Starting point: Centreon 2.1.12 Centos 5.5
1. U will need ssh2 library to work in php and apache
# yum install php-pecl-ssh2.x86_64
# service httpd restart
Centos 6.2 get the package from http://pkgs.org/centos-6-rhel-6/remi-x86_64/php-pecl-ssh2-0.11.2-1.el6.remi.x86_64.rpm.html:
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm
or
wget http://www.libssh2.org/download/libssh2-1.4.2.tar.gz
tar xvzf libssh2-1.4.2.tar.gz
cd libssh2-1.4.2
./configure
make
make install
Check if ssh2 library is correctly installed:
# php -i |grep ssh
/etc/php.d/ssh2.ini,
Registered PHP Streams => php, file, http, ftp, compress.bzip2, compress.zlib, https, ftps, ssh2.shell, ssh2.exec, ssh2.tunnel, ssh2.scp, ssh2.sftp
ssh2
libssh2 version => 1.2.6
banner => SSH-2.0-libssh2_1.2.6
2. Download and install the centreon-syslog-server
Log into http://forge.centreon.com and download the latest release.
# tar -zxvf centreon-syslog-server-1.3.3.tar.gz NOTE:
# cd centreon-syslog-server-1.3.3.tar.gz
# ./install.sh -i
go thru the interactive setup, u will need the mysql root pass.
Make note of the new syslog user created
3. Download and install centreon-syslog-frontend
Log into http://forge.centreon.com and download the latest release.
# cd centreon-syslog-frontend-1.2.1.tar.gz
# ./install.sh -i
NOTE:
the folder of “instCentWeb.conf” should be /etc/centreon
4. Go on Centreon web interface
Go on menu ‘Administration > Modules > Setup’.
Syslog module must be present on modules list but not installed.
Click on right icon to start installation
5. Go on menu ‘Administration > Modules > Syslog configuration’.
Fill the fields
6. Go on menu ‘Monitoring > Syslog > Monitoring’
7. Install rsyslog
# yum install rsyslog.x86_64 rsyslog-mysql
# vi /etc/rsyslog.conf
Insert at the beginig of the file these parameter to enable UDP and TCP input
$ModLoad MySQL
$AllowedSender UDP, 127.0.0.1, 192.168.1.0/24
$AllowedSender TCP, 127.0.0.1, 192.168.1.0/24
Change network 192.168.1.0/24 to your network.
And then paste these lines (there are two lines) at the end of the file:
# Configuration changes for Windows/Snare/Centreon-E2S logs
$EscapeControlCharactersOnReceive off
$template sysMysql,"INSERT INTO logs (host,facility, priority,level,tag,datetime,program,msg) VALUES ('%HOSTNAME%','%syslogfacility%','%syslogpriority%','%syslogseverity%','%syslogtag%','%timereported:::date-mysql%','%programname%', '%msg:::space-cc%')", SQL
*.* >IP_SERVEUR_DB,DB_NAME,BD_USER,DB_PASSWORD;sysMysql
*.=notice;mail.*;\
*.=crit;*.=err;\
*.=warning >IP_SERVEUR_DB,DB_NAME,BD_USER,DB_PASSWORD;sysMysql
Change IP_SERVEUR_DB, DB_NAME, BD_USER et DB_PASSWORD to your information.
Edit the file "rsyslog" to receive syslog events, also listen on UDP TCP on port 514 :
# vi /etc/sysconfig/rsyslog
Replace the line:
SYSLOGD_OPTIONS="-m 0"
By this line:
SYSLOGD_OPTIONS="-r514 -t514 -m 0"
Restart the syslog daemon :
# /etc/init.d/rsyslog start
Make sure the centreon server rsyslog is listening in port UDP 514
7. Windows logs to Syslog server:
Install DotNET framework 2 or higher
Install Centreon E2S and edit the xml file (add ip address syslog server)
On windows machine install the Centreon E2S, wich will forward
the events you filter to the syslog centreon server.
download from here:
http://forge.centreon.com/attachments/download/545/Centreon_E2S.1.1.zip
Change in the config.ini file the IP address of the server
9. Linux Fedora/RedHat/Centos logs to Syslog server
# vi /etc/rsyslog.conf
and add:
# RRD to syslog server
*.emerg;cron;*.info;authpriv.* @192.168.1.0:514
then restart rsyslog
# /etc/init.d/rsyslog restart
10. ESXi
Go to the VI clinet and open the ESXi server config pages. Go to "Advanced Settings" and find the Syslog entry. Add the ip address of the syslog server. But wait.. ESXi messages messed up my Centreon Syslog server, so I created a thread on the centreon forum to ask for advice.
Leave a Reply