Installing rsyslog server and LogAnalyzer


Command= apt-get -y update && sudo apt-get -y upgrade

Command= apt-get install -y apache2

Command= apt-get install -y php5 php5-gd

Command= /etc/init.d/apache2 restart

Command= apt-get install -y nano


Install repo for rsyslog

add-apt-repository ppa:adiscon/v8-devel
apt-get install -y python-software-properties
apt-get -y install rsyslog

Installing LogAnalyzer

Check for latest version here http://loganalyzer.adiscon.com/downloads/

Command= wget http://download.adiscon.com/loganalyzer/loganalyzer-4.1.3.tar.gz

Command= tar xzf loganalyzer-4.1.3.tar.gz

change LOG to what you want the web url to be http://serveriphere/log/

Command= mv loganalyzer-4.1.3/src /var/www/html/log

Command= chown www-data:www-data -Rf /var/www/html/*

change LOG to what you used above

Command= cd /var/www/html/log

Command= touch config.php

Command= chown www-data:www-data config.php

Command= chmod 777 config.php

Command= chmod 777 /var/log/syslog


Allowing Port 514 ( UDP | TCP )

Command= nano /etc/rsyslog.conf

Remove # in front of the following lines (except provides line)

# provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514
# provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514

Allowing port 514 iptables

iptables -A INPUT -p udp --dport 514 -j ACCEPT

Saving iptables rules on reboot


Reboot the server and everything is now ready for use.


Last update 4-26-2015