and analysis capabilities.
I have installed syslog-ng from Ubuntu repositories.
# sudo apt-get install syslog-ng
Installation will replace current klogd (kernel log) and syslogd daemons.
Configuration:
Default configuration file located at /etc/syslog-ng/syslog-ng.conf.
Now you need to concentrate on configuration of this file how to fit your need.
I am giving example of configuring UDP as source to get the messages remotely, for this you need to change the following line under “source”s and “options” sections.
Open /etc/syslog-ng/syslog-ng.conf in your favorite editor (mine is “joe”)
# sudo jmacs /etc/syslog-ng/syslog-ng.conf
Find:
#Disable statistic log messages.
stats_freq(0);
Replace with:
#Enable statistic log messages.
stats_freq(43200);
Find:
# (this is equivalent to the "-r" syslogd flag)
# udp();
Replace with:
# (this is equivalent to the "-r" syslogd flag)
udp();
Find:
# enable or disable DNS usage
# syslog-ng blocks on DNS queries, so enabling DNS may lead to
# a Denial of Service attack
# (default is yes)
use_dns(no);
Replace with:
# enable or disable DNS usage
# syslog-ng blocks on DNS queries, so enabling DNS may lead to
# a Denial of Service attack
# (default is yes)
use_dns(yes);
dns_cache(yes);
If you want to know more about sources, options, logs, filters, destination, go to: http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/index.html
Installing & configuring PHP-Syslog-NG
PHP-Syslog-NG is a front-end for viewing syslog-ng messages logged to MySQL in real-time.
It features customized searches based on device, time, priority, message, and date.
How it works:
Syslog-ng by default collects all the messages from the various sources and places them to the MySQL Database.
PHP-Syslog-NG which is the front end interface then looks and reads from the MySQL Database when searched from the web interface.
First install some packages needed for PHP-syslog-NG installation.
# sudo apt-get install mysql-server
# sudo apt-get install apache2
# sudo apt-get install php5
# sudo apt-get install php5-cli
# sudo apt-get install libapache2-mod-php5
# sudo apt-get install php5-mysql
# sudo apt-get install php5-gd
# sudo apt-get install libice6
# sudo apt-get install msttcorefonts
Set mysql root password
# mysql -u root
mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('yourpassword');
A successful mysql command will show:
Query OK, 0 rows affected (0.00 sec)
For older versions (prior 2.9.8), create a folder for PHP-Syslog-NG
# sudo mkdir /usr/share/php-syslog-ng
# cd /usr/share/php-syslog-ng
For newer versions (2.9.8 and up), no need to create folder
# cd /usr/share
Download & extract PHP-Syslog-NG, then remove/copy downloaded file from this directory
# sudo wget http://php-syslog-ng.gdd.net/current.tgz
#
## Replace <version> with version you downloaded (mine is 2.9.3l)
# sudo tar xzvf php-syslog-ng-<version>.tgz
# sudo rm php-syslog-ng-2.9.3l.tgz
Configure write permissions for apache on required directories
# sudo chmod 777 html/config/ html/jpcache/
Make sure you have PHP memory limit is at least 128MB and maximum execution time at least 300 seconds
Open /etc/php5/apache2/php.ini in your favorite editor (mine is “joe”)
Find:
max_execution_time
Set to, at least 300
Find:
memory_limit
Set to, at least 128MB
Make log directory:
# sudo mkdir -p /var/log/php-syslog-ng
Edit virtual host entry file for apache:
# cd /etc/apache2/sites-available
# sudo jmacs php-syslog-ng
Here is an example of virtual host entry file:
<VirtualHost *>
ServerName syslog.planetit.ws
ServerAdmin alex@planetit.ws
DocumentRoot /usr/share/php-syslog-ng/html
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /usr/share/php-syslog-ng/html>
# pcw No directory listings
# Options Indexes FollowSymLinks MultiViews
Options -Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/apache2/php-syslog-ng-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/php-syslog-ng-access.log combined
ServerSignature On
</VirtualHost>
Enable apache virtual host:
# sudo a2ensite php-syslog-ng
Reload apache:
# sudo invoke-rc.d apache2 reload
Go to web browser for web installation (http://<your_php-syslog-ng_url>/install)
Screen 1:
Make sure everything on the pre-installation check screen is green, if not, fix it before continuing!
