How To Install LogAnalyzer on Centos 8

In this tutorial, we will show you how to install LogAnalyzer on CentOS 8. For those of you who didn’t know, Adiscon LogAnalyzer is a web interface to Syslog/Rsyslog and other network event data. Although, it provides easy browsing, analysis of real-time network events, and reporting services.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step by step install Adiscon LogAnalyzer on CentOS 8 system.

Install LogAnalyzer on Centos 8

Step 1. First, let’s start by ensuring your system is up-to-date.

sudo dnf clean all
sudo dnf update

Step 2. Installing Apache on CentOS 8.

We will be installing Apache with dnf, which is the default package manager for CentOS 8:

sudo dnf install httpd

After installing Apache services on your system, start all required services:

systemctl restart httpd
systemctl status httpd
systemctl enable httpd

Then, allow Apache HTTP server via the firewall:

firewall-cmd --add-port=80/tcp --zone=public --permanent
firewall-cmd --add-port=443/tcp --zone=public --permanent
firewall-cmd --add-port=514/{tcp,udp} --permanent
firewall-cmd --reload

You can verify that Apache is really running by opening your favorite web browser and entering the URL http://your-server’s-address.

Install LogAnalyzer on Centos 8

Step 3. Installing MariaDB on CentOS 8.

MariaDB is a drop-in replacement for MySQL. It is a robust, scalable, and reliable SQL server that comes a rich set of enhancements. We will also be using yum to install MariaDB:

sudo dnf install mariadb-server rsyslog-mysql php-mysqlnd

By default, MariaDB is not hardened. You can secure MariaDB using the mysql_secure_installation script. you should read and below each step carefully which will set a root password, remove anonymous users, disallow remote root login, and remove the test database and access to secure MariaDB:

mysql_secure_installation

Then, restart the MariaDB database server and enable it to start on system start-up using:

systemctl restart mariadb
systemctl status mariadb
systemctl enable mariadb

Next, import the default database scheme offered by rsyslog using the below command:

mysql -u root -p < /usr/share/doc/rsyslog/mysql-createDB.sql

Let’s verify if the Syslog database was imported correctly and create a new user:

$ mysql -u root -p

Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 20
Server version: 10.3.17-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> show databases;
+--------------------+
| Database           |
+--------------------+
| Syslog             |
| information_schema |
| mysql              |
| performance_schema |
+--------------------+
4 rows in set (0.001 sec)

MariaDB [(none)]> GRANT ALL ON Syslog.* TO 'rsyslog'@'localhost' IDENTIFIED BY 'Your-Strong-Password';
Query OK, 0 rows affected (0.001 sec)

MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.001 sec)

MariaDB [(none)]> exit
Bye

Step 4. Configure Rsyslog Server.

Now we need to configure the Rsyslog server to accept Syslog from remote servers:

nano /etc/rsyslog.conf.org
[...]
# Provides UDP syslog reception
# for parameters see http://www.rsyslog.com/doc/imudp.html
module(load="imudp") # needs to be done just once
input(type="imudp" port="514")

# Provides TCP syslog reception
# for parameters see http://www.rsyslog.com/doc/imtcp.html
module(load="imtcp") # needs to be done just once
input(type="imtcp" port="514")
[...]
# Load the MySQL Module
module(load="ommysql")
[...]
#*.* :ommysql:127.0.0.1,Syslog_Database,syslog_user,password
*.* :ommysql:127.0.0.1,Syslog,rsyslog,Password

Save and restart the rsyslog service:

sudo systemctl restart rsyslog

Step 5. Install LogAnalyzer.

First, go to the official Adiscon Loganlayzer website and download the last version:

wget http://download.adiscon.com/loganalyzer/loganalyzer-4.1.11.tar.gz -P /tmp
tar -xzvf /tmp/loganalyzer-4.1.11.tar.gz -C /tmp

Next, create the LogAnalyzer web directory:

mkdir /var/www/html/loganalyzer

After that, copy the installation files into the LogAnalyzer directory using the following commands:

cp -r /tmp/loganalyzer-${VERSION}/src/* /var/www/html/loganalyzer
cp /tmp/loganalyzer-${VERSION}/contrib/configure.sh /var/www/html/loganalyzer

Then, create a blank configuration file named config.php in LogAnalyzer directory and configure the correct Apache Selinux context using the following commands:

cd /var/www/html/loganalyzer
bash configure.sh
chcon -h -t httpd_sys_script_rw_t config.php

Step 6. Accessing Adiscon LogAnalyzer.

Now open your browser and surf to http://your-ip-address/loganalyzer and complete the required steps to finish the installation.

Congratulations! You have successfully installed LogAnalyzer on CentOS 8. Thanks for using this tutorial for installing Adiscon LogAnalyzer on CentOS 8 systems. For additional help or useful information, we recommend you to check the official LogAnalyzer website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!