Setup Syslog Server Ubuntu With LogAnalyzer

In this post I will discuss about setup syslog server on ubuntu with sysloganalyzer, initially you have to prepare is
1) Set up the syslog server to record messages from both local and remote sources.
2) Setup GUI front end which will show syslog items.

I have done this way on Ubuntu Server 10.04 and 12.04.
First we need some items added. I will add this right from the repository.

By typing the following command in your linux ubuntu server terminal
apt-get install build-essential apache2 php5 php5-gd libapache2-mod-php5 mysql-server php5-mysql rsyslog

Edit "/etc/rsyslog.conf" and uncomment or by adding the following command. because this command will set the server to receive inbound syslog message in port UDP 514.
# provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

The next step, because log analyzer running on php program, then we need to tell apache how to handle php page. Edit "/etc/apache2/apache2.conf" and add the following command under its "DefaultType None"
DefaultType text/plain
Addtype application/x-httpd-php .php

Note: If this step is not done correctly, then you will get a message when loading syslog web page which will ask you to save the file because Apache is displaying the file.

Now go to LogAnalyzer. Then download the latest log analyzer from the adiscon website at ""
after you download the file then you type the following command on your linux aterminal:
cd /opt

Extract the file by typing the command on your terminal
gunzip loganalyzer-3.5.6.tar.gz
tar -xvf loganalyzer-3.5.6.tar

Copy the LogAnalyzer folder "/ src /" to the Apache root www or to the subfolder, copy the script and then install it, then create the executable, then run the install script. It's important to run a configure script from the same directory that will store the syslog php file.
mkdir /var/www/syslog
cp -r /opt/loganalyzer-3.5.6/src/* /var/www/syslog
cp -r /opt/loganalyzer-3.5.6/contrib/*.sh /var/www/syslog
chmod +x /var/www/syslog/*.sh
cd /var/www/syslog/

You must grant Apache access to syslog.
usermod -G adm www-data

Use a web browser to hit new web services at "http: //SERVERNAME/syslog/index.php". Next time your page will raise a message stating that the service is not configured. Then you should follow the last steps to set up your syslog.

Click here for Comments