Click next at the top right to begin the installation.
Screen2:
Accept the license agreement
Screen 3:
Enter the mysql ROOT user’s password
Leave everything else as default unless you really need to change something (you may whant to uncheck “install sample data” box)
Click Next
Click OK to accept the notice about CEDMB
Wait (be patient, the CEMDB take a minute or two to populate)
Screen 4:
Enter a site name, eg: “PlanetIT Syslog Server”
Click Next
Screen 5:
Leave the default fields as is unless necessary.
Enter email address into email field
Enter a password for the admin or leave the random one there (but right it down so you can get into the site).
Click Next
Screen 6:
Click the "View Site" button
Main Site:
Login using admin and the password you selected on screen 5
If you installed the sample data there will be a couple of entries, if not, you'll get an error message like this:
There appear to be no hosts in the Database yet
You can generate fake ones using scripts/dbgen.pl
Now go back to terminal console and change directory to /usr/share/php-syslog-ng/script:
# cd /usr/share/php-syslog-ng/scripts
Update all files with the correct path for your install using perl:
# sudo perl -i -pe 's/\/www\/php-syslog-ng/\/usr\/share\/php-syslog-ng/g' *
Open root’s crontab for editing:
# sudo crontab -e -u root
Copy & paste these lines into the crontab:
@daily php /usr/share/php-syslog-ng/scripts/logrotate.php >> /var/log/php-syslog-ng/logrotate.log
@daily find /usr/share/php-syslog-ng/html/jpcache/ -atime 1 -exec rm -f '{}' ';'
0,5,10,15,20,25,30,35,40,45,50,55 * * * * php /usr/share/php-syslog-ng/scripts/reloadcache.php >> /var/log/php-syslog-ng/reloadcache.log
Copy logrotate.d file:
# sudo cp /usr/share/php-syslog-ng/scripts/logrotate.d /etc/logrotate.d/php-syslog-ng
Edit /etc/syslog-ng/syslog-ng.conf for PHP-Syslog-NG specific configuration:
# sudo jmacs /etc/syslog-ng/syslog-ng.conf
Copy & Paste these lines at the end of the syslog-ng.conf file you just opened:
destination d_mysql {
program("/usr/bin/mysql -usyslogadmin -psyslogadmin syslog"
template("INSERT INTO logs (host, facility, priority, level, tag, datetime, program, msg)
VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n")
template-escape(yes));
};
log {
source(s_all);
destination(d_mysql);
};
Reload sylog-ng deamon
# sudo invoke-rc.d syslog-ng reload
Configuring Client Machines:
In this example I will explain how to configure Linux machines to send all syslog messages to remote syslog server. It will help you to check the remote sylog intsllation we just did.
This example works on most Linux machines with default syslogd daemon installed.
You must do it with root privileges, (in Ubuntu you can use “sudo” for this).
Edit /etc/syslog.conf:
# jmacs /etc/syslog.conf
Put on the top of the syslog.conf file you just opened:
*.* @<your_syslog-ng_server>
Replace <your_syslog-ng_server> with you remote syslog-ng server IP or hostname.
Reload syslod, so the changes will take effect:
# /etc/init.d/syslog reload
Comments
Feb 16th 2009, by
Guest
Following your directions, but received error when reloading apache2..
root@barracuda:/etc/apache2/sites-available# a2ensite php-syslog-ng
Site php-syslog-ng installed; run /etc/init.d/apache2 reload to enable.
root@barracuda:/etc/apache2/sites-available# invoke-rc.d apache2 reload
* Reloading web server config apache2
Warning: DocumentRoot [/usr/share/php-syslog-ng/html] does not exist
...done.
Following your directions, but received error when reloading apache2..
root@barracuda:/etc/apache2/sites-available# a2ensite php-syslog-ng
Site php-syslog-ng installed; run /etc/init.d/apache2 reload to enable.
root@barracuda:/etc/apache2/sites-available# invoke-rc.d apache2 reload
* Reloading web server config apache2
Warning: DocumentRoot [/usr/share/php-syslog-ng/html] does not exist
...done.
Feb 16th 2009, by
alex
You may not extracted the php-syslog-ng archive correctly.
