{"id":3321,"date":"2014-04-30T11:26:07","date_gmt":"2014-04-30T03:26:07","guid":{"rendered":"http:\/\/blog.hmouse.tk\/?p=3321"},"modified":"2015-06-07T11:22:04","modified_gmt":"2015-06-07T03:22:04","slug":"loganalyzer%e6%97%a5%e5%bf%97%e7%b3%bb%e7%bb%9f","status":"publish","type":"post","link":"https:\/\/www.hmouse.cn\/?p=3321","title":{"rendered":"loganalyzer\u65e5\u5fd7\u7cfb\u7edf"},"content":{"rendered":"<p>\u67b6\u6784<\/p>\n<p>logger\u00a0 + rsyslog +\u00a0 loganalyzer<\/p>\n<p>\u5176\u4e2d\u6700\u4e3b\u8981\u7684\u662frsyslog \u670d\u52a1\u5668<\/p>\n<p>tail -n 1000 $rizhi2 |\u00a0 grep &#8220;$date_3\\|$date_1&#8221; | grep &#8220;$date_2\\|$date_4&#8243; | logger -t $jklog -p local6.err<\/p>\n<p>\u901a\u8fc7 logger\u00a0 \u5b9a\u5411\u62a5\u544a\u7ed9rsyslog\u00a0 \u7684 local6.err\u00a0 \uff08\u6307\u5b9a\u7c7b\u578b local6 \u7684err \u5176\u4ed6\u7c7b\u578b\u53ef\u4ee5\u81ea\u5df1\u5b9a\u4e49\uff09<\/p>\n<p>\u5176\u4e2d\u8981\u4f7frsyslog\u8bb0\u5f55\u5230\u6570\u636e\u5e93\uff0c\u8981\u5b89\u88c5<\/p>\n<p>rsyslog-mysql<\/p>\n<p>\u7136\u540e\u4fee\u6539 \/etc\/rsyslog.conf<\/p>\n<p>\u6dfb\u52a0<\/p>\n<p>$ModLoad ommysql.so<br \/>\n$template insertpl,&#8221;insert into SystemEvents (Message, Facility, FromHost, FromIP, Priority, DeviceReportedTime, ReceivedAt, InfoUnitID, SysLogTag) values (&#8216;%msg%&#8217;, %syslogfacility%, &#8216;%HOSTNAME%&#8217;, &#8216;%fromhost-ip%&#8217;, %syslogpriority%, &#8216;%timereported:::date-mysql%&#8217;, &#8216;%timegenerated:::date-mysql%&#8217;, %iut%, &#8216;%syslogtag%&#8217;)&#8221;,SQL<\/p>\n<p>\u56e0\u4e3a\u6211\u8fd9\u91cc\u6dfb\u52a0\u4e86 hostname \u53ef\u80fd\u8ddf\u7f51\u4e0a\u5199\u7684\u4e0d\u662f\u4e00\u6837<\/p>\n<p>\u5177\u4f53loganalyzer\u00a0 \u6dfb\u52a0hostname\u7684\u65b9\u6cd5\uff0c\u5927\u5bb6\u53ef\u4ee5\u7f51\u4e0a\u67e5\u4e0b\u3002<\/p>\n<p>\u53c2\u8003\uff1a<a title=\"http:\/\/gm100861.blog.51cto.com\/1930562\/1187180\" href=\"http:\/\/gm100861.blog.51cto.com\/1930562\/1187180\">http:\/\/gm100861.blog.51cto.com\/1930562\/1187180<\/a><\/p>\n<p>\u6211\u5f53\u65f6\u64cd\u4f5c\u65f6\u597d\u50cf\u6ca1\u90a3\u4e48\u9ebb\u70e6\uff0c\u597d\u50cf\u5728view\u4e0b\u6dfb\u52a0\u4e2ahost\u5c31\u53ef\u4ee5\u4e86\uff0c\u65b0\u5efa\u4e86<b>Database Field Mappings \u7c7b\u578b<\/b><\/p>\n<p><a href=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image4.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; padding-top: 0px; padding-left: 0px; margin: 0px; display: inline; padding-right: 0px; border: 0px;\" title=\"image\" src=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image_thumb4.png\" alt=\"image\" width=\"244\" height=\"156\" border=\"0\" \/><\/a><\/p>\n<p><a href=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image5.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; padding-top: 0px; padding-left: 0px; margin: 0px; display: inline; padding-right: 0px; border: 0px;\" title=\"image\" src=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image_thumb5.png\" alt=\"image\" width=\"244\" height=\"68\" border=\"0\" \/><\/a><\/p>\n<p><a href=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image6.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; padding-top: 0px; padding-left: 0px; margin: 0px; display: inline; padding-right: 0px; border: 0px;\" title=\"image\" src=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image_thumb6.png\" alt=\"image\" width=\"244\" height=\"137\" border=\"0\" \/><\/a><\/p>\n<p><a href=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image7.