HOW-TO Install Syslog 0.5.2 plugin on Linux/Unix Cacti versions 0.8.7, 0.8.7a and 0.8.7b
-------------------------------------------------------------------------------------------
[submitted by noflies, 26 Feb 2008]
[updated by noflies, 16 May 2008 with suggestions by joez...adding "SQL grant priv" commands in 4a]
NOTE: These instructions reference variables for documentation purposes only.
<cacti_path> Cacti's root path (usually /var/www/html or /usr/share/cacti)
<cacti_user> Cacti's user for polling access (usually cacti or cactiuser)
<cacti_pass> Cacti's password for polling access (usually cacti or cactiuser)
<cacti_dbuser> Cacti's user for database access (usually cacti or cactiuser)
<cacti_dbpass> Cacti's password for database access (usually cacti or cactiuser)
<http_user> HTTP daemon user for running web server (usually apache)
<http_pass> HTTP daemon password for running web server
Substitute your specific locations and parameters.
1. Install, configure and test SYSLOG-NG per instructions within the syslog-ng package/tar.
Make sure syslog-ng is working as you expect before continuing.
2. Download the syslog plugin from cactiusers.org.
As of 25 Feb 2008, the syslog plugin is located at <"http://cactiusers.org/downloads/syslog.tar.gz">.
Version 0.5.2, maintained by Jimmy Conner. [THANKS Jimmy!!!]
Untar it into the directory <cacti_path>/plugins/syslog
3. Edit the <cacti_path>/plugins/syslog/config.php with your installation's database name and user credentials.
Here is an EXAMPLE only;
NOTE: Change the above user credentials to your specific installation.
4. Create the syslog database with the syslog.sql commands.
NOTE: The syslog.sql file is in the syslog plugin tar file.
4a. Grant privileges to cactidb_user for the syslogdb_default.
NOTE: Change the above user credentials to your specific installation.
5. Edit the /etc/init.d/syslog-ng file.
--INSERT the following line AFTER the "start() {" line
--INSERT the following line AFTER the "stop() {" line
6. Create the /sbin/syslogtomysql bash script.
NOTE: Change the above user credentials to your specific installation.
7. Change the /sbin/syslogtomysql file permissions to 755 owned by root:root.
8. ADD the following lines to the /etc/syslog-ng/syslog-ng.conf file to the END of the file
NOTE: The "template(" line begins with "template(" and ends with the $MSG' );/n"). The line may appear to wrap due to the length of the line. MAKE SURE your config file does not break the line apart.
9. Restart the syslog-ng daemon. Typically by using one of the following:
-OR-
10. Add the syslog plugin to the $plugins_array in <cacti_path>/include/global.php
At ABOUT line 46; INSERT the following line AFTER the "$plugins[] = 'settings';"
11. Verify user rights and permissions on the syslog/plugin files
NOTE: Change the above user credentials to your specific installation.
12. Within cacti, grant user rights for Syslog plugin/realm.
Navigate to Console ->
Utilities ->
User Management ->
<SELECT USER>
Realm Permissions ->
Enable "View Syslog" and/or "Configure Syslog Alerts/Reports"
Click Save.
That should do it. Now repeat your syslog-ng testing you completed in step 1 to verify syslog-ng was working.
Within Cacti, you should begin to see those syslog entries on the syslog tab.
Please post any updates/suggestions to this HOWTO in this forum.
Please post any issues with the syslog plugin in the PLUGINS-General forum.
-------------------------------------------------------------------------------------------
[submitted by noflies, 26 Feb 2008]
[updated by noflies, 16 May 2008 with suggestions by joez...adding "SQL grant priv" commands in 4a]
NOTE: These instructions reference variables for documentation purposes only.
<cacti_path> Cacti's root path (usually /var/www/html or /usr/share/cacti)
<cacti_user> Cacti's user for polling access (usually cacti or cactiuser)
<cacti_pass> Cacti's password for polling access (usually cacti or cactiuser)
<cacti_dbuser> Cacti's user for database access (usually cacti or cactiuser)
<cacti_dbpass> Cacti's password for database access (usually cacti or cactiuser)
<http_user> HTTP daemon user for running web server (usually apache)
<http_pass> HTTP daemon password for running web server
Substitute your specific locations and parameters.
1. Install, configure and test SYSLOG-NG per instructions within the syslog-ng package/tar.
Make sure syslog-ng is working as you expect before continuing.
2. Download the syslog plugin from cactiusers.org.
As of 25 Feb 2008, the syslog plugin is located at <"http://cactiusers.org/downloads/syslog.tar.gz">.
Version 0.5.2, maintained by Jimmy Conner. [THANKS Jimmy!!!]
Untar it into the directory <cacti_path>/plugins/syslog
3. Edit the <cacti_path>/plugins/syslog/config.php with your installation's database name and user credentials.
Here is an EXAMPLE only;
Code:
$syslogdb_type = 'mysql';
$syslogdb_default = 'syslog';
$syslogdb_hostname = 'localhost';
$syslogdb_username = '<cacti_dbuser>';
$syslogdb_password = '<cacti_dbpass>';
$syslogdb_default = 'syslog';
$syslogdb_hostname = 'localhost';
$syslogdb_username = '<cacti_dbuser>';
$syslogdb_password = '<cacti_dbpass>';
NOTE: Change the above user credentials to your specific installation.
4. Create the syslog database with the syslog.sql commands.
Code:
shell> mysqladmin --user=root create syslog
shell> mysql syslog < <cacti_path>/plugins/syslog/syslog.sql
shell> mysql syslog < <cacti_path>/plugins/syslog/syslog.sql
NOTE: The syslog.sql file is in the syslog plugin tar file.
4a. Grant privileges to cactidb_user for the syslogdb_default.
Code:
shell# mysql --user=root --password
Enter password: ********
mysql> GRANT ALL ON <syslogdb_default>.* TO <cacti_dbuser>@<syslogdb_hostname> IDENTIFIED BY '<cacti_dbpass>';
mysql> flush privileges;
mysql> exit
Enter password: ********
mysql> GRANT ALL ON <syslogdb_default>.* TO <cacti_dbuser>@<syslogdb_hostname> IDENTIFIED BY '<cacti_dbpass>';
mysql> flush privileges;
mysql> exit
NOTE: Change the above user credentials to your specific installation.
5. Edit the /etc/init.d/syslog-ng file.
--INSERT the following line AFTER the "start() {" line
Code:
/sbin/syslogtomysql &
--INSERT the following line AFTER the "stop() {" line
Code:
killall -9 syslogtomysql > /dev/null
6. Create the /sbin/syslogtomysql bash script.
Code:
#!/bin/bash
if [ ! -e /tmp/mysql.pipe ]; then
mkfifo /tmp/mysql.pipe
fi
while [ -e /tmp/mysql.pipe ]
do
mysql -u <cacti_dbuser> --password=<cacti_dbpass> syslog < /tmp/mysql.pipe
done
if [ ! -e /tmp/mysql.pipe ]; then
mkfifo /tmp/mysql.pipe
fi
while [ -e /tmp/mysql.pipe ]
do
mysql -u <cacti_dbuser> --password=<cacti_dbpass> syslog < /tmp/mysql.pipe
done
NOTE: Change the above user credentials to your specific installation.
7. Change the /sbin/syslogtomysql file permissions to 755 owned by root:root.
Code:
shell> chmod 755 /sbin/syslogtomysql
shell> chown root:root /sbin/syslogtomysql
shell> chown root:root /sbin/syslogtomysql
8. ADD the following lines to the /etc/syslog-ng/syslog-ng.conf file to the END of the file
Code:
source net {
udp();
};
destination d_mysql {
pipe("/tmp/mysql.pipe"
template("INSERT INTO syslog_incoming (host, facility, priority, date, time, message) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$YEAR-$MONTH-$DAY', '$HOUR:$MIN:$SEC', '$MSG' );/n")
template-escape(yes)
);
};
log { source(net); destination(d_mysql); };
log { source(s_sys); destination(d_mysql); };
udp();
};
destination d_mysql {
pipe("/tmp/mysql.pipe"
template("INSERT INTO syslog_incoming (host, facility, priority, date, time, message) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$YEAR-$MONTH-$DAY', '$HOUR:$MIN:$SEC', '$MSG' );/n")
template-escape(yes)
);
};
log { source(net); destination(d_mysql); };
log { source(s_sys); destination(d_mysql); };
NOTE: The "template(" line begins with "template(" and ends with the $MSG' );/n"). The line may appear to wrap due to the length of the line. MAKE SURE your config file does not break the line apart.
9. Restart the syslog-ng daemon. Typically by using one of the following:
Code:
shell> service syslog-ng restart
-OR-
Code:
shell> kill -HUP syslog-ng
10. Add the syslog plugin to the $plugins_array in <cacti_path>/include/global.php
At ABOUT line 46; INSERT the following line AFTER the "$plugins[] = 'settings';"
Code:
$plugins[] = 'syslog';
11. Verify user rights and permissions on the syslog/plugin files
Code:
shell> chown -R <http_user>:<http_user> <cacti_path>/plugins/syslog/
shell> chmod -R 644 <cacti_path>/plugins/syslog/
shell> chmod -R 644 <cacti_path>/plugins/syslog/
NOTE: Change the above user credentials to your specific installation.
12. Within cacti, grant user rights for Syslog plugin/realm.
Navigate to Console ->
Utilities ->
User Management ->
<SELECT USER>
Realm Permissions ->
Enable "View Syslog" and/or "Configure Syslog Alerts/Reports"
Click Save.
That should do it. Now repeat your syslog-ng testing you completed in step 1 to verify syslog-ng was working.
Within Cacti, you should begin to see those syslog entries on the syslog tab.
Please post any updates/suggestions to this HOWTO in this forum.
Please post any issues with the syslog plugin in the PLUGINS-General forum.
