Hi all,
Adiscon LogAnalyzer is a very good web interface to read,search,sort you log files. It can read logs from files as well as from databases(such as mysql). While reading from log files, you have to specify log files in config file. Recently I came across a scenario where I have read all log files from a directory. Log files are being dynamically generated and appended(by rsyslog).
For that to work I added following code at end of config.php file
$CFG['DefaultSourceID'] = 'Source1';
$result=array();
$temp_result=array();
$log_dir="/var/log/sitelogs";
function find_all_files($dir)
{
$temp_result=array();
$root = scandir($dir);
foreach($root as $value)
{
$temp_result=array();
if($value === '.' || $value === '..') {continue;}
if(is_file("$dir/$value")) {$result[]="$dir/$value";continue;}
$temp_result=find_all_files("$dir/$value");
if(is_array($temp_result)&&sizeof($temp_result)>0)
{
foreach($temp_result as $value)
{
$result[]=$value;
}
}
}
return $result;
}
$files =find_all_files($log_dir);
$i=1;
foreach($files as $file)
{
$file_source_name=substr($file,strlen($log_dir));
$CFG['Sources']['Source'.$i]['ID'] = 'Source'.$i;
$CFG['Sources']['Source'.$i]['Name'] = $file_source_name;
$CFG['Sources']['Source'.$i]['ViewID'] = 'SYSLOG';
$CFG['Sources']['Source'.$i]['SourceType'] = SOURCE_DISK;
$CFG['Sources']['Source'.$i]['LogLineType'] = 'syslog';
$CFG['Sources']['Source'.$i]['DiskFile'] = $file;
$i=$i+1;
}
Telling in simple way, I enlisted all files in the directory in array and pushed that array into the configuration file. please make sure that your log directory is readable by apache web server.
Adiscon LogAnalyzer is a very good web interface to read,search,sort you log files. It can read logs from files as well as from databases(such as mysql). While reading from log files, you have to specify log files in config file. Recently I came across a scenario where I have read all log files from a directory. Log files are being dynamically generated and appended(by rsyslog).
For that to work I added following code at end of config.php file
$CFG['DefaultSourceID'] = 'Source1';
$result=array();
$temp_result=array();
$log_dir="/var/log/sitelogs";
function find_all_files($dir)
{
$temp_result=array();
$root = scandir($dir);
foreach($root as $value)
{
$temp_result=array();
if($value === '.' || $value === '..') {continue;}
if(is_file("$dir/$value")) {$result[]="$dir/$value";continue;}
$temp_result=find_all_files("$dir/$value");
if(is_array($temp_result)&&sizeof($temp_result)>0)
{
foreach($temp_result as $value)
{
$result[]=$value;
}
}
}
return $result;
}
$files =find_all_files($log_dir);
$i=1;
foreach($files as $file)
{
$file_source_name=substr($file,strlen($log_dir));
$CFG['Sources']['Source'.$i]['ID'] = 'Source'.$i;
$CFG['Sources']['Source'.$i]['Name'] = $file_source_name;
$CFG['Sources']['Source'.$i]['ViewID'] = 'SYSLOG';
$CFG['Sources']['Source'.$i]['SourceType'] = SOURCE_DISK;
$CFG['Sources']['Source'.$i]['LogLineType'] = 'syslog';
$CFG['Sources']['Source'.$i]['DiskFile'] = $file;
$i=$i+1;
}
Telling in simple way, I enlisted all files in the directory in array and pushed that array into the configuration file. please make sure that your log directory is readable by apache web server.
Great stuff.
ReplyDeleteI am also using LogAnalyzer and had the same problem. Cool idea - I will try it.
BTW - I can't seem to extract the log severity from the log message. The column remains empty. I am using log4j-syslog-appender to send the logs to rsyslog. What pattern should I use? Did you change your logAnalyzer configuration to show that?
I also face same problem. I changed the code little bit and now it is working fine. You just have to change tokenizer pattern.
Deletewill you please send me the pattren which u used in syslog configuration.
ReplyDeleteI did not changed any thing as far as syslog configuration is concerned. But you can customize you pattern by modify syslog.conf or rsyslog.conf under $template.
ReplyDeleteHope this will help you