How to Monitor Server Logs in Real-Time with Log.io Tool on RHEL 7 /CentOS 7

Category : Linux Helpline (Easy Guide)
Posted on : Feb 15, 2019
Views : 1,743
By : Edgardo D.

1.Introduction

Log.io is a small simple but effective application build on top of Node.js and Socket.io, which allows to monitor Linux servers log files in real time through web interface screen widgets. This guide will help you to monitor server log with log.io on CentOS 7 / RHEL 7.

2.Operating System

This article is based on RHEL 7 / CentOS 7 .

3.Installation

3.1 Add Epel Repositories

Install Epel repositories by running the following command.

# yum install http://fedora.mirrors.telekom.ro/pub/epel/7/x86_64/e/epel-release-7-2.noarch.rpm

After you added Epel Repos, do a system upgrade by running the following command.

# yum update

Install Node.js and NPM Packages

Node.js is a Java-script server-side programming platform which allows you to create an applications with back-end functionality. NPM (Node Package Manager) is package manager for Node.js, So the next step is to install Node.js and NPM binaries on your system through the following command.

# yum install npm nodejs

3.3 Install and Configure Log.io Application

Log.io application must be installed on your system through NPM by specifying a valid system user, through which the installation must take place. So here we can install the application as root user. For installing run the below command.

# npm install -g log.io --user “root”

After installation has been completed change the working directory to Log.io folder, which is hidden under the “/root” directory.

[root@sapin-centos7 ~]# pwd
/root
[root@sapin-centos7 ~]# cd .log.io/
[root@sapin-centos7 .log.io]# ll
total 12
-rw-r--r-- 1 root root 225 Jan 18 17:21 harvester.conf
-rw-r--r-- 1 root root  56 Jan 18 16:24 log_server.conf
-rw-r--r-- 1 root root 516 Jan 18 17:22 web_server.conf
[root@sapin-centos7 .log.io]#

Now it’s time to configure Log.io to monitor local log files in real time.
There are mainly three configuration files and are listed below.

> harvester.conf
> log_server.conf
> web_server.conf

harvester.conf

This the configuration file for harvester, it is nothing but a log forwarder which keeps on watching log files for changes, send new log to the server. We can configure nodeName, what are all logs to watched and where to send a log. By default it only monitors Apache log files such us “access_logs and error_logs”, Here we have to replace the nodeName statement to match your hostname and also you have to add the logStreams statements with what internal log files that you want to monitor.

exports.config = {
  nodeName: "sapin-centos7.centriohost.com",
  logStreams: {
    apache: [
      "/var/log/httpd/access_log",
      "/var/log/httpd/error_log"
    ]
  },
  server: {
    host: '0.0.0.0',
    port: 28777
  }
}

Also if you don’t need harvester output to be sent to a remote Log.io server change the line host on server statement to only send its output locally by modifying 0.0.0.0 address with loopback address (127.0.0.1).

log_server.conf

For security reasons, if you are not expecting remote harvesters output to your local Log.io server, Open log_server.conf file and replace 0.0.0.0 address with loopback address (127.0.0.1).

exports.config = {
  host: '127.0.0.1',
  port: 28777
}

web_server.conf

This the configuration file of web interface, this alters the functionality of the web portal. By-default, web portal is accessible on port no 28778 and on all interface. This file offers a way to increase the security by putting HTTP authentication,securing the web interface with SSL, disallowing logs from specific ip address and restricting the web interface access to the specific ip.

exports.config = {
  host: '0.0.0.0',
  port: 28778,

  /* 
  // Enable HTTP Basic Authentication
  auth: {
    user: "admin",
    pass: "adminlogin"
  },
  */

  /* 
  // Enable HTTPS/SSL
  ssl: {
    key: '/path/to/privatekey.pem',
    cert: '/path/to/certificate.pem'
  },
  */

  /*
  // Restrict access to websocket (socket.io)
  // Uses socket.io 'origins' syntax
  restrictSocket: '*:*',
  */

  /*
  // Restrict access to http server (express)
  restrictHTTP: [
    "192.168.29.39",
    "10.0.*"
  ]
  */

}

3.4 Add Firewall Rule and Start Log.io Application

For web access to Log.io server add a rule on RHEL/CentOS 7 Firewall to open TCP 28778 port by issuing the following command.

firewall-cmd --add-port=28778/tcp --permanent
firewall-cmd --reload

3.5 Start Log.io Application

For start Log.io log monitoring application assure that your current working directory is “/root” and use the following commands in the following order to start application.

> First start server, put it in background and press Enter key

log.io-server &

> Start log harvester in background

log.io-harvester &

[root@sapin-centos7 .log.io]# log.io-server &
[1] 16427
[root@sapin-centos7 .log.io]#    info  - socket.io started

[root@sapin-centos7 .log.io]# log.io-harvester &
[2] 16431
[root@sapin-centos7 .log.io]#

4. Access Web Interface

Then open your web browser and visit http://your-ip-address:28778. You will get the following page with logs.

5. Conclusion

We have successfully installed and configured a real-time log monitoring tool “Log.io” on CentOS 7 / RHEL 7. Log.io is an excellent and effective web application to monitor local or remote servers log files is real time and get an outlook on what is going internally in the systems and especially to debug server problems when systems tend to become unresponsive or crashes, without the need to use a console.

6.Reference

http://logio.org/

Previous Post
Redirect your cpanel/whm/webdisk/webmail.yourdomain.com in nginx

Next Post
How to Install Seafile cloud storage in Ubuntu 14.04 server

CentrioHost Blog