For further investigation, please run the following command and post it's output here:
ls /usr/share/php-syslog-ng
Thanks
---
View my profile
You may not extracted the php-syslog-ng archive correctly.
For further investigation, please run the following command and post it's output here:
ls /usr/share/php-syslog-ng
Thanks
---
View my profile
Dec 1st 2009, by
Guest
Hi Alex,
This is my problem.
root@NOCServer:/usr/share# mysql -u root
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
I'm always having this kind of problem.
Please help i'm not really good at this.
TIA :)
Arfel
Hi Alex,
This is my problem.
root@NOCServer:/usr/share# mysql -u root
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
I'm always having this kind of problem.
Please help i'm not really good at this.
TIA :)
Arfel
Dec 3rd 2009, by
alex
Yow will need to run MySQL in safe mode to reset the "root" password if you don't know it, read here for how-to.
If you do know the password, then run the command with "-p" parameter, e.g.:
mysql -u root -p
---
View my profile
Yow will need to run MySQL in safe mode to reset the "root" password if you don't know it, read here for how-to.
If you do know the password, then run the command with "-p" parameter, e.g.:
mysql -u root -p
---
View my profile
Dec 28th 2009, by
Guest
Where are these directories?
Configure write permissions for apache on required directories
# sudo chmod 777 html/config/ html/jpcache/
Thank you,
Joshua Bruner
Where are these directories?
Configure write permissions for apache on required directories
# sudo chmod 777 html/config/ html/jpcache/
Thank you,
Joshua Bruner
Dec 29th 2009, by
alex
They are in "/usr/share/php-syslog-ng", if you follow the guide step by step you will be already inside the directory.
---
View my profile
Where are these directories?
Configure write permissions for apache on required directories
# sudo chmod 777 html/config/ html/jpcache
They are in "/usr/share/php-syslog-ng", if you follow the guide step by step you will be already inside the directory.
---
View my profile
Jan 8th 2010, by
Guest
syslog-ng does not send the messages to mysql. I already saw all the permissions, but neither the connection at mysql starts (tcpdump).
syslog-ng does not send the messages to mysql. I already saw all the permissions, but neither the connection at mysql starts (tcpdump).
Jan 8th 2010, by
alex
Did you follow the guide exactly as it written?
---
View my profile
syslog-ng does not send the messages to mysql. I already saw all the permissions, but neither the connection at mysql starts (tcpdump).
Did you follow the guide exactly as it written?
---
View my profile
Feb 15th 2010, by
Guest
I have the same problem,
The data is stuck at the logfile, giving this error:
SysLog syslog-ng[3258]: I/O error occurred while writing; fd='12', error='Broken pipe (32)'
I have the same problem,
The data is stuck at the logfile, giving this error:
SysLog syslog-ng[3258]: I/O error occurred while writing; fd='12', error='Broken pipe (32)'
Feb 15th 2010, by
alex
Which version of PHP-Syslog-ng/Logzilla you trying to install?
---
View my profile
I have the same problem,
The data is stuck at the logfile, giving this error:
SysLog syslog-ng[3258]: I/O error occurred while writing; fd='12', error='Broken pipe (32)'
Which version of PHP-Syslog-ng/Logzilla you trying to install?
---
View my profile
Jul 15th 2010, by
Guest
i have a problem!
what your your_php-syslog-ng_url?
"Go to web browser for web installation (http:///install)"
how to know which is mine?
thanks
i have a problem!
what your your_php-syslog-ng_url?
"Go to web browser for web installation (http:///install)"
how to know which is mine?
thanks
Jul 15th 2010, by
alex
It depends on what IP address you apache binded. try your server IP address (type ifconfig to find it)
---
View my profile
i have a problem!
what your your_php-syslog-ng_url?
"Go to web browser for web installation (http:///install)"
how to know which is mine?
thanks
It depends on what IP address you apache binded. try your server IP address (type ifconfig to find it)
---
View my profile
Jul 15th 2010, by
Guest
wget http://php-syslog-ng.gdd.net/current.tgz
this not found
you have other?
wget http://php-syslog-ng.gdd.net/current.tgz
this not found
you have other?
Jul 15th 2010, by
Guest
"It depends on what IP address you apache binded. try your server IP address (type ifconfig to find it)"
my IP address is 192.168.3.124 and my address localhost is 127.0.0.1.
if i put my localhost address in web browser show "Its works", but i put's http://127.0.0.1/install show not found.
what's up?
