How to customize php-syslog-ng

[prahlad]

Hello Every One,
           
            I have successfully installed "syslog-ng" on my linux server after bit of struggle. I also installed php-syslog-ng for the front end tool. As of now i can see that php-syslog-ng has parameters/options like "ROUTERS" , "DATE", "PRIORITY". With these available options we can search for logs.

I want to add one more field/option called "FACILITY" with which i  would be able to search logs as per facility basis as well.

Can any one please guide me how to change the code of php-syslog-ng as i am not a programmer. 

I know that there must be some changes made in result.php but what changes to be made ... dont know .

Please help !!!!


Regards

[mutex]

The "PRIORITY" parameter is actually a combination of the facility and severity. 

From the syslog spec (http://tools.ietf.org/html/rfc3164#section-4.1.1):

       Numerical             Facility
          Code

           0             kernel messages
           1             user-level messages
           2             mail system
           3             system daemons
           4             security/authorization messages (note 1)
           5             messages generated internally by syslogd
           6             line printer subsystem
           7             network news subsystem
           8             UUCP subsystem
           9             clock daemon (note 2)
          10             security/authorization messages (note 1)
          11             FTP daemon
          12             NTP subsystem
          13             log audit (note 1)
          14             log alert (note 1)
          15             clock daemon (note 2)
          16             local use 0  (local0)
          17             local use 1  (local1)
          18             local use 2  (local2)
          19             local use 3  (local3)
          20             local use 4  (local4)
          21             local use 5  (local5)
          22             local use 6  (local6)
          23             local use 7  (local7)

        Numerical         Severity
          Code

           0       Emergency: system is unusable
           1       Alert: action must be taken immediately
           2       Critical: critical conditions
           3       Error: error conditions
           4       Warning: warning conditions
           5       Notice: normal but significant condition
           6       Informational: informational messages
           7       Debug: debug-level messages

   The Priority value is calculated by first multiplying the Facility
   number by 8 and then adding the numerical value of the Severity. For
   example, a kernel message (Facility=0) with a Severity of Emergency
   (Severity=0) would have a Priority value of 0.  Also, a "local use 4"
   message (Facility=20) with a Severity of Notice (Severity=5) would
   have a Priority value of 165.  In the PRI part of a syslog message,
   these values would be placed between the angle brackets as <0> and
   <165> respectively.  The only time a value of "0" will follow the "<"
   is for the Priority value of "0". Otherwise, leading "0"s MUST NOT be
   used.

[prahlad]

Hi Mutex,

    Thank u very much. I guess i can understand ur explanation.

But my requirement is like "suppose if i want to search logs only on basis of FACILITY" Lets say i want to see the logs for facility "CRON" having "PRIORITY" 'notice' in ROUTER "myrouter" dated "any date". Then what can be done ?

Please suggest on this .

Thanks,

[mutex]

Do you have a screen like this: http://nms.gdd.net/index.php/Image:Php-syslog-ng_main.jpg where you can select the facility, host and priority?

[prahlad]

Thank u mutex for being with me.

No i dont have that screen. I have very basic screen where i have drop down box of ROUTER and others but not FACILITY.

My details are as follows:

Syslog-ng version : syslog-ng 2.0.0
Php-Syslog-ng version : 2.0
Mysql Version         : 5.0.45

Any thing else i need to install ?

Please help.

Thanks,

[prahlad]

Hello Mutex,


          I have managed to install the same version of php-syslog-ng as you showed in link.

Now i am seeing this error on page.

-------
Warning: imagejpeg() [function.imagejpeg]: Unable to open 'graph.jpeg' for writing in /var/www/html/phpsyslog/html/includes/blocks/graph-logs_per_day.php on line 176
-------

Any input on this please.

Thanks,

[mutex]

Your web server does not have write permission to the directory identified.

[prahlad]

Thank you very much mutex. Yes this was the problem.

But still when i am selecting the option to show today's graph from "Common Graphs" option it shows this error .

--------
JpGraph Error There is either a configuration problem with TrueType or a problem reading font file "/var/www/html/phpsyslog/html/verdana.ttf" Make sure file exists and is in a readable place for the HTTP process. (If 'basedir' restriction is enabled in PHP then the font file must be located in the document root.). It might also be a wrongly installed FreeType library. Try upgrading to at least FreeType 2.1.13 and recompile GD with the correct setup so it can find the new FT library.
--------

File is writable as  i can browse it explicitly through browser.

I guess some module needs to be installed. Please advise on this.

[mutex]

My guess would be that you either don't have the freetype module, or it's out of date on the web server.  Freetype/ttf are such a pain in the rear - I really wish there were a better mechanism to render fonts. 

[prahlad]

Not sure what is the reason. I can see "freetype" in server of 2.2.1-19 version.

In wiki i can see that it says "To use the graphing feature, you must install the mstcorefonts package". Is that the reason ?

Can you please shed some more light on this if you dont mind. Sorry for asking a lot.

Thanks,

[mutex]

From what I can tell, you need to install corefonts: http://corefonts.sourceforge.net/

[prahlad]

Thank You mutex i will surely give it a try and let you know the update.

I am encountering with the few more Mysql problems here .. working on that.

Thank you very much for being with me and guiding me on this.

[prahlad]

Hello Mutex,
        I have installed corefonts but problem is still there.

Error is as follows.

-------
JpGraph Error There is either a configuration problem with TrueType or a problem reading font file "/usr/share/fonts/truetype/msttcorefonts/verdana.ttf" Make sure file exists and is in a readable place for the HTTP process. (If 'basedir' restriction is enabled in PHP then the font file must be located in the document root.). It might also be a wrongly installed FreeType library. Try upgrading to at least FreeType 2.1.13 and recompile GD with the correct setup so it can find the new FT library.
--------

Permission is given 777 then also error persists.
--------
-rwxrwxrwx 1 root root 168383 Mar 25 12:33 /usr/share/fonts/truetype/msttcorefonts/verdana.ttf
--------

I did change the ownerships also according to user and group of running apache but did not work out.

Please advise if there is anything can be done.
--------

[prahlad]

Sir, any thought on this please

[mutex]

I am not certain.  I have not tried installing it.  Let me give that a shot tonight and I'll let you know what I find.  Sorry for not having a better answer.