From Network Management Wiki

Here are my notes from installation on a Redhat EL5 X_64 Operating System

Note, if you have the choice between RHEL and Ubuntu, do yourself a favor and use Ubuntu - it's 10x easier.

READ THIS GUIDE AND EVERY STEP.

I can't stress this enough. Every day, someone emails us because they did not read the manual. We spend hours writing this stuff, please take 20 minutes to read it :-)

Note also that the Install_Guide_for_LogZilla_v3.2 will have some troubleshooting steps, etc. that are relevant here if you get stuck.

Contents 1 OS Install 2 YUM Repositories 3 Install Syslog-ng 4 MySQL 4.1 Obtain MySQL from mysql.com 4.2 Install MySQL 4.2.1 Configure MySQL 5 Install Perl Dependencies 6 Disable SELinux 7 Install PHP 8 Install LogZilla 9 Test LogZilla 10 Sphinx install

OS Install

DO NOT select dev server or web server during install.

If you do, you will have to uninstall mysql and who knows what else since the one in the repositories are too old.

After install - on the RHEL server config screen, I selected:

• firewall disabled (you can add this later if needed, but it's better to build, then secure. Not the other way around)

• SELinux - disabled, unless you know SELinux so well that you can edit it to allow /tmp/logzilla_import.txt and rw access to the logzilla exports directory.

• All other things - accepted defaults

YUM Repositories

Some repo's are needed for proper setup, including php and syslog-ng.

vi /etc/yum.repos.d/rhel5.repo

Then, paste the following:

[SYSLOG-NG]
name=Syslog-ng Repository
baseurl=http://www.balabit.com/downloads/files?path=/syslog-ng/sources/pkgs/dists/rhel-5/syslog-ng-ose-2.1.4/amd64/RPMS.syslog-ng
enabled=1
gpgcheck=0

[Zend]
name=Zend Server
baseurl=http://repos.zend.com/zend-server/rpm/$basearch
enabled=1
gpgcheck=0

[Zend_noarch]
name=Zend Server - noarch
baseurl=http://repos.zend.com/zend-server/rpm/noarch
enabled=1
gpgcheck=0

Install Syslog-ng

Install syslog-ng and accept dependencies

yum install syslog-ng

MySQL

Obtain MySQL from mysql.com

You will need to download from http://www.mysql.com/downloads/mysql/5.5.html#downloads

Be sure to get ALL of these packages:

Client, Server, Shared-compat, devel, shared and test:

MySQL-client-5.5.14-1.rhel5.x86_64.rpm

MySQL-server-5.5.14-1.rhel5.x86_64.rpm

MySQL-shared-compat-5.5.14-1.rhel5.x86_64.rpm

MySQL-devel-5.5.14-1.rhel5.x86_64.rpm

MySQL-shared-5.5.14-1.rhel5.x86_64.rpm

MySQL-test-5.5.14-1.rhel5.x86_64.rpm

Install MySQL

#rpm -Uvh MySQL*.rpm
Preparing...                ########################################### [100%]
   1:MySQL-shared-compat    ########################################### [ 17%]
   2:MySQL-client           ########################################### [ 33%]
   3:MySQL-devel            ########################################### [ 50%]
Giving mysqld 5 seconds to exit nicely
   4:MySQL-server           ########################################### [ 67%]

PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:

/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h rtp-syslog-ng-pe password 'new-password'

Alternatively you can run:
/usr/bin/mysql_secure_installation

which will also give you the option of removing the test
databases and anonymous user created by default.  This is
strongly recommended for production servers.

See the manual for more instructions.

Please report any problems with the /usr/bin/mysqlbug script!

Starting MySQL..[  OK  ]
Giving mysqld 5 seconds to start
   5:MySQL-shared           ########################################### [ 83%]
   6:MySQL-test             ########################################### [100%]

Configure MySQL

/etc/init.d/mysql start     
/usr/bin/mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!


In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): 
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n] y
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
 ... Success!

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...



All done!  If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!

Install Perl Dependencies

yum install perl-Date-Calc gcc gcc-c++ perl-DBI perl-DBD-MySQL.x86_64

cpan File::Tail Text::LevenshteinXS MIME::Lite String::CRC32 Digest::Perl::MD5 LWP::Simple

Disable SELinux

setenforce permissive

Install PHP

yum install zend-server-ce-php-5.3.noarch

Install LogZilla

Install using subversion as outlined in the main install guide for v3.2

Test LogZilla

cd ../scripts
printf "`date \"+%Y-%m-%d %H:%M:%S\"`\ttest\t190\tCRON\tTest\n" | /var/www/logzilla/scripts/db_insert.pl -d3 -v

Go to web interface - make sure 'test' host is inserted

If not, increase debug level and check for errors on mysql imports.

Also, make sure selinux is disabled and check your Apache error log.

Sphinx install

As of LogZilla v3.2, Sphinx is automatically compiled during install as noted here

NOTE Some Redhat systems may need to specify the location of the mysql includes manually. If this is your case, you will need to manually compile Sphinx as well rather than relying on the install.pl to do it for you (or edit the configure line in install.pl to match below).

./configure --prefix `pwd`/../.. --with-mysql-includes /usr/mysql/includes