"It depends on what IP address you apache binded. try your server IP address (type ifconfig to find it)"
my IP address is 192.168.3.124 and my address localhost is 127.0.0.1.
if i put my localhost address in web browser show "Its works", but i put's http://127.0.0.1/install show not found.
what's up?
Aug 18th 2010, by
Guest
Thanks for your tutorial.
I was a big help.
;-)
Alex MillĂ .
http://www.alexmilla.net
Thanks for your tutorial.
I was a big help.
;-)
Alex MillĂ .
http://www.alexmilla.net
Jan 27th 2011, by
Guest
Hi there. Great post. When I try the url/install I get a 404 not found. I've confirmed that I have that directory and the virtual host similar to yours (except for the host name). I've used logziall version 2.9.9o. Any ideas? Thanks
Hi there. Great post. When I try the url/install I get a 404 not found. I've confirmed that I have that directory and the virtual host similar to yours (except for the host name). I've used logziall version 2.9.9o. Any ideas? Thanks
Jan 27th 2011, by
Guest
I figured it out. I changed the root directory by adding /install to the end of the root directory you had.
I figured it out. I changed the root directory by adding /install to the end of the root directory you had.
Feb 21st 2011, by
Guest
same problem, if i put my localhost address in web browser show "Its works", but i put's http://127.0.0.1/install show not found.
Any idea?
thanks
same problem, if i put my localhost address in web browser show "Its works", but i put's http://127.0.0.1/install show not found.
Any idea?
thanks
Apr 11th 2011, by
Guest
hi alex,
when I execute this sudo perl -i -pe 's/\/www\/php-syslog-ng/\/usr\/share\/php-syslog-ng/g' *
I get this error message:
syntax error at -e line 1, at EOF
execution of -e aborted due to compilation errors
thanks for your reply
hi alex,
when I execute this sudo perl -i -pe 's/\/www\/php-syslog-ng/\/usr\/share\/php-syslog-ng/g' *
I get this error message:
syntax error at -e line 1, at EOF
execution of -e aborted due to compilation errors
thanks for your reply
Apr 12th 2011, by
alex
The command should work. Anyway try sed instead:
sudo sed -i 's/\/www\/php-syslog-ng/\/usr\/share\/php-syslog-ng/g' *
---
View my profile
hi alex,
when I execute this sudo perl -i -pe 's/\/www\/php-syslog-ng/\/usr\/share\/php-syslog-ng/g' *
I get this error message:
syntax error at -e line 1, at EOF
execution of -e aborted due to compilation errors
thanks for your reply
The command should work. Anyway try sed instead:
sudo sed -i 's/\/www\/php-syslog-ng/\/usr\/share\/php-syslog-ng/g' *
---
View my profile
Jun 30th 2011, by
Guest
hi alex..
when i execute
# sudo tar -x php-syslog-ng-1.0.6.tgz
my console just doesn't response and zip just don't get extracted.
Can you please help me witgh this issue? I am using Backtrack 5
hi alex..
when i execute
# sudo tar -x php-syslog-ng-1.0.6.tgz
my console just doesn't response and zip just don't get extracted.
Can you please help me witgh this issue? I am using Backtrack 5
Jun 30th 2011, by
Guest
Hey...solved that issue...i was having prob with the rar i downloaded..
i downloaded again and did it again
Hey...solved that issue...i was having prob with the rar i downloaded..
i downloaded again and did it again
Jun 30th 2011, by
Guest
hello alex,
I put up my url/install in browser but it says 404-The requested URL /install was not found on this server.
Apache2 is running fine.
all the other steps in the guide were executed correctly.
I read the earlier post also and the solution that guest has given but i just couldn't get it..
I am new to Linux..I am using Backtrack5
Can you help me out plz..??
hello alex,
I put up my url/install in browser but it says 404-The requested URL /install was not found on this server.
Apache2 is running fine.
all the other steps in the guide were executed correctly.
I read the earlier post also and the solution that guest has given but i just couldn't get it..
I am new to Linux..I am using Backtrack5
Can you help me out plz..??
