File: INSTALL

package info (click to toggle)
loganalyzer 4.1.5+dfsg-2
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, buster, sid
  • size: 9,360 kB
  • ctags: 12,591
  • sloc: php: 56,221; sh: 66; makefile: 15
file content (210 lines) | stat: -rw-r--r-- 8,449 bytes parent folder | download | duplicates (3)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210

 LogAnalyzer Installation help
 ----------------------------------

 To install LogAnalyzer, you will need:

 * Apache or IIS Webserver
 * PHP5 

 Optionally, you may need:

 * MySQL Database

 For obvious reasons, you also need some syslog data. Any standard
 syslogd will do. From a feature and stability point of view, we
 recommend either one of these (which we also wrote ;)):

 - WinSyslog (for Windows Environments - http://www.winsyslog.com)
 - rsyslog (for Linux/Unix Environments - http://www.rsyslog.com)

 Both of them are also capable to writing to a database. Rsyslog is
 a drop-in replacement for stock syslogd and also *is* the stock
 syslogd on some platforms (e.g. Fedora 8 and above).

 Installation in Detail
 ----------------------

  1. Upload all files from the loganalyzer/src/ folder to you webserver. 
     The other files are not needed on the webserver. 

  2. If your webserver has write access to the LogAnalyzer folder, 
     you can skip the following step: 
     
         Upload the scripts configure.sh and secure.sh from the 
         contrib folder to your webserver, into the same folder 
	 where you uploaded the other LogAnalyzer files into. Then set 
	 the execution flag to them (chmod +x configure.sh secure.sh). 
         
         Now run ./configure.sh, this will create a blank config.php, 
         and will also set write access to everyone to it.
         
         You can of course do this manually if you want. 

  3. Now open your LogAnalyzer installation in your favourite webbrowser,
     you will see an error, and you will be pointed to the installation 
     script. The install script will guide you through the LogAnalyzer 
     installation, just follow the instructions.
 
  3.1 Step 1 - Prerequisites Beginning of installation / welcome site
	       This is the first page of the installation. It just tells
	       you, that before installing, some file permission have to
	       be checked. Simply click "Next" to start the process.

  3.2 Step 2 - Verify the file permissions
	       Here you will see, if the config.php can be written or not.
	       If it cannot be written, you have to repeat the complete
	       Step 2.

  3.3 Step 3 - Basic Configuration
	       You can set several basic options here. 

	       - Number of syslog messages per page = 50 (default)
	       This is the number of syslog messages displayed on each page. 
	       You can increase the value (makes LogAnalyzer slower) or decrease
	       the value (makes it faster). 

	       - Message character limit for the main view = 80 (default)
	       Set the number of characters per message which will be shown
	       in the last column of the main view. Full messages can be
	       reviewed by hovering the mouse over it.

	       - Show message details popup (default yes) = yes (default) 
	       Here you can set, if you want the small window with the complete 
	       message to pop up if you are hovering over a event with the 
	       cursor. If you choose "No", then you have to click on the
	       message to see the details.

  3.4 Step 4 - not implemented yet

  3.5 Step 5 - not implemented yet

  3.6 Step 6 - not implemented yet

  3.7 Step 7 - Create the first source for syslog messages
	       This is the most important step. Here, you will configure
	       your first data source, which holds all your syslog data.

	       Mainly, you have to choose a "Name of the Source" and a 
	       "Source Type". The name will be displayed later in a drop-down
	       menu with which you choose your active syslog source. The 
	       "Source Type" can be a file, a MySQL database or the PHP PDO
	       which supports different database types like mssql, PostgreSQL, 
	       odbc, oracle or even ibm db2.


	       If you choose the diskfile, you have to provide the following
	       information:

	       - Logline Type = Syslog / Rsyslog (default) or Adiscon WinSyslog
	       This tells LogAnalyzer, how the lines look like. This is 
	       necessary for show the log messages properly.

	       - Syslog File = /var/log/syslog (default)
	       This is the position of the logfile in your file system.


	       If you choose MySQL native as data source, following information
	       is needed:

	       - Table Type = monitorware (default)
	       This is the table layout. Currently, you can use "monitorware" 
	       or "syslogng". For more details see "Note on MySQL Databases"
	       below.

	       - Database Host = localhost (default)
	       This is the host, where the database is located. By default this
	       is localhost. You can specify any other host if necessary.

	       - Database Name = loganalyzer (default)
	       The name of the database you want to use.

	       - Database Tablename = systemevents (default)
	       This is the name of the table in which the data is stored. The 
	       default tablename corresponds to the tables created with the 
	       MonitorWare Line of products.

	       - Database User = user (default)
	       The username for the database.

	       - Database Password = not set by default
	       The password for the username.

	       - Enable Row Counting = No (default)
	       If configured to "Yes", the amount of rows in the table will be 
	       counted with every query, giving you the total records for your
	       search, though having a lot of impact on your system when using
	       a very large database. If configured to "No", the rows will not
	       be counted, providing you a lot more performance.	     


	       If you choose Database (PDO), the following has to be defined:

	       - Database Storage Engine = MySQL Server (default)
	       Choose the engine of the database you are using. The databases 
	       are available: MySQL Server, Microsoft SQL Server, ODBC 
	       Database Connection, PostgreSQL, Oracle Call Interface, IBM
	       DB2, Firebird/Interbase 6, IBM Informix Dynamic Server, 
	       SQLite 2.

	       - Table Type = monitorware (default)
	       This is the table layout. Currently, you can use "monitorware" 
	       or "syslogng". For more details see "Note on MySQL Databases"
	       below.

	       - Database Host = localhost (default)
	       This is the host, where the database is located. By default this
	       is localhost. You can specify any other host if necessary.

	       - Database Name = loganalyzer (default)
	       The name of the database you want to use.

	       - Database Tablename = systemevents (default)
	       This is the name of the table in which the data is stored. The 
	       default tablename corresponds to the tables created with the 
	       MonitorWare Line of products.

	       - Database User = user (default)
	       The username for the database.

	       - Database Password = not set by default
	       The password for the username.

	       - Enable Row Counting = No (default)
	       If configured to "Yes", the amount of rows in the table will be 
	       counted with every query, giving you the total records for your
	       search, though having a lot of impact on your system when using
	       a very large database. If configured to "No", the rows will not
	       be counted, providing you a lot more performance.	      

  3.8 Step 8 - Finish



  4. If everything went right, you should see syslog messages already 
     in your LogAnalyzer installation. You can now remove the install.php 
     script now. 


Note on Accesing Files
--------------------------------
In most environments the webserver has only access to the web directory.
If you want to read files e.g. from /var/log/ you have to grant
the necessary permisson to your webserver.

Of course, you always need to make sure that the user the web server
runs under also has the correct file permissions. Be careful when doing
this, you may create a security vulnerability by granting too much
to too many users.
 
 
Note on MySQL Databases
--------------------------------
 
LogAnalyzer does support using a MySQL database as syslog source. 
LogAnalyzer supports Adiscon's MonitorWare database schema. The schema
used by php-syslog-ng is also partly supported. That schema, however, is
somewhat inefficient in that it stores facility and severity codes as
textual values. We do not currently convert these values back to their
native format and consequently facility and severity can not be taken
from a php-syslog-ng database.