<!--adsense-->This tutorial will explain How to install syslog server in ubuntu using apache.

 Steps Involved in this tutorial
1) Install Apache2 and change the ports
2) Virtual Hosts: an example
3) Syslog Server with php and Virtual Hosts
4) Only me wants to see the log files (by using a .htacces file)

Local static ip address

Imagine yourself that eth0 is your internet interface and you want 192.168.0.102 as your local ip address.

Change the /etc/network/interface file and save it. This is an excellent example then:

auto eth0
iface eth0 inet static
address 192.168.0.102
netmask 255.255.255.0
gateway 192.168.0.1
broadcast 192.168.0.255

Ofcourse you'll have to modify it for your own needs, the above file is just an example file ofcourse.

Preparing syslog

mkdir /logs   (let's make a directory for our logs)

Modify /etc/syslog.conf and add the next rule if you really would like to log everything: (don't forget to save it)

*.* /logs/logger.log

It's possible you're only interessed in a few things, here is the list:

auth - authentication (login) messages
cron - messages from the memory-resident scheduler
daemon - messages from resident daemons
kern - kernel messages
lpr - printer messages (used by JetDirect cards)
mail - messages from Sendmail
user - messages from user-initiated processes/apps
local0-local7 - user-defined (see below)
syslog - messages from the syslog process itself

0 - Emergency (emerg)
1 - Alerts (alert)
2 - Critical (crit)
3 - Errors (err)
4 - Warnings (warn)
5 - Notification (notice)
6 - Information (info)
7 - Debug (debug)

Would you like to log everything from auth, cron, lpr error and only syslogs

warnings then you have to add next lines to /etc/syslog.conf

auth.*              /logs/logger.log
cron.*	     /logs/logger.log
kern.*	     /logs/logger.log
lpr.3                /logs/logger.log
syslog.4          /logs/logger.log

Now modify /etc/init.d/ksyslogd with your favorite editor and do the next:

SYSLOGD=””                                Change this line by the next line and save:
SYSLOGD=”-r -m0”

restart networking again: /etc/init.d/networking restart

Install Apache2 and stuff:

apt-get install apache2 php5 libapache2-mod-php5 mysql-server mysql-client

php5-mysql

Check cat /etc/hostname, and the hostname that you are seeing here you have to

place in your /etc/hosts file, together with your local static ip address.

/etc/hosts:
192.168.0.102 myhostname

Don't forget to change the above to your own needs!

I decided to host on Port 8070, my ISP (Telenet Belgium) has blocked all ports under 1024.

Modify /etc/apache2/ports.conf: (Listen 80 must be replaced by Listen 8070)
Listen 8070

If you are behind a NAT, don't forget to open this port on your router.

Now we're going to install our virtual hosts.

cd /etc/apache2/sites-available
touch myname.homelinux.com         (we create our name)
Now edit your myname.homelinux.com file with your favorite editor and make sure it looks like this:

ServerAdmin you@mail.com
ServerName myname.homelinux.com
ServerAlias myname.homelinux.com
DirectoryIndex index.php
DocumentRoot /logs

Ok, now we're going to etc/apache2/sites-enabled

cd /etc/apache2/sites-enabled
ln -s /etc/apache2/sites-available/myname.homelinux.com myname.homelinux.com

This symbolic link (ln -s) is absolutely necessary.

Ok, now we're going to our logs directory and we place there an index.php file

cd /logs
touch index.php
Modify index.php now with your favorite editor. This is how it should look like:

Restart apache: /etc/init.d/apache2 force-reload

Ok, go to www.dyndns.com and www.whatsmyip.org (memorize your ip)
And on dyndns you registrate yourself, you log in, then click DNS services ->

dynamic DNS -> Add Host -> and you registrate myname.homelinux.com.

Mention your remote IP (what you saw at whatsmyip.org at the ip line)

If you visit now your myname.homelinux.com/:8070 webpage you will be able to see your syslogs!

4) Only me wants to see the log files (by using a .htacces file)

Now we take measures: Only you will have the possibility to see your syslogs.

cd /logs                            (Yes we go again to the /logs directory)
touch .htaccess               (We'll make an .htaccess file)
Modify .htaccess with your favorite editor. This is how your .htaccess file should look like:

AuthUserFile /root/.htpasswd
AuthName 'Access is limited here'
AuthType basic
require valid-user

cd /root           (go to the /root directory)
htpasswd -c .htpasswd webmaster (let's make a valid account)

Now  modify the /etc/apache2/sites-available/default file with your favorite editor:

DocumentRoot /var/www

Options FollowSymLinks
AllowOverride None

Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
# Uncomment this directive is you want to see apache2's
# default start page (in /apache2-default) when you go to /
#RedirectMatch ^/$ /apache2-default/

This AllowOverride all tells apache2 it has to deal with a .htaccess file.
Restart apache2 again: /etc/init.d/apache2 force-reload

Go to your site now, you'll have to give a password that you've specified.

Conclusion

Now you have a syslog server that's using  the virtual host technique on apache2. And only you is able to read the information, caused by the .htaccess file.

By phar0z | mansondudeNOSPAM@gmail.com

<!--adsense#banner-->

Tags: apache virtual hosts ubuntu, install syslog server ubuntu, Networking, Server, syslog server ubuntuapache virtual hosts ubuntu, install syslog server ubuntu, Networking, Server, syslog server ubuntu