Jun 30th 2011, by
alex
This guide was tested on Debian based distributions like Ubuntu. I'm not familiar with Backtrack, I know that it's purpose is not intended to be for server installations.
---
View my profile
hello alex,
I put up my url/install in browser but it says 404-The requested URL /install was not found on this server.
Apache2 is running fine.
all the other steps in the guide were executed correctly.
I read the earlier post also and the solution that guest has given but i just couldn't get it..
I am new to Linux..I am using Backtrack5
Can you help me out plz..??
This guide was tested on Debian based distributions like Ubuntu. I'm not familiar with Backtrack, I know that it's purpose is not intended to be for server installations.
---
View my profile
Jun 30th 2011, by
Guest
Not a problem...can you provide me the general solution for ubuntu..
Because the other user has also face the same prob and posted the solution which i couldn't uderstand.
If you can just explain that...it would be helpful
Not a problem...can you provide me the general solution for ubuntu..
Because the other user has also face the same prob and posted the solution which i couldn't uderstand.
If you can just explain that...it would be helpful
Jul 1st 2011, by
Guest
Guys ...I got the solution..whoever is facing url/install - 404-page not found error.
You need to change the path in apache's default file configuration.
the path in my system was /etc/apache2/sites-available/default
change from /var/www to /usr/share/php-syslog-ng/html (there will be such 2 changes in file).
Now start the apache server again and put http://localhost/install and you will see the configuration page.
change everything to green
Note : 1) You need to create php-syslog-ng folder in /usr/share even if you have higher version
2) I installed it on Backtrack5 , so the path may change according linux.
Guys ...I got the solution..whoever is facing url/install - 404-page not found error.
You need to change the path in apache's default file configuration.
the path in my system was /etc/apache2/sites-available/default
change from /var/www to /usr/share/php-syslog-ng/html (there will be such 2 changes in file).
Now start the apache server again and put http://localhost/install and you will see the configuration page.
change everything to green
Note : 1) You need to create php-syslog-ng folder in /usr/share even if you have higher version
2) I installed it on Backtrack5 , so the path may change according linux.
Jul 19th 2011, by
Guest
I'm trying to make this fly on ubuntu server 11.04, just downloaded from Ubuntu.
I needed to make a few changes to the document, and I got everything working up until the update to syslog-ng.conf. When I added the configuration from the documentation, and restart syslog, nothing shows up in the database. So, I tried to STOP and START syslog-ng. This is where I had an error:
$ sudo invoke-rc.d syslog-ng start
* Starting system logging syslog-ng
Error in configuration, unresolved source reference; source='s_all'
[fail]
invoke-rc.d: initscript syslog-ng, action "start" failed.
$
If I remove the configuration change, it starts fine. The configuration change/update I added (as described above):
destination d_mysql {
program("/usr/bin/mysql -usyslogadmin -psyslogadmin syslog"
template("INSERT INTO logs (host, facility, priority, level, tag, datetime, program, msg)
VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n")
template-escape(yes));
};
log {
source(s_all);
destination(d_mysql);
};
----
Ideas? Once I get it working, I'll provide complete updates I needed to make in order to make it work this far.
Thanks!
I'm trying to make this fly on ubuntu server 11.04, just downloaded from Ubuntu.
I needed to make a few changes to the document, and I got everything working up until the update to syslog-ng.conf. When I added the configuration from the documentation, and restart syslog, nothing shows up in the database. So, I tried to STOP and START syslog-ng. This is where I had an error:
$ sudo invoke-rc.d syslog-ng start
* Starting system logging syslog-ng
Error in configuration, unresolved source reference; source='s_all'
[fail]
invoke-rc.d: initscript syslog-ng, action "start" failed.
$
If I remove the configuration change, it starts fine. The configuration change/update I added (as described above):
destination d_mysql {
program("/usr/bin/mysql -usyslogadmin -psyslogadmin syslog"
template("INSERT INTO logs (host, facility, priority, level, tag, datetime, program, msg)
VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n")
template-escape(yes));
};
log {
source(s_all);
destination(d_mysql);
};
----
Ideas? Once I get it working, I'll provide complete updates I needed to make in order to make it work this far.
Thanks!
