欢迎访问我的博客,你的支持,是我最大的动力!

使用Rsyslog收集华为交换机日志并存入Mysql

Linux 小马奔腾 15042℃ 评论
目录:
[显示]

功能描述

利用Rsyslog收集华为交换机日志,并将日志存入Mysql数据库。日志主机使用CentOS7.3。华为交换机使用eNSP模拟,真实环境类似。

软件安装

rsyslog-8.24.0-12.el7.x86_64

rsyslog-mysql-8.24.0-12.el7.x86_64

mariadb-server-5.5.56-2.el7.x86_64

rsyslog配置

cat /etc/rsyslog.conf

测试:logger -p local1.info "test"

Mysql数据库

数据库初始化脚本:

SET FOREIGN_KEY_CHECKS=0;
CREATE DATABASE Rsyslog;
USE Rsyslog;
DROP TABLE IF EXISTS Rlog;
CREATE TABLE Rlog (
ID int(10) unsigned NOT NULL AUTO_INCREMENT,
Timegenerated datetime DEFAULT NULL,
Timereported datetime DEFAULT NULL,
Hostname varchar(60) DEFAULT NULL,
Hostip varchar(60) DEFAULT NULL,
Programname varchar(60) DEFAULT NULL,
Procid int(11) DEFAULT NULL,
Pritext varchar(60) DEFAULT NULL,
Syslogfacility smallint(6) DEFAULT NULL,
Syslogfacilitytext varchar(60) DEFAULT NULL,
Syslogpriority smallint(6) DEFAULT NULL,
Syslogprioritytext varchar(60) DEFAULT NULL,
Protocolversion smallint(6) DEFAULT NULL,
Inputname varchar(60) DEFAULT NULL,
Syslogtag varchar(60) DEFAULT NULL,
Msg text,
PRIMARY KEY (ID)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;

或者:

CREATE DATABASE Rsyslog;
USE Rsyslog;
CREATE TABLE Rlog
(
ID int unsigned not null auto_increment primary key,
Timegenerated datetime NULL,
Timereported datetime NULL,
Hostname varchar(60) NULL,
Hostip varchar(60) NULL,
Programname varchar(60) NULL,
Procid int NULL,
Pritext varchar(60) NULL,
Syslogfacility smallint NULL,
Syslogfacilitytext varchar(60) NULL,
Syslogpriority smallint NULL,
Syslogprioritytext varchar(60) NULL,
Protocolversion smallint NULL,
Inputname varchar(60) NULL,
Syslogtag varchar(60) NULL,
Msg text NULL
);

交换机配置

 

info-center loghost 192.168.10.27 facility local1

interface Vlanif1
ip address 192.168.10.20 255.255.255.0

 

华为交换机telnet配置

#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type telnet
#
user-interface con 0
user-interface vty 0 4
authentication-mode aaa
user privilege level 15
#

接入真实网络

设置NAT端口映射

注意:

宿主机也要对防火墙进行配置,在入方向允许TCP和UDP的514端口

 

 

 

 

 

 

转载请注明:轻风博客 » 使用Rsyslog收集华为交换机日志并存入Mysql

喜欢 (0)or分享 (0)