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; padding-top: 0px; padding-left: 0px; margin: 0px; display: inline; padding-right: 0px; border: 0px;\" title=\"image\" src=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image_thumb7.png\" alt=\"image\" width=\"244\" height=\"234\" border=\"0\" \/><\/a><\/p>\n<p>\u7136\u540e\u5c31\u662f\u5b89\u88c5loganalyzer\uff0c\u8fd9\u65b9\u9762\u7f51\u4e0a\u6587\u6863\u5f88\u591a\uff0c\u5927\u5bb6\u53ef\u4ee5\u81ea\u884c\u67e5\u627e\u3002<\/p>\n<p>\u5176\u5b9e\u6211\u8fd9\u53ea\u662f\u5b9a\u5411\u901a\u8fc7logger\u5199\u5165\uff0c\u4e5f\u53ef\u4ee5\u901a\u8fc7log4j \u548c syslog \u81ea\u52a8\u5199\u5165\u3002<\/p>\n<p>\u914d\u7f6e\u6dfb\u52a0rsyslog.conf<\/p>\n<p>*.* @172.21.27.1\u00a0 \uff08172.21.27.1\u65e5\u5fd7\u670d\u52a1\u5668\u7684ip\uff09<\/p>\n<p>\u91cd\u542f\u5373\u53ef\u3002<\/p>\n<p>PS \u518d\u5bfc\u5165\u6570\u636e\u5e93\u7684\u65f6\u5019\u4e2d\u6587\u53ef\u80fd\u4e71\u7801<\/p>\n<p>[client]<br \/>\ndefault-character-set=utf8<\/p>\n<p>\u8bf7\u5c06client\u5236\u5b9a\u5b57\u7b26\u7f16\u7801<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u67b6\u6784<\/p>\n<p>logger\u00a0 + rsyslog +\u00a0 loganalyzer<\/p>\n<p>\u5176\u4e2d\u6700\u4e3b\u8981\u7684\u662frsyslog \u670d\u52a1\u5668<\/p>\n<p>tail -n 1000 $rizhi2 |\u00a0 grep &#8220;$date_3\\|$date_1&#8221; | grep &#8220;$date_2\\|$date_4&#8243; | logger -t $jklog -p local6.err<\/p>\n<p>\u901a\u8fc7 logger\u00a0 \u5b9a\u5411\u62a5\u544a\u7ed9rsyslog\u00a0 \u7684 local6.err\u00a0 \uff08\u6307\u5b9a\u7c7b\u578b local6 \u7684err \u5176\u4ed6\u7c7b\u578b\u53ef\u4ee5\u81ea\u5df1\u5b9a\u4e49\uff09<\/p>\n<p>\u5176\u4e2d\u8981\u4f7frsyslog\u8bb0\u5f55\u5230\u6570\u636e\u5e93\uff0c\u8981\u5b89\u88c5<\/p>\n<p>rsyslog-mysql<\/p>\n<p>\u7136\u540e\u4fee\u6539 \/etc\/rsyslog.conf<\/p>\n<p>\u6dfb\u52a0<\/p>\n<p>$ModLoad ommysql.so<br \/>\n$template insertpl,&#8221;insert into SystemEvents (Message, Facility, FromHost, FromIP, Priority, DeviceReportedTime, ReceivedAt, InfoUnitID, SysLogTag) values (&#8216;%msg%&#8217;, %syslogfacility%, &#8216;%HOSTNAME%&#8217;, &#8216;%fromhost-ip%&#8217;, %syslogpriority%, &#8216;%timereported:::date-mysql%&#8217;, &#8216;%timegenerated:::date-mysql%&#8217;, %iut%, &#8216;%syslogtag%&#8217;)&#8221;,SQL<\/p>\n<p>\u56e0\u4e3a\u6211\u8fd9\u91cc\u6dfb\u52a0\u4e86 hostname \u53ef\u80fd\u8ddf\u7f51\u4e0a\u5199\u7684\u4e0d\u662f\u4e00\u6837<\/p>\n<p>\u5177\u4f53loganalyzer\u00a0 \u6dfb\u52a0hostname\u7684\u65b9\u6cd5\uff0c\u5927\u5bb6\u53ef\u4ee5\u7f51\u4e0a\u67e5\u4e0b\u3002<\/p>\n<p>\u53c2\u8003\uff1a<a title=\"http:\/\/gm100861.blog.51cto.com\/1930562\/1187180\" href=\"http:\/\/gm100861.blog.51cto.com\/1930562\/1187180\">http:\/\/gm100861.blog.51cto.com\/1930562\/1187180<\/a><\/p>\n<p>\u6211\u5f53\u65f6\u64cd\u4f5c\u65f6\u597d\u50cf\u6ca1\u90a3\u4e48\u9ebb\u70e6\uff0c\u597d\u50cf\u5728view\u4e0b\u6dfb\u52a0\u4e2ahost\u5c31\u53ef\u4ee5\u4e86\uff0c\u65b0\u5efa\u4e86<b>Database Field Mappings \u7c7b\u578b<\/b><\/p>\n<p><a href=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image4.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; padding-top: 0px; padding-left: 0px; margin: 0px; display: inline; padding-right: 0px; border: 0px;\" title=\"image\" src=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image_thumb4.png\" alt=\"image\" width=\"244\" height=\"156\" border=\"0\" \/><\/a><\/p>\n<p><a href=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image5.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; padding-top: 0px; padding-left: 0px; margin: 0px; display: inline; padding-right: 0px; border: 0px;\" title=\"image\" src=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image_thumb5.png\" alt=\"image\" width=\"244\" height=\"68\" border=\"0\" \/><\/a><\/p>\n<p><a href=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image6.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; padding-top: 0px; padding-left: 0px; margin: 0px; display: inline; padding-right: 0px; border: 0px;\" title=\"image\" src=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image_thumb6.png\" alt=\"image\" width=\"244\" height=\"137\" border=\"0\" \/><\/a><\/p>\n<p><a href=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image7.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; padding-top: 0px; padding-left: 0px; margin: 0px; display: inline; padding-right: 0px; border: 0px;\" title=\"image\" src=\"https:\/\/www.hmouse.cn\/wp-content\/uploads\/2014\/04\/image_thumb7.png\" alt=\"image\" width=\"244\" height=\"234\" border=\"0\" \/><\/a><\/p>\n<p>\u7136\u540e\u5c31\u662f\u5b89\u88c5loganalyzer\uff0c\u8fd9\u65b9\u9762\u7f51\u4e0a\u6587\u6863\u5f88\u591a\uff0c\u5927\u5bb6\u53ef\u4ee5\u81ea\u884c\u67e5\u627e\u3002<\/p>\n<p>\u5176\u5b9e\u6211\u8fd9\u53ea\u662f\u5b9a\u5411\u901a\u8fc7logger\u5199\u5165\uff0c\u4e5f\u53ef\u4ee5\u901a\u8fc7log4j \u548c syslog \u81ea\u52a8\u5199\u5165\u3002<\/p>\n<p>\u914d\u7f6e\u6dfb\u52a0rsyslog.conf<\/p>\n<p>*.* @172.21.27.1\u00a0 \uff08172.21.27.1\u65e5\u5fd7\u670d\u52a1\u5668\u7684ip\uff09<\/p>\n<p>\u91cd\u542f\u5373\u53ef\u3002<\/p>\n<p>PS \u518d\u5bfc\u5165\u6570\u636e\u5e93\u7684\u65f6\u5019\u4e2d\u6587\u53ef\u80fd\u4e71\u7801<\/p>\n<p>[client]<br \/>\ndefault-character-set=utf8<\/p>\n<p>\u8bf7\u5c06client\u5236\u5b9a\u5b57\u7b26\u7f16\u7801<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[137,136,138],"class_list":["post-3321","post","type-post","status-publish","format-standard","hentry","category-5","tag-loganalyzer","tag-136","tag-138","category-5-id","post-seq-1","post-parity-odd","meta-position-corners","fix"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.hmouse.cn\/index.php?rest_route=\/wp\/v2\/posts\/3321","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hmouse.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hmouse.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hmouse.cn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hmouse.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3321"}],"version-history":[{"count":3,"href":"https:\/\/www.hmouse.cn\/index.php?rest_route=\/wp\/v2\/posts\/3321\/revisions"}],"predecessor-version":[{"id":4389,"href":"https:\/\/www.hmouse.cn\/index.php?rest_route=\/wp\/v2\/posts\/3321\/revisions\/4389"}],"wp:attachment":[{"href":"https:\/\/www.hmouse.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3321"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hmouse.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3321"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hmouse.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3321"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}