centos7 syslog

yanfangsheng123

　　安装脚本如下

无法启动错误或由syslog-ng.conf配置原因
正确配置如下

@version: 3.8
#Default configuration file for syslog-ng.
#For a description of syslog-ng configuration file directives, please read
the syslog-ng Administrator's guide at:
#http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/bk01-toc.html
Modify with QuWenQing
POWER BY PSIONIC---SECTION-[aurora] BEGIN
DATE: 2017-04-06.16:21
Modify with QuWenQing
@module syslogformat
@module afsocket
@module affile
@module afprog
@module afsmtp
@module afuser
@module system-source
@module basicfuncs
@module cryptofuncs
@module dbparser
@define autoload-compiled-modules 1
options {
log_msg_size(16384);
flush_lines(1);
log_fifo_size(1000000);
time_reopen(10);
use_dns(no);
dns_cache(yes);
use_fqdn(yes);
keep_hostname(yes);
chain_hostnames(no);
check_hostname(yes);
create_dirs(yes);
dir_perm(0755);
perm(0644);
stats_freq(1800);
threaded(yes);
};
include "include/*.cnf";
source s_local {
# standard Linux log source (this is the default place for the syslog()
# function to send logs to)
unix-stream("/dev/log" max-connections(10240) log_iw_size(1024000));
#messages from the kernel
file("/proc/kmsg" program_override("kernel"));
};
filter f_messages { level(info..emerg) and not facility(mail,authpriv,cron,local3,local4,local5,local6) and not program("snmpd"); };
filter f_secure { facility(authpriv); };
filter f_mail { facility(mail); };
filter f_cron { facility(cron); };
filter f_emerg { level(emerg); };
filter f_spooler { level(crit..emerg) and facility(uucp, news); };
filter f_local7 { facility(local7); };
filter f_snmpd { program("snmpd"); };
destination d_messages { file("/var/log/messages"); };
destination d_secure { file("/var/log/secure"); };
destination d_maillog { file("/var/log/maillog"); };
destination d_cron { file("/var/log/cron"); };
destination d_console { usertty("root"); };
destination d_spooler { file("/var/log/spooler"); };
destination d_bootlog { file("/var/log/dmesg"); };
destination d_snmpd { file("/var/log/snmpd/snmpd.$YEAR$MONTH" create_dirs(yes)); };
log { source(s_local); filter(f_secure); destination(d_secure); flags(final);};
log { source(s_local); filter(f_mail); destination(d_maillog); flags(final);};
log { source(s_local); filter(f_cron); destination(d_cron); flags(final);};
log { source(s_local); filter(f_snmpd); destination(d_snmpd); flags(final);};
log { source(s_local); filter(f_emerg); destination(d_console); };
log { source(s_local); filter(f_spooler); destination(d_spooler); };
log { source(s_local); filter(f_local7); destination(d_bootlog); };
log { source(s_local); filter(f_messages); destination(d_messages); };
#POWER BY PSIONIC---SECTION-[aurora] END
#POWER BY PSIONIC---SECTION-[gsys-lognode] BEGIN
#project logs
include "include/*.pre";
destination d_remote_back_all {file("/data/projlogs/$PROGRAM/$YEAR$MONTH/$DAY/$HOUR.$HOST" perm(0644) dir_perm(0755) create_dirs(yes) template("${MONTH_ABBREV} $DAY ${HOUR}:${MIN}:${SEC} ${HOST} ${PROGRAM}[${PID}]: ${MSG}\n") template-escape(no));};
filter f_remote_log_all {facility(local6) and match("/" value("PROGRAM"));};
log {source(s_local);filter(f_remote_log_all);destination(d_remote_back_all);flags(final);};
#nginx logs
template nginx_format { template("$PROGRAM $MSG\n"); template_escape(no); };
parser nginx { db_parser(file("/usr/local/syslog-ng/etc/patterndb.d/nginx.xml")); };
source s_nginx_access {
pipe("/usr/local/nginx/logs/access_log");
};
destination d_nginx_access {file("/usr/local/nginx/logs/${N.vhost}/$YEAR$MONTH/$DAY/access_$HOUR.log" perm(0644) dir_perm(0755) create_dirs(yes) template(nginx_format));};
log {source(s_nginx_access);parser(nginx);destination(d_nginx_access);flags(final);};
source s_nginx_error {
pipe("/usr/local/nginx/logs/error_log");
};
destination p_nginx_error {file("/usr/local/nginx/logs/${N.vhost}/$YEAR$MONTH/$DAY/error_$HOUR.log" perm(0644) dir_perm(0755) create_dirs(yes) template(nginx_format));};
destination d_nginx_error {file("/usr/local/nginx/logs/$YEAR$MONTH/$DAY/error_$HOUR.log" perm(0644) dir_perm(0755) create_dirs(yes) template(nginx_format));};
log {source(s_nginx_error);parser(nginx);destination(p_nginx_error);destination(d_nginx_error);flags(final);};
#php-fpm logs
template php-fpm_format { template("$PROGRAM $MSG\n"); template_escape(no); };
source s_php-fpm {
pipe("/data/phplogs/phpfpm_slow.log");
};
destination d_php-fpm {file("/data/phplogs/$YEAR$MONTH/$DAY/phpfpm_slow.$HOUR.log" perm(0644) dir_perm(0755) create_dirs(yes) template(php-fpm_format));};
log {source(s_php-fpm);destination(d_php-fpm);flags(final);};
include "include/*.conf";
#POWER BY PSIONIC---SECTION-[gsys-lognode] END
　　启动后查看状态报错Error stating pattern database file, no automatic reload will be performed; error='No such file or directory'
　　这个需要在/usr/local/syslog-ng/etc/patterndb.d下放置两个文件
链接：https://pan.baidu.com/s/1nv010qH 密码：6zl3
然后重启就好