Monitor server logs – Install Log.io on CentOS 7 / RHEL 7

ADVERTISEMENT

Log.io is the real-time monitoring tool, powered by node.js and socket.io. Log.io offers a simple web interface for monitoring the server logs. This guide will help you to monitor server log with log.io on CentOS 7 / RHEL 7.

Configure EPEL repository:

We will use npm for installing Log.io, so lets install npm and node.js, are available in EPEL repository. Install EPEL rpm to setup repository on CentOS 7.

ADVERTISEMENT
Article will continue after the ad
# rpm -Uvh http://ftp.riken.jp/Linux/fedora/epel/7/x86_64/e/epel-release-7-5.noarch.rpm

Install Log.io:

Install npm and node.js using yum command.

# yum install npm nodejs

npm is the package manager for jabascript which allows to manage dependencies for application, also it allows user to install node.js applications from npm registry. You must input a username for installation, for example here i used “root” user.

# npm install -g log.io --user "root"

Configure Log.io:

Log.io’s Installed directory is ~/.log.io which is a hidden directory in the home directory of the user, used in prevoius step for the installation, it has three configuration files which controls its working nature.

harvester.conf

This the configuration file for harvester, it is nothing but a log forwarder which keeps on watching log files for changes, send new log to the server. We can configure nodename, what are all logs to watched and where to send a log.

Edit the harvester file, mention the node name. By-default, harvester is set to monitor only apache log, we will modify in such a way that it monitors messages log. Since the server host is defined as 0.0.0.0, harvester will broadcast logs to all listening Log.io server, it is recommended to set either 127.0.0.1 (if the same machine act as Log.io server) or ip address of remote server Log.io server.

# vi  ~/.log.io/harvester.conf

exports.config = {
nodeName: "ITzGEEK_server", # Node Name
logStreams: {
apache: [
"/var/log/httpd/access_log",  # Monitoring Apache Logs
"/var/log/httpd/error_log"
],
messages:
[
"/var/log/messages" # Monitoring Messages file
],
},
server: {
host: '192.168.0.1',  # Sends the file to remote server, Set to 127.0.0.1 for local Log.io server
port: 28777
}
}

log_server.conf

This is the configuration file of Log.io server, it tells the server on which ip address it should listen. By default, it listens on all ip interfaces for receiving the logs from client. Listening ip address can be changed by modifying host string.

# vi  ~/.log.io/log_server.conf

exports.config = {
host: '0.0.0.0',  # Listens on all ip for receving logs
port: 28777
}

web_server.conf

This the configuration file of web interface, this alters the functionality of the web portal. By-default, web portal is accessible on port no 28778 and on all interface. This file offers a way to increase the security by putting HTTP authentication,securing the web interface with SSL, disallowing logs from specific ip address and restricting the web interface access to the specific ip.

 # vi  ~/.log.io/web_server.conf

exports.config = {
host: '0.0.0.0',  # Listens all ip adress to recive the web interface requests
port: 28778,

/*
// Enable HTTP Basic Authentication
auth: {
user: "admin",
pass: "1234"
},
*/

/*
// Enable HTTPS/SSL
ssl: {
key: '/path/to/privatekey.pem',
cert: '/path/to/certificate.pem'
},
*/

/*
// Restrict access to websocket (socket.io)
// Uses socket.io 'origins' syntax
restrictSocket: '*:*',
*/

/*
// Restrict access to http server (express)
restrictHTTP: [
"192.168.29.39",
"10.0.*"
]
*/

}

Allow web interface and socket.io in the firewall for receiving the logs from the harvester.

# firewall-cmd --add-port=28778/tcp --permanent
# firewall-cmd --add-port=28777/tcp --permanent
# firewall-cmd --reload

Monitor server logs:

Open up your web browser and visit http://your-ip-address:28778. You will get the following page with logs.

Log.io Monitoring logs
Log.io Monitoring logs

That’s All, happy monitoring!!!.

External Links:

Log.io = https://github.com/NarrativeScience/Log.io

Node.js = http://nodejs.org/

socket.io = http://socket.io/

npm = https://www.npmjs.com/

ADVERTISEMENT

POSTS YOU MAY LIKE -:)

Share This Post

Shares