Setup for Small Time Intranet Logger. I am assuming that you will setup the system on defaults first and then make changes as required or desired. I also assume that you are setting up on a Slackware system, version 7.1 or better. I would expect the system to work on other Linuces with minimal modification. I would expect modifications, if any, to mainly be with placement of files in the directory system. 1. Software checklist: a. GNU bash, version 2.05.0(1)-release (i386-slackware-linux-gnu) b. perl, v5.6.1 built for i386-linux c. Latest versions of MySQL, Apache, PHP. I installed the packages in 'c.' according to Devshed's 'The Soothingly Seamless Setup of Apache, SSL, MySQL, and PHP'. I uninstalled whichever of these packages were already installed on my system. I am sure this is probably not necessary but it was easier. FYI, that article is true to its title. There is a file in '/utils' called 'soothingly_seamless_setup_brief' that has all the setup commands extracted from the article. Nevertheless, the article is highly recommended reading. Also, I had a lot of trouble finding 'rsaref-2.0' so it is included there as well. All of the other software is on the Net. There are two basic script groups: Scripts for the clients and scripts for the server. The server has both and the relationship the server has to itself is the same that any client has to the server. In fact, the server will mount its own dump directory using nfs just like any client. I synchronize files on my machines as cron jobs and this simplifies that. CLIENT SETUP: There are some configuration steps that should be taken now. 1. Syslog: Backup your '/etc/syslog.conf' file and use the one in the package. Make sure there are no conflicts with existing settings and that this will not break any setup you may have already. The configuration file that is installed by default with the Slackware distribution is so limited and generic that there should be no problem if you have not changed the Slackware default. 2. TCP Wrappers: Backup '/etc/hosts.allow' and '/etc/hosts.deny' and use the ones supplied with the package. Make sure there are no conflicts with existing settings. These new files will produce log entries that the Intranet Logger system is already setup to handle. The configuration file that is installed by default with the Slackware distribution is so limited and generic that there should be no problem if you have not changed the Slackware default. 3. HTTPD: Backup your 'httpd.conf' and include the snippet in the package. It directs Apache to use the syslog daemon and defines the log format. 4. There is a snippet for a crontab. This should be included when the system is setup and running. Add this to the crontab of the same name, 'touch' a file named 'cron.update' in the crontabs directory and add the name of this file at the first line and save. 'crond' will do the rest. Note: If the directory structure of the package is preserved, the following steps should not be necessary. Decide which directories will be the home to the scripts and the log root. The defaults are: a. The scripts that are run by 'crond' are in '/sbin/cron'. 'archive_logs', and 'log_logins' are here. These scripts can be located anywhere but the crontab must be modified. b. The log root is '/var/log/'. In '/var/log/' the following directories must exist: ./log_export - The directory to which the logs are cut to separate them from the log root. ./log_srvr_mnt - Where the exported 'net_log_dump' directory from the logging server is mounted. !!!IMPORTANT!!! For all scripts the operation parameter variables are as close to the top of the script as possible. Please review the values of these variables to ensure the scripts are set up correctly for your system. SERVER SETUP: This will include all steps in the client setup plus: The following directories should exist on the server in addition to the above (The path '/var/log/' is the absolute path. As long as symlinks agree with this, there should be no problem) /var/log/net_logs_dump/ (There is a directory under this one for each client machine) /var/log/net_log_dump/host1 # Where this client dumps its logs /var/log/net_log_dump/host2 . /var/log/net_log_dump/host3 . /var/log/net_log_dump/host4 . . . . As well as: /var/log/Backup # The directory where the 'TO_DBMS_' are # archived after each DBMS load. Whether # you keep this feature or not is a # matter of personal taste. /var/log/log_archive # Where the logs are stored in files that # contain ALL logs for a pre-determined # period of time, initially one month /var/log/log_error # 'Kick'ed log entries and other error # messages are put here /var/log/log_original_zip # The raw log data files are compressed and # dumped here. /var/log/log_runlogs # Log messages from the execution of Intranet # Logger are put here /var/log/log_to_dbms # The 'holding pen' for the parsed log entries /var/log/log_to_dbms_archive # The same thing as 'log_archive' above, except # for parsed log entries. Note: There should be a 'README' in each directory to discourage deleting the directory accidentally. The script 'update_dbms' controls the parsing of the logs and the loading of the parsed log data to the database. The scripts that parse the log entries are in '/sbin/cron/prepLogs4DBMS' and the script that loads the database is in '/sbin/cron/moveLogs2DBMS'. Also, the path relationship between 'update_dbms' and the scripts it controls must be maintained or, if changed, modified in 'update_dbms'. The directories and files under 'client' and 'server' in the distribution package are placed as they would be if the 'client' and 'server' directories were the root directory of the disk.