[root@n2 ~]# yum -y install rsyslog


[root@py ~]# grep -v "^$" /etc/rsyslog.conf | grep -v "^#"

$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)

$ModLoad imklog   # provides kernel logging support (previously done by rklogd)

$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

$IncludeConfig /etc/rsyslog.d/*.conf

*.*                                                      @

*.*                                                      :ommysql:,Syslog,syslogroot,syslogpass

local7.*                                                /var/log/boot.log


[root@py ~]# service rsyslog restart

关闭系统日志记录器:                                       [确定]

启动系统日志记录器:                                       [确定]

[root@py ~]# chkconfig rsyslog on


[root@n2 ~]# grep -v "^$" /etc/rsyslog.conf | grep -v "^#"

$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)

$ModLoad imklog   # provides kernel logging support (previously done by rklogd)

$ModLoad imudp

$UDPServerRun 514

$ModLoad imtcp

$InputTCPServerRun 514

$Modload ommysql

$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

$IncludeConfig /etc/rsyslog.d/*.conf

*.*                                                      :ommysql:,Syslog,syslogroot,syslogpass

local7.*                                                /var/log/boot.log


~]# service rsyslog restart

~]# chkconfig rsyslog on


~]# yum -y install mysql-server rsyslog-mysql


[root@n2 ~]# rpm -ql rsyslog-mysql            #首先查看rsyslog-mysql安装生成了那些文件



/usr/share/doc/rsyslog-mysql-5.8.10/createDB.sql   #此sql文件就是需要导入到数据库中的数据文件


[root@n2 ~]# service mysqld start             #启动mysqld服务

[root@n2 ~]# mysql                            #连接mysql

Welcome to the MySQL monitor.  Commands end with ; or \g.

Your MySQL connection id is 2

Server version: 5.1.73 Source distribution


Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.


Oracle is a registered trademark of Oracle Corporation and/or its

affiliates. Other names may be trademarks of their respective



Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the current input statement.




mysql> show databases;


| Database           |


| information_schema |

| mysql              |

| test               |


3 rows in set (0.00 sec)  #此时,只有3个库


mysql> source /usr/share/doc/rsyslog-mysql-5.8.10/createDB.sql;   #导入rsyslog的数据文件

mysql> show databases;


| Database           |


| information_schema |

| Syslog             |

| mysql              |

| test               |


4 rows in set (0.01 sec)

mysql> use Syslog;              #Syslog即是记录日志文件的数据库

Reading table information for completion of table and column names

You can turn off this feature to get a quicker startup with -A

Database changed

mysql> show tables;


| Tables_in_Syslog       |


| SystemEvents           |

| SystemEventsProperties |


2 rows in set (0.00 sec)




mysql> grant all on Syslog.* to ‘syslogroot‘@‘‘ identified by ‘liwai8888‘;

Query OK, 0 rows affected (0.00 sec)

mysql> grant all on Syslog.* to ‘syslogroot‘@‘‘ identified by ‘liwai8888‘;

Query OK, 0 rows affected (0.04 sec)

mysql> flush privileges;

Query OK, 0 rows affected (0.00 sec)

mysql> \q




[root@n2 ~]# yum -y install httpd php php-mysql php-gd

[root@n2 ~]# mkdir /var/www/html/loganalyzer/

mkdir: created directory `/var/www/html/loganalyzer/‘


[root@n2 ~]# tar xf loganalyzer-3.6.5.tar.gz

[root@n2 ~]# cd loganalyzer-3.6.5

[root@n2 loganalyzer-3.6.5]# 

[root@n2 loganalyzer-3.6.5]# ls

ChangeLog  contrib  COPYING  doc  INSTALL  src

[root@n2 loganalyzer-3.6.5]# mv src/* /var/www/html/loganalyzer/          #src下是php的网页文件

[root@n2 loganalyzer-3.6.5]# ls contrib/

configure.sh  secure.sh

[root@n2 loganalyzer-3.6.5]# mv contrib/* /var/www/html/loganalyzer/      #contrib目录下的两个脚本,可以打开看看


[root@n2 loganalyzer-3.6.5]# cd /var/www/html/loganalyzer/

[root@n2 loganalyzer]# sh configure.sh                    #执行脚本



[root@n2 ~]# vim /etc/httpd/conf/httpd.conf 

DocumentRoot "/var/www/html/loganalyzer"

[root@n2 ~]# service httpd start


[root@n2 ~]# chkconfig mysqld on

[root@n2 ~]# chkconfig httpd on


[root@n2 ~]# mysql

Enter password:

mysql> create database loganalyzer;

Query OK, 1 row affected (0.04 sec)

mysql> grant all on loganalyzer.* to min@‘‘ identified by ‘liwai8888‘;

Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;

Query OK, 0 rows affected (0.00 sec)


 主要错误在数据库的大小写以及数据库的用户名密码,一般都要安装2次,第2次必须删除里面的config.php,然后再在下一步运行sh configure.sh生成config.php。然后你并可以开始使用它了。(不知道为啥复制不了图,所以只能这样谈谈我遇到的错误与解决方法)。