Jul 19th 2011, by
Guest
Also, more version info. Everything was installed via the repositories except for php-syslog-ng, which I got from sourcefourge:
php-syslog-ng-2.9.1r10.tar.gz
$ sudo syslog-ng -V
syslog-ng 3.1.3
Installer-Version: 3.1.3
Revision: ssh+git://bazsi@git.balabit//var/scm/git/syslog-ng/syslog-ng-ose--mainline--3.1#master#def34661b08109f8148904b860457d5747c425b3
Compile-Date: Feb 3 2011 15:58:49
Enable-Threads: on
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-Sun-STREAMS: off
Enable-Sun-Door: off
Enable-IPv6: on
Enable-Spoof-Source: on
Enable-TCP-Wrapper: on
Enable-SSL: on
Enable-SQL: on
Enable-Linux-Caps: on
Enable-Pcre: on
$
$ uname -a
Linux ngbox 2.6.38-8-server #42-Ubuntu SMP Mon Apr 11 03:49:04 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
$
Also, more version info. Everything was installed via the repositories except for php-syslog-ng, which I got from sourcefourge:
php-syslog-ng-2.9.1r10.tar.gz
$ sudo syslog-ng -V
syslog-ng 3.1.3
Installer-Version: 3.1.3
Revision: ssh+git://bazsi@git.balabit//var/scm/git/syslog-ng/syslog-ng-ose--mainline--3.1#master#def34661b08109f8148904b860457d5747c425b3
Compile-Date: Feb 3 2011 15:58:49
Enable-Threads: on
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-Sun-STREAMS: off
Enable-Sun-Door: off
Enable-IPv6: on
Enable-Spoof-Source: on
Enable-TCP-Wrapper: on
Enable-SSL: on
Enable-SQL: on
Enable-Linux-Caps: on
Enable-Pcre: on
$
$ uname -a
Linux ngbox 2.6.38-8-server #42-Ubuntu SMP Mon Apr 11 03:49:04 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
$
Jul 19th 2011, by
alex
After reading your config, it looks little bit different then the debian one.
replace: source(s_all);
with: source(s_src);
should work
---
View my profile
After reading your config, it looks little bit different then the debian one.
replace: source(s_all);
with: source(s_src);
should work
---
View my profile
Jul 19th 2011, by
Guest
Alex:
That did it. Thanks! I'll send a list of changes I did in order to make it work for me.
Alex:
That did it. Thanks! I'll send a list of changes I did in order to make it work for me.
Jul 19th 2011, by
Guest
What is the significance of this step:
Copy logrotate.d file:
# sudo cp /usr/share/php-syslog-ng/scripts/logrotate.d /etc/logrotate.d/php-syslog-ng
Since cron seems to run this from the original path:
@daily php /usr/share/php-syslog-ng/scripts/logrotate.php >> /var/log/php-syslog-ng/logrotate.log
? (actually, I couldn't find a logrotate.d file, but did find a logrotate.php file in that directory)
What is the significance of this step:
Copy logrotate.d file:
# sudo cp /usr/share/php-syslog-ng/scripts/logrotate.d /etc/logrotate.d/php-syslog-ng
Since cron seems to run this from the original path:
@daily php /usr/share/php-syslog-ng/scripts/logrotate.php >> /var/log/php-syslog-ng/logrotate.log
? (actually, I couldn't find a logrotate.d file, but did find a logrotate.php file in that directory)
Jul 21st 2011, by
Guest
Hi,
This version of php-syslog-ng is *very* old and no longer supported.
I am the author of this code. The new version, now known as LogZilla (I am still the author) can be found at http://www.logzilla.pro
Support forums:
http://forum.logzilla.pro
Thanks!
Clayton Dukes (cdukes_at_logzilla.pro)
Hi,
This version of php-syslog-ng is *very* old and no longer supported.
I am the author of this code. The new version, now known as LogZilla (I am still the author) can be found at http://www.logzilla.pro
Support forums:
http://forum.logzilla.pro
Thanks!
Clayton Dukes (cdukes_at_logzilla.pro)
Jul 21st 2011, by
alex
Must be my article is popular if authors of the software are commenting here :)
Anyway, you totally right. This is very old article, and must be updated, unfortunately I no longer using the software, so no reason to update.
---
View my profile
Hi,
This version of php-syslog-ng is *very* old and no longer supported.
