Wednesday, November 22, 2017

Ive been looking at syslog tools tryed logzilla and logstash


yum -y install java-1.6.0-openjdk

cd /var/www/html
export http_proxy=http://rutherc:99999999@10.20.98.24:8080
wget http://logstash.objects.dreamhost.com/release/logstash-1.2.1-flatjar.jar
#export https_proxy=http://rutherc:99999999@10.20.98.24:8080
#wget http://github.com/elasticsearch/kibana/archive/master.zip --no-check-certificate -O master.zip
wget http://download.elasticsearch.org/kibana/kibana/kibana-latest.zip
unzip kibana-latest.zip

#perl -pi -e 's/DocumentRoot \"\/var\/www\/html\"/DocumentRoot \"\/var\/www\/html\/kibana-master\"/' /etc/httpd/conf/httpd.conf
chkconfig --level 2345 httpd on
service httpd start

perl -ni -e 'print; print "-A INPUT -m state --state NEW -p tcp --dport 9200 -j ACCEPT\n" if $. == 9'  /etc/sysconfig/iptables
perl -ni -e 'print; print "-A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT\n" if $. == 9'  /etc/sysconfig/iptables
service iptables restart

cat << EOF > logstash.conf
input {
  file {
    type => "syslog"
    path => [ "/var/log/*.log", "/var/log/messages", "/var/log/syslog" ]
  }
}
output {
  elasticsearch { embedded => true }
}
EOF

mv ./app/dashboards/default.json ./app/dashboards/default.json.org
cp  ./app/dashboards/logstash.json ./app/dashboards/default.json

java -Xmx1024m -jar logstash-1.2.1-flatjar.jar agent -f logstash.conf -web


10.22.122.16 10.22.122.1 2675
10.20.122.16 10.20.122.1 2675

pvcreate /dev/sdb
vgextend vgRoot /dev/sdb
lvresize -l +90%FREE /dev/mapper/vgRoot-lvVar
resize2fs /dev/mapper/vgRoot-lvVar