Setup for Small Time Intranet Logger.
I am assuming that you will setup the system on defaults first and then
make changes as required or desired. I also assume that you are setting up on
a Slackware system, version 7.1 or better. I would expect the system to work
on other Linuces with minimal modification. I would expect modifications, if
any, to mainly be with placement of files in the directory system.
1. Software checklist:
a. GNU bash, version 2.05.0(1)-release (i386-slackware-linux-gnu)
b. perl, v5.6.1 built for i386-linux
c. Latest versions of MySQL, Apache, PHP.
I installed the packages in 'c.' according to Devshed's 'The Soothingly
Seamless Setup of Apache, SSL, MySQL, and PHP'. I uninstalled whichever of these
packages were already installed on my system. I am sure this is probably not
necessary but it was easier. FYI, that article is true to its title. There is a
file in '/utils' called 'soothingly_seamless_setup_brief' that has all the setup
commands extracted from the article. Nevertheless, the article is highly
recommended reading. Also, I had a lot of trouble finding 'rsaref-2.0' so it is
included there as well. All of the other software is on the Net.
There are two basic script groups: Scripts for the clients and scripts
for the server. The server has both and the relationship the server has
to itself is the same that any client has to the server. In fact, the server
will mount its own dump directory using nfs just like any client. I synchronize
files on my machines as cron jobs and this simplifies that.
CLIENT SETUP:
There are some configuration steps that should be taken now.
1. Syslog: Backup your '/etc/syslog.conf' file and use the one in the package.
Make sure there are no conflicts with existing settings and that this will not
break any setup you may have already. The configuration file that is installed
by default with the Slackware distribution is so limited and generic that there
should be no problem if you have not changed the Slackware default.
2. TCP Wrappers: Backup '/etc/hosts.allow' and '/etc/hosts.deny' and use the
ones supplied with the package. Make sure there are no conflicts with existing
settings. These new files will produce log entries that the Intranet Logger
system is already setup to handle. The configuration file that is installed by
default with the Slackware distribution is so limited and generic that there
should be no problem if you have not changed the Slackware default.
3. HTTPD: Backup your 'httpd.conf' and include the snippet in the package. It
directs Apache to use the syslog daemon and defines the log format.
4. There is a snippet for a crontab. This should be included when the system is
setup and running. Add this to the crontab of the same name, 'touch' a file
named 'cron.update' in the crontabs directory and add the name of this file
at the first line and save. 'crond' will do the rest.
Note: If the directory structure of the package is preserved, the following
steps should not be necessary.
Decide which directories will be the home to the scripts and the log root.
The defaults are:
a. The scripts that are run by 'crond' are in '/sbin/cron'. 'archive_logs',
and 'log_logins' are here. These scripts can be located anywhere but the
crontab must be modified.
b. The log root is '/var/log/'. In '/var/log/' the following directories
must exist:
./log_export - The directory to which the logs are cut to separate
them from the log root.
./log_srvr_mnt - Where the exported 'net_log_dump' directory from the
logging server is mounted.
!!!IMPORTANT!!!
For all scripts the operation parameter variables are as close to the top of the
script as possible. Please review the values of these variables to ensure the
scripts are set up correctly for your system.
SERVER SETUP:
This will include all steps in the client setup plus:
The following directories should exist on the server in addition to the above
(The path '/var/log/' is the absolute path. As long as symlinks agree with
this, there should be no problem)
/var/log/net_logs_dump/
(There is a directory under this one for each client machine)
/var/log/net_log_dump/host1 # Where this client dumps its logs
/var/log/net_log_dump/host2 .
/var/log/net_log_dump/host3 .
/var/log/net_log_dump/host4 .
.
.
.
As well as:
/var/log/Backup # The directory where the 'TO_DBMS_' are
# archived after each DBMS load. Whether
# you keep this feature or not is a
# matter of personal taste.
/var/log/log_archive # Where the logs are stored in files that
# contain ALL logs for a pre-determined
# period of time, initially one month
/var/log/log_error # 'Kick'ed log entries and other error
# messages are put here
/var/log/log_original_zip # The raw log data files are compressed and
# dumped here.
/var/log/log_runlogs # Log messages from the execution of Intranet
# Logger are put here
/var/log/log_to_dbms # The 'holding pen' for the parsed log entries
/var/log/log_to_dbms_archive # The same thing as 'log_archive' above, except
# for parsed log entries.
Note: There should be a 'README' in each directory to discourage
deleting the directory accidentally.
The script 'update_dbms' controls the parsing of the logs and the loading of
the parsed log data to the database.
The scripts that parse the log entries are in '/sbin/cron/prepLogs4DBMS'
and the script that loads the database is in '/sbin/cron/moveLogs2DBMS'.
Also, the path relationship between 'update_dbms' and the scripts it controls
must be maintained or, if changed, modified in 'update_dbms'.
The directories and files under 'client' and 'server' in the distribution
package are placed as they would be if the 'client' and 'server' directories
were the root directory of the disk.