In this tutorial, we will show you how to install LogAnalyzer on CentOS 8. For those of you who didn’t know, In today’s complex IT environments, effective log management is crucial for troubleshooting, security analysis, and compliance purposes. LogAnalyzer is a powerful open-source log management and analysis tool that simplifies the process of collecting, storing, and analyzing log data from various sources. It provides a centralized web interface for searching, filtering, and visualizing log events, making it easier to identify issues and gain valuable insights.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of LogAnalyzer on the CentOS 8 system.
Prerequisites
- A server running one of the following operating systems: CentOS 8
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- A
non-root sudo useror access to theroot user. We recommend acting as anon-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Install LogAnalyzer on Centos 8
Step 1. The first step is to install the Apache web server and PHP, which are required to run LogAnalyzer. Update the system packages to ensure you have the latest versions:
sudo dnf clean all sudo dnf update
Step 2. Installing Apache on CentOS 8.
We will be installing Apache with dnf, which is the default package manager for CentOS 8:
sudo dnf install httpd
After installing Apache services on your system, start all required services:
systemctl restart httpd systemctl status httpd systemctl enable httpd
Then, allow the Apache HTTP server via the firewall:
firewall-cmd --add-port=80/tcp --zone=public --permanent
firewall-cmd --add-port=443/tcp --zone=public --permanent
firewall-cmd --add-port=514/{tcp,udp} --permanent
firewall-cmd --reload
You can verify that Apache is really running by opening your favorite web browser and entering the URL http://your-server's-address.
Step 3. Installing MariaDB on CentOS 8.
MariaDB is a drop-in replacement for MySQL. It is a robust, scalable, and reliable SQL server that comes with a rich set of enhancements. We will also be using yum to install MariaDB:
sudo dnf install mariadb-server rsyslog-mysql php-mysqlnd
By default, MariaDB is not hardened. You can secure MariaDB using the mysql_secure_installation script. you should read each step carefully which will set a root password, remove anonymous users, disallow remote root login, and remove the test database and access to secure MariaDB:
mysql_secure_installation
Then, restart the MariaDB database server and enable it to start on system start-up using:
systemctl restart mariadb systemctl status mariadb systemctl enable mariadb
Next, import the default database scheme offered by rsyslog using the below command:
mysql -u root -p < /usr/share/doc/rsyslog/mysql-createDB.sql
Let’s verify if the Syslog database was imported correctly and create a new user:
$ mysql -u root -p Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 20 Server version: 10.3.17-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | Syslog | | information_schema | | mysql | | performance_schema | +--------------------+ 4 rows in set (0.001 sec) MariaDB [(none)]> GRANT ALL ON Syslog.* TO 'rsyslog'@'localhost' IDENTIFIED BY 'Your-Strong-Password'; Query OK, 0 rows affected (0.001 sec) MariaDB [(none)]> FLUSH PRIVILEGES; Query OK, 0 rows affected (0.001 sec) MariaDB [(none)]> exit Bye
Step 4. Configure Rsyslog Server.
Now we need to configure the Rsyslog server to accept Syslog from remote servers:
nano /etc/rsyslog.conf.org
[...] # Provides UDP syslog reception # for parameters see http://www.rsyslog.com/doc/imudp.html module(load="imudp") # needs to be done just once input(type="imudp" port="514") # Provides TCP syslog reception # for parameters see http://www.rsyslog.com/doc/imtcp.html module(load="imtcp") # needs to be done just once input(type="imtcp" port="514")
[...] # Load the MySQL Module module(load="ommysql") [...] #*.* :ommysql:127.0.0.1,Syslog_Database,syslog_user,password *.* :ommysql:127.0.0.1,Syslog,rsyslog,Password
Save and restart the rsyslog service:
sudo systemctl restart rsyslog
Step 5. Install LogAnalyzer.
First, go to the official Adiscon Loganlayzer website and download the last version:
wget https://download.adiscon.com/loganalyzer/loganalyzer-4.1.13.tar.gz -P /tmp tar -xzvf /tmp/loganalyzer-4.1.13.tar.gz -C /tmp
Next, create the LogAnalyzer web directory:
mkdir /var/www/html/loganalyzer
After that, copy the installation files into the LogAnalyzer directory using the following commands:
cp -r /tmp/loganalyzer-${VERSION}/src/* /var/www/html/loganalyzer
cp /tmp/loganalyzer-${VERSION}/contrib/configure.sh /var/www/html/loganalyzer
Then, create a blank configuration file named config.php in the LogAnalyzer directory and configure the correct Apache Selinux context using the following commands:
cd /var/www/html/loganalyzer bash configure.sh chcon -h -t httpd_sys_script_rw_t config.php
Step 6. Accessing Adiscon LogAnalyzer.
Now open your browser and surf to http://your-ip-address/loganalyzer and complete the required steps to finish the installation.
Congratulations! You have successfully installed LogAnalyzer on CentOS 8. Thanks for using this tutorial for installing Adiscon LogAnalyzer on CentOS 8 systems. For additional help or useful information, we recommend you check the official LogAnalyzer website.
