rsyslog 重新整理
几年前用的rsyslog今天重新整理一下
部分参考http://www.gaizaoren.org/archives/408
环境centos6.5
yum install rsyslog yum install mysql-server yum install rsyslog-mysql yum install httpd php php-mysyql php-gd
cd/usr/share/doc/rsyslog-mysql-5.8.10
mysql<createDB.sql
会在mysql中建立两个表
SystemEvents
SystemEventsProperties
下面配置正确,SystemEvents中会有数据
mysql的支持
需要在
/etc/rsyslog.conf
中添加
$ModLoad imudp $ModLoad ommysql $UDPServerRun 514 12.* /opt/log/meedo.log 12.* :ommysql:127.0.0.1,Syslog,root,密码;
Syslog是createDB.sql建的库名
root是mysql用户
密码是mysql的密码
注意这里为12,后面客户端用到,开始设置local0---local6,php的接口获取不到,所以设置为12,貌似php只能支持到14,local0是16,local1是17,顺次往上
log4j指定12和php的udp头里面指定12
完整的rsyslog.conf为
[root@host-10-6-6-4 rsyslog-mysql-5.8.10]# cat /etc/rsyslog.conf $ModLoad imuxsock # provides support for local system logging (e.g. via logger command) $ModLoad imklog # provides kernel logging support (previously done by rklogd) #$ModLoad immark # provides --MARK-- message capability $ModLoad imudp $ModLoad ommysql $UDPServerRun 514 12.* /opt/log/meedo.log 12.* :ommysql:127.0.0.1,Syslog,root,haoning; $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat $IncludeConfig /etc/rsyslog.d/*.conf *.info;mail.none;authpriv.none;cron.none /var/log/messages authpriv.* /var/log/secure mail.* -/var/log/maillog cron.* /var/log/cron *.emerg * uucp,news.crit /var/log/spooler local7.* /var/log/boot.log [root@host-10-6-6-4 rsyslog-mysql-5.8.10]#
修改/etc/sysconfig/rsyslog
# Options for rsyslogd # Syslogd options are deprecated since rsyslog v3. # If you want to use them, switch to compatibility mode 2 by "-c 2" # See rsyslogd(8) for more details #SYSLOGD_OPTIONS="-c 5" SYSLOGD_OPTIONS=" -m 0 -r"
servicersyslogrestart
java客户端
import org.slf4j.Logger; import org.slf4j.LoggerFactory; public class TestLog { private static final Logger logger = LoggerFactory.getLogger(TestLog.class); public static void main(String[] args) { logger.info("test haoning haha this is 123"); } }
log4j配置
log4j.rootLogger=INFO,CONSOLE,SYSLOG #log4j.rootLogger=INFO,SYSLOG,CONSOLE,DAILY_ROLLING_FILE log4j.addivity.org.apache=true log4j.debug=false ################### # Console Appender ################### log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender log4j.appender.CONSOLE.Target=System.out log4j.appender.CONSOLE.Threshold=DEBUG log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout log4j.appender.CONSOLE.layout.ConversionPattern=[%-5p] %d{yyyy-MM-dd HH:mm:ss} %l %m%n ######################## # RSYSLOG ######################## app.name=haohao log4j.appender.SYSLOG=org.apache.log4j.net.SyslogAppender log4j.appender.SYSLOG.SyslogHost= 103.227.81.149 log4j.appender.SYSLOG.Facility=12 log4j.appender.SYSLOG.Threshold=INFO log4j.appender.SYSLOG.layout=org.apache.log4j.PatternLayout log4j.appender.SYSLOG.layout.ConversionPattern=${app.name} %d{yyyy-MM-dd HH:mm:ss} %c:%L %m%n
java需要三个jar
log4j-1.2.17.jar
slf4j-api-1.7.5.jar
slf4j-log4j12-1.7.5.jar
注意这里Facility用的12,跟rsyslog配置的一样
运行就写入这台机器了
php的客户端
private static function mgsyslog($level,$msg) { $server="103.227.81.149"; $port=514; $facility=1; $pid=posix_getpid(); $process="PHP[${pid}]"; $actualtime = time(); $month = date("M", $actualtime); $day = substr(" ".date("j", $actualtime), -2); $hhmmss = date("H:i:s", $actualtime); $timestamp = $month." ".$day." ".$hhmmss; $hostname=gethostname(); $pri = "<".($facility*8 + $level).">"; $header = $timestamp." ".$hostname; $message = substr($pri.$header." ".$process.": ".$msg, 0, 1024); $fp = fsockopen("udp://".$server, $port, $errno, $errstr); if ($fp) { fwrite($fp, $message); fclose($fp); return true; } return false; }
注意这里$pri计算生成的是12
调用
self::mgsyslog(4,"hahaokfromphp-thisis12-----");
相关推荐
使用Log4j的SystemLogAppender可以实现远程的日志输出,为集中式的日志管理提供便利。/etc/init.d/syslog start3. 在写日志的客户机上,修改log4j配置文件: