Rsyslog MySQL Backup with Loganalyzer

In many cases, syslog data is simply written to text files. This approach has some advantages, most notably it is very fast and efficient. However, data stored in text files is not readily accessible for real-time viewing and analysis. To do that, the messages need to be in a database.

Here I will setup rsyslog to write data to MySQL database.

1. Install rsyslog and mysql-server first.

sudo apt-get install rsyslog mysql-server

2. Install rsyslog mysql plugin.

sudo apt-get install rsyslog-mysql

3. Choose Yes and allow dbconfig-common to auto configure rsyslog-mysql.

4. It will auto setup /etc/rsyslog.d/mysql.conf with the MySQL database credentials.

5. Restart rsyslog service with the new settings.

sudo systemctl restart rsyslog

6. Run mysql command to check the Syslog tables.

mysql -h localhost -u rsyslog -pP@ssw0rd Syslog -e "select * from SystemEvents"

7. Alternative setup loganalyzer to display the syslog data in webpage.

Land Of Night and Day

Search This Blog

Technitium DNS server zone high-availability

Rsyslog MySQL Backup with Loganalyzer

Comments