I am the author of this code. The new version, now known as LogZilla (I am still the author) can be found at http://www.logzilla.pro
Support forums:
http://forum.logzilla.pro
Thanks!
Clayton Dukes (cdukes_at_logzilla.pro)
Must be my article is popular if authors of the software are commenting here :)
Anyway, you totally right. This is very old article, and must be updated, unfortunately I no longer using the software, so no reason to update.
---
View my profile
Jul 27th 2011, by
Guest
Guys
You need to ensure the virtual host port is also open, you can do this by editing /etc/apache2/ports.conf
If you dont edit this file then you will not be able to run /install
Hope this helps
I have it running on Ubuntu 11.04
Author - Many thanks for the help
Guys
You need to ensure the virtual host port is also open, you can do this by editing /etc/apache2/ports.conf
If you dont edit this file then you will not be able to run /install
Hope this helps
I have it running on Ubuntu 11.04
Author - Many thanks for the help
Aug 2nd 2011, by
Guest
para agregar los log's de servidores que corren windows server que tengo que hacer, instalar algun demonio o algo, y que archivos modificar para la recepcion de los mismos..??
para agregar los log's de servidores que corren windows server que tengo que hacer, instalar algun demonio o algo, y que archivos modificar para la recepcion de los mismos..??
Sep 26th 2011, by
Guest
hello
I finished installing my server syslog-ng and the interface logzilla.
I want the logs from switches and routers are sent to the server so I can review them, but the problem is that I do not know how to configure them.
PLEASE HELP ME.
hello
I finished installing my server syslog-ng and the interface logzilla.
I want the logs from switches and routers are sent to the server so I can review them, but the problem is that I do not know how to configure them.
PLEASE HELP ME.
Sep 26th 2011, by
alex
You'll need to dig into your switches manual...
---
View my profile
hello
I finished installing my server syslog-ng and the interface logzilla.
I want the logs from switches and routers are sent to the server so I can review them, but the problem is that I do not know how to configure them.
PLEASE HELP ME.
You'll need to dig into your switches manual...
---
View my profile
Sep 26th 2011, by
Guest
ahh okey there is not a general configuration, it depending on the mark of equipment.
and for the hosts, how we can add them to see their logs??
ahh okey there is not a general configuration, it depending on the mark of equipment.
and for the hosts, how we can add them to see their logs??
Sep 26th 2011, by
alex
After you set your devices to forward logs to the syslog server, they will be added to the web interface automatically
---
View my profile
ahh okey there is not a general configuration, it depending on the mark of equipment.
and for the hosts, how we can add them to see their logs??
After you set your devices to forward logs to the syslog server, they will be added to the web interface automatically
---
View my profile
Sep 26th 2011, by
Guest
but how to set it to forward logs to the syslog server?
can we see the logs of PC (windows7)
but how to set it to forward logs to the syslog server?
can we see the logs of PC (windows7)
Sep 26th 2011, by
alex
Sorry, I don't fully understand what you asking.
You can see the logs of Windows 7 if you install a syslog service similar to this.
---
View my profile
but how to set it to forward logs to the syslog server?
can we see the logs of PC (windows7)
Sorry, I don't fully understand what you asking.
You can see the logs of Windows 7 if you install a syslog service similar to this.
---
View my profile
Sep 26th 2011, by
Guest
yeah I know, I dont speak english very well but I can understand what you write.
Thank you very much, you're very helpful I'll go to this website to see it
yeah I know, I dont speak english very well but I can understand what you write.
Thank you very much, you're very helpful I'll go to this website to see it
Jan 7th 2012, by
Guest
hello i m unable for package installation in ubuntu
hello i m unable for package installation in ubuntu
Feb 22nd 2012, by
Guest
Hi Alex, can you help me please;
This is my problem:
when I get a step "Main Site: Login using admin and the password you selected on screen 5"
in this steps the browser appears to me "Not Found The requested URL /login.php was not found on this server. Apache/2.2.14 (Ubuntu) Server at localhost Port 80" !!!!!
Hi Alex, can you help me please;
This is my problem:
when I get a step "Main Site: Login using admin and the password you selected on screen 5"
in this steps the browser appears to me "Not Found The requested URL /login.php was not found on this server. Apache/2.2.14 (Ubuntu) Server at localhost Port 80" !!!!!